clean up
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
const conf = require(`../../conf/townconf.json`);
|
||||
const l=require('../tools/log.js');
|
||||
//l.showlog= true; // force log as well in prod and dev
|
||||
l.context="apxtri";
|
||||
const currentmod='checkHeaders';
|
||||
const log = conf.api.activelog.includes(currentmod)
|
||||
/**
|
||||
* @api {get} http://header/CheckHeaders - CheckHeaders
|
||||
* @apiGroup Middlewares
|
||||
@@ -55,9 +54,9 @@ const checkHeaders = (req, res, next) => {
|
||||
if (!req.header("xlang") && req.header("Content-Language"))
|
||||
req.params.xlang = req.header("Content-Language");
|
||||
let missingheader = [];
|
||||
//console.log("req.headers", req.headers);
|
||||
if (log) console.log(currentmod," req.headers", req.headers);
|
||||
for (const h of conf.api.exposedHeaders) {
|
||||
//console.log( h, req.header( h ) )
|
||||
if (log) console.log(currentmod, h, req.header( h ) )
|
||||
if (req.params[h]) {
|
||||
header[h] = req.params[h];
|
||||
} else if (req.header(h)) {
|
||||
@@ -66,7 +65,7 @@ const checkHeaders = (req, res, next) => {
|
||||
missingheader.push(h);
|
||||
}
|
||||
}
|
||||
// console.log( 'pass header', header )
|
||||
if (log) console.log( currentmod, ' pass header', header )
|
||||
// store in session the header information
|
||||
req.session.header = header;
|
||||
// Each header have to be declared
|
||||
@@ -96,8 +95,8 @@ const checkHeaders = (req, res, next) => {
|
||||
}
|
||||
if (!conf.api.languages.includes(header.xlang)) {
|
||||
const info="warning language requested does not exist force to english";
|
||||
l.og(info);
|
||||
l.ogprod(req.header("xtribe"),info);
|
||||
if (log) console.log(currentmod, info);
|
||||
console.log(Date.now(),currentmod, req.header("xtribe"),info);
|
||||
header.xlang = "en";
|
||||
}
|
||||
//set anonymous profil
|
||||
|
||||
@@ -6,9 +6,9 @@ const glob = require("glob");
|
||||
// const openpgp = require("/media/phil/usbfarm/apxtri/node_modules/openpgp/dist/node/openpgp.js");
|
||||
const openpgp = require("openpgp");
|
||||
|
||||
const l=require('../tools/log.js');
|
||||
l.showlog= false; // force log as well in prod and dev
|
||||
l.context="isAuthenticated";
|
||||
const conf = require(`../../conf/townconf.json`);
|
||||
const currentmod='isAuthenticated';
|
||||
const log = conf.api.activelog.includes(currentmod)
|
||||
/**
|
||||
* @api {get} http://header/istauthenticated - isAuthenticated
|
||||
* @apiGroup Middlewares
|
||||
@@ -42,7 +42,7 @@ const isAuthenticated = async (req, res, next) => {
|
||||
let menagedone = fs.existsSync(
|
||||
`../tmp/tokens/menagedone${currentday}`
|
||||
);
|
||||
l.og(`menagedone${currentday} was it done today?:${menagedone}`);
|
||||
if (menagedone) console.log(Date.now(),`menagedone${currentday} was it done today?:${menagedone}`);
|
||||
if (!menagedone) {
|
||||
// clean oldest
|
||||
const tsday = dayjs().valueOf(); // now in timestamp format
|
||||
@@ -67,7 +67,7 @@ const isAuthenticated = async (req, res, next) => {
|
||||
);
|
||||
}
|
||||
//Check register in tmp/tokens/
|
||||
l.og("isAuthenticate?", req.session.header, req.body);
|
||||
if (log) console.log( currentmod," isAuthenticate?", req.session.header, req.body);
|
||||
|
||||
const resnotauth = {
|
||||
ref: "middlewares",
|
||||
@@ -81,7 +81,7 @@ const isAuthenticated = async (req, res, next) => {
|
||||
req.session.header.xalias == "anonymous" ||
|
||||
req.session.header.xhash == "anonymous"
|
||||
) {
|
||||
l.og("alias anonymous means not auth");
|
||||
if (log) console.log(currentmod,"alias anonymous means not auth");
|
||||
resnotauth.status = 401;
|
||||
return res.status(resnotauth.status).json(resnotauth);
|
||||
}
|
||||
@@ -100,9 +100,9 @@ const isAuthenticated = async (req, res, next) => {
|
||||
const failstamp = `../tmp/tokens/${alias}.json`;
|
||||
if (action == "clean") {
|
||||
//to reinit bruteforce checker
|
||||
l.og("try to clean penalty file ", failstamp);
|
||||
if (log) console.log(currentmod, "try to clean penalty file ", failstamp);
|
||||
fs.remove(failstamp, (err) => {
|
||||
if (err) console.log("Check forcebrut ", err);
|
||||
if (err) console.log(Date.now(),currentmod,"Check forcebrut ", err);
|
||||
});
|
||||
} else if (action == "penalty") {
|
||||
const stamp = fs.existsSync(failstamp)
|
||||
@@ -111,17 +111,14 @@ const isAuthenticated = async (req, res, next) => {
|
||||
stamp.lastfail = dayjs().format();
|
||||
stamp.numberfail += 1;
|
||||
fs.outputJSON(failstamp, stamp);
|
||||
l.og("penalty:", stamp);
|
||||
if (log) console.log(currentmod,"penalty:", stamp);
|
||||
await sleep(stamp.numberfail * 100); //increase of 0,1 second the answer time per fail
|
||||
l.og("time out penalty");
|
||||
if (log) console.log(currentmod,"time out penalty");
|
||||
}
|
||||
};
|
||||
if (!fs.existsSync(tmpfs)) {
|
||||
// need to check detached sign
|
||||
let publickey = "";
|
||||
l.og(process.cwd());
|
||||
l.og(process.env.PWD);
|
||||
l.og(__dirname);
|
||||
const aliasinfo = `../nationchains/pagans/itm/${req.session.header.xalias}.json`;
|
||||
if (fs.existsSync(aliasinfo)) {
|
||||
publickey = fs.readJsonSync(aliasinfo).publickey;
|
||||
@@ -130,26 +127,26 @@ const isAuthenticated = async (req, res, next) => {
|
||||
publickey = req.body.publickey;
|
||||
}
|
||||
if (publickey == "") {
|
||||
l.og("alias unknown");
|
||||
if (log) console.log(currentmod,"header xalias unknown:",req.session.header.xalias);
|
||||
resnotauth.status = 404;
|
||||
resnotauth.data.xaliasexists = false;
|
||||
return res.status(resnotauth.status).send(resnotauth);
|
||||
}
|
||||
l.og("publickey", publickey);
|
||||
if (log) console.log(currentmod,"publickey", publickey);
|
||||
if (publickey.substring(0, 31) !== "-----BEGIN PGP PUBLIC KEY BLOCK") {
|
||||
l.og("Publickey is not valid as armored key:", publickey);
|
||||
console.log(Date.now(),currentmod,"Publickey is not valid as armored key:", publickey);
|
||||
await bruteforcepenalty(req.session.header.xalias, "penalty");
|
||||
resnotauth.status = 404;
|
||||
return res.status(resnotauth.status).send(resnotauth);
|
||||
}
|
||||
const clearmsg = Buffer.from(req.session.header.xhash, "base64").toString();
|
||||
if (clearmsg.substring(0, 10) !== "-----BEGIN") {
|
||||
l.og("xhash conv is not valid as armored key:", clearmsg);
|
||||
if (log) console.log(currentmod,"xhash conv is not valid as armored key:", clearmsg);
|
||||
await bruteforcepenalty(req.session.header.xalias, "penalty");
|
||||
resnotauth.status = 404;
|
||||
return res.status(resnotauth.status).send(resnotauth);
|
||||
}
|
||||
l.og("clearmsg", clearmsg);
|
||||
if (log) console.log(currentmod, "clearmsg", clearmsg);
|
||||
let signedMessage=""
|
||||
const pubkey = await openpgp.readKey({ armoredKey: publickey });
|
||||
try{
|
||||
@@ -163,8 +160,8 @@ const isAuthenticated = async (req, res, next) => {
|
||||
message: signedMessage,
|
||||
verificationKeys: pubkey,
|
||||
});
|
||||
l.og(verificationResult);
|
||||
l.og(verificationResult.signatures[0].keyID.toHex());
|
||||
if (log) console.log(currentmod,verificationResult);
|
||||
if (log) console.log(currentmod,verificationResult.signatures[0].keyID.toHex());
|
||||
try {
|
||||
await verificationResult.signatures[0].verified;
|
||||
if (
|
||||
@@ -172,8 +169,7 @@ const isAuthenticated = async (req, res, next) => {
|
||||
`${req.session.header.xalias}_${req.session.header.xdays}`
|
||||
) {
|
||||
resnotauth.msg = "signaturefailled";
|
||||
l.og(
|
||||
`message recu:${verificationResult.data} , message attendu:${req.session.header.xalias}_${req.session.header.xdays}`
|
||||
if (log) console.log(currentmod,`message recu:${verificationResult.data} , message attendu:${req.session.header.xalias}_${req.session.header.xdays}`
|
||||
);
|
||||
await bruteforcepenalty(req.session.header.xalias, "penalty");
|
||||
resnotauth.status = 401;
|
||||
@@ -181,18 +177,18 @@ const isAuthenticated = async (req, res, next) => {
|
||||
}
|
||||
} catch (e) {
|
||||
resnotauth.msg = "signaturefailled";
|
||||
l.og("erreur", e);
|
||||
if (log) console.log(currentmod,"erreur", e);
|
||||
await bruteforcepenalty(req.session.header.xalias, "penalty");
|
||||
resnotauth.status = 401;
|
||||
return res.status(resnotauth.status).send(resnotauth);
|
||||
}
|
||||
// authenticated then get person profils (person = pagan for a xtrib)
|
||||
const person = `${process.env.dirtown}/tribes/${req.session.header.xtribe}/objects/persons/itm/${req.session.header.xalias}.json`;
|
||||
l.og("Profils tribe/app management");
|
||||
l.og("person", person);
|
||||
const person = `../nationchains/tribes/${req.session.header.xtribe}/objects/persons/itm/${req.session.header.xalias}.json`;
|
||||
if (log) console.log(currentmod,"Profils tribe/app management");
|
||||
if (log) console.log(currentmod,"person", person);
|
||||
if (fs.existsSync(person)) {
|
||||
const infoperson = fs.readJSONSync(person);
|
||||
l.og(infoperson);
|
||||
if (log) console.log(currentmod,"infoperson",infoperson);
|
||||
infoperson.profils.forEach((p) => {
|
||||
if (!req.session.header.xprofils.includes(p)) req.session.header.xprofils.push(p);
|
||||
})
|
||||
@@ -205,7 +201,7 @@ const isAuthenticated = async (req, res, next) => {
|
||||
req.session.header.xprofils = fs.readJSONSync(tmpfs);
|
||||
}
|
||||
bruteforcepenalty(req.session.header.xalias, "clean");
|
||||
l.og(`${req.session.header.xalias} Authenticated`);
|
||||
if (log) console.log(currentmod,`${req.session.header.xalias} Authenticated`);
|
||||
next();
|
||||
};
|
||||
module.exports = isAuthenticated;
|
||||
|
||||
Reference in New Issue
Block a user