coolaj86
/
telebit.js
1
2
Fork 1
Code Issues 46 Pull Requests 2 Releases Activity

WIP: authenticate all requests

This commit is contained in:
AJ ONeal 2019-05-11 16:53:24 -06:00
parent 1826ec8497
commit 33b00ee330
3 changed files with 49 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bin/telebit-remote.js
View File

@ -707,6 +707,10 @@ function parseConfig(err, text) {
}).then(function (resp) {
//nonce = resp.headers['replay-nonce'];
if (!resp.body || 'valid' !== resp.body.status) {
console.error('request jws:', jws);
console.error('response:');
console.error(resp.headers);
console.error(resp.body);
throw new Error("did not successfully create or restore account");
}
return RC.requestAsync({ service: 'config', method: 'GET' }).catch(function (err) {

18
bin/telebitd.js
View File

@ -1049,11 +1049,14 @@ function handleApi() {
function mustTrust(req, res, next) {
// TODO public routes should be explicitly marked
// trusted should be the default
if (req.trusted) { next(); }
res.statusCode = 400;
res.send({"error":{"message": "this type of requests must be encoded as a jws payload"
+ " and signed by a trusted account holder"}});
return;
if (!req.trusted) {
res.statusCode = 400;
res.send({"error":{"message": "this type of requests must be encoded as a jws payload"
+ " and signed by a trusted account holder"}});
return;
}
next();
}
app.use(/\b(relay)\b/, mustTrust, controllers.relay);
app.get(/\b(config)\b/, mustTrust, getConfigOnly);
@ -1076,7 +1079,10 @@ function handleApi() {
app.use(/\b(status)\b/, mustTrust, getStatus);
app.use(/\b(list)\b/, mustTrust, listSuccess);
app.use('/', function (req, res) {
res.send({"error":{"message":"unrecognized rpc"}});
res.send({"error":{"message":"unrecognized rpc: [" + req.method + "] " + req.url + "\n"
+ JSON.stringify(req.headers) + "\n"
+ JSON.stringify(req.body) + "\n"
}});
});
return app;

50
lib/eggspress.js
View File

@ -51,16 +51,29 @@ module.exports = function eggspress() {
res.end(e.message);
}
try {
console.log("[eggspress] matched pattern", todo[0], req.url);
var p = todo[1](req, res, next);
if (p && p.catch) {
p.catch(fail);
}
} catch(e) {
fail(e);
return;
console.log("[eggspress] matched pattern", todo[0], req.url);
if ('function' === typeof todo[1]) {
// TODO this is prep-work
todo[1] = [todo[1]];
}
var fns = todo[1].slice(0);
function nextTodo(err) {
if (err) { fail(err); return; }
var fn = fns.shift();
if (!fn) { next(err); return; }
try {
var p = fn(req, res, nextTodo);
if (p && p.catch) {
p.catch(fail);
}
} catch(e) {
fail(e);
return;
}
}
nextTodo();
}
res.send = eggSend;
@ -68,19 +81,22 @@ module.exports = function eggspress() {
next();
};
app.use = function (pattern, fn) {
return app._use('', pattern, fn);
app.use = function (pattern) {
var fns = Array.prototype.slice.call(arguments, 1);
return app._use('', pattern, fns);
};
[ 'HEAD', 'GET', 'POST', 'DELETE' ].forEach(function (method) {
app[method.toLowerCase()] = function (pattern, fn) {
return app._use(method, pattern, fn);
app[method.toLowerCase()] = function (pattern) {
var fns = Array.prototype.slice.call(arguments, 1);
return app._use(method, pattern, fns);
};
});
app.post = function (pattern, fn) {
return app._use('POST', pattern, fn);
app.post = function (pattern) {
var fns = Array.prototype.slice.call(arguments, 1);
return app._use('POST', pattern, fns);
};
app._use = function (method, pattern, fn) {
app._use = function (method, pattern, fns) {
// always end in a slash, for now
if ('string' === typeof pattern) {
pattern = pattern.replace(/\/$/, '') + '/';
@ -94,7 +110,7 @@ module.exports = function eggspress() {
return b.length - a.length;
});
*/
allPatterns.push([pattern, fn, method.toLowerCase()]);
allPatterns.push([pattern, fns, method.toLowerCase()]);
return app;
};