From 677269d4fca5ba081a2a7d6e2a56431c614b022a Mon Sep 17 00:00:00 2001
From: Minecon724 <git@m724.eu>
Date: Sun, 25 Aug 2024 13:31:14 +0200
Subject: [PATCH] make it secure

---
 src/main/java/eu/m724/Startup.java | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/main/java/eu/m724/Startup.java b/src/main/java/eu/m724/Startup.java
index 2e37ea4..e3d3bf2 100644
--- a/src/main/java/eu/m724/Startup.java
+++ b/src/main/java/eu/m724/Startup.java
@@ -1,20 +1,35 @@
 package eu.m724;
 
 import eu.m724.orm.Token;
+import io.quarkus.runtime.LaunchMode;
 import io.quarkus.runtime.StartupEvent;
 import jakarta.enterprise.event.Observes;
+import jakarta.inject.Inject;
 import jakarta.inject.Singleton;
 import jakarta.transaction.Transactional;
 
+import java.security.SecureRandom;
 import java.util.Base64;
 
 @Singleton
 public class Startup {
+    @Inject
+    LaunchMode launchMode;
+
     @Transactional
     public void loadUsers(@Observes StartupEvent ignoredEvent) {
         GlobalAccessLimits.initialize();
         Token.deleteAll();
         byte[] adminKey = new byte[18];
+        System.out.printf("Launch mode: %s\n", launchMode.toString());
+
+        if (launchMode == LaunchMode.NORMAL) {
+            System.out.println("Admin token is random");
+            new SecureRandom().nextBytes(adminKey);
+        } else {
+            // I don't know, but let it be
+            System.out.println("\n  IF THIS IS RUNNING IN PRODUCTION, stop this program now and ask for help.\n");
+        }
 
         Token token = new Token();
         token.accessLimits = GlobalAccessLimits.kilo;