1
0
mirror of https://github.com/moparisthebest/SickRage synced 2025-01-07 03:48:02 -05:00

Generate a cookie instead of using an hardcoded one.

This commit is contained in:
Alexandre Beloin 2015-02-09 11:22:48 -05:00
parent c62d8f2c79
commit 3dc71dcfbc
3 changed files with 11 additions and 2 deletions

View File

@ -137,6 +137,7 @@ WEB_USERNAME = None
WEB_PASSWORD = None WEB_PASSWORD = None
WEB_HOST = None WEB_HOST = None
WEB_IPV6 = None WEB_IPV6 = None
WEB_COOKIE_SECRET = None
PLAY_VIDEOS = False PLAY_VIDEOS = False
@ -497,7 +498,7 @@ def get_backlog_cycle_time():
def initialize(consoleLogging=True): def initialize(consoleLogging=True):
with INIT_LOCK: with INIT_LOCK:
global BRANCH, GIT_RESET, GIT_REMOTE, GIT_REMOTE_URL, CUR_COMMIT_HASH, CUR_COMMIT_BRANCH, ACTUAL_LOG_DIR, LOG_DIR, LOG_NR, LOG_SIZE, WEB_PORT, WEB_LOG, ENCRYPTION_VERSION, WEB_ROOT, WEB_USERNAME, WEB_PASSWORD, WEB_HOST, WEB_IPV6, API_KEY, API_ROOT, ENABLE_HTTPS, HTTPS_CERT, HTTPS_KEY, \ global BRANCH, GIT_RESET, GIT_REMOTE, GIT_REMOTE_URL, CUR_COMMIT_HASH, CUR_COMMIT_BRANCH, ACTUAL_LOG_DIR, LOG_DIR, LOG_NR, LOG_SIZE, WEB_PORT, WEB_LOG, ENCRYPTION_VERSION, WEB_ROOT, WEB_USERNAME, WEB_PASSWORD, WEB_HOST, WEB_IPV6, WEB_COOKIE_SECRET, API_KEY, API_ROOT, ENABLE_HTTPS, HTTPS_CERT, HTTPS_KEY, \
HANDLE_REVERSE_PROXY, USE_NZBS, USE_TORRENTS, NZB_METHOD, NZB_DIR, DOWNLOAD_PROPERS, RANDOMIZE_PROVIDERS, CHECK_PROPERS_INTERVAL, ALLOW_HIGH_PRIORITY, TORRENT_METHOD, \ HANDLE_REVERSE_PROXY, USE_NZBS, USE_TORRENTS, NZB_METHOD, NZB_DIR, DOWNLOAD_PROPERS, RANDOMIZE_PROVIDERS, CHECK_PROPERS_INTERVAL, ALLOW_HIGH_PRIORITY, TORRENT_METHOD, \
SAB_USERNAME, SAB_PASSWORD, SAB_APIKEY, SAB_CATEGORY, SAB_CATEGORY_ANIME, SAB_HOST, \ SAB_USERNAME, SAB_PASSWORD, SAB_APIKEY, SAB_CATEGORY, SAB_CATEGORY_ANIME, SAB_HOST, \
NZBGET_USERNAME, NZBGET_PASSWORD, NZBGET_CATEGORY, NZBGET_CATEGORY_ANIME, NZBGET_PRIORITY, NZBGET_HOST, NZBGET_USE_HTTPS, backlogSearchScheduler, \ NZBGET_USERNAME, NZBGET_PASSWORD, NZBGET_CATEGORY, NZBGET_CATEGORY_ANIME, NZBGET_PRIORITY, NZBGET_HOST, NZBGET_USE_HTTPS, backlogSearchScheduler, \
@ -650,6 +651,9 @@ def initialize(consoleLogging=True):
ENCRYPTION_VERSION = check_setting_int(CFG, 'General', 'encryption_version', 0) ENCRYPTION_VERSION = check_setting_int(CFG, 'General', 'encryption_version', 0)
WEB_USERNAME = check_setting_str(CFG, 'General', 'web_username', '', censor_log=True) WEB_USERNAME = check_setting_str(CFG, 'General', 'web_username', '', censor_log=True)
WEB_PASSWORD = check_setting_str(CFG, 'General', 'web_password', '', censor_log=True) WEB_PASSWORD = check_setting_str(CFG, 'General', 'web_password', '', censor_log=True)
WEB_COOKIE_SECRET = check_setting_str(CFG, 'General', 'web_cookie_secret', helpers.generateCookieSecret(), censor_log=True)
if not WEB_COOKIE_SECRET:
WEB_COOKIE_SECRET = helpers.generateCookieSecret()
LAUNCH_BROWSER = bool(check_setting_int(CFG, 'General', 'launch_browser', 1)) LAUNCH_BROWSER = bool(check_setting_int(CFG, 'General', 'launch_browser', 1))
PLAY_VIDEOS = bool(check_setting_int(CFG, 'General', 'play_videos', 0)) PLAY_VIDEOS = bool(check_setting_int(CFG, 'General', 'play_videos', 0))
@ -1457,6 +1461,7 @@ def save_config():
new_config['General']['web_root'] = WEB_ROOT new_config['General']['web_root'] = WEB_ROOT
new_config['General']['web_username'] = WEB_USERNAME new_config['General']['web_username'] = WEB_USERNAME
new_config['General']['web_password'] = helpers.encrypt(WEB_PASSWORD, ENCRYPTION_VERSION) new_config['General']['web_password'] = helpers.encrypt(WEB_PASSWORD, ENCRYPTION_VERSION)
new_config['General']['web_cookie_secret'] = WEB_COOKIE_SECRET
new_config['General']['play_videos'] = int(PLAY_VIDEOS) new_config['General']['play_videos'] = int(PLAY_VIDEOS)
new_config['General']['download_url'] = DOWNLOAD_URL new_config['General']['download_url'] = DOWNLOAD_URL
new_config['General']['localhost_ip'] = LOCALHOST_IP new_config['General']['localhost_ip'] = LOCALHOST_IP

View File

@ -1336,3 +1336,7 @@ if __name__ == '__main__':
def remove_article(text=''): def remove_article(text=''):
return re.sub(r'(?i)^(?:(?:A(?!\s+to)n?)|The)\s(\w)', r'\1', text) return re.sub(r'(?i)^(?:(?:A(?!\s+to)n?)|The)\s(\w)', r'\1', text)
def generateCookieSecret():
return base64.b64encode(uuid.uuid4().bytes + uuid.uuid4().bytes)

View File

@ -71,7 +71,7 @@ class SRWebServer(threading.Thread):
autoreload=False, autoreload=False,
gzip=True, gzip=True,
xheaders=sickbeard.HANDLE_REVERSE_PROXY, xheaders=sickbeard.HANDLE_REVERSE_PROXY,
cookie_secret='61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=', cookie_secret=sickbeard.WEB_COOKIE_SECRET,
login_url='%s/login/' % self.options['web_root'], login_url='%s/login/' % self.options['web_root'],
) )