key config optinal

author: metamuffin <metamuffin@disroot.org> 2023-08-02 11:59:36 +0200
committer: metamuffin <metamuffin@disroot.org> 2023-08-02 11:59:36 +0200
commit: 0d6a5fb84d3e0016c80baa1849612f550db31a81 (patch)
tree: 0abe8b419750d74be024a0381a98340c043d5178
parent: 59e6e7a6feafaf1dada3054466d415cca047ca1a (diff)
download: jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar
jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.bz2
jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.zst
3 files changed, 47 insertions, 10 deletions
diff --git a/common/src/config.rs b/common/src/config.rs
index b978a1e..da1cfb5 100644
--- a/common/src/config.rs
+++ b/common/src/config.rs
@@ -7,18 +7,31 @@
 use serde::{Deserialize, Serialize};
 use std::{collections::HashMap, path::PathBuf};
 
+#[rustfmt::skip]
 #[derive(Debug, Deserialize, Serialize, Default)]
 pub struct GlobalConfig {
     pub brand: String,
     pub slogan: String,
+    #[serde(default = "default::asset_path")] pub asset_path: PathBuf,
+    #[serde(default = "default::database_path")] pub database_path: PathBuf,
+    #[serde(default = "default::library_path")] pub library_path: PathBuf,
+    #[serde(default = "default::cache_path")] pub cache_path: PathBuf,
+    #[serde(default = "default::admin_username")] pub admin_username: String,
+    pub admin_password: String,
+    #[serde(default)] pub cookie_key: Option<String>,
+    #[serde(default)] pub session_key: Option<String>,
+    #[serde(default = "default::login_expire")] pub login_expire: i64,
+    #[serde(default)] pub remote_credentials: HashMap<String, (String, String, bool)>,
+}
 
-    pub asset_path: PathBuf,
-    pub database_path: PathBuf,
-    pub library_path: PathBuf,
+#[rustfmt::skip]
+mod default {
+    use std::path::PathBuf;
 
-    pub admin_username: String,
-    pub admin_password: String,
-    pub cookie_key: String,
-    pub login_expire: i64,
-    pub remote_credentials: HashMap<String, (String, String, bool)>,
+    pub fn admin_username() -> String { "admin".into() }
+    pub fn login_expire() -> i64 { 60*60*24 }   
+    pub fn asset_path() -> PathBuf { "data/assets".into() }
+    pub fn database_path() -> PathBuf { "data/database".into() }
+    pub fn library_path() -> PathBuf { "data/library".into() }
+    pub fn cache_path() -> PathBuf { "data/cache".into() }
 }
diff --git a/server/src/routes/mod.rs b/server/src/routes/mod.rs
index 0305104..7f4789d 100644
--- a/server/src/routes/mod.rs
+++ b/server/src/routes/mod.rs
@@ -5,7 +5,10 @@
 */
 use crate::{database::Database, routes::ui::error::MyResult, CONF};
 use api::{r_api_account_login, r_api_root, r_api_version};
+use base64::Engine;
 use jellyremuxer::RemuxerContext;
+use log::warn;
+use rand::random;
 use rocket::{
     catchers, config::SecretKey, fairing::AdHoc, fs::FileServer, get, http::Header, routes, Build,
     Config, Rocket,
@@ -45,7 +48,15 @@ macro_rules! uri {
 pub fn build_rocket(remuxer: RemuxerContext, database: Database) -> Rocket<Build> {
     rocket::build()
         .configure(Config {
-            secret_key: SecretKey::derive_from(CONF.cookie_key.as_bytes()),
+            secret_key: SecretKey::derive_from(
+                CONF.cookie_key
+                    .clone()
+                    .unwrap_or_else(|| {
+                        warn!("cookie_key not configured, generating a random one.");
+                        base64::engine::general_purpose::STANDARD.encode([(); 32].map(|_| random()))
+                    })
+                    .as_bytes(),
+            ),
             ..Default::default()
         })
         .manage(remuxer)
diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs
index c8913d3..c02eff7 100644
--- a/server/src/routes/ui/account/session/token.rs
+++ b/server/src/routes/ui/account/session/token.rs
@@ -4,6 +4,7 @@
     Copyright (C) 2023 metamuffin <metamuffin.org>
 */
 use super::SessionData;
+use crate::CONF;
 use aes_gcm_siv::{
     aead::{generic_array::GenericArray, Aead},
     KeyInit,
@@ -11,9 +12,21 @@ use aes_gcm_siv::{
 use anyhow::anyhow;
 use base64::Engine;
 use chrono::{Duration, Utc};
+use log::warn;
 use std::sync::LazyLock;
 
-static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| [(); 32].map(|_| rand::random()));
+static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| {
+    if let Some(sk) = &CONF.session_key {
+        let r = base64::engine::general_purpose::STANDARD
+            .decode(sk)
+            .expect("key invalid; should be valid base64");
+        r.try_into()
+            .expect("key has the wrong length; should be 32 bytes")
+    } else {
+        warn!("session_key not configured; generating a random one.");
+        [(); 32].map(|_| rand::random())
+    }
+});
 
 pub fn create(username: String, expire: Duration) -> String {
     let session_data = SessionData {
author	metamuffin <metamuffin@disroot.org>	2023-08-02 11:59:36 +0200
committer	metamuffin <metamuffin@disroot.org>	2023-08-02 11:59:36 +0200
commit	0d6a5fb84d3e0016c80baa1849612f550db31a81 (patch)
tree	0abe8b419750d74be024a0381a98340c043d5178
parent	59e6e7a6feafaf1dada3054466d415cca047ca1a (diff)
download	jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.bz2 jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.zst