From bb5aae0c1bc8caaf63b9509793d6172881b6fba0 Mon Sep 17 00:00:00 2001
From: Ash Keel <ash@nebula.cafe>
Date: Wed, 7 Dec 2022 11:48:23 +0100
Subject: [PATCH] feat: generate a random Kilovolt password on first start

---
 http/server.go | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/http/server.go b/http/server.go
index 7a4b0d5..6c86cab 100644
--- a/http/server.go
+++ b/http/server.go
@@ -2,9 +2,12 @@ package http
 
 import (
 	"context"
+	crand "crypto/rand"
+	"encoding/base64"
 	"errors"
 	"fmt"
 	"io/fs"
+	mrand "math/rand"
 	"net/http"
 	"net/http/pprof"
 
@@ -49,7 +52,7 @@ func NewServer(db *database.LocalDBClient, logger *zap.Logger) (*Server, error)
 		server.Config.Set(ServerConfig{
 			Bind:               "localhost:4337",
 			EnableStaticServer: false,
-			KVPassword:         "",
+			KVPassword:         generatePassword(),
 		})
 		// Save
 		err = db.PutJSON(ServerConfigKey, server.Config.Get())
@@ -202,3 +205,13 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}
 	s.mux.ServeHTTP(w, r)
 }
+
+func generatePassword() string {
+	b := make([]byte, 21) // To prevent padding characters, keep it a multiple of 3
+	_, err := crand.Read(b)
+	if err != nil {
+		// fallback to bad rand, but this will never fail
+		mrand.Read(b)
+	}
+	return base64.URLEncoding.EncodeToString(b)
+}