generate session secret key randomly each application start,
bump app version 1.0.6
This commit is contained in:
parent
7da5c22313
commit
33566572fb
19
app/app.go
19
app/app.go
@ -1,6 +1,7 @@
|
||||
package app
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"encoding/gob"
|
||||
"flag"
|
||||
"log"
|
||||
@ -15,7 +16,7 @@ import (
|
||||
)
|
||||
|
||||
var LDAPSessions map[string]*LDAPClient
|
||||
var AppVersion = "1.0.5"
|
||||
var AppVersion = "1.0.6"
|
||||
var APIVersion = "1.0.4"
|
||||
|
||||
func Run() {
|
||||
@ -28,13 +29,20 @@ func Run() {
|
||||
|
||||
config, err := GetConfig(*configPath)
|
||||
if err != nil {
|
||||
log.Fatal("Error when reading config file: ", err)
|
||||
log.Fatalf("Error when reading config file: %s\n", err)
|
||||
}
|
||||
log.Printf("Read in config from %s\n", *configPath)
|
||||
|
||||
secretKey := make([]byte, 256)
|
||||
n, err := rand.Read(secretKey)
|
||||
if err != nil {
|
||||
log.Fatalf("Error when generating session secret key: %s\n", err.Error())
|
||||
}
|
||||
log.Printf("Generated session secret key of length %d\n", n)
|
||||
|
||||
gin.SetMode(gin.ReleaseMode)
|
||||
router := gin.Default()
|
||||
store := cookie.NewStore([]byte(config.SessionSecretKey))
|
||||
store := cookie.NewStore(secretKey)
|
||||
store.Options(sessions.Options{
|
||||
Path: config.SessionCookie.Path,
|
||||
HttpOnly: config.SessionCookie.HttpOnly,
|
||||
@ -310,5 +318,8 @@ func Run() {
|
||||
|
||||
log.Printf("Starting LDAP API on port %s\n", strconv.Itoa(config.ListenPort))
|
||||
|
||||
router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort))
|
||||
err = router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort))
|
||||
if err != nil {
|
||||
log.Fatalf("Error starting router: %s", err.Error())
|
||||
}
|
||||
}
|
||||
|
@ -13,7 +13,6 @@ type Config struct {
|
||||
LdapURL string `json:"ldapURL"`
|
||||
StartTLS bool `json:"startTLS"`
|
||||
BaseDN string `json:"baseDN"`
|
||||
SessionSecretKey string `json:"sessionSecretKey"`
|
||||
SessionCookieName string `json:"sessionCookieName"`
|
||||
SessionCookie struct {
|
||||
Path string `json:"path"`
|
||||
|
@ -3,7 +3,6 @@
|
||||
"ldapURL": "ldap://localhost",
|
||||
"startTLS": true,
|
||||
"basedn": "dc=example,dc=com",
|
||||
"sessionSecretKey": "super secret key",
|
||||
"sessionCookieName": "PAASLDAPAuthTicket",
|
||||
"sessionCookie": {
|
||||
"path": "/",
|
||||
|
@ -3,7 +3,6 @@
|
||||
"ldapURL": "ldap://localhost",
|
||||
"startTLS": true,
|
||||
"basedn": "dc=test,dc=paasldap",
|
||||
"sessionSecretKey": "test",
|
||||
"sessionCookieName": "PAASLDAPAuthTicket",
|
||||
"sessionCookie": {
|
||||
"path": "/",
|
||||
|
@ -18,7 +18,6 @@ func TestConfig_ValidPath(t *testing.T) {
|
||||
AssertEquals(t, "config.ListenPort", config.ListenPort, 80)
|
||||
AssertEquals(t, "config.LdapURL", config.LdapURL, "ldap://localhost")
|
||||
AssertEquals(t, "config.BaseDN", config.BaseDN, "dc=test,dc=paasldap")
|
||||
AssertEquals(t, "config.SessionSecretKey", config.SessionSecretKey, "test")
|
||||
AssertEquals(t, "config.SessionCookieName", config.SessionCookieName, "PAASLDAPAuthTicket")
|
||||
AssertEquals(t, "config.SessionCookie.Path", config.SessionCookie.Path, "/")
|
||||
AssertEquals(t, "config.SessionCookie.HttpOnly", config.SessionCookie.HttpOnly, true)
|
||||
|
Loading…
Reference in New Issue
Block a user