mirrors/navidrome
1
0
Fork 0
mirror of https://github.com/navidrome/navidrome.git synced 2025-04-03 20:47:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

fix(server): encrypt jwt secret at rest

Browse source 
Signed-off-by: Deluan <deluan@navidrome.org>
This commit is contained in:
Deluan 2024-12-05 21:40:34 -05:00
parent 177a1f853f
commit 7f030b0859
4 changed files with 55 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

18
server/initial_setup.go
View file

@ -27,10 +27,6 @@ func initialSetup(ds model.DataStore) {
return nil
}
log.Info("Running initial setup")
if err = createJWTSecret(tx); err != nil {
return err
}
if conf.Server.DevAutoCreateAdminPassword != "" {
if err = createInitialAdminUser(tx, conf.Server.DevAutoCreateAdminPassword); err != nil {
return err
@ -69,20 +65,6 @@ func createInitialAdminUser(ds model.DataStore, initialPassword string) error {
return err
}
func createJWTSecret(ds model.DataStore) error {
properties := ds.Property(context.TODO())
_, err := properties.Get(consts.JWTSecretKey)
if err == nil {
return nil
}
log.Info("Creating new JWT secret, used for encrypting UI sessions")
err = properties.Put(consts.JWTSecretKey, uuid.NewString())
if err != nil {
log.Error("Could not save JWT secret in DB", err)
}
return err
}
func checkFFmpegInstallation() {
f := ffmpeg.New()
_, err := f.CmdPath()