diff --git a/lib/livebook/hubs/personal.ex b/lib/livebook/hubs/personal.ex index 8504c6112..84f744e60 100644 --- a/lib/livebook/hubs/personal.ex +++ b/lib/livebook/hubs/personal.ex @@ -6,6 +6,8 @@ defmodule Livebook.Hubs.Personal do alias Livebook.Hubs + @secret_key_size 64 + @type t :: %__MODULE__{ id: String.t() | nil, hub_name: String.t() | nil, @@ -65,6 +67,12 @@ defmodule Livebook.Hubs.Personal do personal |> cast(attrs, @fields) |> validate_required(@fields) + |> validate_change(:secret_key, fn :secret_key, secret_key -> + case Base.url_decode64(secret_key, padding: false) do + {:ok, binary} when byte_size(binary) == @secret_key_size -> [] + _ -> [secret_key: "must be #{@secret_key_size} bytes in Base 64 URL alphabet"] + end + end) |> put_change(:id, id()) end @@ -73,7 +81,7 @@ defmodule Livebook.Hubs.Personal do """ @spec generate_secret_key() :: String.t() def generate_secret_key() do - :crypto.strong_rand_bytes(64) |> Base.url_encode64(padding: false) + :crypto.strong_rand_bytes(@secret_key_size) |> Base.url_encode64(padding: false) end end diff --git a/lib/livebook_web/components/form_components.ex b/lib/livebook_web/components/form_components.ex index 560809c72..faa170b70 100644 --- a/lib/livebook_web/components/form_components.ex +++ b/lib/livebook_web/components/form_components.ex @@ -105,7 +105,7 @@ defmodule LivebookWeb.FormComponents do name={@name} id={@id || @name} value={Phoenix.HTML.Form.normalize_value("text", @value)} - class="input" + class="input pr-8" {@rest} /> @@ -310,30 +310,19 @@ defmodule LivebookWeb.FormComponents do ~H""" <.field_wrapper id={@id} name={@name} label={@label} errors={@errors}> -
+ Notebooks may be stamped using your secret key. + A stamp allows to securely store information such as the names of the secrets that you granted access to. + You must not share your secret key with others. But you may copy the secret key between + different machines you own. +
++ If you change the secret key, you will need + to grant access to secrets once again in previously stamped notebooks. +
+ + <.form + :let={f} + id={"#{@id}-stamp"} + class="flex flex-col mt-4 space-y-4" + for={@stamp_changeset} + phx-submit="stamp_save" + phx-change="stamp_validate" + phx-target={@myself} + > +