ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-10-31 15:53:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Refactor configuration

Browse Source 
- No longer use config npm package
- Prefer config from env vars, though still has support for config file
- No longer writes a config file for database config
- Writes keys to a new file in /data folder
- Removes a lot of cruft and improves config understanding
This commit is contained in:
Jamie Curnow
2023-03-21 16:53:39 +10:00
parent dad3e1da7c
commit 2a07445005
13 changed files with 278 additions and 261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/models/token.js
View File

@@ -6,44 +6,36 @@
const _ = require('lodash');
const jwt = require('jsonwebtoken');
const crypto = require('crypto');
const config = require('../lib/config');
const error = require('../lib/error');
const logger = require('../logger').global;
const ALGO = 'RS256';
let public_key = null;
let private_key = null;
function checkJWTKeyPair() {
if (!public_key || !private_key) {
let config = require('config');
public_key = config.get('jwt.pub');
private_key = config.get('jwt.key');
}
}
module.exports = function () {
let token_data = {};
let self = {
const self = {
/**
* @param {Object} payload
* @returns {Promise}
*/
create: (payload) => {
if (!config.getPrivateKey()) {
logger.error('Private key is empty!')
}
// sign with RSA SHA256
let options = {
const options = {
algorithm: ALGO,
expiresIn: payload.expiresIn || '1d'
};
payload.jti = crypto.randomBytes(12)
.toString('base64')
.substr(-8);
checkJWTKeyPair();
.substring(-8);
return new Promise((resolve, reject) => {
jwt.sign(payload, private_key, options, (err, token) => {
jwt.sign(payload, config.getPrivateKey(), options, (err, token) => {
if (err) {
reject(err);
} else {
@@ -62,13 +54,15 @@ module.exports = function () {
* @returns {Promise}
*/
load: function (token) {
if (!config.getPublicKey()) {
logger.error('Public key is empty!')
}
return new Promise((resolve, reject) => {
checkJWTKeyPair();
try {
if (!token || token === null || token === 'null') {
reject(new error.AuthError('Empty token'));
} else {
jwt.verify(token, public_key, {ignoreExpiration: false, algorithms: [ALGO]}, (err, result) => {
jwt.verify(token, config.getPublicKey(), {ignoreExpiration: false, algorithms: [ALGO]}, (err, result) => {
if (err) {
if (err.name === 'TokenExpiredError') {
@@ -132,7 +126,7 @@ module.exports = function () {
* @returns {Integer}
*/
getUserId: (default_value) => {
let attrs = self.get('attrs');
const attrs = self.get('attrs');
if (attrs && typeof attrs.id !== 'undefined' && attrs.id) {
return attrs.id;
}