diff options
| author | metamuffin <metamuffin@disroot.org> | 2023-08-02 11:59:36 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2023-08-02 11:59:36 +0200 |
| commit | 0d6a5fb84d3e0016c80baa1849612f550db31a81 (patch) | |
| tree | 0abe8b419750d74be024a0381a98340c043d5178 /server/src/routes/ui | |
| parent | 59e6e7a6feafaf1dada3054466d415cca047ca1a (diff) | |
| download | jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.bz2 jellything-0d6a5fb84d3e0016c80baa1849612f550db31a81.tar.zst | |
key config optinal
Diffstat (limited to 'server/src/routes/ui')
| -rw-r--r-- | server/src/routes/ui/account/session/token.rs | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/server/src/routes/ui/account/session/token.rs b/server/src/routes/ui/account/session/token.rs index c8913d3..c02eff7 100644 --- a/server/src/routes/ui/account/session/token.rs +++ b/server/src/routes/ui/account/session/token.rs @@ -4,6 +4,7 @@ Copyright (C) 2023 metamuffin <metamuffin.org> */ use super::SessionData; +use crate::CONF; use aes_gcm_siv::{ aead::{generic_array::GenericArray, Aead}, KeyInit, @@ -11,9 +12,21 @@ use aes_gcm_siv::{ use anyhow::anyhow; use base64::Engine; use chrono::{Duration, Utc}; +use log::warn; use std::sync::LazyLock; -static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| [(); 32].map(|_| rand::random())); +static SESSION_KEY: LazyLock<[u8; 32]> = LazyLock::new(|| { + if let Some(sk) = &CONF.session_key { + let r = base64::engine::general_purpose::STANDARD + .decode(sk) + .expect("key invalid; should be valid base64"); + r.try_into() + .expect("key has the wrong length; should be 32 bytes") + } else { + warn!("session_key not configured; generating a random one."); + [(); 32].map(|_| rand::random()) + } +}); pub fn create(username: String, expire: Duration) -> String { let session_data = SessionData { |