From 658a2d48f532c06771fcaabeece455423b38cb1d Mon Sep 17 00:00:00 2001 From: printempw Date: Mon, 2 Jan 2017 13:27:53 +0800 Subject: [PATCH] generate new APP_KEY automatically when setup --- .env.example | 18 ++-- app/Http/Controllers/SetupController.php | 106 +++++++++++++---------- 2 files changed, 71 insertions(+), 53 deletions(-) diff --git a/.env.example b/.env.example index 9d7d1d08..38134e54 100644 --- a/.env.example +++ b/.env.example @@ -4,7 +4,7 @@ ################################### # 啥?你看不懂洋文?请访问: -# https://github.com/printempw/blessing-skin-server/wiki/.env-%E5%AD%97%E6%AE%B5%E5%90%AB%E4%B9%89%E8%AF%A6%E8%A7%A3 +# https://github.com/printempw/blessing-skin-server/wiki/Introduction-of-fields-in-.env # Be sure to disable debug at production environment! APP_DEBUG = false @@ -25,20 +25,26 @@ DB_PASSWORD = secret # # Enable if you want to install multiple Blessing Skin Server into one database. # It should only contains characters, numbers and underscores. -DB_PREFIX = null +# +DB_PREFIX = null # Encrypt Method for Passwords. # # Available values: MD5, SALTED2MD5, (SALTED2)SHA256, (SALTED2)SHA512 -PWD_METHOD = SALTED2MD5 +# +PWD_METHOD = SALTED2MD5 # Salt # Change it to any random string to secure your passwords & tokens. -SALT = change-it+to*what)you^like +# +SALT = change-it+to*what)you^like -# App Key should be setted to any random, 32 character string, +# App Key should be setted to any random, **32 character** string, # otherwise all the encrypted strings will not be safe. -APP_KEY = NkccevHHNRoRBTdGZ4osmKnwdebrjCYw +# +# You can run [php artisan key:generate] to generate a new key. +# +APP_KEY=NkccevHHNRoRBTdGZ4osmKnwdebrjCYw # Mail Configurations # Leave MAIL_HOST empty to disable password resetting diff --git a/app/Http/Controllers/SetupController.php b/app/Http/Controllers/SetupController.php index c124c3f0..05984d0a 100644 --- a/app/Http/Controllers/SetupController.php +++ b/app/Http/Controllers/SetupController.php @@ -2,6 +2,7 @@ namespace App\Http\Controllers; +use Log; use Utils; use Schema; use Option; @@ -32,10 +33,68 @@ class SetupController extends Controller } else { $config = config('database.connections.mysql'); + // generate new APP_KEY + if (is_writable(app()->environmentFile())) { + Artisan::call('key:generate'); + Log::info("[SetupWizard] Application key set successfully.", ['key' => config('app.key')]); + } else { + Log::warning("[SetupWizard] Failed to set application key. No write permission."); + } + return view('setup.wizard.welcome')->with('server', "{$config['username']}@{$config['host']}"); } } + public function info() + { + if (self::checkTablesExist()) { + return view('setup.locked'); + } + + return view('setup.wizard.info'); + } + + public function finish(Request $request) + { + if (self::checkTablesExist()) { + return view('setup.locked'); + } + + $this->validate($request, [ + 'email' => 'required|email', + 'password' => 'required|min:6|max:16|confirmed', + 'site_name' => 'required' + ]); + + // create tables + Artisan::call('migrate', ['--force' => true]); + Log::info("[SetupWizard] Tables migrated."); + + Option::set('site_name', $request->input('site_name')); + Option::set('site_url', url('/')); + + // register super admin + $user = User::register( + $request->input('email'), + $request->input('password'), function ($user) + { + $user->ip = Utils::getClientIp(); + $user->score = option('user_initial_score'); + $user->register_at = Utils::getTimeFormatted(); + $user->last_sign_at = Utils::getTimeFormatted(time() - 86400); + $user->permission = User::SUPER_ADMIN; + }); + Log::info("[SetupWizard] Super Admin registered.", ['user' => $user]); + + $this->createDirectories(); + Log::info("[SetupWizard] Installation completed."); + + return view('setup.wizard.finish')->with([ + 'email' => $request->input('email'), + 'password' => $request->input('password') + ]); + } + public function update() { if (version_compare(config('app.version'), option('version', ''), '<=')) { @@ -90,53 +149,6 @@ class SetupController extends Controller return view('setup.updates.success', ['tips' => $tips]); } - public function info() - { - if (self::checkTablesExist()) { - return view('setup.locked'); - } - - return view('setup.wizard.info'); - } - - public function finish(Request $request) - { - if (self::checkTablesExist()) { - return view('setup.locked'); - } - - $this->validate($request, [ - 'email' => 'required|email', - 'password' => 'required|min:6|max:16|confirmed', - 'site_name' => 'required' - ]); - - // create tables - Artisan::call('migrate', ['--force' => true]); - - Option::set('site_name', $request->input('site_name')); - Option::set('site_url', url('/')); - - // register super admin - $user = User::register( - $request->input('email'), - $request->input('password'), function ($user) - { - $user->ip = Utils::getClientIp(); - $user->score = option('user_initial_score'); - $user->register_at = Utils::getTimeFormatted(); - $user->last_sign_at = Utils::getTimeFormatted(time() - 86400); - $user->permission = User::SUPER_ADMIN; - }); - - $this->createDirectories(); - - return view('setup.wizard.finish')->with([ - 'email' => $request->input('email'), - 'password' => $request->input('password') - ]); - } - /** * Check if the given tables exist in current database. *