Auto-generate VAPID keys upon startup using py-vapid, and add pywebpush to requirements, drop obsolete script
This commit is contained in:
+3
-1
@@ -4,4 +4,6 @@ certs
|
||||
build
|
||||
.venv
|
||||
__pycache__
|
||||
.pyc
|
||||
.pycvapid.json
|
||||
Web/vapid.json
|
||||
Web/vapid_*.pem
|
||||
|
||||
@@ -16,11 +16,39 @@ import settings as cfg
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
# VAPID keys for push notifications (should be in environment variables)
|
||||
# VAPID keys for push notifications
|
||||
VAPID_PUBLIC_KEY = os.getenv('VAPID_PUBLIC_KEY', '')
|
||||
VAPID_PRIVATE_KEY = os.getenv('VAPID_PRIVATE_KEY', '')
|
||||
VAPID_SUBJECT = os.getenv('VAPID_SUBJECT', f'mailto:admin@{os.getenv("SERVER_NAME", "localhost")}')
|
||||
|
||||
VAPID_PRIVATE_PEM = os.path.join(os.path.dirname(__file__), 'vapid_private.pem')
|
||||
VAPID_PUBLIC_PEM = os.path.join(os.path.dirname(__file__), 'vapid_public.pem')
|
||||
|
||||
# Auto-generate VAPID keys if none are provided
|
||||
if not VAPID_PUBLIC_KEY or not VAPID_PRIVATE_KEY:
|
||||
try:
|
||||
from py_vapid import Vapid, b64urlencode
|
||||
from cryptography.hazmat.primitives import serialization
|
||||
|
||||
vapid = Vapid()
|
||||
if not os.path.exists(VAPID_PRIVATE_PEM):
|
||||
vapid.generate_keys()
|
||||
vapid.save_key(VAPID_PRIVATE_PEM)
|
||||
vapid.save_public_key(VAPID_PUBLIC_PEM)
|
||||
logger.info("Auto-generated new VAPID keys")
|
||||
else:
|
||||
vapid = Vapid.from_file(VAPID_PRIVATE_PEM)
|
||||
|
||||
raw_pub = vapid.public_key.public_bytes(
|
||||
serialization.Encoding.X962,
|
||||
serialization.PublicFormat.UncompressedPoint
|
||||
)
|
||||
|
||||
VAPID_PUBLIC_KEY = b64urlencode(raw_pub)
|
||||
VAPID_PRIVATE_KEY = VAPID_PRIVATE_PEM
|
||||
except Exception as e:
|
||||
logger.error(f'Could not load or generate VAPID keys: {e}')
|
||||
|
||||
# Push service endpoint (typically Firebase or Web Push Service)
|
||||
PUSH_SERVICE_URL = 'https://fcm.googleapis.com/fcm/send' # Firebase Cloud Messaging
|
||||
FCM_API_KEY = os.getenv('FCM_API_KEY', '') # Firebase API key
|
||||
|
||||
@@ -13,4 +13,4 @@ redis
|
||||
reportlab
|
||||
python-barcode
|
||||
openpyxl
|
||||
cryptography
|
||||
cryptographypywebpush
|
||||
|
||||
@@ -1,81 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# VAPID Key Generation Script for Web Push Notifications
|
||||
# Generates VAPID (Voluntary Application Server Identification) keys required for push notifications
|
||||
|
||||
echo "==========================================="
|
||||
echo "VAPID Key Generation for Inventarsystem"
|
||||
echo "==========================================="
|
||||
echo ""
|
||||
|
||||
# Check if Python is available
|
||||
if ! command -v python3 &> /dev/null; then
|
||||
echo "❌ Error: Python 3 is required but not installed."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if pywebpush is installed
|
||||
echo "Checking for pywebpush..."
|
||||
python3 -c "import pywebpush" 2>/dev/null
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Installing pywebpush..."
|
||||
pip3 install pywebpush
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "❌ Error: Failed to install pywebpush"
|
||||
echo "Please install manually: pip3 install pywebpush"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "✓ pywebpush is installed"
|
||||
echo ""
|
||||
|
||||
# Generate VAPID keys
|
||||
echo "Generating VAPID keys..."
|
||||
python3 << 'EOF'
|
||||
from pywebpush import generate_keys
|
||||
|
||||
try:
|
||||
keys = generate_keys()
|
||||
print("✓ VAPID Keys generated successfully!")
|
||||
print("")
|
||||
print("PUBLIC KEY (share with browsers):")
|
||||
print(keys['public_key'])
|
||||
print("")
|
||||
print("PRIVATE KEY (keep secret!):")
|
||||
print(keys['private_key'])
|
||||
print("")
|
||||
print("==========================================="
|
||||
print("Add these to your environment variables:")
|
||||
print("==========================================="
|
||||
print("")
|
||||
print("export VAPID_PUBLIC_KEY='" + keys['public_key'] + "'")
|
||||
print("export VAPID_PRIVATE_KEY='" + keys['private_key'] + "'")
|
||||
print("export VAPID_SUBJECT='mailto:admin@yourdomain.com'")
|
||||
print("")
|
||||
print("Or add to your .env file:")
|
||||
print("")
|
||||
print("VAPID_PUBLIC_KEY=" + keys['public_key'])
|
||||
print("VAPID_PRIVATE_KEY=" + keys['private_key'])
|
||||
print("VAPID_SUBJECT=mailto:admin@yourdomain.com")
|
||||
print("")
|
||||
print("⚠️ IMPORTANT: Keep the PRIVATE KEY secret!")
|
||||
print("==========================================="
|
||||
|
||||
except Exception as e:
|
||||
print(f"❌ Error generating VAPID keys: {e}")
|
||||
exit(1)
|
||||
EOF
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
echo ""
|
||||
echo "✓ Next steps:"
|
||||
echo "1. Copy the PUBLIC KEY to your browser-side code"
|
||||
echo "2. Set the PRIVATE KEY in your server environment"
|
||||
echo "3. Update config.json with your email address"
|
||||
echo "4. Test with: curl http://localhost:5000/api/push/vapid-key"
|
||||
else
|
||||
echo "❌ Error generating keys"
|
||||
exit 1
|
||||
fi
|
||||
+1
-1
@@ -13,4 +13,4 @@ reportlab
|
||||
python-barcode
|
||||
openpyxl
|
||||
cryptography
|
||||
pywebpush
|
||||
pywebpushpywebpush
|
||||
|
||||
Reference in New Issue
Block a user