mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
Removal of default API passwords (#2422)
GitOrigin-RevId: d831adcf2fb8bec8792dda624c255474480bb897
This commit is contained in:
parent
f42bb68e74
commit
b055612e3c
3 changed files with 19 additions and 3 deletions
|
@ -35,6 +35,11 @@ const port = Settings.port || Settings.internal.web.port || 3000
|
|||
const host = Settings.internal.web.host || 'localhost'
|
||||
if (!module.parent) {
|
||||
// Called directly
|
||||
|
||||
// We want to make sure that we provided a password through the environment.
|
||||
if (!process.env['WEB_API_USER'] || !process.env['WEB_API_PASSWORD']) {
|
||||
throw new Error('No API user and password provided')
|
||||
}
|
||||
Server.server.listen(port, host, function() {
|
||||
logger.info(`web starting up, listening on ${host}:${port}`)
|
||||
logger.info(`${require('http').globalAgent.maxSockets} sockets enabled`)
|
||||
|
|
|
@ -8,10 +8,11 @@ minutes = 60 * seconds
|
|||
|
||||
# These credentials are used for authenticating api requests
|
||||
# between services that may need to go over public channels
|
||||
httpAuthUser = process.env['WEB_API_USER'] or "sharelatex"
|
||||
httpAuthPass = process.env['WEB_API_PASSWORD'] or "password"
|
||||
httpAuthUser = process.env['WEB_API_USER']
|
||||
httpAuthPass = process.env['WEB_API_PASSWORD']
|
||||
httpAuthUsers = {}
|
||||
httpAuthUsers[httpAuthUser] = httpAuthPass
|
||||
if httpAuthUser and httpAuthPass
|
||||
httpAuthUsers[httpAuthUser] = httpAuthPass
|
||||
|
||||
sessionSecret = process.env['SESSION_SECRET'] or "secret-please-change"
|
||||
|
||||
|
|
|
@ -3,10 +3,20 @@ v1Api =
|
|||
user: 'overleaf'
|
||||
pass: 'password'
|
||||
|
||||
httpAuthUser = "sharelatex"
|
||||
httpAuthPass = "password"
|
||||
httpAuthUsers = {}
|
||||
httpAuthUsers[httpAuthUser] = httpAuthPass
|
||||
|
||||
module.exports =
|
||||
enableSubscriptions: true
|
||||
|
||||
httpAuthUsers: httpAuthUsers
|
||||
|
||||
apis:
|
||||
web:
|
||||
user: httpAuthUser
|
||||
pass: httpAuthPass
|
||||
v1:
|
||||
url: v1Api.url
|
||||
user: v1Api.user
|
||||
|
|
Loading…
Reference in a new issue