jacob1123/budgeteer
1
1
Fork 0
Code Issues 12 Pull Requests 1 Packages Releases 1 Wiki Activity

Get session secret from env instead of hardcoding
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/pr/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
Jan Bader 2022-02-20 22:51:54 +00:00
parent 4688d2d94d
commit 578e7d071c
5 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/budgeteer/main.go
View File

@ -31,7 +31,9 @@ func main() {
handler := &server.Handler{
Service: queries,
TokenVerifier: &jwt.TokenVerifier{},
TokenVerifier: &jwt.TokenVerifier{
Secret: cfg.SessionSecret,
},
CredentialsVerifier: &bcrypt.Verifier{},
StaticFS: http.FS(static),
}

2
config/config.go
View File

@ -7,12 +7,14 @@ import (
// Config contains all needed configurations.
type Config struct {
DatabaseConnection string
SessionSecret string
}
// LoadConfig from path.
func LoadConfig() (*Config, error) {
configuration := Config{
DatabaseConnection: os.Getenv("BUDGETEER_DB"),
SessionSecret: os.Getenv("BUDGETEER_SESSION_SECRET"),
}
return &configuration, nil

1
docker-compose.dev.yml
View File

@ -17,6 +17,7 @@ services:
- ~/.cache:/.cache
environment:
BUDGETEER_DB: postgres://budgeteer:budgeteer@db:5432/budgeteer
BUDGETEER_SESSION_SECRET: random string for JWT authorization
depends_on:
- db

9
jwt/login.go
View File

@ -11,7 +11,9 @@ import (
)
// TokenVerifier verifies Tokens.
type TokenVerifier struct{}
type TokenVerifier struct {
Secret string
}
// Token contains everything to authenticate a user.
type Token struct {
@ -23,7 +25,6 @@ type Token struct {
const (
expiration = 72
secret = "uditapbzuditagscwxuqdflgzpbu´ßiaefnlmzeßtrubiadern"
)
// CreateToken creates a new token from username and name.
@ -36,7 +37,7 @@ func (tv *TokenVerifier) CreateToken(user *postgres.User) (string, error) {
})
// Generate encoded token and send it as response.
t, err := token.SignedString([]byte(secret))
t, err := token.SignedString([]byte(tv.Secret))
if err != nil {
return "", fmt.Errorf("create token: %w", err)
}
@ -56,7 +57,7 @@ func (tv *TokenVerifier) VerifyToken(tokenString string) (budgeteer.Token, error
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("method '%v': %w", token.Header["alg"], ErrUnexpectedSigningMethod)
}
return []byte(secret), nil
return []byte(tv.Secret), nil
})
if err != nil {
return nil, fmt.Errorf("parse jwt: %w", err)

4
server/account_test.go
View File

@ -28,7 +28,9 @@ func TestRegisterUser(t *testing.T) { //nolint:funlen
h := Handler{
Service: database,
TokenVerifier: &jwt.TokenVerifier{},
TokenVerifier: &jwt.TokenVerifier{
Secret: "this_is_my_demo_secret_for_unit_tests",
},
CredentialsVerifier: &bcrypt.Verifier{},
}