mirror of
https://github.com/strapi/strapi.git
synced 2025-08-19 06:08:50 +00:00
create app keys at app creation instead of runtime auto-generation
This commit is contained in:
Pierre Noël
parent
e230827335
commit
8b39d44992
@ -10,12 +10,7 @@ module.exports = ({ env }) => [
|
||||
'strapi::logger',
|
||||
'strapi::query',
|
||||
'strapi::body',
|
||||
{
|
||||
name: 'strapi::session',
|
||||
config: {
|
||||
secretKeys: env('SESSION_SECRET_KEYS'),
|
||||
},
|
||||
},
|
||||
'strapi::session',
|
||||
// 'strapi::compression',
|
||||
// 'strapi::ip',
|
||||
{
|
||||
|
||||
@ -5,8 +5,12 @@ const cronTasks = require('./src/cron-tasks');
|
||||
module.exports = ({ env }) => ({
|
||||
host: env('HOST', '0.0.0.0'),
|
||||
port: env.int('PORT', 1337),
|
||||
url: 'http://localhost:1337',
|
||||
cron: {
|
||||
enabled: true,
|
||||
tasks: cronTasks,
|
||||
},
|
||||
app: {
|
||||
keys: env.array('APP_SECRETS', ['toBeModified1', 'toBeModified2']),
|
||||
},
|
||||
});
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
'use strict';
|
||||
|
||||
const crypto = require('crypto');
|
||||
const { defaultsDeep, isEmpty, isString, omit, has } = require('lodash/fp');
|
||||
const { defaultsDeep, isEmpty, isArray } = require('lodash/fp');
|
||||
const session = require('koa-session');
|
||||
|
||||
const defaultConfig = {
|
||||
@ -13,34 +12,17 @@ const defaultConfig = {
|
||||
signed: true,
|
||||
rolling: false,
|
||||
renew: false,
|
||||
secure: false,
|
||||
secure: process.env.NODE_ENV === 'production' ? true : false,
|
||||
sameSite: null,
|
||||
};
|
||||
|
||||
module.exports = (userConfig, { strapi }) => {
|
||||
if (isEmpty(strapi.server.app.keys)) {
|
||||
let secretKeys = [];
|
||||
|
||||
if (has('secretKeys', userConfig)) {
|
||||
secretKeys = isString(userConfig.secretKeys)
|
||||
? userConfig.secretKeys.split(',')
|
||||
: userConfig.secretKeys;
|
||||
} else if (has('SESSION_SECRET_KEYS', process.env)) {
|
||||
secretKeys = process.env.SESSION_SECRET_KEYS.split(',');
|
||||
} else {
|
||||
// auto generate secret keys if they are not provided
|
||||
for (let i = 0; i < 4; i++) {
|
||||
secretKeys.push(crypto.randomBytes(64).toString('hex'));
|
||||
}
|
||||
strapi.fs.appendFile('.env', `SESSION_SECRET_KEYS=${secretKeys.join(',')}\n`);
|
||||
strapi.log.info(
|
||||
'The session middleware automatically generated some secret keys and stored them in your .env file under the name SESSION_SECRET_KEYS.'
|
||||
);
|
||||
const keys = strapi.server.app.keys;
|
||||
if (!isArray(keys) || isEmpty(keys) || keys.some(isEmpty)) {
|
||||
throw new Error(`App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`);
|
||||
}
|
||||
|
||||
strapi.server.app.keys = secretKeys;
|
||||
}
|
||||
const config = defaultsDeep(defaultConfig, omit('secretKeys', userConfig));
|
||||
const config = defaultsDeep(defaultConfig, userConfig);
|
||||
|
||||
strapi.server.use(session(config, strapi.server.app));
|
||||
};
|
||||
|
||||
@ -28,7 +28,10 @@ const healthCheck = async ctx => {
|
||||
* @returns {Server}
|
||||
*/
|
||||
const createServer = strapi => {
|
||||
const app = createKoaApp({ proxy: strapi.config.get('server.proxy') });
|
||||
const app = createKoaApp({
|
||||
proxy: strapi.config.get('server.proxy'),
|
||||
keys: strapi.config.get('server.app.keys'),
|
||||
});
|
||||
|
||||
const router = new Router();
|
||||
|
||||
|
||||
@ -53,8 +53,9 @@ const addCustomMethods = app => {
|
||||
return app;
|
||||
};
|
||||
|
||||
const createKoaApp = ({ proxy }) => {
|
||||
const createKoaApp = ({ proxy, keys }) => {
|
||||
const app = new Koa({ proxy });
|
||||
app.keys = keys;
|
||||
|
||||
addCustomMethods(app);
|
||||
|
||||
|
||||
@ -17,6 +17,7 @@ const mergeTemplate = require('./utils/merge-template.js');
|
||||
const packageJSON = require('./resources/json/package.json');
|
||||
const createDatabaseConfig = require('./resources/templates/database.js');
|
||||
const createAdminConfig = require('./resources/templates/admin-config.js');
|
||||
const createEnvFile = require('./resources/templates/env.js');
|
||||
|
||||
module.exports = async function createProject(scope, { client, connection, dependencies }) {
|
||||
console.log(`Creating a new Strapi application at ${chalk.green(scope.rootPath)}.`);
|
||||
@ -30,6 +31,7 @@ module.exports = async function createProject(scope, { client, connection, depen
|
||||
await fse.copy(join(resources, 'files'), rootPath);
|
||||
|
||||
// copy dot files
|
||||
await fse.writeFile(join(rootPath, '.env'), createEnvFile());
|
||||
const dotFiles = await fse.readdir(join(resources, 'dot-files'));
|
||||
await Promise.all(
|
||||
dotFiles.map(name => {
|
||||
|
||||
@ -1,2 +0,0 @@
|
||||
HOST=0.0.0.0
|
||||
PORT=1337
|
||||
@ -1,4 +1,8 @@
|
||||
module.exports = ({ env }) => ({
|
||||
host: env('HOST', '0.0.0.0'),
|
||||
port: env.int('PORT', 1337),
|
||||
url: env('URL', 'http://localhost:1337'),
|
||||
app: {
|
||||
keys: env.array('APP_SECRETS'),
|
||||
},
|
||||
});
|
||||
|
||||
16
packages/generators/app/lib/resources/templates/env.js
Normal file
16
packages/generators/app/lib/resources/templates/env.js
Normal file
@ -0,0 +1,16 @@
|
||||
'use strict';
|
||||
|
||||
const crypto = require('crypto');
|
||||
|
||||
const fs = require('fs');
|
||||
const path = require('path');
|
||||
const _ = require('lodash');
|
||||
|
||||
module.exports = () => {
|
||||
const tmpl = fs.readFileSync(path.join(__dirname, 'env.template'));
|
||||
const compile = _.template(tmpl);
|
||||
|
||||
return compile({
|
||||
appSecrets: new Array(4).fill().map(() => crypto.randomBytes(16).toString('base64')).join(','),
|
||||
});
|
||||
};
|
||||
@ -0,0 +1,4 @@
|
||||
HOST=0.0.0.0
|
||||
PORT=1337
|
||||
URL=http://localhost:1337
|
||||
APP_SECRETS=<%= appSecrets %>
|
||||
Loading…
x
Reference in New Issue
Block a user