Let the script get its own damn token

Signed-off-by: fbt <fbt@fleshless.org>
2019-11-24 13:18:22 +03:00 · 2019-11-24 13:18:22 +03:00 · d2529e32bd
parent bb704f4856
commit d2529e32bd
1 changed files with 30 additions and 1 deletions
--- a/31
+++ b/31
@ -227,7 +227,7 @@ get_api_status() {
 		jq -r '.status.code, .status.message'
 	)

-	if ! (( api_status == 200 )); then
+	if (( api_status >= 400 )); then
 		return 1
 	fi
 }
@ -274,6 +274,33 @@ login() {
 	fi
 }

+get_token() {
+	[[ $secret ]] && return 0
+
+	declare api_response login password
+
+	printf "First-time setup...\n"
+	read -p  'Username: ' login
+	read -sp 'Password: ' password
+	printf '\n'
+
+	login_response=$(curl -c $XDG_CONFIG_DIR/ufw.cookiejar -d "login=$login" -d "password=$password" -sl "$cfg_service_url/login.json")
+	get_api_status <<< "$login_response" || {
+		jq -r '.status.message' <<< "$login_response"
+		return 1
+	}
+
+	api_response=$(curl -b $XDG_CONFIG_DIR/ufw.cookiejar -sl "$cfg_service_url/api_token.json")
+	if get_api_status <<< "$api_response"; then
+		secret=$(jq -r '.data.token' <<< "$api_response")
+		printf 'export secret="%s"' "$secret" > "$XDG_CONFIG_DIR/ufw"
+		chmod 600 "$XDG_CONFIG_DIR/ufw"
+		printf 'Done\n'
+	else
+		printf 'Error: %s %s\n' "$api_status" "$api_status_message"
+	fi
+}
+
 set_argv() {
 	declare arg opt c
 	declare -g argv
@ -397,6 +424,8 @@ main() {
 		[[ -d "$i" ]] || { mkdir -p "$i"; }
 	done

+	get_token || return $?
+
 	case "${action:-upload}" in
 		upload)
 			if (( $# )); then