Revert: auto generate INTERNAL_TOKEN (#21608) (#21609)

Backport #21608 Follow #19663 Some users do cluster deployment, they still depend on this auto-generating behavior.
2025-10-30 22:11:07 +00:00 · 2022-10-27 11:17:47 +08:00 · 2022-10-27 11:17:47 +08:00 · 4869f9c3c8
commit 4869f9c3c8
parent 79275d9db4
1 changed files with 19 additions and 0 deletions
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -22,6 +22,7 @@ import (
 	"time"

 	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/generate"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/user"
@ -962,6 +963,11 @@ func loadFromConf(allowEmpty bool, extraConfig string) {
 	SuccessfulTokensCacheSize = sec.Key("SUCCESSFUL_TOKENS_CACHE_SIZE").MustInt(20)

 	InternalToken = loadSecret(sec, "INTERNAL_TOKEN_URI", "INTERNAL_TOKEN")
+	if InstallLock && InternalToken == "" {
+		// if Gitea has been installed but the InternalToken hasn't been generated (upgrade from an old release), we should generate
+		// some users do cluster deployment, they still depend on this auto-generating behavior.
+		generateSaveInternalToken()
+	}

 	cfgdata := sec.Key("PASSWORD_COMPLEXITY").Strings(",")
 	if len(cfgdata) == 0 {
@ -1182,6 +1188,19 @@ func loadSecret(sec *ini.Section, uriKey, verbatimKey string) string {
 	}
 }

+// generateSaveInternalToken generates and saves the internal token to app.ini
+func generateSaveInternalToken() {
+	token, err := generate.NewInternalToken()
+	if err != nil {
+		log.Fatal("Error generate internal token: %v", err)
+	}
+
+	InternalToken = token
+	CreateOrAppendToCustomConf("security.INTERNAL_TOKEN", func(cfg *ini.File) {
+		cfg.Section("security").Key("INTERNAL_TOKEN").SetValue(token)
+	})
+}
+
 // MakeAbsoluteAssetURL returns the absolute asset url prefix without a trailing slash
 func MakeAbsoluteAssetURL(appURL, staticURLPrefix string) string {
 	parsedPrefix, err := url.Parse(strings.TrimSuffix(staticURLPrefix, "/"))