Allow specification of workdir

packages/sshecret-admin/src/sshecret_admin/core/settings.py

@@ -1,5 +1,6 @@
 """SSH Server settings."""
 
+from pathlib import Path
 from pydantic import AnyHttpUrl, Field
 from pydantic_settings import BaseSettings, SettingsConfigDict
 from sqlalchemy import URL
@@ -22,10 +23,9 @@ class AdminServerSettings(BaseSettings):
     listen_address: str = Field(default="")
     secret_key: str
     port: int = DEFAULT_LISTEN_PORT
-
     database: str = Field(default=DEFAULT_DATABASE)
-    #admin_db: str = Field(default=DEFAULT_DATABASE)
     debug: bool = False
+    password_manager_directory: Path | None = None
 
     @property
     def admin_db(self) -> URL:

packages/sshecret-admin/src/sshecret_admin/services/master_password.py

@@ -24,11 +24,14 @@ def setup_master_password(
 
     This method should run just after setting up the database.
     """
-    created = _initial_key_setup(settings, filename, regenerate)
+    keyfile = Path(filename)
+    if settings.password_manager_directory:
+        keyfile = settings.password_manager_directory / filename
+    created = _initial_key_setup(settings, keyfile, regenerate)
     if not created:
         return None
 
-    return _generate_master_password(settings, filename)
+    return _generate_master_password(settings, keyfile)
 
 
 def decrypt_master_password(
@@ -36,10 +39,12 @@ def decrypt_master_password(
 ) -> str:
     """Retrieve master password."""
     keyfile = Path(filename)
+    if settings.password_manager_directory:
+        keyfile = settings.password_manager_directory / filename
     if not keyfile.exists():
         raise RuntimeError("Error: Private key has not been generated yet.")
 
-    private_key = load_private_key(KEY_FILENAME, password=settings.secret_key)
+    private_key = load_private_key(str(keyfile.absolute()), password=settings.secret_key)
     return decode_string(encrypted, private_key)
 
 
@@ -50,12 +55,10 @@ def _generate_password() -> str:
 
 def _initial_key_setup(
     settings: AdminServerSettings,
-    filename: str = KEY_FILENAME,
+    keyfile: Path,
     regenerate: bool = False,
 ) -> bool:
     """Set up initial keys."""
-    keyfile = Path(filename)
-
     if keyfile.exists() and not regenerate:
         return False
 
@@ -67,16 +70,15 @@ def _initial_key_setup(
 
 
 def _generate_master_password(
-    settings: AdminServerSettings, filename: str = KEY_FILENAME
+    settings: AdminServerSettings, keyfile: Path
 ) -> str:
     """Generate master password for password database.
 
     Returns the encrypted string, base64 encoded.
     """
-    keyfile = Path(filename)
     if not keyfile.exists():
         raise RuntimeError("Error: Private key has not been generated yet.")
-    private_key = load_private_key(filename, password=settings.secret_key)
+    private_key = load_private_key(str(keyfile.absolute()), password=settings.secret_key)
     public_key = private_key.public_key()
     master_password = _generate_password()
     return encrypt_string(master_password, public_key)

packages/sshecret-admin/src/sshecret_admin/testing.py

@@ -5,7 +5,7 @@ import os
 import bcrypt
 
 from sqlmodel import Session
-from .auth_models import User
+from sshecret_admin.auth.models import User
 
 
 def get_test_user_details() -> tuple[str, str]: