From 910fd3444545af717493f3f061cbef2c87d2a85b Mon Sep 17 00:00:00 2001 From: Jamie Rees Date: Mon, 26 Oct 2020 20:00:39 +0000 Subject: [PATCH] Generate a new security token per install Pt.1, Pt.2 = new Role System --- src/Ombi.Helpers/StartupSingleton.cs | 15 +++++++++ src/Ombi.Helpers/StoragePathSingleton.cs | 13 -------- .../Entities/ApplicationConfiguration.cs | 3 +- src/Ombi/Controllers/V1/SettingsController.cs | 2 +- src/Ombi/Extensions/DatabaseExtensions.cs | 2 +- src/Ombi/Extensions/StartupExtensions.cs | 2 +- src/Ombi/Program.cs | 31 ++++++++++++------- src/Ombi/Properties/launchSettings.json | 2 +- src/Ombi/Startup.cs | 4 +-- 9 files changed, 42 insertions(+), 32 deletions(-) create mode 100644 src/Ombi.Helpers/StartupSingleton.cs delete mode 100644 src/Ombi.Helpers/StoragePathSingleton.cs diff --git a/src/Ombi.Helpers/StartupSingleton.cs b/src/Ombi.Helpers/StartupSingleton.cs new file mode 100644 index 000000000..41fd1a9ab --- /dev/null +++ b/src/Ombi.Helpers/StartupSingleton.cs @@ -0,0 +1,15 @@ +namespace Ombi.Helpers +{ + public class StartupSingleton + { + private static StartupSingleton instance; + + private StartupSingleton() { } + + public static StartupSingleton Instance => instance ?? (instance = new StartupSingleton()); + + public string StoragePath { get; set; } + + public string SecurityKey { get; set; } + } +} \ No newline at end of file diff --git a/src/Ombi.Helpers/StoragePathSingleton.cs b/src/Ombi.Helpers/StoragePathSingleton.cs deleted file mode 100644 index c502c4a54..000000000 --- a/src/Ombi.Helpers/StoragePathSingleton.cs +++ /dev/null @@ -1,13 +0,0 @@ -namespace Ombi.Helpers -{ - public class StoragePathSingleton - { - private static StoragePathSingleton instance; - - private StoragePathSingleton() { } - - public static StoragePathSingleton Instance => instance ?? (instance = new StoragePathSingleton()); - - public string StoragePath { get; set; } - } -} \ No newline at end of file diff --git a/src/Ombi.Store/Entities/ApplicationConfiguration.cs b/src/Ombi.Store/Entities/ApplicationConfiguration.cs index 809264312..012a80345 100644 --- a/src/Ombi.Store/Entities/ApplicationConfiguration.cs +++ b/src/Ombi.Store/Entities/ApplicationConfiguration.cs @@ -17,6 +17,7 @@ namespace Ombi.Store.Entities TheMovieDb = 4, StoragePath = 5, Notification = 6, - BaseUrl=7, + BaseUrl = 7, + SecurityToken = 8 } } \ No newline at end of file diff --git a/src/Ombi/Controllers/V1/SettingsController.cs b/src/Ombi/Controllers/V1/SettingsController.cs index 32cafd904..8cef872f4 100644 --- a/src/Ombi/Controllers/V1/SettingsController.cs +++ b/src/Ombi/Controllers/V1/SettingsController.cs @@ -117,7 +117,7 @@ namespace Ombi.Controllers.V1 public AboutViewModel About() { var dbConfiguration = DatabaseExtensions.GetDatabaseConfiguration(); - var storage = StoragePathSingleton.Instance; + var storage = StartupSingleton.Instance; var model = new AboutViewModel { FrameworkDescription = RuntimeInformation.FrameworkDescription, diff --git a/src/Ombi/Extensions/DatabaseExtensions.cs b/src/Ombi/Extensions/DatabaseExtensions.cs index 979f1688b..4d82031ef 100644 --- a/src/Ombi/Extensions/DatabaseExtensions.cs +++ b/src/Ombi/Extensions/DatabaseExtensions.cs @@ -62,7 +62,7 @@ namespace Ombi.Extensions public static DatabaseConfiguration GetDatabaseConfiguration() { - var i = StoragePathSingleton.Instance; + var i = StartupSingleton.Instance; if (string.IsNullOrEmpty(i.StoragePath)) { i.StoragePath = string.Empty; diff --git a/src/Ombi/Extensions/StartupExtensions.cs b/src/Ombi/Extensions/StartupExtensions.cs index b9d6ed320..cc90155e7 100644 --- a/src/Ombi/Extensions/StartupExtensions.cs +++ b/src/Ombi/Extensions/StartupExtensions.cs @@ -83,7 +83,7 @@ namespace Ombi var tokenValidationParameters = new TokenValidationParameters { ValidateIssuerSigningKey = true, - IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenOptions.GetValue("SecretKey", string.Empty))), + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(StartupSingleton.Instance.SecurityKey)), RequireExpirationTime = true, ValidateLifetime = true, diff --git a/src/Ombi/Program.cs b/src/Ombi/Program.cs index 49ed32d85..30ed06f01 100644 --- a/src/Ombi/Program.cs +++ b/src/Ombi/Program.cs @@ -18,7 +18,7 @@ using Ombi.Store.Context.Sqlite; namespace Ombi { - public class Program + public static class Program { private static string UrlArgs { get; set; } @@ -50,13 +50,11 @@ namespace Ombi UrlArgs = host; var urlValue = string.Empty; - var instance = StoragePathSingleton.Instance; + var instance = StartupSingleton.Instance; var demoInstance = DemoSingleton.Instance; demoInstance.Demo = demo; instance.StoragePath = storagePath ?? string.Empty; - // Check if we need to migrate the settings - DeleteSchedules(); - //CheckAndMigrate(); + var services = new ServiceCollection(); services.ConfigureDatabases(null); @@ -67,6 +65,8 @@ namespace Ombi var config = settingsDb.ApplicationConfigurations.ToList(); var url = config.FirstOrDefault(x => x.Type == ConfigurationTypes.Url); var dbBaseUrl = config.FirstOrDefault(x => x.Type == ConfigurationTypes.BaseUrl); + var securityToken = config.FirstOrDefault(x => x.Type == ConfigurationTypes.SecurityToken); + CheckSecurityToken(securityToken, settingsDb, instance); if (url == null) { url = new ApplicationConfiguration @@ -136,18 +136,25 @@ namespace Ombi } } - private static void DeleteSchedules() + private static void CheckSecurityToken(ApplicationConfiguration securityToken, SettingsContext ctx, StartupSingleton instance) { - try + if (securityToken == null || string.IsNullOrEmpty(securityToken.Value)) { - if (File.Exists("Schedules.db")) + securityToken = new ApplicationConfiguration + { + Type = ConfigurationTypes.SecurityToken, + Value = Guid.NewGuid().ToString("N") + }; + + using (var tran = ctx.Database.BeginTransaction()) { - File.Delete("Schedules.db"); + ctx.ApplicationConfigurations.Add(securityToken); + ctx.SaveChanges(); + tran.Commit(); } } - catch (Exception) - { - } + + instance.SecurityKey = securityToken.Value; } public static IHostBuilder CreateHostBuilder(string[] args) => diff --git a/src/Ombi/Properties/launchSettings.json b/src/Ombi/Properties/launchSettings.json index b62c1fba9..ab355f92a 100644 --- a/src/Ombi/Properties/launchSettings.json +++ b/src/Ombi/Properties/launchSettings.json @@ -22,7 +22,7 @@ }, "Ombi": { "commandName": "Project", - "commandLineArgs": "--host http://localhost:3577 --baseurl /ombi", + "commandLineArgs": "--host http://localhost:3577 ", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development" }, diff --git a/src/Ombi/Startup.cs b/src/Ombi/Startup.cs index 29604520f..2df39a7bf 100644 --- a/src/Ombi/Startup.cs +++ b/src/Ombi/Startup.cs @@ -35,7 +35,7 @@ namespace Ombi { public class Startup { - public static StoragePathSingleton StoragePath => StoragePathSingleton.Instance; + public static StartupSingleton StoragePath => StartupSingleton.Instance; public Startup(IWebHostEnvironment env) { @@ -164,7 +164,7 @@ namespace Ombi var baseUrl = appConfig.Get(ConfigurationTypes.BaseUrl); if (baseUrl != null) { - if (baseUrl.Value.HasValue() && settings.BaseUrl != baseUrl.Value) + if (baseUrl.Value.HasValue()) { settings.BaseUrl = baseUrl.Value; ombiService.SaveSettings(settings);