3 years ago · 469618aa72
--- a/controllers/security.go
+++ b/controllers/security.go
@@ -98,9 +98,9 @@ func SecurityCheck(reqAdmin bool, netname string, token string) (error, []string
 
				 	return nil, userNetworks, username
			
 
				 }
			
 
				 
			
 
				-//Consider a more secure way of setting master key
			
 
				+// Consider a more secure way of setting master key
			
 
				 func authenticateMaster(tokenString string) bool {
			
 
				-	return tokenString == servercfg.GetMasterKey()
			
 
				+	return tokenString == servercfg.GetMasterKey() && servercfg.GetMasterKey() != ""
			
 
				 }
			
 
				 
			
 
				 //Consider a more secure way of setting master key
			
--- a/controllers/server.go
+++ b/controllers/server.go
@@ -49,7 +49,7 @@ func securityCheckServer(adminonly bool, next http.Handler) http.HandlerFunc {
 
				 			returnErrorResponse(w, r, errorResponse)
			
 
				 			return
			
 
				 		}
			
 
				-		if adminonly && !isadmin && !authenticateMasterServer(authToken) {
			
 
				+		if adminonly && !isadmin && !authenticateMaster(authToken) {
			
 
				 			returnErrorResponse(w, r, errorResponse)
			
 
				 			return
			
 
				 		}
			
@@ -57,11 +57,6 @@ func securityCheckServer(adminonly bool, next http.Handler) http.HandlerFunc {
 
				 	}
			
 
				 }
			
 
				 
			
 
				-//Consider a more secure way of setting master key
			
 
				-func authenticateMasterServer(tokenString string) bool {
			
 
				-	return tokenString == servercfg.GetMasterKey()
			
 
				-}
			
 
				-
			
 
				 func removeNetwork(w http.ResponseWriter, r *http.Request) {
			
 
				 	// Set header
			
 
				 	w.Header().Set("Content-Type", "application/json")
			
--- a/logic/jwts.go
+++ b/logic/jwts.go
@@ -76,7 +76,7 @@ func CreateUserJWT(username string, networks []string, isadmin bool) (response s
 
				 func VerifyUserToken(tokenString string) (username string, networks []string, isadmin bool, err error) {
			
 
				 	claims := &models.UserClaims{}
			
 
				 
			
 
				-	if tokenString == servercfg.GetMasterKey() {
			
 
				+	if tokenString == servercfg.GetMasterKey() && servercfg.GetMasterKey() != "" {
			
 
				 		return "masteradministrator", nil, true, nil
			
 
				 	}
			
 
				 
			
@@ -100,7 +100,7 @@ func VerifyToken(tokenString string) (nodeID string, mac string, network string,
 
				 
			
 
				 	//this may be a stupid way of serving up a master key
			
 
				 	//TODO: look into a different method. Encryption?
			
 
				-	if tokenString == servercfg.GetMasterKey() {
			
 
				+	if tokenString == servercfg.GetMasterKey() && servercfg.GetMasterKey() != "" {
			
 
				 		return "mastermac", "", "", nil
			
 
				 	}
			
 
				 
			
--- a/main
+++ b/main
--- a/main.go
+++ b/main.go
@@ -40,6 +40,11 @@ func main() {
 
				 
			
 
				 func initialize() { // Client Mode Prereq Check
			
 
				 	var err error
			
 
				+
			
 
				+	if servercfg.GetMasterKey() == "" {
			
 
				+		logger.Log(0, "warning: MASTER_KEY not set, this could make account recovery difficult")
			
 
				+	}
			
 
				+
			
 
				 	if servercfg.GetNodeID() == "" {
			
 
				 		logger.FatalLog("error: must set NODE_ID, currently blank")
			
 
				 	}
			
--- a/servercfg/serverconf.go
+++ b/servercfg/serverconf.go
@@ -266,7 +266,7 @@ func GetMessageQueueEndpoint() string {
 
				 
			
 
				 // GetMasterKey - gets the configured master key of server
			
 
				 func GetMasterKey() string {
			
 
				-	key := "secretkey"
			
 
				+	key := ""
			
 
				 	if os.Getenv("MASTER_KEY") != "" {
			
 
				 		key = os.Getenv("MASTER_KEY")
			
 
				 	} else if config.Config.Server.MasterKey != "" {