forked from github/plane
chore: configurations (#3059)
* fix: encrypt and decrypt function to check for None case. * fix: google and github oauth login check when one of them is not configured. * remove: NEXT_PUBLIC_ENABLE_OAUTH variable.
This commit is contained in:
parent
62e66acc37
commit
bf2c6e36ef
14
ENV_SETUP.md
14
ENV_SETUP.md
@ -49,24 +49,10 @@ NGINX_PORT=80
|
|||||||
|
|
||||||
|
|
||||||
```
|
```
|
||||||
# Enable/Disable OAUTH - default 0 for selfhosted instance
|
|
||||||
NEXT_PUBLIC_ENABLE_OAUTH=0
|
|
||||||
# Public boards deploy URL
|
# Public boards deploy URL
|
||||||
NEXT_PUBLIC_DEPLOY_URL="http://localhost/spaces"
|
NEXT_PUBLIC_DEPLOY_URL="http://localhost/spaces"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## {PROJECT_FOLDER}/spaces/.env.example
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
```
|
|
||||||
# Flag to toggle OAuth
|
|
||||||
NEXT_PUBLIC_ENABLE_OAUTH=0
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## {PROJECT_FOLDER}/apiserver/.env
|
## {PROJECT_FOLDER}/apiserver/.env
|
||||||
|
|
||||||
|
@ -182,9 +182,19 @@ class OauthEndpoint(BaseAPIView):
|
|||||||
)
|
)
|
||||||
|
|
||||||
if medium == "google":
|
if medium == "google":
|
||||||
|
if not GOOGLE_CLIENT_ID:
|
||||||
|
return Response(
|
||||||
|
{"error": "Google login is not configured"},
|
||||||
|
status=status.HTTP_400_BAD_REQUEST,
|
||||||
|
)
|
||||||
data = validate_google_token(id_token, client_id)
|
data = validate_google_token(id_token, client_id)
|
||||||
|
|
||||||
if medium == "github":
|
if medium == "github":
|
||||||
|
if not GITHUB_CLIENT_ID:
|
||||||
|
return Response(
|
||||||
|
{"error": "Github login is not configured"},
|
||||||
|
status=status.HTTP_400_BAD_REQUEST,
|
||||||
|
)
|
||||||
access_token = get_access_token(id_token, client_id)
|
access_token = get_access_token(id_token, client_id)
|
||||||
data = get_user_data(access_token)
|
data = get_user_data(access_token)
|
||||||
|
|
||||||
|
@ -9,14 +9,20 @@ def derive_key(secret_key):
|
|||||||
dk = hashlib.pbkdf2_hmac('sha256', secret_key.encode(), b'salt', 100000)
|
dk = hashlib.pbkdf2_hmac('sha256', secret_key.encode(), b'salt', 100000)
|
||||||
return base64.urlsafe_b64encode(dk)
|
return base64.urlsafe_b64encode(dk)
|
||||||
|
|
||||||
|
# Encrypt data
|
||||||
def encrypt_data(data):
|
def encrypt_data(data):
|
||||||
|
if data:
|
||||||
cipher_suite = Fernet(derive_key(settings.SECRET_KEY))
|
cipher_suite = Fernet(derive_key(settings.SECRET_KEY))
|
||||||
encrypted_data = cipher_suite.encrypt(data.encode())
|
encrypted_data = cipher_suite.encrypt(data.encode())
|
||||||
return encrypted_data.decode() # Convert bytes to string
|
return encrypted_data.decode() # Convert bytes to string
|
||||||
|
else:
|
||||||
|
return ""
|
||||||
|
|
||||||
|
# Decrypt data
|
||||||
def decrypt_data(encrypted_data):
|
def decrypt_data(encrypted_data):
|
||||||
|
if encrypted_data:
|
||||||
cipher_suite = Fernet(derive_key(settings.SECRET_KEY))
|
cipher_suite = Fernet(derive_key(settings.SECRET_KEY))
|
||||||
decrypted_data = cipher_suite.decrypt(encrypted_data.encode()) # Convert string back to bytes
|
decrypted_data = cipher_suite.decrypt(encrypted_data.encode()) # Convert string back to bytes
|
||||||
return decrypted_data.decode()
|
return decrypted_data.decode()
|
||||||
|
else:
|
||||||
|
return ""
|
@ -7,7 +7,6 @@ services:
|
|||||||
restart: always
|
restart: always
|
||||||
command: /usr/local/bin/start.sh web/server.js web
|
command: /usr/local/bin/start.sh web/server.js web
|
||||||
environment:
|
environment:
|
||||||
- NEXT_PUBLIC_ENABLE_OAUTH=${NEXT_PUBLIC_ENABLE_OAUTH:-0}
|
|
||||||
- NEXT_PUBLIC_DEPLOY_URL=$SERVICE_FQDN_SPACE_8082
|
- NEXT_PUBLIC_DEPLOY_URL=$SERVICE_FQDN_SPACE_8082
|
||||||
depends_on:
|
depends_on:
|
||||||
- api
|
- api
|
||||||
@ -21,7 +20,6 @@ services:
|
|||||||
command: /usr/local/bin/start.sh space/server.js space
|
command: /usr/local/bin/start.sh space/server.js space
|
||||||
environment:
|
environment:
|
||||||
- SERVICE_FQDN_SPACE_8082=/api
|
- SERVICE_FQDN_SPACE_8082=/api
|
||||||
- NEXT_PUBLIC_ENABLE_OAUTH=${NEXT_PUBLIC_ENABLE_OAUTH:-0}
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- api
|
- api
|
||||||
- worker
|
- worker
|
||||||
|
@ -6,7 +6,6 @@ x-app-env : &app-env
|
|||||||
- WEB_URL=${WEB_URL:-http://localhost}
|
- WEB_URL=${WEB_URL:-http://localhost}
|
||||||
- DEBUG=${DEBUG:-0}
|
- DEBUG=${DEBUG:-0}
|
||||||
- DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-plane.settings.production} # deprecated
|
- DJANGO_SETTINGS_MODULE=${DJANGO_SETTINGS_MODULE:-plane.settings.production} # deprecated
|
||||||
- NEXT_PUBLIC_ENABLE_OAUTH=${NEXT_PUBLIC_ENABLE_OAUTH:-0} # deprecated
|
|
||||||
- NEXT_PUBLIC_DEPLOY_URL=${NEXT_PUBLIC_DEPLOY_URL:-http://localhost/spaces} # deprecated
|
- NEXT_PUBLIC_DEPLOY_URL=${NEXT_PUBLIC_DEPLOY_URL:-http://localhost/spaces} # deprecated
|
||||||
- SENTRY_DSN=${SENTRY_DSN:-""}
|
- SENTRY_DSN=${SENTRY_DSN:-""}
|
||||||
- SENTRY_ENVIRONMENT=${SENTRY_ENVIRONMENT:-"production"}
|
- SENTRY_ENVIRONMENT=${SENTRY_ENVIRONMENT:-"production"}
|
||||||
|
@ -7,7 +7,6 @@ API_REPLICAS=1
|
|||||||
NGINX_PORT=80
|
NGINX_PORT=80
|
||||||
WEB_URL=http://localhost
|
WEB_URL=http://localhost
|
||||||
DEBUG=0
|
DEBUG=0
|
||||||
NEXT_PUBLIC_ENABLE_OAUTH=0
|
|
||||||
NEXT_PUBLIC_DEPLOY_URL=http://localhost/spaces
|
NEXT_PUBLIC_DEPLOY_URL=http://localhost/spaces
|
||||||
SENTRY_DSN=""
|
SENTRY_DSN=""
|
||||||
SENTRY_ENVIRONMENT="production"
|
SENTRY_ENVIRONMENT="production"
|
||||||
|
@ -1,2 +0,0 @@
|
|||||||
# Flag to toggle OAuth
|
|
||||||
NEXT_PUBLIC_ENABLE_OAUTH=0
|
|
@ -7,7 +7,6 @@
|
|||||||
"NEXT_PUBLIC_SENTRY_DSN",
|
"NEXT_PUBLIC_SENTRY_DSN",
|
||||||
"NEXT_PUBLIC_SENTRY_ENVIRONMENT",
|
"NEXT_PUBLIC_SENTRY_ENVIRONMENT",
|
||||||
"NEXT_PUBLIC_ENABLE_SENTRY",
|
"NEXT_PUBLIC_ENABLE_SENTRY",
|
||||||
"NEXT_PUBLIC_ENABLE_OAUTH",
|
|
||||||
"NEXT_PUBLIC_TRACK_EVENTS",
|
"NEXT_PUBLIC_TRACK_EVENTS",
|
||||||
"NEXT_PUBLIC_PLAUSIBLE_DOMAIN",
|
"NEXT_PUBLIC_PLAUSIBLE_DOMAIN",
|
||||||
"NEXT_PUBLIC_CRISP_ID",
|
"NEXT_PUBLIC_CRISP_ID",
|
||||||
|
@ -1,4 +1,2 @@
|
|||||||
# Enable/Disable OAUTH - default 0 for selfhosted instance
|
|
||||||
NEXT_PUBLIC_ENABLE_OAUTH=0
|
|
||||||
# Public boards deploy URL
|
# Public boards deploy URL
|
||||||
NEXT_PUBLIC_DEPLOY_URL="http://localhost/spaces"
|
NEXT_PUBLIC_DEPLOY_URL="http://localhost/spaces"
|
Loading…
Reference in New Issue
Block a user