feat: persist encrypted env
This commit is contained in:
Lakhan Samani
227
server/env/env.go
vendored
227
server/env/env.go
vendored
@@ -7,6 +7,7 @@ import (
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
"github.com/google/uuid"
|
||||
"github.com/joho/godotenv"
|
||||
)
|
||||
|
||||
@@ -20,163 +21,169 @@ var (
|
||||
|
||||
// InitEnv -> to initialize env and through error if required env are not present
|
||||
func InitEnv() {
|
||||
if constants.ENV_PATH == "" {
|
||||
constants.ENV_PATH = `.env`
|
||||
if constants.EnvData.ENV_PATH == "" {
|
||||
constants.EnvData.ENV_PATH = `.env`
|
||||
}
|
||||
|
||||
if ARG_ENV_FILE != nil && *ARG_ENV_FILE != "" {
|
||||
constants.ENV_PATH = *ARG_ENV_FILE
|
||||
constants.EnvData.ENV_PATH = *ARG_ENV_FILE
|
||||
}
|
||||
|
||||
err := godotenv.Load(constants.ENV_PATH)
|
||||
err := godotenv.Load(constants.EnvData.ENV_PATH)
|
||||
if err != nil {
|
||||
log.Printf("error loading %s file", constants.ENV_PATH)
|
||||
log.Printf("error loading %s file", constants.EnvData.ENV_PATH)
|
||||
}
|
||||
|
||||
if constants.ADMIN_SECRET == "" {
|
||||
constants.ADMIN_SECRET = os.Getenv("ADMIN_SECRET")
|
||||
if constants.ADMIN_SECRET == "" {
|
||||
panic("root admin secret is required")
|
||||
}
|
||||
if constants.EnvData.ADMIN_SECRET == "" {
|
||||
constants.EnvData.ADMIN_SECRET = os.Getenv("ADMIN_SECRET")
|
||||
}
|
||||
|
||||
if constants.ENV == "" {
|
||||
constants.ENV = os.Getenv("ENV")
|
||||
if constants.ENV == "" {
|
||||
constants.ENV = "production"
|
||||
}
|
||||
|
||||
if constants.ENV == "production" {
|
||||
constants.IS_PROD = true
|
||||
os.Setenv("GIN_MODE", "release")
|
||||
} else {
|
||||
constants.IS_PROD = false
|
||||
}
|
||||
}
|
||||
|
||||
if constants.DATABASE_TYPE == "" {
|
||||
constants.DATABASE_TYPE = os.Getenv("DATABASE_TYPE")
|
||||
log.Println(constants.DATABASE_TYPE)
|
||||
if constants.EnvData.DATABASE_TYPE == "" {
|
||||
constants.EnvData.DATABASE_TYPE = os.Getenv("DATABASE_TYPE")
|
||||
log.Println(constants.EnvData.DATABASE_TYPE)
|
||||
|
||||
if ARG_DB_TYPE != nil && *ARG_DB_TYPE != "" {
|
||||
constants.DATABASE_TYPE = *ARG_DB_TYPE
|
||||
constants.EnvData.DATABASE_TYPE = *ARG_DB_TYPE
|
||||
}
|
||||
|
||||
if constants.DATABASE_TYPE == "" {
|
||||
if constants.EnvData.DATABASE_TYPE == "" {
|
||||
panic("DATABASE_TYPE is required")
|
||||
}
|
||||
}
|
||||
|
||||
if constants.DATABASE_URL == "" {
|
||||
constants.DATABASE_URL = os.Getenv("DATABASE_URL")
|
||||
if constants.EnvData.DATABASE_URL == "" {
|
||||
constants.EnvData.DATABASE_URL = os.Getenv("DATABASE_URL")
|
||||
|
||||
if ARG_DB_URL != nil && *ARG_DB_URL != "" {
|
||||
constants.DATABASE_URL = *ARG_DB_URL
|
||||
constants.EnvData.DATABASE_URL = *ARG_DB_URL
|
||||
}
|
||||
|
||||
if constants.DATABASE_URL == "" {
|
||||
if constants.EnvData.DATABASE_URL == "" {
|
||||
panic("DATABASE_URL is required")
|
||||
}
|
||||
}
|
||||
|
||||
if constants.DATABASE_NAME == "" {
|
||||
constants.DATABASE_NAME = os.Getenv("DATABASE_NAME")
|
||||
if constants.DATABASE_NAME == "" {
|
||||
constants.DATABASE_NAME = "authorizer"
|
||||
if constants.EnvData.DATABASE_NAME == "" {
|
||||
constants.EnvData.DATABASE_NAME = os.Getenv("DATABASE_NAME")
|
||||
if constants.EnvData.DATABASE_NAME == "" {
|
||||
constants.EnvData.DATABASE_NAME = "authorizer"
|
||||
}
|
||||
}
|
||||
|
||||
if constants.SMTP_HOST == "" {
|
||||
constants.SMTP_HOST = os.Getenv("SMTP_HOST")
|
||||
}
|
||||
if constants.EnvData.ENV == "" {
|
||||
constants.EnvData.ENV = os.Getenv("ENV")
|
||||
if constants.EnvData.ENV == "" {
|
||||
constants.EnvData.ENV = "production"
|
||||
}
|
||||
|
||||
if constants.SMTP_PORT == "" {
|
||||
constants.SMTP_PORT = os.Getenv("SMTP_PORT")
|
||||
}
|
||||
|
||||
if constants.SENDER_EMAIL == "" {
|
||||
constants.SENDER_EMAIL = os.Getenv("SENDER_EMAIL")
|
||||
}
|
||||
|
||||
if constants.SENDER_PASSWORD == "" {
|
||||
constants.SENDER_PASSWORD = os.Getenv("SENDER_PASSWORD")
|
||||
}
|
||||
|
||||
if constants.JWT_SECRET == "" {
|
||||
constants.JWT_SECRET = os.Getenv("JWT_SECRET")
|
||||
}
|
||||
|
||||
if constants.JWT_TYPE == "" {
|
||||
constants.JWT_TYPE = os.Getenv("JWT_TYPE")
|
||||
}
|
||||
|
||||
if constants.JWT_ROLE_CLAIM == "" {
|
||||
constants.JWT_ROLE_CLAIM = os.Getenv("JWT_ROLE_CLAIM")
|
||||
|
||||
if constants.JWT_ROLE_CLAIM == "" {
|
||||
constants.JWT_ROLE_CLAIM = "role"
|
||||
if constants.EnvData.ENV == "production" {
|
||||
constants.EnvData.IS_PROD = true
|
||||
os.Setenv("GIN_MODE", "release")
|
||||
} else {
|
||||
constants.EnvData.IS_PROD = false
|
||||
}
|
||||
}
|
||||
|
||||
if constants.AUTHORIZER_URL == "" {
|
||||
constants.AUTHORIZER_URL = strings.TrimSuffix(os.Getenv("AUTHORIZER_URL"), "/")
|
||||
if constants.EnvData.SMTP_HOST == "" {
|
||||
constants.EnvData.SMTP_HOST = os.Getenv("SMTP_HOST")
|
||||
}
|
||||
|
||||
if constants.EnvData.SMTP_PORT == "" {
|
||||
constants.EnvData.SMTP_PORT = os.Getenv("SMTP_PORT")
|
||||
}
|
||||
|
||||
if constants.EnvData.SENDER_EMAIL == "" {
|
||||
constants.EnvData.SENDER_EMAIL = os.Getenv("SENDER_EMAIL")
|
||||
}
|
||||
|
||||
if constants.EnvData.SENDER_PASSWORD == "" {
|
||||
constants.EnvData.SENDER_PASSWORD = os.Getenv("SENDER_PASSWORD")
|
||||
}
|
||||
|
||||
if constants.EnvData.JWT_SECRET == "" {
|
||||
constants.EnvData.JWT_SECRET = os.Getenv("JWT_SECRET")
|
||||
if constants.EnvData.JWT_SECRET == "" {
|
||||
constants.EnvData.JWT_SECRET = uuid.New().String()
|
||||
}
|
||||
}
|
||||
|
||||
if constants.EnvData.JWT_TYPE == "" {
|
||||
constants.EnvData.JWT_TYPE = os.Getenv("JWT_TYPE")
|
||||
if constants.EnvData.JWT_TYPE == "" {
|
||||
constants.EnvData.JWT_TYPE = "HS256"
|
||||
}
|
||||
}
|
||||
|
||||
if constants.EnvData.JWT_ROLE_CLAIM == "" {
|
||||
constants.EnvData.JWT_ROLE_CLAIM = os.Getenv("JWT_ROLE_CLAIM")
|
||||
|
||||
if constants.EnvData.JWT_ROLE_CLAIM == "" {
|
||||
constants.EnvData.JWT_ROLE_CLAIM = "role"
|
||||
}
|
||||
}
|
||||
|
||||
if constants.EnvData.AUTHORIZER_URL == "" {
|
||||
constants.EnvData.AUTHORIZER_URL = strings.TrimSuffix(os.Getenv("AUTHORIZER_URL"), "/")
|
||||
|
||||
if ARG_AUTHORIZER_URL != nil && *ARG_AUTHORIZER_URL != "" {
|
||||
constants.AUTHORIZER_URL = *ARG_AUTHORIZER_URL
|
||||
constants.EnvData.AUTHORIZER_URL = *ARG_AUTHORIZER_URL
|
||||
}
|
||||
}
|
||||
|
||||
if constants.PORT == "" {
|
||||
constants.PORT = os.Getenv("PORT")
|
||||
if constants.PORT == "" {
|
||||
constants.PORT = "8080"
|
||||
if constants.EnvData.PORT == "" {
|
||||
constants.EnvData.PORT = os.Getenv("PORT")
|
||||
if constants.EnvData.PORT == "" {
|
||||
constants.EnvData.PORT = "8080"
|
||||
}
|
||||
}
|
||||
|
||||
if constants.REDIS_URL == "" {
|
||||
constants.REDIS_URL = os.Getenv("REDIS_URL")
|
||||
if constants.EnvData.REDIS_URL == "" {
|
||||
constants.EnvData.REDIS_URL = os.Getenv("REDIS_URL")
|
||||
}
|
||||
|
||||
if constants.COOKIE_NAME == "" {
|
||||
constants.COOKIE_NAME = os.Getenv("COOKIE_NAME")
|
||||
if constants.EnvData.COOKIE_NAME == "" {
|
||||
constants.EnvData.COOKIE_NAME = os.Getenv("COOKIE_NAME")
|
||||
if constants.EnvData.COOKIE_NAME == "" {
|
||||
constants.EnvData.COOKIE_NAME = "authorizer"
|
||||
}
|
||||
}
|
||||
|
||||
if constants.GOOGLE_CLIENT_ID == "" {
|
||||
constants.GOOGLE_CLIENT_ID = os.Getenv("GOOGLE_CLIENT_ID")
|
||||
if constants.EnvData.GOOGLE_CLIENT_ID == "" {
|
||||
constants.EnvData.GOOGLE_CLIENT_ID = os.Getenv("GOOGLE_CLIENT_ID")
|
||||
}
|
||||
|
||||
if constants.GOOGLE_CLIENT_SECRET == "" {
|
||||
constants.GOOGLE_CLIENT_SECRET = os.Getenv("GOOGLE_CLIENT_SECRET")
|
||||
if constants.EnvData.GOOGLE_CLIENT_SECRET == "" {
|
||||
constants.EnvData.GOOGLE_CLIENT_SECRET = os.Getenv("GOOGLE_CLIENT_SECRET")
|
||||
}
|
||||
|
||||
if constants.GITHUB_CLIENT_ID == "" {
|
||||
constants.GITHUB_CLIENT_ID = os.Getenv("GITHUB_CLIENT_ID")
|
||||
if constants.EnvData.GITHUB_CLIENT_ID == "" {
|
||||
constants.EnvData.GITHUB_CLIENT_ID = os.Getenv("GITHUB_CLIENT_ID")
|
||||
}
|
||||
|
||||
if constants.GITHUB_CLIENT_SECRET == "" {
|
||||
constants.GITHUB_CLIENT_SECRET = os.Getenv("GITHUB_CLIENT_SECRET")
|
||||
if constants.EnvData.GITHUB_CLIENT_SECRET == "" {
|
||||
constants.EnvData.GITHUB_CLIENT_SECRET = os.Getenv("GITHUB_CLIENT_SECRET")
|
||||
}
|
||||
|
||||
if constants.FACEBOOK_CLIENT_ID == "" {
|
||||
constants.FACEBOOK_CLIENT_ID = os.Getenv("FACEBOOK_CLIENT_ID")
|
||||
if constants.EnvData.FACEBOOK_CLIENT_ID == "" {
|
||||
constants.EnvData.FACEBOOK_CLIENT_ID = os.Getenv("FACEBOOK_CLIENT_ID")
|
||||
}
|
||||
|
||||
if constants.FACEBOOK_CLIENT_SECRET == "" {
|
||||
constants.FACEBOOK_CLIENT_SECRET = os.Getenv("FACEBOOK_CLIENT_SECRET")
|
||||
if constants.EnvData.FACEBOOK_CLIENT_SECRET == "" {
|
||||
constants.EnvData.FACEBOOK_CLIENT_SECRET = os.Getenv("FACEBOOK_CLIENT_SECRET")
|
||||
}
|
||||
|
||||
if constants.RESET_PASSWORD_URL == "" {
|
||||
constants.RESET_PASSWORD_URL = strings.TrimPrefix(os.Getenv("RESET_PASSWORD_URL"), "/")
|
||||
if constants.EnvData.RESET_PASSWORD_URL == "" {
|
||||
constants.EnvData.RESET_PASSWORD_URL = strings.TrimPrefix(os.Getenv("RESET_PASSWORD_URL"), "/")
|
||||
}
|
||||
|
||||
constants.DISABLE_BASIC_AUTHENTICATION = os.Getenv("DISABLE_BASIC_AUTHENTICATION") == "true"
|
||||
constants.DISABLE_EMAIL_VERIFICATION = os.Getenv("DISABLE_EMAIL_VERIFICATION") == "true"
|
||||
constants.DISABLE_MAGIC_LINK_LOGIN = os.Getenv("DISABLE_MAGIC_LINK_LOGIN") == "true"
|
||||
constants.DISABLE_LOGIN_PAGE = os.Getenv("DISABLE_LOGIN_PAGE") == "true"
|
||||
constants.EnvData.DISABLE_BASIC_AUTHENTICATION = os.Getenv("DISABLE_BASIC_AUTHENTICATION") == "true"
|
||||
constants.EnvData.DISABLE_EMAIL_VERIFICATION = os.Getenv("DISABLE_EMAIL_VERIFICATION") == "true"
|
||||
constants.EnvData.DISABLE_MAGIC_LINK_LOGIN = os.Getenv("DISABLE_MAGIC_LINK_LOGIN") == "true"
|
||||
constants.EnvData.DISABLE_LOGIN_PAGE = os.Getenv("DISABLE_LOGIN_PAGE") == "true"
|
||||
|
||||
if constants.SMTP_HOST == "" || constants.SENDER_EMAIL == "" || constants.SENDER_PASSWORD == "" {
|
||||
constants.DISABLE_EMAIL_VERIFICATION = true
|
||||
constants.DISABLE_MAGIC_LINK_LOGIN = true
|
||||
if constants.EnvData.SMTP_HOST == "" || constants.EnvData.SENDER_EMAIL == "" || constants.EnvData.SENDER_PASSWORD == "" {
|
||||
constants.EnvData.DISABLE_EMAIL_VERIFICATION = true
|
||||
constants.EnvData.DISABLE_MAGIC_LINK_LOGIN = true
|
||||
}
|
||||
|
||||
allowedOriginsSplit := strings.Split(os.Getenv("ALLOWED_ORIGINS"), ",")
|
||||
@@ -205,18 +212,10 @@ func InitEnv() {
|
||||
allowedOrigins = []string{"*"}
|
||||
}
|
||||
|
||||
constants.ALLOWED_ORIGINS = allowedOrigins
|
||||
constants.EnvData.ALLOWED_ORIGINS = allowedOrigins
|
||||
|
||||
if constants.JWT_TYPE == "" {
|
||||
constants.JWT_TYPE = "HS256"
|
||||
}
|
||||
|
||||
if constants.COOKIE_NAME == "" {
|
||||
constants.COOKIE_NAME = "authorizer"
|
||||
}
|
||||
|
||||
if constants.DISABLE_EMAIL_VERIFICATION {
|
||||
constants.DISABLE_MAGIC_LINK_LOGIN = true
|
||||
if constants.EnvData.DISABLE_EMAIL_VERIFICATION {
|
||||
constants.EnvData.DISABLE_MAGIC_LINK_LOGIN = true
|
||||
}
|
||||
|
||||
rolesEnv := strings.TrimSpace(os.Getenv("ROLES"))
|
||||
@@ -256,19 +255,19 @@ func InitEnv() {
|
||||
}
|
||||
}
|
||||
|
||||
if len(roles) > 0 && len(defaultRoles) == 0 && len(defaultRoleSplit) > 0 {
|
||||
if len(roles) > 0 && len(defaultRoles) == 0 && len(defaultRolesEnv) > 0 {
|
||||
panic(`Invalid DEFAULT_ROLE environment variable. It can be one from give ROLES environment variable value`)
|
||||
}
|
||||
|
||||
constants.ROLES = roles
|
||||
constants.DEFAULT_ROLES = defaultRoles
|
||||
constants.PROTECTED_ROLES = protectedRoles
|
||||
constants.EnvData.ROLES = roles
|
||||
constants.EnvData.DEFAULT_ROLES = defaultRoles
|
||||
constants.EnvData.PROTECTED_ROLES = protectedRoles
|
||||
|
||||
if os.Getenv("ORGANIZATION_NAME") != "" {
|
||||
constants.ORGANIZATION_NAME = os.Getenv("ORGANIZATION_NAME")
|
||||
constants.EnvData.ORGANIZATION_NAME = os.Getenv("ORGANIZATION_NAME")
|
||||
}
|
||||
|
||||
if os.Getenv("ORGANIZATION_LOGO") != "" {
|
||||
constants.ORGANIZATION_LOGO = os.Getenv("ORGANIZATION_LOGO")
|
||||
constants.EnvData.ORGANIZATION_LOGO = os.Getenv("ORGANIZATION_LOGO")
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user