test loading secret key
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
6
controllers/unlock.go
Normal file
6
controllers/unlock.go
Normal file
@@ -0,0 +1,6 @@
|
|||||||
|
package controllers
|
||||||
|
|
||||||
|
import "github.com/gin-gonic/gin"
|
||||||
|
|
||||||
|
func Unlock(c *gin.Context) {
|
||||||
|
}
|
||||||
9
main.go
9
main.go
@@ -23,6 +23,8 @@ import (
|
|||||||
var sha1ver string // sha1 revision used to build the program
|
var sha1ver string // sha1 revision used to build the program
|
||||||
var buildTime string // when the executable was built
|
var buildTime string // when the executable was built
|
||||||
|
|
||||||
|
var keyString string
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
|
||||||
// Load data from environment file
|
// Load data from environment file
|
||||||
@@ -47,9 +49,15 @@ func main() {
|
|||||||
log.SetOutput(logfileWriter)
|
log.SetOutput(logfileWriter)
|
||||||
log.Printf("SMT starting execution. Built on %s from sha1 %s\n", buildTime, sha1ver)
|
log.Printf("SMT starting execution. Built on %s from sha1 %s\n", buildTime, sha1ver)
|
||||||
|
|
||||||
|
// Set secrets key from .env file
|
||||||
|
keyString = os.Getenv("SECRETS_KEY")
|
||||||
|
|
||||||
// Initiate connection to sqlite and make sure our schema is up to date
|
// Initiate connection to sqlite and make sure our schema is up to date
|
||||||
models.ConnectDatabase()
|
models.ConnectDatabase()
|
||||||
|
|
||||||
|
// let the models package know our secrets key
|
||||||
|
models.LoadSecretKey(keyString)
|
||||||
|
|
||||||
// Create context that listens for the interrupt signal from the OS.
|
// Create context that listens for the interrupt signal from the OS.
|
||||||
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
|
||||||
defer stop()
|
defer stop()
|
||||||
@@ -136,6 +144,7 @@ func main() {
|
|||||||
// Register our routes
|
// Register our routes
|
||||||
public := router.Group("/api")
|
public := router.Group("/api")
|
||||||
public.POST("/login", controllers.Login)
|
public.POST("/login", controllers.Login)
|
||||||
|
public.POST("/unlock", controllers.Unlock)
|
||||||
|
|
||||||
// API calls that only an administrator can make
|
// API calls that only an administrator can make
|
||||||
adminOnly := router.Group("/api/admin")
|
adminOnly := router.Group("/api/admin")
|
||||||
|
|||||||
12
models/db_unlock.go
Normal file
12
models/db_unlock.go
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
package models
|
||||||
|
|
||||||
|
type Unlock struct {
|
||||||
|
SecretsKey string `json:"secrets"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (u *Unlock) UnlockSecrets() (*Unlock, error) {
|
||||||
|
|
||||||
|
// Receive secrets key and store in memory somehow
|
||||||
|
|
||||||
|
return u, nil
|
||||||
|
}
|
||||||
@@ -8,7 +8,6 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"io"
|
"io"
|
||||||
"log"
|
"log"
|
||||||
"os"
|
|
||||||
|
|
||||||
"github.com/jmoiron/sqlx"
|
"github.com/jmoiron/sqlx"
|
||||||
)
|
)
|
||||||
@@ -156,7 +155,9 @@ func (s *Secret) UpdateSecret() (*Secret, error) {
|
|||||||
|
|
||||||
func (s *Secret) EncryptSecret() (*Secret, error) {
|
func (s *Secret) EncryptSecret() (*Secret, error) {
|
||||||
|
|
||||||
keyString := os.Getenv("SECRETS_KEY")
|
//keyString := os.Getenv("SECRETS_KEY")
|
||||||
|
keyString := secretKey
|
||||||
|
|
||||||
// The key argument should be the AES key, either 16 or 32 bytes
|
// The key argument should be the AES key, either 16 or 32 bytes
|
||||||
// to select AES-128 or AES-256.
|
// to select AES-128 or AES-256.
|
||||||
key := []byte(keyString)
|
key := []byte(keyString)
|
||||||
@@ -203,7 +204,9 @@ func (s *Secret) EncryptSecret() (*Secret, error) {
|
|||||||
func (s *Secret) DecryptSecret() (*Secret, error) {
|
func (s *Secret) DecryptSecret() (*Secret, error) {
|
||||||
// The key argument should be the AES key, either 16 or 32 bytes
|
// The key argument should be the AES key, either 16 or 32 bytes
|
||||||
// to select AES-128 or AES-256.
|
// to select AES-128 or AES-256.
|
||||||
keyString := os.Getenv("SECRETS_KEY")
|
//keyString := os.Getenv("SECRETS_KEY")
|
||||||
|
keyString := secretKey
|
||||||
|
|
||||||
key := []byte(keyString)
|
key := []byte(keyString)
|
||||||
|
|
||||||
if len(s.Secret) < nonceSize {
|
if len(s.Secret) < nonceSize {
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var db *sqlx.DB
|
var db *sqlx.DB
|
||||||
|
var secretKey string
|
||||||
|
|
||||||
const (
|
const (
|
||||||
sqlFile = "smt.db"
|
sqlFile = "smt.db"
|
||||||
@@ -80,6 +81,11 @@ func ConnectDatabase() {
|
|||||||
//defer db.Close()
|
//defer db.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func LoadSecretKey(key string) {
|
||||||
|
// Store the secret key so that we can access it when encrypting/decrypting
|
||||||
|
secretKey = key
|
||||||
|
}
|
||||||
|
|
||||||
func DisconnectDatabase() {
|
func DisconnectDatabase() {
|
||||||
log.Printf("DisconnectDatabase called")
|
log.Printf("DisconnectDatabase called")
|
||||||
defer db.Close()
|
defer db.Close()
|
||||||
|
|||||||
Reference in New Issue
Block a user