+ Adding command line flag [-H/--hmac] to specify hmac file path

This is really just for testing purposes since the files tend to be in
awkward to reach path

- Removing if args.len == 0 check
Basically cannon-fodder tbh

* Auth now reads hmac path from environment var

! All of the above is added for the wss hmac as well

+ Adding command line flag [-W/--wss-hmac] to specify wss-hmac file path

json-api/.env

@@ -5,6 +5,11 @@ DATABASE_USER=freechat_dev
 DATABASE_HOST=localhost
 DATABASE_PORT=3306
 
+# Note that these should literally never point to the same file
+# that completely breaks the web socket's permissions+authentication model
+HMAC_PATH=hmac.secret
+WSS_HMAC_PATH=wss-hmac.secret
+
 
 # Server meta things
 SERVER_NAME="Freechat Dev Server"

json-api/src/auth.rs

@@ -13,7 +13,11 @@ use db::{Response, Member};
 use jsonwebtoken::EncodingKey;
 lazy_static! {
     static ref HMAC_SECRET: Vec<u8> = {
-        std::fs::read("hmac.secret").expect("Couldn't get HMAC secret")
+        let path = match std::env::var("HMAC_PATH") {
+            Ok(p) => p,
+            Err(_) => "hmac.secret".into()
+        };
+        std::fs::read(path).expect("Couldn't get HMAC secret")
     };
 
     static ref ENCODING_KEY: EncodingKey = {

json-api/src/invites.rs

@@ -176,7 +176,7 @@ pub async fn create(pool: &Pool, response: &mut Response<Body>, params: HashMap<
         Ok(_) => {
             // return the id of the invite
             // Link format from here is basically hostname.io:4536/join?code=<some-code>
-            http::set_json_body(response, serde_json::json!(invite))
+            http::set_json_body(response, serde_json::json!({"invite":invite}))
         },
         Err(mysqle) => {
             println!("\tINVITES::CREATE::ERROR: {}", mysqle);

json-api/src/main.rs

@@ -230,27 +230,19 @@ async fn main() -> Result<(), u16>{
              .long("port")
              .default_value("4536")
              .help("Set the port to use: Default is 4536"))
+        .arg(Arg::with_name("hmac")
+            .short("H")
+            .long("hmac")
+            .value_name("HMAC")
+            .help("Sets the path to the hmac.secret file"))
+        .arg(Arg::with_name("wss-hmac")
+             .short("w")
+             .long("wss-hmac")
+             .value_name("WSS_HMAC")
+             .help("Sets the path the wss-hmac.secret file"))
         .get_matches();
 
 
-    if args.args.len() == 0 {
-		println!("Freechat Server 0.1
-shockrah
-Decentralized chat system
-
-USAGE:
-    freechat-server [FLAGS] [OPTIONS]
-
-FLAGS:
-    -h, --help       Prints help information
-    -s, --server     Starts the API server
-    -V, --version    Prints version information
-
-OPTIONS:
-    -c, --create-owner <Owner>     Creates an account with full permissions in the SQL database.
-    -d, --db-url <DATABASE URL>    Sets the DATABASE URL via an environment variable");
-    }
-
     if let Some(db_url) = args.value_of("db-url") {
         set_var("DATABASE_URL", db_url);
     }
@@ -263,6 +255,11 @@ OPTIONS:
         attempt_owner_creation(owner_name).await;
     }
 
+    // This check overrides the value set in the .env since this 
+    if let Some(hmac) = args.value_of("hmac") {
+        std::env::set_var("HMAC_PATH", hmac);
+    }
+
     if args.is_present("server") {
         if main_ret == NO_ERR {
             main_ret = start_server(main_ret, port).await;

json-api/src/rtc.rs

@@ -26,7 +26,11 @@ use url::Url;
 
 lazy_static! {
     static ref HMAC_SECRET: Vec<u8> = {
-        std::fs::read("wss-hmac.secret").expect("Couldn't get HMAC secret")
+        let path = match std::env::var("WSS_HMAC_PATH") {
+            Ok(p) => p,
+            Err(_) => "wss-hmac.secret".into()
+        };
+        std::fs::read(path).expect("Couldn't get HMAC secret")
     };
     static ref WSS_KEY: EncodingKey = {
         EncodingKey::from_secret(&HMAC_SECRET)