change steamCMD executor

cmd/steam-crypt/main.go

@@ -0,0 +1,93 @@
+package main
+
+import (
+	"acc-server-manager/local/model"
+	"acc-server-manager/local/utl/configs"
+	"flag"
+	"fmt"
+	"os"
+)
+
+func main() {
+	var (
+		encrypt   = flag.Bool("encrypt", false, "Encrypt a password")
+		decrypt   = flag.Bool("decrypt", false, "Decrypt a password")
+		password  = flag.String("password", "", "Password to encrypt/decrypt")
+		help      = flag.Bool("help", false, "Show help")
+	)
+
+	flag.Parse()
+
+	if *help || (!*encrypt && !*decrypt) {
+		showHelp()
+		return
+	}
+
+	if *encrypt && *decrypt {
+		fmt.Fprintf(os.Stderr, "Error: Cannot specify both -encrypt and -decrypt\n")
+		os.Exit(1)
+	}
+
+	if *password == "" {
+		fmt.Fprintf(os.Stderr, "Error: Password is required\n")
+		showHelp()
+		os.Exit(1)
+	}
+
+	// Initialize configs to load encryption key
+	configs.Init()
+
+	if *encrypt {
+		encrypted, err := model.EncryptPassword(*password)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Error encrypting password: %v\n", err)
+			os.Exit(1)
+		}
+		fmt.Println(encrypted)
+	}
+
+	if *decrypt {
+		decrypted, err := model.DecryptPassword(*password)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Error decrypting password: %v\n", err)
+			os.Exit(1)
+		}
+		fmt.Println(decrypted)
+	}
+}
+
+func showHelp() {
+	fmt.Println("Steam Credentials Encryption/Decryption Utility")
+	fmt.Println()
+	fmt.Println("This utility encrypts and decrypts Steam credentials using the same")
+	fmt.Println("AES-256-GCM encryption used by the ACC Server Manager application.")
+	fmt.Println()
+	fmt.Println("Usage:")
+	fmt.Println("  steam-crypt -encrypt -password \"your_password\"")
+	fmt.Println("  steam-crypt -decrypt -password \"encrypted_string\"")
+	fmt.Println()
+	fmt.Println("Options:")
+	fmt.Println("  -encrypt    Encrypt the provided password")
+	fmt.Println("  -decrypt    Decrypt the provided encrypted string")
+	fmt.Println("  -password   The password to encrypt or encrypted string to decrypt")
+	fmt.Println("  -help       Show this help message")
+	fmt.Println()
+	fmt.Println("Environment Variables Required:")
+	fmt.Println("  ENCRYPTION_KEY  - 32-byte encryption key (same as main application)")
+	fmt.Println("  APP_SECRET      - Application secret (required by configs)")
+	fmt.Println("  APP_SECRET_CODE - Application secret code (required by configs)")
+	fmt.Println("  ACCESS_KEY      - Access key (required by configs)")
+	fmt.Println()
+	fmt.Println("Examples:")
+	fmt.Println("  # Encrypt a password")
+	fmt.Println("  steam-crypt -encrypt -password \"mysteampassword\"")
+	fmt.Println()
+	fmt.Println("  # Decrypt an encrypted password")
+	fmt.Println("  steam-crypt -decrypt -password \"base64encryptedstring\"")
+	fmt.Println()
+	fmt.Println("Security Notes:")
+	fmt.Println("  - The encryption key must be exactly 32 bytes for AES-256")
+	fmt.Println("  - Uses AES-256-GCM for authenticated encryption")
+	fmt.Println("  - Each encryption includes a unique nonce for security")
+	fmt.Println("  - Passwords are validated for length and basic security")
+}

local/controller/membership.go

@@ -95,7 +95,7 @@ func (c *MembershipController) Login(ctx *fiber.Ctx) error {
 // @Failure 500 {object} error_handler.ErrorResponse "Internal server error"
 // @Router /auth/open-token [post]
 func (c *MembershipController) GenerateOpenToken(ctx *fiber.Ctx) error {
-	token, err := c.service.GenerateOpenToken(ctx.UserContext(), ctx.Locals("userId").(string))
+	token, err := c.service.GenerateOpenToken(ctx.UserContext(), ctx.Locals("userID").(string))
 	if err != nil {
 		return c.errorHandler.HandleAuthError(ctx, err)
 	}

local/service/steam_service.go

@@ -35,9 +35,15 @@ func NewSteamService(repository *repository.SteamCredentialsRepository, tfaManag
 		LogOutput: true,
 	}
 
+	// Create a separate executor for SteamCMD that doesn't use PowerShell
+	steamCMDExecutor := &command.CommandExecutor{
+		ExePath:   env.GetSteamCMDPath(),
+		LogOutput: true,
+	}
+
 	return &SteamService{
 		executor:            baseExecutor,
-		interactiveExecutor: command.NewInteractiveCommandExecutor(baseExecutor, tfaManager),
+		interactiveExecutor: command.NewInteractiveCommandExecutor(steamCMDExecutor, tfaManager),
 		repository:          repository,
 		tfaManager:          tfaManager,
 		pathValidator:       security.NewPathValidator(),
@@ -121,14 +127,8 @@ func (s *SteamService) InstallServer(ctx context.Context, installPath string, se
 		return fmt.Errorf("failed to get Steam credentials: %v", err)
 	}
 
-	// Get SteamCMD path from environment variable
-	steamCMDPath := env.GetSteamCMDPath()
-
-	// Build SteamCMD command
+	// Build SteamCMD command (no PowerShell args needed since we call SteamCMD directly)
 	args := []string{
-		"-nologo",
-		"-noprofile",
-		steamCMDPath,
 		"+force_install_dir", absPath,
 		"+login",
 	}
@@ -148,9 +148,17 @@ func (s *SteamService) InstallServer(ctx context.Context, installPath string, se
 		"+quit",
 	)
 
-	// Use interactive executor to handle potential 2FA prompts
+	// Use interactive executor to handle potential 2FA prompts with timeout
 	logging.Info("Installing ACC server to %s...", absPath)
-	if err := s.interactiveExecutor.ExecuteInteractive(ctx, serverID, args...); err != nil {
+	
+	// Create a context with timeout to prevent hanging indefinitely
+	timeoutCtx, cancel := context.WithTimeout(ctx, 10*time.Minute)
+	defer cancel()
+	
+	if err := s.interactiveExecutor.ExecuteInteractive(timeoutCtx, serverID, args...); err != nil {
+		if timeoutCtx.Err() == context.DeadlineExceeded {
+			return fmt.Errorf("SteamCMD operation timed out after 10 minutes")
+		}
 		return fmt.Errorf("failed to run SteamCMD: %v", err)
 	}
 

local/utl/command/interactive_executor.go

@@ -61,14 +61,33 @@ func (e *InteractiveCommandExecutor) ExecuteInteractive(ctx context.Context, ser
 	}
 
 	// Create channels for output monitoring
-	outputDone := make(chan error)
+	outputDone := make(chan error, 1)
+	cmdDone := make(chan error, 1)
 
 	// Monitor stdout and stderr for 2FA prompts
 	go e.monitorOutput(ctx, stdout, stderr, serverID, outputDone)
 
-	// Wait for either the command to finish or output monitoring to complete
-	cmdErr := cmd.Wait()
-	outputErr := <-outputDone
+	// Wait for the command to finish in a separate goroutine
+	go func() {
+		cmdDone <- cmd.Wait()
+	}()
+
+	// Wait for both command and output monitoring to complete
+	var cmdErr, outputErr error
+	completedCount := 0
+
+	for completedCount < 2 {
+		select {
+		case cmdErr = <-cmdDone:
+			completedCount++
+			logging.Info("Command execution completed")
+		case outputErr = <-outputDone:
+			completedCount++
+			logging.Info("Output monitoring completed")
+		case <-ctx.Done():
+			return ctx.Err()
+		}
+	}
 
 	if outputErr != nil {
 		logging.Warn("Output monitoring error: %v", outputErr)
@@ -78,45 +97,85 @@ func (e *InteractiveCommandExecutor) ExecuteInteractive(ctx context.Context, ser
 }
 
 func (e *InteractiveCommandExecutor) monitorOutput(ctx context.Context, stdout, stderr io.Reader, serverID *uuid.UUID, done chan error) {
-	defer close(done)
+	defer func() {
+		select {
+		case done <- nil:
+		default:
+		}
+	}()
 
 	// Create scanners for both outputs
 	stdoutScanner := bufio.NewScanner(stdout)
 	stderrScanner := bufio.NewScanner(stderr)
 
-	outputChan := make(chan string)
+	outputChan := make(chan string, 100) // Buffered channel to prevent blocking
+	readersDone := make(chan struct{}, 2)
 
 	// Read from stdout
 	go func() {
+		defer func() { readersDone <- struct{}{} }()
 		for stdoutScanner.Scan() {
 			line := stdoutScanner.Text()
 			if e.LogOutput {
 				logging.Info("STDOUT: %s", line)
 			}
-			outputChan <- line
+			select {
+			case outputChan <- line:
+			case <-ctx.Done():
+				return
+			}
+		}
+		if err := stdoutScanner.Err(); err != nil {
+			logging.Warn("Stdout scanner error: %v", err)
 		}
 	}()
 
 	// Read from stderr
 	go func() {
+		defer func() { readersDone <- struct{}{} }()
 		for stderrScanner.Scan() {
 			line := stderrScanner.Text()
 			if e.LogOutput {
 				logging.Info("STDERR: %s", line)
 			}
-			outputChan <- line
+			select {
+			case outputChan <- line:
+			case <-ctx.Done():
+				return
+			}
+		}
+		if err := stderrScanner.Err(); err != nil {
+			logging.Warn("Stderr scanner error: %v", err)
 		}
 	}()
 
-	// Monitor for 2FA prompts
+	// Monitor for completion and 2FA prompts
+	readersFinished := 0
 	for {
 		select {
 		case <-ctx.Done():
 			done <- ctx.Err()
 			return
+		case <-readersDone:
+			readersFinished++
+			if readersFinished == 2 {
+				// Both readers are done, close output channel and finish monitoring
+				close(outputChan)
+				// Drain any remaining output
+				for line := range outputChan {
+					if e.is2FAPrompt(line) {
+						if err := e.handle2FAPrompt(ctx, line, serverID); err != nil {
+							logging.Error("Failed to handle 2FA prompt: %v", err)
+							done <- err
+							return
+						}
+					}
+				}
+				return
+			}
 		case line, ok := <-outputChan:
 			if !ok {
-				done <- nil
+				// Channel closed, we're done
 				return
 			}
 

local/utl/configs/configs.go

@@ -8,7 +8,7 @@ import (
 )
 
 var (
-	Version       = "0.10.6"
+	Version       = "0.10.7"
 	Prefix        = "v1"
 	Secret        string
 	SecretCode    string

local/utl/security/path_validator.go

@@ -16,7 +16,6 @@ type PathValidator struct {
 func NewPathValidator() *PathValidator {
 	blockedPatterns := []*regexp.Regexp{
 		regexp.MustCompile(`\.\.`),
-		regexp.MustCompile(`[<>:"|?*]`),
 		regexp.MustCompile(`^(CON|PRN|AUX|NUL|COM[1-9]|LPT[1-9])$`),
 		regexp.MustCompile(`\x00`),
 		regexp.MustCompile(`^\\\\`),