Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update JWT generation
JWT is now dynamic
config files have moved
  • Loading branch information
yeln4ts committed Jun 21, 2021
1 parent d1c05c4 commit 15f3dc0
Show file tree
Hide file tree
Showing 11 changed files with 28 additions and 13 deletions.
4 changes: 4 additions & 0 deletions .gitignore
Expand Up @@ -9,6 +9,10 @@ mongo-data*
.quasar
report-templates
custom-generator.js

# Configuration files
config.json
report.json
roles.json
app-settings.json

Expand Down
2 changes: 1 addition & 1 deletion backend/src/app.js
Expand Up @@ -10,7 +10,7 @@ var cookieParser = require('cookie-parser')

// Get configuration
var env = process.env.NODE_ENV || 'dev';
var config = require('./config.json')[env];
var config = require('./config/config.json')[env];
global.__basedir = __dirname;

// Database connection
Expand Down
File renamed without changes.
5 changes: 3 additions & 2 deletions backend/src/config.json → backend/src/config/config.json
Expand Up @@ -6,7 +6,8 @@
"name": "pwndoc",
"server": "mongo-pwndoc-dev",
"port": "27017"
}
},
"jwtSecret": "eb942782a7f0842c51b112d37ff2993de45307831eea267a3acc012bf7550711"
},
"prod": {
"port": 4242,
Expand All @@ -26,4 +27,4 @@
"port": "27017"
}
}
}
}
File renamed without changes.
File renamed without changes.
18 changes: 14 additions & 4 deletions backend/src/lib/auth.js
@@ -1,6 +1,16 @@
// Secret for JWT tokens creation (make it dynamic for production)
var jwtSecret = "ASy4FVjsXNLQl09LbieroWsjO5UXjvX5";
exports.jwtSecret = jwtSecret;
// Dynamic generation of JWT Secret if not exist (different for each environnment)
var fs = require('fs')
var env = process.env.NODE_ENV || 'dev'
var config = require('../config/config.json')

if (!config[env].jwtSecret) {
config[env].jwtSecret = require('crypto').randomBytes(32).toString('hex')
var configString = JSON.stringify(config, null, 4)
fs.writeFileSync(`${__basedir}/config/config.json`, configString)
}

var jwtSecret = config[env].jwtSecret
exports.jwtSecret = jwtSecret

/* ROLES LOGIC
Expand Down Expand Up @@ -62,7 +72,7 @@ var builtInRoles = {
}

try {
var customRoles = require('./roles.json')}
var customRoles = require('../config/roles.json')}
catch(error) {
var customRoles = []
}
Expand Down
4 changes: 2 additions & 2 deletions backend/src/lib/report-generator.js
Expand Up @@ -9,7 +9,7 @@ var utils = require('./utils');
var html2ooxml = require('./html2ooxml');
var _ = require('lodash');
var Image = require('mongoose').model('Image');
var reportConfig = require('./report.json');
var reportConfig = require('../config/report.json');

// Generate document with docxtemplater
async function generateDoc(audit) {
Expand All @@ -19,7 +19,7 @@ async function generateDoc(audit) {

var zip = new JSZip(content);

var settings = JSON.parse(fs.readFileSync(`${__basedir}/lib/app-settings.json`));
var settings = JSON.parse(fs.readFileSync(`${__basedir}/config/app-settings.json`));

var opts = {};
// opts.centered = true;
Expand Down
4 changes: 2 additions & 2 deletions backend/src/routes/settings.js
Expand Up @@ -12,7 +12,7 @@ module.exports = function(app) {
// Get settings
app.get("/api/settings", acl.hasPermission('settings:read'), function(req, res) {
try {
var settings = JSON.parse(fs.readFileSync(`${__basedir}/lib/app-settings.json`))
var settings = JSON.parse(fs.readFileSync(`${__basedir}/config/app-settings.json`))
Object.keys(defaultSettings).forEach(key => {
if (!(key in settings))
settings[key] = defaultSettings[key]
Expand All @@ -34,7 +34,7 @@ module.exports = function(app) {
})
var settingsString = JSON.stringify(settings, null, 4)
try {
fs.writeFileSync(`${__basedir}/lib/app-settings.json`, settingsString)
fs.writeFileSync(`${__basedir}/config/app-settings.json`, settingsString)
Response.Ok(res, settings)
}
catch(err) {
Expand Down
2 changes: 1 addition & 1 deletion docker-compose.yml
Expand Up @@ -19,7 +19,7 @@ services:
container_name: pwndoc-backend
volumes:
- ./backend/report-templates:/app/report-templates
- ./backend/src/lib:/app/src/lib
- ./backend/src/config:/app/src/config
depends_on:
- mongodb
restart: always
Expand Down
2 changes: 1 addition & 1 deletion docs/roles.md
Expand Up @@ -55,7 +55,7 @@ This role has full permissions access

## Create additional Roles

Custom roles can be defined in `backend/src/lib/roles.json`
Custom roles can be defined in `backend/src/config/roles.json`
The format is:

```
Expand Down

0 comments on commit 15f3dc0

Please sign in to comment.