Better encryption handling (#132)

recep · web-flow · commit fbba7ad0fb07 · 2020-07-20T00:10:23.000+03:00
Closes #131 * encryption and decryption for login model * encrption and decryption * update * update
diff --git a/internal/app/login.go b/internal/app/login.go
@@ -2,12 +2,51 @@ package app
 
 import (
 	"encoding/base64"
+	"reflect"
 
 	"github.com/passwall/passwall-server/internal/storage"
 	"github.com/passwall/passwall-server/model"
 	"github.com/spf13/viper"
 )
 
+// Model encryption
+func EncryptLogin(loginDTO model.LoginDTO) model.LoginDTO {
+	num := reflect.TypeOf(loginDTO).NumField()
+
+	var tagVal string
+
+	for i := 0; i < num; i++ {
+		tagVal = reflect.TypeOf(loginDTO).Field(i).Tag.Get("encrypt")
+		value := reflect.ValueOf(loginDTO).Field(i).String()
+
+		if tagVal == "true" {
+			value = base64.StdEncoding.EncodeToString(Encrypt(value, viper.GetString("server.passphrase")))
+			reflect.ValueOf(&loginDTO).Elem().Field(i).SetString(value)
+		}
+	}
+
+	return loginDTO
+}
+
+// Model decryption
+func DecryptLogin(login model.Login) model.Login {
+	num := reflect.TypeOf(login).NumField()
+
+	var tagVal string
+
+	for i := 0; i < num; i++ {
+		tagVal = reflect.TypeOf(login).Field(i).Tag.Get("encrypt")
+		value := reflect.ValueOf(login).Field(i).String()
+
+		if tagVal == "true" {
+			valueByte, _ := base64.StdEncoding.DecodeString(value)
+			value = string(Decrypt(string(valueByte[:]), viper.GetString("server.passphrase")))
+		}
+	}
+
+	return login
+}
+
 // CreateLogin creates a login and saves it to the store
 func CreateLogin(s storage.Store, dto *model.LoginDTO, schema string) (*model.Login, error) {
 
diff --git a/model/login.go b/model/login.go
@@ -6,26 +6,29 @@ import (
 
 // Login ...
 type Login struct {
-	ID        uint       `gorm:"primary_key" json:"id"`
-	CreatedAt time.Time  `json:"created_at"`
-	UpdatedAt time.Time  `json:"updated_at"`
-	DeletedAt *time.Time `json:"deleted_at"`
-	Title     string     `json:"title"`
-	URL       string     `json:"url"`
-	Username  string     `json:"username"`
-	Password  string     `json:"password"`
+	ID        uint       `gorm:"primary_key" json:"id" encrypt:"false"`
+	CreatedAt time.Time  `json:"created_at" encrypt:"true"`
+	UpdatedAt time.Time  `json:"updated_at" encrypt:"true"`
+	DeletedAt *time.Time `json:"deleted_at" encrypt:"true"`
+	Title     string     `json:"title" encrypt:"false"`
+	URL       string     `json:"url" encrypt:"true"`
+	Username  string     `json:"username" encrypt:"true"`
+	Password  string     `json:"password" encrypt:"true"`
 }
 
 type LoginDTO struct {
-	ID       uint   `json:"id"`
-	Title    string `json:"title"`
-	URL      string `json:"url"`
-	Username string `json:"username"`
-	Password string `json:"password"`
+	ID       uint   `json:"id" encrypt:"false"`
+	Title    string `json:"title" encrypt:"false"`
+	URL      string `json:"url" encrypt:"true"`
+	Username string `json:"username" encrypt:"true"`
+	Password string `json:"password" encrypt:"true"`
 }
 
 // ToLogin ...
 func ToLogin(loginDTO *LoginDTO) *Login {
+
+	//*loginDTO = app.EncryptLogin(*loginDTO)
+
 	return &Login{
 		Title:    loginDTO.Title,
 		URL:      loginDTO.URL,
@@ -42,6 +45,8 @@ func ToLoginDTO(login *Login) *LoginDTO {
 	// 	login.URL = strings.TrimPrefix(login.URL, trims[i])
 	// }
 
+	//*login = app.DecryptLogin(*login)
+
 	return &LoginDTO{
 		ID:       login.ID,
 		Title:    login.Title,
