From 8a4efca14124549d1e710e3cf32f1b536fa5d5cb Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Sun, 19 Feb 2023 01:03:27 +1000
Subject: [PATCH] add generate key script

---
 .env.example            |  4 +++-
 scripts/generate_key.js | 12 +++++++++---
 scripts/package.json    | 14 ++++++++++++++
 startup.js              | 11 +++++++++++
 test/genkey.js          | 19 +++++++++++++++++++
 5 files changed, 56 insertions(+), 4 deletions(-)
 create mode 100644 scripts/package.json
 create mode 100644 test/genkey.js

diff --git a/.env.example b/.env.example
index 7469c4b..4d10f08 100644
--- a/.env.example
+++ b/.env.example
@@ -1,2 +1,4 @@
 APP_PORT=8000
-APP_DEBUG=true
\ No newline at end of file
+APP_DEBUG=true
+# a 256-bit base64 encryption key
+APP_KEY=TKe8lE2IdkgGBUrB4nxdq7mGMf8PK29xqOnGa3vU0PBmNXADJrVA5LKd8pg6g/YO5aFG/ESzUleo/9Hve3SAe4rvwLBejD/SKOmDR4gbaMv4PuiNi8S2sYL30aVyi1OeaSTyYsfjteumkFxFVwrsxhDCX94xvNEuTEfS4repfLo=
\ No newline at end of file
diff --git a/scripts/generate_key.js b/scripts/generate_key.js
index 70f56e5..c411632 100644
--- a/scripts/generate_key.js
+++ b/scripts/generate_key.js
@@ -2,18 +2,20 @@ const crypto = require('crypto');
 const path = require('path');
 const args = require('args-parser')(process.argv);
 const fs = require('fs');
+const base64 = require('js-base64');
 
 let key = crypto.randomBytes(256).toString('base64');
 let dotenv = path.resolve('.env');
 
 if (args['help']) {
-    console.log(path.basename(__filename) + ' [--key-only] [--env|-e] [--set-key] [--dry-run]');
+    console.log(path.basename(__filename) + ' [--key-only] [--env|-e] [--set-key] [--dry-run] [--stdout|-s]');
     console.log('\n' + 
         '  --help: Display this help\n' +
         '  --key-only: Generate key only and put it in stdout\n' + 
         '  --env -e: Specify an env file\n' +
         '  --set-key: Specify your key\n' +
-        '  --dry-run: Don\'t write anything, just do the thing'
+        '  --dry-run: Don\'t write anything, just do the thing\n' + 
+        '  --stdout -s: Don\'t write to file, write to stdout instead'
     )
 }
 
@@ -41,6 +43,10 @@ for (let i = 0; i != lines.length; i++) {
 
 const newfile = lines.join('\n');
 
+const w_stdout = args['stdout'] || args['s'];
+
 if (!args['dry-run']) {
-    fs.writeFileSync(dotenv, newfile);
+    if (w_stdout) console.log(newfile);
+    else
+        fs.writeFileSync(dotenv, newfile);
 }
\ No newline at end of file
diff --git a/scripts/package.json b/scripts/package.json
new file mode 100644
index 0000000..c43407b
--- /dev/null
+++ b/scripts/package.json
@@ -0,0 +1,14 @@
+{
+  "name": "scripts",
+  "version": "1.0.0",
+  "description": "",
+  "main": "generate_key.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "args-parser": "^1.3.0"
+  }
+}
diff --git a/startup.js b/startup.js
index 4fd6976..f2b6555 100644
--- a/startup.js
+++ b/startup.js
@@ -5,6 +5,8 @@ if (process.env.APP_DEBUG) {
 }
 
 const fs = require('fs');
+const {Base64} = require('js-base64');
+const crc32 = require('crc-32');
 
 const hrt = () => {
     let hr = process.hrtime();
@@ -22,6 +24,15 @@ async function startup() {
         path: dotpath
     });
 
+    if (!process.env.APP_KEY) {
+        throw new Error('APP_KEY is not set.')
+    }
+    process.env.APP_KEY = Base64.decode(process.env.APP_KEY);
+    if (process.env.APP_KEY.length !== 256) {
+        throw new Error('APP_KEY has to be a 256-byte base64 string.');
+    }
+    console.log('Using a key with CRC32: ' + crc32.bstr(process.env.APP_KEY.toString(16)));
+
     await require('./helpers').ViewLoader.preload();
     console.log('Views compiled in ' + (hrt() - t1) + ' ms');
 
diff --git a/test/genkey.js b/test/genkey.js
new file mode 100644
index 0000000..69cead2
--- /dev/null
+++ b/test/genkey.js
@@ -0,0 +1,19 @@
+const test = require('unit.js');
+const execSync = require('child_process').execSync;
+const fs = require('fs');
+const path = require('path');
+
+describe('TestS generate key script', () => {
+
+    it('Check if key is generated properly', () => {
+        const stdout = execSync('node ./scripts/generate_key.js --key-only').toString('utf-8');
+        const key = Buffer.from(stdout, 'base64');
+        test.number(key.length).is(256);
+    });
+    it('Check if file is edited properly', () => {
+        const stdout = execSync('node ./scripts/generate_key.js -s').toString('utf-8');
+        const file = fs.readFileSync(path.resolve('.env'));
+        test.string(stdout).isNot(file);
+    });
+
+});
\ No newline at end of file