Store node daemon tokens in an encrypted manner

2026-04-15 12:53:44 +02:00 · 2020-04-10 15:15:38 -07:00
parent 2ac82af25a
commit 7557dddf49
26 changed files with 222 additions and 827 deletions
--- a/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php
+++ b/app/Http/Controllers/Api/Remote/Servers/ServerTransferController.php
@@ -145,7 +145,7 @@ class ServerTransferController extends Controller
            ->canOnlyBeUsedAfter($now->getTimestamp())
            ->expiresAt($now->addMinutes(15)->getTimestamp())
            ->relatedTo($server->uuid, true)
-            ->getToken($signer, new Key($server->node->daemonSecret));
+            ->getToken($signer, new Key($server->node->getDecryptedKey()));

        // On the daemon transfer repository, make sure to set the node after the server
        // because setServer() tells the repository to use the server's node and not the one