session secret fix
This commit is contained in:
parent
c1d44387b5
commit
ccf4392280
|
@ -1,3 +1,5 @@
|
|||
set $session_secret %ANTIBOT_SESSION_SECRET%;
|
||||
|
||||
access_by_lua_block {
|
||||
|
||||
local use_whitelist_ip = %USE_WHITELIST_IP%
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
server {
|
||||
include /server-confs/*.conf;
|
||||
set $session_secret %ANTIBOT_SESSION_SECRET%;
|
||||
include /etc/nginx/main-lua.conf;
|
||||
%LISTEN_HTTP%
|
||||
%USE_HTTPS%
|
||||
|
|
|
@ -156,6 +156,7 @@ SELF_SIGNED_SSL_CN="${SELF_SIGNED_SSL_CN-bunkerity-nginx}"
|
|||
ANTIBOT_URI="${ANTIBOT_URI-/challenge}"
|
||||
USE_ANTIBOT="${USE_ANTIBOT-cookie}"
|
||||
ANTIBOT_RECAPTCHA_SCORE="${ANTIBOT_RECAPTCHA_SCORE-0.7}"
|
||||
ANTIBOT_SESSION_SECRET="${ANTIBOT_SESSION_SECRET-random}"
|
||||
|
||||
# install additional modules if needed
|
||||
if [ "$ADDITIONAL_MODULES" != "" ] ; then
|
||||
|
@ -497,8 +498,12 @@ fi
|
|||
list=$(spaces_to_lua "$DNSBL_LIST")
|
||||
replace_in_file "/usr/local/lib/lua/dnsbl.lua" "%DNSBL_LIST%" "$list"
|
||||
|
||||
# antibot uri
|
||||
# antibot uri and session secret
|
||||
replace_in_file "/etc/nginx/main-lua.conf" "%ANTIBOT_URI%" "$ANTIBOT_URI"
|
||||
if [ "$ANTIBOT_SESSION_SECRET" = "random" ] ; then
|
||||
ANTIBOT_SESSION_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 32)
|
||||
fi
|
||||
replace_in_file "/etc/nginx/main-lua.conf" "%ANTIBOT_SESSION_SECRET%" "$ANTIBOT_SESSION_SECRET"
|
||||
|
||||
# antibot via cookie
|
||||
if [ "$USE_ANTIBOT" = "cookie" ] ; then
|
||||
|
|
|
@ -3,11 +3,10 @@ local M = {}
|
|||
local session = require "resty.session"
|
||||
|
||||
function M.session ()
|
||||
local s = session:open()
|
||||
if not s.started then
|
||||
s:start()
|
||||
if not ngx.ctx.session then
|
||||
ngx.ctx.session = session:start()
|
||||
end
|
||||
return s
|
||||
return ngx.ctx.session
|
||||
end
|
||||
|
||||
function M.is_set (key)
|
||||
|
|
Loading…
Reference in New Issue