mirror of https://github.com/LemmyNet/lemmy
Move jwt secret from config to database (fixes #1728)
parent
527eefbe92
commit
cf214ff583
@ -0,0 +1,37 @@
|
|||||||
|
use diesel::{result::Error, *};
|
||||||
|
use lemmy_db_schema::source::secret::Secret;
|
||||||
|
use lemmy_utils::settings::structs::Settings;
|
||||||
|
use std::sync::RwLock;
|
||||||
|
|
||||||
|
use crate::get_database_url_from_env;
|
||||||
|
|
||||||
|
lazy_static! {
|
||||||
|
static ref SECRET: RwLock<Secret> = RwLock::new(init().expect("Failed to load secrets from DB."));
|
||||||
|
}
|
||||||
|
|
||||||
|
pub trait SecretSingleton {
|
||||||
|
fn get() -> Secret;
|
||||||
|
}
|
||||||
|
|
||||||
|
impl SecretSingleton for Secret {
|
||||||
|
/// Returns the Secret as a struct
|
||||||
|
fn get() -> Self {
|
||||||
|
SECRET.read().expect("read secrets").to_owned()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Reads the secrets from the DB
|
||||||
|
fn init() -> Result<Secret, Error> {
|
||||||
|
let db_url = match get_database_url_from_env() {
|
||||||
|
Ok(url) => url,
|
||||||
|
Err(_) => Settings::get().get_database_url(),
|
||||||
|
};
|
||||||
|
|
||||||
|
let conn = PgConnection::establish(&db_url).expect("Couldn't get DB connection for Secrets.");
|
||||||
|
read_secrets(&conn)
|
||||||
|
}
|
||||||
|
|
||||||
|
fn read_secrets(conn: &PgConnection) -> Result<Secret, Error> {
|
||||||
|
use lemmy_db_schema::schema::secret::dsl::*;
|
||||||
|
secret.first::<Secret>(conn)
|
||||||
|
}
|
@ -0,0 +1,8 @@
|
|||||||
|
use crate::schema::secret;
|
||||||
|
|
||||||
|
#[derive(Queryable, Identifiable, Clone)]
|
||||||
|
#[table_name = "secret"]
|
||||||
|
pub struct Secret {
|
||||||
|
pub id: i32,
|
||||||
|
pub jwt_secret: String,
|
||||||
|
}
|
@ -0,0 +1 @@
|
|||||||
|
drop table secret;
|
@ -0,0 +1,9 @@
|
|||||||
|
-- generate a jwt secret
|
||||||
|
create extension if not exists pgcrypto;
|
||||||
|
|
||||||
|
create table secret(
|
||||||
|
id serial primary key,
|
||||||
|
jwt_secret varchar not null default gen_random_uuid()
|
||||||
|
);
|
||||||
|
|
||||||
|
insert into secret default values;
|
Loading…
Reference in New Issue