Improved the way we inject Passphrase

MyJetTools · Nov 26, 2024 · 467d626 · 467d626
1 parent f8d0651
commit 467d626
Show file tree

Hide file tree

Showing 9 changed files with 106 additions and 63 deletions.
diff --git a/src/main.rs b/src/main.rs
@@ -77,12 +77,10 @@ fn ActiveApp() -> Element {
 
     let main_state_read_access = main_state.read();
 
-    if let Some(ssh_cert_prompt) = main_state_read_access.prompt_ssh_cert {
-        if ssh_cert_prompt {
-            return rsx! {
-                EnterCert {}
-            };
-        }
+    if main_state_read_access.ssh_pass_key_promt {
+        return rsx! {
+            EnterCert {}
+        };
     }
 
     rsx! {
@@ -100,6 +98,6 @@ pub async fn get_envs() -> Result<GetEnvsModel, ServerFnError> {
 
     Ok(GetEnvsModel {
         envs: result.envs.keys().cloned().collect(),
-        ssh_cert_prompt: result.ssh_cert_prompt,
+        ssh_pass_key_promt: result.ssh_pass_key_promt.unwrap_or(false),
     })
 }
diff --git a/src/main_state.rs b/src/main_state.rs
@@ -7,7 +7,7 @@ use crate::models::{AppVersionsHttpModel, GetEnvsModel};
 pub struct MainState {
     pub selected_env: Rc<String>,
     pub envs: Option<Vec<Rc<String>>>,
-    pub prompt_ssh_cert: Option<bool>,
+    pub ssh_pass_key_promt: bool,
     pub data: DataState<AppVersionsHttpModel>,
 }
 
@@ -18,7 +18,7 @@ impl MainState {
             selected_env: Rc::new(selected_env),
             envs: None,
             data: DataState::new(),
-            prompt_ssh_cert: None,
+            ssh_pass_key_promt: false,
         }
     }
 
@@ -40,7 +40,7 @@ impl MainState {
             self.selected_env = envs.first().unwrap().clone();
         }
 
-        self.prompt_ssh_cert = Some(model.ssh_cert_prompt);
+        self.ssh_pass_key_promt = model.ssh_pass_key_promt;
 
         self.envs = Some(envs);
     }

diff --git a/src/models/get_envs_model.rs b/src/models/get_envs_model.rs
@@ -3,5 +3,5 @@ use serde::{Deserialize, Serialize};
 #[derive(Serialize, Deserialize, Debug)]
 pub struct GetEnvsModel {
     pub envs: Vec<String>,
-    pub ssh_cert_prompt: bool,
+    pub ssh_pass_key_promt: bool,
 }
diff --git a/src/server/app_ctx/app_ctx.rs b/src/server/app_ctx/app_ctx.rs
@@ -3,21 +3,49 @@ use flurl::FlUrl;
 use my_settings_reader::SettingsReader;
 use tokio::sync::Mutex;
 
-pub struct SshCertificate {
-    pub private_key: String,
-    pub pass_phrase: String,
-}
+use super::{CertData, SshPrivateKeyCache};
 
 pub struct AppContext {
     pub settings_reader: SettingsReader<SettingsModel>,
-    pub cert: Mutex<Option<SshCertificate>>,
+    pub ssh_private_key: Mutex<Option<SshPrivateKeyCache>>,
 }
 
 impl AppContext {
     pub fn new() -> Self {
         Self {
             settings_reader: SettingsReader::new("~/.versions-control-ui"),
-            cert: Mutex::new(None),
+            ssh_private_key: Mutex::new(None),
+        }
+    }
+
+    pub async fn post_ssh_pass_phrase(&self, pass_phrase: Option<String>) {
+        let mut ssh_private_key = self.ssh_private_key.lock().await;
+
+        if let Some(ssh_private_key) = &mut *ssh_private_key {
+            ssh_private_key.set_ssh_pass_phrase(pass_phrase);
+            return;
+        }
+
+        let path = self
+            .settings_reader
+            .get(|settings| settings.ssh_private_key_path.clone())
+            .await;
+        *ssh_private_key = Some(SshPrivateKeyCache::new(path, pass_phrase).await);
+    }
+
+    async fn get_ssh_private_key(&self) -> Option<CertData> {
+        let mut ssh_private_key = self.ssh_private_key.lock().await;
+
+        loop {
+            if let Some(ssh_private_key) = &*ssh_private_key {
+                return ssh_private_key.get_cert_data();
+            }
+
+            let path = self
+                .settings_reader
+                .get(|settings| settings.ssh_private_key_path.clone())
+                .await;
+            *ssh_private_key = Some(SshPrivateKeyCache::new(path, None).await);
         }
     }
 
@@ -41,17 +69,9 @@ impl AppContext {
         let fl_url = FlUrl::new(url);
 
         if fl_url.via_ssh() {
-            let ssh_key_access = self.cert.lock().await;
-
-            if let Some(ssh_key) = ssh_key_access.as_ref() {
-                let pass_phrase = if ssh_key.pass_phrase.is_empty() {
-                    None
-                } else {
-                    Some(ssh_key.pass_phrase.clone())
-                };
-
+            if let Some(cert_data) = self.get_ssh_private_key().await {
                 return (
-                    fl_url.set_ssh_private_key(ssh_key.private_key.clone(), pass_phrase),
+                    fl_url.set_ssh_private_key(cert_data.private_key, cert_data.pass_phrase),
                     host,
                 );
             }

diff --git a/src/server/app_ctx/mod.rs b/src/server/app_ctx/mod.rs
@@ -1,2 +1,4 @@
 mod app_ctx;
 pub use app_ctx::*;
+mod ssh_private_key_cache;
+pub use ssh_private_key_cache::*;
diff --git a/src/server/app_ctx/ssh_private_key_cache.rs b/src/server/app_ctx/ssh_private_key_cache.rs
@@ -0,0 +1,47 @@
+#[derive(Debug, Clone)]
+pub struct CertData {
+    pub private_key: String,
+    pub pass_phrase: Option<String>,
+}
+
+pub struct SshPrivateKeyCache {
+    cert_data: Option<CertData>,
+}
+
+impl SshPrivateKeyCache {
+    pub async fn new(path: Option<String>, pass_key: Option<String>) -> Self {
+        if path.is_none() {
+            return Self { cert_data: None };
+        }
+
+        let path = rust_extensions::file_utils::format_path(path.unwrap());
+
+        let cert = tokio::fs::read_to_string(path.as_str()).await;
+
+        if let Err(err) = &cert {
+            panic!(
+                "Can not read ssh private key file '{}'. Error: {}",
+                path.as_str(),
+                err
+            );
+        }
+
+        Self {
+            cert_data: CertData {
+                private_key: cert.unwrap(),
+                pass_phrase: pass_key,
+            }
+            .into(),
+        }
+    }
+
+    pub fn get_cert_data(&self) -> Option<CertData> {
+        self.cert_data.clone()
+    }
+
+    pub fn set_ssh_pass_phrase(&mut self, pass_phrase: Option<String>) {
+        if let Some(cert_data) = &mut self.cert_data {
+            cert_data.pass_phrase = pass_phrase;
+        }
+    }
+}
diff --git a/src/server/requests/set_to_release.rs b/src/server/requests/set_to_release.rs
@@ -1,9 +1,5 @@
-use std::collections::BTreeMap;
-
 use serde::*;
 
-use crate::models::*;
-
 pub async fn set_to_release(
     env_id: &str,
     tag: String,

diff --git a/src/server/settings_model.rs b/src/server/settings_model.rs
@@ -5,14 +5,10 @@ use serde::{Deserialize, Serialize};
 #[derive(Serialize, Deserialize)]
 pub struct SettingsModel {
     pub envs: BTreeMap<String, EnvModel>,
-    pub ssh_cert_prompt: bool,
+    pub ssh_pass_key_promt: Option<bool>,
+    pub ssh_private_key_path: Option<String>,
 }
 
-impl SettingsModel {
-    pub fn get_envs(&self) -> Vec<String> {
-        self.envs.keys().cloned().collect()
-    }
-}
 #[derive(Serialize, Deserialize)]
 pub struct EnvModel {
     pub url: String,

diff --git a/src/views/enter_cert.rs b/src/views/enter_cert.rs
@@ -13,8 +13,6 @@ pub fn EnterCert() -> Element {
         };
     }
 
-    let disabled = state_read_access.private_key.len() == 0;
-
     rsx! {
 
         div { style: "text-align: center; padding: 20px; width: 500px; margin: auto",
@@ -30,32 +28,16 @@ pub fn EnterCert() -> Element {
                 }
             }
 
-            div {
-                label { "Enter ssh cert private key" }
-
-                textarea {
-                    class: "form-control",
-                    style: "min-height: 300px;",
-
-                    value: state_read_access.private_key.as_str(),
-
-                    oninput: move |e| {
-                        state.write().private_key = e.value();
-                    }
-                }
-            }
-
             button {
                 class: "btn btn-primary",
-                disabled,
                 onclick: move |_| {
                     let cert_data = state.read().clone();
                     spawn(async move {
-                        match post_cert(cert_data.private_key, cert_data.pass_phrase).await {
+                        match post_cert(cert_data.pass_phrase).await {
                             Ok(_) => {
                                 consume_context::<Signal<MainState>>()
                                     .write()
-                                    .prompt_ssh_cert = Some(false);
+                                    .ssh_pass_key_promt = false;
                             }
                             Err(err) => {
                                 state.write().err = Some(err.to_string());
@@ -71,17 +53,19 @@ pub fn EnterCert() -> Element {
 
 #[derive(Default, Clone)]
 pub struct EnterCertState {
-    pub private_key: String,
     pub pass_phrase: String,
     pub err: Option<String>,
 }
 
 #[server]
-async fn post_cert(private_key: String, pass_phrase: String) -> Result<(), ServerFnError> {
-    let ssh_cert = crate::server::SshCertificate {
-        private_key,
-        pass_phrase,
+async fn post_cert(pass_phrase: String) -> Result<(), ServerFnError> {
+    let pass_phrase = if pass_phrase.is_empty() {
+        None
+    } else {
+        Some(pass_phrase)
     };
-    *crate::server::APP_CTX.cert.lock().await = Some(ssh_cert);
+    crate::server::APP_CTX
+        .post_ssh_pass_phrase(pass_phrase)
+        .await;
     Ok(())
 }