pub-solar/obs-portal
5
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

api: Configure jwt and cookie secret separately

Browse source
This commit is contained in:
Paul Bienkowski 2021-02-27 13:06:06 +01:00
parent ad448efd7c
commit ccd3d80bae
6 changed files with 11 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
api/config.dev.json
View file

@ -1,4 +1,5 @@
{ {
"secret": "CHANGEME!!!!!!!!!!@##@!!$$$$$$$$$$$$$!!", "cookieSecret": "CHANGEME!!!!!!!!!!@##@!!$$$$$$$$$$$$$!!",
"jwtSecret": "CHANGEME??????????????////3212321;312kjbkasjd",
"mail": false "mail": false
} }

3
api/config.json.production → api/config.json.example
View file

@ -1,5 +1,6 @@
{ {
"secret": "CHANGEME", "cookieSecret": "CHANGEME!!!!!!!!!!!!!!!!!!!!!11",
"jwtSecret": "CHANGEME???????????????????////",
"mail": { "mail": {
"from": "Sender Name <sender@example.com>", "from": "Sender Name <sender@example.com>",
"smtp" : { "smtp" : {

3
api/src/config.js
View file

@ -4,7 +4,8 @@ const Joi = require('joi');
const configSchema = Joi.object() const configSchema = Joi.object()
.required() .required()
.keys({ .keys({
secret: Joi.string().min(16).max(128).required(), jwtSecret: Joi.string().min(16).max(128).required(),
cookieSecret: Joi.string().min(16).max(128).required(),
mail: Joi.alternatives().try( mail: Joi.alternatives().try(
Joi.object({ Joi.object({

3
api/src/index.js
View file

@ -6,6 +6,7 @@ const cors = require('cors');
const errorhandler = require('errorhandler'); const errorhandler = require('errorhandler');
const passport = require('passport'); const passport = require('passport');
const config = require('./config');
require('./passport'); require('./passport');
const isProduction = process.env.NODE_ENV === 'production'; const isProduction = process.env.NODE_ENV === 'production';
@ -27,7 +28,7 @@ app.use(bodyParser.urlencoded({ limit: '50mb', extended: false }));
app.use(require('method-override')()); app.use(require('method-override')());
app.use(express.static(path.join(__dirname, 'public'))); app.use(express.static(path.join(__dirname, 'public')));
app.use(session({ secret: 'obsobs', cookie: { maxAge: 10 * 60 * 1000 }, resave: false, saveUninitialized: false })); app.use(session({ secret: config.cookieSecret, cookie: { maxAge: 10 * 60 * 1000 }, resave: false, saveUninitialized: false }));
app.use(passport.initialize()); app.use(passport.initialize());
app.use(passport.session()); app.use(passport.session());

3
api/src/models/User.js
View file

@ -2,7 +2,6 @@ const mongoose = require('mongoose');
const uniqueValidator = require('mongoose-unique-validator'); const uniqueValidator = require('mongoose-unique-validator');
const crypto = require('crypto'); const crypto = require('crypto');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
const secret = require('../config').secret;
const schema = new mongoose.Schema( const schema = new mongoose.Schema(
{ {
@ -61,7 +60,7 @@ class User extends mongoose.Model {
username: this.username, username: this.username,
exp: parseInt(exp.getTime() / 1000), exp: parseInt(exp.getTime() / 1000),
}, },
secret, config.jwtSecret,
); );
} }

4
api/src/passport.js
View file

@ -6,7 +6,7 @@ const { Strategy: CustomStrategy } = require('passport-custom');
const { User, AccessToken, RefreshToken } = require('./models'); const { User, AccessToken, RefreshToken } = require('./models');
const secret = require('./config').secret; const config = require('./config');
// used to serialize the user for the session // used to serialize the user for the session
passport.serializeUser(function (user, done) { passport.serializeUser(function (user, done) {
@ -82,7 +82,7 @@ passport.use(
'jwt', 'jwt',
new JwtStrategy( new JwtStrategy(
{ {
secretOrKey: secret, secretOrKey: config.jwtSecret,
jwtFromRequest: getRequestToken, jwtFromRequest: getRequestToken,
algorithms: ['HS256'], algorithms: ['HS256'],
}, },