diff --git a/auth/claims.go b/auth/claims.go index 9f327e38..84284bde 100644 --- a/auth/claims.go +++ b/auth/claims.go @@ -4,6 +4,7 @@ import ( "time" "github.com/golang-jwt/jwt" + "github.com/sipcapture/homer-app/config" "github.com/sipcapture/homer-app/model" "github.com/sipcapture/homer-app/utils/logger" ) @@ -49,7 +50,7 @@ func Token(user model.TableUser) (string, error) { token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) // Generate encoded token and send it as response. - t, err := token.SignedString([]byte(JwtSecret)) + t, err := token.SignedString([]byte(config.Setting.AUTH_SETTINGS.JwtSecret)) if err != nil { return "", err } diff --git a/auth/constants.go b/auth/constants.go index 3cc43b87..9edd09af 100644 --- a/auth/constants.go +++ b/auth/constants.go @@ -1,7 +1,5 @@ package auth -const JwtSecret = "167f0db2-f83e-4baa-9736-d56064a5b415" - /* our expire time */ var TokenExpiryTime = 1200 diff --git a/config/config.go b/config/config.go index f7803733..d332b4ee 100644 --- a/config/config.go +++ b/config/config.go @@ -44,6 +44,10 @@ type HomerSettingServer struct { ExternalHomeDashboard string `default:""` } + AUTH_SETTINGS struct { + JwtSecret string `default:""` + } + OAUTH2_SETTINGS struct { Enable bool `default:"false"` ClientID string `default:"1234565"` diff --git a/etc/webapp_config.json b/etc/webapp_config.json index 67644d0c..c02d3dd8 100644 --- a/etc/webapp_config.json +++ b/etc/webapp_config.json @@ -103,6 +103,7 @@ "auth_settings": { "_comment": "The type param can be internal, ldap, http_auth", "type": "internal", + "jwt_secret": "167f0db2-f83e-4baa-9736-d56064a5b415", "gravatar": false, "gravatar_url": "https://www.gravatar.com/avatar/%s.jpg", "token_expire": 1200, diff --git a/main.go b/main.go index c11beea3..5cb911d0 100644 --- a/main.go +++ b/main.go @@ -130,6 +130,7 @@ type CommandLineFlags struct { APIPrefix *string `json:"api_prefix"` WatchConfig *bool `json:"watch_config"` ShowCurrentConfig *bool `json:"show_current_config"` + GenerateJwtSecret *bool `json:"generate_jwt_secret"` } //params for Services @@ -195,6 +196,9 @@ func initFlags() { appFlags.WatchConfig = flag.Bool("watch-config", false, "Watch the configuration for changes") appFlags.ShowCurrentConfig = flag.Bool("show-current-config", false, "print out the current config and exit") + //Jwt + appFlags.GenerateJwtSecret = flag.Bool("generate-jwt-secret", false, "generate jwt secret") + flag.Parse() } @@ -249,6 +253,19 @@ func main() { os.Exit(0) } + if *appFlags.GenerateJwtSecret { + logger.Info("Generating jwt secret...") + config.Setting.AUTH_SETTINGS.JwtSecret = uuid.NewV4().String() + viper.Set("auth_settings.jwt_secret", config.Setting.AUTH_SETTINGS.JwtSecret) + err := viper.WriteConfig() + if err != nil { + fmt.Println("No configuration file loaded: ", err) + logger.Error("No configuration file loaded - using defaults") + } + + os.Exit(0) + } + //http client initHttpClient() @@ -867,7 +884,7 @@ func performV1APIRouting(e *echo.Echo) { // Configure middleware with the custom claims type config := middleware.JWTConfig{ Claims: &auth.JwtUserClaim{}, - SigningKey: []byte(auth.JwtSecret), + SigningKey: []byte(config.Setting.AUTH_SETTINGS.JwtSecret), } res.Use(middleware.JWTWithConfig(config)) @@ -1165,6 +1182,14 @@ func updateVersionApplication(configDBSession *gorm.DB) bool { saveConfig = true } + //generate JWT + config.Setting.AUTH_SETTINGS.JwtSecret = viper.GetString("auth_settings.jwt_secret") + if config.Setting.AUTH_SETTINGS.JwtSecret == "" { + config.Setting.AUTH_SETTINGS.JwtSecret = uuid.NewV4().String() + viper.Set("auth_settings.jwt_secret", config.Setting.AUTH_SETTINGS.JwtSecret) + saveConfig = true + } + if saveConfig { err := viper.WriteConfig() if err != nil { diff --git a/version.go b/version.go index 251bd4c3..e07a2fb9 100644 --- a/version.go +++ b/version.go @@ -1,7 +1,7 @@ package main //VERSION -var VERSION_APPLICATION = "1.4.27" +var VERSION_APPLICATION = "1.4.28" //NAME var NAME_APPLICATION = "homer-app"