repos / pico

pico services - prose.sh, pastes.sh, imgs.sh, feeds.sh, pgs.sh
git clone https://github.com/picosh/pico.git
commit
20aaf47
parent
3fb1982
author
Eric Bower
date
2024-03-11 03:01:38 +0000 UTC
chore(pgs): api cleanup
5 files changed,  +36, -25
M db/db.go
M pgs/tunnel.go
M plus/routes.go
M shared/api.go
M shared/util.go
M db/db.go
+0, -6 
 1@@ -28,12 +28,6 @@ type User struct {
 2 	CreatedAt *time.Time `json:"created_at"`
 3 }
 4 
 5-type PicoApi struct {
 6-	UserID    string `json:"user_id"`
 7-	UserName  string `json:"username"`
 8-	PublicKey string `json:"pubkey"`
 9-}
10-
11 type PostData struct {
12 	ImgPath    string     `json:"img_path"`
13 	LastDigest *time.Time `json:"last_digest"`
M pgs/tunnel.go
+1, -9 
 1@@ -78,15 +78,7 @@ func createHttpHandler(httpCtx *shared.HttpCtx) CtxHttpBridge {
 2 			// special API endpoint for tunnel users accessing site
 3 			shared.NewCorsRoute("GET", "/api/current_user", func(w http.ResponseWriter, r *http.Request) {
 4 				w.Header().Set("Content-Type", "application/json")
 5-				pico := &db.PicoApi{
 6-					UserID:    "",
 7-					UserName:  "",
 8-					PublicKey: pubkeyStr,
 9-				}
10-				if requester != nil {
11-					pico.UserID = requester.ID
12-					pico.UserName = requester.Name
13-				}
14+				pico := shared.NewUserApi(requester, pubkey)
15 				err := json.NewEncoder(w).Encode(pico)
16 				if err != nil {
17 					log.Error(err.Error())
M plus/routes.go
+15, -10 
 1@@ -15,7 +15,7 @@ type registerPayload struct {
 2 	Name string `json:"name"`
 3 }
 4 
 5-func registerUser(httpCtx *shared.HttpCtx, ctx ssh.Context, pubkey string) http.HandlerFunc {
 6+func registerUser(httpCtx *shared.HttpCtx, ctx ssh.Context, pubkey ssh.PublicKey, pubkeyStr string) http.HandlerFunc {
 7 	logger := httpCtx.Cfg.Logger
 8 	return func(w http.ResponseWriter, r *http.Request) {
 9 		w.Header().Set("Content-Type", "application/json")
10@@ -24,7 +24,7 @@ func registerUser(httpCtx *shared.HttpCtx, ctx ssh.Context, pubkey string) http.
11 		body, _ := io.ReadAll(r.Body)
12 		_ = json.Unmarshal(body, &payload)
13 
14-		user, err := dbpool.RegisterUser(payload.Name, pubkey)
15+		user, err := dbpool.RegisterUser(payload.Name, pubkeyStr)
16 		if err != nil {
17 			errMsg := fmt.Sprintf("error registering user: %s", err.Error())
18 			logger.Info(errMsg)
19@@ -32,12 +32,8 @@ func registerUser(httpCtx *shared.HttpCtx, ctx ssh.Context, pubkey string) http.
20 			return
21 		}
22 
23-		pico := &db.PicoApi{
24-			UserID:    user.ID,
25-			UserName:  user.Name,
26-			PublicKey: pubkey,
27-		}
28-		err = json.NewEncoder(w).Encode(pico)
29+		picoApi := shared.NewUserApi(user, pubkey)
30+		err = json.NewEncoder(w).Encode(picoApi)
31 		if err != nil {
32 			logger.Error(err.Error())
33 		}
34@@ -128,9 +124,18 @@ func getPublicKeys(httpCtx *shared.HttpCtx, ctx ssh.Context, pubkey string) http
35 			return
36 		}
37 
38+		for _, pk := range pubkeys {
39+			kk, _, _, _, err := ssh.ParseAuthorizedKey([]byte(pk.Key))
40+			if err != nil {
41+				logger.Error("could not parse public key", "err", err.Error())
42+				continue
43+			}
44+			pk.Key = shared.KeyForSha256(kk)
45+		}
46+
47 		err = json.NewEncoder(w).Encode(&pubkeysPayload{Pubkeys: pubkeys})
48 		if err != nil {
49-			logger.Error(err.Error())
50+			logger.Error("json encode", "err", err.Error())
51 		}
52 	}
53 }
54@@ -182,7 +187,7 @@ func CreateRoutes(httpCtx *shared.HttpCtx, ctx ssh.Context) []shared.Route {
55 	}
56 
57 	return []shared.Route{
58-		shared.NewCorsRoute("POST", "/api/users", registerUser(httpCtx, ctx, pubkeyStr)),
59+		shared.NewCorsRoute("POST", "/api/users", registerUser(httpCtx, ctx, pubkey, pubkeyStr)),
60 		shared.NewCorsRoute("GET", "/api/features", getFeatures(httpCtx, ctx, pubkeyStr)),
61 		shared.NewCorsRoute("PUT", "/api/rss-token", findOrCreateRssToken(httpCtx, ctx, pubkeyStr)),
62 		shared.NewCorsRoute("GET", "/api/pubkeys", getPublicKeys(httpCtx, ctx, pubkeyStr)),
M shared/api.go
+15, -0 
 1@@ -7,6 +7,9 @@ import (
 2 	"net/http"
 3 	"os"
 4 	"strings"
 5+
 6+	"github.com/charmbracelet/ssh"
 7+	"github.com/picosh/pico/db"
 8 )
 9 
10 func CorsHeaders(w http.ResponseWriter) {
11@@ -33,6 +36,18 @@ func JSONError(w http.ResponseWriter, msg string, code int) {
12 	_ = json.NewEncoder(w).Encode(errPayload{Message: msg})
13 }
14 
15+type UserApi struct {
16+	*db.User
17+	Fingerprint string `json:"fingerprint"`
18+}
19+
20+func NewUserApi(user *db.User, pubkey ssh.PublicKey) *UserApi {
21+	return &UserApi{
22+		User:        user,
23+		Fingerprint: KeyForSha256(pubkey),
24+	}
25+}
26+
27 func CheckHandler(w http.ResponseWriter, r *http.Request) {
28 	dbpool := GetDB(r)
29 	cfg := GetCfg(r)
M shared/util.go
+5, -0 
 1@@ -18,6 +18,7 @@ import (
 2 	"slices"
 3 
 4 	"github.com/charmbracelet/ssh"
 5+	gossh "golang.org/x/crypto/ssh"
 6 )
 7 
 8 var fnameRe = regexp.MustCompile(`[-_]+`)
 9@@ -66,6 +67,10 @@ func KeyForKeyText(pk ssh.PublicKey) (string, error) {
10 	return fmt.Sprintf("%s %s", pk.Type(), kb), nil
11 }
12 
13+func KeyForSha256(pk ssh.PublicKey) string {
14+	return gossh.FingerprintSHA256(pk)
15+}
16+
17 func GetEnv(key string, defaultVal string) string {
18 	if value, exists := os.LookupEnv(key); exists {
19 		return value