Browse Source

Caused API key to be generated dynamically for admin user. Fixes #60

pull/91/head
Jordan Wright 5 years ago
parent
commit
fc6d556742
2 changed files with 12 additions and 3 deletions
  1. +0
    -1
      auth/auth.go
  2. +12
    -2
      models/models.go

+ 0
- 1
auth/auth.go View File

@ -57,7 +57,6 @@ func Register(r *http.Request) (bool, error) {
fmt.Println(err)
return false, err
}
fmt.Println("Made it here!")
u = models.User{}
//If we've made it here, we should have a valid username given
//Let's create the password hash

+ 12
- 2
models/models.go View File

@ -1,12 +1,15 @@
package models
import (
"crypto/rand"
"errors"
"fmt"
"io"
"log"
"os"
"github.com/jinzhu/gorm"
"github.com/gophish/gophish/config"
"github.com/jinzhu/gorm"
_ "github.com/mattn/go-sqlite3" // Blank import needed to import sqlite3
)
@ -45,6 +48,13 @@ type Response struct {
Data interface{} `json:"data"`
}
// Copy of auth.GenerateSecureKey to prevent cyclic import with auth library
func generateSecureKey() string {
k := make([]byte, 32)
io.ReadFull(rand.Reader, k)
return fmt.Sprintf("%x", k)
}
// Setup initializes the Conn object
// It also populates the Gophish Config object
func Setup() error {
@ -77,8 +87,8 @@ func Setup() error {
initUser := User{
Username: "admin",
Hash: "$2a$10$IYkPp0.QsM81lYYPrQx6W.U6oQGw7wMpozrKhKAHUBVL4mkm/EvAS", //gophish
ApiKey: "12345678901234567890123456789012",
}
initUser.ApiKey = generateSecureKey()
err = db.Save(&initUser).Error
if err != nil {
Logger.Println(err)

Loading…
Cancel
Save