Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gzupanda
code-server
提交
5ff120a8
C
code-server
项目概览
gzupanda
/
code-server
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
code-server
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
5ff120a8
编写于
12月 14, 2020
作者:
A
Anmol Sethi
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
cli: hashedPassword -> hashed-password
Capital letters in the CLI are evil. cc @code-asher
上级
730a73e9
变更
7
隐藏空白更改
内联
并排
Showing
7 changed file
with
14 addition
and
14 deletion
+14
-14
doc/FAQ.md
doc/FAQ.md
+1
-1
doc/guide.md
doc/guide.md
+2
-2
src/node/cli.ts
src/node/cli.ts
+5
-5
src/node/entry.ts
src/node/entry.ts
+1
-1
src/node/http.ts
src/node/http.ts
+2
-2
src/node/routes/login.ts
src/node/routes/login.ts
+2
-2
test/cli.test.ts
test/cli.test.ts
+1
-1
未找到文件。
doc/FAQ.md
浏览文件 @
5ff120a8
...
...
@@ -162,7 +162,7 @@ Again, please follow [./guide.md](./guide.md) for our recommendations on setting
## Can I store my password hashed?
Yes you can! Use
`hashed
P
assword`
instead of
`password`
. Generate the hash with:
Yes you can! Use
`hashed
-p
assword`
instead of
`password`
. Generate the hash with:
```
echo "thisismypassword" | sha256sum | cut -d' ' -f1
...
...
doc/guide.md
浏览文件 @
5ff120a8
...
...
@@ -297,8 +297,8 @@ and then restart `code-server` with:
sudo
systemctl restart code-server@
$USER
```
Alternatively, you can specify the SHA-256 of your password at the
`hashed
P
assword`
field in the config file.
The
`hashed
P
assword`
field takes precedence over
`password`
.
Alternatively, you can specify the SHA-256 of your password at the
`hashed
-p
assword`
field in the config file.
The
`hashed
-p
assword`
field takes precedence over
`password`
.
### How do I securely access development web services?
...
...
src/node/cli.ts
浏览文件 @
5ff120a8
...
...
@@ -29,7 +29,7 @@ export interface Args extends VsArgs {
config
?:
string
auth
?:
AuthType
password
?:
string
hashedPassword
?:
string
"
hashed-password
"
?:
string
cert
?:
OptionalString
"
cert-host
"
?:
string
"
cert-key
"
?:
string
...
...
@@ -105,7 +105,7 @@ const options: Options<Required<Args>> = {
type
:
"
string
"
,
description
:
"
The password for password authentication (can only be passed in via $PASSWORD or the config file).
"
,
},
hashedPassword
:
{
"
hashed-password
"
:
{
type
:
"
string
"
,
description
:
"
The password hashed with SHA-256 for password authentication (can only be passed in via $HASHED_PASSWORD or the config file).
\n
"
+
...
...
@@ -276,8 +276,8 @@ export const parse = (
throw
new
Error
(
"
--password can only be set in the config file or passed in via $PASSWORD
"
)
}
if
(
key
===
"
hashed
P
assword
"
&&
!
opts
?.
configFile
)
{
throw
new
Error
(
"
--hashed
P
assword can only be set in the config file or passed in via $HASHED_PASSWORD
"
)
if
(
key
===
"
hashed
-p
assword
"
&&
!
opts
?.
configFile
)
{
throw
new
Error
(
"
--hashed
-p
assword can only be set in the config file or passed in via $HASHED_PASSWORD
"
)
}
const
option
=
options
[
key
]
...
...
@@ -457,7 +457,7 @@ export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promi
const
usingEnvHashedPassword
=
!!
process
.
env
.
HASHED_PASSWORD
if
(
process
.
env
.
HASHED_PASSWORD
)
{
args
.
hashedPassword
=
process
.
env
.
HASHED_PASSWORD
args
[
"
hashed-password
"
]
=
process
.
env
.
HASHED_PASSWORD
usingEnvPassword
=
false
}
...
...
src/node/entry.ts
浏览文件 @
5ff120a8
...
...
@@ -99,7 +99,7 @@ const main = async (args: DefaultedArgs): Promise<void> => {
logger
.
info
(
`Using user-data-dir
${
humanPath
(
args
[
"
user-data-dir
"
])}
`
)
logger
.
trace
(
`Using extensions-dir
${
humanPath
(
args
[
"
extensions-dir
"
])}
`
)
if
(
args
.
auth
===
AuthType
.
Password
&&
!
args
.
password
&&
!
args
.
hashedPassword
)
{
if
(
args
.
auth
===
AuthType
.
Password
&&
!
args
.
password
&&
!
args
[
"
hashed-password
"
]
)
{
throw
new
Error
(
"
Please pass in a password via the config file or environment variable ($PASSWORD or $HASHED_PASSWORD)
"
,
)
...
...
src/node/http.ts
浏览文件 @
5ff120a8
...
...
@@ -54,8 +54,8 @@ export const authenticated = (req: express.Request): boolean => {
// The password is stored in the cookie after being hashed.
return
!!
(
req
.
cookies
.
key
&&
(
req
.
args
.
hashedPassword
?
safeCompare
(
req
.
cookies
.
key
,
req
.
args
.
hashedPassword
)
(
req
.
args
[
"
hashed-password
"
]
?
safeCompare
(
req
.
cookies
.
key
,
req
.
args
[
"
hashed-password
"
]
)
:
req
.
args
.
password
&&
safeCompare
(
req
.
cookies
.
key
,
hash
(
req
.
args
.
password
)))
)
default
:
...
...
src/node/routes/login.ts
浏览文件 @
5ff120a8
...
...
@@ -68,8 +68,8 @@ router.post("/", async (req, res) => {
}
if
(
req
.
args
.
hashedPassword
?
safeCompare
(
hash
(
req
.
body
.
password
),
req
.
args
.
hashedPassword
)
req
.
args
[
"
hashed-password
"
]
?
safeCompare
(
hash
(
req
.
body
.
password
),
req
.
args
[
"
hashed-password
"
]
)
:
req
.
args
.
password
&&
safeCompare
(
req
.
body
.
password
,
req
.
args
.
password
)
)
{
// The hash does not add any actual security but we do it for
...
...
test/cli.test.ts
浏览文件 @
5ff120a8
...
...
@@ -301,7 +301,7 @@ describe("parser", () => {
assert
.
deepEqual
(
await
setDefaults
(
args
),
{
...
defaults
,
_
:
[],
hashedPassword
:
"
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
"
,
"
hashed-password
"
:
"
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
"
,
usingEnvHashedPassword
:
true
,
})
})
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录