introduce smtp_key in order to use 2 different sendinblue keys

client_key is exposed to the client via gon, so if we use it for sending email too we are exposing a key so anybody could send an email.
The current client_key has a different level of right and can't send emails so it's ok to expose it.
This commit is contained in:
clemkeirua 2019-11-05 09:38:08 +01:00 committed by simon lehericey
parent 959aacdea5
commit 04c13190c3
5 changed files with 5 additions and 3 deletions

View file

@ -4,7 +4,7 @@ class DynamicSmtpSettingsInterceptor
if rand(0..99) < ENV['SENDINBLUE_BALANCING_VALUE'].to_i if rand(0..99) < ENV['SENDINBLUE_BALANCING_VALUE'].to_i
message.delivery_method.settings = { message.delivery_method.settings = {
user_name: ENV['SENDINBLUE_USER_NAME'], user_name: ENV['SENDINBLUE_USER_NAME'],
password: ENV['SENDINBLUE_CLIENT_KEY'], password: ENV['SENDINBLUE_SMTP_KEY'],
address: 'smtp-relay.sendinblue.com', address: 'smtp-relay.sendinblue.com',
domain: 'smtp-relay.sendinblue.com', domain: 'smtp-relay.sendinblue.com',
port: '587', port: '587',

View file

@ -50,6 +50,7 @@ SENDINBLUE_BALANCING=""
SENDINBLUE_BALANCING_VALUE="" SENDINBLUE_BALANCING_VALUE=""
SENDINBLUE_ENABLED="" SENDINBLUE_ENABLED=""
SENDINBLUE_CLIENT_KEY="" SENDINBLUE_CLIENT_KEY=""
SENDINBLUE_SMTP_KEY=""
SENDINBLUE_USER_NAME="" SENDINBLUE_USER_NAME=""

View file

@ -50,7 +50,7 @@ Rails.application.configure do
config.action_mailer.delivery_method = :smtp config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = { config.action_mailer.smtp_settings = {
user_name: Rails.application.secrets.sendinblue[:username], user_name: Rails.application.secrets.sendinblue[:username],
password: Rails.application.secrets.sendinblue[:client_key], password: Rails.application.secrets.sendinblue[:smtp_key],
address: 'smtp-relay.sendinblue.com', address: 'smtp-relay.sendinblue.com',
domain: 'smtp-relay.sendinblue.com', domain: 'smtp-relay.sendinblue.com',
port: '587', port: '587',

View file

@ -81,7 +81,7 @@ Rails.application.configure do
config.action_mailer.delivery_method = :smtp config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = { config.action_mailer.smtp_settings = {
user_name: Rails.application.secrets.sendinblue[:username], user_name: Rails.application.secrets.sendinblue[:username],
password: Rails.application.secrets.sendinblue[:client_key], password: Rails.application.secrets.sendinblue[:smtp_key],
address: 'smtp-relay.sendinblue.com', address: 'smtp-relay.sendinblue.com',
domain: 'smtp-relay.sendinblue.com', domain: 'smtp-relay.sendinblue.com',
port: '587', port: '587',

View file

@ -56,6 +56,7 @@ defaults: &defaults
enabled: <%= ENV['SENDINBLUE_ENABLED'] == 'enabled' %> enabled: <%= ENV['SENDINBLUE_ENABLED'] == 'enabled' %>
username: <%= ENV['SENDINBLUE_USER_NAME'] %> username: <%= ENV['SENDINBLUE_USER_NAME'] %>
client_key: <%= ENV['SENDINBLUE_CLIENT_KEY'] %> client_key: <%= ENV['SENDINBLUE_CLIENT_KEY'] %>
smtp_key: <%= ENV['SENDINBLUE_SMTP_KEY'] %>
api_v3_key: <%= ENV['SENDINBLUE_API_V3_KEY'] %> api_v3_key: <%= ENV['SENDINBLUE_API_V3_KEY'] %>
matomo: matomo:
enabled: <%= ENV['MATOMO_ENABLED'] == 'enabled' %> enabled: <%= ENV['MATOMO_ENABLED'] == 'enabled' %>