Encode secret

2024-09-22 03:20:09 +00:00 · 2024-07-16 15:58:20 -04:00 · 2024-07-16 15:58:20 -04:00 · c827d442ec
commit c827d442ec
parent 8e85c04558
3 changed files with 6 additions and 2 deletions
--- a/libretranslate/app.py
+++ b/libretranslate/app.py
@ -402,7 +402,7 @@ def create_app(args):
      response = Response(render_template("app.js.template",
            url_prefix=args.url_prefix,
            get_api_key_link=args.get_api_key_link,
-            api_secret=secret.get_current_secret() if args.require_api_key_secret else ""), content_type='application/javascript; charset=utf-8')
+            api_secret=secret.get_current_secret_b64() if args.require_api_key_secret else ""), content_type='application/javascript; charset=utf-8')

      if args.require_api_key_secret:
        response.headers['Last-Modified'] = http_date(datetime.now())
--- a/libretranslate/secret.py
+++ b/libretranslate/secret.py
@ -1,3 +1,4 @@
+import base64
 import random
 import string

@ -21,6 +22,9 @@ def secret_match(secret):
 def get_current_secret():
    return get_storage().get_str("secret_1")

+def get_current_secret_b64():
+    return base64.b64encode(get_current_secret().encode("utf-8")).decode("utf-8")
+
 def setup(args):
    if args.api_keys and args.require_api_key_secret:
        s = get_storage()
--- a/libretranslate/templates/app.js.template
+++ b/libretranslate/templates/app.js.template
@ -41,7 +41,7 @@ document.addEventListener('DOMContentLoaded', function(){
            filesTranslation: true,
            frontendTimeout: 500,

-            apiSecret: "{{ api_secret }}"
+            apiSecret: atob("{{ api_secret }}")
        },
        mounted: function() {
            const self = this;