Merge pull request #160 from Aloxaf/feat/verify_auth

feat: add password verification for api-info command
filecoin-project · Oct 31, 2023 · 2ba38f8 · 2ba38f8
2 parents 1c0949a + ca9ad47
commit 2ba38f8
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/cli/auth.go b/cli/auth.go
@@ -3,7 +3,9 @@ package cli
 import (
 	"errors"
 	"fmt"
+	"os"
 
+	"github.com/howeyc/gopass"
 	"github.com/urfave/cli/v2"
 
 	"github.com/ipfs-force-community/sophon-auth/core"
@@ -55,6 +57,24 @@ var authApiInfoToken = &cli.Command{
 			return fmt.Errorf("--perm flag has to be one of: %s", allPermissions)
 		}
 
+		if perm == core.PermAdmin || perm == core.PermSign {
+			api, closer, err := helper.GetFullAPI(cctx)
+			if err != nil {
+				return err
+			}
+			defer closer()
+
+			pw, err := gopass.GetPasswdPrompt("Password:", true, os.Stdin, os.Stdout)
+			if err != nil {
+				return err
+			}
+
+			ctx := helper.ReqContext(cctx)
+			if err := api.VerifyPassword(ctx, string(pw)); err != nil {
+				return err
+			}
+		}
+
 		// slice on [:idx] so for example: 'sign' gives you [read, write, sign]
 		token, err := api.AuthNew(ctx, allPermissions[:idx])
 		if err != nil {