You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by kx...@apache.org on 2015/09/28 16:49:33 UTC

[04/39] couchdb commit: updated refs/heads/developer-preview-2.0 to 3ac3db6

Setup dev cluster with common CSRF secret


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/cfcb0c03
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/cfcb0c03
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/cfcb0c03

Branch: refs/heads/developer-preview-2.0
Commit: cfcb0c034427635a7d0153a32ec3d99d1216d08e
Parents: 09b9a72
Author: Alexander Shorin <kx...@apache.org>
Authored: Mon Aug 3 21:12:23 2015 +0300
Committer: Alexander Shorin <kx...@apache.org>
Committed: Wed Aug 5 16:29:43 2015 +0300

----------------------------------------------------------------------
 dev/run | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/cfcb0c03/dev/run
----------------------------------------------------------------------
diff --git a/dev/run b/dev/run
index 67334fe..ff952e0 100755
--- a/dev/run
+++ b/dev/run
@@ -30,6 +30,7 @@ import uuid
 from pbkdf2 import pbkdf2_hex
 
 COMMON_SALT = uuid.uuid4().hex
+COMMON_CSRF_SECRET = uuid.uuid4().hex
 
 try:
     from urllib import urlopen
@@ -218,9 +219,11 @@ def hack_local_ini(ctx, contents):
     previous_line = "; require_valid_user = false\n"
     contents = contents.replace(previous_line, previous_line + secret_line)
 
+    csrf_secret = '[couch_httpd_csrf]\nsecret = %s\n' % COMMON_CSRF_SECRET
+
     if ctx['with_admin_party']:
         ctx['admin'] = ('Admin Party!', 'You do not need any password.')
-        return contents
+        return contents + csrf_secret
 
     # handle admin credentials passed from cli or generate own one
     if ctx['admin'] is None:
@@ -228,7 +231,7 @@ def hack_local_ini(ctx, contents):
     else:
         user, pswd = ctx['admin']
 
-    return contents + "\n%s = %s" % (user, hashify(pswd))
+    return contents + "\n%s = %s" % (user, hashify(pswd)) + csrf_secret
 
 
 def gen_password():