jfmonty2/creddy
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 15 Wiki Activity

allow user to choose whether to send base credentials at approval screen

Browse Source
This commit is contained in:
Joseph Montanaro 2024-01-10 16:31:16 -08:00
parent dd40eb379e
commit 46b8d810c5
10 changed files with 32 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "creddy",
"version": "0.4.1",
"version": "0.4.2",
"scripts": {
"dev": "vite",
"build": "vite build",

2
src-tauri/Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "creddy"
version = "0.4.1"
version = "0.4.2"
description = "A friendly AWS credentials manager"
authors = ["Joseph Montanaro"]
license = ""

3
src-tauri/src/errors.rs
View File

@ -18,6 +18,7 @@ use tauri::api::dialog::{
MessageDialogBuilder,
MessageDialogKind,
};
use tokio::sync::oneshot::error::RecvError;
use serde::{
Serialize,
Serializer,
@ -164,7 +165,7 @@ pub enum HandlerError {
#[error("HTTP request too large")]
RequestTooLarge,
#[error("Internal server error")]
Internal,
Internal(#[from] RecvError),
#[error("Error accessing credentials: {0}")]
NoCredentials(#[from] GetCredentialsError),
#[error("Error getting client details: {0}")]

1
src-tauri/src/ipc.rs
View File

@ -21,6 +21,7 @@ pub struct AwsRequestNotification {
pub struct RequestResponse {
pub id: u64,
pub approval: Approval,
pub base: bool,
}

10
src-tauri/src/server/mod.rs
View File

@ -97,9 +97,10 @@ async fn get_aws_credentials(base: bool, client: Client, app_handle: AppHandle)
let notification = AwsRequestNotification {id: request_id, client, base};
app_handle.emit_all("credentials-request", &notification)?;
match chan_recv.await {
Ok(Approval::Approved) => {
if base {
let response = chan_recv.await?;
match response.approval {
Approval::Approved => {
if response.base {
let creds = state.base_creds_cloned().await?;
Ok(Response::Aws(Credentials::Base(creds)))
}
@ -108,8 +109,7 @@ async fn get_aws_credentials(base: bool, client: Client, app_handle: AppHandle)
Ok(Response::Aws(Credentials::Session(creds)))
}
},
Ok(Approval::Denied) => Err(HandlerError::Denied),
Err(_e) => Err(HandlerError::Internal),
Approval::Denied => Err(HandlerError::Denied),
}
};

8
src-tauri/src/state.rs
View File

@ -17,7 +17,7 @@ use crate::credentials::{
SessionCredentials,
};
use crate::{config, config::AppConfig};
use crate::ipc::{self, Approval};
use crate::ipc::{self, Approval, RequestResponse};
use crate::errors::*;
use crate::shortcuts;
@ -102,7 +102,7 @@ pub struct AppState {
pub config: RwLock<AppConfig>,
pub session: RwLock<Session>,
pub request_count: RwLock<u64>,
pub waiting_requests: RwLock<HashMap<u64, Sender<Approval>>>,
pub waiting_requests: RwLock<HashMap<u64, Sender<RequestResponse>>>,
pub pending_terminal_request: RwLock<bool>,
// these are never modified and so don't need to be wrapped in RwLocks
pub setup_errors: Vec<String>,
@ -161,7 +161,7 @@ impl AppState {
Ok(())
}
pub async fn register_request(&self, sender: Sender<Approval>) -> u64 {
pub async fn register_request(&self, sender: Sender<RequestResponse>) -> u64 {
let count = {
let mut c = self.request_count.write().await;
*c += 1;
@ -193,7 +193,7 @@ impl AppState {
waiting_requests
.remove(&response.id)
.ok_or(SendResponseError::NotFound)?
.send(response.approval)
.send(response)
.map_err(|_| SendResponseError::Abandoned)
}

2
src-tauri/tauri.conf.json
View File

@ -8,7 +8,7 @@
},
"package": {
"productName": "creddy",
"version": "0.4.1"
"version": "0.4.2"
},
"tauri": {
"allowlist": {

5
src/style.css
View File

@ -5,3 +5,8 @@
.btn-alert-error {
@apply bg-transparent hover:bg-[#cd5a5a] border border-error-content text-error-content
}
/* I like alert icons to be top-aligned */
.alert > :where(*) {
align-items: flex-start;
}

12
src/views/Approve.svelte
View File

@ -11,10 +11,11 @@
// Send response to backend, display error if applicable
let error, alert;
let base = $appState.currentRequest.base;
async function respond() {
let {id, approval} = $appState.currentRequest;
try {
await invoke('respond', {response: {id, approval}});
await invoke('respond', {response: {id, approval, base}});
navigate('ShowResponse');
}
catch (e) {
@ -83,7 +84,7 @@
<div>
<svg xmlns="http://www.w3.org/2000/svg" class="stroke-current flex-shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" /></svg>
<span>
WARNING: This application is requesting your base (long-lived) AWS credentials.
WARNING: This application is requesting your long-lived AWS credentials.
These credentials are less secure than session credentials, since they don't expire automatically.
</span>
</div>
@ -116,5 +117,12 @@
</button>
</Link>
</div>
<div class="w-full">
<label class="label cursor-pointer justify-end gap-x-2">
<span class="label-text">Send long-lived credentials</span>
<input type="checkbox" class="checkbox checkbox-success" bind:checked={base}>
</label>
</div>
</div>
{/if}

2
src/views/Home.svelte
View File

@ -39,8 +39,8 @@
Launch Terminal
</button>
<label class="label cursor-pointer flex items-center space-x-2">
<span class="label-text">Launch with long-lived credentials</span>
<input type="checkbox" class="checkbox checkbox-sm" bind:checked={launchBase}>
<span class="label-text">Launch with base credentials</span>
</label>
{:else if status === 'empty'}