mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-22 17:06:17 +00:00
Store cookie key in db rather than cache
This commit is contained in:
parent
92fed40f87
commit
c938f225e9
23
supysonic/utils.py
Normal file
23
supysonic/utils.py
Normal file
@ -0,0 +1,23 @@
|
||||
# coding: utf-8
|
||||
#
|
||||
# This file is part of Supysonic.
|
||||
# Supysonic is a Python implementation of the Subsonic server API.
|
||||
#
|
||||
# Copyright (C) 2019 Alban 'spl0k' Féron
|
||||
#
|
||||
# Distributed under terms of the GNU AGPLv3 license.
|
||||
|
||||
from base64 import b64encode, b64decode
|
||||
from os import urandom
|
||||
from pony.orm import db_session, ObjectNotFound
|
||||
|
||||
from supysonic.db import Meta
|
||||
|
||||
@db_session
|
||||
def get_secret_key(keyname):
|
||||
try:
|
||||
key = b64decode(Meta[keyname].value)
|
||||
except ObjectNotFound:
|
||||
key = urandom(128)
|
||||
Meta(key = keyname, value = b64encode(key).decode())
|
||||
return key
|
@ -14,12 +14,13 @@ import logging
|
||||
import mimetypes
|
||||
|
||||
from flask import Flask
|
||||
from os import makedirs, path, urandom
|
||||
from os import makedirs, path
|
||||
from pony.orm import db_session
|
||||
|
||||
from .config import IniConfig
|
||||
from .cache import Cache
|
||||
from .db import init_database
|
||||
from .utils import get_secret_key
|
||||
|
||||
logger = logging.getLogger(__package__)
|
||||
|
||||
@ -69,15 +70,7 @@ def create_application(config = None):
|
||||
makedirs(cache_path) # pragma: nocover
|
||||
|
||||
# Read or create secret key
|
||||
secret_path = path.join(cache_path, 'secret')
|
||||
if path.exists(secret_path):
|
||||
with io.open(secret_path, 'rb') as f:
|
||||
app.secret_key = f.read()
|
||||
else:
|
||||
secret = urandom(128)
|
||||
with io.open(secret_path, 'wb') as f:
|
||||
f.write(secret)
|
||||
app.secret_key = secret
|
||||
app.secret_key = get_secret_key('cookies_secret')
|
||||
|
||||
# Import app sections
|
||||
if app.config['WEBAPP']['mount_webui']:
|
||||
|
Loading…
Reference in New Issue
Block a user