Home Explore Help
Sign In
wiki
/
weseek__growi
mirror of https://github.com/weseek/growi
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #3733 from weseek/feat/GW-5947-add-token-salt-to-env

add token salt to env
Shun Miyazawa 5 years ago
parent
5564ea117f fca4ecfbee
commit
77442ecac0
2 changed files with 5 additions and 3 deletions
Split View Show Diff Stats
  1. 2 0
      config/env.dev.js
  2. 3 3
      src/server/models/slack-app-integration.js

+ 2 - 0
config/env.dev.js
View File 

@@ -24,4 +24,6 @@ module.exports = {
 
   // PROMSTER_ENABLED: true,
 
   // SLACK_SIGNING_SECRET: '',
 
   // SLACK_BOT_TOKEN: '',
 
+  SALT_FOR_GTOP_TOKEN: 'proxy',
 
+  SALT_FOR_PTOG_TOKEN: 'growi',
 
 };

+ 3 - 3
src/server/models/slack-app-integration.js
View File 

@@ -10,9 +10,9 @@ class SlackAppIntegration {
 
   static generateAccessToken() {
 
     const hasher1 = crypto.createHash('sha512');
 
     const hasher2 = crypto.createHash('sha512');
 
-    const tokenGtoP = hasher1.update(`${new Date().getTime().toString()}proxy`).digest('base64');
 
-    const tokenPtoG = hasher2.update(`${new Date().getTime().toString()}growi`).digest('base64');
 
-    return [tokenGtoP, tokenPtoG];
 
+    const tokenGtoP = hasher1.update(new Date().getTime().toString() + process.env.SALT_FOR_GTOP_TOKEN);
 
+    const tokenPtoG = hasher2.update(new Date().getTime().toString() + process.env.SALT_FOR_PTOG_TOKEN);
 
+    return [tokenGtoP.digest('base64'), tokenPtoG.digest('base64')];
 
   }
 
 
 }