From 96f87b4a22002d95cc4ac88ad76678416af3c329 Mon Sep 17 00:00:00 2001
From: mdecimus <mauro@stalw.art>
Date: Sun, 30 Jun 2024 22:20:17 +0200
Subject: [PATCH] Generate random App Passwords

---
 Cargo.lock                        |  1 +
 Cargo.toml                        |  1 +
 src/main.rs                       |  5 ++++-
 src/pages/account/app_password.rs | 24 ++++++++++++++++++------
 4 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cb6b413..e26afe5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2261,6 +2261,7 @@ dependencies = [
  "leptos_router",
  "log",
  "pwhash",
+ "rand",
  "regex",
  "serde",
  "serde_json",
diff --git a/Cargo.toml b/Cargo.toml
index 4b75f01..6c8ae3a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -35,6 +35,7 @@ form_urlencoded = "1.1.0"
 serde_urlencoded = "0.7.1"
 totp-rs = { version = "5.5.1", features = ["otpauth", "qr", "gen_secret"] }
 web-time = "1.1.0"
+rand = "0.8.5"
 
 [features]
 demo = []
diff --git a/src/main.rs b/src/main.rs
index 653d141..47a15b3 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -20,7 +20,10 @@ use leptos::*;
 use leptos_meta::*;
 use leptos_router::*;
 use pages::{
-    account::{app_password::{AppPasswordCreate, AppPasswords}, mfa::ManageMfa},
+    account::{
+        app_password::{AppPasswordCreate, AppPasswords},
+        mfa::ManageMfa,
+    },
     config::edit::DEFAULT_SETTINGS_URL,
     manage::spam::{SpamTest, SpamTrain},
 };
diff --git a/src/pages/account/app_password.rs b/src/pages/account/app_password.rs
index 9431748..a45e218 100644
--- a/src/pages/account/app_password.rs
+++ b/src/pages/account/app_password.rs
@@ -11,13 +11,14 @@ use chrono_humanize::HumanTime;
 use leptos::*;
 use leptos_router::{use_navigate, use_query_map};
 use pwhash::sha512_crypt;
+use rand::Rng;
 use serde::{Deserialize, Serialize};
 
 use crate::{
     components::{
         form::{
             button::Button,
-            input::{InputPassword, InputText},
+            input::InputText,
             Form, FormButtonBar, FormElement, FormItem, FormSection,
         },
         icon::{IconAdd, IconTrash},
@@ -374,9 +375,20 @@ pub fn AppPasswordCreate() -> impl IntoView {
 
     let (pending, set_pending) = create_signal(false);
 
-    let data = expect_context::<Arc<Schemas>>()
-        .build_form("app-password")
-        .into_signal();
+    let mut data = expect_context::<Arc<Schemas>>().build_form("app-password");
+
+    // Generate a random Application Password
+    let mut app_password = String::with_capacity(19);
+    for _ in 0..20 {
+        app_password.push(rand::thread_rng().gen_range(b'a'..=b'z') as char);
+        // Add a space every 4 characters
+        if app_password.len() % 5 == 0 {
+            app_password.push(' ');
+        }
+    }
+    data.set("password", app_password);
+
+    let data = data.into_signal();
 
     let save_changes = create_action(move |(name, password): &(String, String)| {
         let auth = auth.get();
@@ -390,7 +402,7 @@ pub fn AppPasswordCreate() -> impl IntoView {
                 .with_authorization(&auth)
                 .with_body(vec![AccountAuthRequest::AddAppPassword {
                     name: STANDARD.encode(format!("{}${}", name, Utc::now().to_rfc3339())),
-                    password: sha512_crypt::hash(password).unwrap()
+                    password: sha512_crypt::hash(password).unwrap(),
                 }])
                 .unwrap()
                 .send::<()>()
@@ -417,7 +429,7 @@ pub fn AppPasswordCreate() -> impl IntoView {
                     <InputText element=FormElement::new("name", data)/>
                 </FormItem>
                 <FormItem label="Password">
-                    <InputPassword element=FormElement::new("password", data)/>
+                    <InputText element=FormElement::new("password", data)/>
                 </FormItem>
 
             </FormSection>