修复 「1.2.2 用户管理-用户列表勾选单一用户会全选 」 close #216

server/service/credential.go

@@ -1,20 +1,21 @@
 package service
 
 import (
+	"context"
+	"encoding/base64"
+
+	"next-terminal/server/model"
+	"next-terminal/server/utils"
+
 	"next-terminal/server/config"
 	"next-terminal/server/repository"
 )
 
-type CredentialService struct {
-	credentialRepository *repository.CredentialRepository
+type credentialService struct {
 }
 
-func NewCredentialService(credentialRepository *repository.CredentialRepository) *CredentialService {
-	return &CredentialService{credentialRepository: credentialRepository}
-}
-
-func (r CredentialService) Encrypt() error {
-	items, err := r.credentialRepository.FindAll()
+func (s credentialService) EncryptAll() error {
+	items, err := repository.CredentialRepository.FindAll(context.TODO())
 	if err != nil {
 		return err
 	}
@@ -23,12 +24,96 @@ func (r CredentialService) Encrypt() error {
 		if item.Encrypted {
 			continue
 		}
-		if err := r.credentialRepository.Encrypt(&item, config.GlobalCfg.EncryptionPassword); err != nil {
+		if err := s.Encrypt(&item, config.GlobalCfg.EncryptionPassword); err != nil {
 			return err
 		}
-		if err := r.credentialRepository.UpdateById(&item, item.ID); err != nil {
+		if err := repository.CredentialRepository.UpdateById(context.TODO(), &item, item.ID); err != nil {
 			return err
 		}
 	}
 	return nil
 }
+
+func (s credentialService) Encrypt(item *model.Credential, password []byte) error {
+	if item.Password != "-" {
+		encryptedCBC, err := utils.AesEncryptCBC([]byte(item.Password), password)
+		if err != nil {
+			return err
+		}
+		item.Password = base64.StdEncoding.EncodeToString(encryptedCBC)
+	}
+	if item.PrivateKey != "-" {
+		encryptedCBC, err := utils.AesEncryptCBC([]byte(item.PrivateKey), password)
+		if err != nil {
+			return err
+		}
+		item.PrivateKey = base64.StdEncoding.EncodeToString(encryptedCBC)
+	}
+	if item.Passphrase != "-" {
+		encryptedCBC, err := utils.AesEncryptCBC([]byte(item.Passphrase), password)
+		if err != nil {
+			return err
+		}
+		item.Passphrase = base64.StdEncoding.EncodeToString(encryptedCBC)
+	}
+	item.Encrypted = true
+	return nil
+}
+
+func (s credentialService) Decrypt(item *model.Credential, password []byte) error {
+	if item.Encrypted {
+		if item.Password != "" && item.Password != "-" {
+			origData, err := base64.StdEncoding.DecodeString(item.Password)
+			if err != nil {
+				return err
+			}
+			decryptedCBC, err := utils.AesDecryptCBC(origData, password)
+			if err != nil {
+				return err
+			}
+			item.Password = string(decryptedCBC)
+		}
+		if item.PrivateKey != "" && item.PrivateKey != "-" {
+			origData, err := base64.StdEncoding.DecodeString(item.PrivateKey)
+			if err != nil {
+				return err
+			}
+			decryptedCBC, err := utils.AesDecryptCBC(origData, password)
+			if err != nil {
+				return err
+			}
+			item.PrivateKey = string(decryptedCBC)
+		}
+		if item.Passphrase != "" && item.Passphrase != "-" {
+			origData, err := base64.StdEncoding.DecodeString(item.Passphrase)
+			if err != nil {
+				return err
+			}
+			decryptedCBC, err := utils.AesDecryptCBC(origData, password)
+			if err != nil {
+				return err
+			}
+			item.Passphrase = string(decryptedCBC)
+		}
+	}
+	return nil
+}
+
+func (s credentialService) FindByIdAndDecrypt(c context.Context, id string) (o model.Credential, err error) {
+	credential, err := repository.CredentialRepository.FindById(c, id)
+	if err != nil {
+		return o, err
+	}
+	if err := s.Decrypt(&credential, config.GlobalCfg.EncryptionPassword); err != nil {
+		return o, err
+	}
+	return credential, nil
+}
+
+func (s credentialService) Create(item *model.Credential) error {
+	// 加密密码之后进行存储
+	if err := s.Encrypt(item, config.GlobalCfg.EncryptionPassword); err != nil {
+		return err
+	}
+	return repository.CredentialRepository.Create(context.TODO(), item)
+}