feat(panettone): Configure a session secret

Load a SESSION_SECRET env var and set it as the hunchentoot session
secret if present, so that restarting panettone doesn't destroy all
sessions due to the secret getting regenerated.

Refs: #19
Change-Id: Ia2c633fa998e128ecece66e824df01c430da8235
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1866
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
This commit is contained in:
Griffin Smith 2020-08-28 17:42:00 -04:00 committed by glittershark
parent d8701f7e21
commit 1d9a2cac09

View file

@ -526,13 +526,17 @@
(defun start-panettone (&key port (defun start-panettone (&key port
(ldap-host "localhost") (ldap-host "localhost")
(ldap-port 389) (ldap-port 389)
postgres-params) postgres-params
session-secret)
(connect-ldap :host ldap-host (connect-ldap :host ldap-host
:port ldap-port) :port ldap-port)
(apply #'model:connect-postgres postgres-params) (apply #'model:connect-postgres postgres-params)
(migrate-db) (migrate-db)
(when session-secret
(setq hunchentoot:*session-secret* session-secret))
(setq *acceptor* (setq *acceptor*
(make-instance 'easy-routes:routes-acceptor :port port)) (make-instance 'easy-routes:routes-acceptor :port port))
(hunchentoot:start *acceptor*)) (hunchentoot:start *acceptor*))
@ -540,12 +544,16 @@
(defun main () (defun main ()
(let ((port (integer-env "PANETTONE_PORT" :default 6161)) (let ((port (integer-env "PANETTONE_PORT" :default 6161))
(ldap-port (integer-env "LDAP_PORT" :default 389)) (ldap-port (integer-env "LDAP_PORT" :default 389))
(cheddar-url (uiop:getenvp "CHEDDAR_URL"))) (cheddar-url (uiop:getenvp "CHEDDAR_URL"))
(session-secret (uiop:getenvp "SESSION_SECRET")))
(when cheddar-url (setq *cheddar-url* cheddar-url)) (when cheddar-url (setq *cheddar-url* cheddar-url))
(setq hunchentoot:*show-lisp-backtraces-p* nil) (setq hunchentoot:*show-lisp-backtraces-p* nil)
(setq hunchentoot:*log-lisp-backtraces-p* nil) (setq hunchentoot:*log-lisp-backtraces-p* nil)
(start-panettone :port port (start-panettone :port port
:ldap-port ldap-port) :ldap-port ldap-port
:session-secret session-secret)
(sb-thread:join-thread (sb-thread:join-thread
(find-if (lambda (th) (find-if (lambda (th)
(string= (sb-thread:thread-name th) (string= (sb-thread:thread-name th)
@ -555,5 +563,6 @@
(comment (comment
(setq hunchentoot:*catch-errors-p* nil) (setq hunchentoot:*catch-errors-p* nil)
(start-panettone :port 6161 (start-panettone :port 6161
:ldap-port 3899) :ldap-port 3899
:session-secret "session-secret")
) )