Encode secret

This commit is contained in:
Piero Toffanin 2024-07-16 15:58:20 -04:00
parent 8e85c04558
commit c827d442ec
3 changed files with 6 additions and 2 deletions

View file

@ -402,7 +402,7 @@ def create_app(args):
response = Response(render_template("app.js.template",
url_prefix=args.url_prefix,
get_api_key_link=args.get_api_key_link,
api_secret=secret.get_current_secret() if args.require_api_key_secret else ""), content_type='application/javascript; charset=utf-8')
api_secret=secret.get_current_secret_b64() if args.require_api_key_secret else ""), content_type='application/javascript; charset=utf-8')
if args.require_api_key_secret:
response.headers['Last-Modified'] = http_date(datetime.now())

View file

@ -1,3 +1,4 @@
import base64
import random
import string
@ -21,6 +22,9 @@ def secret_match(secret):
def get_current_secret():
return get_storage().get_str("secret_1")
def get_current_secret_b64():
return base64.b64encode(get_current_secret().encode("utf-8")).decode("utf-8")
def setup(args):
if args.api_keys and args.require_api_key_secret:
s = get_storage()

View file

@ -41,7 +41,7 @@ document.addEventListener('DOMContentLoaded', function(){
filesTranslation: true,
frontendTimeout: 500,
apiSecret: "{{ api_secret }}"
apiSecret: atob("{{ api_secret }}")
},
mounted: function() {
const self = this;