fix(striker-ui-api): add function to get session secret

main
Tsu-ba-me 2 years ago
parent 180aa54800
commit de2e8e45e1
  1. 4
      striker-ui-api/src/index.ts
  2. 1
      striker-ui-api/src/lib/consts/AN_VARIABLE_NAME_LIST.ts
  3. 2
      striker-ui-api/src/lib/consts/EXIT_CODE_LIST.ts
  4. 2
      striker-ui-api/src/lib/consts/index.ts
  5. 56
      striker-ui-api/src/lib/getSessionSecret.ts

@ -1,6 +1,6 @@
import { getgid, getuid, setgid, setuid } from 'process';
import { PGID, PUID, PORT } from './lib/consts';
import { PGID, PUID, PORT, ECODE_DROP_PRIVILEGES } from './lib/consts';
import app from './app';
import { stderr, stdout } from './lib/shell';
@ -17,7 +17,7 @@ app.listen(PORT, () => {
} catch (error) {
stderr(`Failed to change process ownership; CAUSE: ${error}`);
process.exit(1);
process.exit(ECODE_DROP_PRIVILEGES);
}
stdout(`Listening on localhost:${PORT}.`);

@ -0,0 +1 @@
export const VNAME_SESSION_SECRET = 'striker-ui-api::session::secret';

@ -0,0 +1,2 @@
export const ECODE_DROP_PRIVILEGES = 1;
export const ECODE_SESSION_SECRET = 2;

@ -1,2 +1,4 @@
export * from './AN_VARIABLE_NAME_LIST';
export * from './EXIT_CODE_LIST';
export * from './PROCESS_OWNER';
export * from './SERVER_PORT';

@ -0,0 +1,56 @@
import assert from 'assert';
import { ECODE_SESSION_SECRET, VNAME_SESSION_SECRET } from './consts';
import { dbQuery, variable } from './accessModule';
import { openssl, stderr, stdout } from './shell';
export const getSessionSecret = (): string => {
let sessionSecret: string;
try {
const rows: [sessionSecret: string][] = dbQuery(
`SELECT variable_value
FROM variables
WHERE variable_name = '${VNAME_SESSION_SECRET}';`,
).stdout;
assert(rows.length > 0, 'No existing session secret found.');
({
0: [sessionSecret],
} = rows);
stdout('Found an existing session secret.');
return sessionSecret;
} catch (queryError) {
stderr(`Failed to get session secret from database; CAUSE: ${queryError}`);
}
try {
sessionSecret = openssl('rand', '-base64', '32').trim();
stdout('Generated a new session secret.');
} catch (sysError) {
stderr(`Failed to generate session secret; CAUSE: ${sysError}`);
process.exit(ECODE_SESSION_SECRET);
}
try {
const vuuid = variable({
file: __filename,
variable_name: VNAME_SESSION_SECRET,
variable_value: sessionSecret,
});
stdout(`Recorded session secret as variable identified by ${vuuid}.`);
} catch (subError) {
stderr(`Failed to record session secret; CAUSE: ${subError}`);
process.exit(ECODE_SESSION_SECRET);
}
return sessionSecret;
};
Loading…
Cancel
Save