diff options
-rw-r--r-- | model/config.go | 17 | ||||
-rw-r--r-- | model/utils.go | 12 | ||||
-rw-r--r-- | model/utils_test.go | 12 |
3 files changed, 41 insertions, 0 deletions
diff --git a/model/config.go b/model/config.go index 14ce444c5..a3ba812b0 100644 --- a/model/config.go +++ b/model/config.go @@ -164,6 +164,23 @@ func ConfigFromJson(data io.Reader) *Config { } func (o *Config) SetDefaults() { + + if len(o.SqlSettings.AtRestEncryptKey) == 0 { + o.SqlSettings.AtRestEncryptKey = NewRandomString(32) + } + + if len(o.FileSettings.PublicLinkSalt) == 0 { + o.FileSettings.PublicLinkSalt = NewRandomString(32) + } + + if len(o.EmailSettings.InviteSalt) == 0 { + o.EmailSettings.InviteSalt = NewRandomString(32) + } + + if len(o.EmailSettings.PasswordResetSalt) == 0 { + o.EmailSettings.PasswordResetSalt = NewRandomString(32) + } + if o.ServiceSettings.EnableSecurityFixAlert == nil { o.ServiceSettings.EnableSecurityFixAlert = new(bool) *o.ServiceSettings.EnableSecurityFixAlert = true diff --git a/model/utils.go b/model/utils.go index b49b4bb24..5596b06ff 100644 --- a/model/utils.go +++ b/model/utils.go @@ -5,6 +5,7 @@ package model import ( "bytes" + "crypto/rand" "encoding/base32" "encoding/json" "fmt" @@ -81,6 +82,17 @@ func NewId() string { return b.String() } +func NewRandomString(length int) string { + var b bytes.Buffer + str := make([]byte, length+8) + rand.Read(str) + encoder := base32.NewEncoder(encoding, &b) + encoder.Write(str) + encoder.Close() + b.Truncate(length) // removes the '==' padding + return b.String() +} + // GetMillis is a convience method to get milliseconds since epoch. func GetMillis() int64 { return time.Now().UnixNano() / int64(time.Millisecond) diff --git a/model/utils_test.go b/model/utils_test.go index 7f14bcdf0..626386227 100644 --- a/model/utils_test.go +++ b/model/utils_test.go @@ -17,6 +17,18 @@ func TestNewId(t *testing.T) { } } +func TestRandomString(t *testing.T) { + for i := 0; i < 1000; i++ { + r := NewRandomString(32) + t.Log(r) + if len(r) != 32 { + t.Fatal("should be 32 chars") + } + } + + t.Fatal("test") +} + func TestAppError(t *testing.T) { err := NewAppError("TestAppError", "message", "") json := err.ToJson() |