mirror of
https://github.com/zadam/trilium.git
synced 2024-12-26 01:01:26 +08:00
store session secret in file
This commit is contained in:
parent
2df7940392
commit
10b94f3a7d
3 changed files with 30 additions and 1 deletions
3
app.js
3
app.js
|
@ -25,6 +25,7 @@ const settingsApiRoute = require('./routes/api/settings');
|
|||
const passwordApiRoute = require('./routes/api/password');
|
||||
const migrationApiRoute = require('./routes/api/migration');
|
||||
const dataDir = require('./services/data_dir');
|
||||
const sessionSecret = require('./services/session_secret');
|
||||
|
||||
const db = require('sqlite');
|
||||
|
||||
|
@ -45,7 +46,7 @@ app.use(bodyParser.urlencoded({extended: false}));
|
|||
app.use(cookieParser());
|
||||
app.use(express.static(path.join(__dirname, 'public')));
|
||||
app.use(session({
|
||||
secret: "sdhkjhdsklajf", // FIXME: need to use the DB one
|
||||
secret: sessionSecret,
|
||||
resave: false, // true forces the session to be saved back to the session store, even if the session was never modified during the request.
|
||||
saveUninitialized: false, // true forces a session that is "uninitialized" to be saved to the store. A session is uninitialized when it is new but not modified.
|
||||
cookie: {
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
"use strict";
|
||||
|
||||
const os = require('os');
|
||||
const fs = require('fs');
|
||||
|
||||
|
|
26
services/session_secret.js
Normal file
26
services/session_secret.js
Normal file
|
@ -0,0 +1,26 @@
|
|||
"use strict";
|
||||
|
||||
const fs = require('fs');
|
||||
const crypto = require('crypto');
|
||||
const dataDir = require('./data_dir');
|
||||
|
||||
const sessionSecretPath = dataDir.TRILIUM_DATA_DIR + "/session_secret.txt";
|
||||
|
||||
let sessionSecret;
|
||||
|
||||
function randomValueHex(len) {
|
||||
return crypto.randomBytes(Math.ceil(len / 2))
|
||||
.toString('hex') // convert to hexadecimal format
|
||||
.slice(0, len).toUpperCase(); // return required number of characters
|
||||
}
|
||||
|
||||
if (!fs.existsSync(sessionSecretPath)) {
|
||||
sessionSecret = randomValueHex(64);
|
||||
|
||||
fs.writeFileSync(sessionSecretPath, sessionSecret, 'ASCII');
|
||||
}
|
||||
else {
|
||||
sessionSecret = fs.readFileSync(sessionSecretPath, 'ASCII');
|
||||
}
|
||||
|
||||
module.exports = sessionSecret;
|
Loading…
Reference in a new issue