Repository: couchdb Updated Branches: refs/heads/master 09b9a722f -> cfcb0c034
Setup dev cluster with common CSRF secret Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/cfcb0c03 Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/cfcb0c03 Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/cfcb0c03 Branch: refs/heads/master Commit: cfcb0c034427635a7d0153a32ec3d99d1216d08e Parents: 09b9a72 Author: Alexander Shorin <[email protected]> Authored: Mon Aug 3 21:12:23 2015 +0300 Committer: Alexander Shorin <[email protected]> Committed: Wed Aug 5 16:29:43 2015 +0300 ---------------------------------------------------------------------- dev/run | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/cfcb0c03/dev/run ---------------------------------------------------------------------- diff --git a/dev/run b/dev/run index 67334fe..ff952e0 100755 --- a/dev/run +++ b/dev/run @@ -30,6 +30,7 @@ import uuid from pbkdf2 import pbkdf2_hex COMMON_SALT = uuid.uuid4().hex +COMMON_CSRF_SECRET = uuid.uuid4().hex try: from urllib import urlopen @@ -218,9 +219,11 @@ def hack_local_ini(ctx, contents): previous_line = "; require_valid_user = false\n" contents = contents.replace(previous_line, previous_line + secret_line) + csrf_secret = '[couch_httpd_csrf]\nsecret = %s\n' % COMMON_CSRF_SECRET + if ctx['with_admin_party']: ctx['admin'] = ('Admin Party!', 'You do not need any password.') - return contents + return contents + csrf_secret # handle admin credentials passed from cli or generate own one if ctx['admin'] is None: @@ -228,7 +231,7 @@ def hack_local_ini(ctx, contents): else: user, pswd = ctx['admin'] - return contents + "\n%s = %s" % (user, hashify(pswd)) + return contents + "\n%s = %s" % (user, hashify(pswd)) + csrf_secret def gen_password():
