[#1422] More secure default for the repoze secret key

The who.ini file has a secret key used during authentication. To make sure users don't forget to update it we can use the beaker session secret which is generated randomly when creating the ckan ini file. If users define a secret in the who.ini file, this one will be used. To do this, we use a small custom plugin that checks the secret key and calls the core repoze plugin afterwards.
ckan · Jan 7, 2014 · 6ced7cb · 6ced7cb
1 parent bf5b82e
commit 6ced7cb
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/ckan/config/middleware.py b/ckan/config/middleware.py
@@ -18,6 +18,7 @@
 from routes.middleware import RoutesMiddleware
 from repoze.who.config import WhoConfig
 from repoze.who.middleware import PluggableAuthenticationMiddleware
+from repoze.who.plugins.auth_tkt import make_plugin as auth_tkt_make_plugin
 from fanstatic import Fanstatic
 
 from ckan.plugins import PluginImplementations
@@ -183,6 +184,11 @@ def make_app(conf, full_stack=True, static_files=True, **app_conf):
 
     return app
 
+def ckan_auth_tkt_make_app(**kw):
+    if not len(kw.get('secret', '')) or kw.get('secret') == 'somesecret':
+        kw['secret'] = config['beaker.session.secret']
+    return auth_tkt_make_plugin(**kw)
+
 
 class I18nMiddleware(object):
     """I18n Middleware selects the language based on the url

diff --git a/ckan/config/who.ini b/ckan/config/who.ini
@@ -1,6 +1,7 @@
 [plugin:auth_tkt]
-use = repoze.who.plugins.auth_tkt:make_plugin
-secret = somesecret
+use = ckan.config.middleware:ckan_auth_tkt_make_app
+# If no secret key is defined here, beaker.session.secret will be used
+#secret = somesecret
 
 [plugin:friendlyform]
 use = repoze.who.plugins.friendlyform:FriendlyFormPlugin