From 0acc3c22d927124b463abff9e083501a2df90ade Mon Sep 17 00:00:00 2001
From: Lennart <18233294+lennart-k@users.noreply.github.com>
Date: Thu, 15 May 2025 20:58:17 +0200
Subject: [PATCH] frontend: Generate random secret by default

---
 crates/frontend/src/config.rs | 10 ++++++++++
 crates/frontend/src/lib.rs    |  2 +-
 src/commands/mod.rs           | 12 ++----------
 src/main.rs                   |  7 ++-----
 4 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/crates/frontend/src/config.rs b/crates/frontend/src/config.rs
index 1c73f92..fecdb09 100644
--- a/crates/frontend/src/config.rs
+++ b/crates/frontend/src/config.rs
@@ -1,5 +1,14 @@
+use rand::RngCore;
 use serde::{Deserialize, Serialize};
 
+pub fn generate_frontend_secret() -> [u8; 64] {
+    let mut rng = rand::thread_rng();
+
+    let mut secret = [0u8; 64];
+    rng.fill_bytes(&mut secret);
+    secret
+}
+
 fn default_true() -> bool {
     true
 }
@@ -9,6 +18,7 @@ fn default_true() -> bool {
 pub struct FrontendConfig {
     #[serde(serialize_with = "hex::serde::serialize")]
     #[serde(deserialize_with = "hex::serde::deserialize")]
+    #[serde(default = "generate_frontend_secret")]
     pub secret_key: [u8; 64],
     #[serde(default = "default_true")]
     pub enabled: bool,
diff --git a/crates/frontend/src/lib.rs b/crates/frontend/src/lib.rs
index c4d94aa..81d2839 100644
--- a/crates/frontend/src/lib.rs
+++ b/crates/frontend/src/lib.rs
@@ -38,7 +38,7 @@ mod routes;
 pub const ROUTE_NAME_HOME: &str = "frontend_home";
 pub const ROUTE_USER_NAMED: &str = "frontend_user_named";
 
-pub use config::FrontendConfig;
+pub use config::{FrontendConfig, generate_frontend_secret};
 
 pub fn generate_app_token() -> String {
     rand::thread_rng()
diff --git a/src/commands/mod.rs b/src/commands/mod.rs
index a1766e2..d0c49ef 100644
--- a/src/commands/mod.rs
+++ b/src/commands/mod.rs
@@ -2,8 +2,8 @@ use argon2::password_hash::SaltString;
 use clap::{Parser, ValueEnum};
 use password_hash::PasswordHasher;
 use pbkdf2::Params;
-use rand::{RngCore, rngs::OsRng};
-use rustical_frontend::FrontendConfig;
+use rand::rngs::OsRng;
+use rustical_frontend::{FrontendConfig, generate_frontend_secret};
 
 use crate::config::{
     Config, DataStoreConfig, DavPushConfig, HttpConfig, SqliteDataStoreConfig, TracingConfig,
@@ -15,14 +15,6 @@ pub mod principals;
 #[derive(Debug, Parser)]
 pub struct GenConfigArgs {}
 
-pub fn generate_frontend_secret() -> [u8; 64] {
-    let mut rng = rand::thread_rng();
-
-    let mut secret = [0u8; 64];
-    rng.fill_bytes(&mut secret);
-    secret
-}
-
 pub fn cmd_gen_config(_args: GenConfigArgs) -> anyhow::Result<()> {
     let config = Config {
         http: HttpConfig::default(),
diff --git a/src/main.rs b/src/main.rs
index 89278e7..6c4cbeb 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -131,13 +131,10 @@ async fn main() -> Result<()> {
 
 #[cfg(test)]
 mod tests {
-    use crate::{
-        app::make_app, commands::generate_frontend_secret, config::NextcloudLoginConfig,
-        get_data_stores,
-    };
+    use crate::{app::make_app, config::NextcloudLoginConfig, get_data_stores};
     use actix_web::{http::StatusCode, test::TestRequest};
-    use rustical_frontend::FrontendConfig;
     use rustical_frontend::nextcloud_login::NextcloudFlows;
+    use rustical_frontend::{FrontendConfig, generate_frontend_secret};
     use std::sync::Arc;
 
     #[tokio::test]