Add hmacKey config field for video signing
This commit is contained in:
parent
a56f217074
commit
e91e7bcc1e
6 changed files with 18 additions and 9 deletions
|
@ -71,10 +71,10 @@ $ nimble scss
|
||||||
$ mkdir ./tmp
|
$ mkdir ./tmp
|
||||||
```
|
```
|
||||||
|
|
||||||
Set your hostname, port and page title in `nitter.conf`, then run Nitter by
|
Set your hostname, port, page title and HMAC key in `nitter.conf`, then run
|
||||||
executing `./nitter`. You should run Nitter behind a reverse proxy such as
|
Nitter by executing `./nitter`. You should run Nitter behind a reverse proxy
|
||||||
[Nginx](https://github.com/zedeus/nitter/wiki/Nginx) or Apache for better
|
such as [Nginx](https://github.com/zedeus/nitter/wiki/Nginx) or Apache for
|
||||||
security.
|
better security.
|
||||||
|
|
||||||
To build and run Nitter in Docker:
|
To build and run Nitter in Docker:
|
||||||
```bash
|
```bash
|
||||||
|
|
|
@ -12,3 +12,4 @@ profileMinutes = 10 # how long to cache profiles
|
||||||
|
|
||||||
[Config]
|
[Config]
|
||||||
defaultTheme = "Dark"
|
defaultTheme = "Dark"
|
||||||
|
hmacKey = "secretkey" # for signing video urls
|
||||||
|
|
|
@ -23,5 +23,6 @@ proc getConfig*(path: string): Config =
|
||||||
cacheDir: cfg.get("Cache", "directory", "/tmp/nitter"),
|
cacheDir: cfg.get("Cache", "directory", "/tmp/nitter"),
|
||||||
profileCacheTime: cfg.get("Cache", "profileMinutes", 10),
|
profileCacheTime: cfg.get("Cache", "profileMinutes", 10),
|
||||||
|
|
||||||
defaultTheme: cfg.get("Config", "defaultTheme", "Dark")
|
defaultTheme: cfg.get("Config", "defaultTheme", "Dark"),
|
||||||
|
hmacKey: cfg.get("Config", "hmacKey", "secretkey")
|
||||||
)
|
)
|
||||||
|
|
|
@ -11,6 +11,8 @@ import routes/[
|
||||||
const configPath {.strdefine.} = "./nitter.conf"
|
const configPath {.strdefine.} = "./nitter.conf"
|
||||||
let cfg = getConfig(configPath)
|
let cfg = getConfig(configPath)
|
||||||
|
|
||||||
|
setHmacKey(cfg.hmacKey)
|
||||||
|
|
||||||
createUnsupportedRouter(cfg)
|
createUnsupportedRouter(cfg)
|
||||||
createPrefRouter(cfg)
|
createPrefRouter(cfg)
|
||||||
createTimelineRouter(cfg)
|
createTimelineRouter(cfg)
|
||||||
|
|
|
@ -178,6 +178,7 @@ type
|
||||||
cacheDir*: string
|
cacheDir*: string
|
||||||
profileCacheTime*: int
|
profileCacheTime*: int
|
||||||
defaultTheme*: string
|
defaultTheme*: string
|
||||||
|
hmacKey*: string
|
||||||
|
|
||||||
proc contains*(thread: Chain; tweet: Tweet): bool =
|
proc contains*(thread: Chain; tweet: Tweet): bool =
|
||||||
thread.content.anyIt(it.id == tweet.id)
|
thread.content.anyIt(it.id == tweet.id)
|
||||||
|
|
|
@ -1,8 +1,11 @@
|
||||||
import strutils, strformat, sequtils, uri, tables
|
import strutils, strformat, sequtils, uri, tables
|
||||||
import nimcrypto, regex
|
import nimcrypto, regex
|
||||||
|
|
||||||
|
var hmacKey = "secretkey"
|
||||||
|
|
||||||
const
|
const
|
||||||
key = "supersecretkey"
|
badJpgExts = @["1500x500", "jpgn", "jpg:", "jpg_"]
|
||||||
|
badPngExts = @["pngn", "png:", "png_"]
|
||||||
twitterDomains = @[
|
twitterDomains = @[
|
||||||
"twitter.com",
|
"twitter.com",
|
||||||
"twimg.com",
|
"twimg.com",
|
||||||
|
@ -10,11 +13,12 @@ const
|
||||||
"pbs.twimg.com",
|
"pbs.twimg.com",
|
||||||
"video.twimg.com"
|
"video.twimg.com"
|
||||||
]
|
]
|
||||||
badJpgExts = @["1500x500", "jpgn", "jpg:", "jpg_"]
|
|
||||||
badPngExts = @["pngn", "png:", "png_"]
|
proc setHmacKey*(key: string) =
|
||||||
|
hmacKey = key
|
||||||
|
|
||||||
proc getHmac*(data: string): string =
|
proc getHmac*(data: string): string =
|
||||||
($hmac(sha256, key, data))[0 .. 12]
|
($hmac(sha256, hmacKey, data))[0 .. 12]
|
||||||
|
|
||||||
proc getVidUrl*(link: string): string =
|
proc getVidUrl*(link: string): string =
|
||||||
let
|
let
|
||||||
|
|
Loading…
Reference in a new issue