1
###
2
secret_token.coffee -- Generate the "secret_token" file if it does not already
3
exist.  All connections to all local-to-the user services that
4
CoCalcs starts must be prefixed with this key.
5

6
CoCalc: Collaborative web-based SageMath, Jupyter, LaTeX and Terminals.
7
Copyright 2015, SageMath, Inc., GPL v3.
8
###
9

10
fs = require('fs')
11

12
async = require('async')
13
winston = require('winston')
14

15
common = require('./common')
16

17
# We use an n-character cryptographic random token, where n is given below.  If you
18
# want to change this, changing only the following line should be safe.
19
secret_token_length = 128
20

21
create_secret_token = (cb) ->
22
    winston.debug("create '#{common.secret_token_filename()}'")
23
    value = undefined
24
    async.series([
25
        (cb) ->
26
            require('crypto').randomBytes secret_token_length, (ex, data) ->
27
                value = data.toString('base64')
28
                fs.writeFile(common.secret_token_filename(), value, cb)
29
        (cb) ->
30
            # Ensure restrictive permissions on the secret token file, just in case.
31
            fs.chmod(common.secret_token_filename(), 0o600, cb)
32
    ], (err) ->
33
        if err
34
            cb(err)
35
        else
36
            cb(undefined, value)
37
    )
38

39
exports.init_secret_token = (cb) ->
40
    winston.debug("initializing secret token")
41
    fs.readFile common.secret_token_filename(), (err, data) ->
42
        if err
43
            create_secret_token(cb)
44
        else
45
            cb(undefined, data.toString())
46

47

48

49