pierre/MatrixGW
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

No longer use randomly generated key to encrypt session cookie

Browse Source
This commit is contained in:
Pierre HUBERT 2025-02-04 21:12:29 +01:00
parent babb3a2e07
commit c573d2f74a
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/app_config.rs
View File

@ -18,6 +18,10 @@ pub struct AppConfig {
#[clap(short, long, env)] #[clap(short, long, env)]
pub proxy_ip: Option<String>, pub proxy_ip: Option<String>,
/// Secret key, used to sign some resources. Must be randomly generated
#[clap(short = 'S', long, env, default_value = "")]
secret: String,
/// Matrix API origin /// Matrix API origin
#[clap(short, long, env, default_value = "http://127.0.0.1:8448")] #[clap(short, long, env, default_value = "http://127.0.0.1:8448")]
pub matrix_homeserver: String, pub matrix_homeserver: String,
@ -99,6 +103,21 @@ impl AppConfig {
&ARGS &ARGS
} }
/// Get app secret
pub fn secret(&self) -> &str {
let mut secret = self.secret.as_str();
if cfg!(debug_assertions) && secret.is_empty() {
secret = "DEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEY";
}
if secret.is_empty() {
panic!("SECRET is undefined or too short (min 64 chars)!")
}
secret
}
/// Get Redis connection configuration /// Get Redis connection configuration
pub fn redis_connection_string(&self) -> String { pub fn redis_connection_string(&self) -> String {
format!( format!(

3
src/main.rs
View File

@ -15,8 +15,7 @@ async fn main() -> std::io::Result<()> {
.await .await
.expect("Failed to create bucket!"); .expect("Failed to create bucket!");
// FIXME : not scalable let secret_key = Key::from(AppConfig::get().secret().as_bytes());
let secret_key = Key::generate();
let redis_store = RedisSessionStore::new(AppConfig::get().redis_connection_string()) let redis_store = RedisSessionStore::new(AppConfig::get().redis_connection_string())
.await .await