remove passwords from api calls

repertory/librepertory/include/types/repertory.hpp

@@ -314,6 +314,11 @@ provider_type_from_string(std::string_view type,
 
 [[nodiscard]] auto provider_type_to_string(provider_type type) -> std::string;
 
+void clean_json_config(provider_type prov, nlohmann::json &data);
+
+[[nodiscard]] auto clean_json_value(std::string_view name,
+                                    std::string_view data) -> std::string;
+
 #if defined(_WIN32)
 struct open_file_data final {
   PVOID directory_buffer{nullptr};

repertory/librepertory/src/rpc/server/server.cpp

@@ -39,6 +39,7 @@ server::server(app_config &config) : config_(config) {}
 void server::handle_get_config(const httplib::Request & /*req*/,
                                httplib::Response &res) {
   auto data = config_.get_json();
+  clean_json_config(data);
   res.set_content(data.dump(), "application/json");
   res.status = http_error_codes::ok;
 }
@@ -46,7 +47,8 @@ void server::handle_get_config(const httplib::Request & /*req*/,
 void server::handle_get_config_value_by_name(const httplib::Request &req,
                                              httplib::Response &res) {
   auto name = req.get_param_value("name");
-  auto data = json({{"value", config_.get_value_by_name(name)}});
+  auto data = json(
+      {{"value", clean_json_value(name, config_.get_value_by_name(name))}});
   res.set_content(data.dump(), "application/json");
   res.status = http_error_codes::ok;
 }

repertory/librepertory/src/types/repertory.cpp

@@ -26,6 +26,48 @@
 #include "utils/string.hpp"
 
 namespace repertory {
+void clean_json_config(provider_type prov, nlohmann::json &data) {
+  data[JSON_API_PASSWORD] = "";
+
+  switch (prov) {
+  case provider_type::encrypt:
+    data[JSON_ENCRYPT_CONFIG][JSON_ENCRYPTION_TOKEN] = "";
+    data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = "";
+    break;
+
+  case provider_type::remote:
+    data[JSON_REMOTE_CONFIG][JSON_ENCRYPTION_TOKEN] = "";
+    break;
+
+  case provider_type::s3:
+    data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = "";
+    data[JSON_S3_CONFIG][JSON_ENCRYPTION_TOKEN] = "";
+    data[JSON_S3_CONFIG][JSON_SECRET_KEY] = "";
+    break;
+
+  case provider_type::sia:
+    data[JSON_REMOTE_MOUNT][JSON_ENCRYPTION_TOKEN] = "";
+    data[JSON_HOST_CONFIG][JSON_API_PASSWORD] = "";
+    break;
+  }
+}
+
+auto clean_json_value(std::string_view name, std::string_view data)
+    -> std::string {
+  if (name ==
+          fmt::format("{}.{}", JSON_ENCRYPT_CONFIG, JSON_ENCRYPTION_TOKEN) ||
+      name == fmt::format("{}.{}", JSON_HOST_CONFIG, JSON_API_PASSWORD) ||
+      name == fmt::format("{}.{}", JSON_REMOTE_CONFIG, JSON_ENCRYPTION_TOKEN) ||
+      name == fmt::format("{}.{}", JSON_REMOTE_MOUNT, JSON_ENCRYPTION_TOKEN) ||
+      name == fmt::format("{}.{}", JSON_S3_CONFIG, JSON_ENCRYPTION_TOKEN) ||
+      name == fmt::format("{}.{}", JSON_S3_CONFIG, JSON_SECRET_KEY) ||
+      name == JSON_API_PASSWORD) {
+    return "";
+  }
+
+  return std::string{data};
+}
+
 auto database_type_from_string(std::string type, database_type default_type)
     -> database_type {
   type = utils::string::to_lower(utils::string::trim(type));

repertory/repertory/src/ui/handlers.cpp

@@ -218,6 +218,8 @@ void handlers::handle_get_mount(auto &&req, auto &&res) const {
   lines.erase(lines.begin());
 
   auto result = nlohmann::json::parse(utils::string::join(lines, '\n'));
+  clean_json_config(prov, result);
+
   res.set_content(result.dump(), "application/json");
   res.status = http_error_codes::ok;
 }
@@ -320,6 +322,7 @@ void handlers::handle_get_mount_status(auto &&req, auto &&res) const {
 
 void handlers::handle_get_settings(auto &&res) const {
   auto settings = config_->to_json();
+  settings.erase(JSON_API_PASSWORD);
   settings.erase(JSON_MOUNT_LOCATIONS);
   res.set_content(settings.dump(), "application/json");
   res.status = http_error_codes::ok;