refactoring

return unauthorized when decryption fails
continue authentication
2025-03-22 02:20:03 -05:00 · 2025-03-22 01:47:40 -05:00 · 2025-03-22 01:42:20 -05:00
9 changed files with 78 additions and 68 deletions
--- a/repertory/repertory/src/ui/handlers.cpp
+++ b/repertory/repertory/src/ui/handlers.cpp
@ -68,9 +68,10 @@ namespace {
                                                    {"decryption failed"});
  }
-  return std::string(
+  return {
      buffer.begin(),
-      std::next(buffer.begin(), static_cast<std::int64_t>(size)));
+      std::next(buffer.begin(), static_cast<std::int64_t>(size)),
  };
 }
 [[nodiscard]] auto decrypt_value(const repertory::ui::mgmt_app_config *config,
@ -153,7 +154,10 @@ handlers::handlers(mgmt_app_config *config, httplib::Server *server)
    }
    res.set_content(data.dump(), "application/json");
-    res.status = http_error_codes::internal_error;
+    res.status = utils::string::ends_with(data["error"].get<std::string>(),
                                          "|decryption failed")
                     ? http_error_codes::unauthorized
                     : http_error_codes::internal_error;
  });
  server->Get("/api/v1/mount",
--- a/web/repertory/lib/constants.dart
+++ b/web/repertory/lib/constants.dart
@ -15,9 +15,8 @@ const ringBufferSizeList = ['128', '256', '512', '1024', '2048'];
 final GlobalKey<NavigatorState> navigatorKey = GlobalKey<NavigatorState>();
 Sodium? _sodium;
 void setSodium(Sodium sodium) {
  _sodium = sodium;
 }
-Sodium? get sodium => _sodium;
+Sodium get sodium => _sodium!;
--- a/web/repertory/lib/helpers.dart
+++ b/web/repertory/lib/helpers.dart
@ -285,10 +285,6 @@ String encryptValue(String value, SecureKey key) {
  }
  final sodium = constants.sodium;
  if (sodium == null) {
    return value;
  }
  final crypto = sodium.crypto.aeadXChaCha20Poly1305IETF;
  final nonce = sodium.secureRandom(crypto.nonceBytes).extractBytes();
@ -302,45 +298,6 @@ String encryptValue(String value, SecureKey key) {
  return hex.encode(nonce + data);
 }
 Future<String?> promptPassword() async {
  if (constants.navigatorKey.currentContext == null) {
    return null;
  }
  String password = '';
  return await showDialog(
    context: constants.navigatorKey.currentContext!,
    builder: (context) {
      return AlertDialog(
        actions: [
          TextButton(
            child: const Text('Cancel'),
            onPressed: () => Navigator.of(context).pop(null),
          ),
          TextButton(
            child: const Text('OK'),
            onPressed: () {
              if (password.isEmpty) {
                return displayErrorMessage(context, "Password is not valid");
              }
              Navigator.of(context).pop(password);
            },
          ),
        ],
        content: TextField(
          autofocus: true,
          controller: TextEditingController(text: password),
          obscureText: true,
          obscuringCharacter: '*',
          onChanged: (value) => password = value,
        ),
        title: const Text('Enter Repertory Portal Password'),
      );
    },
  );
 }
 Map<String, dynamic> getChanged(
  Map<String, dynamic> original,
  Map<String, dynamic> updated,
--- a/web/repertory/lib/main.dart
+++ b/web/repertory/lib/main.dart
@ -62,7 +62,7 @@ class _MyAppState extends State<MyApp> {
        snackBarTheme: snackBarTheme,
      ),
      title: constants.appTitle,
-      initialRoute: '/',
+      initialRoute: '/auth',
      routes: {
        '/':
            (context) =>
@ -108,7 +108,14 @@ class AuthCheck extends StatelessWidget {
    return Consumer<Auth>(
      builder: (context, auth, __) {
        if (!auth.authenticated) {
-          Navigator.of(context).pushReplacementNamed('/auth');
+          Future.delayed(Duration(milliseconds: 1), () {
            if (constants.navigatorKey.currentContext == null) {
              return;
            }
            Navigator.of(
              constants.navigatorKey.currentContext!,
            ).pushNamedAndRemoveUntil('/auth', (Route<dynamic> route) => false);
          });
          return SizedBox.shrink();
        }
--- a/web/repertory/lib/models/auth.dart
+++ b/web/repertory/lib/models/auth.dart
@ -9,17 +9,14 @@ import 'package:sodium_libs/sodium_libs.dart';
 class Auth with ChangeNotifier {
  bool _authenticated = false;
-  SecureKey? _key;
+  SecureKey _key = SecureKey.random(constants.sodium, 32);
  String _user = "";
  bool get authenticated => _authenticated;
-  SecureKey get key => _key!;
+  SecureKey get key => _key;
  Future<void> authenticate(String user, String password) async {
    final sodium = constants.sodium;
    if (sodium == null) {
      return;
    }
    final keyHash = sodium.crypto.genericHash(
      outLen: sodium.crypto.aeadXChaCha20Poly1305IETF.keyBytes,
@ -40,11 +37,11 @@ class Auth with ChangeNotifier {
      );
      if (response.statusCode != 200) {
        logoff();
        return "";
      }
      final nonce = jsonDecode(response.body)["nonce"];
      debugPrint('nonce: $nonce');
      return encryptValue('${_user}_$nonce', key);
    } catch (e) {
      debugPrint('$e');
@ -52,4 +49,11 @@ class Auth with ChangeNotifier {
    return "";
  }
  void logoff() {
    _authenticated = false;
    _user = "";
    notifyListeners();
  }
 }
--- a/web/repertory/lib/models/mount.dart
+++ b/web/repertory/lib/models/mount.dart
@ -40,6 +40,11 @@ class Mount with ChangeNotifier {
        ),
      );
      if (response.statusCode == 401) {
        _auth.logoff();
        return;
      }
      if (response.statusCode == 404) {
        _mountList?.reset();
        return;
@ -71,6 +76,11 @@ class Mount with ChangeNotifier {
        ),
      );
      if (response.statusCode == 401) {
        _auth.logoff();
        return;
      }
      if (response.statusCode == 404) {
        _mountList?.reset();
        return;
@ -102,6 +112,11 @@ class Mount with ChangeNotifier {
        ),
      );
      if (response.statusCode == 401) {
        _auth.logoff();
        return null;
      }
      if (response.statusCode != 200) {
        return null;
      }
@ -136,6 +151,12 @@ class Mount with ChangeNotifier {
        ),
      );
      if (response.statusCode == 401) {
        displayAuthError();
        _auth.logoff();
        return false;
      }
      if (response.statusCode == 404) {
        _isMounting = false;
        _mountList?.reset();
@ -184,13 +205,13 @@ class Mount with ChangeNotifier {
        ),
      );
-      if (response.statusCode == 404) {
+      if (response.statusCode == 401) {
-        _mountList?.reset();
+        _auth.logoff();
        return;
      }
-      if (response.statusCode == 500) {
+      if (response.statusCode == 404) {
-        displayAuthError();
+        _mountList?.reset();
        return;
      }
--- a/web/repertory/lib/models/mount_list.dart
+++ b/web/repertory/lib/models/mount_list.dart
@ -14,7 +14,11 @@ class MountList with ChangeNotifier {
  final Auth _auth;
  MountList(this._auth) {
-    _fetch();
+    _auth.addListener(() {
      if (_auth.authenticated) {
        _fetch();
      }
    });
  }
  List<Mount> _mountList = [];
@ -56,6 +60,12 @@ class MountList with ChangeNotifier {
        Uri.parse('${getBaseUri()}/api/v1/mount_list?auth=$auth'),
      );
      if (response.statusCode == 401) {
        displayAuthError();
        _auth.logoff();
        return;
      }
      if (response.statusCode == 404) {
        reset();
        return;
@ -133,12 +143,13 @@ class MountList with ChangeNotifier {
        case 200:
          ret = true;
          break;
        case 401:
          displayAuthError();
          _auth.logoff();
          break;
        case 404:
          reset();
          break;
        case 500:
          displayAuthError();
          break;
        default:
          displayError();
          break;
--- a/web/repertory/lib/screens/edit_settings_screen.dart
+++ b/web/repertory/lib/screens/edit_settings_screen.dart
@ -43,11 +43,17 @@ class _EditSettingsScreenState extends State<EditSettingsScreen> {
  Future<Map<String, dynamic>> _grabSettings() async {
    try {
-      final auth = await Provider.of<Auth>(context, listen: false).createAuth();
+      final authProvider = Provider.of<Auth>(context, listen: false);
      final auth = await authProvider.createAuth();
      final response = await http.get(
        Uri.parse('${getBaseUri()}/api/v1/settings?auth=$auth'),
      );
      if (response.statusCode == 401) {
        authProvider.logoff();
        return {};
      }
      if (response.statusCode != 200) {
        return {};
      }
--- a/web/repertory/lib/widgets/ui_settings.dart
+++ b/web/repertory/lib/widgets/ui_settings.dart
@ -117,17 +117,18 @@ class _UISettingsWidgetState extends State<UISettingsWidget> {
                  ),
                ),
              );
-              if (response.statusCode == 500) {
+
              if (response.statusCode == 401) {
                displayAuthError();
                authProvider.logoff();
                return;
              }
            } catch (e) {
              debugPrint('$e');
              displayAuthError();
            }
          })
          .catchError((e) {
            debugPrint('$e');
            displayAuthError();
          });
    }
Author	SHA1	Message	Date
Scott E. Graves	e4f59dadfb	refactoring All checks were successful BlockStorage/repertory/pipeline/head This commit looks good Details	2025-03-22 02:20:03 -05:00
Scott E. Graves	f8b1b8ad37	return unauthorized when decryption fails	2025-03-22 01:47:40 -05:00
Scott E. Graves	03c8f3461e	continue authentication	2025-03-22 01:42:20 -05:00