Obfuscate admin page url

4 years ago · 89b3ea6e4f
parent 5367470daa
commit 89b3ea6e4f
2 changed files with 8 additions and 1 deletions
--- a/apiserver/apiserver/secrets.py.example
+++ b/apiserver/apiserver/secrets.py.example
@ -1,5 +1,11 @@
 # Spaceport secrets file, don't commit to version control!

+# /admin/ route obfuscation
+# Set this to random characters
+# For example, use the output of this:
+# head /dev/urandom | base32 | head -c 16
+ADMIN_RANDOM = ''
+
 # /ipn/ route obfuscation
 # Set this to random characters
 # For example, use the output of this:
--- a/apiserver/apiserver/urls.py
+++ b/apiserver/apiserver/urls.py
@ -7,6 +7,7 @@ from .api import views
 from . import secrets

 IPN_ROUTE = r'^ipn/{}/'.format(secrets.IPN_RANDOM)
+ADMIN_ROUTE = '{}/admin/'.format(secrets.ADMIN_RANDOM)

 router = routers.DefaultRouter()
 router.register(r'door', views.DoorViewSet, basename='door')
@ -26,7 +27,7 @@ router.register(r'charts/signupcount', views.SignupCountViewSet, basename='signu

 urlpatterns = [
    path('', include(router.urls)),
-    path('admin/', admin.site.urls),
+    path(ADMIN_ROUTE, admin.site.urls),
    path('api-auth/', include('rest_framework.urls')),
    url(r'^rest-auth/', include('rest_auth.urls')),
    url(r'^registration/', views.RegistrationView.as_view(), name='rest_name_register'),