From 3761d40bf6fa6f3cf07cd3e15a3d29f858a47755 Mon Sep 17 00:00:00 2001
From: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
Date: Wed, 6 Nov 2024 08:47:05 +0100
Subject: [PATCH] feat(crypto): log warning for ephemeral encryption key

---
 pkg/crypto/crypter.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkg/crypto/crypter.go b/pkg/crypto/crypter.go
index aa7ec0c..00e547e 100644
--- a/pkg/crypto/crypter.go
+++ b/pkg/crypto/crypter.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 
 	"github.com/nais/liberator/pkg/keygen"
+	log "github.com/sirupsen/logrus"
 	"golang.org/x/crypto/chacha20poly1305"
 
 	"github.com/nais/wonderwall/pkg/config"
@@ -44,6 +45,7 @@ func EncryptionKeyOrGenerate(cfg *config.Config) ([]byte, error) {
 	}
 
 	if len(key) == 0 {
+		log.Warn("no encryption key was provided, generating a random ephemeral key; sessions will not be able to be decrypted after restart")
 		key, err = keygen.Keygen(KeySize)
 		if err != nil {
 			return nil, fmt.Errorf("generate random encryption key: %w", err)