apxtrib/api/middlewares/isAuthenticated.js

const fs = require("fs-extra");
const dayjs = require("dayjs");
const glob = require("glob");
const openpgp = require("openpgp");

const conf = require(`${process.env.dirtown}/conf.json`);

const isAuthenticated = async (req, res, next) => {
  // once a day rm oldest tokens than 24hours tag job by adding tmp/tokensmenagedone{day}
  const currentday = dayjs().date();
  console.log(
    "if menagedone" + currentday,
    !fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)
  );
  if (!fs.existsSync(`${process.env.dirtown}/tmp/tokens`))
    fs.mkdirSync(`${process.env.dirtown}/tmp/tokens`);
  if (!fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)) {
    // clean oldest
    const tsday = dayjs().valueOf(); // now in timestamp format
    glob.sync(`${process.env.dirtown}/tmp/tokensmenagedone*`).forEach((f) => {
      fs.removeSync(f);
    });
    glob.sync(`${process.env.dirtown}/tmp/tokens/*.json`).forEach((f) => {
      if (tsday - parseInt(f.split("_")[1]) > 86400000) fs.remove(f);
    });
  }
  //Check register in tmp/tokens/
  console.log("isAuthenticate?");
  const resnotauth = {
    ref: "headers",
    msg: "notauthenticated",
    data: {
      xalias: req.session.header.xalias,
      xaliasexists: true,
    },
  };
  console.log(req.session.header);
  if (req.session.header.xalias == "anonymous") {
    console.log("alias anonymous means not auth");
    return res.status(401).json(resnotauth);
  }

  const tmpfs = `${process.env.dirtown}/tmp/tokens/${req.session.header.xalias}_${
    req.session.header.xdays
  }_${req.session.header.xhash.substring(20, 200)}`;
  console.log(tmpfs);
  if (!fs.existsSync(tmpfs)) {
    // need to check detached sign
    let publickey;
    if (
      fs.existsSync(
        `${conf.dirapi}/nationchains/pagans/itm/${req.session.header.xalias}.json`
      )
    ) {
      const pagan = fs.readJsonSync(
        `${conf.dirapi}nationchains/pagans/itm/${req.session.header.xalias}.json`
      );
      publickey = pagan.publicKey;
    } else {
      resnotauth.data.xaliasexists = false;
      if (req.body.publickey) {
        publickey = req.body.publickey;
      } else {
        console.log("alias unknown");
        return res.status(404).send(resnotauth);
      }
    }
    console.log(publickey);
    console.log(Buffer.from(req.session.header.xhash, "base64").toString());
    const publicKey = await openpgp.readKey({ armoredKey: publickey });
    const msg = await openpgp.createMessage({
      text: `${req.session.header.xalias}_${req.session.header.xdays}`,
    });
    const signature = await openpgp.readSignature({
      armoredSignature: Buffer.from(
        req.session.header.xhash,
        "base64"
      ).toString(),
    });
    console.log(msg);
    console.log(signature);
    console.log(publicKey);
    const checkauth = await openpgp.verify({
      message: msg,
      signature: signature,
      verificationKeys: publicKey,
    });
    console.log(checkauth);
    console.log(checkauth.signatures[0].keyID);
    //console.log(await checkauth.signatures[0].signature);
    //console.log(await checkauth.signatures[0].verified);

    const { check, keyID } = checkauth.signatures[0];
    try {
      await check; // raise an error if necessary
      fs.outputFileSync(tmpfs, req.session.header.xhash, "utf8");
    } catch (e) {
      resnotauth.msg = "signaturefailed";
      console.log("not auth fail sign");
      return res.status(401).send(resnotauth);
    }
  }
  console.log("Authenticated");
  next();
};
module.exports = isAuthenticated;
in progress 2023-04-27 06:17:20 +02:00			`const fs = require("fs-extra");`
			`const dayjs = require("dayjs");`
			`const glob = require("glob");`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`const openpgp = require("openpgp");`
in progress 2023-04-27 06:17:20 +02:00
cleanup 2023-05-16 10:31:27 +02:00			const conf = require(`${process.env.dirtown}/conf.json`);
in progress 2023-04-27 06:17:20 +02:00
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`const isAuthenticated = async (req, res, next) => {`
			`// once a day rm oldest tokens than 24hours tag job by adding tmp/tokensmenagedone{day}`
in progress 2023-04-27 06:17:20 +02:00			`const currentday = dayjs().date();`
			`console.log(`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`"if menagedone" + currentday,`
cleanup 2023-05-16 10:31:27 +02:00			!fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)
in progress 2023-04-27 06:17:20 +02:00			`);`
cleanup 2023-05-16 10:31:27 +02:00			if (!fs.existsSync(`${process.env.dirtown}/tmp/tokens`))
			fs.mkdirSync(`${process.env.dirtown}/tmp/tokens`);
			if (!fs.existsSync(`${process.env.dirtown}/tmp/tokensmenagedone${currentday}`)) {
in progress 2023-04-27 06:17:20 +02:00			`// clean oldest`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`const tsday = dayjs().valueOf(); // now in timestamp format`
cleanup 2023-05-16 10:31:27 +02:00			glob.sync(`${process.env.dirtown}/tmp/tokensmenagedone*`).forEach((f) => {
in progress 2023-04-27 06:17:20 +02:00			`fs.removeSync(f);`
			`});`
cleanup 2023-05-16 10:31:27 +02:00			glob.sync(`${process.env.dirtown}/tmp/tokens/*.json`).forEach((f) => {
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`if (tsday - parseInt(f.split("_")[1]) > 86400000) fs.remove(f);`
in progress 2023-04-27 06:17:20 +02:00			`});`
			`}`
			`//Check register in tmp/tokens/`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`console.log("isAuthenticate?");`
in progress 2023-04-27 06:17:20 +02:00			`const resnotauth = {`
			`ref: "headers",`
			`msg: "notauthenticated",`
			`data: {`
			`xalias: req.session.header.xalias,`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`xaliasexists: true,`
in progress 2023-04-27 06:17:20 +02:00			`},`
			`};`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`console.log(req.session.header);`
			`if (req.session.header.xalias == "anonymous") {`
			`console.log("alias anonymous means not auth");`
			`return res.status(401).json(resnotauth);`
			`}`
in progress 2023-04-27 06:17:20 +02:00
cleanup 2023-05-16 10:31:27 +02:00			const tmpfs = `${process.env.dirtown}/tmp/tokens/${req.session.header.xalias}_${
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`req.session.header.xdays`
			}_${req.session.header.xhash.substring(20, 200)}`;
			`console.log(tmpfs);`
			`if (!fs.existsSync(tmpfs)) {`
			`// need to check detached sign`
			`let publickey;`
in progress 2023-04-27 06:17:20 +02:00			`if (`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`fs.existsSync(`
cleanup 2023-05-16 10:31:27 +02:00			`${conf.dirapi}/nationchains/pagans/itm/${req.session.header.xalias}.json`
in progress 2023-04-27 06:17:20 +02:00			`)`
			`) {`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`const pagan = fs.readJsonSync(`
cleanup 2023-05-16 10:31:27 +02:00			`${conf.dirapi}nationchains/pagans/itm/${req.session.header.xalias}.json`
in progress 2023-04-27 06:17:20 +02:00			`);`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`publickey = pagan.publicKey;`
in progress 2023-04-27 06:17:20 +02:00			`} else {`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`resnotauth.data.xaliasexists = false;`
			`if (req.body.publickey) {`
			`publickey = req.body.publickey;`
			`} else {`
			`console.log("alias unknown");`
			`return res.status(404).send(resnotauth);`
in progress 2023-04-27 06:17:20 +02:00			`}`
			`}`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`console.log(publickey);`
			`console.log(Buffer.from(req.session.header.xhash, "base64").toString());`
			`const publicKey = await openpgp.readKey({ armoredKey: publickey });`
			`const msg = await openpgp.createMessage({`
			text: `${req.session.header.xalias}_${req.session.header.xdays}`,
			`});`
			`const signature = await openpgp.readSignature({`
			`armoredSignature: Buffer.from(`
			`req.session.header.xhash,`
			`"base64"`
			`).toString(),`
			`});`
			`console.log(msg);`
			`console.log(signature);`
			`console.log(publicKey);`
			`const checkauth = await openpgp.verify({`
			`message: msg,`
			`signature: signature,`
			`verificationKeys: publicKey,`
			`});`
			`console.log(checkauth);`
			`console.log(checkauth.signatures[0].keyID);`
			`//console.log(await checkauth.signatures[0].signature);`
			`//console.log(await checkauth.signatures[0].verified);`

			`const { check, keyID } = checkauth.signatures[0];`
			`try {`
			`await check; // raise an error if necessary`
			`fs.outputFileSync(tmpfs, req.session.header.xhash, "utf8");`
			`} catch (e) {`
			`resnotauth.msg = "signaturefailed";`
			`console.log("not auth fail sign");`
			`return res.status(401).send(resnotauth);`
			`}`
in progress 2023-04-27 06:17:20 +02:00			`}`
update auth openpgp.js 2023-05-12 07:59:32 +02:00			`console.log("Authenticated");`
			`next();`
in progress 2023-04-27 06:17:20 +02:00			`};`
			`module.exports = isAuthenticated;`