Browse Source

secret config, rm run script

Paul Liverman III 4 years ago
parent
commit
9cbbbd594f
4 changed files with 9 additions and 16 deletions
  1. 0
    1
      .gitignore
  2. 7
    0
      app.moon
  3. 2
    0
      config.moon
  4. 0
    15
      run

+ 0
- 1
.gitignore View File

@@ -1 +0,0 @@
1
-db/

+ 7
- 0
app.moon View File

@@ -6,6 +6,12 @@ import Users from require "models"
6 6
 import api, abort, assert_model from require "helpers"
7 7
 
8 8
 class extends lapis.Application
9
+  [console: "/console/#{config.secret}"]: =>
10
+    if Users\count! < 1 or @session.id == 1
11
+      return console.make(env: "all")(@)
12
+    else
13
+      return status: 401, "401 - Unauthorized"
14
+
9 15
   [authenticate: "/0/auth"]: api {
10 16
     POST: =>
11 17
       -- find user by name or id if specified
@@ -39,6 +45,7 @@ class extends lapis.Application
39 45
 
40 46
       return name: user.name, id: user.id
41 47
   }
48
+
42 49
   [name: "/0/:id[%d]"]: api {
43 50
     GET: =>
44 51
       if user = Users\find id: @params.id

+ 2
- 0
config.moon View File

@@ -1,6 +1,7 @@
1 1
 config = require "lapis.config"
2 2
 
3 3
 postgres_password = os.getenv "POSTGRES_PASSWORD"
4
+secret_value = os.getenv "SESSION_SECRET"
4 5
 
5 6
 config "development", ->
6 7
   postgres ->
@@ -10,5 +11,6 @@ config "development", ->
10 11
     password postgres_password
11 12
   num_workers 2
12 13
   code_cache "on"
14
+  secret secret_value or "insecure"
13 15
 
14 16
   digest_rounds 12

+ 0
- 15
run View File

@@ -1,15 +0,0 @@
1
-#!/usr/bin/env bash
2
-docker stop passwd0
3
-docker rm passwd0
4
-docker stop passwd-db
5
-docker rm passwd-db
6
-docker network create web
7
-docker network create passwd-db
8
-
9
-docker build -t passwd0 .
10
-docker run -d --restart always --name passwd-db --network passwd-db \
11
-  -v "$PWD/db":/var/lib/postgresql/data postgres:10.5-alpine
12
-sleep 5   # give Postgres time to start
13
-docker run -d --restart always --name passwd0 --network passwd-db \
14
-  passwd0:latest
15
-docker network connect web passwd0