()
| 1551 | * @returns {Promise<string>} |
| 1552 | */ |
| 1553 | export const getEncryptionKey = async (): Promise<string> => { |
| 1554 | if (process.env.FLOWISE_SECRETKEY_OVERWRITE !== undefined && process.env.FLOWISE_SECRETKEY_OVERWRITE !== '') { |
| 1555 | return process.env.FLOWISE_SECRETKEY_OVERWRITE |
| 1556 | } |
| 1557 | if (USE_AWS_SECRETS_MANAGER && secretsManagerClient) { |
| 1558 | const secretId = process.env.SECRETKEY_AWS_NAME || 'FlowiseEncryptionKey' |
| 1559 | try { |
| 1560 | const command = new GetSecretValueCommand({ SecretId: secretId }) |
| 1561 | const response = await secretsManagerClient.send(command) |
| 1562 | |
| 1563 | if (response.SecretString) { |
| 1564 | return response.SecretString |
| 1565 | } |
| 1566 | } catch (error: any) { |
| 1567 | if (error.name === 'ResourceNotFoundException') { |
| 1568 | // Secret doesn't exist, create it |
| 1569 | const newKey = generateEncryptKey() |
| 1570 | const createCommand = new CreateSecretCommand({ |
| 1571 | Name: secretId, |
| 1572 | SecretString: newKey |
| 1573 | }) |
| 1574 | await secretsManagerClient.send(createCommand) |
| 1575 | return newKey |
| 1576 | } |
| 1577 | throw error |
| 1578 | } |
| 1579 | } |
| 1580 | try { |
| 1581 | return await fs.promises.readFile(getEncryptionKeyPath(), 'utf8') |
| 1582 | } catch (error) { |
| 1583 | const encryptKey = generateEncryptKey() |
| 1584 | const defaultLocation = process.env.SECRETKEY_PATH |
| 1585 | ? path.join(process.env.SECRETKEY_PATH, 'encryption.key') |
| 1586 | : path.join(getUserHome(), '.flowise', 'encryption.key') |
| 1587 | await fs.promises.writeFile(defaultLocation, encryptKey) |
| 1588 | return encryptKey |
| 1589 | } |
| 1590 | } |
| 1591 | |
| 1592 | /** |
| 1593 | * Encrypt credential data |
no test coverage detected