From c0c10c21a9c453a65c2e52b76a6dc00a9174f846 Mon Sep 17 00:00:00 2001
From: Nathan Coad <nathan@thecoads.com>
Date: Mon, 3 Apr 2023 10:38:53 +1000
Subject: [PATCH] updates

---
 README.md           | 24 ++++++++++++++++++++++++
 controllers/auth.go | 11 ++++++++++-
 models/setup.go     |  4 ++--
 3 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 27a736a..1c7588b 100644
--- a/README.md
+++ b/README.md
@@ -50,3 +50,27 @@ ExecStart=/srv/ccsecrets/ccsecrets
 WantedBy=multi-user.target
 ```
 ## API
+
+### User Operations
+
+#### Register
+POST `/api/admin/register`
+
+This operation can only be performed by a user with a role that is admin enabled.
+
+#### Login
+POST `/api/login`
+
+Data
+```
+'{
+    "UserName": "", 
+    "Password": ""
+}
+```
+
+### Secrets Operations
+
+#### Store
+#### Retrieve
+#### Update
\ No newline at end of file
diff --git a/controllers/auth.go b/controllers/auth.go
index 75d71a0..e1add1e 100644
--- a/controllers/auth.go
+++ b/controllers/auth.go
@@ -16,6 +16,7 @@ import (
 type RegisterInput struct {
 	Username string `json:"username" binding:"required"`
 	Password string `json:"password" binding:"required"`
+	RoleId   int    `json:"roleid"`
 }
 
 type LoginInput struct {
@@ -32,10 +33,18 @@ func Register(c *gin.Context) {
 	}
 
 	u := models.User{}
-	u.RoleId = 1
+	//u.RoleId = 1
 	u.UserName = input.Username
 	u.Password = input.Password
 
+	// Default to regular user role if not specified
+	if input.RoleId == 0 {
+		fmt.Printf("Register no role specified, defaulting to RoleId of 2.\n")
+		u.RoleId = 2
+	} else {
+		u.RoleId = input.RoleId
+	}
+
 	//remove spaces in username
 	u.UserName = html.EscapeString(strings.TrimSpace(u.UserName))
 
diff --git a/models/setup.go b/models/setup.go
index 0a85195..93ab313 100644
--- a/models/setup.go
+++ b/models/setup.go
@@ -109,11 +109,11 @@ func CreateTables() {
 			os.Exit(1)
 		}
 		if _, err = db.Exec("INSERT INTO roles VALUES(2, 'UserRole', false, false);"); err != nil {
-			fmt.Printf("Error adding initial admin role : '%s'", err)
+			fmt.Printf("Error adding initial user role : '%s'", err)
 			os.Exit(1)
 		}
 		if _, err = db.Exec("INSERT INTO roles VALUES(3, 'GuestRole', true, false);"); err != nil {
-			fmt.Printf("Error adding initial admin role : '%s'", err)
+			fmt.Printf("Error adding initial guest role : '%s'", err)
 			os.Exit(1)
 		}
 	}