mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-01 05:36:19 +01:00
Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
This commit is contained in:
parent
e59fe7c8d9
commit
96c268c0fc
12 changed files with 215 additions and 67 deletions
83
cmd/generate.go
Normal file
83
cmd/generate.go
Normal file
|
@ -0,0 +1,83 @@
|
||||||
|
// Copyright 2016 The Gogs Authors. All rights reserved.
|
||||||
|
// Copyright 2016 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package cmd
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/modules/generate"
|
||||||
|
|
||||||
|
"github.com/urfave/cli"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// CmdGenerate represents the available generate sub-command.
|
||||||
|
CmdGenerate = cli.Command{
|
||||||
|
Name: "generate",
|
||||||
|
Usage: "Command line interface for running generators",
|
||||||
|
Subcommands: []cli.Command{
|
||||||
|
subcmdSecret,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
subcmdSecret = cli.Command{
|
||||||
|
Name: "secret",
|
||||||
|
Usage: "Generate a secret token",
|
||||||
|
Subcommands: []cli.Command{
|
||||||
|
microcmdGenerateInternalToken,
|
||||||
|
microcmdGenerateLfsJwtSecret,
|
||||||
|
microcmdGenerateSecretKey,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
microcmdGenerateInternalToken = cli.Command{
|
||||||
|
Name: "INTERNAL_TOKEN",
|
||||||
|
Usage: "Generate a new INTERNAL_TOKEN",
|
||||||
|
Action: runGenerateInternalToken,
|
||||||
|
}
|
||||||
|
|
||||||
|
microcmdGenerateLfsJwtSecret = cli.Command{
|
||||||
|
Name: "LFS_JWT_SECRET",
|
||||||
|
Usage: "Generate a new LFS_JWT_SECRET",
|
||||||
|
Action: runGenerateLfsJwtSecret,
|
||||||
|
}
|
||||||
|
|
||||||
|
microcmdGenerateSecretKey = cli.Command{
|
||||||
|
Name: "SECRET_KEY",
|
||||||
|
Usage: "Generate a new SECRET_KEY",
|
||||||
|
Action: runGenerateSecretKey,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
func runGenerateInternalToken(c *cli.Context) error {
|
||||||
|
internalToken, err := generate.NewInternalToken()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Printf("%s\n", internalToken)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func runGenerateLfsJwtSecret(c *cli.Context) error {
|
||||||
|
JWTSecretBase64, err := generate.NewLfsJwtSecret()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Printf("%s\n", JWTSecretBase64)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func runGenerateSecretKey(c *cli.Context) error {
|
||||||
|
secretKey, err := generate.NewSecretKey()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Printf("%s\n", secretKey)
|
||||||
|
return nil
|
||||||
|
}
|
1
main.go
1
main.go
|
@ -45,6 +45,7 @@ arguments - which can alternatively be run by running the subcommand web.`
|
||||||
cmd.CmdDump,
|
cmd.CmdDump,
|
||||||
cmd.CmdCert,
|
cmd.CmdCert,
|
||||||
cmd.CmdAdmin,
|
cmd.CmdAdmin,
|
||||||
|
cmd.CmdGenerate,
|
||||||
}
|
}
|
||||||
app.Flags = append(app.Flags, []cli.Flag{}...)
|
app.Flags = append(app.Flags, []cli.Flag{}...)
|
||||||
app.Action = cmd.CmdWeb.Action
|
app.Action = cmd.CmdWeb.Action
|
||||||
|
|
|
@ -20,7 +20,7 @@ import (
|
||||||
gouuid "github.com/satori/go.uuid"
|
gouuid "github.com/satori/go.uuid"
|
||||||
"gopkg.in/ini.v1"
|
"gopkg.in/ini.v1"
|
||||||
|
|
||||||
"code.gitea.io/gitea/modules/base"
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
)
|
)
|
||||||
|
@ -539,10 +539,10 @@ func generateOrgRandsAndSalt(x *xorm.Engine) (err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, org := range orgs {
|
for _, org := range orgs {
|
||||||
if org.Rands, err = base.GetRandomString(10); err != nil {
|
if org.Rands, err = generate.GetRandomString(10); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if org.Salt, err = base.GetRandomString(10); err != nil {
|
if org.Salt, err = generate.GetRandomString(10); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if _, err = sess.Id(org.ID).Update(org); err != nil {
|
if _, err = sess.Id(org.ID).Update(org); err != nil {
|
||||||
|
|
|
@ -16,7 +16,7 @@ import (
|
||||||
|
|
||||||
"github.com/pquerna/otp/totp"
|
"github.com/pquerna/otp/totp"
|
||||||
|
|
||||||
"code.gitea.io/gitea/modules/base"
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
)
|
)
|
||||||
|
@ -33,7 +33,7 @@ type TwoFactor struct {
|
||||||
|
|
||||||
// GenerateScratchToken recreates the scratch token the user is using.
|
// GenerateScratchToken recreates the scratch token the user is using.
|
||||||
func (t *TwoFactor) GenerateScratchToken() error {
|
func (t *TwoFactor) GenerateScratchToken() error {
|
||||||
token, err := base.GetRandomString(8)
|
token, err := generate.GetRandomString(8)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,6 +34,7 @@ import (
|
||||||
|
|
||||||
"code.gitea.io/gitea/modules/avatar"
|
"code.gitea.io/gitea/modules/avatar"
|
||||||
"code.gitea.io/gitea/modules/base"
|
"code.gitea.io/gitea/modules/base"
|
||||||
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
|
@ -638,7 +639,7 @@ func IsUserExist(uid int64, name string) (bool, error) {
|
||||||
|
|
||||||
// GetUserSalt returns a random user salt token.
|
// GetUserSalt returns a random user salt token.
|
||||||
func GetUserSalt() (string, error) {
|
func GetUserSalt() (string, error) {
|
||||||
return base.GetRandomString(10)
|
return generate.GetRandomString(10)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewGhostUser creates and returns a fake user for someone has deleted his/her account.
|
// NewGhostUser creates and returns a fake user for someone has deleted his/her account.
|
||||||
|
|
|
@ -14,7 +14,6 @@ import (
|
||||||
"html/template"
|
"html/template"
|
||||||
"io"
|
"io"
|
||||||
"math"
|
"math"
|
||||||
"math/big"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"path"
|
"path"
|
||||||
|
@ -88,25 +87,6 @@ func BasicAuthEncode(username, password string) string {
|
||||||
return base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
|
return base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRandomString generate random string by specify chars.
|
|
||||||
func GetRandomString(n int) (string, error) {
|
|
||||||
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
||||||
|
|
||||||
buffer := make([]byte, n)
|
|
||||||
max := big.NewInt(int64(len(alphanum)))
|
|
||||||
|
|
||||||
for i := 0; i < n; i++ {
|
|
||||||
index, err := randomInt(max)
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
buffer[i] = alphanum[index]
|
|
||||||
}
|
|
||||||
|
|
||||||
return string(buffer), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetRandomBytesAsBase64 generates a random base64 string from n bytes
|
// GetRandomBytesAsBase64 generates a random base64 string from n bytes
|
||||||
func GetRandomBytesAsBase64(n int) string {
|
func GetRandomBytesAsBase64(n int) string {
|
||||||
bytes := make([]byte, 32)
|
bytes := make([]byte, 32)
|
||||||
|
@ -119,15 +99,6 @@ func GetRandomBytesAsBase64(n int) string {
|
||||||
return base64.RawURLEncoding.EncodeToString(bytes)
|
return base64.RawURLEncoding.EncodeToString(bytes)
|
||||||
}
|
}
|
||||||
|
|
||||||
func randomInt(max *big.Int) (int, error) {
|
|
||||||
rand, err := rand.Int(rand.Reader, max)
|
|
||||||
if err != nil {
|
|
||||||
return 0, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return int(rand.Int64()), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// VerifyTimeLimitCode verify time limit code
|
// VerifyTimeLimitCode verify time limit code
|
||||||
func VerifyTimeLimitCode(data string, minutes int, code string) bool {
|
func VerifyTimeLimitCode(data string, minutes int, code string) bool {
|
||||||
if len(code) <= 18 {
|
if len(code) <= 18 {
|
||||||
|
|
|
@ -107,12 +107,6 @@ func TestBasicAuthEncode(t *testing.T) {
|
||||||
assert.Equal(t, "Zm9vOmJhcg==", BasicAuthEncode("foo", "bar"))
|
assert.Equal(t, "Zm9vOmJhcg==", BasicAuthEncode("foo", "bar"))
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestGetRandomString(t *testing.T) {
|
|
||||||
randomString, err := GetRandomString(4)
|
|
||||||
assert.NoError(t, err)
|
|
||||||
assert.Len(t, randomString, 4)
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO: Test PBKDF2()
|
// TODO: Test PBKDF2()
|
||||||
// TODO: Test VerifyTimeLimitCode()
|
// TODO: Test VerifyTimeLimitCode()
|
||||||
// TODO: Test CreateTimeLimitCode()
|
// TODO: Test CreateTimeLimitCode()
|
||||||
|
|
89
modules/generate/generate.go
Normal file
89
modules/generate/generate.go
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
// Copyright 2016 The Gogs Authors. All rights reserved.
|
||||||
|
// Copyright 2016 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package generate
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/rand"
|
||||||
|
"encoding/base64"
|
||||||
|
"io"
|
||||||
|
"math/big"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/dgrijalva/jwt-go"
|
||||||
|
)
|
||||||
|
|
||||||
|
// GetRandomString generate random string by specify chars.
|
||||||
|
func GetRandomString(n int) (string, error) {
|
||||||
|
const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
||||||
|
|
||||||
|
buffer := make([]byte, n)
|
||||||
|
max := big.NewInt(int64(len(alphanum)))
|
||||||
|
|
||||||
|
for i := 0; i < n; i++ {
|
||||||
|
index, err := randomInt(max)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
buffer[i] = alphanum[index]
|
||||||
|
}
|
||||||
|
|
||||||
|
return string(buffer), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewInternalToken generate a new value intended to be used by INTERNAL_TOKEN.
|
||||||
|
func NewInternalToken() (string, error) {
|
||||||
|
secretBytes := make([]byte, 32)
|
||||||
|
_, err := io.ReadFull(rand.Reader, secretBytes)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)
|
||||||
|
|
||||||
|
now := time.Now()
|
||||||
|
|
||||||
|
var internalToken string
|
||||||
|
internalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
||||||
|
"nbf": now.Unix(),
|
||||||
|
}).SignedString([]byte(secretKey))
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
return internalToken, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewLfsJwtSecret generate a new value intended to be used by LFS_JWT_SECRET.
|
||||||
|
func NewLfsJwtSecret() (string, error) {
|
||||||
|
JWTSecretBytes := make([]byte, 32)
|
||||||
|
_, err := io.ReadFull(rand.Reader, JWTSecretBytes)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
JWTSecretBase64 := base64.RawURLEncoding.EncodeToString(JWTSecretBytes)
|
||||||
|
return JWTSecretBase64, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewSecretKey generate a new value intended to be used by SECRET_KEY.
|
||||||
|
func NewSecretKey() (string, error) {
|
||||||
|
secretKey, err := GetRandomString(64)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
return secretKey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func randomInt(max *big.Int) (int, error) {
|
||||||
|
rand, err := rand.Int(rand.Reader, max)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return int(rand.Int64()), nil
|
||||||
|
}
|
20
modules/generate/generate_test.go
Normal file
20
modules/generate/generate_test.go
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
package generate
|
||||||
|
|
||||||
|
import (
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestMain(m *testing.M) {
|
||||||
|
retVal := m.Run()
|
||||||
|
|
||||||
|
os.Exit(retVal)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestGetRandomString(t *testing.T) {
|
||||||
|
randomString, err := GetRandomString(4)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Len(t, randomString, 4)
|
||||||
|
}
|
|
@ -6,10 +6,8 @@
|
||||||
package setting
|
package setting
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
|
||||||
"net"
|
"net"
|
||||||
"net/mail"
|
"net/mail"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
@ -24,12 +22,12 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"code.gitea.io/git"
|
"code.gitea.io/git"
|
||||||
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
_ "code.gitea.io/gitea/modules/minwinsvc" // import minwinsvc for windows services
|
_ "code.gitea.io/gitea/modules/minwinsvc" // import minwinsvc for windows services
|
||||||
"code.gitea.io/gitea/modules/user"
|
"code.gitea.io/gitea/modules/user"
|
||||||
|
|
||||||
"github.com/Unknwon/com"
|
"github.com/Unknwon/com"
|
||||||
"github.com/dgrijalva/jwt-go"
|
|
||||||
_ "github.com/go-macaron/cache/memcache" // memcache plugin for cache
|
_ "github.com/go-macaron/cache/memcache" // memcache plugin for cache
|
||||||
_ "github.com/go-macaron/cache/redis"
|
_ "github.com/go-macaron/cache/redis"
|
||||||
"github.com/go-macaron/session"
|
"github.com/go-macaron/session"
|
||||||
|
@ -834,16 +832,12 @@ func NewContext() {
|
||||||
n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64))
|
n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64))
|
||||||
|
|
||||||
if err != nil || n != 32 {
|
if err != nil || n != 32 {
|
||||||
//Generate new secret and save to config
|
LFS.JWTSecretBase64, err = generate.NewLfsJwtSecret()
|
||||||
|
|
||||||
_, err := io.ReadFull(rand.Reader, LFS.JWTSecretBytes)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(4, "Error reading random bytes: %v", err)
|
log.Fatal(4, "Error generating JWT Secret for custom config: %v", err)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
LFS.JWTSecretBase64 = base64.RawURLEncoding.EncodeToString(LFS.JWTSecretBytes)
|
|
||||||
|
|
||||||
// Save secret
|
// Save secret
|
||||||
cfg := ini.Empty()
|
cfg := ini.Empty()
|
||||||
if com.IsFile(CustomConf) {
|
if com.IsFile(CustomConf) {
|
||||||
|
@ -913,19 +907,7 @@ func NewContext() {
|
||||||
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
||||||
InternalToken = sec.Key("INTERNAL_TOKEN").String()
|
InternalToken = sec.Key("INTERNAL_TOKEN").String()
|
||||||
if len(InternalToken) == 0 {
|
if len(InternalToken) == 0 {
|
||||||
secretBytes := make([]byte, 32)
|
InternalToken, err = generate.NewInternalToken()
|
||||||
_, err := io.ReadFull(rand.Reader, secretBytes)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(4, "Error reading random bytes: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
secretKey := base64.RawURLEncoding.EncodeToString(secretBytes)
|
|
||||||
|
|
||||||
now := time.Now()
|
|
||||||
InternalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
|
||||||
"nbf": now.Unix(),
|
|
||||||
}).SignedString([]byte(secretKey))
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(4, "Error generate internal token: %v", err)
|
log.Fatal(4, "Error generate internal token: %v", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/auth"
|
"code.gitea.io/gitea/modules/auth"
|
||||||
"code.gitea.io/gitea/modules/base"
|
"code.gitea.io/gitea/modules/base"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/user"
|
"code.gitea.io/gitea/modules/user"
|
||||||
|
@ -275,7 +276,12 @@ func InstallPost(ctx *context.Context, form auth.InstallForm) {
|
||||||
if form.LFSRootPath != "" {
|
if form.LFSRootPath != "" {
|
||||||
cfg.Section("server").Key("LFS_START_SERVER").SetValue("true")
|
cfg.Section("server").Key("LFS_START_SERVER").SetValue("true")
|
||||||
cfg.Section("server").Key("LFS_CONTENT_PATH").SetValue(form.LFSRootPath)
|
cfg.Section("server").Key("LFS_CONTENT_PATH").SetValue(form.LFSRootPath)
|
||||||
cfg.Section("server").Key("LFS_JWT_SECRET").SetValue(base.GetRandomBytesAsBase64(32))
|
var secretKey string
|
||||||
|
if secretKey, err = generate.NewLfsJwtSecret(); err != nil {
|
||||||
|
ctx.RenderWithErr(ctx.Tr("install.lfs_jwt_secret_failed", err), tplInstall, &form)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
cfg.Section("server").Key("LFS_JWT_SECRET").SetValue(secretKey)
|
||||||
} else {
|
} else {
|
||||||
cfg.Section("server").Key("LFS_START_SERVER").SetValue("false")
|
cfg.Section("server").Key("LFS_START_SERVER").SetValue("false")
|
||||||
}
|
}
|
||||||
|
@ -315,7 +321,7 @@ func InstallPost(ctx *context.Context, form auth.InstallForm) {
|
||||||
|
|
||||||
cfg.Section("security").Key("INSTALL_LOCK").SetValue("true")
|
cfg.Section("security").Key("INSTALL_LOCK").SetValue("true")
|
||||||
var secretKey string
|
var secretKey string
|
||||||
if secretKey, err = base.GetRandomString(10); err != nil {
|
if secretKey, err = generate.NewSecretKey(); err != nil {
|
||||||
ctx.RenderWithErr(ctx.Tr("install.secret_key_failed", err), tplInstall, &form)
|
ctx.RenderWithErr(ctx.Tr("install.secret_key_failed", err), tplInstall, &form)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,6 +13,7 @@ import (
|
||||||
"code.gitea.io/gitea/modules/auth/openid"
|
"code.gitea.io/gitea/modules/auth/openid"
|
||||||
"code.gitea.io/gitea/modules/base"
|
"code.gitea.io/gitea/modules/base"
|
||||||
"code.gitea.io/gitea/modules/context"
|
"code.gitea.io/gitea/modules/context"
|
||||||
|
"code.gitea.io/gitea/modules/generate"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
|
||||||
|
@ -348,7 +349,7 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si
|
||||||
if len < 256 {
|
if len < 256 {
|
||||||
len = 256
|
len = 256
|
||||||
}
|
}
|
||||||
password, err := base.GetRandomString(len)
|
password, err := generate.GetRandomString(len)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.RenderWithErr(err.Error(), tplSignUpOID, form)
|
ctx.RenderWithErr(err.Error(), tplSignUpOID, form)
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in a new issue