Skip to content

Commit

Permalink
Read stdin to memory instead of file
Browse files Browse the repository at this point in the history 
so that concurrent auth attempts don't mess up each others data.
  • Loading branch information
@luqasn
luqasn committed Sep 29, 2022
1 parent 2f6e1f4 commit eeda46d
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions image/auth.sh
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,21 @@
#!/bin/sh
#!/bin/bash

# read "input" (we only use target database)
cp /dev/stdin input.vars
. ./input.vars
set -eo pipefail -o nounset
# read "input"
INPUT=$(</dev/stdin)
# extract desired database name
database=$(echo -n "$INPUT" | grep '^database=.*$' | tr -d '\n' | cut -d'=' -f2-)

set -eo nounset
# generate hashed pw to return
md5=$(printf '%s' "$TARGET_PASSWORD$TARGET_USER" | md5sum | cut -d ' ' -f 1)
# create database requested by user on demand if it does not exist
echo "SELECT 'CREATE DATABASE $database' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '$database')\gexec" | psql "postgresql://$TARGET_USER:$TARGET_PASSWORD@$TARGET_HOST/$TARGET_DUMMY_DB"

# return connection info to proxy
# keep original options intact
cat input.vars
# but override user
cat << END
database=$database
$INPUT
user=$TARGET_USER
_META_TARGET_HOST=$TARGET_HOST
_META_TARGET_CRED=md5$md5
Expand Down

0 comments on commit eeda46d

Please sign in to comment.