Security fix: API secret value changed to randomly generated 64-bit string at each startup.

2023-04-06 22:45:32 +08:00 · 2023-04-06 22:45:32 +08:00 · 0b14f39ce3
commit 0b14f39ce3
parent 9c06fa8d8c
1 changed files with 3 additions and 0 deletions
--- a/start.sh
+++ b/start.sh
@ -100,6 +100,9 @@ cat $Temp_Dir/proxy.txt >> $Temp_Dir/config.yaml
 Work_Dir=$(cd $(dirname $0); pwd)
 Dashboard_Dir="${Work_Dir}/dashboard/public"
 sed -ri "s@^# external-ui:.*@external-ui: ${Dashboard_Dir}@g" $Conf_Dir/config.yaml
+# 随机生成并更新 API Secret
+Secret=`openssl rand -hex 32`
+sed -r -i '/^secret: /s@(secret: ).*@\1'${Secret}'@g' $Conf_Dir/config.yaml
 # Get RESTful API Secret
 Secret=`grep '^secret: ' $Conf_Dir/config.yaml | grep -Po "(?<=secret: ').*(?=')"`