Commit 5b121457 authored by Dominik Hebeler's avatar Dominik Hebeler
Browse files

Merge branch '1140-fix-ci-pipelines' into 'development'

Resolve "fix ci pipelines"

Closes #1140

See merge request !1888
parents 6a2a2cd5 a28a4c88
......@@ -42,5 +42,8 @@ PROJECT_NAME=MetaGer
BRANCH_NAME=Local
COMMIT_NAME=Testing
BROWSERSTACK_BROWSER=WINDOWS_10_FIREFOX
BROWSERSTACK_SEPARATE_SESSIONS=true
#PROXY_HOST=
#PROXY_PORT=
\ No newline at end of file
......@@ -19,7 +19,9 @@ npm-debug.log
/.buildpath
/.project
package-lock.json
local.log
browserstack.err
.npm
.composer
.phpunit.result.cache
......@@ -10,13 +10,16 @@ variables:
PERFORMANCE_DISABLED: "true"
SAST_DISABLED: "true"
TEST_DISABLED: "true"
AUTO_DEVOPS_BUILD_IMAGE_FORWARDED_CI_VARIABLES: "AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,S3_HOST,S3_BUCKETNAME"
include:
- template: Jobs/Build.gitlab-ci.yml
- template: Jobs/Deploy.gitlab-ci.yml
.auto-deploy:
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v2.12.0"
stages:
- prepare
- build
- deploy # dummy stage to follow the template guidelines
- review
......@@ -33,37 +36,9 @@ stages:
- integrationtest
- cleanup
.auto-deploy:
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v1.0.6"
build:
services:
prepare_node:
stage: prepare
image: node:10
variables:
npm_config_cache: "$CI_PROJECT_DIR/.npm"
before_script:
- npm install -g npm-cache
- npm-cache install --cacheDirectory "$CI_PROJECT_DIR/.npm-package-cache" npm
script:
- npm run prod
artifacts:
paths:
- public/js/
- public/css/
- public/mix-manifest.json
cache:
# Cache per Branch
key: "metager-${CI_JOB_NAME}"
paths:
- .npm
- .npm-package-cache
only:
- branches
- tags
review:
variables:
HELM_UPGRADE_VALUES_FILE: .gitlab/review-apps-values.yaml
......@@ -167,18 +142,28 @@ production:
integrationtest:
stage: integrationtest
image:
name: prooph/composer:7.3
name: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
entrypoint: ["/bin/sh"]
script:
# Install Dev Dependencies
- composer install
- cp .env.example .env
- echo "WEBDRIVER_USER=\"$WEBDRIVER_KEY\"" >> .env
- echo "WEBDRIVER_URL=\"$WEBDRIVER_URL\"" >> .env
- echo "WEBDRIVER_KEY=\"$WEBDRIVER_USER\"" >> .env
- php artisan key:generate
- echo "" >> .env
- echo "BROWSERSTACK_USERNAME=\"$BROWSERSTACK_USERNAME\"" >> .env
- echo "BROWSERSTACK_ACCESS_KEY=\"$BROWSERSTACK_ACCESS_KEY\"" >> .env
- echo "BROWSERSTACK_LOCAL_TUNNEL=\"$BROWSERSTACK_LOCAL_TUNNEL\"" >> .env
- URL=$(cat environment_url.txt | tr -d '\n')
- sed -i "s#^APP_URL=.*#APP_URL=$URL#g" .env
- sed -i "s#^BRANCH_NAME=.*#BRANCH_NAME=$CI_COMMIT_REF_NAME#g" .env
- sed -i "s#^COMMIT_NAME=.*#COMMIT_NAME=$CI_COMMIT_REF_SLUG#g" .env
- php artisan dusk
- mc alias set --path=on --api S3v4 packages $S3_HOST $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY
- if mc cp packages/$S3_BUCKETNAME/packages.tar /tmp/; then tar -xf /tmp/packages.tar; fi
- export COMPOSER_HOME=.composer
- composer install
- tar -cf /tmp/packages.tar .npm .composer
- mc cp /tmp/packages.tar packages/$S3_BUCKETNAME/
- rm /tmp/packages.tar
- rm -rf .npm .composer
- php artisan test --parallel --processes=5
except:
refs:
- master
......@@ -2,7 +2,7 @@ postgresql:
enabled: false
service:
externalPort: 80
internalPort: 80
internalPort: 8080
hpa:
enabled: true
minReplicas: 1
......@@ -27,6 +27,11 @@ resourcesFetcher:
cpu: 500m
memory: 100M
limits:
resourcesScheduler:
requests:
cpu: 100m
memory: 100M
limits:
resources:
requests:
cpu: 500m
......
......@@ -2,7 +2,7 @@ postgresql:
enabled: false
service:
externalPort: 80
internalPort: 80
internalPort: 8080
hpa:
enabled: true
minReplicas: 3
......@@ -39,6 +39,11 @@ resourcesFetcher:
cpu: 500m
memory: 100M
limits:
resourcesScheduler:
requests:
cpu: 100m
memory: 100M
limits:
resources:
requests:
cpu: 500m
......
......@@ -26,7 +26,7 @@ ingress:
service:
commonName: ""
externalPort: 80
internalPort: 80
internalPort: 8080
deploymentApiVersion: apps/v1
resourcesPhpfpm:
requests:
......@@ -40,3 +40,6 @@ resourcesRedis:
resourcesFetcher:
requests:
limits:
resourcesScheduler:
requests:
limits:
C:37:"PHPUnit\Runner\DefaultTestResultCache":1522:{a:2:{s:7:"defects";a:13:{s:44:"Tests\Browser\StaticPagesTest::testStartpage";i:4;s:46:"Tests\Browser\StaticPagesTest::testDatenschutz";i:4;s:40:"Tests\Browser\StaticPagesTest::testHilfe";i:4;s:42:"Tests\Browser\StaticPagesTest::testSpenden";i:4;s:38:"Tests\Browser\StaticPagesTest::testApp";i:4;s:42:"Tests\Browser\StaticPagesTest::testKontakt";i:4;s:39:"Tests\Browser\StaticPagesTest::testTeam";i:4;s:40:"Tests\Browser\StaticPagesTest::testAbout";i:4;s:42:"Tests\Browser\StaticPagesTest::testImpress";i:4;s:41:"Tests\Browser\StaticPagesTest::testPlugin";i:4;s:41:"Tests\Browser\StaticPagesTest::testWidget";i:4;s:50:"Tests\Browser\StaticPagesTest::testWebsearchWidget";i:4;s:51:"Tests\Browser\StaticPagesTest::testSitesearchWidget";i:4;}s:5:"times";a:13:{s:44:"Tests\Browser\StaticPagesTest::testStartpage";d:1.179;s:46:"Tests\Browser\StaticPagesTest::testDatenschutz";d:3.296;s:40:"Tests\Browser\StaticPagesTest::testHilfe";d:1.095;s:42:"Tests\Browser\StaticPagesTest::testSpenden";d:1.585;s:38:"Tests\Browser\StaticPagesTest::testApp";d:1.036;s:42:"Tests\Browser\StaticPagesTest::testKontakt";d:1.468;s:39:"Tests\Browser\StaticPagesTest::testTeam";d:1.155;s:40:"Tests\Browser\StaticPagesTest::testAbout";d:1.016;s:42:"Tests\Browser\StaticPagesTest::testImpress";d:1.105;s:41:"Tests\Browser\StaticPagesTest::testPlugin";d:1.171;s:41:"Tests\Browser\StaticPagesTest::testWidget";d:1.071;s:50:"Tests\Browser\StaticPagesTest::testWebsearchWidget";d:1.025;s:51:"Tests\Browser\StaticPagesTest::testSitesearchWidget";d:1.099;}}}
\ No newline at end of file
FROM debian:10
# syntax = docker/dockerfile:experimental
FROM debian:10 AS dependencies
EXPOSE 8080
# Install System Components
RUN apt update \
......@@ -11,10 +14,10 @@ RUN apt update \
curl \
zip
# Install PHP Components
RUN curl -o /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg \
&& echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list
# Install PHP Components
RUN apt update \
&& apt install -y \
php7.4 \
......@@ -30,11 +33,29 @@ RUN apt update \
php7.4-redis \
php7.4-gd \
php7.4-json \
php7.4-opcache
php7.4-opcache \
php7.4-xdebug
WORKDIR /html
# Install Composer
COPY ./helpers/installComposer.sh /usr/bin/installComposer
RUN chmod +x /usr/bin/installComposer && \
/usr/bin/installComposer && \
rm /usr/bin/installComposer
# Install Nodejs
COPY ./helpers/installNodejs.sh /usr/bin/installNodejs
RUN chmod +x /usr/bin/installNodejs && \
/usr/bin/installNodejs && \
rm /usr/bin/installNodejs
ENV PATH /usr/local/lib/nodejs/bin:$PATH
RUN mkdir -p /run/php && \
# Install Minio Client
RUN curl -o /usr/bin/mc "https://dl.min.io/client/mc/release/linux-amd64/mc" &&\
chmod +x /usr/bin/mc
FROM dependencies AS development
RUN sed -i 's/pid = \/run\/php\/php7.4-fpm.pid/;pid = \/run\/php\/php7.4-fpm.pid/g' /etc/php/7.4/fpm/php-fpm.conf && \
sed -i 's/error_log = \/var\/log\/php7.4-fpm.log/error_log = \/dev\/stderr/g' /etc/php/7.4/fpm/php-fpm.conf && \
sed -i 's/;daemonize = yes/daemonize = no/g' /etc/php/7.4/fpm/php-fpm.conf && \
sed -i 's/listen = \/run\/php\/php7.4-fpm.sock/listen = 9000/g' /etc/php/7.4/fpm/pool.d/www.conf && \
......@@ -47,40 +68,60 @@ RUN mkdir -p /run/php && \
sed -i 's/pm.min_spare_servers = 1/pm.min_spare_servers = 5/g' /etc/php/7.4/fpm/pool.d/www.conf && \
sed -i 's/pm.max_spare_servers = 3/pm.max_spare_servers = 50/g' /etc/php/7.4/fpm/pool.d/www.conf && \
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.4/fpm/php.ini && \
# Opcache configuration
echo "xdebug.mode = debug" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
echo "xdebug.start_with_request = yes" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
echo "xdebug.discover_client_host = true" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
echo "xdebug.idekey=VSCODE" >> /etc/php/7.4/fpm/conf.d/20-xdebug.ini && \
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 30M/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/post_max_size = 8M/post_max_size = 30M/g' /etc/php/7.4/fpm/php.ini && \
cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
echo "Europe/Berlin" > /etc/timezone
# (crontab -l ; echo "* * * * * php /html/artisan schedule:run >> /dev/null 2>&1") | crontab - # TODO: Fix crontab
# Using image as non-root
RUN groupadd -g 1000 metager && \
useradd -b /home/metager -g 1000 -u 1000 -M -s /bin/bash metager
RUN chown -R 1000:1000 /var/lib/nginx /var/log/nginx
RUN mkdir -p /home/metager &&\
chown 1000:1000 /home/metager
RUN touch /run/nginx.pid && \
chown 1000:1000 /run/nginx.pid
USER 1000:1000
WORKDIR /html
CMD /html/helpers/entrypointDev.sh
FROM development AS production
USER 0:0
# Opcache configuration
RUN apt purge -y php7.4-xdebug
RUN sed -i 's/expose_php = On/expose_php = Off/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=128/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=8/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=10000/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.validate_timestamps=1/opcache.validate_timestamps=1/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=300/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 30M/g' /etc/php/7.4/fpm/php.ini && \
sed -i 's/post_max_size = 8M/post_max_size = 30M/g' /etc/php/7.4/fpm/php.ini && \
cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
echo "Europe/Berlin" > /etc/timezone && \
(crontab -l ; echo "* * * * * php /html/artisan schedule:run >> /dev/null 2>&1") | crontab -
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=300/g' /etc/php/7.4/fpm/php.ini
COPY config/nginx.conf /etc/nginx/nginx.conf
COPY config/nginx-default.conf /etc/nginx/sites-available/default
RUN sed -i 's/fastcgi_pass phpfpm:9000;/fastcgi_pass localhost:9000;/g' /etc/nginx/sites-available/default
COPY --chown=root:www-data . /html
COPY ./helpers/installComposer.sh /usr/bin/installComposer
RUN chmod +x /usr/bin/installComposer && \
/usr/bin/installComposer && \
rm /usr/bin/installComposer && \
composer install --no-dev
COPY --chown=1000:1000 . /html
WORKDIR /html
EXPOSE 80
CMD cp /root/.env .env && \
sed -i 's/^REDIS_PASSWORD=.*/REDIS_PASSWORD=null/g' .env && \
if [ "$GITLAB_ENVIRONMENT_NAME" = "production" ]; then sed -i 's/^APP_ENV=.*/APP_ENV=production/g' .env; else sed -i 's/^APP_ENV=.*/APP_ENV=development/g' .env; fi && \
cp database/useragents.sqlite.example database/useragents.sqlite && \
chown -R root:www-data storage/logs/metager bootstrap/cache && \
chmod -R g+w storage/logs/metager bootstrap/cache && \
cron -L /dev/stdout && \
php artisan spam:load && \
php-fpm7.4
RUN chmod +x /html/helpers/*.sh
# Install packages
RUN --mount=type=secret,id=auto-devops-build-secrets . /run/secrets/auto-devops-build-secrets && \
chmod +x ./helpers/installPackages.sh && \
/bin/sh -c ./helpers/installPackages.sh
USER 1000:1000
CMD /html/helpers/entrypointProduction.sh
#CMD cp /root/.env .env && \
# cron -L /dev/stdout && \
......@@ -48,9 +48,9 @@ class AppendLogs extends Command
{
$redis = null;
if (env("REDIS_CACHE_DRIVER", "redis") === "redis") {
if (config("database.redis.cache.driver", "redis") === "redis") {
$redis = Redis::connection('cache');
} elseif (env("REDIS_CACHE_DRIVER", "redis") === "redis-sentinel") {
} elseif (config("database.redis.cache.driver", "redis") === "redis-sentinel") {
$redis = RedisSentinel::connection('cache');
}
if ($redis === null) {
......
<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Redis;
use Carbon;
class Heartbeat extends Command
{
const REDIS_KEY = "heartbeat";
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'heartbeat';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Stores in local Redis when it last ran. Provides a heartbeat for liveness probes to check whether scheduler is running or not.';
/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}
/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
try{
$now = Carbon::now();
Redis::set(self::REDIS_KEY, $now->format('Y-m-d H:i:s'));
} catch (\Exception $e){
echo $e->getTraceAsString();
return 1;
}
return 0;
}
}
......@@ -6,9 +6,13 @@ use Cache;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Redis;
use Log;
use Carbon;
class RequestFetcher extends Command
{
const HEALTHCHECK_KEY = "fetcher_healthcheck";
const HEALTHCHECK_FORMAT = "Y-m-d H:i:s";
/**
* The name and signature of the console command.
*
......@@ -38,10 +42,10 @@ class RequestFetcher extends Command
{
parent::__construct();
$this->multicurl = curl_multi_init();
$this->proxyhost = env("PROXY_HOST", "");
$this->proxyport = env("PROXY_PORT", "");
$this->proxyuser = env("PROXY_USER", "");
$this->proxypassword = env("PROXY_PASSWORD", "");
$this->proxyhost = config("metager.metager.fetcher.proxy.host");
$this->proxyport = config("metager.metager.fetcher.proxy.port");
$this->proxyuser = config("metager.metager.fetcher.proxy.user");
$this->proxypassword = config("metager.metager.fetcher.proxy.password");
}
/**
......@@ -51,7 +55,6 @@ class RequestFetcher extends Command
*/
public function handle()
{
$pidFile = "/tmp/fetcher";
pcntl_signal(SIGINT, [$this, "sig_handler"]);
pcntl_signal(SIGTERM, [$this, "sig_handler"]);
pcntl_signal(SIGHUP, [$this, "sig_handler"]);
......@@ -70,14 +73,9 @@ class RequestFetcher extends Command
}
}
touch($pidFile);
if (!file_exists($pidFile)) {
return;
}
try {
while ($this->shouldRun) {
Redis::set(self::HEALTHCHECK_KEY, Carbon::now()->format(self::HEALTHCHECK_FORMAT));
$operationsRunning = true;
curl_multi_exec($this->multicurl, $operationsRunning);
$status = $this->readMultiCurl($this->multicurl);
......@@ -90,7 +88,6 @@ class RequestFetcher extends Command
}
}
} finally {
unlink($pidFile);
curl_multi_close($this->multicurl);
}
}
......
......@@ -25,9 +25,10 @@ class Kernel extends ConsoleKernel
*/
protected function schedule(Schedule $schedule)
{
$schedule->command('heartbeat')->everyMinute();
$schedule->command('requests:gather')->everyFifteenMinutes();
$schedule->command('requests:useragents')->everyFiveMinutes();
$schedule->command('logs:gather')->everyMinute();
#$schedule->command('logs:gather')->everyMinute();
$schedule->command('spam:load')->everyMinute();
$schedule->call(function () {
DB::table('monthlyrequests')->truncate();
......
......@@ -60,7 +60,7 @@ class AdgoalTestController extends Controller
return redirect('admin/adgoal');
}
$url = route('resultpage', ["eingabe" => $eingabe, "out" => "api", "key" => env("mainz_key")]);
$url = route('resultpage', ["eingabe" => $eingabe, "out" => "api", "key" => config("metager.metager.keys.uni_mainz")]);
$hash = md5($url);
$mission = [
......
......@@ -17,14 +17,14 @@ class Assoziator extends Controller
$params = [
"eingabe" => $eingabe,
"out" => "atom10",
"key" => env("ASSO_KEY", "test"),
"key" => config("metager.metager.keys.assoziator"),
];
$url = route("resultpage", $params);
# Special Case for local development as the port forwarding does not work within docker
if(env("APP_ENV", "") === "local" && stripos($url, "http://localhost:8080") === 0){
if(\App::environment() === "local" && stripos($url, "http://localhost:8080") === 0){
$url = str_replace("http://localhost:8080", "http://nginx", $url);
}
......
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Redis;
use Carbon;
class HealthcheckController extends Controller
{
/**
* Check if the server is ready
*/
public function liveness() {
return response('ok', 200);
}
public function livenessScheduler() {
$lastSchedule = Redis::get(\App\Console\Commands\Heartbeat::REDIS_KEY);
$lastSchedule = Carbon::createFromFormat('Y-m-d H:i:s', $lastSchedule);
if(Carbon::now()->diffInMinutes($lastSchedule) > 1){
abort(500, "Last heartbeat too long ago");
}else{
return response('ok', 200);
}
}
public function livenessWorker() {
$lastSchedule = Redis::get(\App\Console\Commands\RequestFetcher::HEALTHCHECK_KEY);
$lastSchedule = Carbon::createFromFormat(\App\Console\Commands\RequestFetcher::HEALTHCHECK_FORMAT, $lastSchedule);
if(Carbon::now()->diffInMinutes($lastSchedule) > 1){
abort(500, "Last heartbeat too long ago");
}else{
return response('ok', 200);
}
}
}
......@@ -92,18 +92,18 @@ class HumanVerification extends Controller
}
public static function logCaptcha(Request $request){
$fail2banEnabled = config("metager.metager.fail2ban_enabled");
if(empty($fail2banEnabled) || !$fail2banEnabled || !env("fail2banurl", false) || !env("fail2banuser") || !env("fail2banpassword")){
$fail2banEnabled = config("metager.metager.fail2ban.enabled");
if(empty($fail2banEnabled) || !$fail2banEnabled || !config("metager.metager.fail2ban.url") || !config("metager.metager.fail2ban.user") || !config("metager.metager.fail2ban.password")){
return;
}
// Submit fetch job to worker
$mission = [
"resulthash" => "captcha",
"url" => env("fail2banurl") . "/captcha/",
"url" => config("metager.metager.fail2ban.url") . "/captcha/",
"useragent" => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
"username" => env("fail2banuser"),
"password" => env("fail2banpassword"),
"username" => config("metager.metager.fail2ban.user"),
"password" => config("metager.metager.fail2ban.password"),
"headers" => [
"ip" => $request->ip()
],
......@@ -132,7 +132,7 @@ class HumanVerification extends Controller
{
$url = base64_decode(str_replace("<<SLASH>>", "/", $url));
# If the user is correct and the password is we will delete any entry in the database
$requiredPass = md5($mm . Carbon::NOW()->day . $url . env("PROXY_PASSWORD"));
$requiredPass = md5($mm . Carbon::NOW()->day . $url . config("metager.metager.proxy.password"));
if (HumanVerification::checkId($request, $mm) && $requiredPass === $password) {
HumanVerification::removeUser($request, $mm);
......@@ -335,7 +335,7 @@ class HumanVerification extends Controller
* If someone that uses a bot finds this out we
* might have to change it at some point.
*/
if ($request->filled('password') || $request->filled('key') || Cookie::get('key') !== null || $request->filled('appversion') || !env('BOT_PROTECTION', false)) {
if ($request->filled('password') || $request->filled('key') || Cookie::get('key') !== null || $request->filled('appversion') || !config('metager.metager.botprotection.enabled')) {
$update = false;
return $next($request);
}
......
......@@ -98,7 +98,7 @@ class KeyController extends Controller
$format = "Y-m-d H:i:s";
$data = [
"validUntil" => $validUntil->format($format),
"password" => hash_hmac("sha256", $validUntil->format($format), env("APP_KEY", "WEAK_KEY")),
"password" => hash_hmac("sha256", $validUntil->format($format), config("app.key")),
];
$targetUrl = LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('changeKeyTwo', $data));
$redirUrl = LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('removeCookie', [
......@@ -129,7 +129,7 @@ class KeyController extends Controller
}
if($valid){
// Check if hash matches
$expectedHash = hash_hmac("sha256", $validUntil->format($format), env("APP_KEY", "WEAK_KEY"));
$expectedHash = hash_hmac("sha256", $validUntil->format($format), config("app.key"));
if(!hash_equals($expectedHash, $password)){
$valid = false;
}
......@@ -174,7 +174,7 @@ class KeyController extends Controller
}
if($valid){
// Check if hash matches
$expectedHash = hash_hmac("sha256", $validUntil->format($format), env("APP_KEY", "WEAK_KEY"));
$expectedHash = hash_hmac("sha256", $validUntil->format($format), config("app.key"));
if(!hash_equals($expectedHash, $password)){
$valid = false;
}
......@@ -189,7 +189,7 @@ class KeyController extends Controller
if($validator->fails()) {
$data = [
"validUntil" => $validUntil->format($format),
"password" => hash_hmac("sha256", $validUntil->format($format), env("APP_KEY", "WEAK_KEY")),
"password" => hash_hmac("sha256", $validUntil->format($format), config("app.key")),
"newkey" => $request->input('newkey', ''),
];
$targetUrl = LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('changeKeyTwo', $data));
......@@ -215,7 +215,7 @@ class KeyController extends Controller
}
$data = [
"validUntil" => $validUntil->format($format),
"password" => hash_hmac("sha256", $validUntil->format($format), env("APP_KEY", "WEAK_KEY")),
"password" => hash_hmac("sha256", $validUntil->format($format), config("app.key")),
];
$targetUrl = LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('changeKeyTwo', $data));
return redirect($targetUrl);
......
......@@ -93,12 +93,12 @@ class MailController extends Controller
$mission = [
"resulthash" => $resulthash,
"url" => env("TICKET_URL", "https://metager.de"),