added jwt generator.

Many thanks to Omri Baso and Fabien Aunay for the report! Great job guys!

auth/claims.go

@@ -4,6 +4,7 @@ import (
 	"time"
 
 	"github.com/golang-jwt/jwt"
+	"github.com/sipcapture/homer-app/config"
 	"github.com/sipcapture/homer-app/model"
 	"github.com/sipcapture/homer-app/utils/logger"
 )
@@ -49,7 +50,7 @@ func Token(user model.TableUser) (string, error) {
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 
 	// Generate encoded token and send it as response.
-	t, err := token.SignedString([]byte(JwtSecret))
+	t, err := token.SignedString([]byte(config.Setting.AUTH_SETTINGS.JwtSecret))
 	if err != nil {
 		return "", err
 	}

auth/constants.go

@@ -1,7 +1,5 @@
 package auth
 
-const JwtSecret = "167f0db2-f83e-4baa-9736-d56064a5b415"
-
 /* our expire time */
 var TokenExpiryTime = 1200
 

config/config.go

@@ -44,6 +44,10 @@ type HomerSettingServer struct {
 		ExternalHomeDashboard string `default:""`
 	}
 
+	AUTH_SETTINGS struct {
+		JwtSecret string `default:""`
+	}
+
 	OAUTH2_SETTINGS struct {
 		Enable               bool     `default:"false"`
 		ClientID             string   `default:"1234565"`

etc/webapp_config.json

@@ -103,6 +103,7 @@
   "auth_settings": {
     "_comment": "The type param can be internal, ldap, http_auth",
     "type": "internal",
+    "jwt_secret": "167f0db2-f83e-4baa-9736-d56064a5b415",
     "gravatar": false,
     "gravatar_url": "https://www.gravatar.com/avatar/%s.jpg",
     "token_expire": 1200,

main.go

@@ -130,6 +130,7 @@ type CommandLineFlags struct {
 	APIPrefix                 *string    `json:"api_prefix"`
 	WatchConfig               *bool      `json:"watch_config"`
 	ShowCurrentConfig         *bool      `json:"show_current_config"`
+	GenerateJwtSecret         *bool      `json:"generate_jwt_secret"`
 }
 
 //params for  Services
@@ -195,6 +196,9 @@ func initFlags() {
 	appFlags.WatchConfig = flag.Bool("watch-config", false, "Watch the configuration for changes")
 	appFlags.ShowCurrentConfig = flag.Bool("show-current-config", false, "print out the current config and exit")
 
+	//Jwt
+	appFlags.GenerateJwtSecret = flag.Bool("generate-jwt-secret", false, "generate jwt secret")
+
 	flag.Parse()
 }
 
@@ -249,6 +253,19 @@ func main() {
 		os.Exit(0)
 	}
 
+	if *appFlags.GenerateJwtSecret {
+		logger.Info("Generating jwt secret...")
+		config.Setting.AUTH_SETTINGS.JwtSecret = uuid.NewV4().String()
+		viper.Set("auth_settings.jwt_secret", config.Setting.AUTH_SETTINGS.JwtSecret)
+		err := viper.WriteConfig()
+		if err != nil {
+			fmt.Println("No configuration file loaded: ", err)
+			logger.Error("No configuration file loaded - using defaults")
+		}
+
+		os.Exit(0)
+	}
+
 	//http client
 	initHttpClient()
 
@@ -867,7 +884,7 @@ func performV1APIRouting(e *echo.Echo) {
 	// Configure middleware with the custom claims type
 	config := middleware.JWTConfig{
 		Claims:     &auth.JwtUserClaim{},
-		SigningKey: []byte(auth.JwtSecret),
+		SigningKey: []byte(config.Setting.AUTH_SETTINGS.JwtSecret),
 	}
 
 	res.Use(middleware.JWTWithConfig(config))
@@ -1165,6 +1182,14 @@ func updateVersionApplication(configDBSession *gorm.DB) bool {
 		saveConfig = true
 	}
 
+	//generate JWT
+	config.Setting.AUTH_SETTINGS.JwtSecret = viper.GetString("auth_settings.jwt_secret")
+	if config.Setting.AUTH_SETTINGS.JwtSecret == "" {
+		config.Setting.AUTH_SETTINGS.JwtSecret = uuid.NewV4().String()
+		viper.Set("auth_settings.jwt_secret", config.Setting.AUTH_SETTINGS.JwtSecret)
+		saveConfig = true
+	}
+
 	if saveConfig {
 		err := viper.WriteConfig()
 		if err != nil {

version.go

@@ -1,7 +1,7 @@
 package main
 
 //VERSION
-var VERSION_APPLICATION = "1.4.27"
+var VERSION_APPLICATION = "1.4.28"
 
 //NAME
 var NAME_APPLICATION = "homer-app"