Merge pull request #159 from juanfont/better-pak-management

Add field AlreadyUsed to AuthKeys
Fixed merge
2026-01-14 05:03:28 +01:00 · 2021-10-13 23:45:10 +02:00 · 2021-10-13 23:28:47 +02:00 · 2021-10-13 23:23:12 +02:00 · 2021-10-13 23:23:07 +02:00 · 2021-10-13 23:04:00 +02:00
7 changed files with 43 additions and 7 deletions
--- a/api.go
+++ b/api.go
@@ -395,6 +395,9 @@ func (h *Headscale) handleAuthKey(c *gin.Context, db *gorm.DB, idKey wgkey.Key,
 	m.RegisterMethod = "authKey"
 	db.Save(&m)

+	pak.Used = true
+	db.Save(&pak)
+
 	resp.MachineAuthorized = true
 	resp.User = *pak.Namespace.toUser()
 	respBody, err := encode(resp, &idKey, h.privateKey)
--- a/cmd/headscale/cli/nodes.go
+++ b/cmd/headscale/cli/nodes.go
@@ -129,6 +129,7 @@ var deleteNodeCmd = &cobra.Command{
 		return nil
 	},
 	Run: func(cmd *cobra.Command, args []string) {
+		output, _ := cmd.Flags().GetString("output")
 		h, err := getHeadscaleApp()
 		if err != nil {
 			log.Fatalf("Error initializing: %s", err)
@@ -153,11 +154,19 @@ var deleteNodeCmd = &cobra.Command{

 		if confirm {
 			err = h.DeleteMachine(m)
+			if strings.HasPrefix(output, "json") {
+				JsonOutput(map[string]string{"Result": "Node deleted"}, err, output)
+				return
+			}
 			if err != nil {
 				log.Fatalf("Error deleting node: %s", err)
 			}
 			fmt.Printf("Node deleted\n")
 		} else {
+			if strings.HasPrefix(output, "json") {
+				JsonOutput(map[string]string{"Result": "Node not deleted"}, err, output)
+				return
+			}
 			fmt.Printf("Node not deleted\n")
 		}
 	},
--- a/cmd/headscale/cli/preauthkeys.go
+++ b/cmd/headscale/cli/preauthkeys.go
@@ -57,7 +57,7 @@ var listPreAuthKeys = &cobra.Command{
 			return
 		}

-		d := pterm.TableData{{"ID", "Key", "Reusable", "Ephemeral", "Expiration", "Created"}}
+		d := pterm.TableData{{"ID", "Key", "Reusable", "Ephemeral", "Used", "Expiration", "Created"}}
 		for _, k := range *keys {
 			expiration := "-"
 			if k.Expiration != nil {
@@ -76,6 +76,7 @@ var listPreAuthKeys = &cobra.Command{
 				k.Key,
 				reusable,
 				strconv.FormatBool(k.Ephemeral),
+				fmt.Sprintf("%v", k.Used),
 				expiration,
 				k.CreatedAt.Format("2006-01-02 15:04:05"),
 			})
--- a/cmd/headscale/cli/utils.go
+++ b/cmd/headscale/cli/utils.go
@@ -262,3 +262,12 @@ func JsonOutput(result interface{}, errResult error, outputFormat string) {
 	}
 	fmt.Println(string(j))
 }
+
+func HasJsonOutputFlag() bool {
+	for _, arg := range os.Args {
+		if arg == "json" || arg == "json-line" {
+			return true
+		}
+	}
+	return false
+}
--- a/cmd/headscale/headscale.go
+++ b/cmd/headscale/headscale.go
@@ -62,7 +62,8 @@ func main() {
 		zerolog.SetGlobalLevel(zerolog.DebugLevel)
 	}

-	if !viper.GetBool("disable_check_updates") {
+	jsonOutput := cli.HasJsonOutputFlag()
+	if !viper.GetBool("disable_check_updates") && !jsonOutput {
 		if (runtime.GOOS == "linux" || runtime.GOOS == "darwin") && cli.Version != "dev" {
 			githubTag := &latest.GithubTag{
 				Owner:      "juanfont",
--- a/preauth_keys.go
+++ b/preauth_keys.go
@@ -11,7 +11,7 @@ import (

 const errorAuthKeyNotFound = Error("AuthKey not found")
 const errorAuthKeyExpired = Error("AuthKey expired")
-const errorAuthKeyNotReusableAlreadyUsed = Error("AuthKey not reusable already used")
+const errSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used")

 // PreAuthKey describes a pre-authorization key usable in a particular namespace
 type PreAuthKey struct {
@@ -21,6 +21,7 @@ type PreAuthKey struct {
 	Namespace   Namespace
 	Reusable    bool
 	Ephemeral   bool `gorm:"default:false"`
+	Used        bool `gorm:"default:false"`

 	CreatedAt  *time.Time
 	Expiration *time.Time
@@ -110,11 +111,10 @@ func (h *Headscale) checkKeyValidity(k string) (*PreAuthKey, error) {
 		return nil, err
 	}

-	if len(machines) != 0 {
-		return nil, errorAuthKeyNotReusableAlreadyUsed
+	if len(machines) != 0 || pak.Used {
+		return nil, errSingleUseAuthKeyHasBeenUsed
 	}

-	// missing here validation on current usage
 	return &pak, nil
 }

--- a/preauth_keys_test.go
+++ b/preauth_keys_test.go
@@ -87,7 +87,7 @@ func (*Suite) TestAlreadyUsedKey(c *check.C) {
 	h.db.Save(&m)

 	p, err := h.checkKeyValidity(pak.Key)
-	c.Assert(err, check.Equals, errorAuthKeyNotReusableAlreadyUsed)
+	c.Assert(err, check.Equals, errSingleUseAuthKeyHasBeenUsed)
 	c.Assert(p, check.IsNil)
 }

@@ -180,3 +180,16 @@ func (*Suite) TestExpirePreauthKey(c *check.C) {
 	c.Assert(err, check.Equals, errorAuthKeyExpired)
 	c.Assert(p, check.IsNil)
 }
+
+func (*Suite) TestNotReusableMarkedAsUsed(c *check.C) {
+	n, err := h.CreateNamespace("test6")
+	c.Assert(err, check.IsNil)
+
+	pak, err := h.CreatePreAuthKey(n.Name, false, false, nil)
+	c.Assert(err, check.IsNil)
+	pak.Used = true
+	h.db.Save(&pak)
+
+	_, err = h.checkKeyValidity(pak.Key)
+	c.Assert(err, check.Equals, errSingleUseAuthKeyHasBeenUsed)
+}
Author	SHA1	Message	Date
Juan Font	abfb1791f1	Merge pull request #159 from juanfont/better-pak-management Add field AlreadyUsed to AuthKeys	2021-10-13 23:45:10 +02:00
Juan Font Alonso	7ce8c4c649	Fixed merge	2021-10-13 23:28:47 +02:00
Juan Font Alonso	2ddca366f2	Merge branch 'main' of https://github.com/juanfont/headscale into main	2021-10-13 23:23:12 +02:00
Juan Font Alonso	9a6ac6e3e6	Reword errSingleUseAuthKeyHasBeenUsed	2021-10-13 23:23:07 +02:00
Juan Font	cc3e8705bd	Merge branch 'main' into better-pak-management	2021-10-13 23:04:00 +02:00
Juan Font	809a5b84e7	Merge pull request #156 from juanfont/disable-version-check-on-json Disable version checker when using JSON output	2021-10-13 23:00:51 +02:00
Juan Font	06ae2a6c50	Merge branch 'main' into better-pak-management	2021-10-13 23:00:38 +02:00
Juan Font	93517aa6f8	Apply suggestions from code review Renamed AlreadyUsed to Used Co-authored-by: Kristoffer Dalby <kradalby@kradalby.no>	2021-10-13 22:51:55 +02:00
Juan Font	5f0f3705c0	Merge branch 'main' into disable-version-check-on-json	2021-10-13 22:44:18 +02:00
Juan Font	70ae18c3a8	Merge pull request #155 from juanfont/fix-json-delete-node Add JSON output when deleting node	2021-10-13 22:44:00 +02:00
Juan Font Alonso	30788e1a70	Add AlreadyUsed field to Auth Keys (fixes #157 and #158 )	2021-10-13 18:13:26 +02:00
Juan Font Alonso	27947c6746	This commit disables the version checker when JSON output (#153 )	2021-10-13 00:18:55 +02:00
Juan Font Alonso	6924b7bf4c	Output json when deleting node (fixes #152 )	2021-10-12 23:48:08 +02:00