groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-01-18 08:09:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Ensure the initial API key is long enough

Browse source
This commit is contained in:
Jan Böhmer 2025-09-23 20:32:58 +02:00
parent 4102086803
commit d314f15509
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/Migration/AbstractMultiPlatformMigration.php
View file

@ -34,8 +34,8 @@ use Psr\Log\LoggerInterface;
abstract class AbstractMultiPlatformMigration extends AbstractMigration
{
final public const ADMIN_PW_LENGTH = 10;
protected string $admin_pw = '';
protected string $admin_api_token = '';
protected ?string $admin_pw = null;
protected ?string $admin_api_token = null;
/** @noinspection SenselessProxyMethodInspection
* This method is required to redefine the logger type hint to protected
@ -97,7 +97,7 @@ abstract class AbstractMultiPlatformMigration extends AbstractMigration
*/
public function getInitalAdminPW(): string
{
if ($this->admin_pw === '') {
if ($this->admin_pw === null) {
if (!empty($_ENV['INITIAL_ADMIN_PW'])) {
$this->admin_pw = $_ENV['INITIAL_ADMIN_PW'];
} else {
@ -115,9 +115,14 @@ abstract class AbstractMultiPlatformMigration extends AbstractMigration
*/
public function getInitialAdminApiToken(): string
{
if ($this->admin_api_token === '') {
$apiKey = getenv('INITIAL_ADMIN_API_KEY');
if ($this->admin_api_token === null) {
$apiKey = $_ENV('INITIAL_ADMIN_API_KEY');
if (!empty($apiKey)) {
//Ensure the length of the API key is correct
if (strlen($apiKey) < 64) {
$this->abortIf(true, 'The provided INITIAL_ADMIN_API_KEY is too short! It must be at least 64 characters long! You can generate a valid key with "openssl rand -hex 32"');
}
// Use the provided API key directly (should be generated with openssl rand -hex 32)
$this->admin_api_token = $apiKey;
}