Mercurial > prosody-modules

changeset 5150:2b6c543c4d3a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_unified_push: Fixes for paseto backend initialization Now generates and stores a random key automatically.
author Matthew Wild <mwild1@gmail.com>
date Sat, 14 Jan 2023 15:32:24 +0000
parents fa56ed2bacab
children 514c8a0e9aa1
files mod_unified_push/mod_unified_push.lua
diffstat 1 files changed, 10 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_unified_push/mod_unified_push.lua	Sat Jan 14 14:31:37 2023 +0000
+++ b/mod_unified_push/mod_unified_push.lua	Sat Jan 14 15:32:24 2023 +0000
@@ -69,6 +69,7 @@
 			return reg_id;
 		end;
 		verify = function (token)
+			if token == "_private" then return nil, "invalid-token"; end
 			local data = push_store:get(token);
 			if not data then
 				return nil, "item-not-found";
@@ -81,8 +82,15 @@
 	};
 };
 
-if pcall(require, "util.paseto") then
-	local sign, verify = require "util.paseto".init(unified_push_secret);
+if pcall(require, "util.paseto") and require "util.paseto".v3_local then
+	local paseto = require "util.paseto".v3_local;
+	local state = push_store:get("_private");
+	local key = state and state.paseto_v3_local_key;
+	if not key then
+		key = paseto.new_key();
+		push_store:set("_private", { paseto_v3_local_key = key });
+	end
+	local sign, verify = paseto.init(key);
 	backends.paseto = { sign = sign, verify = verify };
 end