Handle password on creation

packages/server/src/api/controllers/application.ts

@@ -114,7 +114,18 @@ function checkAppName(
   }
 }
 
-async function createInstance(appId: string, template: any) {
+interface AppTemplate {
+  templateString: string
+  useTemplate: string
+  file?: {
+    type: string
+    path: string
+    password?: string
+  }
+  key?: string
+}
+
+async function createInstance(appId: string, template: AppTemplate) {
   const db = context.getAppDB()
   await db.put({
     _id: "_design/database",
@@ -237,19 +248,24 @@ export async function fetchAppPackage(ctx: UserCtx) {
 async function performAppCreate(ctx: UserCtx) {
   const apps = (await dbCore.getAllApps({ dev: true })) as App[]
   const name = ctx.request.body.name,
-    possibleUrl = ctx.request.body.url
+    possibleUrl = ctx.request.body.url,
+    encryptionPassword = ctx.request.body.encryptionPassword
+
   checkAppName(ctx, apps, name)
   const url = sdk.applications.getAppUrl({ name, url: possibleUrl })
   checkAppUrl(ctx, apps, url)
 
   const { useTemplate, templateKey, templateString } = ctx.request.body
-  const instanceConfig: any = {
+  const instanceConfig: AppTemplate = {
     useTemplate,
     key: templateKey,
     templateString,
   }
   if (ctx.request.files && ctx.request.files.templateFile) {
-    instanceConfig.file = ctx.request.files.templateFile
+    instanceConfig.file = {
+      ...(ctx.request.files.templateFile as any),
+      password: encryptionPassword,
+    }
   }
   const tenantId = tenancy.isMultiTenant() ? tenancy.getTenantId() : null
   const appId = generateDevAppID(generateAppID(tenantId))

packages/server/src/api/controllers/backup.ts

@@ -10,7 +10,7 @@ export async function exportAppDump(ctx: any) {
   const appName = decodeURI(ctx.query.appname)
   excludeRows = isQsTrue(excludeRows)
   const backupIdentifier = `${appName}-export-${new Date().getTime()}${
-    encryptPassword ? "-enc" : ""
+    encryptPassword ? ".enc" : ""
   }.tar.gz`
   ctx.attachment(backupIdentifier)
   ctx.body = await sdk.backups.streamExportApp({

packages/server/src/sdk/app/backups/imports.ts

@@ -124,12 +124,19 @@ export function untarFile(file: { path: string }) {
   return tmpPath
 }
 
-async function decryptFiles(path: string) {
+async function decryptFiles(path: string, password: string) {
-  for (let file of fs.readdirSync(path)) {
+  try {
-    const inputPath = join(path, file)
+    for (let file of fs.readdirSync(path)) {
-    const outputPath = inputPath.replace(/\.enc$/, "")
+      const inputPath = join(path, file)
-    await encryption.decryptFile(inputPath, outputPath, "password")
+      const outputPath = inputPath.replace(/\.enc$/, "")
-    fs.rmSync(inputPath)
+      await encryption.decryptFile(inputPath, outputPath, password)
+      fs.rmSync(inputPath)
+    }
+  } catch (err: any) {
+    if (err.message === "incorrect header check") {
+      throw new Error("Wrong password")
+    }
+    throw err
   }
 }
 
@@ -154,7 +161,7 @@ export async function importApp(
   if (template.file && (isTar || isDirectory)) {
     const tmpPath = isTar ? untarFile(template.file) : template.file.path
     if (isTar && template.file.password) {
-      await decryptFiles(tmpPath)
+      await decryptFiles(tmpPath, template.file.password)
     }
     const contents = fs.readdirSync(tmpPath)
     // have to handle object import