From 0605a9f4ee6cc92cb0e6351362e5028300f953c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pablo=20Carranza=20V=C3=A9lez?= Date: Mon, 2 Nov 2015 13:16:43 -0300 Subject: [PATCH] Use generic config.forceSecret[name] and allow forcing logsChannel --- src/api.coffee | 4 ++-- src/app.coffee | 2 +- src/config.coffee | 4 +++- src/utils.coffee | 12 ++++++------ 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/src/api.coffee b/src/api.coffee index 9cfb0617..2d72ee84 100644 --- a/src/api.coffee +++ b/src/api.coffee @@ -13,7 +13,7 @@ module.exports = (application) -> api = express() api.use(bodyParser()) api.use (req, res, next) -> - utils.getOrGenerateSecret('apiSecret') + utils.getOrGenerateSecret('api') .then (secret) -> if req.query.apikey is secret next() @@ -129,7 +129,7 @@ module.exports = (application) -> # Expires the supervisor's API key and generates a new one. # It also communicates the new key to the Resin API. api.post '/v1/regenerate-api-key', (req, res) -> - utils.newSecret('apiSecret') + utils.newSecret('api') .then (secret) -> device.updateState(api_secret: secret) res.status(200).send(secret) diff --git a/src/app.coffee b/src/app.coffee index e6d51dc4..63041912 100644 --- a/src/app.coffee +++ b/src/app.coffee @@ -14,7 +14,7 @@ knex.init.then -> console.log('Starting connectivity check..') utils.connectivityCheck() - Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateSecret('apiSecret'), utils.getOrGenerateSecret('logsChannel'), (uuid, secret, logsChannel) -> + Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateSecret('api'), utils.getOrGenerateSecret('logsChannel'), (uuid, secret, logsChannel) -> # Persist the uuid in subsequent metrics utils.mixpanelProperties.uuid = uuid diff --git a/src/config.coffee b/src/config.coffee index 34d4f5d0..9bbfd9a0 100644 --- a/src/config.coffee +++ b/src/config.coffee @@ -30,6 +30,8 @@ module.exports = config = restartSuccessTimeout: checkInt(process.env.RESTART_SUCCESS_TIMEOUT) ? 60000 appUpdatePollInterval: checkInt(process.env.APPLICATION_UPDATE_POLL_INTERVAL) ? 60000 successMessage: 'SUPERVISOR OK' - forceApiSecret: process.env.RESIN_SUPERVISOR_SECRET ? null + forceSecret: + api: process.env.RESIN_SUPERVISOR_SECRET ? null + logsChannel: process.env.RESIN_SUPERVISOR_LOGS_CHANNEL ? null vpnStatusPath: process.env.VPN_STATUS_PATH ? '/mnt/root/run/openvpn/vpn_status' checkInt: checkInt diff --git a/src/utils.coffee b/src/utils.coffee index eaff0811..b47494b7 100644 --- a/src/utils.coffee +++ b/src/utils.coffee @@ -105,22 +105,22 @@ exports.connectivityCheck = _.once -> secretPromises = {} generateSecret = (name) -> Promise.try -> - return config.forceApiSecret if name == 'apiSecret' && config.forceApiSecret? + return config.forceSecret[name] if config.forceSecret[name]? return randomHexString.generate() .then (newSecret) -> - secretInDB = { key: name, value: newSecret } - knex('config').update(secretInDB).where(key: name) + secretInDB = { key: "#{name}Secret", value: newSecret } + knex('config').update(secretInDB).where(key: "#{name}Secret") .then (affectedRows) -> knex('config').insert(secretInDB) if affectedRows == 0 .return(newSecret) -exports.newSecret = newSecret = (name) -> +exports.newSecret = (name) -> secretPromises[name] ?= Promise.resolve() secretPromises[name] = secretPromises[name].then -> generateSecret(name) exports.getOrGenerateSecret = (name) -> - secretPromises[name] ?= knex('config').select('value').where(key: name).then ([ secret ]) -> + secretPromises[name] ?= knex('config').select('value').where(key: "#{name}Secret").then ([ secret ]) -> return secret.value if secret? generateSecret(name) return secretPromises[name] @@ -132,7 +132,7 @@ exports.extendEnvVars = (env, uuid) -> RESIN_SUPERVISOR_ADDRESS: "http://#{host}:#{config.listenPort}" RESIN_SUPERVISOR_HOST: host RESIN_SUPERVISOR_PORT: config.listenPort - RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateSecret('apiSecret') + RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateSecret('api') RESIN_SUPERVISOR_VERSION: exports.supervisorVersion RESIN: '1' USER: 'root'