Merge From Dev

README.md

@@ -15,22 +15,23 @@ issuing tokens
 
 Environment Variables
 
-|           Name            |     Default     |         Valid values         |                                 Description                                  |
-|:-------------------------:|:---------------:|:----------------------------:|:----------------------------------------------------------------------------:|
-|           MODE            |       dev       | dev, production, test, bench |                          if dev, log gorm debug sql                          |
-|          DB_URL           |                 |                              |                 Database DSN, required in "production" mode                  |
-|         KONG_URL          |                 |                              |         if STANDALONE is false, required to connect to kong gateway          |
-|         REDIS_URL         |                 |                              |                       if not set, use go-cache instead                       |
-|     NOTIFICATION_URL      |                 |                              |                   if not set, no notification will be sent                   |
-|      EMAIL_WHITELIST      |                 |                              |           use ',' to separate emails; if not set, allow all emails           |
-| EMAIL_SERVER_NO_REPLY_URL |                 |                              | required in "production" mode; if not set, unable to send verification email |
-|       EMAIL_DOMAIN        |                 |                              | required in "production" mode; if not set, unable to send verification email |
-|         EMAIL_DEV         | [email protected] |                              |                      send email if shamir update failed                      |
-|      SHAMIR_FEATURE       |      true       |                              |   if enabled, check email shamir encryption when users register and login    |
-|        STANDALONE         |      false      |                              |          if not set, this application not required to set KONG_URL           |
-| VERIFICATION_CODE_EXPIRES |       10        |           integers           |                  register verification code expiration time                  |
-|         SITE_NAME         | Open Tree Hole  |                              |                      title prefix of verification email                      |
-| ENABLE_REGISTER_QUESTIONS |      false      |                              |    if set, user will be set "have not answered questions" when registered    |
+|           Name            |     Default     |         Valid values         |                                     Description                                      |
+|:-------------------------:|:---------------:|:----------------------------:|:------------------------------------------------------------------------------------:|
+|           MODE            |       dev       | dev, production, test, bench |                              if dev, log gorm debug sql                              |
+|          DB_URL           |                 |                              |                     Database DSN, required in "production" mode                      |
+|         KONG_URL          |                 |                              |             if STANDALONE is false, required to connect to kong gateway              |
+|         REDIS_URL         |                 |                              |                           if not set, use go-cache instead                           |
+|     NOTIFICATION_URL      |                 |                              |                       if not set, no notification will be sent                       |
+|      EMAIL_WHITELIST      |                 |                              |               use ',' to separate emails; if not set, allow all emails               |
+| VALIDATE_EMAIL_WHITELIST  |                 |                              | use ',' to separate emails; the emails in it will not be checked for year vs. suffix |
+| EMAIL_SERVER_NO_REPLY_URL |                 |                              |     required in "production" mode; if not set, unable to send verification email     |
+|       EMAIL_DOMAIN        |                 |                              |     required in "production" mode; if not set, unable to send verification email     |
+|         EMAIL_DEV         | [email protected] |                              |                          send email if shamir update failed                          |
+|      SHAMIR_FEATURE       |      true       |                              |       if enabled, check email shamir encryption when users register and login        |
+|        STANDALONE         |      false      |                              |              if not set, this application not required to set KONG_URL               |
+| VERIFICATION_CODE_EXPIRES |       10        |           integers           |                      register verification code expiration time                      |
+|         SITE_NAME         | Open Tree Hole  |                              |                          title prefix of verification email                          |
+| ENABLE_REGISTER_QUESTIONS |      false      |                              |        if set, user will be set "have not answered questions" when registered        |
 
 File settings, required in production mode
 

apis/cache.go

@@ -25,6 +25,7 @@ var GlobalUploadShamirStatus struct {
 
 func Init() {
 	InitShamirStatus()
+	InitUserSharesStatus()
 
 	if config.Config.EnableRegisterQuestions {
 		err := InitQuestions()
@@ -213,3 +214,16 @@ LOAD_FILES:
 
 	return nil
 }
+
+var GlobalUserSharesStatus struct {
+	sync.Mutex
+	ShamirUsersSharesResponse
+}
+
+func InitUserSharesStatus() {
+	GlobalUserSharesStatus.ShamirUsersSharesResponse = ShamirUsersSharesResponse{
+		UploadedShares:              make(map[int]shamir.Shares, 0),
+		UploadedSharesIdentityNames: make(map[int][]string, 0),
+		ShamirUploadReady:           make(map[int]bool, 0),
+	}
+}

apis/routes.go

@@ -61,4 +61,7 @@ func RegisterRoutes(app *fiber.App) {
 	routes.Post("/shamir/key", UploadPublicKey)
 	routes.Post("/shamir/update", UpdateShamir)
 	routes.Put("/shamir/refresh", RefreshShamir)
+	routes.Post("/shamir/decrypt", UploadUserShares)
+	routes.Get("/shamir/decrypt/:id", GetDecryptedUserEmail)
+	routes.Get("/shamir/decrypt/status/:id", GetDecryptStatusbyUserID)
 }

apis/schemas.go

@@ -214,6 +214,11 @@ type UploadSharesRequest struct {
 	Shares []UserShare `json:"shares" query:"shares"`
 }
 
+type UploadShareRequest struct {
+	PGPMessageRequest
+	UserShare
+}
+
 type UploadPublicKeyRequest struct {
 	Data []string `json:"data" validate:"required,len=7"` // all standalone public keys
 }
@@ -233,3 +238,20 @@ type ShamirStatusResponse struct {
 	FailMessage                 string                   `json:"fail_message,omitempty"`
 	WarningMessage              string                   `json:"warning_message,omitempty"`
 }
+
+type ShamirUsersSharesResponse struct {
+	ShamirUploadReady           map[int]bool          `json:"shamir_upload_ready"`
+	UploadedSharesIdentityNames map[int][]string      `json:"uploaded_shares_identity_names"`
+	UploadedShares              map[int]shamir.Shares `json:"-"`
+}
+
+type ShamirUserSharesResponse struct {
+	ShamirUploadReady           bool     `json:"shamir_upload_ready"`
+	UploadedSharesIdentityNames []string `json:"uploaded_shares_identity_names"`
+}
+
+type DecryptedUserEmailResponse struct {
+	UserID        int      `json:"user_id"`
+	UserEmail     string   `json:"user_email" validate:"required,email"`
+	IdentityNames []string `json:"identity_names"`
+}