apxtri/apxtrib
apxtri/apxtrib
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects 2 Releases Wiki Activity
908daaa8d3
apxtrib/api/middlewares/isAuthenticated.js
philc 85862577b2 cleanup
2023-05-16 10:31:27 +02:00

107 lines
3.5 KiB
JavaScript
Executable File
Raw Blame History

const fs = require("fs-extra");
const dayjs = require("dayjs");
const glob = require("glob");
const openpgp = require("openpgp");
const conf = require(`${process.env.dirtown}/conf.json`);
const isAuthenticated = async (req, res, next) => {
// once a day rm oldest tokens than 24hours tag job by adding tmp/tokensmenagedone{day}
const currentday = dayjs().date();
console.log(
"if menagedone" + currentday,
!fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)
);
if (!fs.existsSync(`${process.env.dirtown}/tmp/tokens`))
fs.mkdirSync(`${process.env.dirtown}/tmp/tokens`);
if (!fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)) {
// clean oldest
const tsday = dayjs().valueOf(); // now in timestamp format
glob.sync(`${process.env.dirtown}/tmp/tokensmenagedone*`).forEach((f) => {
fs.removeSync(f);
});
glob.sync(`${process.env.dirtown}/tmp/tokens/*.json`).forEach((f) => {
if (tsday - parseInt(f.split("_")[1]) > 86400000) fs.remove(f);
});
}
//Check register in tmp/tokens/
console.log("isAuthenticate?");
const resnotauth = {
ref: "headers",
msg: "notauthenticated",
data: {
xalias: req.session.header.xalias,
xaliasexists: true,
},
};
console.log(req.session.header);
if (req.session.header.xalias == "anonymous") {
console.log("alias anonymous means not auth");
return res.status(401).json(resnotauth);
}
const tmpfs = `${process.env.dirtown}/tmp/tokens/${req.session.header.xalias}_${
req.session.header.xdays
}_${req.session.header.xhash.substring(20, 200)}`;
console.log(tmpfs);
if (!fs.existsSync(tmpfs)) {
// need to check detached sign
let publickey;
if (
fs.existsSync(
`${conf.dirapi}/nationchains/pagans/itm/${req.session.header.xalias}.json`
)
) {
const pagan = fs.readJsonSync(
`${conf.dirapi}nationchains/pagans/itm/${req.session.header.xalias}.json`
);
publickey = pagan.publicKey;
} else {
resnotauth.data.xaliasexists = false;
if (req.body.publickey) {
publickey = req.body.publickey;
} else {
console.log("alias unknown");
return res.status(404).send(resnotauth);
}
}
console.log(publickey);
console.log(Buffer.from(req.session.header.xhash, "base64").toString());
const publicKey = await openpgp.readKey({ armoredKey: publickey });
const msg = await openpgp.createMessage({
text: `${req.session.header.xalias}_${req.session.header.xdays}`,
});
const signature = await openpgp.readSignature({
armoredSignature: Buffer.from(
req.session.header.xhash,
"base64"
).toString(),
});
console.log(msg);
console.log(signature);
console.log(publicKey);
const checkauth = await openpgp.verify({
message: msg,
signature: signature,
verificationKeys: publicKey,
});
console.log(checkauth);
console.log(checkauth.signatures[0].keyID);
//console.log(await checkauth.signatures[0].signature);
//console.log(await checkauth.signatures[0].verified);
const { check, keyID } = checkauth.signatures[0];
try {
await check; // raise an error if necessary
fs.outputFileSync(tmpfs, req.session.header.xhash, "utf8");
} catch (e) {
resnotauth.msg = "signaturefailed";
console.log("not auth fail sign");
return res.status(401).send(resnotauth);
}
}
console.log("Authenticated");
next();
};
module.exports = isAuthenticated;
Reference in New Issue View Git Blame Copy Permalink