From 1d9a2cac0931930dcb41ada59cc7f1eb996e3751 Mon Sep 17 00:00:00 2001
From: Griffin Smith <grfn@gws.fyi>
Date: Fri, 28 Aug 2020 17:42:00 -0400
Subject: feat(panettone): Configure a session secret

Load a SESSION_SECRET env var and set it as the hunchentoot session
secret if present, so that restarting panettone doesn't destroy all
sessions due to the secret getting regenerated.

Refs: #19
Change-Id: Ia2c633fa998e128ecece66e824df01c430da8235
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1866
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
---
 web/panettone/src/panettone.lisp | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/web/panettone/src/panettone.lisp b/web/panettone/src/panettone.lisp
index 7594c3ab2408..f1c17c283097 100644
--- a/web/panettone/src/panettone.lisp
+++ b/web/panettone/src/panettone.lisp
@@ -526,13 +526,17 @@
 (defun start-panettone (&key port
                           (ldap-host "localhost")
                           (ldap-port 389)
-                          postgres-params)
+                          postgres-params
+                          session-secret)
   (connect-ldap :host ldap-host
                 :port ldap-port)
 
   (apply #'model:connect-postgres postgres-params)
   (migrate-db)
 
+  (when session-secret
+    (setq hunchentoot:*session-secret* session-secret))
+
   (setq *acceptor*
         (make-instance 'easy-routes:routes-acceptor :port port))
   (hunchentoot:start *acceptor*))
@@ -540,12 +544,16 @@
 (defun main ()
   (let ((port (integer-env "PANETTONE_PORT" :default 6161))
         (ldap-port (integer-env "LDAP_PORT" :default 389))
-        (cheddar-url (uiop:getenvp "CHEDDAR_URL")))
+        (cheddar-url (uiop:getenvp "CHEDDAR_URL"))
+        (session-secret (uiop:getenvp "SESSION_SECRET")))
     (when cheddar-url (setq *cheddar-url* cheddar-url))
     (setq hunchentoot:*show-lisp-backtraces-p* nil)
     (setq hunchentoot:*log-lisp-backtraces-p* nil)
+
     (start-panettone :port port
-                     :ldap-port ldap-port)
+                     :ldap-port ldap-port
+                     :session-secret session-secret)
+
     (sb-thread:join-thread
      (find-if (lambda (th)
                 (string= (sb-thread:thread-name th)
@@ -555,5 +563,6 @@
 (comment
  (setq hunchentoot:*catch-errors-p* nil)
  (start-panettone :port 6161
-                  :ldap-port 3899)
+                  :ldap-port 3899
+                  :session-secret "session-secret")
  )
-- 
cgit 1.4.1