feat: add proper password check

api.go

@@ -222,6 +222,8 @@ func (api *API) Start(startRequest *models.StartRequest) error {
 }
 
 func (api *API) Setup(setupRequest *models.SetupRequest) error {
+	api.svc.cfg.SavePasswordCheck(setupRequest.UnlockPassword)
+
 	// only update non-empty values
 	if setupRequest.LNBackendType != "" {
 		api.svc.cfg.SetUpdate("LNBackendType", setupRequest.LNBackendType, "")

config.go

@@ -16,6 +16,7 @@ const (
 	BreezBackendType     = "BREEZ"
 	SessionCookieName    = "session"
 	SessionCookieAuthKey = "authenticated"
+	UnlockPasswordCheck  = "THIS STRING SHOULD MATCH IF PASSWORD IS CORRECT"
 )
 
 type AppConfig struct {
@@ -128,6 +129,16 @@ func (cfg *Config) SetUpdate(key string, value string, encryptionKey string) {
 	cfg.set(key, value, clauses, encryptionKey)
 }
 
+func (cfg *Config) CheckUnlockPassword(encryptionKey string) bool {
+	decryptedValue, err := cfg.Get("UnlockPasswordCheck", encryptionKey)
+
+	return err == nil && decryptedValue == UnlockPasswordCheck
+}
+
+func (cfg *Config) SavePasswordCheck(encryptionKey string) {
+	cfg.SetUpdate("UnlockPasswordCheck", UnlockPasswordCheck, encryptionKey)
+}
+
 func randomHex(n int) (string, error) {
 	bytes := make([]byte, n)
 	if _, err := rand.Read(bytes); err != nil {

start.go

@@ -1,6 +1,8 @@
 package main
 
 import (
+	"errors"
+
 	"github.com/nbd-wtf/go-nostr"
 	"github.com/nbd-wtf/go-nostr/nip19"
 )
@@ -78,6 +80,11 @@ func (svc *Service) StartNostr(encryptionKey string) error {
 }
 
 func (svc *Service) StartApp(encryptionKey string) error {
+	if !svc.cfg.CheckUnlockPassword(encryptionKey) {
+		svc.Logger.Errorf("Invalid password")
+		return errors.New("Invalid password")
+	}
+
 	err := svc.launchLNBackend(encryptionKey)
 	if err != nil {
 		svc.Logger.Errorf("Failed to launch LN backend: %v", err)