fix default peer creation on login (#189)

config.yml.sample

@@ -4,6 +4,8 @@ advanced:
 core:
   admin_user: [email protected]
   admin_password: secret
+  create_default_peer: true
+  create_default_peer_on_creation: false
 
 web:
   external_url: http://localhost:8888

internal/app/repos.go

@@ -30,7 +30,7 @@ type WireGuardManager interface {
 	GetImportableInterfaces(ctx context.Context) ([]domain.PhysicalInterface, error)
 	ImportNewInterfaces(ctx context.Context, filter ...domain.InterfaceIdentifier) (int, error)
 	RestoreInterfaceState(ctx context.Context, updateDbOnError bool, filter ...domain.InterfaceIdentifier) error
-	CreateDefaultPeer(ctx context.Context, user *domain.User) error
+	CreateDefaultPeer(ctx context.Context, userId domain.UserIdentifier) error
 	GetInterfaceAndPeers(ctx context.Context, id domain.InterfaceIdentifier) (*domain.Interface, []domain.Peer, error)
 	GetPeerStats(ctx context.Context, id domain.InterfaceIdentifier) ([]domain.PeerStatus, error)
 	GetUserPeerStats(ctx context.Context, id domain.UserIdentifier) ([]domain.PeerStatus, error)

internal/app/wireguard/wireguard.go

@@ -41,18 +41,46 @@ func (m Manager) StartBackgroundJobs(ctx context.Context) {
 
 func (m Manager) connectToMessageBus() {
 	_ = m.bus.Subscribe(app.TopicUserCreated, m.handleUserCreationEvent)
+	_ = m.bus.Subscribe(app.TopicAuthLogin, m.handleUserLoginEvent)
 }
 
 func (m Manager) handleUserCreationEvent(user *domain.User) {
-	logrus.Errorf("handling new user event for %s", user.Identifier)
+	if !m.cfg.Core.CreateDefaultPeerOnCreation {
+		return
+	}
 
-	if m.cfg.Core.CreateDefaultPeer {
-		ctx := domain.SetUserInfo(context.Background(), domain.SystemAdminContextUserInfo())
-		err := m.CreateDefaultPeer(ctx, user)
-		if err != nil {
-			logrus.Errorf("failed to create default peer for %s: %v", user.Identifier, err)
-			return
-		}
+	logrus.Tracef("handling new user event for %s", user.Identifier)
+
+	ctx := domain.SetUserInfo(context.Background(), domain.SystemAdminContextUserInfo())
+	err := m.CreateDefaultPeer(ctx, user.Identifier)
+	if err != nil {
+		logrus.Errorf("failed to create default peer for %s: %v", user.Identifier, err)
+		return
+	}
+}
+
+func (m Manager) handleUserLoginEvent(userId domain.UserIdentifier) {
+	if !m.cfg.Core.CreateDefaultPeer {
+		return
+	}
+
+	userPeers, err := m.db.GetUserPeers(context.Background(), userId)
+	if err != nil {
+		logrus.Errorf("failed to retrieve existing peers for %s prior to default peer creation: %v", userId, err)
+		return
+	}
+
+	if len(userPeers) > 0 {
+		return // user already has peers, skip creation
+	}
+
+	logrus.Tracef("handling new user login for %s", userId)
+
+	ctx := domain.SetUserInfo(context.Background(), domain.SystemAdminContextUserInfo())
+	err = m.CreateDefaultPeer(ctx, userId)
+	if err != nil {
+		logrus.Errorf("failed to create default peer for %s: %v", userId, err)
+		return
 	}
 }
 

internal/app/wireguard/wireguard_peers.go

@@ -11,7 +11,7 @@ import (
 	"time"
 )
 
-func (m Manager) CreateDefaultPeer(ctx context.Context, user *domain.User) error {
+func (m Manager) CreateDefaultPeer(ctx context.Context, userId domain.UserIdentifier) error {
 	if err := domain.ValidateAdminAccessRights(ctx); err != nil {
 		return err
 	}
@@ -32,9 +32,10 @@ func (m Manager) CreateDefaultPeer(ctx context.Context, user *domain.User) error
 			return fmt.Errorf("failed to create default peer for interface %s: %w", iface.Identifier, err)
 		}
 
-		peer.UserIdentifier = user.Identifier
+		peer.UserIdentifier = userId
 		peer.DisplayName = fmt.Sprintf("Default Peer %s", internal.TruncateString(string(peer.Identifier), 8))
-		peer.Notes = fmt.Sprintf("Default peer created for user %s", user.Identifier)
+		peer.Notes = fmt.Sprintf("Default peer created for user %s", userId)
+		peer.AutomaticallyCreated = true
 
 		newPeers = append(newPeers, *peer)
 	}
@@ -47,7 +48,7 @@ func (m Manager) CreateDefaultPeer(ctx context.Context, user *domain.User) error
 		}
 	}
 
-	logrus.Infof("created %d default peers for user %s", len(newPeers), user.Identifier)
+	logrus.Infof("created %d default peers for user %s", len(newPeers), userId)
 
 	return nil
 }

internal/config/config.go

@@ -15,11 +15,12 @@ type Config struct {
 		AdminUser     string `yaml:"admin_user"`
 		AdminPassword string `yaml:"admin_password"`
 
-		EditableKeys            bool `yaml:"editable_keys"`
-		CreateDefaultPeer       bool `yaml:"create_default_peer"`
-		SelfProvisioningAllowed bool `yaml:"self_provisioning_allowed"`
-		ImportExisting          bool `yaml:"import_existing"`
-		RestoreState            bool `yaml:"restore_state"`
+		EditableKeys                bool `yaml:"editable_keys"`
+		CreateDefaultPeer           bool `yaml:"create_default_peer"`
+		CreateDefaultPeerOnCreation bool `yaml:"create_default_peer_on_creation"`
+		SelfProvisioningAllowed     bool `yaml:"self_provisioning_allowed"`
+		ImportExisting              bool `yaml:"import_existing"`
+		RestoreState                bool `yaml:"restore_state"`
 	} `yaml:"core"`
 
 	Advanced struct {
@@ -60,7 +61,7 @@ type Config struct {
 func (c *Config) LogStartupValues() {
 	logrus.Debug("WireGuard Portal Features:")
 	logrus.Debugf("  - EditableKeys: %t", c.Core.EditableKeys)
-	logrus.Debugf("  - CreateDefaultPeer: %t", c.Core.CreateDefaultPeer)
+	logrus.Debugf("  - CreateDefaultPeerOnCreation: %t", c.Core.CreateDefaultPeerOnCreation)
 	logrus.Debugf("  - SelfProvisioningAllowed: %t", c.Core.SelfProvisioningAllowed)
 	logrus.Debugf("  - ImportExisting: %t", c.Core.ImportExisting)
 	logrus.Debugf("  - RestoreState: %t", c.Core.RestoreState)

internal/domain/peer.go

@@ -40,14 +40,15 @@ type Peer struct {
 
 	// WG Portal specific
 
-	DisplayName         string              // a nice display name/ description for the peer
-	Identifier          PeerIdentifier      `gorm:"primaryKey;column:identifier"`      // peer unique identifier
-	UserIdentifier      UserIdentifier      `gorm:"index;column:user_identifier"`      // the owner
-	InterfaceIdentifier InterfaceIdentifier `gorm:"index;column:interface_identifier"` // the interface id
-	Disabled            *time.Time          `gorm:"column:disabled"`                   // if this field is set, the peer is disabled
-	DisabledReason      string              // the reason why the peer has been disabled
-	ExpiresAt           *time.Time          `gorm:"column:expires_at"`         // expiry dates for peers
-	Notes               string              `form:"notes" binding:"omitempty"` // a note field for peers
+	DisplayName          string              // a nice display name/ description for the peer
+	Identifier           PeerIdentifier      `gorm:"primaryKey;column:identifier"`      // peer unique identifier
+	UserIdentifier       UserIdentifier      `gorm:"index;column:user_identifier"`      // the owner
+	InterfaceIdentifier  InterfaceIdentifier `gorm:"index;column:interface_identifier"` // the interface id
+	Disabled             *time.Time          `gorm:"column:disabled"`                   // if this field is set, the peer is disabled
+	DisabledReason       string              // the reason why the peer has been disabled
+	ExpiresAt            *time.Time          `gorm:"column:expires_at"`         // expiry dates for peers
+	Notes                string              `form:"notes" binding:"omitempty"` // a note field for peers
+	AutomaticallyCreated bool                `gorm:"column:auto_created"`       // specifies if the peer was automatically created
 
 	// Interface settings for the peer, used to generate the [interface] section in the peer config file
 	Interface PeerInterfaceConfig `gorm:"embedded"`