snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2025-01-29 22:43:09 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Check for key length

Browse Source
This commit is contained in:
Louis Dureuil 2022-12-22 11:57:44 +01:00
parent 66e18eae79
commit 57e851d8a9
No known key found for this signature in database
1 changed files with 48 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
meilisearch/src/main.rs
View File

@ -8,7 +8,7 @@ use actix_web::HttpServer;
use index_scheduler::IndexScheduler; use index_scheduler::IndexScheduler;
use meilisearch::analytics::Analytics; use meilisearch::analytics::Analytics;
use meilisearch::{analytics, create_app, setup_meilisearch, Opt}; use meilisearch::{analytics, create_app, setup_meilisearch, Opt};
use meilisearch_auth::AuthController; use meilisearch_auth::{generate_master_key, AuthController, MASTER_KEY_MIN_SIZE};
#[global_allocator] #[global_allocator]
static ALLOC: mimalloc::MiMalloc = mimalloc::MiMalloc; static ALLOC: mimalloc::MiMalloc = mimalloc::MiMalloc;
@ -33,16 +33,32 @@ async fn main() -> anyhow::Result<()> {
setup(&opt)?; setup(&opt)?;
match opt.env.as_ref() {
"production" => { match (opt.env.as_ref(), &opt.master_key) {
if opt.master_key.is_none() { ("production", Some(master_key)) if master_key.len() < MASTER_KEY_MIN_SIZE => {
anyhow::bail!( anyhow::bail!(
"In production mode, the environment variable MEILI_MASTER_KEY is mandatory" "In production mode, the Master Key must be of at least {MASTER_KEY_MIN_SIZE} characters, but the provided key is only {} characters long
)
} We generated a secure Master Key for you (you can safely copy this token):
>> export MEILI_MASTER_KEY={} <<",
master_key.len(),
generate_master_key(),
)
} }
"development" => (), ("production", None) => {
_ => unreachable!(), anyhow::bail!(
"In production mode, the environment variable MEILI_MASTER_KEY is mandatory
We generated a secure Master Key for you (you can safely copy this token):
>> export MEILI_MASTER_KEY={} <<
",
generate_master_key()
)
}
// No error; continue
_ => (),
} }
let (index_scheduler, auth_controller) = setup_meilisearch(&opt)?; let (index_scheduler, auth_controller) = setup_meilisearch(&opt)?;
@ -151,11 +167,28 @@ Anonymous telemetry:\t\"Enabled\""
eprintln!(); eprintln!();
if opt.master_key.is_some() { match (opt.env.as_ref(), &opt.master_key) {
eprintln!("A Master Key has been set. Requests to Meilisearch won't be authorized unless you provide an authentication key."); ("production", Some(_)) => {
} else { eprintln!("A Master Key has been set. Requests to Meilisearch won't be authorized unless you provide an authentication key.");
eprintln!("No master key found; The server will accept unidentified requests. \ }
If you need some protection in development mode, please export a key: export MEILI_MASTER_KEY=xxx"); ("development", Some(master_key)) => {
eprintln!("A Master Key has been set. Requests to Meilisearch won't be authorized unless you provide an authentication key.");
if master_key.len() < MASTER_KEY_MIN_SIZE {
eprintln!();
log::warn!(
"The provided Master Key is too short (< {MASTER_KEY_MIN_SIZE} characters)"
);
eprintln!("A Master Key of at least {MASTER_KEY_MIN_SIZE} characters will be required when switching to the production environment.");
}
}
("development", None) => {
log::warn!("No master key found; The server will accept unidentified requests");
eprintln!("If you need some protection in development mode, please export a key:\n\nexport MEILI_MASTER_KEY={}", generate_master_key());
eprintln!("\nA Master Key of at least {MASTER_KEY_MIN_SIZE} characters will be required when switching to the production environment.");
}
// unreachable because Opt::try_build above would have failed already if any other value had been produced
_ => unreachable!(),
} }
eprintln!(); eprintln!();