From d2529e32bd9cb7416c888a6c450c98f59d9dc5cf Mon Sep 17 00:00:00 2001
From: fbt <fbt@fleshless.org>
Date: Sun, 24 Nov 2019 13:18:22 +0300
Subject: [PATCH] Let the script get its own damn token

Signed-off-by: fbt <fbt@fleshless.org>
---
 ufw | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/ufw b/ufw
index 2e91711..fb9d072 100755
--- a/ufw
+++ b/ufw
@@ -227,7 +227,7 @@ get_api_status() {
 		jq -r '.status.code, .status.message'
 	)
 
-	if ! (( api_status == 200 )); then
+	if (( api_status >= 400 )); then
 		return 1
 	fi
 }
@@ -274,6 +274,33 @@ login() {
 	fi
 }
 
+get_token() {
+	[[ $secret ]] && return 0
+
+	declare api_response login password
+
+	printf "First-time setup...\n"
+	read -p  'Username: ' login
+	read -sp 'Password: ' password
+	printf '\n'
+
+	login_response=$(curl -c $XDG_CONFIG_DIR/ufw.cookiejar -d "login=$login" -d "password=$password" -sl "$cfg_service_url/login.json")
+	get_api_status <<< "$login_response" || {
+		jq -r '.status.message' <<< "$login_response"
+		return 1
+	}
+
+	api_response=$(curl -b $XDG_CONFIG_DIR/ufw.cookiejar -sl "$cfg_service_url/api_token.json")
+	if get_api_status <<< "$api_response"; then
+		secret=$(jq -r '.data.token' <<< "$api_response")
+		printf 'export secret="%s"' "$secret" > "$XDG_CONFIG_DIR/ufw"
+		chmod 600 "$XDG_CONFIG_DIR/ufw"
+		printf 'Done\n'
+	else
+		printf 'Error: %s %s\n' "$api_status" "$api_status_message"
+	fi
+}
+
 set_argv() {
 	declare arg opt c
 	declare -g argv
@@ -397,6 +424,8 @@ main() {
 		[[ -d "$i" ]] || { mkdir -p "$i"; }
 	done
 
+	get_token || return $?
+
 	case "${action:-upload}" in
 		upload)
 			if (( $# )); then