feat: setup wizard key generation
added ed25519 keypair generation to setup endpoint wired route for POST /api/setup/generate-keys existing registration token system handles deployment
This commit is contained in:
Fimeg
@@ -172,7 +172,6 @@ func main() {
|
||||
rateLimitHandler := handlers.NewRateLimitHandler(rateLimiter)
|
||||
downloadHandler := handlers.NewDownloadHandler(filepath.Join("/app"), cfg)
|
||||
subsystemHandler := handlers.NewSubsystemHandler(subsystemQueries, commandQueries)
|
||||
deploymentHandler := handlers.NewDeploymentHandler(registrationTokenQueries, agentQueries)
|
||||
|
||||
// Initialize verification handler
|
||||
var verificationHandler *handlers.VerificationHandler
|
||||
@@ -320,12 +319,6 @@ func main() {
|
||||
admin.GET("/registration-tokens/stats", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), registrationTokenHandler.GetTokenStats)
|
||||
admin.GET("/registration-tokens/validate", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), registrationTokenHandler.ValidateRegistrationToken)
|
||||
|
||||
// Deployment routes (token management with install commands)
|
||||
admin.GET("/deployment/tokens", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), deploymentHandler.ListTokens)
|
||||
admin.POST("/deployment/tokens", rateLimiter.RateLimit("admin_token_gen", middleware.KeyByUserID), deploymentHandler.CreateToken)
|
||||
admin.GET("/deployment/tokens/:id", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), deploymentHandler.GetToken)
|
||||
admin.DELETE("/deployment/tokens/:id", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), deploymentHandler.RevokeToken)
|
||||
|
||||
// Rate Limit Management
|
||||
admin.GET("/rate-limits", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), rateLimitHandler.GetRateLimitSettings)
|
||||
admin.PUT("/rate-limits", rateLimiter.RateLimit("admin_operations", middleware.KeyByUserID), rateLimitHandler.UpdateRateLimitSettings)
|
||||
|
||||
@@ -1,96 +0,0 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/Fimeg/RedFlag/aggregator-server/internal/database/queries"
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
type DeploymentHandler struct {
|
||||
registrationTokenQueries *queries.RegistrationTokenQueries
|
||||
agentQueries *queries.AgentQueries
|
||||
}
|
||||
|
||||
func NewDeploymentHandler(regTokenQueries *queries.RegistrationTokenQueries, agentQueries *queries.AgentQueries) *DeploymentHandler {
|
||||
return &DeploymentHandler{
|
||||
registrationTokenQueries: regTokenQueries,
|
||||
agentQueries: agentQueries,
|
||||
}
|
||||
}
|
||||
|
||||
// ListTokens returns all registration tokens
|
||||
func (h *DeploymentHandler) ListTokens(c *gin.Context) {
|
||||
tokens, err := h.registrationTokenQueries.ListAllTokens()
|
||||
if err != nil {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to list tokens"})
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, gin.H{"tokens": tokens})
|
||||
}
|
||||
|
||||
// CreateToken creates a new registration token
|
||||
func (h *DeploymentHandler) CreateToken(c *gin.Context) {
|
||||
var req struct {
|
||||
MaxSeats int `json:"max_seats" binding:"required,min=1"`
|
||||
ExpiresIn string `json:"expires_in"` // e.g., "24h", "7d"
|
||||
Note string `json:"note"` // Optional note/label
|
||||
}
|
||||
if err := c.ShouldBindJSON(&req); err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
// Parse expiration duration
|
||||
var duration time.Duration
|
||||
var err error
|
||||
if req.ExpiresIn != "" {
|
||||
duration, err = time.ParseDuration(req.ExpiresIn)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid expires_in format - use Go duration (e.g., 24h, 168h)"})
|
||||
return
|
||||
}
|
||||
} else {
|
||||
duration = 24 * time.Hour // Default 24 hours
|
||||
}
|
||||
|
||||
expiresAt := time.Now().Add(duration)
|
||||
token, err := h.registrationTokenQueries.CreateToken(req.MaxSeats, expiresAt)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to create token"})
|
||||
return
|
||||
}
|
||||
|
||||
// Build install command
|
||||
serverURL := c.Request.Host
|
||||
installCommand := fmt.Sprintf("curl -sSL http://%s/api/v1/install/linux | bash -s -- %s", serverURL, token.Token)
|
||||
|
||||
c.JSON(http.StatusOK, gin.H{
|
||||
"token": token,
|
||||
"install_command": installCommand,
|
||||
"message": "registration token created",
|
||||
})
|
||||
}
|
||||
|
||||
// RevokeToken revokes a registration token
|
||||
func (h *DeploymentHandler) RevokeToken(c *gin.Context) {
|
||||
tokenID := c.Param("id")
|
||||
if err := h.registrationTokenQueries.RevokeToken(tokenID); err != nil {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to revoke token"})
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, gin.H{"message": "token revoked"})
|
||||
}
|
||||
|
||||
// GetToken returns details about a specific token
|
||||
func (h *DeploymentHandler) GetToken(c *gin.Context) {
|
||||
tokenID := c.Param("id")
|
||||
token, err := h.registrationTokenQueries.GetTokenByID(tokenID)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusNotFound, gin.H{"error": "token not found"})
|
||||
return
|
||||
}
|
||||
c.JSON(http.StatusOK, gin.H{"token": token})
|
||||
}
|
||||
Reference in New Issue
Block a user