lib/admin/js/app.js

@@ -3,6 +3,7 @@
 
 var Vue = window.Vue;
 var Telebit = window.TELEBIT;
+var Keypairs = window.Keypairs;
 var api = {};
 
 /*
@@ -462,8 +463,15 @@ new Vue({
 , methods: appMethods
 });
 
-
+function run(key) {
-api.config().then(function (config) {
+  // 1. Get ACME directory
+  // 2. Fetch ACME account
+  // 3. Test if account has access
+  // 4. Show command line auth instructions to auth
+  // 5. Sign requests / use JWT
+  // 6. Enforce token required for config, status, etc
+  // 7. Move admin interface to standard ports (admin.foo-bar-123.telebit.xyz)
+  api.config().then(function (config) {
     telebitState.config = config;
     if (config.greenlock) {
       appData.init.acmeServer = config.greenlock.server;
@@ -500,14 +508,36 @@ api.config().then(function (config) {
 
     // TODO handle default state
     changeState('status');
-}).catch(function (err) {
+  }).catch(function (err) {
     appData.views.flash.error = err.message || JSON.stringify(err, null, 2);
-});
+  });
+}
+
+
+// TODO protect key with passphrase (or QR code?)
+function getKey() {
+  var key;
+  try {
+    key = JSON.parse(localStorage.getItem('key'));
+  } catch(e) {
+    // ignore
+  }
+  if (key && key.kid && key.d) {
+    return Promise.resolve(key);
+  }
+  return Keypairs.generate().then(function (pair) {
+    key = pair.private;
+    localStorage.setItem('key', JSON.stringify(key));
+    return key;
+  });
+}
 
 window.api = api;
-
+getKey().then(function (key) {
-setTimeout(function () {
+  run(key);
+  setTimeout(function () {
     document.body.hidden = false;
-}, 50);
+  }, 50);
+});
 
 }());