Merge pull request #9 from doneill/task/jdo-27-obfuscate-password-input

Obfuscate password input
doneill · Dec 9, 2023 · e003449 · e003449
2 parents bed476a + b083982
commit e003449
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 12 deletions.
diff --git a/cmd/auth.go b/cmd/auth.go
@@ -3,10 +3,13 @@ package cmd
 import (
 	"fmt"
 	"os"
+	"strings"
+	"syscall"
 
 	"github.com/doneill/er-cli-go/api"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"golang.org/x/term"
 )
 
 // ----------------------------------------------
@@ -35,21 +38,15 @@ var authCmd = &cobra.Command{
 
 func auth() {
 	fmt.Println("Enter password:")
-	var password string
-	_, err := fmt.Scan(&password)
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
+	password, err := term.ReadPassword(int(syscall.Stdin))
+	passwordStr := strings.TrimSpace(string(password))
 
-	// Call the authenticate function to get the access token and expires in
-	authResponse, err := api.Authenticate(SITENAME, USERNAME, password)
+	authResponse, err := api.Authenticate(SITENAME, USERNAME, passwordStr)
 	if err != nil {
 		fmt.Println("Error authenticating:", err)
 		os.Exit(1)
 	}
 
-	// Print out the access token and expires in if the request was successful
 	if authResponse != nil {
 		viper.Set("user", USERNAME)
 		viper.Set("sitename", SITENAME)

diff --git a/go.mod b/go.mod
@@ -5,6 +5,7 @@ go 1.21.4
 require (
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.17.0
+	golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1
 )
 
 require github.com/mattn/go-runewidth v0.0.9 // indirect
@@ -27,7 +28,7 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect

diff --git a/go.sum b/go.sum
@@ -331,8 +331,9 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
-golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=