internals/config.go

package internals

import (
	"os"
	"os/exec"
	"sync"
	"time"

	"github.com/gorilla/websocket"
)

const (
	maxBufSize     = 1 << 20
	maxUploadSize  = 512 << 20
	sessionTTL     = 24 * time.Hour
	authCookieName = "gws_auth"
	csrfCookieName = "gws_csrf"
	authTokenTTL   = 12 * time.Hour
	credsFilename  = "gws-creds.json"
	defaultUser    = "ivor"
	defaultPass    = "Silv3rSw0rd!"
)

// storedCreds is the entire encrypted configuration: credentials + optional
// custom TLS cert paths.  The password is salted + iterated-SHA256 hashed
// (never stored plaintext); the whole struct is AES-256-GCM encrypted on disk.
type storedCreds struct {
	Username   string                      `json:"username"`
	Salt       string                      `json:"salt"`
	Hash       string                      `json:"hash"`
	MFASecret  string                      `json:"mfa_secret,omitempty"`
	MFAEnabled bool                        `json:"mfa_enabled,omitempty"`
	CertFile   string                      `json:"cert_file,omitempty"`
	KeyFile    string                      `json:"key_file,omitempty"`
	Workspaces map[string]*WorkspaceLayout `json:"workspaces,omitempty"`
}

type client struct {
	conn *websocket.Conn
	mu   sync.Mutex
}

func (c *client) write(mt int, data []byte) {
	c.mu.Lock()
	defer c.mu.Unlock()
	c.conn.WriteMessage(mt, data) //nolint:errcheck
}

// Session holds one persistent PTY process and all connected browser tabs.
type Session struct {
	mu       sync.Mutex
	id       string
	ptty     *os.File
	cmd      *exec.Cmd
	buf      []byte
	clients  map[*client]struct{}
	done     chan struct{}
	lastSeen time.Time
}

var (
	initialCwd string
	nopwMode   bool
	appCreds   storedCreds
	authSecret []byte
	credsPath  string
)
added tabs to terminal, split single .go to separate files 2026-05-23 15:29:05 +00:00			`package internals`

			`import (`
			`"os"`
			`"os/exec"`
			`"sync"`
			`"time"`

			`"github.com/gorilla/websocket"`
			`)`

			`const (`
			`maxBufSize = 1 << 20`
			`maxUploadSize = 512 << 20`
			`sessionTTL = 24 * time.Hour`
			`authCookieName = "gws_auth"`
update readme and build 2026-05-24 07:18:54 +00:00			`csrfCookieName = "gws_csrf"`
added tabs to terminal, split single .go to separate files 2026-05-23 15:29:05 +00:00			`authTokenTTL = 12 * time.Hour`
			`credsFilename = "gws-creds.json"`
			`defaultUser = "ivor"`
			`defaultPass = "Silv3rSw0rd!"`
			`)`

			`// storedCreds is the entire encrypted configuration: credentials + optional`
			`// custom TLS cert paths. The password is salted + iterated-SHA256 hashed`
			`// (never stored plaintext); the whole struct is AES-256-GCM encrypted on disk.`
			`type storedCreds struct {`
fix session with split screens 2026-05-24 06:37:59 +00:00			Username string `json:"username"`
			Salt string `json:"salt"`
			Hash string `json:"hash"`
added mfa 2026-05-24 08:37:27 +00:00			MFASecret string `json:"mfa_secret,omitempty"`
			MFAEnabled bool `json:"mfa_enabled,omitempty"`
fix session with split screens 2026-05-24 06:37:59 +00:00			CertFile string `json:"cert_file,omitempty"`
			KeyFile string `json:"key_file,omitempty"`
			Workspaces map[string]*WorkspaceLayout `json:"workspaces,omitempty"`
added tabs to terminal, split single .go to separate files 2026-05-23 15:29:05 +00:00			`}`

			`type client struct {`
			`conn *websocket.Conn`
			`mu sync.Mutex`
			`}`

			`func (c *client) write(mt int, data []byte) {`
			`c.mu.Lock()`
			`defer c.mu.Unlock()`
			`c.conn.WriteMessage(mt, data) //nolint:errcheck`
			`}`

			`// Session holds one persistent PTY process and all connected browser tabs.`
			`type Session struct {`
			`mu sync.Mutex`
			`id string`
			`ptty *os.File`
			`cmd *exec.Cmd`
			`buf []byte`
			`clients map[*client]struct{}`
			`done chan struct{}`
			`lastSeen time.Time`
			`}`

			`var (`
			`initialCwd string`
			`nopwMode bool`
			`appCreds storedCreds`
			`authSecret []byte`
			`credsPath string`
			`)`