add key pairs

2015-11-19 12:34:59 +00:00 · 2015-11-19 12:34:59 +00:00 · 6d3d334370
parent 17c18a15f3
commit 6d3d334370
4 changed files with 28 additions and 0 deletions
--- a/boot/master.js
+++ b/boot/master.js
@ -82,6 +82,9 @@ cluster.on('online', function (worker) {
      var config = require('../config');
      info.conf.primaryNameserver = config.primaryNameserver;
      info.conf.nameservers = config.nameservers;
+      // TODO get this from db config instead
+      info.conf.privkey = config.privkey;
+      info.conf.pubkey = config.pubkey;
      worker.send(info);
    });
  }
--- a/lib/api-server.js
+++ b/lib/api-server.js
@ -19,6 +19,7 @@ module.exports.create = function (conf, deps/*, Services*/) {

    return new PromiseA(function (resolve, reject) {
      var myApp;
+      var ursa;

      try {
        // TODO dynamic requires are a no-no
@ -26,9 +27,22 @@ module.exports.create = function (conf, deps/*, Services*/) {
        // module.exports = { {{pkgpath}}: function () { return require({{pkgpath}}) } }
        // requirer[pkgpath]()
        myApp = express();
+        myApp.disable('x-powered-by');
        if (app.get('trust proxy')) {
          myApp.set('trust proxy', app.get('trust proxy'));
        }
+        if (!conf.pubkey) {
+          /*
+            return ursa.createPrivateKey(pem, password, encoding);
+            var pem = myKey.toPrivatePem();
+            return jwt.verifyAsync(token, myKey.toPublicPem(), { ignoreExpiration: false && true }).then(function (decoded) {
+            });
+          */
+          ursa = require('ursa');
+          conf.keypair = ursa.createPrivateKey(conf.privkey, 'ascii');
+          conf.pubkey = ursa.createPublicKey(conf.pubkey, 'ascii'); //conf.keypair.toPublicKey();
+        }
+        // TODO give pub/priv pair for app and all public keys
        route.route = require(pkgpath).create(conf, deps, myApp);
      } catch(e) {
        reject(e);
@ -114,6 +128,7 @@ module.exports.create = function (conf, deps/*, Services*/) {
      }

      if (!route.api) {
+        console.error('missing route:', req.url);
        nextify(new Error("no api available for this route"));
        return;
      }
--- a/lib/worker.js
+++ b/lib/worker.js
@ -38,6 +38,7 @@ module.exports.create = function (webserver, info, state) {
  });
  var cstore = require('cluster-store');

+  app.disable('x-powered-by');
  if (info.conf.trustProxy) {
    console.info('[Trust Proxy]');
    app.set('trust proxy', ['loopback']);
@ -161,6 +162,8 @@ module.exports.create = function (webserver, info, state) {
        , externalPort: info.conf.externalPort
        , primaryNameserver: info.conf.primaryNameserver
        , nameservers: info.conf.nameservers
+        , privkey: info.conf.privkey
+        , pubkey: info.conf.pubkey
        , apiPrefix: '/api'
        };

@ -252,6 +255,12 @@ module.exports.create = function (webserver, info, state) {
          } else {
            res.send('<html><head><title>ERROR</title></head><body>Error</body></html>');
          }
+
+          // sadly express uses arity checking
+          // so the fourth parameter must exist
+          if (false) {
+            next();
+          }
        });

        return app;
--- a/package.json
+++ b/package.json
@ -68,6 +68,7 @@
    "escape-string-regexp": "1.x",
    "etag": "^1.5.1",
    "express": "4.x",
+    "express-jwt": "^3.3.0",
    "express-lazy": "^1.1.1",
    "express-session": "^1.11.3",
    "finalhandler": "^0.3.4",