obfuscate password fields

lib/new-settings-loader.js

@@ -4,6 +4,19 @@ const migration = require('./config-migration')
 
 const OLD_SETTINGS_LOADER_SCHEMA_VERSION = 1
 const NEW_SETTINGS_LOADER_SCHEMA_VERSION = 2
+const PASSWORD_FILLED = 'PASSWORD_FILLED'
+const SECRET_FIELDS = [
+  'bitgo.BTCWalletPassphrase',
+  'bitgo.LTCWalletPassphrase',
+  'bitgo.ZECWalletPassphrase',
+  'bitgo.BCHWalletPassphrase',
+  'bitgo.DASHWalletPassphrase',
+  'bitstamp.secret',
+  'infura.apiSecret',
+  'itbit.clientSecret',
+  'kraken.privateKey',
+  'twilio.authToken'
+]
 
 const accountsSql = `update user_config set data = $2, valid = $3, schema_version = $4 where type = $1;
 insert into user_config (type, data, valid, schema_version)
@@ -40,6 +53,27 @@ function loadAccounts (schemaVersion) {
     .then(_.compose(_.defaultTo({}), _.get('data.accounts')))
 }
 
+function showAccounts (schemaVersion) {
+  const sql = `select data
+  from user_config
+  where type=$1
+  and schema_version=$2
+  and valid
+  order by id desc
+  limit 1`
+
+  return db.oneOrNone(sql, ['accounts', schemaVersion || NEW_SETTINGS_LOADER_SCHEMA_VERSION])
+    .then(res => {
+      const accounts = _.compose(_.defaultTo({}), _.get('data.accounts'))(res)
+      const filledSecretPaths = _.compact(_.map(path => {
+        if (!_.isEmpty(_.get(path, accounts))) {
+          return path
+        }
+      }, SECRET_FIELDS))
+      return _.compose(_.map(path => _.assoc(path, PASSWORD_FILLED), filledSecretPaths))(accounts)
+    })
+}
+
 const configSql = 'insert into user_config (type, data, valid, schema_version) values ($1, $2, $3, $4)'
 function saveConfig (config) {
   return loadLatestConfigOrNone()
@@ -143,6 +177,7 @@ module.exports = {
   saveAccounts,
   resetAccounts,
   loadAccounts,
+  showAccounts,
   loadLatest,
   loadLatestConfig,
   loadLatestConfigOrNone,