Add hmacKey config field for video signing
This commit is contained in:
parent
a56f217074
commit
e91e7bcc1e
6 changed files with 18 additions and 9 deletions
|
@ -71,10 +71,10 @@ $ nimble scss
|
|||
$ mkdir ./tmp
|
||||
```
|
||||
|
||||
Set your hostname, port and page title in `nitter.conf`, then run Nitter by
|
||||
executing `./nitter`. You should run Nitter behind a reverse proxy such as
|
||||
[Nginx](https://github.com/zedeus/nitter/wiki/Nginx) or Apache for better
|
||||
security.
|
||||
Set your hostname, port, page title and HMAC key in `nitter.conf`, then run
|
||||
Nitter by executing `./nitter`. You should run Nitter behind a reverse proxy
|
||||
such as [Nginx](https://github.com/zedeus/nitter/wiki/Nginx) or Apache for
|
||||
better security.
|
||||
|
||||
To build and run Nitter in Docker:
|
||||
```bash
|
||||
|
|
|
@ -12,3 +12,4 @@ profileMinutes = 10 # how long to cache profiles
|
|||
|
||||
[Config]
|
||||
defaultTheme = "Dark"
|
||||
hmacKey = "secretkey" # for signing video urls
|
||||
|
|
|
@ -23,5 +23,6 @@ proc getConfig*(path: string): Config =
|
|||
cacheDir: cfg.get("Cache", "directory", "/tmp/nitter"),
|
||||
profileCacheTime: cfg.get("Cache", "profileMinutes", 10),
|
||||
|
||||
defaultTheme: cfg.get("Config", "defaultTheme", "Dark")
|
||||
defaultTheme: cfg.get("Config", "defaultTheme", "Dark"),
|
||||
hmacKey: cfg.get("Config", "hmacKey", "secretkey")
|
||||
)
|
||||
|
|
|
@ -11,6 +11,8 @@ import routes/[
|
|||
const configPath {.strdefine.} = "./nitter.conf"
|
||||
let cfg = getConfig(configPath)
|
||||
|
||||
setHmacKey(cfg.hmacKey)
|
||||
|
||||
createUnsupportedRouter(cfg)
|
||||
createPrefRouter(cfg)
|
||||
createTimelineRouter(cfg)
|
||||
|
|
|
@ -178,6 +178,7 @@ type
|
|||
cacheDir*: string
|
||||
profileCacheTime*: int
|
||||
defaultTheme*: string
|
||||
hmacKey*: string
|
||||
|
||||
proc contains*(thread: Chain; tweet: Tweet): bool =
|
||||
thread.content.anyIt(it.id == tweet.id)
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
import strutils, strformat, sequtils, uri, tables
|
||||
import nimcrypto, regex
|
||||
|
||||
var hmacKey = "secretkey"
|
||||
|
||||
const
|
||||
key = "supersecretkey"
|
||||
badJpgExts = @["1500x500", "jpgn", "jpg:", "jpg_"]
|
||||
badPngExts = @["pngn", "png:", "png_"]
|
||||
twitterDomains = @[
|
||||
"twitter.com",
|
||||
"twimg.com",
|
||||
|
@ -10,11 +13,12 @@ const
|
|||
"pbs.twimg.com",
|
||||
"video.twimg.com"
|
||||
]
|
||||
badJpgExts = @["1500x500", "jpgn", "jpg:", "jpg_"]
|
||||
badPngExts = @["pngn", "png:", "png_"]
|
||||
|
||||
proc setHmacKey*(key: string) =
|
||||
hmacKey = key
|
||||
|
||||
proc getHmac*(data: string): string =
|
||||
($hmac(sha256, key, data))[0 .. 12]
|
||||
($hmac(sha256, hmacKey, data))[0 .. 12]
|
||||
|
||||
proc getVidUrl*(link: string): string =
|
||||
let
|
||||
|
|
Loading…
Reference in a new issue