encrypt password

Signed-off-by: Dieter Coopman <[email protected]>

composer.json

@@ -15,7 +15,8 @@
     "nunomaduro/termwind": "^1.15",
     "spatie/ssh": "^1.8",
     "ext-json": "*",
-    "doctrine/dbal": "^3.6"
+    "doctrine/dbal": "^3.6",
+    "ext-openssl": "*"
   },
   "require-dev": {
     "friendsofphp/php-cs-fixer": "^3.1",

src/MysqlCompare.php

@@ -11,6 +11,7 @@
 class MysqlCompare extends BaseCommand
 {
     use HasServer;
+
     /**
      * Configure the command.
      *
@@ -70,7 +71,14 @@ public function execute(InputInterface $input, OutputInterface $output): int
         render('<div class="mt-1 ml-1 bg-green-800 text-white">Here are the resulting structure differences</div>');
         render('');
         foreach ($changes as $key => $change) {
-            render('<span class="ml-1 text-sky-400">' . $change . ';</span>');
+            if (substr($change, 0, 4) == 'DROP') {
+                $color = 'text-red-600';
+            }elseif (substr($change, 0, 5) == 'ALTER') {
+                    $color = 'text-orange-600';
+            }else{
+                $color = 'text-green-600';
+            }
+            render('<span class="ml-1 '.$color.'">' . $change . ';</span>');
         }
 
 

src/SajanApplication.php

@@ -51,7 +51,7 @@ private function checkOutdated()
         try {
             $connected = @fsockopen('www.google.com', 80);
             if ($connected) {
-                $version = strstr(Process::fromShellCommandline('composer global outdated --direct | grep sajan')->mustRun()->getOutput(), 'sajan');
+                $version = strstr(Process::fromShellCommandline('composer global outdated --direct | grep sajan')->mustRun()->getOutput(), 'dietercoopman/sajan');
                 return explode(' ', explode(' ! ', $version)[1])[0];
             }
         } catch (\Exception $e) {

src/ServerInfo.php

@@ -52,6 +52,9 @@ public function execute(InputInterface $input, OutputInterface $output): int
             render('');
             $config = $configurator->getConfig()['servers'][$server];
             foreach ($config as $key => $value) {
+                if($key ===  "mysql_password"){
+                    $value = '***********';
+                }
                 render("<div class='ml-1'>{$key}: {$value}</div>");
             }
             render('');

src/Services/Configurator.php

@@ -2,6 +2,8 @@
 
 use Dietercoopman\SajanPhp\Traits\HasServer;
 use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Output\ConsoleOutput;
 use Symfony\Component\Console\Question\ChoiceQuestion;
 use Symfony\Component\Console\Question\ConfirmationQuestion;
 use Symfony\Component\Process\Process;
@@ -12,8 +14,9 @@ class Configurator
 
     use HasServer;
 
+    const KEY = '7DFC491492EBA563FF0F2A3EEACE6A095EE628816290BC6D9B9034C2AF63B541';
 
-    public function store($name, $host, $username, $keyfile)
+    public function store($name)
     {
         $server                   = get_defined_vars();
         $config                   = $this->getConfig();
@@ -41,7 +44,7 @@ public function list()
         $counter = 1;
         if (isset($this->getConfig()['servers'])) {
             render('<div class="ml-1 mb-1">Here\'s a list of all saved servers.</div>');
-            
+
             collect($this->getConfig()['servers'])->each(function ($server) use (&$counter) {
                 render("<span class='ml-1'>{$counter}. {$server['name']} ({$server['host']})</span>");
                 $counter++;
@@ -91,8 +94,11 @@ public function validateServer($servername, $type = "apache")
             if (!isset($serverConfig['mysql_user'])) {
                 $serverConfig['mysql_user'] = ask("<span class='ml-1 mr-1'>What is the mysql user for your server ? </span>");
             }
-            if (!isset($serverConfig['mysql_password'])) {
-                $serverConfig['mysql_password'] = ask("<span class='ml-1 mr-1'>What is the mysql password for your server ? </span>") ?? "";
+            if (!isset($serverConfig['mysql_password']) || $this->decrypt($serverConfig['mysql_password']) === false) {
+                if(isset($serverConfig['mysql_password'])){
+                    render("<span class='ml-1 mr-1 text-orange-400'>You might have given your password earlier, but we re-ask so we can encrypt it 🔐 </span>");
+                }
+                $serverConfig['mysql_password'] = $this->encrypt(ask("<span class='ml-1 mr-1'>What is the mysql password for your server ? </span>") ?? "");
             }
             if (!isset($serverConfig['mysql_ssh'])) {
                 $question                  = ask(' Do you want to connect to this mysql server over ssh (y/n) ? ', ['y', 'n']);
@@ -124,4 +130,31 @@ private function getPath()
         $homeDir = trim(Process::fromShellCommandline("cd ~ && pwd")->mustRun()->getOutput());
         return $homeDir . "/.sajan";
     }
+
+    public function encrypt($plaintext)
+    {
+        $cipher = "aes-128-gcm";
+        if (in_array($cipher, openssl_get_cipher_methods())) {
+            $ivlen         = openssl_cipher_iv_length($cipher);
+            $iv            = openssl_random_pseudo_bytes($ivlen);
+            $encryptedText = openssl_encrypt($plaintext, $cipher, self::KEY, $options = 0, $iv, $tag);
+        }
+        return base64_encode(json_encode([base64_encode($encryptedText), base64_encode($iv), base64_encode($tag)]));
+    }
+
+    public function decrypt($encrypted)
+    {
+        $object = json_decode(base64_decode($encrypted));
+        if (is_null($object)) {
+            return false;
+        }
+        $ciphertext = base64_decode($object[0]);
+        $iv         = base64_decode($object[1]);
+        $tag        = base64_decode($object[2]);
+        $cipher     = "aes-128-gcm";
+        if (in_array($cipher, openssl_get_cipher_methods())) {
+            $original_plaintext = openssl_decrypt($ciphertext, $cipher, self::KEY, $options = 0, $iv, $tag);
+        }
+        return $original_plaintext;
+    }
 }

src/Services/DatabaseManager.php

@@ -97,8 +97,7 @@ private function validateForMysql($config, $type): array
         $mysqlConfig['database'] = $config['database'] ?? '';
         $mysqlConfig['driver']   = 'pdo_mysql';
         $mysqlConfig['user']     = $config['mysql_user'];
-        $mysqlConfig['password'] = $config['mysql_password'];
-
+        $mysqlConfig['password'] = (new Configurator())->decrypt($config['mysql_password']);
         $mysqlConfig['mysql_ssh'] = $config['mysql_ssh'];
         return $mysqlConfig;
     }