finish exec subcommand

keep working on exec subcommand
start working on exec subcommand
2023-05-06 12:00:31 -07:00 · 2023-05-06 11:48:08 -07:00 · 2023-05-02 15:36:00 -07:00
18 changed files with 100 additions and 466 deletions
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "creddy",
-  "version": "0.2.1",
+  "version": "0.1.0",
  "scripts": {
    "dev": "vite",
    "build": "vite build",
--- a/src-tauri/.env
+++ b/src-tauri/.env
@ -1 +1 @@
-DATABASE_URL=sqlite://C:/Users/Joe/AppData/Roaming/creddy/creddy.dev.db
+DATABASE_URL=sqlite://creddy.db?mode=rwc
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@ -8,16 +8,6 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"

-[[package]]
-name = "aead"
-version = "0.5.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0"
-dependencies = [
- "crypto-common",
- "generic-array",
-]
-
 [[package]]
 name = "ahash"
 version = "0.7.6"
@ -70,18 +60,15 @@ checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"

 [[package]]
 name = "app"
-version = "0.2.0"
+version = "0.1.0"
 dependencies = [
- "argon2",
 "auto-launch",
 "aws-config",
 "aws-sdk-sts",
 "aws-smithy-types",
 "aws-types",
- "chacha20poly1305",
 "clap",
 "dirs 5.0.1",
- "is-terminal",
 "netstat2",
 "once_cell",
 "serde",
@ -98,17 +85,6 @@ dependencies = [
 "tokio",
 ]

-[[package]]
-name = "argon2"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "95c2fcf79ad1932ac6269a738109997a83c227c09b75842ae564dc8ede6a861c"
-dependencies = [
- "base64ct",
- "blake2",
- "password-hash",
-]
-
 [[package]]
 name = "async-broadcast"
 version = "0.5.1"
@ -568,27 +544,12 @@ dependencies = [
 "simd-abstraction",
 ]

-[[package]]
-name = "base64ct"
-version = "1.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
-
 [[package]]
 name = "bitflags"
 version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"

-[[package]]
-name = "blake2"
-version = "0.10.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe"
-dependencies = [
- "digest",
-]
-
 [[package]]
 name = "block"
 version = "0.1.6"
@ -765,41 +726,6 @@ version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"

-[[package]]
-name = "chacha20"
-version = "0.9.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818"
-dependencies = [
- "cfg-if",
- "cipher",
- "cpufeatures",
-]
-
-[[package]]
-name = "chacha20poly1305"
-version = "0.10.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "10cd79432192d1c0f4e1a0fef9527696cc039165d729fb41b3f4f4f354c2dc35"
-dependencies = [
- "aead",
- "chacha20",
- "cipher",
- "poly1305",
- "zeroize",
-]
-
-[[package]]
-name = "cipher"
-version = "0.4.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
-dependencies = [
- "crypto-common",
- "inout",
- "zeroize",
-]
-
 [[package]]
 name = "clap"
 version = "3.2.25"
@ -1035,7 +961,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
 dependencies = [
 "generic-array",
- "rand_core 0.6.4",
 "typenum",
 ]

@ -2070,15 +1995,6 @@ dependencies = [
 "cfb",
 ]

-[[package]]
-name = "inout"
-version = "0.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
-dependencies = [
- "generic-array",
-]
-
 [[package]]
 name = "instant"
 version = "0.1.12"
@ -2099,18 +2015,6 @@ dependencies = [
 "windows-sys 0.48.0",
 ]

-[[package]]
-name = "is-terminal"
-version = "0.4.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f"
-dependencies = [
- "hermit-abi 0.3.1",
- "io-lifetimes",
- "rustix",
- "windows-sys 0.48.0",
-]
-
 [[package]]
 name = "itertools"
 version = "0.10.5"
@ -2634,12 +2538,6 @@ version = "1.17.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3"

-[[package]]
-name = "opaque-debug"
-version = "0.3.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
-
 [[package]]
 name = "openssl-probe"
 version = "0.1.5"
@ -2770,17 +2668,6 @@ dependencies = [
 "windows-sys 0.45.0",
 ]

-[[package]]
-name = "password-hash"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
-dependencies = [
- "base64ct",
- "rand_core 0.6.4",
- "subtle",
-]
-
 [[package]]
 name = "paste"
 version = "1.0.12"
@ -2972,17 +2859,6 @@ dependencies = [
 "windows-sys 0.48.0",
 ]

-[[package]]
-name = "poly1305"
-version = "0.8.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf"
-dependencies = [
- "cpufeatures",
- "opaque-debug",
- "universal-hash",
-]
-
 [[package]]
 name = "ppv-lite86"
 version = "0.2.17"
@ -4567,16 +4443,6 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e"

-[[package]]
-name = "universal-hash"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5"
-dependencies = [
- "crypto-common",
- "subtle",
-]
-
 [[package]]
 name = "untrusted"
 version = "0.7.1"
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "app"
-version = "0.2.0"
+version = "0.1.0"
 description = "A Tauri App"
 authors = ["you"]
 license = ""
@ -35,9 +35,6 @@ strum_macros = "0.24"
 auto-launch = "0.4.0"
 dirs = "5.0"
 clap = { version = "3.2.23", features = ["derive"] }
-is-terminal = "0.4.7"
-argon2 = { version = "0.5.0", features = ["std"] }
-chacha20poly1305 = { version = "0.10.1", features = ["std"] }

 [features]
 # by default Tauri runs in production mode
--- a/src-tauri/src/app.rs
+++ b/src-tauri/src/app.rs
@ -1,3 +1,8 @@
+#![cfg_attr(
+    all(not(debug_assertions), target_os = "windows"),
+    windows_subsystem = "windows"
+)]
+
 use std::error::Error;

 use once_cell::sync::OnceCell;
@ -27,6 +32,33 @@ use crate::{
 pub static APP: OnceCell<AppHandle> = OnceCell::new();


+async fn setup(app: &mut App) -> Result<(), Box<dyn Error>> {
+    APP.set(app.handle()).unwrap();
+
+    let conn_opts = SqliteConnectOptions::new()
+        .filename(config::get_or_create_db_path()?)
+        .create_if_missing(true);
+    let pool_opts = SqlitePoolOptions::new();
+    let pool: SqlitePool = pool_opts.connect_with(conn_opts).await?;
+    sqlx::migrate!().run(&pool).await?;
+
+    let conf = AppConfig::load(&pool).await?;
+    let session = Session::load(&pool).await?;
+    let srv = Server::new(conf.listen_addr, conf.listen_port, app.handle()).await?;
+
+    config::set_auto_launch(conf.start_on_login)?;
+    if !conf.start_minimized {
+        app.get_window("main")
+            .ok_or(HandlerError::NoMainWindow)?
+            .show()?;
+    }
+
+    let state = AppState::new(conf, session, srv, pool);
+    app.manage(state);
+    Ok(())
+}
+
+
 pub fn run() -> tauri::Result<()> {
    tauri::Builder::default()
        .plugin(tauri_plugin_single_instance::init(|app, _argv, _cwd| {
@ -58,35 +90,3 @@ pub fn run() -> tauri::Result<()> {

    Ok(())
 }
-
-
-pub async fn connect_db() -> Result<SqlitePool, SetupError> {
-    let conn_opts = SqliteConnectOptions::new()
-        .filename(config::get_or_create_db_path()?)
-        .create_if_missing(true);
-    let pool_opts = SqlitePoolOptions::new();
-    let pool: SqlitePool = pool_opts.connect_with(conn_opts).await?;
-    sqlx::migrate!().run(&pool).await?;
-    Ok(pool)
-}
-
-
-async fn setup(app: &mut App) -> Result<(), Box<dyn Error>> {
-    APP.set(app.handle()).unwrap();
-
-    let pool = connect_db().await?;
-    let conf = AppConfig::load(&pool).await?;
-    let session = Session::load(&pool).await?;
-    let srv = Server::new(conf.listen_addr, conf.listen_port, app.handle()).await?;
-
-    config::set_auto_launch(conf.start_on_login)?;
-    if !conf.start_minimized {
-        app.get_window("main")
-            .ok_or(HandlerError::NoMainWindow)?
-            .show()?;
-    }
-
-    let state = AppState::new(conf, session, srv, pool);
-    app.manage(state);
-    Ok(())
-}
--- a/src-tauri/src/cli.rs
+++ b/src-tauri/src/cli.rs
@ -1,3 +1,4 @@
+use std::io::{Read, Write};
 use std::process::Command as ChildCommand;
 #[cfg(unix)]
 use std::os::unix::process::CommandExt;
@ -8,14 +9,9 @@ use clap::{
     ArgMatches,
     ArgAction
 };
-use tokio::{
-    net::TcpStream,
-    io::{AsyncReadExt, AsyncWriteExt},
-};
+use std::net::TcpStream;


-use crate::app;
-use crate::config::AppConfig;
 use crate::credentials::{BaseCredentials, SessionCredentials};
 use crate::errors::*;

@ -102,19 +98,16 @@ pub fn exec(args: &ArgMatches) -> Result<(), CliError> {
 }


-#[tokio::main]
-async fn get_credentials(base: bool) -> Result<String, RequestError> {
-    let pool = app::connect_db().await?;
-    let config = AppConfig::load(&pool).await?;
+fn get_credentials(base: bool) -> Result<String, RequestError> {
    let path = if base {"/creddy/base-credentials"} else {"/"};

-    let mut stream = TcpStream::connect((config.listen_addr, config.listen_port)).await?;
+    let mut stream = TcpStream::connect("127.0.0.1:12345")?;
    let req = format!("GET {path} HTTP/1.0\r\n\r\n");
-    stream.write_all(req.as_bytes()).await?;
+    stream.write_all(req.as_bytes())?;

    // some day we'll have a proper HTTP parser
    let mut buf = vec![0; 8192];
-    stream.read_to_end(&mut buf).await?;
+    stream.read_to_end(&mut buf)?;

    let status = buf.split(|&c| &[c] == b" ")
        .skip(1)
--- a/src-tauri/src/config.rs
+++ b/src-tauri/src/config.rs
@ -2,7 +2,6 @@ use std::net::Ipv4Addr;
 use std::path::PathBuf;

 use auto_launch::AutoLaunchBuilder;
-use is_terminal::IsTerminal;
 use serde::{Serialize, Deserialize};
 use sqlx::SqlitePool;

@ -91,17 +90,16 @@ pub fn set_auto_launch(is_configured: bool) -> Result<(), SetupError> {


 pub fn get_or_create_db_path() -> Result<PathBuf, DataDirError> {
+    // debug_assertions doesn't always mean we are running in dev
+    if cfg!(debug_assertions) && std::env::var("HOME").is_ok() {
+        return Ok(PathBuf::from("./creddy.db"));
+    }
+
    let mut path = dirs::data_dir()
        .ok_or(DataDirError::NotFound)?;
-    path.push("Creddy");

    std::fs::create_dir_all(&path)?;
-    if cfg!(debug_assertions) && std::io::stdout().is_terminal() {
-        path.push("creddy.dev.db");
-    }
-    else {
    path.push("creddy.db");
-    }

    Ok(path)
 }
--- a/src-tauri/src/credentials.rs
+++ b/src-tauri/src/credentials.rs
@ -2,24 +2,6 @@ use std::fmt::{self, Formatter};
 use std::time::{SystemTime, UNIX_EPOCH};

 use aws_smithy_types::date_time::{DateTime, Format};
-use argon2::{
-    Argon2,
-    Algorithm,
-    Version,
-    ParamsBuilder,
-    password_hash::rand_core::{RngCore, OsRng},
-};
-use chacha20poly1305::{
-    XChaCha20Poly1305,
-    XNonce,
-    aead::{
-        Aead,
-        AeadCore,
-        KeyInit,
-        Error as AeadError,
-        generic_array::GenericArray,
-    },
-};
 use serde::{
    Serialize,
    Deserialize,
@ -28,7 +10,12 @@ use serde::{
 };
 use serde::de::{self, Visitor};
 use sqlx::SqlitePool;
-
+use sodiumoxide::crypto::{
+        pwhash,
+        pwhash::Salt, 
+        secretbox, 
+        secretbox::{Nonce, Key}
+};

 use crate::errors::*;

@ -53,17 +40,18 @@ impl Session {
            None => {return Ok(Session::Empty);}
        };

-        let salt: [u8; 32] = row.salt
+        let salt_buf: [u8; 32] = row.salt
+            .try_into()
+            .map_err(|_e| SetupError::InvalidRecord)?;
+        let nonce_buf: [u8; 24] = row.nonce
            .try_into()
            .map_err(|_e| SetupError::InvalidRecord)?;
-        let nonce = XNonce::from_exact_iter(row.nonce.into_iter())
-            .ok_or(SetupError::InvalidRecord)?;

        let creds = LockedCredentials {
            access_key_id: row.access_key_id,
            secret_key_enc: row.secret_key_enc,
-            salt,
-            nonce,
+            salt: Salt(salt_buf),
+            nonce: Nonce(nonce_buf),
        };
        Ok(Session::Locked(creds))
    }
@ -88,8 +76,8 @@ impl Session {
 pub struct LockedCredentials {
    pub access_key_id: String,
    pub secret_key_enc: Vec<u8>,
-    pub salt: [u8; 32],
-    pub nonce: XNonce,
+    pub salt: Salt,
+    pub nonce: Nonce,
 }

 impl LockedCredentials {
@ -100,8 +88,8 @@ impl LockedCredentials {
        )
            .bind(&self.access_key_id)
            .bind(&self.secret_key_enc)
-            .bind(&self.salt[..])
-            .bind(&self.nonce[..])
+            .bind(&self.salt.0[0..])
+            .bind(&self.nonce.0[0..])
            .execute(pool)
            .await?;

@ -109,10 +97,11 @@ impl LockedCredentials {
    }

    pub fn decrypt(&self, passphrase: &str) -> Result<BaseCredentials, UnlockError> {
-        let crypto = Crypto::new(passphrase, &self.salt)
-            .map_err(|e| CryptoError::Argon2(e))?;
-        let decrypted = crypto.decrypt(&self.nonce, &self.secret_key_enc)
-            .map_err(|e| CryptoError::Aead(e))?;
+        let mut key_buf = [0; secretbox::KEYBYTES];
+        // pretty sure this only fails if we're out of memory
+        pwhash::derive_key_interactive(&mut key_buf, passphrase.as_bytes(), &self.salt).unwrap();
+        let decrypted = secretbox::open(&self.secret_key_enc, &self.nonce, &Key(key_buf))
+            .map_err(|_| UnlockError::BadPassphrase)?;
        let secret_access_key = String::from_utf8(decrypted)
            .map_err(|_| UnlockError::InvalidUtf8)?;

@ -133,18 +122,21 @@ pub struct BaseCredentials {
 }

 impl BaseCredentials {
-    pub fn encrypt(&self, passphrase: &str) -> Result<LockedCredentials, CryptoError> {
-        let salt = Crypto::salt();
-        let crypto = Crypto::new(passphrase, &salt)?;
-        let (nonce, secret_key_enc) = crypto.encrypt(self.secret_access_key.as_bytes())?;
+    pub fn encrypt(&self, passphrase: &str) -> LockedCredentials {
+        let salt = pwhash::gen_salt();
+        let mut key_buf = [0; secretbox::KEYBYTES];
+        pwhash::derive_key_interactive(&mut key_buf, passphrase.as_bytes(), &salt).unwrap();
+        let key = Key(key_buf);
+        let nonce = secretbox::gen_nonce();

-        let locked = LockedCredentials {
+        let secret_key_enc = secretbox::seal(self.secret_access_key.as_bytes(), &nonce, &key);
+
+        LockedCredentials {
            access_key_id: self.access_key_id.clone(),
            secret_key_enc,
            salt,
            nonce,
-        };
-        Ok(locked)
+        }
    }
 }

@ -250,72 +242,3 @@ where D: Deserializer<'de>
 {
    deserializer.deserialize_str(DateTimeVisitor)
 }
-
-
-struct Crypto {
-    cipher: XChaCha20Poly1305,
-}
-
-impl Crypto {
-    /// Argon2 params rationale:
-    ///
-    /// m_cost is measured in KiB, so 128 * 1024 gives us 128MiB.
-    /// This should roughly double the memory usage of the application
-    /// while deriving the key.
-    ///
-    /// p_cost is irrelevant since (at present) there isn't any parallelism
-    /// implemented, so we leave it at 1.
-    ///
-    /// With the above m_cost, t_cost = 8 results in about 800ms to derive
-    /// a key on my (somewhat older) CPU. This is probably overkill, but
-    /// given that it should only have to happen ~once a day for most 
-    /// usage, it should be acceptable.
-    #[cfg(not(debug_assertions))]
-    const MEM_COST: u32 = 128 * 1024;
-    #[cfg(not(debug_assertions))]
-    const TIME_COST: u32 = 8;
-
-    /// But since this takes a million years in an unoptimized build,
-    /// we turn it way down in debug builds.
-    #[cfg(debug_assertions)]
-    const MEM_COST: u32 = 48 * 1024;
-    #[cfg(debug_assertions)]
-    const TIME_COST: u32 = 1;
-    
-
-    fn new(passphrase: &str, salt: &[u8]) -> argon2::Result<Crypto> {
-        let params = ParamsBuilder::new()
-            .m_cost(Self::MEM_COST)
-            .p_cost(1)
-            .t_cost(Self::TIME_COST)
-            .build()
-            .unwrap(); // only errors if the given params are invalid
-
-        let hasher = Argon2::new(
-            Algorithm::Argon2id,
-            Version::V0x13,
-            params,
-        );
-
-        let mut key = [0; 32];
-        hasher.hash_password_into(passphrase.as_bytes(), &salt, &mut key)?;
-        let cipher = XChaCha20Poly1305::new(GenericArray::from_slice(&key));
-        Ok(Crypto { cipher })
-    }
-
-    fn salt() -> [u8; 32] {
-        let mut salt = [0; 32];
-        OsRng.fill_bytes(&mut salt);
-        salt
-    }
-
-    fn encrypt(&self, data: &[u8]) -> Result<(XNonce, Vec<u8>), AeadError> {
-        let nonce = XChaCha20Poly1305::generate_nonce(&mut OsRng);
-        let ciphertext = self.cipher.encrypt(&nonce, data)?;
-        Ok((nonce, ciphertext))
-    }
-
-    fn decrypt(&self, nonce: &XNonce, data: &[u8]) -> Result<Vec<u8>, AeadError> {
-        self.cipher.decrypt(nonce, data)
-    }
-}
--- a/src-tauri/src/errors.rs
+++ b/src-tauri/src/errors.rs
@ -164,8 +164,8 @@ pub enum UnlockError {
    NotLocked,
    #[error("No saved credentials were found")]
    NoCredentials,
-    #[error(transparent)]
-    Crypto(#[from] CryptoError),
+    #[error("Invalid passphrase")]
+    BadPassphrase,
    #[error("Data was found to be corrupt after decryption")]
    InvalidUtf8, // Somehow we got invalid utf-8 even though decryption succeeded
    #[error("Database error: {0}")]
@ -175,15 +175,6 @@ pub enum UnlockError {
 }


-#[derive(Debug, ThisError, AsRefStr)]
-pub enum CryptoError {
-    #[error(transparent)]
-    Argon2(#[from] argon2::Error),
-    #[error("Invalid passphrase")] // I think this is the only way decryption fails
-    Aead(#[from] chacha20poly1305::aead::Error),
-}
-
-
 // Errors encountered while trying to figure out who's on the other end of a request
 #[derive(Debug, ThisError, AsRefStr)]
 pub enum ClientInfoError {
@ -207,8 +198,6 @@ pub enum RequestError {
    InvalidJson,
    #[error("Error reading/writing stream: {0}")]
    StreamIOError(#[from] std::io::Error),
-    #[error("Error loading configuration data: {0}")]
-    Setup(#[from] SetupError),
 }


--- a/src-tauri/src/main.rs
+++ b/src-tauri/src/main.rs
@ -1,9 +1,3 @@
-#![cfg_attr(
-    all(not(debug_assertions), target_os = "windows"),
-    windows_subsystem = "windows"
-)]
-
-
 mod app;
 mod cli;
 mod config;
--- a/src-tauri/src/server.rs
+++ b/src-tauri/src/server.rs
@ -59,6 +59,15 @@ impl Handler {
            return Ok(())
        }
        let base = req_path == b"/creddy/base-credentials";
+        if base {
+            if clients.len() != 1 
+                || clients[0].is_none()
+                || clients[0].as_ref().unwrap().exe != std::env::current_exe()?
+            {
+                self.stream.write(b"HTTP/1.0 403 Access Denied\r\n\r\n").await?;
+                return Ok(())
+            }
+        }

        let req = Request {id: self.request_id, clients, base};
        self.app.emit_all("credentials-request", &req)?;
--- a/src-tauri/src/state.rs
+++ b/src-tauri/src/state.rs
@ -48,7 +48,7 @@ impl AppState {
    }

    pub async fn new_creds(&self, base_creds: BaseCredentials, passphrase: &str) -> Result<(), UnlockError> {
-        let locked = base_creds.encrypt(passphrase)?;
+        let locked = base_creds.encrypt(passphrase);
        // do this first so that if it fails we don't save bad credentials
        self.new_session(base_creds).await?;
        locked.save(&self.pool).await?;
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@ -8,7 +8,7 @@
  },
  "package": {
    "productName": "creddy",
-    "version": "0.2.0"
+    "version": "0.1.0"
  },
  "tauri": {
    "allowlist": {
--- a/src/App.svelte
+++ b/src/App.svelte
@ -15,6 +15,7 @@ invoke('get_config').then(config => $appState.config = config);
 listen('credentials-request', (tauriEvent) => {
    $appState.pendingRequests.put(tauriEvent.payload);
 });
+window.state = $appState;

 acceptRequest();
 </script>
--- a/src/ui/Spinner.svelte
+++ b/src/ui/Spinner.svelte
@ -1,113 +0,0 @@
-<script>
-    export let color = 'base-content';
-    export let thickness = '2px';
-    let classes = '';
-    export { classes as class };
-
-    const colorVars = {
-        'primary': 'p',
-        'primary-focus': 'pf',
-        'primary-content': 'pc',
-        'secondary': 's',
-        'secondary-focus': 'sf',
-        'secondary-content': 'sc',
-        'accent': 'a',
-        'accent-focus': 'af',
-        'accent-content': 'ac',
-        'neutral': 'n',
-        'neutral-focus': 'nf',
-        'neutral-content': 'nc',
-        'base-100': 'b1',
-        'base-200': 'b2',
-        'base-300': 'b3',
-        'base-content': 'bc',
-        'info': 'in',
-        'info-content': 'inc',
-        'success': 'su',
-        'success-content': 'suc',
-        'warning': 'wa',
-        'warning-content': 'wac',
-        'error': 'er',
-        'error-content': 'erc',
-    }
-
-    let arcStyle = `border-width: ${thickness};`;
-    arcStyle += `border-color: hsl(var(--${colorVars[color]})) transparent transparent transparent;`;
-</script>
-
-<style>
-    #spinner {
-        position: relative;
-
-        animation: spin;
-        animation-duration: 1.5s;
-        animation-iteration-count: infinite;
-        animation-timing-function: linear;
-    }
-
-    @keyframes spin {
-        50% { transform: rotate(225deg); }
-        100% { transform: rotate(360deg); }
-    }
-
-    .arc {
-        position: absolute;
-        top: 0;
-        left: 0;
-        border-radius: 9999px;
-    }
-
-    .arc-top {
-        transform: rotate(-45deg);
-    }
-
-    .arc-right {
-        animation: spin-right;
-        animation-duration: 3s;
-        animation-iteration-count: infinite;
-    }
-
-    .arc-bottom {
-        animation: spin-bottom;
-        animation-duration: 3s;
-        animation-iteration-count: infinite;
-    }
-
-    .arc-left {
-        animation: spin-left;
-        animation-duration: 3s;
-        animation-iteration-count: infinite;
-    }
-
-    @keyframes spin-top {
-        0% { transform: rotate(-45deg); }
-        50% { transform: rotate(315deg); }
-        100% { transform: rotate(-45deg); }
-    }
-
-    @keyframes spin-right {
-        0% { transform: rotate(45deg); }
-        50% { transform: rotate(315deg); }
-        100% { transform: rotate(405deg); }
-    }
-
-    @keyframes spin-bottom {
-        0% { transform: rotate(135deg); }
-        50% { transform: rotate(315deg); }
-        100% { transform: rotate(495deg); }
-    }
-
-    @keyframes spin-left {
-        0% { transform: rotate(225deg); }
-        50% { transform: rotate(315deg); }
-        100% { transform: rotate(585deg); }
-    }
-</style>
-
-
-<div id="spinner" class="w-6 h-6 {classes}">
-    <div class="arc arc-top w-full h-full" style={arcStyle}></div>
-    <div class="arc arc-right w-full h-full" style={arcStyle}></div>
-    <div class="arc arc-bottom w-full h-full" style={arcStyle}></div>
-    <div class="arc arc-left w-full h-full" style={arcStyle}></div>
-</div>
--- a/src/views/Approve.svelte
+++ b/src/views/Approve.svelte
@ -86,7 +86,7 @@
                    <svg xmlns="http://www.w3.org/2000/svg" class="stroke-current flex-shrink-0 h-6 w-6" fill="none" viewBox="0 0 24 24"><path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" /></svg>
                    <span>
                        WARNING: This application is requesting your base (long-lived) AWS credentials. 
-                        These credentials are less secure than session credentials, since they don't expire automatically.
+                        These crednetials are less secure than session credentials, since they don't expire automatically.
                    </span>
                </div>
            </div>
--- a/src/views/EnterCredentials.svelte
+++ b/src/views/EnterCredentials.svelte
@ -7,7 +7,6 @@
    import { navigate } from '../lib/routing.js';
    import Link from '../ui/Link.svelte';
    import ErrorAlert from '../ui/ErrorAlert.svelte';
-    import Spinner from '../ui/Spinner.svelte';


    let errorMsg = null;
@ -20,7 +19,6 @@
        }
    }

-    let saving = false;
    async function save() {
        if (passphrase !== confirmPassphrase) {
            alert.shake();
@ -29,7 +27,6 @@

        let credentials = {AccessKeyId, SecretAccessKey};
        try {
-            saving = true;
            await invoke('save_credentials', {credentials, passphrase});
            if ($appState.currentRequest) {
                navigate('Approve');
@ -50,8 +47,6 @@
            if (alert) {
                alert.shake();
            }
-
-            saving = false;
        }
    }
 </script>
@ -70,13 +65,7 @@
    <input type="password" placeholder="Passphrase" bind:value="{passphrase}" class="input input-bordered" />
    <input type="password" placeholder="Re-enter passphrase" bind:value={confirmPassphrase} class="input input-bordered" on:change={confirm} />

-    <button type="submit" class="btn btn-primary">
-        {#if saving}
-            <Spinner class="w-5 h-5" color="primary-content" thickness="2px"/>
-        {:else}
-            Submit
-        {/if}
-    </button>
+    <input type="submit" class="btn btn-primary" />
    <Link target="Home" hotkey="Escape">
        <button class="btn btn-sm btn-outline w-full">Cancel</button>
    </Link>
--- a/src/views/Unlock.svelte
+++ b/src/views/Unlock.svelte
@ -7,14 +7,12 @@
    import { getRootCause } from '../lib/errors.js';
    import ErrorAlert from '../ui/ErrorAlert.svelte';
    import Link from '../ui/Link.svelte';
-    import Spinner from '../ui/Spinner.svelte';


    let errorMsg = null;
    let alert;
    let passphrase = '';
    let loadTime = 0;
-    let saving = false;
    async function unlock() {
        // The hotkey for navigating here from homepage is Enter, which also
        // happens to trigger the form submit event
@ -23,7 +21,6 @@
        }

        try {
-            saving = true;
            let r = await invoke('unlock', {passphrase});
            $appState.credentialStatus = 'unlocked';
            if ($appState.currentRequest) {
@ -46,8 +43,6 @@
            if (alert) {
                alert.shake();
            }
-
-            saving = true;
        }
    }

@ -67,14 +62,7 @@
    <!-- svelte-ignore a11y-autofocus -->
    <input autofocus name="password" type="password" placeholder="correct horse battery staple" bind:value="{passphrase}" class="input input-bordered" />

-    <button type="submit" class="btn btn-primary">
-        {#if saving}
-            <Spinner class="w-5 h-5" color="primary-content" thickness="2px"/>
-        {:else}
-            Submit
-        {/if}
-    </button>
-
+    <input type="submit" class="btn btn-primary" />
    <Link target="Home" hotkey="Escape">
        <button class="btn btn-outline btn-sm w-full">Cancel</button>
    </Link>
Author	SHA1	Message	Date
Joseph Montanaro	61cc570289	finish exec subcommand	2023-05-06 12:00:31 -07:00
Joseph Montanaro	ed4b8153bb	keep working on exec subcommand	2023-05-06 11:48:08 -07:00
Joseph Montanaro	41f8e8f2ab	start working on exec subcommand	2023-05-02 15:36:00 -07:00