nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

start work on adding secrets

Browse Source
This commit is contained in:
Nathan Coad
2023-03-31 16:59:38 +11:00
parent 8135c49e7f
commit 7184eba5f3
6 changed files with 75 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
controllers/retrieve_secrets.go
View File

@@ -7,7 +7,8 @@ import (
) )
type RetrieveInput struct { type RetrieveInput struct {
DeviceName string `json:"deviceName" binding:"required"` DeviceName string `json:"deviceName"`
DeviceCategory string `json:"deviceCategory"`
} }
func Retrieve(c *gin.Context) { func Retrieve(c *gin.Context) {

43
controllers/store_secrets.go
View File

@@ -1,6 +1,8 @@
package controllers package controllers
import ( import (
"ccsecrets/models"
"fmt"
"net/http" "net/http"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
@@ -8,17 +10,46 @@ import (
// bindings are validated by https://github.com/go-playground/validator // bindings are validated by https://github.com/go-playground/validator
type StoreInput struct { type StoreInput struct {
RoleId int `json:"roleId"` RoleId int `json:"roleId"`
DeviceName string `json:"deviceName" binding:"required"` DeviceName string `json:"deviceName"`
UserName string `json:"userName" binding:"required"` DeviceCategory string `json:"devicCategory"`
SecretValue string `json:"secretValue" binding:"required"` UserName string `json:"userName" binding:"required"`
SecretValue string `json:"secretValue" binding:"required"`
} }
func Store(c *gin.Context) { func StoreSecret(c *gin.Context) {
var input RetrieveInput var err error
var input StoreInput
if err := c.ShouldBindJSON(&input); err != nil { if err := c.ShouldBindJSON(&input); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return return
} }
fmt.Printf("StoreSecret received JSON input '%v'\n", input)
// Populate fields
s := models.Secret{}
s.UserName = input.UserName
s.DeviceName = input.DeviceName
s.DeviceCategory = input.DeviceCategory
// Default role ID is 1 if not defined
if input.RoleId != 0 {
s.RoleId = input.RoleId
} else {
s.RoleId = 1
}
// Encrypt secret
s.Secret = input.SecretValue
_, err = s.SaveSecret()
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"Error saving secret": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{"message": "secret stored successfully"})
} }

2
main.go
View File

@@ -47,7 +47,7 @@ func main() {
protected := router.Group("/api/secret") protected := router.Group("/api/secret")
protected.Use(middlewares.JwtAuthMiddleware()) protected.Use(middlewares.JwtAuthMiddleware())
protected.GET("/retrieve", controllers.Retrieve) protected.GET("/retrieve", controllers.Retrieve)
protected.POST("/store", controllers.Store) protected.POST("/store", controllers.StoreSecret)
// Initializing the server in a goroutine so that // Initializing the server in a goroutine so that
// it won't block the graceful shutdown handling below // it won't block the graceful shutdown handling below

31
models/secret.go
View File

@@ -1,8 +1,31 @@
package models package models
import "fmt"
type Secret struct { type Secret struct {
SecretId int `db:"SecretId"` SecretId int `db:"SecretId"`
RoleId int `db:"RoleId"` RoleId int `db:"RoleId"`
DeviceName string `db:"DeviceName"` DeviceName string `db:"DeviceName"`
Secret string `db:"Secret"` DeviceCategory string `db:"DeviceCategory"`
UserName string `db:"UserName"`
Secret string `db:"Secret"`
}
func (s *Secret) SaveSecret() (*Secret, error) {
var err error
fmt.Printf("SaveSecret storing values '%v'\n", s)
result, err := db.NamedExec((`INSERT INTO secrets (RoleId, DeviceName, DeviceCategory, UserName, Secret) VALUES (:RoleId, :DeviceName, :DeviceCategory, :UserName, :Secret)`), s)
if err != nil {
fmt.Printf("StoreSecret error executing sql record : '%s'\n", err)
return &Secret{}, err
} else {
affected, _ := result.RowsAffected()
id, _ := result.LastInsertId()
fmt.Printf("StoreSecret insert returned result id '%d' affecting %d row(s).\n", id, affected)
}
return s, nil
} }

4
models/setup.go
View File

@@ -35,7 +35,6 @@ const createUsers string = `
RoleId INTEGER, RoleId INTEGER,
UserName VARCHAR, UserName VARCHAR,
Password VARCHAR, Password VARCHAR,
AccessToken varchar,
FOREIGN KEY (RoleId) REFERENCES roles(RoleId) FOREIGN KEY (RoleId) REFERENCES roles(RoleId)
); );
` `
@@ -45,6 +44,7 @@ const createSecrets string = `
SecretId INTEGER PRIMARY KEY ASC, SecretId INTEGER PRIMARY KEY ASC,
RoleId INTEGER, RoleId INTEGER,
DeviceName VARCHAR, DeviceName VARCHAR,
DeviceCategory VARCHAR,
UserName VARCHAR, UserName VARCHAR,
Secret VARCHAR, Secret VARCHAR,
FOREIGN KEY (RoleId) REFERENCES roles(RoleId) FOREIGN KEY (RoleId) REFERENCES roles(RoleId)
@@ -124,7 +124,7 @@ func CreateTables() {
} }
rowCount, _ = CheckCount("users") rowCount, _ = CheckCount("users")
if rowCount == 0 { if rowCount == 0 {
if _, err = db.Exec("INSERT INTO users VALUES(1, 1, 'Administrator', '$2a$10$k1qldm.bWqZsQWrKPdahR.Pfz5LxkMUka2.8INEeSD7euzkiznIR.', 'token');"); err != nil { if _, err = db.Exec("INSERT INTO users VALUES(1, 1, 'Administrator', '$2a$10$k1qldm.bWqZsQWrKPdahR.Pfz5LxkMUka2.8INEeSD7euzkiznIR.');"); err != nil {
fmt.Printf("Error adding initial admin role : '%s'", err) fmt.Printf("Error adding initial admin role : '%s'", err)
os.Exit(1) os.Exit(1)
} }

15
models/user.go
View File

@@ -9,11 +9,10 @@ import (
) )
type User struct { type User struct {
UserId int `db:"UserId"` UserId int `db:"UserId"`
RoleId int `db:"RoleId"` RoleId int `db:"RoleId"`
UserName string `db:"UserName"` UserName string `db:"UserName"`
Password string `db:"Password"` Password string `db:"Password"`
AccessToken string `db:"AccessToken"`
} }
type UserRole struct { type UserRole struct {
@@ -27,7 +26,7 @@ func (u *User) SaveUser() (*User, error) {
var err error var err error
result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password, AccessToken) VALUES (:RoleId, :UserName, :Password, :AccessToken)`), u) result, err := db.NamedExec((`INSERT INTO users (RoleId, UserName, Password) VALUES (:RoleId, :UserName, :Password)`), u)
if err != nil { if err != nil {
fmt.Printf("SaveUser error executing sql record : '%s'\n", err) fmt.Printf("SaveUser error executing sql record : '%s'\n", err)
@@ -57,8 +56,6 @@ func LoginCheck(username string, password string) (string, error) {
fmt.Printf("LoginCheck retrieved user '%v' from database\n", u) fmt.Printf("LoginCheck retrieved user '%v' from database\n", u)
//err = DB.Model(User{}).Where("username = ?", username).Take(&u).Error
if err != nil { if err != nil {
return "", err return "", err
} }
@@ -109,7 +106,7 @@ func GetUserRoleByID(uid uint) (UserRole, error) {
// Query database for matching user object // Query database for matching user object
fmt.Printf("GetUserRoleByID querying for userid '%d'\n", uid) fmt.Printf("GetUserRoleByID querying for userid '%d'\n", uid)
err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, users.AccessToken, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur) err := db.QueryRowx("SELECT users.UserId, users.RoleId, users.UserName, users.Password, roles.RoleName, roles.ReadOnly, roles.Admin FROM users INNER JOIN roles ON users.RoleId = roles.RoleId WHERE users.UserId=?", uid).StructScan(&ur)
if err != nil { if err != nil {
fmt.Printf("GetUserRoleByID received error when querying database : '%s'\n", err) fmt.Printf("GetUserRoleByID received error when querying database : '%s'\n", err)
return ur, errors.New("GetUserRoleByID user not found") return ur, errors.New("GetUserRoleByID user not found")