Don't use the general.api_key as django secret_key #2426
Labels
Milestone
Comments
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 15, 2023
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 20, 2023
jooola
changed the title
jooola
added a commit
to jooola/libretime
that referenced
this issue
Mar 21, 2023
jooola
added a commit
that referenced
this issue
Jan 7, 2024
🤖 I have created a release *beep* *boop* --- ## [4.0.0](3.2.0...4.0.0) (2024-01-07) ### ⚠ BREAKING CHANGES * The media file serving is now handled by Nginx instead of the API service. The `storage.path` field is now used in the Nginx configuration, so make sure to update the Nginx configuration file if you change it. * **installer:** The default listen port for the installer is now `8080`. We recommend that you put a reverse proxy in front of LibreTime. * **installer:** The `--update-nginx` flag was removed from the installer. The nginx configuration deployed by the installer will now always be overwritten. Make sure to move your customizations to a reverse proxy configuration. * The default system output (`stream.outputs.system[].kind`) changed from `alsa` to `pulseaudio`. Make sure to update your configuration file if you rely on the default system output. * The `general.secret_key` configuration field is now required. Make sure to update your configuration file and add a secret key. ### Features * default system output is now `pulseaudio` ([#2842](#2842)) ([083ee3f](083ee3f)), closes [#2542](#2542) * disable uvicorn worker lifespan ([#2845](#2845)) ([8743c84](8743c84)) * **installer:** add the `--storage-path` flag ([#2865](#2865)) ([5b23852](5b23852)) * **installer:** change default listen port to 8080 ([#2852](#2852)) ([f72b7f9](f72b7f9)) * **installer:** remove the `--update-nginx` flag ([#2851](#2851)) ([35d7eac](35d7eac)) * **playout:** configure device for alsa and pulseaudio system outputs ([#2654](#2654)) ([06af18b](06af18b)) * rewrite cloud-init config ([#2853](#2853)) ([8406d52](8406d52)) * run python in optimized mode ([#2874](#2874)) ([3f7fc99](3f7fc99)) * the `general.secret_key` configuration field is now required ([#2841](#2841)) ([0d2d1a2](0d2d1a2)), closes [#2426](#2426) * use nginx to serve media files ([#2860](#2860)) ([4603c17](4603c17)) ### Bug Fixes * add parent function name in setValue exception ([#2777](#2777)) ([c764a5a](c764a5a)) * **api:** ensure non ascii paths are handled by X-Accel-Redirect ([#2861](#2861)) ([0ce63f3](0ce63f3)) * **api:** enum schema description ([#2803](#2803)) ([976b70e](976b70e)) * **api:** let nginx handle the media file content type ([#2862](#2862)) ([72268ad](72268ad)) * **api:** move gunicorn worker config to python file ([#2854](#2854)) ([43221d9](43221d9)) * **api:** paths with question marks chars are handled by X-Accel-Redirect ([#2875](#2875)) ([b2c1ceb](b2c1ceb)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.42.1 (main) ([#2765](#2765)) ([8ae4dce](8ae4dce)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.43.2 (main) ([#2848](#2848)) ([62e5f4d](62e5f4d)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.45.1 (main) ([#2855](#2855)) ([6f84328](6f84328)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.46.1 (main) ([#2868](#2868)) ([4827dbc](4827dbc)) * **legacy:** allow uploading opus files ([#2804](#2804)) ([f252a16](f252a16)) * **legacy:** declare previously undeclared variable ([#2793](#2793)) ([e2cfbf4](e2cfbf4)) * **legacy:** ensure last played criteria works with never played files ([#2840](#2840)) ([24ee383](24ee383)) * **playout:** increase file download chunk size to 8192 bytes ([#2863](#2863)) ([7ed1be1](7ed1be1)) * **playout:** remove empty file when the download request failed ([#2864](#2864)) ([2facbfa](2facbfa)) * **worker:** unbound variable when episode url returns HTTP 404 ([#2844](#2844)) ([3f39689](3f39689)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: jo <ljonas@riseup.net>
paddatrapper
pushed a commit
to libretime/website
that referenced
this issue
Jan 7, 2024
🤖 I have created a release *beep* *boop* --- ## [4.0.0](libretime/libretime@3.2.0...4.0.0) (2024-01-07) ### ⚠ BREAKING CHANGES * The media file serving is now handled by Nginx instead of the API service. The `storage.path` field is now used in the Nginx configuration, so make sure to update the Nginx configuration file if you change it. * **installer:** The default listen port for the installer is now `8080`. We recommend that you put a reverse proxy in front of LibreTime. * **installer:** The `--update-nginx` flag was removed from the installer. The nginx configuration deployed by the installer will now always be overwritten. Make sure to move your customizations to a reverse proxy configuration. * The default system output (`stream.outputs.system[].kind`) changed from `alsa` to `pulseaudio`. Make sure to update your configuration file if you rely on the default system output. * The `general.secret_key` configuration field is now required. Make sure to update your configuration file and add a secret key. ### Features * default system output is now `pulseaudio` ([#2842](libretime/libretime#2842)) ([083ee3f](libretime/libretime@083ee3f)), closes [#2542](libretime/libretime#2542) * disable uvicorn worker lifespan ([#2845](libretime/libretime#2845)) ([8743c84](libretime/libretime@8743c84)) * **installer:** add the `--storage-path` flag ([#2865](libretime/libretime#2865)) ([5b23852](libretime/libretime@5b23852)) * **installer:** change default listen port to 8080 ([#2852](libretime/libretime#2852)) ([f72b7f9](libretime/libretime@f72b7f9)) * **installer:** remove the `--update-nginx` flag ([#2851](libretime/libretime#2851)) ([35d7eac](libretime/libretime@35d7eac)) * **playout:** configure device for alsa and pulseaudio system outputs ([#2654](libretime/libretime#2654)) ([06af18b](libretime/libretime@06af18b)) * rewrite cloud-init config ([#2853](libretime/libretime#2853)) ([8406d52](libretime/libretime@8406d52)) * run python in optimized mode ([#2874](libretime/libretime#2874)) ([3f7fc99](libretime/libretime@3f7fc99)) * the `general.secret_key` configuration field is now required ([#2841](libretime/libretime#2841)) ([0d2d1a2](libretime/libretime@0d2d1a2)), closes [#2426](libretime/libretime#2426) * use nginx to serve media files ([#2860](libretime/libretime#2860)) ([4603c17](libretime/libretime@4603c17)) ### Bug Fixes * add parent function name in setValue exception ([#2777](libretime/libretime#2777)) ([c764a5a](libretime/libretime@c764a5a)) * **api:** ensure non ascii paths are handled by X-Accel-Redirect ([#2861](libretime/libretime#2861)) ([0ce63f3](libretime/libretime@0ce63f3)) * **api:** enum schema description ([#2803](libretime/libretime#2803)) ([976b70e](libretime/libretime@976b70e)) * **api:** let nginx handle the media file content type ([#2862](libretime/libretime#2862)) ([72268ad](libretime/libretime@72268ad)) * **api:** move gunicorn worker config to python file ([#2854](libretime/libretime#2854)) ([43221d9](libretime/libretime@43221d9)) * **api:** paths with question marks chars are handled by X-Accel-Redirect ([#2875](libretime/libretime#2875)) ([b2c1ceb](libretime/libretime@b2c1ceb)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.42.1 (main) ([#2765](libretime/libretime#2765)) ([8ae4dce](libretime/libretime@8ae4dce)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.43.2 (main) ([#2848](libretime/libretime#2848)) ([62e5f4d](libretime/libretime@62e5f4d)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.45.1 (main) ([#2855](libretime/libretime#2855)) ([6f84328](libretime/libretime@6f84328)) * **deps:** update dependency friendsofphp/php-cs-fixer to <3.46.1 (main) ([#2868](libretime/libretime#2868)) ([4827dbc](libretime/libretime@4827dbc)) * **legacy:** allow uploading opus files ([#2804](libretime/libretime#2804)) ([f252a16](libretime/libretime@f252a16)) * **legacy:** declare previously undeclared variable ([#2793](libretime/libretime#2793)) ([e2cfbf4](libretime/libretime@e2cfbf4)) * **legacy:** ensure last played criteria works with never played files ([#2840](libretime/libretime#2840)) ([24ee383](libretime/libretime@24ee383)) * **playout:** increase file download chunk size to 8192 bytes ([#2863](libretime/libretime#2863)) ([7ed1be1](libretime/libretime@7ed1be1)) * **playout:** remove empty file when the download request failed ([#2864](libretime/libretime#2864)) ([2facbfa](libretime/libretime@2facbfa)) * **worker:** unbound variable when episode url returns HTTP 404 ([#2844](libretime/libretime#2844)) ([3f39689](libretime/libretime@3f39689)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: jo <ljonas@riseup.net> libretime/libretime@4795170
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem?
I've just realized that we are using the config api_key as django secret_key, which I think is a bad idea.
The api_key is used for internal communication, which is too exposed to be used a django secret_key. In particular when we know that the api_key is part of the url when using the current api client v1 (so the key is the nginx/legacy logs...)
Describe the solution you'd like
I think using a static api_key from the config file for internal communication is not necessarily a good practice, and we could make the authentication process for internal communication a bit more dynamic.
We might also want to use an extra configuration for the django secret_key, for example
general.secret_key. This is probably a breaking change, as we would require the users to add a secret key in the config after they upgrade.I think implementing some api token storage (similar to Github PAT) for the api can be reused for other purposes such as integrations with other apps/clients, instead of a having single/hardcoded values, with expiration/per user.
This could also be reused for example to allow different client to stream on the main input, say we have different studio, they could generate a key per studio and allow admins to revoke some tokens.
Describe alternatives you've considered
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: