tronnet/ProxmoxAAS-LDAP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

generate session secret key randomly each application start,

Browse Source 
bump app version 1.0.6
This commit is contained in:
Arthur Lu 2024-11-15 00:35:57 +00:00
parent 7da5c22313
commit 33566572fb
5 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/app.go
View File

@ -1,6 +1,7 @@
package app package app
import ( import (
"crypto/rand"
"encoding/gob" "encoding/gob"
"flag" "flag"
"log" "log"
@ -15,7 +16,7 @@ import (
) )
var LDAPSessions map[string]*LDAPClient var LDAPSessions map[string]*LDAPClient
var AppVersion = "1.0.5" var AppVersion = "1.0.6"
var APIVersion = "1.0.4" var APIVersion = "1.0.4"
func Run() { func Run() {
@ -28,13 +29,20 @@ func Run() {
config, err := GetConfig(*configPath) config, err := GetConfig(*configPath)
if err != nil { if err != nil {
log.Fatal("Error when reading config file: ", err) log.Fatalf("Error when reading config file: %s\n", err)
} }
log.Printf("Read in config from %s\n", *configPath) log.Printf("Read in config from %s\n", *configPath)
secretKey := make([]byte, 256)
n, err := rand.Read(secretKey)
if err != nil {
log.Fatalf("Error when generating session secret key: %s\n", err.Error())
}
log.Printf("Generated session secret key of length %d\n", n)
gin.SetMode(gin.ReleaseMode) gin.SetMode(gin.ReleaseMode)
router := gin.Default() router := gin.Default()
store := cookie.NewStore([]byte(config.SessionSecretKey)) store := cookie.NewStore(secretKey)
store.Options(sessions.Options{ store.Options(sessions.Options{
Path: config.SessionCookie.Path, Path: config.SessionCookie.Path,
HttpOnly: config.SessionCookie.HttpOnly, HttpOnly: config.SessionCookie.HttpOnly,
@ -310,5 +318,8 @@ func Run() {
log.Printf("Starting LDAP API on port %s\n", strconv.Itoa(config.ListenPort)) log.Printf("Starting LDAP API on port %s\n", strconv.Itoa(config.ListenPort))
router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort)) err = router.Run("0.0.0.0:" + strconv.Itoa(config.ListenPort))
if err != nil {
log.Fatalf("Error starting router: %s", err.Error())
}
} }

1
app/utils.go
View File

@ -13,7 +13,6 @@ type Config struct {
LdapURL string `json:"ldapURL"` LdapURL string `json:"ldapURL"`
StartTLS bool `json:"startTLS"` StartTLS bool `json:"startTLS"`
BaseDN string `json:"baseDN"` BaseDN string `json:"baseDN"`
SessionSecretKey string `json:"sessionSecretKey"`
SessionCookieName string `json:"sessionCookieName"` SessionCookieName string `json:"sessionCookieName"`
SessionCookie struct { SessionCookie struct {
Path string `json:"path"` Path string `json:"path"`

1
configs/template.config.json
View File

@ -3,7 +3,6 @@
"ldapURL": "ldap://localhost", "ldapURL": "ldap://localhost",
"startTLS": true, "startTLS": true,
"basedn": "dc=example,dc=com", "basedn": "dc=example,dc=com",
"sessionSecretKey": "super secret key",
"sessionCookieName": "PAASLDAPAuthTicket", "sessionCookieName": "PAASLDAPAuthTicket",
"sessionCookie": { "sessionCookie": {
"path": "/", "path": "/",

1
test/test_config.json
View File

@ -3,7 +3,6 @@
"ldapURL": "ldap://localhost", "ldapURL": "ldap://localhost",
"startTLS": true, "startTLS": true,
"basedn": "dc=test,dc=paasldap", "basedn": "dc=test,dc=paasldap",
"sessionSecretKey": "test",
"sessionCookieName": "PAASLDAPAuthTicket", "sessionCookieName": "PAASLDAPAuthTicket",
"sessionCookie": { "sessionCookie": {
"path": "/", "path": "/",

1
test/unit_test.go
View File

@ -18,7 +18,6 @@ func TestConfig_ValidPath(t *testing.T) {
AssertEquals(t, "config.ListenPort", config.ListenPort, 80) AssertEquals(t, "config.ListenPort", config.ListenPort, 80)
AssertEquals(t, "config.LdapURL", config.LdapURL, "ldap://localhost") AssertEquals(t, "config.LdapURL", config.LdapURL, "ldap://localhost")
AssertEquals(t, "config.BaseDN", config.BaseDN, "dc=test,dc=paasldap") AssertEquals(t, "config.BaseDN", config.BaseDN, "dc=test,dc=paasldap")
AssertEquals(t, "config.SessionSecretKey", config.SessionSecretKey, "test")
AssertEquals(t, "config.SessionCookieName", config.SessionCookieName, "PAASLDAPAuthTicket") AssertEquals(t, "config.SessionCookieName", config.SessionCookieName, "PAASLDAPAuthTicket")
AssertEquals(t, "config.SessionCookie.Path", config.SessionCookie.Path, "/") AssertEquals(t, "config.SessionCookie.Path", config.SessionCookie.Path, "/")
AssertEquals(t, "config.SessionCookie.HttpOnly", config.SessionCookie.HttpOnly, true) AssertEquals(t, "config.SessionCookie.HttpOnly", config.SessionCookie.HttpOnly, true)