From 109d644ad863fba1f0dd0402ce2fe2ed2d369b29 Mon Sep 17 00:00:00 2001
From: Saeed Vaziry <61919774+saeedvaziry@users.noreply.github.com>
Date: Tue, 18 Jun 2024 22:22:17 +0330
Subject: [PATCH] Validate APP_KEY on initializing with Docker (#240)

---
 docker/start.sh | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/docker/start.sh b/docker/start.sh
index 634d0f9..5a8534b 100644
--- a/docker/start.sh
+++ b/docker/start.sh
@@ -5,6 +5,39 @@ NAME=${NAME:-"vito"}
 EMAIL=${EMAIL:-"vito@vitodeploy.com"}
 PASSWORD=${PASSWORD:-"password"}
 
+# Function to check if a string is 32 characters long
+check_length() {
+    local key=$1
+    if [ ${#key} -ne 32 ]; then
+        echo "Invalid APP_KEY"
+        exit 1
+    fi
+}
+
+# Check if APP_KEY is set
+if [ -z "$APP_KEY" ]; then
+    echo "APP_KEY is not set"
+    exit 1
+fi
+
+# Check if APP_KEY starts with 'base64:'
+if [[ $APP_KEY == base64:* ]]; then
+    # Remove 'base64:' prefix and decode the base64 string
+    decoded_key=$(echo "${APP_KEY:7}" | base64 --decode 2>/dev/null)
+
+    # Check if decoding was successful
+    if [ $? -ne 0 ]; then
+        echo "Invalid APP_KEY base64 encoding"
+        exit 1
+    fi
+
+    # Check the length of the decoded key
+    check_length "$decoded_key"
+else
+    # Check the length of the raw APP_KEY
+    check_length "$APP_KEY"
+fi
+
 # check if the flag file does not exist, indicating a first run
 if [ ! -f "$INIT_FLAG" ]; then
     echo "Initializing..."