masq
/
halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[conf] Read "HALFAPI_SECRET" file content if the option is not specified. Do not use HALFAPI_SECRET to store the *secret* value

This commit is contained in:
Maxime Alves LIRMM 2021-09-03 15:50:33 +02:00
parent 061c966072
commit 51877b271e
3 changed files with 8 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
halfapi/conf.py
View File

@ -59,17 +59,8 @@ is_project = lambda: os.path.isfile(CONF_FILE)
default_config = {
'project': {
'host': '127.0.0.1',
'port': '8000',
'secret': '',
'production': 'no'
}
}
config = ConfigParser(allow_no_value=True) config = ConfigParser(allow_no_value=True)
config.read_dict(default_config)
CONF_DIR = environ.get('HALFAPI_CONF_DIR', '/etc/half_api') CONF_DIR = environ.get('HALFAPI_CONF_DIR', '/etc/half_api')
HALFAPI_ETC_FILE=os.path.join( HALFAPI_ETC_FILE=os.path.join(
@ -127,26 +118,19 @@ if len(PROJECT_NAME) == 0:
DOMAINSDICT = lambda: d_domains(config) DOMAINSDICT = lambda: d_domains(config)
DOMAINS = DOMAINSDICT() DOMAINS = DOMAINSDICT()
if len(DOMAINS) == 0: if len(DOMAINS) == 0:
logger.info('Domain-less instance') logger.info('Domain-less instance %s', d_domains(config))
HOST = config.get('project', 'host', fallback=environ.get('HALFAPI_HOST', '127.0.0.1')) HOST = config.get('project', 'host', fallback=environ.get('HALFAPI_HOST', '127.0.0.1'))
PORT = config.getint('project', 'port', fallback=environ.get('HALFAPI_PORT', '3000')) PORT = config.getint('project', 'port', fallback=environ.get('HALFAPI_PORT', '3000'))
try: try:
with open(config.get('project', 'secret')) as secret_file: with open(config.get('project', 'secret',
fallback=environ.get('HALFAPI_SECRET', ''))) as secret_file:
SECRET = secret_file.read().strip() SECRET = secret_file.read().strip()
CONFIG['secret'] = SECRET.strip() CONFIG['secret'] = SECRET.strip()
# Set the secret so we can use it in domains
environ['HALFAPI_SECRET'] = SECRET
except FileNotFoundError as exc: except FileNotFoundError as exc:
if 'HALFAPI_SECRET' in environ: logger.error('Missing secret file: %s', exc)
SECRET = environ.get('HALFAPI_SECRET')
CONFIG['secret'] = SECRET.strip()
# Set the secret so we can use it in domains
environ['HALFAPI_SECRET'] = SECRET
logger.error('There is no file like %s : %s',
config.get('project', 'secret'), exc)
PRODUCTION = config.getboolean('project', 'production', PRODUCTION = config.getboolean('project', 'production',
fallback=environ.get('HALFAPI_PROD', False)) fallback=environ.get('HALFAPI_PROD', False))

8
halfapi/lib/jwt_middleware.py
View File

@ -7,7 +7,7 @@ Classes:
- JWTWebSocketAuthenticationBackend - JWTWebSocketAuthenticationBackend
Raises: Raises:
Exception: If configuration has no SECRET or HALFAPI_SECRET is not set Exception: If configuration has no SECRET
""" """
from os import environ from os import environ
@ -38,11 +38,9 @@ except ImportError:
try: try:
from ..conf import SECRET from ..conf import SECRET
except ImportError as exc: except ImportError as exc:
logger.warning('Could not import SECRET variable from conf module,'\ logger.error('Could not import SECRET variable from conf module,'\
' using HALFAPI_SECRET environment variable') ' using HALFAPI_SECRET environment variable')
SECRET = environ.get('HALFAPI_SECRET', False) raise Exception('Missing secret') from exc
if not SECRET:
raise Exception('Missing HALFAPI_SECRET variable') from exc

1
tests/conftest.py
View File

@ -27,7 +27,6 @@ logger = logging.getLogger('halfapitest')
PROJNAME = os.environ.get('PROJ','tmp_api') PROJNAME = os.environ.get('PROJ','tmp_api')
os.environ['HALFAPI_SECRET'] = 'dummysecret'
SECRET = 'dummysecret' SECRET = 'dummysecret'
from halfapi.lib.jwt_middleware import ( from halfapi.lib.jwt_middleware import (