Skip to content

feat: Login via CLI #298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 19 commits into from
Feb 18, 2022
Merged

feat: Login via CLI #298

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
6c50b85
Create initial route for generating an API key
bryphe-coder Feb 16, 2022
fe55c73
Add cli-auth page
bryphe-coder Feb 16, 2022
3bb3164
Fix lint warnings
bryphe-coder Feb 16, 2022
9ec938e
Add login prompt for non-first-time-user case
bryphe-coder Feb 16, 2022
87fc9e2
Add test case for login
bryphe-coder Feb 17, 2022
6607a5a
Factor out CliAuth token component
bryphe-coder Feb 17, 2022
0e323ce
Add storybook for CliAuthToken
bryphe-coder Feb 17, 2022
a33d2c7
Merge main
bryphe-coder Feb 17, 2022
9cc7e94
Add test case for CliAuthToken
bryphe-coder Feb 17, 2022
7774e29
Add codersdk function + test
bryphe-coder Feb 17, 2022
8ea2920
Fix lint issues
bryphe-coder Feb 17, 2022
669f2ca
Discard output of browser pkg
bryphe-coder Feb 17, 2022
0a43941
Merge main
bryphe-coder Feb 17, 2022
5ecba6d
Add mask for session token prompt
bryphe-coder Feb 17, 2022
13696a7
Inline saveSessionToken into both code paths
bryphe-coder Feb 17, 2022
dccb009
Move setting browser.Stderr/Stdout to init
bryphe-coder Feb 17, 2022
ca1a458
Change route /api-keys -> /users/{user}/keys
bryphe-coder Feb 17, 2022
b232d0c
Remove leftover saveSessionToken func
bryphe-coder Feb 17, 2022
0d829b3
Update route in UI for getting new token
bryphe-coder Feb 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Create initial route for generating an API key
  • Loading branch information
@bryphe-coder
bryphe-coder committed Feb 16, 2022
commit 6c50b85a129df76fb320f588d20458de42b09f86
7 changes: 7 additions & 0 deletions coderd/coderd.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,13 @@ func New(options *Options) http.Handler {
})
r.Post("/login", api.postLogin)
r.Post("/logout", api.postLogout)
r.Route("/api-keys", func(r chi.Router) {
r.Use(
httpmw.ExtractAPIKey(options.Database, nil),
)
r.Post("/", api.postApiKey)
})

// Used for setup.
r.Get("/user", api.user)
r.Post("/user", api.postUser)
Expand Down
42 changes: 42 additions & 0 deletions coderd/users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,11 @@ type LoginWithPasswordResponse struct {
SessionToken string `json:"session_token" validate:"required"`
}

// GenerateAPIKeyResponse contains an API key for a user.
type GenerateAPIKeyResponse struct {
Key string `json:"key"`
}

// Returns whether the initial user has been created or not.
func (api *api) user(rw http.ResponseWriter, r *http.Request) {
userCount, err := api.Database.GetUserCount(r.Context())
Expand Down Expand Up @@ -312,6 +317,43 @@ func (api *api) postLogin(rw http.ResponseWriter, r *http.Request) {
})
}

// Creates a new API key, used for logging in via the CLI
func (api *api) postApiKey(rw http.ResponseWriter, r *http.Request) {
apiKey := httpmw.APIKey(r)
userID := apiKey.UserID

keyID, keySecret, err := generateAPIKeyIDSecret()
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("generate api key parts: %s", err.Error()),
})
return
}
hashed := sha256.Sum256([]byte(keySecret))

_, err = api.Database.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
ID: keyID,
UserID: userID,
ExpiresAt: database.Now().AddDate(1, 0, 0), // Expire after 1 year (same as v1)
CreatedAt: database.Now(),
UpdatedAt: database.Now(),
HashedSecret: hashed[:],
LoginType: database.LoginTypeBuiltIn,
})
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("insert api key: %s", err.Error()),
})
return
}

// This format is consumed by the APIKey middleware.
generatedApiKey := fmt.Sprintf("%s-%s", keyID, keySecret)

render.Status(r, http.StatusCreated)
render.JSON(rw, r, GenerateAPIKeyResponse{Key: generatedApiKey})
}

// Clear the user's session cookie
func (*api) postLogout(rw http.ResponseWriter, r *http.Request) {
// Get a blank token cookie
Expand Down