From 6f558d1d4f892ca39454d30993be85f4f9a345f9 Mon Sep 17 00:00:00 2001
From: andih13 <WZBHDR@rbinternational.com>
Date: Tue, 5 Dec 2023 09:04:49 +0100
Subject: [PATCH] support rollover of admin token

---
 server/config.js | 32 +++++++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/server/config.js b/server/config.js
index d6edba4..10a606d 100644
--- a/server/config.js
+++ b/server/config.js
@@ -29,6 +29,9 @@ const globalConf = require('config')
 console.log('NODE_CONFIG_DIR: ' + globalConf.util.getEnv('NODE_CONFIG_DIR'));
 console.log('NODE_ENV: ' + globalConf.util.getEnv('NODE_ENV'));
 
+const tokenPath = globalConf.server_config.token_path;
+let watcher = null;
+
 /*
  * a logger
  */
@@ -47,9 +50,8 @@ const L = createLogger({
 // token parameters
 if (globalConf.server_config.token_path && 
         (globalConf.auth_mode === 'k8s' || globalConf.auth_mode === 'user')) {
-    L.info("Setting tokens from path: " + globalConf.server_config.token_path)
-    const token = fs.readFileSync(globalConf.server_config.token_path, "utf8")
-    globalConf.server_config.admin_token = token.trim()
+        updateAdminToken();
+        watchTokenFile();
 }
 
 // Set derived config
@@ -92,3 +94,27 @@ module.exports = {
     L,
     globalConf,
 };
+
+// Function to execute code when the token file changes
+function updateAdminToken() {
+    try {
+      const token = fs.readFileSync(tokenPath, "utf8");
+      globalConf.server_config.admin_token = token.trim();
+      L.info('Token file changed. Admin token updated.');
+    } catch (error) {
+      L.error('Error updating admin token:', error);
+    }
+  }
+  
+  // Watch the token file or symbolic link
+  function watchTokenFile() {
+    watcher = fs.watch(tokenPath, (event, filename) => {
+      if (event === 'change') {
+        updateAdminToken();
+      } else if (event === 'rename') {
+        watcher.close();
+        watchTokenFile();
+      }
+    });
+  }
+  
\ No newline at end of file