✨ and commands

2019-09-30 13:47:18 +02:00 · 2019-09-30 13:47:18 +02:00 · f80c79e8db
parent fd639df178
commit f80c79e8db
7 changed files with 178 additions and 52 deletions
--- a/app/Console/Commands/DecryptChests.php
+++ b/app/Console/Commands/DecryptChests.php
@ -0,0 +1,54 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Chest;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+
+class DecryptChests extends Command
+{
+    protected $signature = 'shaarli:chests:decrypt';
+    protected $description = 'This command will decrypt all encrypted chests';
+
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    public function handle()
+    {
+        $table = (new Chest())->getTable();
+        $count = DB::table($table)->count();
+
+        $bar = $this->output->createProgressBar($count);
+        $bar->start();
+
+        DB::table($table)
+            ->select('id', 'content')
+            ->orderByDesc('created_at')
+            ->chunk(10, function ($chests) use ($table, $bar) {
+                foreach ($chests as $chest) {
+                    if (empty($chest->content)) {
+                        continue;
+                    }
+
+                    try {
+                        $value = decrypt($chest->content, false);
+                    } catch (\Exception $e) {
+                        unset($e);
+                    }
+
+                    if (! empty($value)) {
+                        $chest->content = $value;
+
+                        DB::table($table)->where('id', $chest->id)->update(['content' => $chest->content]);
+                    }
+                }
+
+                $bar->advance(10);
+            });
+
+        $bar->finish();
+    }
+}
--- a/app/Console/Commands/EncryptChests.php
+++ b/app/Console/Commands/EncryptChests.php
@ -0,0 +1,54 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Chest;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+
+class EncryptChests extends Command
+{
+    protected $signature = 'shaarli:chests:encrypt';
+    protected $description = 'This command will encrypt all unencrypted chests';
+
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    public function handle()
+    {
+        $table = (new Chest())->getTable();
+        $count = DB::table($table)->count();
+
+        $bar = $this->output->createProgressBar($count);
+        $bar->start();
+
+        DB::table($table)
+            ->select('id', 'content')
+            ->orderByDesc('created_at')
+            ->chunk(10, function ($chests) use ($table, $bar) {
+                foreach ($chests as $chest) {
+                    if (empty($chest->content)) {
+                        continue;
+                    }
+
+                    try {
+                        $value = json_decode($chest->content);
+                    } catch (\Exception $e) {
+                        unset($e);
+                    }
+
+                    if (! empty($value)) {
+                        $chest->content = encrypt(json_encode($value), false);
+
+                        DB::table($table)->where('id', $chest->id)->update(['content' => $chest->content]);
+                    }
+                }
+
+                $bar->advance(10);
+            });
+
+        $bar->finish();
+    }
+}
--- a/app/Console/Commands/Install.php
+++ b/app/Console/Commands/Install.php
@ -0,0 +1,50 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class Install extends Command
+{
+    protected $signature = 'shaarli:install';
+    protected $description = 'Shaarli installer';
+
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    public function handle()
+    {
+        if (false === $this->confirm('All existing data will be erased')) {
+            $this->comment('Ok. Bye.');
+            return;
+        }
+
+        $this->comment('Migrations');
+        $this->callSilent('migrate:fresh');
+
+        if ($this->confirm('Default data?')) {
+            $this->callSilent('db:seed');
+            exec('php artisan scout:import ' . \App\Link::class);
+        }
+
+        $name = $this->ask('User name?', 'Admin');
+        $email = $this->ask('User email?', 'admin@example.com');
+        $pass = $this->ask('User pass?', 'secret');
+
+        $user = \App\User::count() ? \App\User::first() : new \App\User();
+
+        $user->fill([
+            'name' => $name,
+            'email' => $email,
+            'password' => \Illuminate\Support\Facades\Hash::make($pass),
+            'api_token' => $pass === 'secret' ? 'api-token-secret' : \App\User::generateApiToken(),
+        ]);
+
+        $user->save();
+        $this->comment('User udpated');
+
+        $this->comment('Installation done');
+    }
+}
--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@ -7,36 +7,18 @@ use Illuminate\Foundation\Console\Kernel as ConsoleKernel;

 class Kernel extends ConsoleKernel
 {
-    /**
-     * The Artisan commands provided by your application.
-     *
-     * @var array
-     */
    protected $commands = [
        //
    ];

-    /**
-     * Define the application's command schedule.
-     *
-     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
-     * @return void
-     */
    protected function schedule(Schedule $schedule)
    {
        // $schedule->command('inspire')
        //          ->hourly();
    }

-    /**
-     * Register the commands for the application.
-     *
-     * @return void
-     */
    protected function commands()
    {
        $this->load(__DIR__.'/Commands');
-
-        require base_path('routes/console.php');
    }
 }
--- a/changelog.md
+++ b/changelog.md
@ -1,8 +1,13 @@
 # Unreleased

+## Added
+
+- `shaarli:chests:encrypt` and `shaarli:chests:decrypt` commands
+
 ## Changed

- Chests are now encrypted in database
+- Chests are now encrypted in database using AES-256-CBC
+- Install command is now a class

 ## Fixed

--- a/readme.md
+++ b/readme.md
@ -90,6 +90,10 @@ Code length and code expiration are also configurable. **Test if you application

 Shaarli logs all successful and failed auths with their associated devices.

+### Chests encryption
+
+Since `1.2.9`, all chests data are encrypted in your database using AES-256-CBC and your app key.  
+
 ## Update

 Update the application by running:
@ -136,7 +140,16 @@ php artisan view:clear

 ## Artisan commands

-__TO DO__
+### Install command
+
+`php artisan shaarli:install`
+
+This command will install default data (seeder) or ask you for the default user.
+
+### Encrypt and decrypt
+
+Encryption is made on the fly for your chests, but you can manually encrypt or decrypt them 
+by running `php artisan shaarli:chests:encrypt` or `php artisan shaarli:chests:decrypt`.

 ## Tests

--- a/routes/console.php
+++ b/routes/console.php
@ -1,34 +1,2 @@
 <?php

-Artisan::command('shaarli:install', function () {
-    if (false === $this->confirm('All existing data will be erased')) {
-        $this->comment('Ok. Bye.');
-        return;
-    }
-
-    $this->comment('Migrations');
-    $this->callSilent('migrate:fresh');
-
-    if ($this->confirm('Default data?')) {
-        $this->callSilent('db:seed');
-        exec('php artisan scout:import ' . \App\Link::class);
-    }
-
-    $name = $this->ask('User name?', 'Admin');
-    $email = $this->ask('User email?', 'admin@example.com');
-    $pass = $this->ask('User pass?', 'secret');
-
-    $user = \App\User::count() ? \App\User::first() : new \App\User();
-
-    $user->fill([
-        'name' => $name,
-        'email' => $email,
-        'password' => \Illuminate\Support\Facades\Hash::make($pass),
-        'api_token' => $pass === 'secret' ? 'api-token-secret' : \App\User::generateApiToken(),
-    ]);
-
-    $user->save();
-    $this->comment('User udpated');
-
-    $this->comment('Installation done');
-});