Allow to define secret key & move the secret key file to parent directory (#358)

internal/web/server.go

@@ -167,10 +167,8 @@ type Server struct {
 func NewServer(isDev bool, sessionsPath string) *Server {
 	dev = isDev
 	flashStore = sessions.NewCookieStore([]byte("opengist"))
-	userStore = sessions.NewFilesystemStore(sessionsPath,
-		utils.GenerateSecretKey(path.Join(sessionsPath, "session-auth.key")),
-		utils.GenerateSecretKey(path.Join(sessionsPath, "session-encrypt.key")),
-	)
+	encryptKey, _ := utils.GenerateSecretKey(filepath.Join(sessionsPath, "session-encrypt.key"))
+	userStore = sessions.NewFilesystemStore(sessionsPath, config.SecretKey, encryptKey)
 	userStore.MaxLength(10 * 1024)
 	gothic.Store = userStore
 

internal/web/test/auth_test.go

@@ -12,12 +12,10 @@ import (
 )
 
 func TestRegister(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
-	err = s.request("GET", "/", nil, 302)
+	err := s.request("GET", "/", nil, 302)
 	require.NoError(t, err)
 
 	err = s.request("GET", "/register", nil, 200)
@@ -55,12 +53,10 @@ func TestRegister(t *testing.T) {
 }
 
 func TestLogin(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
-	err = s.request("GET", "/login", nil, 200)
+	err := s.request("GET", "/login", nil, 200)
 	require.NoError(t, err)
 
 	user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -101,15 +97,13 @@ type settingSet struct {
 }
 
 func TestAnonymous(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
 	user := db.UserDTO{Username: "thomas", Password: "azeaze"}
 	register(t, s, user)
 
-	err = s.request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
+	err := s.request("PUT", "/admin-panel/set-config", settingSet{"require-login", "1"}, 200)
 	require.NoError(t, err)
 
 	gist1 := db.GistDTO{
@@ -154,9 +148,7 @@ func TestAnonymous(t *testing.T) {
 }
 
 func TestGitOperations(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
 	admin := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -178,7 +170,7 @@ func TestGitOperations(t *testing.T) {
 			"yeah",
 		},
 	}
-	err = s.request("POST", "/", gist1, 302)
+	err := s.request("POST", "/", gist1, 302)
 	require.NoError(t, err)
 
 	gist2 := db.GistDTO{

internal/web/test/gist_test.go

@@ -9,12 +9,10 @@ import (
 )
 
 func TestGists(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
-	err = s.request("GET", "/", nil, 302)
+	err := s.request("GET", "/", nil, 302)
 	require.NoError(t, err)
 
 	user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -106,9 +104,7 @@ func TestGists(t *testing.T) {
 }
 
 func TestVisibility(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
 	user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -123,7 +119,7 @@ func TestVisibility(t *testing.T) {
 		Name:    []string{""},
 		Content: []string{"yeah"},
 	}
-	err = s.request("POST", "/", gist1, 302)
+	err := s.request("POST", "/", gist1, 302)
 	require.NoError(t, err)
 
 	gist1db, err := db.GetGistByID("1")
@@ -150,9 +146,7 @@ func TestVisibility(t *testing.T) {
 }
 
 func TestLikeFork(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
 	user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -167,7 +161,7 @@ func TestLikeFork(t *testing.T) {
 		Name:    []string{""},
 		Content: []string{"yeah"},
 	}
-	err = s.request("POST", "/", gist1, 302)
+	err := s.request("POST", "/", gist1, 302)
 	require.NoError(t, err)
 
 	s.sessionCookie = ""
@@ -211,9 +205,7 @@ func TestLikeFork(t *testing.T) {
 }
 
 func TestCustomUrl(t *testing.T) {
-	setup(t)
-	s, err := newTestServer()
-	require.NoError(t, err, "Failed to create test server")
+	s := setup(t)
 	defer teardown(t, s)
 
 	user1 := db.UserDTO{Username: "thomas", Password: "thomas"}
@@ -229,7 +221,7 @@ func TestCustomUrl(t *testing.T) {
 		Name:    []string{"gist1.txt", "gist2.txt", "gist3.txt"},
 		Content: []string{"yeah", "yeah\ncool", "yeah\ncool gist actually"},
 	}
-	err = s.request("POST", "/", gist1, 302)
+	err := s.request("POST", "/", gist1, 302)
 	require.NoError(t, err)
 
 	gist1db, err := db.GetGistByID("1")

internal/web/test/server.go

@@ -133,7 +133,7 @@ func structToURLValues(s interface{}) url.Values {
 	return v
 }
 
-func setup(t *testing.T) {
+func setup(t *testing.T) *testServer {
 	var databaseDsn string
 	databaseType = os.Getenv("OPENGIST_TEST_DB")
 	switch databaseType {
@@ -153,6 +153,8 @@ func setup(t *testing.T) {
 	err = os.MkdirAll(filepath.Join(config.GetHomeDir()), 0755)
 	require.NoError(t, err, "Could not create Opengist home directory")
 
+	config.SetupSecretKey()
+
 	git.ReposDirectory = path.Join("tests")
 
 	config.C.IndexEnabled = false
@@ -180,6 +182,11 @@ func setup(t *testing.T) {
 
 	// err = index.Open(filepath.Join(homePath, "testsindex", "opengist.index"))
 	// require.NoError(t, err, "Could not open index")
+
+	s, err := newTestServer()
+	require.NoError(t, err, "Failed to create test server")
+
+	return s
 }
 
 func teardown(t *testing.T, s *testServer) {