Implement onboarding reset functionality and enhance backup features

- Added a new method to reset the onboarding state, allowing users to re-initiate the onboarding process.
- Integrated backup creation functionality, enabling users to create encrypted backups of their node identity.
- Updated API endpoints to handle onboarding reset and backup creation requests.
- Enhanced UI components to support the new onboarding reset and backup features, including error handling and user feedback.
- Introduced new dependencies for cryptographic operations and data encoding.
This commit is contained in:
Dorian
2026-03-02 08:34:13 +00:00
parent 94eb1e4283
commit 62d6c13764
23 changed files with 559 additions and 88 deletions

View File

@@ -1,4 +1,5 @@
use crate::auth::AuthManager;
use crate::backup;
use crate::config::Config;
use crate::container::docker_packages;
use crate::container::DevContainerOrchestrator;
@@ -88,6 +89,7 @@ impl RpcHandler {
"auth.changePassword" => self.handle_auth_change_password(rpc_req.params).await,
"auth.onboardingComplete" => self.handle_auth_onboarding_complete().await,
"auth.isOnboardingComplete" => self.handle_auth_is_onboarding_complete().await,
"auth.resetOnboarding" => self.handle_auth_reset_onboarding().await,
// Container orchestration (for Archipelago-managed containers)
"container-install" => self.handle_container_install(rpc_req.params).await,
@@ -119,6 +121,8 @@ impl RpcHandler {
"node-messages-received" => self.handle_node_messages_received().await,
"node-nostr-discover" => self.handle_node_nostr_discover().await,
"node.did" => self.handle_node_did().await,
"node.signChallenge" => self.handle_node_sign_challenge(rpc_req.params).await,
"node.createBackup" => self.handle_node_create_backup(rpc_req.params).await,
"node.tor-address" => self.handle_node_tor_address().await,
"node.nostr-publish" => self.handle_node_nostr_publish().await,
"node.nostr-pubkey" => self.handle_node_nostr_pubkey().await,
@@ -239,12 +243,61 @@ impl RpcHandler {
Ok(serde_json::json!(complete))
}
async fn handle_auth_reset_onboarding(&self) -> Result<serde_json::Value> {
self.auth_manager.reset_onboarding().await?;
Ok(serde_json::json!(true))
}
async fn handle_node_did(&self) -> Result<serde_json::Value> {
let (data, _) = self.state_manager.get_snapshot().await;
let did = identity::did_key_from_pubkey_hex(&data.server_info.pubkey)?;
Ok(serde_json::json!({ "did": did, "pubkey": data.server_info.pubkey }))
}
/// Sign a challenge to prove control of the node DID (proof-of-control for onboarding).
async fn handle_node_sign_challenge(
&self,
params: Option<serde_json::Value>,
) -> Result<serde_json::Value> {
let params = params.ok_or_else(|| anyhow::anyhow!("Missing params"))?;
let challenge = params
.get("challenge")
.and_then(|v| v.as_str())
.ok_or_else(|| anyhow::anyhow!("Missing challenge string"))?;
let identity_dir = self.config.data_dir.join("identity");
let identity = identity::NodeIdentity::load_or_create(&identity_dir).await?;
let signature = identity.sign(challenge.as_bytes());
Ok(serde_json::json!({ "signature": signature }))
}
/// Create an encrypted backup of the node identity (for onboarding).
async fn handle_node_create_backup(
&self,
params: Option<serde_json::Value>,
) -> Result<serde_json::Value> {
let params = params.ok_or_else(|| anyhow::anyhow!("Missing params"))?;
let passphrase = params
.get("passphrase")
.and_then(|v| v.as_str())
.ok_or_else(|| anyhow::anyhow!("Missing passphrase"))?;
let (data, _) = self.state_manager.get_snapshot().await;
let did = identity::did_key_from_pubkey_hex(&data.server_info.pubkey)?;
let identity_dir = self.config.data_dir.join("identity");
let backup = backup::create_encrypted_backup(
&identity_dir,
passphrase,
&did,
&data.server_info.pubkey,
)
.await?;
Ok(backup)
}
async fn handle_node_tor_address(&self) -> Result<serde_json::Value> {
let tor_address = docker_packages::read_tor_address("archipelago");
Ok(serde_json::json!({ "tor_address": tor_address }))