From b08a028d697d302fe0051239195bc8d2964f30a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pablo=20Carranza=20V=C3=A9lez?= <pablocarranza@gmail.com>
Date: Wed, 28 Oct 2015 20:02:00 -0300
Subject: [PATCH] Use random secret for logs channel

---
 CHANGELOG.md           |  2 ++
 src/api.coffee         |  6 +++---
 src/app.coffee         |  5 +++--
 src/application.coffee |  4 ++--
 src/utils.coffee       | 31 ++++++++++++++++---------------
 5 files changed, 26 insertions(+), 22 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dd198d5e..f3ee9cb3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,5 @@
+* Use random name for PubNub channel and report to API [Pablo]
+
 # v1.2.0
 
 * Don't bind mount (the sometimes non-existent) docker.sock [Pablo]
diff --git a/src/api.coffee b/src/api.coffee
index b5662a63..9cfb0617 100644
--- a/src/api.coffee
+++ b/src/api.coffee
@@ -13,7 +13,7 @@ module.exports = (application) ->
 	api = express()
 	api.use(bodyParser())
 	api.use (req, res, next) ->
-		utils.getOrGenerateApiSecret()
+		utils.getOrGenerateSecret('apiSecret')
 		.then (secret) ->
 			if req.query.apikey is secret
 				next()
@@ -129,9 +129,9 @@ module.exports = (application) ->
 	# Expires the supervisor's API key and generates a new one.
 	# It also communicates the new key to the Resin API.
 	api.post '/v1/regenerate-api-key', (req, res) ->
-		utils.newApiSecret()
+		utils.newSecret('apiSecret')
 		.then (secret) ->
-			device.updateState(apikey: secret)
+			device.updateState(api_secret: secret)
 			res.status(200).send(secret)
 		.catch (err) ->
 			res.status(503).send(err?.message or err or 'Unknown error')
diff --git a/src/app.coffee b/src/app.coffee
index 6a455aa9..e6d51dc4 100644
--- a/src/app.coffee
+++ b/src/app.coffee
@@ -14,12 +14,12 @@ knex.init.then ->
 	console.log('Starting connectivity check..')
 	utils.connectivityCheck()
 
-	Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateApiSecret(), (uuid, secret) ->
+	Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateSecret('apiSecret'), utils.getOrGenerateSecret('logsChannel'), (uuid, secret, logsChannel) ->
 		# Persist the uuid in subsequent metrics
 		utils.mixpanelProperties.uuid = uuid
 
 		api = require './api'
-		application = require('./application')(uuid)
+		application = require('./application')(logsChannel)
 		device = require './device'
 
 		bootstrap.done
@@ -35,6 +35,7 @@ knex.init.then ->
 				provisioning_progress: null
 				provisioning_state: ''
 				download_progress: null
+				logs_channel: logsChannel
 			)
 
 		console.log('Starting Apps..')
diff --git a/src/application.coffee b/src/application.coffee
index 97d218ee..c1eeb927 100644
--- a/src/application.coffee
+++ b/src/application.coffee
@@ -508,10 +508,10 @@ application.initialize = ->
 		application.poll()
 		application.update()
 
-module.exports = (uuid) ->
+module.exports = (logsChannel) ->
 	logger.init(
 		dockerSocket: config.dockerSocket
 		pubnub: config.pubnub
-		channel: "device-#{uuid}-logs"
+		channel: "device-#{logsChannel}-logs"
 	)
 	return application
diff --git a/src/utils.coffee b/src/utils.coffee
index 44a88aa3..eaff0811 100644
--- a/src/utils.coffee
+++ b/src/utils.coffee
@@ -102,27 +102,28 @@ exports.connectivityCheck = _.once ->
 				blink.pattern.start(networkPattern)
 
 
-apiSecretPromise = null
-generateApiSecret = ->
+secretPromises = {}
+generateSecret = (name) ->
 	Promise.try ->
-		return config.forceApiSecret ? randomHexString.generate()
+		return config.forceApiSecret if name == 'apiSecret' && config.forceApiSecret?
+		return randomHexString.generate()
 	.then (newSecret) ->
-		secretInDB = { key: 'apiSecret', value: newSecret }
-		knex('config').update(secretInDB).where(key: 'apiSecret')
+		secretInDB = { key: name, value: newSecret }
+		knex('config').update(secretInDB).where(key: name)
 		.then (affectedRows) ->
 			knex('config').insert(secretInDB) if affectedRows == 0
 		.return(newSecret)
 
-exports.newApiSecret = newApiSecret = ->
-	apiSecretPromise ?= Promise.resolve()
-	apiSecretPromise = apiSecretPromise.then ->
-		generateApiSecret()
+exports.newSecret = newSecret = (name) ->
+	secretPromises[name] ?= Promise.resolve()
+	secretPromises[name] = secretPromises[name].then ->
+		generateSecret(name)
 
-exports.getOrGenerateApiSecret = ->
-	apiSecretPromise ?= knex('config').select('value').where(key: 'apiSecret').then ([ apiSecret ]) ->
-		return apiSecret.value if apiSecret?
-		generateApiSecret()
-	return apiSecretPromise
+exports.getOrGenerateSecret = (name) ->
+	secretPromises[name] ?= knex('config').select('value').where(key: name).then ([ secret ]) ->
+		return secret.value if secret?
+		generateSecret(name)
+	return secretPromises[name]
 
 exports.extendEnvVars = (env, uuid) ->
 	host = '127.0.0.1'
@@ -131,7 +132,7 @@ exports.extendEnvVars = (env, uuid) ->
 		RESIN_SUPERVISOR_ADDRESS: "http://#{host}:#{config.listenPort}"
 		RESIN_SUPERVISOR_HOST: host
 		RESIN_SUPERVISOR_PORT: config.listenPort
-		RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateApiSecret()
+		RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateSecret('apiSecret')
 		RESIN_SUPERVISOR_VERSION: exports.supervisorVersion
 		RESIN: '1'
 		USER: 'root'