update readme and re-add tests

README.md

@@ -1,6 +1,6 @@
 # Piggy Bank
 
-Piggy Bank is a secrets storage tool for applications that works with NATS. Secrets are stored encrypted in JetStream and can be retrieved as long as the requestor has access to the subject.
+Piggy Bank is a secrets storage tool for applications that works with NATS. Secrets are stored encrypted in a JetStream KV and can be retrieved as long as the requestor has access to the subject.
 
 A decryption key is returned from the initialization phase. If this key is lost, all of the data is unrecoverable.
 
@@ -10,18 +10,23 @@ Be sure to add the KV bucket to NATS: `nats kv add piggybank`
 
 ## Example Usage
 
-1. Start piggybank `piggybank start`
-2. Initialize the database `nats req piggybankdb.initialize ""`
-3. Unlock the database with key sent from step 1 `nats req piggybankdb.unlock '{"database_key": "foobar"}'`
-4. Add a secret for an application `nats req -H method:post piggybank.myapplication.registrySecret "somesecrettext"`
-5. Retrieve a secret `nats req -H method:get piggybank.myapplication.registrySecret ""`
-6. Lock the database `nats req piggybankdb.lock ""`
-7. Try to retrieve the secret again `nats req -H method:get piggybank.myapplication.registrySecret ""`
+1. Start piggybank `piggybank service start`
+2. Initialize the database `piggybank client database initialize`
+3. Unlock the database with key sent from step 1 `piggybank client database unlock --key foo`
+4. Add a secret for an application `piggybank client secret add --id foo --value bar`
+5. Retrieve a secret `piggybank client secret get --id foo`
+6. Lock the database `piggybank client database lock`
+7. Try to retrieve the secret again `piggybank client secret get --id foo`
 
 ## Permissions
-Permissions are defined as normal NATS subject permissions. If you have access to a subject, then you can retrieve the secrets. This means the permissions can be as granular as desired.
+Permissions are defined as normal NATS subject permissions. If you have access to a subject, then you can retrieve the secrets. This means the permissions can be as granular as desired. 
 
-## Config
-Piggy Bank requires a config file. It uses Cue to read the configs, but the configs can also be in json or yaml format.
+NOTE: Please ensure to set proper permissions for inbox responses. It is recommended to not use the default _INBOX subject for responses and to set granular inboxes for requests to piggybank.
 
-The Cue schema is in `cmd/schema.cue`.
+## NATS Connection
+
+Piggybank supports multiple auth methods for NATS. 
+
+1. Your current NATS context
+2. A path to a credentials file
+3. Env vars for the JWT and SEED

service/encryption_test.go

@@ -0,0 +1,52 @@
+package service
+
+import (
+	"testing"
+)
+
+func TestToBase64(t *testing.T) {
+
+	tests := []struct {
+		expected string
+		word     string
+	}{
+		{"dGVzdGluZw", "testing"},
+		{"dGVzdA", "test"},
+		{"cGlnZ3ktYmFuaw", "piggy-bank"},
+	}
+
+	for _, tt := range tests {
+		decoded := []byte(tt.word)
+
+		encoded := toBase64(decoded)
+
+		if encoded != tt.expected {
+			t.Errorf("Expected %s, but got %s", tt.expected, encoded)
+		}
+	}
+
+}
+
+func TestFromBase64(t *testing.T) {
+	tests := []struct {
+		encoded  string
+		expected string
+	}{
+		{"dGVzdGluZw", "testing"},
+		{"dGVzdA", "test"},
+		{"cGlnZ3ktYmFuaw", "piggy-bank"},
+	}
+
+	for _, tt := range tests {
+		encoded := tt.encoded
+
+		decoded, err := fromBase64(encoded)
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if string(decoded) != tt.expected {
+			t.Errorf("Expected %s, but got %s", tt.expected, decoded)
+		}
+	}
+}

service/passwords_test.go

@@ -0,0 +1,25 @@
+package service
+
+import (
+	"testing"
+)
+
+type TB struct {
+	name     string
+	expected string
+	actual   string
+}
+
+func TestGeneratePass(t *testing.T) {
+	secret := generatePass()
+	secret2 := generatePass()
+
+	if len(secret) != 43 {
+		t.Errorf("Secret is not 32 bytes")
+	}
+
+	if secret == secret2 {
+		t.Errorf("Secrets are the same.")
+	}
+
+}