wip: download credentials

cmd/web/cmd/root.go

@@ -133,7 +133,9 @@ func (s *WebSrv) Start(ctx context.Context, ready server.ReadyFunc, run server.R
 		app.Get("/users", handlers.ListUsers())
 		app.Get("/users/new", handlers.NewUser())
 		app.Post("/users/create", handlers.CreateUser())
+		app.Get("/users/:id", handlers.ShowUser())
 		app.Get("/users/partials/account-skgs", handlers.AccountSksOptions())
+		app.Get("/users/:id/credentials", handlers.UserCredentials())
 
 		err = app.Listen(s.cfg.Flags.Addr)
 		if err != nil {

internal/api/models/account.go

@@ -37,3 +37,14 @@ type Account struct {
 	// DeletedAt is the time the account was deleted.
 	DeletedAt gorm.DeletedAt `json:"deleted_at" gorm:"index"`
 }
+
+// FindSigningKeyGroupByID ...
+func (a *Account) FindSigningKeyGroupByID(id uuid.UUID) *SigningKeyGroup {
+	for _, skg := range a.SigningKeyGroups {
+		if skg.ID == id {
+			return &skg
+		}
+	}
+
+	return nil
+}

internal/web/adapters/db/users.go

@@ -3,13 +3,12 @@ package db
 import (
 	"context"
 
-	"github.com/zeiss/fiber-goth/adapters"
 	"github.com/zeiss/typhoon/internal/api/models"
 )
 
 // GetUser ...
-func (d *database) GetUser(ctx context.Context, user *adapters.GothUser) error {
-	return d.conn.WithContext(ctx).First(user).Error
+func (d *database) GetUser(ctx context.Context, user *models.User) error {
+	return d.conn.WithContext(ctx).Preload("Key").Preload("Token").Preload("Account").Preload("Account.SigningKeyGroups").First(user).Error
 }
 
 // ListUsers ...

internal/web/adapters/handlers/handlers.go

@@ -11,6 +11,7 @@ import (
 	"github.com/zeiss/typhoon/internal/web/controllers/operators"
 	oskgs "github.com/zeiss/typhoon/internal/web/controllers/operators/skgs"
 	"github.com/zeiss/typhoon/internal/web/controllers/users"
+	"github.com/zeiss/typhoon/internal/web/controllers/users/credentials"
 	pu "github.com/zeiss/typhoon/internal/web/controllers/users/partials"
 	"github.com/zeiss/typhoon/internal/web/ports"
 )
@@ -118,5 +119,15 @@ func (h *handlers) NewUser() fiber.Handler {
 
 // CreateUser ...
 func (h *handlers) CreateUser() fiber.Handler {
-	return htmx.NewHxControllerHandler(users.NewUserController(h.db))
+	return htmx.NewHxControllerHandler(users.NewCreateUserController(h.db))
+}
+
+// ShowUser ...
+func (h *handlers) ShowUser() fiber.Handler {
+	return htmx.NewHxControllerHandler(users.NewShowUserController(h.db))
+}
+
+// UserCredentials ...
+func (h *handlers) UserCredentials() fiber.Handler {
+	return htmx.NewHxControllerHandler(credentials.NewIndexUserCredentialsController(h.db))
 }

internal/web/controllers/me/index.go

@@ -1,13 +1,11 @@
 package me
 
 import (
-	"github.com/zeiss/fiber-goth/adapters"
 	htmx "github.com/zeiss/fiber-htmx"
 	"github.com/zeiss/fiber-htmx/components/buttons"
 	"github.com/zeiss/fiber-htmx/components/cards"
 	"github.com/zeiss/fiber-htmx/components/forms"
 	"github.com/zeiss/typhoon/internal/web/components"
-	"github.com/zeiss/typhoon/pkg/resolvers"
 )
 
 // MeController ...
@@ -27,8 +25,6 @@ func (m *MeController) Prepare() error {
 
 // Get ...
 func (m *MeController) Get() error {
-	user := htmx.Values[adapters.GothUser](m.Ctx().UserContext(), resolvers.ValuesKeyUser)
-
 	return htmx.RenderComp(
 		m.Ctx(),
 		components.Page(
@@ -59,8 +55,8 @@ func (m *MeController) Get() error {
 
 									forms.TextInputBordered(
 										forms.TextInputProps{
-											Name:     "username",
-											Value:    user.Name,
+											Name: "username",
+											// Value:    user.Name,
 											Disabled: true,
 										},
 									),
@@ -87,8 +83,8 @@ func (m *MeController) Get() error {
 									),
 									forms.TextInputBordered(
 										forms.TextInputProps{
-											Name:     "email",
-											Value:    user.Email,
+											Name: "email",
+											// Value:    user.Email,
 											Disabled: true,
 										},
 									),

internal/web/controllers/users/create.go

@@ -1,12 +1,17 @@
 package users
 
 import (
+	"fmt"
+
 	"github.com/go-playground/validator/v10"
 	"github.com/google/uuid"
+	"github.com/nats-io/jwt"
+	"github.com/nats-io/nkeys"
 	htmx "github.com/zeiss/fiber-htmx"
 	"github.com/zeiss/fiber-htmx/components/buttons"
 	"github.com/zeiss/fiber-htmx/components/cards"
 	"github.com/zeiss/fiber-htmx/components/forms"
+	"github.com/zeiss/typhoon/internal/api/models"
 	"github.com/zeiss/typhoon/internal/web/components"
 	"github.com/zeiss/typhoon/internal/web/ports"
 )
@@ -15,18 +20,19 @@ var validate *validator.Validate
 
 // CreateUserControllerImpl ...
 type CreateUserControllerImpl struct {
-	AccountID   uuid.UUID `json:"operator_id" form:"operator_id" validate:"required:uuid"`
-	Name        string    `json:"name" form:"name" validate:"required,min=3,max=100"`
-	Description string    `json:"description" form:"description" validate:"required,min=3,max=1024"`
+	AccountID                uuid.UUID `json:"account_id" form:"account_id" validate:"required,uuid"`
+	AccountSigningKeyGroupID uuid.UUID `json:"account_skgs_id" form:"account_skgs_id" validate:"required,uuid"`
+	Name                     string    `json:"name" form:"name" validate:"required,min=3,max=100"`
+	Description              string    `json:"description" form:"description" validate:"required,min=3,max=1024"`
 
-	ports.Users
+	ports.Repository
 	htmx.DefaultController
 }
 
 // NewCreateUserController ...
-func NewCreateUserController(db ports.Users) *CreateUserControllerImpl {
+func NewCreateUserController(db ports.Repository) *CreateUserControllerImpl {
 	return &CreateUserControllerImpl{
-		Users:             db,
+		Repository:        db,
 		DefaultController: htmx.DefaultController{},
 	}
 }
@@ -35,7 +41,7 @@ func NewCreateUserController(db ports.Users) *CreateUserControllerImpl {
 func (l *CreateUserControllerImpl) Prepare() error {
 	validate = validator.New()
 
-	err := l.Ctx().BodyParser(&l)
+	err := l.Ctx().BodyParser(l)
 	if err != nil {
 		return err
 	}
@@ -50,22 +56,68 @@ func (l *CreateUserControllerImpl) Prepare() error {
 
 // Post ...
 func (l *CreateUserControllerImpl) Post() error {
-	// op := models.Account{
-	// 	Name:        l.Name,
-	// 	Description: utils.StrPtr(l.Description),
-	// }
-
-	// op, err := models.NewOperator(query.Name, query.Description)
-	// if err != nil {
-	// 	return err
-	// }
-
-	// err = l.CreateOperator(l.Context(), &op)
-	// if err != nil {
-	// 	return err
-	// }
-
-	htmx.Redirect(l.Ctx(), "/accounts")
+	user := models.User{Name: l.Name, Description: l.Description}
+	account := models.Account{ID: l.AccountID, SigningKeyGroups: []models.SigningKeyGroup{{ID: l.AccountSigningKeyGroupID}}}
+
+	err := l.GetAccount(l.Context(), &account)
+	if err != nil {
+		return err
+	}
+	user.Account = account
+
+	pk, err := nkeys.CreateUser()
+	if err != nil {
+		return err
+	}
+
+	id, err := pk.PublicKey()
+	if err != nil {
+		return err
+	}
+
+	seed, err := pk.Seed()
+	if err != nil {
+		return err
+	}
+	user.Key = models.NKey{ID: id, Seed: seed}
+
+	if len(account.SigningKeyGroups) < 1 {
+		return fmt.Errorf("account %s has no signing keys", account.ID)
+	}
+
+	askg := account.FindSigningKeyGroupByID(l.AccountSigningKeyGroupID)
+	if askg == nil {
+		return fmt.Errorf("account %s does not have signing key group %s", account.ID, l.AccountSigningKeyGroupID)
+	}
+
+	ask, err := nkeys.FromSeed(askg.Key.Seed)
+	if err != nil {
+		return err
+	}
+
+	askpk, err := ask.PublicKey()
+	if err != nil {
+		return err
+	}
+
+	// // Create a token for the user
+	u := jwt.NewUserClaims(id)
+	u.Name = l.Name
+	u.IssuerAccount = account.Key.ID
+	u.Issuer = askpk
+
+	token, err := u.Encode(ask)
+	if err != nil {
+		return err
+	}
+	user.Token = models.Token{ID: id, Token: token}
+
+	err = l.CreateUser(l.Context(), &user)
+	if err != nil {
+		return err
+	}
+
+	htmx.Redirect(l.Ctx(), "/users")
 
 	return nil
 }

internal/web/controllers/users/credentials/index.go

@@ -0,0 +1,59 @@
+package credentials
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/google/uuid"
+	htmx "github.com/zeiss/fiber-htmx"
+	"github.com/zeiss/typhoon/internal/api/models"
+	"github.com/zeiss/typhoon/internal/web/ports"
+)
+
+// IndexUserCredentialsControllerImpl ...
+type IndexUserCredentialsControllerImpl struct {
+	ID uuid.UUID `json:"id" form:"id" param:"id" validate:"required:uuid"`
+
+	ports.Users
+	htmx.DefaultController
+}
+
+// NewIndexUserCredentialsController ...
+func NewIndexUserCredentialsController(db ports.Users) *IndexUserCredentialsControllerImpl {
+	return &IndexUserCredentialsControllerImpl{
+		Users:             db,
+		DefaultController: htmx.DefaultController{},
+	}
+}
+
+// Error ...
+func (l *IndexUserCredentialsControllerImpl) Error(err error) error {
+	fmt.Println(err)
+
+	return nil
+}
+
+// Get ...
+func (l *IndexUserCredentialsControllerImpl) Get() error {
+	err := l.BindParams(l)
+	if err != nil {
+		return err
+	}
+
+	user := models.User{ID: l.ID}
+
+	err = l.GetUser(l.Context(), &user)
+	if err != nil {
+		return err
+	}
+
+	bb, err := user.Credentials()
+	if err != nil {
+		return err
+	}
+
+	r := bytes.NewReader(bb)
+
+	l.Ctx().Set("Content-Disposition", `attachment; filename="credentials.creds"`)
+	return l.Ctx().SendStream(r)
+}

internal/web/controllers/users/new.go

@@ -243,7 +243,7 @@ func (l *NewUserControllerImpl) Get() error {
 								buttons.Outline(
 									buttons.ButtonProps{},
 									htmx.Attribute("type", "submit"),
-									htmx.Text("Create Account"),
+									htmx.Text("Create User"),
 								),
 							),
 						),

internal/web/controllers/users/partials/account_skgs.go

@@ -65,7 +65,7 @@ func (l *AccountSkgsOptionsImpl) Get() error {
 			htmx.Group(
 				htmx.ForEach(skgs, func(e *models.SigningKeyGroup) htmx.Node {
 					return htmx.Option(
-						htmx.Attribute("value", e.KeyID),
+						htmx.Attribute("value", e.ID.String()),
 						htmx.Text(e.Name),
 					)
 				})...,