search

ptah-sh / ptah-server

Self-hosted alternative to Heroku
https://ptah.sh
Other
145 stars 5 forks source link

PTAH_TOKEN may not be the expected length #204

Open wolcen opened 1 month ago

wolcen commented 1 month ago

The install-server.sh specifies:

# Generate a random string of 42 characters
random_token=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 42)

I'm not sure how important it is for this value to be at least /exactly 42 characters, but I wanted to note that it is very easy for this command to result in a string shorter than 42 characters.

If the length of this token is important, upping the length of the string openssl returns (by more than just a few characters) would obviously suffice.

bohdan-shulha commented 1 month ago

Hi @wolcen , thanks a lot for the feedback.

"42" is not essential for this use case, just a reasonable default. Could be more, could be less. Lenghtier is, definitely, better.

I'll improve it in the next releases.