Merge pull request #117 from keitaroinc/api-tokens-fix

api-tokens fix, two different tokens secrets were generated for encode and decode
2023-11-21 16:21:44 +01:00 · 2023-11-21 16:21:44 +01:00 · a918f98418
parent 94eb11c849 b86348ab06
commit a918f98418
1 changed files with 4 additions and 2 deletions
--- a/images/ckan/2.9/setup/app/start_ckan.sh
+++ b/images/ckan/2.9/setup/app/start_ckan.sh
@ -26,8 +26,10 @@ if grep -E "beaker.session.secret ?= ?$" $APP_DIR/production.ini
 then
    echo "Setting secrets in ini file"
    ckan config-tool $APP_DIR/production.ini "beaker.session.secret=$(python3 -c 'import secrets; print(secrets.token_urlsafe())')"
-    ckan config-tool $APP_DIR/production.ini "api_token.jwt.encode.secret=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')"
-    ckan config-tool $APP_DIR/production.ini "api_token.jwt.decode.secret=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')"
+    ckan config-tool $APP_DIR/production.ini "WTF_CSRF_SECRET_KEY=$(python3 -c 'import secrets; print(secrets.token_urlsafe())')"
+    JWT_SECRET=$(python3 -c 'import secrets; print("string:" + secrets.token_urlsafe())')
+    ckan config-tool $APP_DIR/production.ini "api_token.jwt.encode.secret=$JWT_SECRET"
+    ckan config-tool $APP_DIR/production.ini "api_token.jwt.decode.secret=$JWT_SECRET"
 fi

 # Run the prerun script to init CKAN and create the default admin user