150 lines
3.4 KiB
Go
150 lines
3.4 KiB
Go
package app
|
|
|
|
import (
|
|
"maxwarden/entries"
|
|
"maxwarden/security"
|
|
. "maxwarden/ui"
|
|
"maxwarden/users"
|
|
|
|
. "maragu.dev/gomponents"
|
|
. "maragu.dev/gomponents/html"
|
|
|
|
"maxwarden/middleware"
|
|
"net/http"
|
|
)
|
|
|
|
const (
|
|
EDITOR_TYPE_EDIT = iota
|
|
EDITOR_TYPE_ADD = iota
|
|
)
|
|
|
|
func EditorHandler(w http.ResponseWriter, r *http.Request) {
|
|
identity := middleware.GetIdentity(r)
|
|
session := middleware.GetSession(r)
|
|
|
|
var editorType int
|
|
var title string
|
|
var btnLabel string
|
|
|
|
if r.URL.Path == "/app/editor/add" {
|
|
editorType = EDITOR_TYPE_ADD
|
|
title = "Add Credentials"
|
|
btnLabel = "Add"
|
|
} else {
|
|
editorType = EDITOR_TYPE_EDIT
|
|
title = "Edit Credentials"
|
|
btnLabel = "Save"
|
|
}
|
|
|
|
var secret entries.Secret
|
|
|
|
if r.Method == http.MethodGet {
|
|
if editorType == EDITOR_TYPE_EDIT {
|
|
id := r.PathValue("id")
|
|
|
|
secret, _ = entries.FetchSecretFromID(identity.UserID, identity.MasterKey, id)
|
|
}
|
|
}
|
|
|
|
if r.Method == http.MethodPost {
|
|
r.ParseForm()
|
|
|
|
desc := r.FormValue("description")
|
|
notes := r.FormValue("notes")
|
|
username := r.FormValue("un")
|
|
password := r.FormValue("pas")
|
|
url := r.FormValue("url")
|
|
|
|
secret = entries.Secret{
|
|
Description: desc,
|
|
URL: url,
|
|
Notes: notes,
|
|
Password: password,
|
|
Username: username,
|
|
}
|
|
|
|
user, _ := users.FetchById(identity.UserID)
|
|
|
|
// Get current secret store
|
|
secrets, _ := security.DecryptDataWithKey[[]entries.Secret](user.Data, identity.MasterKey)
|
|
|
|
if secrets == nil {
|
|
http.Redirect(w, r, "/app", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
if editorType == EDITOR_TYPE_ADD {
|
|
secret.ID = security.RandBase58String(32)
|
|
*secrets = append(*secrets, secret)
|
|
} else {
|
|
secret.ID = r.PathValue("id")
|
|
|
|
// linear search and replace
|
|
for i, v := range *secrets {
|
|
if v.ID == secret.ID {
|
|
(*secrets)[i] = secret
|
|
}
|
|
}
|
|
}
|
|
|
|
// Serialize and encrypt modified store using master key
|
|
enc, _ := security.EncryptDataWithKey(secrets, identity.MasterKey)
|
|
|
|
user.Data = enc
|
|
|
|
users.Update(user)
|
|
|
|
http.Redirect(w, r, "/app", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
AppLayout(title, *identity, session,
|
|
If(editorType == EDITOR_TYPE_EDIT,
|
|
Group{
|
|
Modal(
|
|
"warning_popup",
|
|
Text("Warning!"),
|
|
Text("Are you sure you want to delete this entry? This action cannot be undone."),
|
|
[]Node{
|
|
A(Href("/app/delete/" + secret.ID), ButtonUIDanger(Text("Delete"))),
|
|
ButtonUIOutline(ModalCloser(), Text("Close")),
|
|
},
|
|
),
|
|
Div(
|
|
InlineStyle("$me { display: flex; flex-direction: row-reverse; align-items: center; }"),
|
|
ModalActuator("warning_popup", ButtonUIDanger(Text("Delete"))),
|
|
),
|
|
},
|
|
),
|
|
Form(
|
|
AutoComplete("off"),
|
|
Method("POST"),
|
|
FormLabel(Text("Description")),
|
|
FormInput(Type("text"), Name("description"), Value(secret.Description)),
|
|
Br(),
|
|
|
|
FormLabel(Text("Username")),
|
|
FormInput(Type("text"), Name("un"), Value(secret.Username)),
|
|
Br(),
|
|
|
|
FormLabel(Text("Password")),
|
|
FormInput(Type("password"), Name("pas"), Value(secret.Password)),
|
|
Br(),
|
|
|
|
FormLabel(Text("URL")),
|
|
FormInput(Type("text"), Name("url"), Value(secret.URL)),
|
|
Br(),
|
|
|
|
FormLabel(Text("Additional Notes")),
|
|
FormTextarea(InlineStyle("$me { height: $32; font-family: var(--font-mono); }"), Name("notes"), Text(secret.Notes)),
|
|
Br(),
|
|
|
|
Div(
|
|
InlineStyle("$me { display: flex; flex-direction: row; align-items: center; gap: $4; }"),
|
|
ButtonUISuccess(Text(btnLabel), Type("submit")),
|
|
A(Href("/app"), ButtonUIOutline(Text("Close"), Type("button"))),
|
|
),
|
|
),
|
|
).Render(w)
|
|
}
|