From 4869f9c3c8418a624723f5ae5e63bf893a8f80c1 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 27 Oct 2022 11:17:47 +0800 Subject: [PATCH] Revert: auto generate INTERNAL_TOKEN (#21608) (#21609) Backport #21608 Follow #19663 Some users do cluster deployment, they still depend on this auto-generating behavior. --- modules/setting/setting.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index f93be2fbd16..9c4f4ced12a 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -22,6 +22,7 @@ import ( "time" "code.gitea.io/gitea/modules/container" + "code.gitea.io/gitea/modules/generate" "code.gitea.io/gitea/modules/json" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/user" @@ -962,6 +963,11 @@ func loadFromConf(allowEmpty bool, extraConfig string) { SuccessfulTokensCacheSize = sec.Key("SUCCESSFUL_TOKENS_CACHE_SIZE").MustInt(20) InternalToken = loadSecret(sec, "INTERNAL_TOKEN_URI", "INTERNAL_TOKEN") + if InstallLock && InternalToken == "" { + // if Gitea has been installed but the InternalToken hasn't been generated (upgrade from an old release), we should generate + // some users do cluster deployment, they still depend on this auto-generating behavior. + generateSaveInternalToken() + } cfgdata := sec.Key("PASSWORD_COMPLEXITY").Strings(",") if len(cfgdata) == 0 { @@ -1182,6 +1188,19 @@ func loadSecret(sec *ini.Section, uriKey, verbatimKey string) string { } } +// generateSaveInternalToken generates and saves the internal token to app.ini +func generateSaveInternalToken() { + token, err := generate.NewInternalToken() + if err != nil { + log.Fatal("Error generate internal token: %v", err) + } + + InternalToken = token + CreateOrAppendToCustomConf("security.INTERNAL_TOKEN", func(cfg *ini.File) { + cfg.Section("security").Key("INTERNAL_TOKEN").SetValue(token) + }) +} + // MakeAbsoluteAssetURL returns the absolute asset url prefix without a trailing slash func MakeAbsoluteAssetURL(appURL, staticURLPrefix string) string { parsedPrefix, err := url.Parse(strings.TrimSuffix(staticURLPrefix, "/"))