Added server token verification

2024-10-27 20:34:03 +00:00 · 2021-04-10 17:12:21 +00:00 · 2021-04-10 17:12:21 +00:00 · 377cc81093
commit 377cc81093
parent 9e4164632c
5 changed files with 835 additions and 832 deletions
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/src/app/configs/app.config.ts
+++ b/src/app/configs/app.config.ts
@ -4,6 +4,7 @@ import * as fs from "fs"
 export default {
    name: env('APP_NAME', 'Extollo'),
    defaultTime: env('DEFAULT_TIME', 1.21e+9),
    api_server_header: env('API_SERVER_HEADER', 'X-Server-Token'),
    gpg: {
       key: {
--- a/src/app/http/controllers/api/Blockchain.controller.ts
+++ b/src/app/http/controllers/api/Blockchain.controller.ts
@ -2,7 +2,7 @@ import {Controller, Config} from "@extollo/lib"
 import {Injectable, Inject} from "@extollo/di"
 import {TransactionResource, TransactionResourceItem} from "../../../rtdb/TransactionResource"
 import {Iterable, many, one} from "@extollo/util"
-import {Block, Blockchain as BlockchainService} from "../../../units/Blockchain"
+import {Block, Blockchain as BlockchainService, Peer} from "../../../units/Blockchain"
 import {ExposureResource, ExposureResourceItem} from "../../../rtdb/ExposureResource";
 import {FirebaseUnit} from "../../../units/FirebaseUnit"
 import { BlockResource, BlockResourceItem } from "../../../rtdb/BlockResource"
@ -101,4 +101,16 @@ export class Blockchain extends Controller {
        let blocks = (Object.values(snapshot.val()) as BlockResourceItem[]).filter((item: BlockResourceItem) => item.seqID !== 0)
        return many(blocks)
    }
    public async peer() {
        const url = this.request.input('host')
        const name = this.request.input('name')
        const peer: Peer = {
            host: String(url)
            } 
        if (name) {
            peer.name = String(name)
        }
        await this.blockchain.registerPeer(peer)
    }
 }
--- a/src/app/http/middlewares/api/ServerGPGTokenVerify.middleware.ts
+++ b/src/app/http/middlewares/api/ServerGPGTokenVerify.middleware.ts
@ -0,0 +1,54 @@
 import {Middleware, Config, error} from "@extollo/lib"
 import {Injectable, Inject} from "@extollo/di"
 import { HTTPStatus } from "@extollo/util"
 import * as openpgp from "openpgp"
 /**
 * serverGPGTokenVerify Middleware
 * --------------------------------------------
 * Put some description here.
 */
@Injectable()
 export class ServerGPGTokenVerify extends Middleware {
    @Inject()
    protected readonly config!: Config
    public async apply() {
        const header = this.config.get('app.api_server_header')
        let value = this.request.getHeader(header)
        // if nothing, fail
        if (!value) {
            return this.fail()
        }
        // if single string
        if (typeof(value) === 'string') {
            this.verifyToken(value)
            return
        } else { // else an array of strings
            for (const item of value) {
                if (await this.verifyToken(item)) {
                    return
                }
            }
        }
    }
    public fail() {
        return error("Unauthorized", HTTPStatus.FORBIDDEN)
    }
    public async verifyToken(message: string) {
        const publicKey = this.config.get("app.gpg.key.public")
        const result = await openpgp.verify({
            publicKeys: await openpgp.readKey({
                armoredKey: publicKey,
            }),
            message: await openpgp.readMessage({
                armoredMessage: message,
            }),
        })
        return !!(await result.signatures?.[0]?.verified)
    }
 }
--- a/src/app/http/routes/app.routes.ts
+++ b/src/app/http/routes/app.routes.ts
@ -12,6 +12,8 @@ Route.group('/api/v1', () => {
    Route.post('/validate', 'api:Blockchain.validate')
        .pre('DebugOnly')
    Route.post('/peer', 'api:Blockchain.peer')
    Route.get('/chain', 'api:Blockchain.readBlockchain')
    Route.get('/check', 'api:Blockchain.check')