chore(api): secret key encrypt + env variables

2023-05-14 10:25:06 -03:00 · 2023-05-14 10:25:06 -03:00 · df51eefe02
commit df51eefe02
parent 7fb3f09570
6 changed files with 31 additions and 3 deletions
--- a/backend/services/controller/.env
+++ b/backend/services/controller/.env
@ -0,0 +1 @@
+SECRET_API_KEY=""
--- a/backend/services/controller/.gitignore
+++ b/backend/services/controller/.gitignore
@ -0,0 +1 @@
+/.env.local
--- a/backend/services/controller/cmd/oktopus/main.go
+++ b/backend/services/controller/cmd/oktopus/main.go
@ -5,6 +5,7 @@ package main
 import (
 	"context"
 	"flag"
+	"github.com/joho/godotenv"
 	"github.com/leandrofars/oktopus/internal/api"
 	"github.com/leandrofars/oktopus/internal/db"
 	usp_msg "github.com/leandrofars/oktopus/internal/usp_message"
@ -23,6 +24,20 @@ const VERSION = "0.0.1"
 func main() {
 	done := make(chan os.Signal, 1)

+	err := godotenv.Load()
+
+	localEnv := ".env.local"
+	if _, err := os.Stat(localEnv); err == nil {
+		_ = godotenv.Overload(localEnv)
+		log.Println("Loaded variables from '.env.local'")
+	} else {
+		log.Println("Loaded variables from '.env'")
+	}
+
+	if err != nil {
+		log.Println("Error to load environment variables:", err)
+	}
+
 	// Locks app running until it receives a stop command as Ctrl+C.
 	signal.Notify(done, syscall.SIGINT, syscall.SIGTERM)

--- a/backend/services/controller/go.mod
+++ b/backend/services/controller/go.mod
@ -14,6 +14,7 @@ require (
 	github.com/golang/snappy v0.0.1 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect
+	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/klauspost/compress v1.13.6 // indirect
 	github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect
 	github.com/pkg/errors v0.9.1 // indirect
--- a/backend/services/controller/go.sum
+++ b/backend/services/controller/go.sum
@ -16,6 +16,8 @@ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
 github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
 github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
 github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
--- a/backend/services/controller/internal/api/auth/auth.go
+++ b/backend/services/controller/internal/api/auth/auth.go
@ -3,10 +3,17 @@ package auth
 import (
 	"errors"
 	"github.com/dgrijalva/jwt-go"
+	"os"
 	"time"
 )

-var jwtKey = []byte("supersecretkey")
+func getJwtKey() []byte {
+	jwtKey, ok := os.LookupEnv("SECRET_API_KEY")
+	if !ok || jwtKey == "" {
+		return []byte("supersecretkey")
+	}
+	return []byte(jwtKey)
+}

 type JWTClaim struct {
 	Username string `json:"username"`
@ -24,15 +31,16 @@ func GenerateJWT(email string, username string) (tokenString string, err error)
 		},
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	tokenString, err = token.SignedString(jwtKey)
+	tokenString, err = token.SignedString(getJwtKey())
 	return
 }
+
 func ValidateToken(signedToken string) (email string, err error) {
 	token, err := jwt.ParseWithClaims(
 		signedToken,
 		&JWTClaim{},
 		func(token *jwt.Token) (interface{}, error) {
-			return []byte(jwtKey), nil
+			return getJwtKey(), nil
 		},
 	)
 	if err != nil {