Fix the boring case where the cookie secret doesnt exist yet

This commit is contained in:
Alexandre Aubin 2023-10-03 20:30:59 +02:00
parent a3d54635e0
commit 8d2acdd174
2 changed files with 19 additions and 5 deletions

View file

@ -105,7 +105,7 @@ function check_authentication()
-- cf. src/authenticators/ldap_ynhuser.py in YunoHost to see how the cookie is actually created
local cookie = ngx.var["cookie_" .. conf["cookie_name"]]
if cookie == nil then
if cookie == nil or cookie_secret == nil then
return false, nil, nil
end

View file

@ -16,6 +16,10 @@ local conf = {}
local conf_path = "/etc/ssowat/conf.json"
function file_can_be_opened_for_reading(name)
local f=io.open(name,"r")
if f~=nil then io.close(f) return true else return false end
end
function get_cookie_secret()
@ -24,11 +28,21 @@ function get_cookie_secret()
conf_file:close()
local cookie_secret_path = conf_["cookie_secret_file"] or "/etc/yunohost/.ssowat_cookie_secret"
local cookie_secret_file = assert(io.open(cookie_secret_path, "r"), "Cookie secret file is missing")
if file_can_be_opened_for_reading(cookie_secret_path) then
ngx.log(ngx.STDERR, "Cookie secret file doesn't exist (yet?) or can't be opened for reading. Authentication will be disabled for now.")
return nil
end
local cookie_secret_file = io.open(cookie_secret_path, "r")
if cookie_secret_file ~= nil then
local cookie_secret = cookie_secret_file:read("*all")
cookie_secret_file:close()
return cookie_secret
else
ngx.log(ngx.STDERR, "Cookie secret file doesn't exist (yet?) or can't be opened for reading. Authentication will be disabled for now.")
return nil
end
end
function compare_attributes(file_attributes1, file_attributes2)