Add new task to drop the plaintext password from the sdcard

2019-09-09 12:56:08 -07:00 · 2019-09-09 12:56:08 -07:00 · cd9d45cddc
parent f400b2746f
commit cd9d45cddc
3 changed files with 57 additions and 1 deletions
--- a/farmbot_ext/lib/farmbot_ext/bootstrap/authorization.ex
+++ b/farmbot_ext/lib/farmbot_ext/bootstrap/authorization.ex
@ -44,6 +44,18 @@ defmodule FarmbotExt.Bootstrap.Authorization do
    end
  end

+  @doc "Helper fucntion that returns the secret after a successful request"
+  def authorize_with_password_v2(email, password, server) do
+    with {:ok, {:RSAPublicKey, _, _} = rsa_key} <- fetch_rsa_key(server),
+         secret <- build_secret(email, password, rsa_key),
+         {:ok, payload} <- build_payload(email, password, rsa_key),
+         {:ok, resp} <- request_token(server, payload),
+         {:ok, body} <- JSON.decode(resp),
+         {:ok, encoded} <- get_encoded(body) do
+      {:ok, {encoded, secret}}
+    end
+  end
+
  defp get_encoded(%{"token" => %{"encoded" => encoded}}), do: {:ok, encoded}
  defp get_encoded(_), do: {:error, :bad_response}

--- a/farmbot_ext/lib/farmbot_ext/bootstrap/drop_password_task.ex
+++ b/farmbot_ext/lib/farmbot_ext/bootstrap/drop_password_task.ex
@ -0,0 +1,43 @@
+defmodule FarmbotExt.Bootstrap.DropPasswordTask do
+  @moduledoc """
+  Task to make sure the plaintext password is dropped form 
+  the sqlite database.
+  """
+  import FarmbotCore.Config, only: [update_config_value: 4, get_config_value: 3]
+  require FarmbotCore.Logger
+  alias FarmbotExt.Bootstrap.Authorization
+
+  use GenServer
+
+  def start_link(args, opts \\ [name: __MODULE__]) do
+    GenServer.start_link(__MODULE__, args, opts)
+  end
+
+  def init(_args) do
+    send(self(), :checkup)
+    {:ok, %{backoff: 5000, timer: nil}}
+  end
+
+  def handle_info(:checkup, state) do
+    email = get_config_value(:string, "authorization", "email")
+    password = get_config_value(:string, "authorization", "password")
+    server = get_config_value(:string, "authorization", "server")
+    # secret = get_config_value(:string, "authorization", "secret")
+    if password do
+      case Authorization.authorize_with_password_v2(email, password, server) do
+        {:ok, {_, secret}} ->
+          # Drop the password from the database
+          update_config_value(:string, "authorization", "secret", secret)
+          update_config_value(:string, "authorization", "password", nil)
+          FarmbotCore.Logger.debug(3, "Successfully encoded secret")
+          {:noreply, state, :hibernate}
+
+        {:error, _} ->
+          timer = Process.send_after(self(), :checkup, state.backoff)
+          {:noreply, %{state | backoff: state.backoff + 1000, timer: timer}}
+      end
+    else
+      {:noreply, state, :hibernate}
+    end
+  end
+end
--- a/farmbot_ext/lib/farmbot_ext/bootstrap/supervisor.ex
+++ b/farmbot_ext/lib/farmbot_ext/bootstrap/supervisor.ex
@ -11,7 +11,8 @@ defmodule FarmbotExt.Bootstrap.Supervisor do
      FarmbotExt.API.EagerLoader.Supervisor,
      FarmbotExt.API.DirtyWorker.Supervisor,
      FarmbotExt.AMQP.Supervisor,
-      FarmbotExt.API.ImageUploader
+      FarmbotExt.API.ImageUploader,
+      FarmbotExt.Bootstrap.DropPasswordTask
    ]

    opts = [strategy: :one_for_one]