WIP: authenticate all requests

bin/telebit-remote.js

@@ -707,6 +707,10 @@ function parseConfig(err, text) {
         }).then(function (resp) {
           //nonce = resp.headers['replay-nonce'];
           if (!resp.body || 'valid' !== resp.body.status) {
+            console.error('request jws:', jws);
+            console.error('response:');
+            console.error(resp.headers);
+            console.error(resp.body);
             throw new Error("did not successfully create or restore account");
           }
           return RC.requestAsync({ service: 'config', method: 'GET' }).catch(function (err) {

bin/telebitd.js

@@ -1049,12 +1049,15 @@ function handleApi() {
   function mustTrust(req, res, next) {
     // TODO public routes should be explicitly marked
     // trusted should be the default
-    if (req.trusted) { next(); }
+    if (!req.trusted) {
       res.statusCode = 400;
       res.send({"error":{"message": "this type of requests must be encoded as a jws payload"
         + " and signed by a trusted account holder"}});
       return;
     }
+
+    next();
+  }
   app.use(/\b(relay)\b/, mustTrust, controllers.relay);
   app.get(/\b(config)\b/, mustTrust, getConfigOnly);
   app.use(/\b(init|config)\b/, mustTrust, initOrConfig);
@@ -1076,7 +1079,10 @@ function handleApi() {
   app.use(/\b(status)\b/, mustTrust, getStatus);
   app.use(/\b(list)\b/, mustTrust, listSuccess);
   app.use('/', function (req, res) {
-    res.send({"error":{"message":"unrecognized rpc"}});
+    res.send({"error":{"message":"unrecognized rpc: [" + req.method + "] " + req.url + "\n"
+      + JSON.stringify(req.headers) + "\n"
+      + JSON.stringify(req.body) + "\n"
+    }});
   });
 
   return app;

lib/eggspress.js

@@ -51,9 +51,20 @@ module.exports = function eggspress() {
         res.end(e.message);
       }
 
-      try {
       console.log("[eggspress] matched pattern", todo[0], req.url);
-        var p = todo[1](req, res, next);
+      if ('function' === typeof todo[1]) {
+        // TODO this is prep-work
+        todo[1] = [todo[1]];
+      }
+
+      var fns = todo[1].slice(0);
+
+      function nextTodo(err) {
+        if (err) { fail(err); return; }
+        var fn = fns.shift();
+        if (!fn) { next(err); return; }
+        try {
+          var p = fn(req, res, nextTodo);
           if (p && p.catch) {
             p.catch(fail);
           }
@@ -62,25 +73,30 @@ module.exports = function eggspress() {
           return;
         }
       }
+      nextTodo();
+    }
 
     res.send = eggSend;
 
     next();
   };
 
-  app.use = function (pattern, fn) {
+  app.use = function (pattern) {
-    return app._use('', pattern, fn);
+    var fns = Array.prototype.slice.call(arguments, 1);
+    return app._use('', pattern, fns);
   };
   [ 'HEAD', 'GET', 'POST', 'DELETE' ].forEach(function (method) {
-    app[method.toLowerCase()] = function (pattern, fn) {
+    app[method.toLowerCase()] = function (pattern) {
-      return app._use(method, pattern, fn);
+      var fns = Array.prototype.slice.call(arguments, 1);
+      return app._use(method, pattern, fns);
     };
   });
 
-  app.post = function (pattern, fn) {
+  app.post = function (pattern) {
-    return app._use('POST', pattern, fn);
+    var fns = Array.prototype.slice.call(arguments, 1);
+    return app._use('POST', pattern, fns);
   };
-  app._use = function (method, pattern, fn) {
+  app._use = function (method, pattern, fns) {
     // always end in a slash, for now
     if ('string' === typeof pattern) {
       pattern = pattern.replace(/\/$/, '')  + '/';
@@ -94,7 +110,7 @@ module.exports = function eggspress() {
       return b.length - a.length;
     });
     */
-    allPatterns.push([pattern, fn, method.toLowerCase()]);
+    allPatterns.push([pattern, fns, method.toLowerCase()]);
     return app;
   };