only remove private key if a custom public key was specified (#112)

internal/server/handlers_peer.go

@@ -420,9 +420,9 @@ func (s *Server) PostUserCreatePeer(c *gin.Context) {
 		formPeer = currentSession.FormData.(wireguard.Peer)
 	}
 
-	formPeer.Email = currentSession.Email;
-	formPeer.Identifier = currentSession.Email;
-	formPeer.DeviceType = wireguard.DeviceTypeServer;
+	formPeer.Email = currentSession.Email
+	formPeer.Identifier = currentSession.Email
+	formPeer.DeviceType = wireguard.DeviceTypeServer
 
 	if err := c.ShouldBind(&formPeer); err != nil {
 		_ = s.updateFormInSession(c, formPeer)
@@ -431,6 +431,11 @@ func (s *Server) PostUserCreatePeer(c *gin.Context) {
 		return
 	}
 
+	// if public key was manually set, remove the incorrect private key
+	if formPeer.PublicKey != currentSession.FormData.(wireguard.Peer).PublicKey {
+		formPeer.PrivateKey = ""
+	}
+
 	disabled := c.PostForm("isdisabled") != ""
 	now := time.Now()
 	if disabled {
@@ -451,7 +456,6 @@ func (s *Server) PostUserCreatePeer(c *gin.Context) {
 func (s *Server) GetUserEditPeer(c *gin.Context) {
 	peer := s.peers.GetPeerByKey(c.Query("pkey"))
 
-	
 	currentSession, err := s.setFormInSession(c, peer)
 	if err != nil {
 		s.GetHandleError(c, http.StatusInternalServerError, "Session error", err.Error())
@@ -460,7 +464,7 @@ func (s *Server) GetUserEditPeer(c *gin.Context) {
 
 	if peer.Email != currentSession.Email {
 		s.GetHandleError(c, http.StatusUnauthorized, "No permissions", "You don't have permissions to view this resource!")
-		return;
+		return
 	}
 
 	c.HTML(http.StatusOK, "user_edit_client.html", gin.H{
@@ -485,7 +489,7 @@ func (s *Server) PostUserEditPeer(c *gin.Context) {
 
 	if currentPeer.Email != currentSession.Email {
 		s.GetHandleError(c, http.StatusUnauthorized, "No permissions", "You don't have permissions to view this resource!")
-		return;
+		return
 	}
 
 	disabled := c.PostForm("isdisabled") != ""