Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat: use secret_key config field instead of api_key (#2444) 

Fixes #2426
This commit is contained in:
Jonas L 2023-03-22 10:14:11 +01:00 committed by GitHub
parent 74af2112a6
commit d800c5e280
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
api/libretime_api/settings/prod.py
View File

@ -1,4 +1,5 @@
from os import getenv from os import getenv
from warnings import warn
# pylint: disable=unused-import # pylint: disable=unused-import
from ._internal import ( from ._internal import (
@ -24,7 +25,15 @@ LIBRETIME_CONFIG_FILEPATH = getenv("LIBRETIME_CONFIG_FILEPATH")
CONFIG = Config(LIBRETIME_CONFIG_FILEPATH) # type: ignore[arg-type, misc] CONFIG = Config(LIBRETIME_CONFIG_FILEPATH) # type: ignore[arg-type, misc]
SECRET_KEY = CONFIG.general.api_key if CONFIG.general.secret_key is None:
warn(
"The [general.secret_key] configuration field is not set but will be required "
"in the next major release. Using [general.api_key] as fallback.",
FutureWarning,
)
SECRET_KEY = CONFIG.general.api_key
else:
SECRET_KEY = CONFIG.general.secret_key
ALLOWED_HOSTS = ["*"] ALLOWED_HOSTS = ["*"]

1
api/libretime_api/settings/testing.py
View File

@ -5,6 +5,7 @@ from .._fixtures import fixture_path
os.environ.setdefault("LIBRETIME_DEBUG", "true") os.environ.setdefault("LIBRETIME_DEBUG", "true")
os.environ.setdefault("LIBRETIME_GENERAL_PUBLIC_URL", "http://localhost") os.environ.setdefault("LIBRETIME_GENERAL_PUBLIC_URL", "http://localhost")
os.environ.setdefault("LIBRETIME_GENERAL_API_KEY", "testing") os.environ.setdefault("LIBRETIME_GENERAL_API_KEY", "testing")
os.environ.setdefault("LIBRETIME_GENERAL_SECRET_KEY", "testing")
os.environ.setdefault("LIBRETIME_STORAGE_PATH", str(fixture_path)) os.environ.setdefault("LIBRETIME_STORAGE_PATH", str(fixture_path))
# pylint: disable=wrong-import-position,unused-import # pylint: disable=wrong-import-position,unused-import

1
docker/config.dev.yml
View File

@ -1,6 +1,7 @@
general: general:
public_url: http://localhost:8080 public_url: http://localhost:8080
api_key: some_secret_api_key api_key: some_secret_api_key
secret_key: some_secret_key
database: database:
host: postgres host: postgres

4
docker/config.yml
View File

@ -7,6 +7,10 @@ general:
# The internal API authentication key. # The internal API authentication key.
# > this field is REQUIRED # > this field is REQUIRED
api_key: api_key:
# The Django API secret key. If not defined, the value of [general.api_key] will be
# used as fallback.
# > this field will be REQUIRED starting with LibreTime 4.0.0
secret_key:
# List of origins allowed to access resources on the server, the public url # List of origins allowed to access resources on the server, the public url
# origin is automatically included. # origin is automatically included.

4
docker/example/config.yml
View File

@ -7,6 +7,10 @@ general:
# The internal API authentication key. # The internal API authentication key.
# > this field is REQUIRED # > this field is REQUIRED
api_key: some_secret_api_key api_key: some_secret_api_key
# The Django API secret key. If not defined, the value of [general.api_key] will be
# used as fallback.
# > this field will be REQUIRED starting with LibreTime 4.0.0
secret_key:
# List of origins allowed to access resources on the server, the public url # List of origins allowed to access resources on the server, the public url
# origin is automatically included. # origin is automatically included.

3
docs/admin-manual/setup/configuration.md
View File

@ -42,6 +42,9 @@ general:
# The internal API authentication key. # The internal API authentication key.
# > this field is REQUIRED # > this field is REQUIRED
api_key: "some_random_generated_secret!" api_key: "some_random_generated_secret!"
# The Django API secret key. If not defined, the value of [general.api_key] will be
# used as fallback.
secret_key: "some_random_generated_secret!"
# List of origins allowed to access resources on the server, # List of origins allowed to access resources on the server,
# the [general.public_url] origin is automatically included. # the [general.public_url] origin is automatically included.

2
install
View File

@ -452,6 +452,8 @@ if $is_first_install; then
fi fi
set_config "$(generate_random_password)" general api_key set_config "$(generate_random_password)" general api_key
set_config "$(generate_random_password)" general secret_key
if [[ -n "$LIBRETIME_TIMEZONE" ]]; then if [[ -n "$LIBRETIME_TIMEZONE" ]]; then
set_config "$LIBRETIME_TIMEZONE" general timezone set_config "$LIBRETIME_TIMEZONE" general timezone
fi fi

4
installer/config.yml
View File

@ -7,6 +7,10 @@ general:
# The internal API authentication key. # The internal API authentication key.
# > this field is REQUIRED # > this field is REQUIRED
api_key: api_key:
# The Django API secret key. If not defined, the value of [general.api_key] will be
# used as fallback.
# > this field will be REQUIRED starting with LibreTime 4.0.0
secret_key:
# List of origins allowed to access resources on the server, the public url # List of origins allowed to access resources on the server, the public url
# origin is automatically included. # origin is automatically included.

1
legacy/application/configs/conf.php
View File

@ -35,6 +35,7 @@ class Schema implements ConfigurationInterface
->arrayNode('general')->addDefaultsIfNotSet()->children() ->arrayNode('general')->addDefaultsIfNotSet()->children()
/**/->scalarNode('public_url')->cannotBeEmpty()->end() /**/->scalarNode('public_url')->cannotBeEmpty()->end()
/**/->scalarNode('api_key')->cannotBeEmpty()->end() /**/->scalarNode('api_key')->cannotBeEmpty()->end()
/**/->scalarNode('secret_key')->end()
/**/->arrayNode('allowed_cors_origins')->scalarPrototype()->defaultValue([])->end()->end() /**/->arrayNode('allowed_cors_origins')->scalarPrototype()->defaultValue([])->end()->end()
/**/->scalarNode('timezone')->cannotBeEmpty()->defaultValue("UTC") /**/->scalarNode('timezone')->cannotBeEmpty()->defaultValue("UTC")
/* */->validate()->ifNotInArray(DateTimeZone::listIdentifiers()) /* */->validate()->ifNotInArray(DateTimeZone::listIdentifiers())

1
shared/libretime_shared/config/_models.py
View File

@ -44,6 +44,7 @@ def no_leading_slash_validator(key: str) -> "AnyClassMethod":
class GeneralConfig(BaseModel): class GeneralConfig(BaseModel):
public_url: AnyHttpUrl public_url: AnyHttpUrl
api_key: str api_key: str
secret_key: Optional[str] = None
timezone: str = "UTC" timezone: str = "UTC"