From 638c62da2febc0ea7cde4f7faffcee600cd0a005 Mon Sep 17 00:00:00 2001 From: ning <710leo@gmail.com> Date: Thu, 23 May 2024 11:06:33 +0800 Subject: [PATCH] refactor: automatically generate jwt signing key --- center/center.go | 2 ++ .../etc-nightingale/config.toml | 2 -- .../etc-nightingale/config.toml | 2 -- .../etc-nightingale/config.toml | 2 -- docker/compose-postgres/n9eetc_pg/config.toml | 2 -- etc/config.toml | 2 -- models/configs.go | 21 +++++++++++++++++++ 7 files changed, 23 insertions(+), 10 deletions(-) diff --git a/center/center.go b/center/center.go index 2c535380..3015ee20 100644 --- a/center/center.go +++ b/center/center.go @@ -64,6 +64,8 @@ func Initialize(configDir string, cryptoKey string) (func(), error) { migrate.Migrate(db) models.InitRoot(ctx) + config.HTTP.JWTAuth.SigningKey = models.InitJWTSigningKey(ctx) + err = rsa.InitRSAConfig(ctx, &config.HTTP.RSA) if err != nil { return nil, err diff --git a/docker/compose-bridge/etc-nightingale/config.toml b/docker/compose-bridge/etc-nightingale/config.toml index 75beef3d..330b1ac7 100644 --- a/docker/compose-bridge/etc-nightingale/config.toml +++ b/docker/compose-bridge/etc-nightingale/config.toml @@ -55,8 +55,6 @@ Enable = true user001 = "ccc26da7b9aba533cbb263a36c07dcc5" [HTTP.JWTAuth] -# signing key -SigningKey = "5b94a0fd640fe2765af826acfe42d151" # unit: min AccessExpired = 1500 # unit: min diff --git a/docker/compose-host-network-metric-log/etc-nightingale/config.toml b/docker/compose-host-network-metric-log/etc-nightingale/config.toml index 75a6a48a..445d925f 100644 --- a/docker/compose-host-network-metric-log/etc-nightingale/config.toml +++ b/docker/compose-host-network-metric-log/etc-nightingale/config.toml @@ -55,8 +55,6 @@ Enable = true user001 = "ccc26da7b9aba533cbb263a36c07dcc5" [HTTP.JWTAuth] -# signing key -SigningKey = "5b94a0fd640fe2765af826acfe42d151" # unit: min AccessExpired = 1500 # unit: min diff --git a/docker/compose-host-network/etc-nightingale/config.toml b/docker/compose-host-network/etc-nightingale/config.toml index 30660fcb..d2132613 100644 --- a/docker/compose-host-network/etc-nightingale/config.toml +++ b/docker/compose-host-network/etc-nightingale/config.toml @@ -55,8 +55,6 @@ Enable = true user001 = "ccc26da7b9aba533cbb263a36c07dcc5" [HTTP.JWTAuth] -# signing key -SigningKey = "5b94a0fd640fe2765af826acfe42d151" # unit: min AccessExpired = 1500 # unit: min diff --git a/docker/compose-postgres/n9eetc_pg/config.toml b/docker/compose-postgres/n9eetc_pg/config.toml index 6fc0db11..9972af4f 100644 --- a/docker/compose-postgres/n9eetc_pg/config.toml +++ b/docker/compose-postgres/n9eetc_pg/config.toml @@ -55,8 +55,6 @@ Enable = true user001 = "ccc26da7b9aba533cbb263a36c07dcc5" [HTTP.JWTAuth] -# signing key -SigningKey = "5b94a0fd640fe2765af826acfe42d151" # unit: min AccessExpired = 1500 # unit: min diff --git a/etc/config.toml b/etc/config.toml index 0c9062a6..7bce99bf 100644 --- a/etc/config.toml +++ b/etc/config.toml @@ -55,8 +55,6 @@ Enable = true user001 = "ccc26da7b9aba533cbb263a36c07dcc5" [HTTP.JWTAuth] -# signing key -SigningKey = "5b94a0fd640fe2765af826acfe42d151" # unit: min AccessExpired = 1500 # unit: min diff --git a/models/configs.go b/models/configs.go index fe8267e9..7b03d7d4 100644 --- a/models/configs.go +++ b/models/configs.go @@ -44,8 +44,29 @@ const ( RSA_PRIVATE_KEY = "rsa_private_key" RSA_PUBLIC_KEY = "rsa_public_key" RSA_PASSWORD = "rsa_password" + JWT_SIGNING_KEY = "jwt_signing_key" ) +func InitJWTSigningKey(ctx *ctx.Context) string { + val, err := ConfigsGet(ctx, JWT_SIGNING_KEY) + if err != nil { + log.Fatalln("init jwt signing key in mysql", err) + } + + if val != "" { + return val + } + + content := fmt.Sprintf("%s%d%d%s", runner.Hostname, os.Getpid(), time.Now().UnixNano(), str.RandLetters(6)) + key := str.MD5(content) + err = ConfigsSet(ctx, JWT_SIGNING_KEY, key) + if err != nil { + log.Fatalln("init jwt signing key in mysql", err) + } + + return key +} + // InitSalt generate random salt func InitSalt(ctx *ctx.Context) { val, err := ConfigsGet(ctx, SALT)