Document how to start the control panel from the command line and in debugging use a stable API key
This commit is contained in:
parent
f66e609d3f
commit
82229ce04b
|
@ -1,4 +1,11 @@
|
||||||
#!/usr/local/lib/mailinabox/env/bin/python3
|
#!/usr/local/lib/mailinabox/env/bin/python3
|
||||||
|
#
|
||||||
|
# During development, you can start the Mail-in-a-Box control panel
|
||||||
|
# by running this script, e.g.:
|
||||||
|
#
|
||||||
|
# service mailinabox stop # stop the system process
|
||||||
|
# DEBUG=1 management/daemon.py
|
||||||
|
# service mailinabox start # when done debugging, start it up again
|
||||||
|
|
||||||
import os, os.path, re, json, time
|
import os, os.path, re, json, time
|
||||||
import multiprocessing.pool, subprocess
|
import multiprocessing.pool, subprocess
|
||||||
|
@ -680,7 +687,22 @@ def log_failed_login(request):
|
||||||
# APP
|
# APP
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
if "DEBUG" in os.environ: app.debug = True
|
if "DEBUG" in os.environ:
|
||||||
|
# Turn on Flask debugging.
|
||||||
|
app.debug = True
|
||||||
|
|
||||||
|
# Use a stable-ish master API key so that login sessions don't restart on each run.
|
||||||
|
# Use /etc/machine-id to seed the key with a stable secret, but add something
|
||||||
|
# and hash it to prevent possibly exposing the machine id, using the time so that
|
||||||
|
# the key is not valid indefinitely.
|
||||||
|
import hashlib
|
||||||
|
with open("/etc/machine-id") as f:
|
||||||
|
api_key = f.read()
|
||||||
|
api_key += "|" + str(int(time.time() / (60*60*2)))
|
||||||
|
hasher = hashlib.sha1()
|
||||||
|
hasher.update(api_key.encode("ascii"))
|
||||||
|
auth_service.key = hasher.hexdigest()
|
||||||
|
|
||||||
if "APIKEY" in os.environ: auth_service.key = os.environ["APIKEY"]
|
if "APIKEY" in os.environ: auth_service.key = os.environ["APIKEY"]
|
||||||
|
|
||||||
if not app.debug:
|
if not app.debug:
|
||||||
|
|
Loading…
Reference in New Issue