lukechilds
/
sphinx-relay
mirror of https://github.com/lukechilds/sphinx-relay.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #15 from stakwork/use-password 

Use password
feature/dockerfile-arm
Evan Feenstra 5 years ago
committed by GitHub
parent
f43919aee0 85430c125c
commit
e723b557b7
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 44 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 19
      api/controllers/contacts.ts
  2. 6
      api/utils/password.ts
  3. 5
      api/utils/setup.ts
  4. 18
      dist/api/controllers/contacts.js
  5. 2
      dist/api/controllers/contacts.js.map
  6. 6
      dist/api/utils/password.js
  7. 1
      dist/api/utils/password.js.map
  8. 5
      dist/api/utils/setup.js
  9. 2
      dist/api/utils/setup.js.map
  10. 2
      package.json

19
api/controllers/contacts.ts
View File

@ -4,6 +4,7 @@ import * as socket from '../utils/socket'
import * as helpers from '../helpers'
import * as jsonUtils from '../utils/json'
import {success, failure} from '../utils/res'
import password from '../utils/password'
const constants = require(__dirname + '/../../config/constants.json')
@ -39,6 +40,16 @@ const generateToken = async (req, res) => {
const owner = await models.Contact.findOne({ where: { isOwner: true, authToken: null }})
const pwd = password
if(process.env.USE_PASSWORD==='true'){
if(pwd!==req.query.pwd) {
failure(res, 'Wrong Password')
return
} else {
console.log("PASSWORD ACCEPTED!")
}
}
if (owner) {
const hash = crypto.createHash('sha256').update(req.body['token']).digest('base64');
@ -61,14 +72,6 @@ const updateContact = async (req, res) => {
const contact = await models.Contact.findOne({ where: { id: req.params.id }})
let shouldUpdateContactKey = (contact.isOwner && contact.contactKey == null && attrs["contact_key"] != null)
const pwd = process.env.NODE_PASSWORD || ''
if(pwd){ // if NODE_PASSWORD set, needs to set submitted
if(pwd!==req.params['pwd']) {
failure(res, 'Wrong Password')
return
}
}
const owner = await contact.update(jsonUtils.jsonToContact(attrs))
success(res, jsonUtils.contactToJson(owner))

6
api/utils/password.ts
View File

@ -0,0 +1,6 @@
import * as crypto from 'crypto'
const password = crypto.randomBytes(16).toString('hex');
export default password

5
api/utils/setup.ts
View File

@ -3,6 +3,7 @@ import {sequelize, models} from '../models'
import { exec } from 'child_process'
import * as QRCode from 'qrcode'
import * as publicIp from 'public-ip'
import password from '../utils/password'
const USER_VERSION = 1
@ -98,8 +99,8 @@ async function printQR(){
}
if(!public_ip) return
const pwd = process.env.NODE_PASSWORD || ''
console.log('pass:',pwd)
const pwd = password||''
console.log('use password?',process.env.USE_PASSWORD)
const b64 = Buffer.from(`ip:${public_ip}:${pwd}`).toString('base64')
console.log('=>', b64)

18
dist/api/controllers/contacts.js
View File

@ -15,6 +15,7 @@ const socket = require("../utils/socket");
const helpers = require("../helpers");
const jsonUtils = require("../utils/json");
const res_1 = require("../utils/res");
const password_1 = require("../utils/password");
const constants = require(__dirname + '/../../config/constants.json');
const getContacts = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
const contacts = yield models_1.models.Contact.findAll({ where: { deleted: false }, raw: true });
@ -41,6 +42,16 @@ exports.getContacts = getContacts;
const generateToken = (req, res) => __awaiter(void 0, void 0, void 0, function* () {
console.log('=> generateToken called', { body: req.body, params: req.params, query: req.query });
const owner = yield models_1.models.Contact.findOne({ where: { isOwner: true, authToken: null } });
const pwd = password_1.default;
if (process.env.USE_PASSWORD === 'true') {
if (pwd !== req.query.pwd) {
res_1.failure(res, 'Wrong Password');
return;
}
else {
console.log("PASSWORD ACCEPTED!");
}
}
if (owner) {
const hash = crypto.createHash('sha256').update(req.body['token']).digest('base64');
console.log("req.params['token']", req.params['token']);
@ -58,13 +69,6 @@ const updateContact = (req, res) => __awaiter(void 0, void 0, void 0, function*
let attrs = extractAttrs(req.body);
const contact = yield models_1.models.Contact.findOne({ where: { id: req.params.id } });
let shouldUpdateContactKey = (contact.isOwner && contact.contactKey == null && attrs["contact_key"] != null);
const pwd = process.env.NODE_PASSWORD || '';
if (pwd) { // if NODE_PASSWORD set, needs to set submitted
if (pwd !== req.params['pwd']) {
res_1.failure(res, 'Wrong Password');
return;
}
}
const owner = yield contact.update(jsonUtils.jsonToContact(attrs));
res_1.success(res, jsonUtils.contactToJson(owner));
if (!shouldUpdateContactKey)

2
dist/api/controllers/contacts.js.map
View File

File diff suppressed because one or more lines are too long

6
dist/api/utils/password.js
View File

@ -0,0 +1,6 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const crypto = require("crypto");
const password = crypto.randomBytes(16).toString('hex');
exports.default = password;
//# sourceMappingURL=password.js.map

1
dist/api/utils/password.js.map
View File

@ -0,0 +1 @@
{"version":3,"file":"password.js","sourceRoot":"","sources":["../../../api/utils/password.ts"],"names":[],"mappings":";;AACA,iCAAgC;AAEhC,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAExD,kBAAe,QAAQ,CAAA"}

5
dist/api/utils/setup.js
View File

@ -14,6 +14,7 @@ const models_1 = require("../models");
const child_process_1 = require("child_process");
const QRCode = require("qrcode");
const publicIp = require("public-ip");
const password_1 = require("../utils/password");
const USER_VERSION = 1;
const setupDatabase = () => __awaiter(void 0, void 0, void 0, function* () {
console.log('=> [db] starting setup...');
@ -112,8 +113,8 @@ function printQR() {
}
if (!public_ip)
return;
const pwd = process.env.NODE_PASSWORD || '';
console.log('pass:', pwd);
const pwd = password_1.default || '';
console.log('use password?', process.env.USE_PASSWORD);
const b64 = Buffer.from(`ip:${public_ip}:${pwd}`).toString('base64');
console.log('=>', b64);
console.log('Scan this QR in Sphinx app:');

2
dist/api/utils/setup.js.map
View File

@ -1 +1 @@
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../../api/utils/setup.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,2CAA2C;AAC3C,sCAA2C;AAC3C,iDAAoC;AACpC,iCAAgC;AAChC,sCAAqC;AAErC,MAAM,YAAY,GAAG,CAAC,CAAA;AAEtB,MAAM,aAAa,GAAG,GAAS,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;IACxC,MAAM,UAAU,EAAE,CAAA;IAClB,IAAI;QACF,MAAM,kBAAS,CAAC,IAAI,EAAE,CAAA;QACtB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAA;KACpC;IAAC,OAAM,CAAC,EAAE;QACT,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAC,CAAC,CAAC,CAAA;KAChC;IACD,MAAM,OAAO,EAAE,CAAA;IACf,iBAAiB,EAAE,CAAA;IACnB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACnC,CAAC,CAAA,CAAA;AAgEQ,sCAAa;AA9DtB,SAAe,UAAU;;QACvB,IAAI;YACF,MAAM,kBAAS,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAA;SAC/D;QAAC,OAAM,CAAC,EAAE;YACT,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAC,CAAC,CAAC,CAAA;SACtC;IACH,CAAC;CAAA;AAED,SAAe,OAAO;;QACpB,IAAI;YACF,MAAM,kBAAS,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAA;SACrE;QAAC,OAAM,CAAC,EAAE;YACT,oCAAoC;SACrC;IACH,CAAC;CAAA;AAED,MAAM,iBAAiB,GAAG,GAAS,EAAE;IACnC,MAAM,KAAK,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAC,CAAC,CAAA;IACvE,IAAI,CAAC,KAAK,EAAE;QACV,MAAM,SAAS,GAAG,MAAM,yBAAa,EAAE,CAAA;QACvC,SAAS,CAAC,OAAO,CAAC,EAAE,EAAE,CAAO,GAAG,EAAE,IAAI,EAAE,EAAE;YACxC,IAAI,GAAG,EAAE;gBACP,OAAO,CAAC,GAAG,CAAC,mDAAmD,EAAE,GAAG,CAAC,CAAA;aACtE;iBAAM;gBACL,IAAI;oBACF,MAAM,GAAG,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAC,CAAC,CAAA;oBAC7D,IAAG,CAAC,GAAG,EAAC;wBACN,MAAM,OAAO,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,MAAM,CAAC;4BAC1C,EAAE,EAAE,CAAC;4BACL,SAAS,EAAE,IAAI,CAAC,eAAe;4BAC/B,OAAO,EAAE,IAAI;4BACb,SAAS,EAAE,IAAI;yBAChB,CAAC,CAAA;wBACF,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,OAAO,CAAC,EAAE,CAAC,CAAA;qBAChE;iBACF;gBAAC,OAAM,KAAK,EAAE;oBACb,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAA;iBACxD;aACF;QACH,CAAC,CAAA,CAAC,CAAA;KACH;AACH,CAAC,CAAA,CAAA;AAqBuB,8CAAiB;AAnBzC,MAAM,aAAa,GAAG,GAAS,EAAE;IAC/B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACpC,MAAM,OAAO,GAAQ,oBAAI,CAAC,wCAAwC,EAChE,EAAC,GAAG,EAAE,OAAO,CAAC,GAAG,EAAC,EAClB,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;YACtB,IAAI,GAAG,EAAE;gBACP,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;iBAAM;gBACL,OAAO,EAAE,CAAC;aACX;QACH,CAAC,CACF,CAAC;QAEF,wCAAwC;QACxC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACpC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC,CAAA,CAAA;AAE0C,sCAAa;AAExD,SAAe,OAAO;;QACpB,MAAM,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAA;QAC9B,IAAI,SAAS,CAAA;QACb,IAAG,CAAC,EAAE,EAAE;YACN,IAAI;gBACF,SAAS,GAAG,MAAM,QAAQ,CAAC,EAAE,EAAE,CAAA;aAChC;YAAC,OAAM,CAAC,EAAC;gBACR,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;aACf;SACF;aAAM;YACL,SAAS,GAAG,EAAE,CAAA;SACf;QACD,IAAG,CAAC,SAAS;YAAE,OAAM;QAErB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAA;QAC3C,OAAO,CAAC,GAAG,CAAC,OAAO,EAAC,GAAG,CAAC,CAAA;QAExB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,SAAS,IAAI,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACpE,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACtB,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAA;QAC1C,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAC,EAAC,IAAI,EAAC,UAAU,EAAC,EAAE,UAAU,GAAG,EAAE,GAAG;YACvD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAClB,CAAC,CAAC,CAAA;IACJ,CAAC;CAAA;AAzByD,0BAAO"}
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../../api/utils/setup.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,2CAA2C;AAC3C,sCAA2C;AAC3C,iDAAoC;AACpC,iCAAgC;AAChC,sCAAqC;AACrC,gDAAwC;AAExC,MAAM,YAAY,GAAG,CAAC,CAAA;AAEtB,MAAM,aAAa,GAAG,GAAS,EAAE;IAC/B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;IACxC,MAAM,UAAU,EAAE,CAAA;IAClB,IAAI;QACF,MAAM,kBAAS,CAAC,IAAI,EAAE,CAAA;QACtB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAA;KACpC;IAAC,OAAM,CAAC,EAAE;QACT,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAC,CAAC,CAAC,CAAA;KAChC;IACD,MAAM,OAAO,EAAE,CAAA;IACf,iBAAiB,EAAE,CAAA;IACnB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACnC,CAAC,CAAA,CAAA;AAgEQ,sCAAa;AA9DtB,SAAe,UAAU;;QACvB,IAAI;YACF,MAAM,kBAAS,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAA;SAC/D;QAAC,OAAM,CAAC,EAAE;YACT,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAC,CAAC,CAAC,CAAA;SACtC;IACH,CAAC;CAAA;AAED,SAAe,OAAO;;QACpB,IAAI;YACF,MAAM,kBAAS,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAA;SACrE;QAAC,OAAM,CAAC,EAAE;YACT,oCAAoC;SACrC;IACH,CAAC;CAAA;AAED,MAAM,iBAAiB,GAAG,GAAS,EAAE;IACnC,MAAM,KAAK,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAC,CAAC,CAAA;IACvE,IAAI,CAAC,KAAK,EAAE;QACV,MAAM,SAAS,GAAG,MAAM,yBAAa,EAAE,CAAA;QACvC,SAAS,CAAC,OAAO,CAAC,EAAE,EAAE,CAAO,GAAG,EAAE,IAAI,EAAE,EAAE;YACxC,IAAI,GAAG,EAAE;gBACP,OAAO,CAAC,GAAG,CAAC,mDAAmD,EAAE,GAAG,CAAC,CAAA;aACtE;iBAAM;gBACL,IAAI;oBACF,MAAM,GAAG,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,EAAC,CAAC,CAAA;oBAC7D,IAAG,CAAC,GAAG,EAAC;wBACN,MAAM,OAAO,GAAG,MAAM,eAAM,CAAC,OAAO,CAAC,MAAM,CAAC;4BAC1C,EAAE,EAAE,CAAC;4BACL,SAAS,EAAE,IAAI,CAAC,eAAe;4BAC/B,OAAO,EAAE,IAAI;4BACb,SAAS,EAAE,IAAI;yBAChB,CAAC,CAAA;wBACF,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,OAAO,CAAC,EAAE,CAAC,CAAA;qBAChE;iBACF;gBAAC,OAAM,KAAK,EAAE;oBACb,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAA;iBACxD;aACF;QACH,CAAC,CAAA,CAAC,CAAA;KACH;AACH,CAAC,CAAA,CAAA;AAqBuB,8CAAiB;AAnBzC,MAAM,aAAa,GAAG,GAAS,EAAE;IAC/B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACpC,MAAM,OAAO,GAAQ,oBAAI,CAAC,wCAAwC,EAChE,EAAC,GAAG,EAAE,OAAO,CAAC,GAAG,EAAC,EAClB,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;YACtB,IAAI,GAAG,EAAE;gBACP,MAAM,CAAC,GAAG,CAAC,CAAC;aACb;iBAAM;gBACL,OAAO,EAAE,CAAC;aACX;QACH,CAAC,CACF,CAAC;QAEF,wCAAwC;QACxC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACpC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC,CAAA,CAAA;AAE0C,sCAAa;AAExD,SAAe,OAAO;;QACpB,MAAM,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAA;QAC9B,IAAI,SAAS,CAAA;QACb,IAAG,CAAC,EAAE,EAAE;YACN,IAAI;gBACF,SAAS,GAAG,MAAM,QAAQ,CAAC,EAAE,EAAE,CAAA;aAChC;YAAC,OAAM,CAAC,EAAC;gBACR,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;aACf;SACF;aAAM;YACL,SAAS,GAAG,EAAE,CAAA;SACf;QACD,IAAG,CAAC,SAAS;YAAE,OAAM;QAErB,MAAM,GAAG,GAAG,kBAAQ,IAAE,EAAE,CAAA;QACxB,OAAO,CAAC,GAAG,CAAC,eAAe,EAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QAErD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,SAAS,IAAI,GAAG,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACpE,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QACtB,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAA;QAC1C,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAC,EAAC,IAAI,EAAC,UAAU,EAAC,EAAE,UAAU,GAAG,EAAE,GAAG;YACvD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAClB,CAAC,CAAC,CAAA;IACJ,CAAC;CAAA;AAzByD,0BAAO"}

2
package.json
View File

@ -8,7 +8,7 @@
"build": "webpack --config webpack.config.js",
"frontend": "webpack-dev-server --entry ./frontend.jsx",
"start-ts": "ts-node ./app.ts",
"start": "ts-node ./app.ts",
"start": "USE_PASSWORD=true ts-node ./app.ts",
"start-hosting": "HOSTING_PROVIDER=true ts-node ./app.ts",
"prod": "cp config/app.json dist/config/app.json && cp config/config.json dist/config/config.json && env NODE_ENV=production node dist/app.js",
"tsc": "rm -rf dist/ && tsc && cp -r public dist/public",

Write Preview
Loading…
Cancel
Save