refactor: automatically generate jwt signing key

2 years ago · 638c62da2f
--- a/center/center.go
+++ b/center/center.go
@@ -64,6 +64,8 @@ func Initialize(configDir string, cryptoKey string) (func(), error) {
 	migrate.Migrate(db)
 	models.InitRoot(ctx)

 	config.HTTP.JWTAuth.SigningKey = models.InitJWTSigningKey(ctx)

 	err = rsa.InitRSAConfig(ctx, &config.HTTP.RSA)
 	if err != nil {
 		return nil, err
--- a/docker/compose-bridge/etc-nightingale/config.toml
+++ b/docker/compose-bridge/etc-nightingale/config.toml
@@ -55,8 +55,6 @@ Enable = true
 user001 = "ccc26da7b9aba533cbb263a36c07dcc5"

 [HTTP.JWTAuth]
 # signing key
 SigningKey = "5b94a0fd640fe2765af826acfe42d151"
 # unit: min
 AccessExpired = 1500
 # unit: min
--- a/docker/compose-host-network-metric-log/etc-nightingale/config.toml
+++ b/docker/compose-host-network-metric-log/etc-nightingale/config.toml
@@ -55,8 +55,6 @@ Enable = true
 user001 = "ccc26da7b9aba533cbb263a36c07dcc5"

 [HTTP.JWTAuth]
 # signing key
 SigningKey = "5b94a0fd640fe2765af826acfe42d151"
 # unit: min
 AccessExpired = 1500
 # unit: min
--- a/docker/compose-host-network/etc-nightingale/config.toml
+++ b/docker/compose-host-network/etc-nightingale/config.toml
@@ -55,8 +55,6 @@ Enable = true
 user001 = "ccc26da7b9aba533cbb263a36c07dcc5"

 [HTTP.JWTAuth]
 # signing key
 SigningKey = "5b94a0fd640fe2765af826acfe42d151"
 # unit: min
 AccessExpired = 1500
 # unit: min
--- a/docker/compose-postgres/n9eetc_pg/config.toml
+++ b/docker/compose-postgres/n9eetc_pg/config.toml
@@ -55,8 +55,6 @@ Enable = true
 user001 = "ccc26da7b9aba533cbb263a36c07dcc5"

 [HTTP.JWTAuth]
 # signing key
 SigningKey = "5b94a0fd640fe2765af826acfe42d151"
 # unit: min
 AccessExpired = 1500
 # unit: min
--- a/etc/config.toml
+++ b/etc/config.toml
@@ -55,8 +55,6 @@ Enable = true
 user001 = "ccc26da7b9aba533cbb263a36c07dcc5"

 [HTTP.JWTAuth]
 # signing key
 SigningKey = "5b94a0fd640fe2765af826acfe42d151"
 # unit: min
 AccessExpired = 1500
 # unit: min
--- a/models/configs.go
+++ b/models/configs.go
@@ -44,8 +44,29 @@ const (
 	RSA_PRIVATE_KEY = "rsa_private_key"
 	RSA_PUBLIC_KEY  = "rsa_public_key"
 	RSA_PASSWORD    = "rsa_password"
 	JWT_SIGNING_KEY = "jwt_signing_key"
 )

 func InitJWTSigningKey(ctx *ctx.Context) string {
 	val, err := ConfigsGet(ctx, JWT_SIGNING_KEY)
 	if err != nil {
 		log.Fatalln("init jwt signing key in mysql", err)
 	}

 	if val != "" {
 		return val
 	}

 	content := fmt.Sprintf("%s%d%d%s", runner.Hostname, os.Getpid(), time.Now().UnixNano(), str.RandLetters(6))
 	key := str.MD5(content)
 	err = ConfigsSet(ctx, JWT_SIGNING_KEY, key)
 	if err != nil {
 		log.Fatalln("init jwt signing key in mysql", err)
 	}

 	return key
 }

 // InitSalt generate random salt
 func InitSalt(ctx *ctx.Context) {
 	val, err := ConfigsGet(ctx, SALT)