feat: Support changing master password #50
7 changed files with 59 additions and 12 deletions
|
@ -55,8 +55,9 @@ impl LprsCommand for Add {
|
||||||
fn run(mut self, mut vault_manager: Vaults) -> LprsResult<()> {
|
fn run(mut self, mut vault_manager: Vaults) -> LprsResult<()> {
|
||||||
if !self.vault_info.is_empty() {
|
if !self.vault_info.is_empty() {
|
||||||
self.vault_info.name = self.vault_info.name.trim().to_string();
|
self.vault_info.name = self.vault_info.name.trim().to_string();
|
||||||
self.vault_info.password = utils::user_secret(self.password, "Vault password:")?;
|
self.vault_info.password = utils::user_secret(self.password, "Vault password:", false)?;
|
||||||
self.vault_info.totp_secret = utils::user_secret(self.totp_secret, "TOTP Secret:")?;
|
self.vault_info.totp_secret =
|
||||||
|
utils::user_secret(self.totp_secret, "TOTP Secret:", false)?;
|
||||||
self.vault_info.custom_fields = self.custom_fields.into_iter().collect();
|
self.vault_info.custom_fields = self.custom_fields.into_iter().collect();
|
||||||
vault_manager.add_vault(self.vault_info);
|
vault_manager.add_vault(self.vault_info);
|
||||||
vault_manager.try_export()?;
|
vault_manager.try_export()?;
|
||||||
|
|
39
src/cli/change_master_password_command.rs
Normal file
39
src/cli/change_master_password_command.rs
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
// Lprs - A local CLI vaults manager. For human and machine use
|
||||||
|
// Copyright (C) 2024 Awiteb <a@4rs.nl>
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU General Public License
|
||||||
|
// along with this program. If not, see <https://www.gnu.org/licenses/gpl-3.0.html>.
|
||||||
|
|
||||||
|
use clap::Args;
|
||||||
|
use sha2::{Digest, Sha256};
|
||||||
|
|
||||||
|
use crate::{utils, vault::Vaults, LprsCommand, LprsResult};
|
||||||
|
|
||||||
|
#[derive(Debug, Args)]
|
||||||
|
/// Change master password, reencrypt the vaults with new password
|
||||||
|
pub struct ChangeMasterPassword {
|
||||||
|
/// The new master password, if there is no value for it you will prompt it
|
||||||
|
#[allow(clippy::option_option)]
|
||||||
|
new_password: Option<String>,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl LprsCommand for ChangeMasterPassword {
|
||||||
|
fn run(self, mut vault_manager: Vaults) -> LprsResult<()> {
|
||||||
|
vault_manager.master_password =
|
||||||
|
utils::user_secret(Some(self.new_password), "New master password:", true)?
|
||||||
|
.map(|s| Sha256::digest(s).into())
|
||||||
|
.expect("We wrap it in `Some`, so is will return a secret");
|
||||||
|
vault_manager.try_export()?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
}
|
|
@ -77,10 +77,10 @@ impl LprsCommand for Edit {
|
||||||
vault.name = new_name;
|
vault.name = new_name;
|
||||||
}
|
}
|
||||||
if self.password.is_some() {
|
if self.password.is_some() {
|
||||||
vault.password = utils::user_secret(self.password, "New vault password:")?;
|
vault.password = utils::user_secret(self.password, "New vault password:", false)?;
|
||||||
}
|
}
|
||||||
if self.totp_secret.is_some() {
|
if self.totp_secret.is_some() {
|
||||||
vault.totp_secret = utils::user_secret(self.totp_secret, "TOTP Secret:")?;
|
vault.totp_secret = utils::user_secret(self.totp_secret, "TOTP Secret:", false)?;
|
||||||
}
|
}
|
||||||
if let Some(new_username) = self.username {
|
if let Some(new_username) = self.username {
|
||||||
vault.username = Some(new_username);
|
vault.username = Some(new_username);
|
||||||
|
|
|
@ -55,7 +55,7 @@ impl LprsCommand for Export {
|
||||||
);
|
);
|
||||||
|
|
||||||
let encryption_key: Option<[u8; 32]> =
|
let encryption_key: Option<[u8; 32]> =
|
||||||
utils::user_secret(self.encryption_password, "Encryption Password:")?
|
utils::user_secret(self.encryption_password, "Encryption Password:", false)?
|
||||||
.map(|p| sha2::Sha256::digest(p).into());
|
.map(|p| sha2::Sha256::digest(p).into());
|
||||||
|
|
||||||
let exported_data = match self.format {
|
let exported_data = match self.format {
|
||||||
|
|
|
@ -60,7 +60,7 @@ impl LprsCommand for Import {
|
||||||
);
|
);
|
||||||
|
|
||||||
let decryption_key: Option<[u8; 32]> =
|
let decryption_key: Option<[u8; 32]> =
|
||||||
utils::user_secret(self.decryption_password, "Decryption password:")?
|
utils::user_secret(self.decryption_password, "Decryption password:", false)?
|
||||||
.map(|p| sha2::Sha256::digest(p).into());
|
.map(|p| sha2::Sha256::digest(p).into());
|
||||||
|
|
||||||
let imported_passwords_len = match self.format {
|
let imported_passwords_len = match self.format {
|
||||||
|
|
|
@ -23,6 +23,8 @@ use crate::{impl_commands, utils, vault::Vaults, LprsCommand, LprsResult};
|
||||||
|
|
||||||
/// Add command, used to add new vault to the vaults file
|
/// Add command, used to add new vault to the vaults file
|
||||||
pub mod add_command;
|
pub mod add_command;
|
||||||
|
/// Change master password, reencrypt the vaults with new password
|
||||||
|
pub mod change_master_password_command;
|
||||||
/// Clean command, used to clean the vaults file (remove all vaults)
|
/// Clean command, used to clean the vaults file (remove all vaults)
|
||||||
pub mod clean_command;
|
pub mod clean_command;
|
||||||
/// Generate shell completion
|
/// Generate shell completion
|
||||||
|
@ -67,11 +69,13 @@ pub enum Commands {
|
||||||
Export(export_command::Export),
|
Export(export_command::Export),
|
||||||
/// Import vaults
|
/// Import vaults
|
||||||
Import(import_command::Import),
|
Import(import_command::Import),
|
||||||
|
/// Change master password, reencrypt the vaults with new password
|
||||||
|
ChangeMasterPassword(change_master_password_command::ChangeMasterPassword),
|
||||||
/// Generate shell completion
|
/// Generate shell completion
|
||||||
Completion(completion_command::Completion),
|
Completion(completion_command::Completion),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl_commands!(Commands, Add Remove List Clean Edit Gen Get Export Import Completion);
|
impl_commands!(Commands, Add Remove List Clean Edit Gen Get Export Import ChangeMasterPassword Completion);
|
||||||
|
|
||||||
#[derive(Parser, Debug)]
|
#[derive(Parser, Debug)]
|
||||||
#[command(author, version, about, long_about = None)]
|
#[command(author, version, about, long_about = None)]
|
||||||
|
|
|
@ -57,6 +57,7 @@ pub fn local_project_file(filename: &str) -> LprsResult<PathBuf> {
|
||||||
pub fn user_secret(
|
pub fn user_secret(
|
||||||
secret: Option<Option<String>>,
|
secret: Option<Option<String>>,
|
||||||
prompt_message: &str,
|
prompt_message: &str,
|
||||||
|
confirmation: bool,
|
||||||
) -> LprsResult<Option<String>> {
|
) -> LprsResult<Option<String>> {
|
||||||
Ok(match secret {
|
Ok(match secret {
|
||||||
None => None,
|
None => None,
|
||||||
|
@ -64,10 +65,12 @@ pub fn user_secret(
|
||||||
Some(None) => {
|
Some(None) => {
|
||||||
log::debug!("User didn't provide a secret, prompting it");
|
log::debug!("User didn't provide a secret, prompting it");
|
||||||
Some(
|
Some(
|
||||||
Password::new(prompt_message)
|
Password {
|
||||||
.without_confirmation()
|
enable_confirmation: confirmation,
|
||||||
|
..Password::new(prompt_message)
|
||||||
.with_formatter(&|p| "*".repeat(p.chars().count()))
|
.with_formatter(&|p| "*".repeat(p.chars().count()))
|
||||||
.with_display_mode(PasswordDisplayMode::Masked)
|
.with_display_mode(PasswordDisplayMode::Masked)
|
||||||
|
}
|
||||||
.prompt()?,
|
.prompt()?,
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue