start work on adding secrets

2023-03-31 16:59:38 +11:00
parent 8135c49e7f
commit 7184eba5f3
6 changed files with 75 additions and 23 deletions
--- a/controllers/retrieve_secrets.go
+++ b/controllers/retrieve_secrets.go
@@ -7,7 +7,8 @@ import (
 )

 type RetrieveInput struct {
-	DeviceName string `json:"deviceName" binding:"required"`
+	DeviceName     string `json:"deviceName"`
+	DeviceCategory string `json:"deviceCategory"`
 }

 func Retrieve(c *gin.Context) {
--- a/controllers/store_secrets.go
+++ b/controllers/store_secrets.go
@@ -1,6 +1,8 @@
 package controllers

 import (
+	"ccsecrets/models"
+	"fmt"
 	"net/http"

 	"github.com/gin-gonic/gin"
@@ -8,17 +10,46 @@ import (

 // bindings are validated by https://github.com/go-playground/validator
 type StoreInput struct {
-	RoleId      int    `json:"roleId"`
-	DeviceName  string `json:"deviceName" binding:"required"`
-	UserName    string `json:"userName" binding:"required"`
-	SecretValue string `json:"secretValue" binding:"required"`
+	RoleId         int    `json:"roleId"`
+	DeviceName     string `json:"deviceName"`
+	DeviceCategory string `json:"devicCategory"`
+	UserName       string `json:"userName" binding:"required"`
+	SecretValue    string `json:"secretValue" binding:"required"`
 }

-func Store(c *gin.Context) {
-	var input RetrieveInput
+func StoreSecret(c *gin.Context) {
+	var err error
+	var input StoreInput

 	if err := c.ShouldBindJSON(&input); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
+
+	fmt.Printf("StoreSecret received JSON input '%v'\n", input)
+
+	// Populate fields
+	s := models.Secret{}
+	s.UserName = input.UserName
+	s.DeviceName = input.DeviceName
+	s.DeviceCategory = input.DeviceCategory
+
+	// Default role ID is 1 if not defined
+	if input.RoleId != 0 {
+		s.RoleId = input.RoleId
+	} else {
+		s.RoleId = 1
+	}
+
+	// Encrypt secret
+	s.Secret = input.SecretValue
+
+	_, err = s.SaveSecret()
+
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"Error saving secret": err.Error()})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"message": "secret stored successfully"})
 }
--- a/main.go
+++ b/main.go
@@ -47,7 +47,7 @@ func main() {
 	protected := router.Group("/api/secret")
 	protected.Use(middlewares.JwtAuthMiddleware())
 	protected.GET("/retrieve", controllers.Retrieve)
-	protected.POST("/store", controllers.Store)
+	protected.POST("/store", controllers.StoreSecret)

 	// Initializing the server in a goroutine so that
 	// it won't block the graceful shutdown handling below
--- a/models/secret.go
+++ b/models/secret.go
@@ -1,8 +1,31 @@
 package models

+import "fmt"
+
 type Secret struct {
-	SecretId   int    `db:"SecretId"`
-	RoleId     int    `db:"RoleId"`
-	DeviceName string `db:"DeviceName"`
-	Secret     string `db:"Secret"`
+	SecretId       int    `db:"SecretId"`
+	RoleId         int    `db:"RoleId"`
+	DeviceName     string `db:"DeviceName"`
+	DeviceCategory string `db:"DeviceCategory"`
+	UserName       string `db:"UserName"`
+	Secret         string `db:"Secret"`
+}
+
+func (s *Secret) SaveSecret() (*Secret, error) {
+
+	var err error
+
+	fmt.Printf("SaveSecret storing values '%v'\n", s)
+	result, err := db.NamedExec((`INSERT INTO secrets (RoleId, DeviceName, DeviceCategory, UserName, Secret) VALUES (:RoleId, :DeviceName, :DeviceCategory, :UserName, :Secret)`), s)
+
+	if err != nil {
+		fmt.Printf("StoreSecret error executing sql record : '%s'\n", err)
+		return &Secret{}, err
+	} else {
+		affected, _ := result.RowsAffected()
+		id, _ := result.LastInsertId()
+		fmt.Printf("StoreSecret insert returned result id '%d' affecting %d row(s).\n", id, affected)
+	}
+
+	return s, nil
 }
--- a/models/setup.go
+++ b/models/setup.go
@@ -35,7 +35,6 @@ const createUsers string = `
 		RoleId INTEGER,
 		UserName VARCHAR,
 		Password VARCHAR,
-		AccessToken varchar,
 		FOREIGN KEY (RoleId) REFERENCES roles(RoleId)
 	);
 `
@@ -45,6 +44,7 @@ const createSecrets string = `
 		SecretId INTEGER PRIMARY KEY ASC,
 		RoleId INTEGER,
 		DeviceName VARCHAR,
+		DeviceCategory VARCHAR,
 		UserName VARCHAR,
 		Secret VARCHAR,
 		FOREIGN KEY (RoleId) REFERENCES roles(RoleId)
@@ -124,7 +124,7 @@ func CreateTables() {
 	}
 	rowCount, _ = CheckCount("users")
 	if rowCount == 0 {
-		if _, err = db.Exec("INSERT INTO users VALUES(1, 1, 'Administrator', '$2a$10$k1qldm.bWqZsQWrKPdahR.Pfz5LxkMUka2.8INEeSD7euzkiznIR.', 'token');"); err != nil {
+		if _, err = db.Exec("INSERT INTO users VALUES(1, 1, 'Administrator', '$2a$10$k1qldm.bWqZsQWrKPdahR.Pfz5LxkMUka2.8INEeSD7euzkiznIR.');"); err != nil {
 			fmt.Printf("Error adding initial admin role : '%s'", err)
 			os.Exit(1)
 		}
--- a/models/user.go
+++ b/models/user.go
@@ -9,11 +9,10 @@ import (
 )

 type User struct {
-	UserId      int    `db:"UserId"`
-	RoleId      int    `db:"RoleId"`
-	UserName    string `db:"UserName"`
-	Password    string `db:"Password"`
-	AccessToken string `db:"AccessToken"`
+	UserId   int    `db:"UserId"`
+	RoleId   int    `db:"RoleId"`
+	UserName string `db:"UserName"`
+	Password string `db:"Password"`
 }

 type UserRole struct {
@@ -27,7 +26,7 @@ func (u *User) SaveUser() (*User, error) {

 	var err error

-	result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password, AccessToken) VALUES (:RoleId, :UserName, :Password, :AccessToken)`), u)
+	result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password) VALUES (:RoleId, :UserName, :Password)`), u)

 	if err != nil {
 		fmt.Printf("SaveUser error executing sql record : '%s'\n", err)
@@ -57,8 +56,6 @@ func LoginCheck(username string, password string) (string, error) {

 	fmt.Printf("LoginCheck retrieved user '%v' from database\n", u)

-	//err = DB.Model(User{}).Where("username = ?", username).Take(&u).Error
-
 	if err != nil {
 		return "", err
 	}
@@ -109,7 +106,7 @@ func GetUserRoleByID(uid uint) (UserRole, error) {

 	// Query database for matching user object
 	fmt.Printf("GetUserRoleByID querying for userid '%d'\n", uid)
-	err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, users.AccessToken, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur)
+	err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur)
 	if err != nil {
 		fmt.Printf("GetUserRoleByID received error when querying database : '%s'\n", err)
 		return ur, errors.New("GetUserRoleByID user not found")