klemek/stapler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 10 Wiki Activity

fix(tokens): restrict chmod to user only

Browse Source
This commit is contained in:
klemek
2026-04-17 01:14:25 +02:00
parent 130deaf320
commit 0a7fec53ab
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/token_manager.py
+4
View File
@@ -24,6 +24,9 @@ class TokenManager:
self.logger.warning(
"No salt provided, tokens will be cryptographically weak"
)
if not self.tokens_file.exists():
self.tokens_file.touch()
self.tokens_file.chmod(0o600)
self.token_hashes = self.__load_hashes()
def is_valid(self, token: str) -> bool:
@@ -58,4 +61,5 @@ class TokenManager:
def __save_hashes(self) -> None:
with self.tokens_file.open(mode="w") as file:
file.write("\n".join(self.token_hashes))
self.tokens_file.chmod(0o600)
self.logger.debug("Updated %s", self.tokens_file)