mirror of
https://github.com/khoaliber/dockhand.git
synced 2026-03-04 21:29:06 +00:00
Initial commit
This commit is contained in:
Jarek Krochmalski
88
routes/api/git/credentials/+server.ts
Normal file
88
routes/api/git/credentials/+server.ts
Normal file
@@ -0,0 +1,88 @@
|
||||
import { json } from '@sveltejs/kit';
|
||||
import type { RequestHandler } from './$types';
|
||||
import {
|
||||
getGitCredentials,
|
||||
createGitCredential,
|
||||
type GitAuthType
|
||||
} from '$lib/server/db';
|
||||
import { authorize } from '$lib/server/authorize';
|
||||
|
||||
export const GET: RequestHandler = async ({ cookies }) => {
|
||||
const auth = await authorize(cookies);
|
||||
if (auth.authEnabled && !await auth.can('git', 'view')) {
|
||||
return json({ error: 'Permission denied' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const credentials = await getGitCredentials();
|
||||
// Don't expose sensitive data in list view
|
||||
const sanitized = credentials.map(cred => ({
|
||||
id: cred.id,
|
||||
name: cred.name,
|
||||
authType: cred.authType,
|
||||
username: cred.username,
|
||||
hasPassword: !!cred.password,
|
||||
hasSshKey: !!cred.sshPrivateKey,
|
||||
createdAt: cred.createdAt,
|
||||
updatedAt: cred.updatedAt
|
||||
}));
|
||||
return json(sanitized);
|
||||
} catch (error) {
|
||||
console.error('Failed to get git credentials:', error);
|
||||
return json({ error: 'Failed to get git credentials' }, { status: 500 });
|
||||
}
|
||||
};
|
||||
|
||||
export const POST: RequestHandler = async ({ request, cookies }) => {
|
||||
const auth = await authorize(cookies);
|
||||
if (auth.authEnabled && !await auth.can('git', 'create')) {
|
||||
return json({ error: 'Permission denied' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const data = await request.json();
|
||||
|
||||
if (!data.name || typeof data.name !== 'string') {
|
||||
return json({ error: 'Name is required' }, { status: 400 });
|
||||
}
|
||||
|
||||
const authType = (data.authType || 'none') as GitAuthType;
|
||||
if (!['none', 'password', 'ssh'].includes(authType)) {
|
||||
return json({ error: 'Invalid auth type' }, { status: 400 });
|
||||
}
|
||||
|
||||
if (authType === 'password' && !data.password) {
|
||||
return json({ error: 'Password is required for password authentication' }, { status: 400 });
|
||||
}
|
||||
|
||||
if (authType === 'ssh' && !data.sshPrivateKey) {
|
||||
return json({ error: 'SSH private key is required for SSH authentication' }, { status: 400 });
|
||||
}
|
||||
|
||||
const credential = await createGitCredential({
|
||||
name: data.name,
|
||||
authType,
|
||||
username: data.username,
|
||||
password: data.password,
|
||||
sshPrivateKey: data.sshPrivateKey,
|
||||
sshPassphrase: data.sshPassphrase
|
||||
});
|
||||
|
||||
return json({
|
||||
id: credential.id,
|
||||
name: credential.name,
|
||||
authType: credential.authType,
|
||||
username: credential.username,
|
||||
hasPassword: !!credential.password,
|
||||
hasSshKey: !!credential.sshPrivateKey,
|
||||
createdAt: credential.createdAt,
|
||||
updatedAt: credential.updatedAt
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('Failed to create git credential:', error);
|
||||
if (error.message?.includes('UNIQUE constraint failed')) {
|
||||
return json({ error: 'A credential with this name already exists' }, { status: 400 });
|
||||
}
|
||||
return json({ error: 'Failed to create git credential' }, { status: 500 });
|
||||
}
|
||||
};
|
||||
122
routes/api/git/credentials/[id]/+server.ts
Normal file
122
routes/api/git/credentials/[id]/+server.ts
Normal file
@@ -0,0 +1,122 @@
|
||||
import { json } from '@sveltejs/kit';
|
||||
import type { RequestHandler } from './$types';
|
||||
import {
|
||||
getGitCredential,
|
||||
updateGitCredential,
|
||||
deleteGitCredential,
|
||||
type GitAuthType
|
||||
} from '$lib/server/db';
|
||||
import { authorize } from '$lib/server/authorize';
|
||||
|
||||
export const GET: RequestHandler = async ({ params, cookies }) => {
|
||||
const auth = await authorize(cookies);
|
||||
if (auth.authEnabled && !await auth.can('git', 'view')) {
|
||||
return json({ error: 'Permission denied' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const id = parseInt(params.id);
|
||||
if (isNaN(id)) {
|
||||
return json({ error: 'Invalid credential ID' }, { status: 400 });
|
||||
}
|
||||
|
||||
const credential = await getGitCredential(id);
|
||||
if (!credential) {
|
||||
return json({ error: 'Credential not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
// Don't expose sensitive data
|
||||
return json({
|
||||
id: credential.id,
|
||||
name: credential.name,
|
||||
authType: credential.authType,
|
||||
username: credential.username,
|
||||
hasPassword: !!credential.password,
|
||||
hasSshKey: !!credential.sshPrivateKey,
|
||||
createdAt: credential.createdAt,
|
||||
updatedAt: credential.updatedAt
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Failed to get git credential:', error);
|
||||
return json({ error: 'Failed to get git credential' }, { status: 500 });
|
||||
}
|
||||
};
|
||||
|
||||
export const PUT: RequestHandler = async ({ params, request, cookies }) => {
|
||||
const auth = await authorize(cookies);
|
||||
if (auth.authEnabled && !await auth.can('git', 'edit')) {
|
||||
return json({ error: 'Permission denied' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const id = parseInt(params.id);
|
||||
if (isNaN(id)) {
|
||||
return json({ error: 'Invalid credential ID' }, { status: 400 });
|
||||
}
|
||||
|
||||
const existing = await getGitCredential(id);
|
||||
if (!existing) {
|
||||
return json({ error: 'Credential not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
const data = await request.json();
|
||||
|
||||
if (data.authType && !['none', 'password', 'ssh'].includes(data.authType)) {
|
||||
return json({ error: 'Invalid auth type' }, { status: 400 });
|
||||
}
|
||||
|
||||
const credential = await updateGitCredential(id, {
|
||||
name: data.name,
|
||||
authType: data.authType as GitAuthType,
|
||||
username: data.username,
|
||||
password: data.password,
|
||||
sshPrivateKey: data.sshPrivateKey,
|
||||
sshPassphrase: data.sshPassphrase
|
||||
});
|
||||
|
||||
if (!credential) {
|
||||
return json({ error: 'Failed to update credential' }, { status: 500 });
|
||||
}
|
||||
|
||||
return json({
|
||||
id: credential.id,
|
||||
name: credential.name,
|
||||
authType: credential.authType,
|
||||
username: credential.username,
|
||||
hasPassword: !!credential.password,
|
||||
hasSshKey: !!credential.sshPrivateKey,
|
||||
createdAt: credential.createdAt,
|
||||
updatedAt: credential.updatedAt
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('Failed to update git credential:', error);
|
||||
if (error.message?.includes('UNIQUE constraint failed')) {
|
||||
return json({ error: 'A credential with this name already exists' }, { status: 400 });
|
||||
}
|
||||
return json({ error: 'Failed to update git credential' }, { status: 500 });
|
||||
}
|
||||
};
|
||||
|
||||
export const DELETE: RequestHandler = async ({ params, cookies }) => {
|
||||
const auth = await authorize(cookies);
|
||||
if (auth.authEnabled && !await auth.can('git', 'delete')) {
|
||||
return json({ error: 'Permission denied' }, { status: 403 });
|
||||
}
|
||||
|
||||
try {
|
||||
const id = parseInt(params.id);
|
||||
if (isNaN(id)) {
|
||||
return json({ error: 'Invalid credential ID' }, { status: 400 });
|
||||
}
|
||||
|
||||
const deleted = await deleteGitCredential(id);
|
||||
if (!deleted) {
|
||||
return json({ error: 'Credential not found' }, { status: 404 });
|
||||
}
|
||||
|
||||
return json({ success: true });
|
||||
} catch (error) {
|
||||
console.error('Failed to delete git credential:', error);
|
||||
return json({ error: 'Failed to delete git credential' }, { status: 500 });
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user