mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-23 01:16:18 +00:00
Store cookie key in db rather than cache
This commit is contained in:
parent
92fed40f87
commit
c938f225e9
23
supysonic/utils.py
Normal file
23
supysonic/utils.py
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
# coding: utf-8
|
||||||
|
#
|
||||||
|
# This file is part of Supysonic.
|
||||||
|
# Supysonic is a Python implementation of the Subsonic server API.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2019 Alban 'spl0k' Féron
|
||||||
|
#
|
||||||
|
# Distributed under terms of the GNU AGPLv3 license.
|
||||||
|
|
||||||
|
from base64 import b64encode, b64decode
|
||||||
|
from os import urandom
|
||||||
|
from pony.orm import db_session, ObjectNotFound
|
||||||
|
|
||||||
|
from supysonic.db import Meta
|
||||||
|
|
||||||
|
@db_session
|
||||||
|
def get_secret_key(keyname):
|
||||||
|
try:
|
||||||
|
key = b64decode(Meta[keyname].value)
|
||||||
|
except ObjectNotFound:
|
||||||
|
key = urandom(128)
|
||||||
|
Meta(key = keyname, value = b64encode(key).decode())
|
||||||
|
return key
|
@ -14,12 +14,13 @@ import logging
|
|||||||
import mimetypes
|
import mimetypes
|
||||||
|
|
||||||
from flask import Flask
|
from flask import Flask
|
||||||
from os import makedirs, path, urandom
|
from os import makedirs, path
|
||||||
from pony.orm import db_session
|
from pony.orm import db_session
|
||||||
|
|
||||||
from .config import IniConfig
|
from .config import IniConfig
|
||||||
from .cache import Cache
|
from .cache import Cache
|
||||||
from .db import init_database
|
from .db import init_database
|
||||||
|
from .utils import get_secret_key
|
||||||
|
|
||||||
logger = logging.getLogger(__package__)
|
logger = logging.getLogger(__package__)
|
||||||
|
|
||||||
@ -69,15 +70,7 @@ def create_application(config = None):
|
|||||||
makedirs(cache_path) # pragma: nocover
|
makedirs(cache_path) # pragma: nocover
|
||||||
|
|
||||||
# Read or create secret key
|
# Read or create secret key
|
||||||
secret_path = path.join(cache_path, 'secret')
|
app.secret_key = get_secret_key('cookies_secret')
|
||||||
if path.exists(secret_path):
|
|
||||||
with io.open(secret_path, 'rb') as f:
|
|
||||||
app.secret_key = f.read()
|
|
||||||
else:
|
|
||||||
secret = urandom(128)
|
|
||||||
with io.open(secret_path, 'wb') as f:
|
|
||||||
f.write(secret)
|
|
||||||
app.secret_key = secret
|
|
||||||
|
|
||||||
# Import app sections
|
# Import app sections
|
||||||
if app.config['WEBAPP']['mount_webui']:
|
if app.config['WEBAPP']['mount_webui']:
|
||||||
|
Loading…
Reference in New Issue
Block a user