lukechilds
/
sphinx-relay
mirror of https://github.com/lukechilds/sphinx-relay.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
954 Commits
13 Branches
92 Tags
6.1 MiB
 
 
 
Tree: 14ce9f13fe
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '14ce9f13fe'
${ noResults }
sphinx-relay/dist/src/auth.js

136 lines
5.0 KiB
Raw Blame History

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
const crypto = require("crypto");
const models_1 = require("./models");
const cryptoJS = require("crypto-js");
const path = require("path");
const res_1 = require("./utils/res");
const macaroon_1 = require("./utils/macaroon");
const fs = require('fs');
const env = process.env.NODE_ENV || 'development';
const config = require(path.join(__dirname, '../config/app.json'))[env];
/*
"unlock": true,
"encrypted_macaroon_path": "/relay/.lnd/admin.macaroon.enc"
*/
function unlocker(req, res) {
return __awaiter(this, void 0, void 0, function* () {
const { password } = req.body;
if (!password) {
res_1.failure(res, 'no password');
return false;
}
const encMacPath = config.encrypted_macaroon_path;
if (!encMacPath) {
res_1.failure(res, 'no macaroon path');
return false;
}
let hexMac;
try {
var encMac = fs.readFileSync(config.encrypted_macaroon_path);
if (!encMac) {
res_1.failure(res, 'no macaroon');
return false;
}
console.log("PWD", password, typeof password);
console.log("ENCMAC", encMac, typeof encMac);
const decMac = decryptMacaroon(password, encMac);
if (!decMac) {
res_1.failure(res, 'failed to decrypt macaroon');
return false;
}
hexMac = base64ToHex(decMac);
}
catch (e) {
res_1.failure(res, e);
return false;
}
if (hexMac) {
macaroon_1.setInMemoryMacaroon(hexMac);
res_1.success(res, 'success!');
return true;
}
else {
res_1.failure(res, 'failed to set macaroon in memory');
return false;
}
});
}
exports.unlocker = unlocker;
function authModule(req, res, next) {
return __awaiter(this, void 0, void 0, function* () {
if (req.path == '/app' ||
req.path == '/' ||
req.path == '/unlock' ||
req.path == '/info' ||
req.path == '/action' ||
req.path == '/contacts/tokens' ||
req.path == '/latest' ||
req.path.startsWith('/static') ||
req.path == '/contacts/set_dev') {
next();
return;
}
if (process.env.HOSTING_PROVIDER === 'true') {
// const domain = process.env.INVITE_SERVER
const host = req.headers.origin;
console.log('=> host:', host);
const referer = req.headers.referer;
console.log('=> referer:', referer);
if (req.path === '/invoices') {
next();
return;
}
}
const token = req.headers['x-user-token'] || req.cookies['x-user-token'];
if (token == null) {
res.writeHead(401, 'Access invalid for user', { 'Content-Type': 'text/plain' });
res.end('Invalid credentials');
}
else {
const user = yield models_1.models.Contact.findOne({ where: { isOwner: true } });
const hashedToken = crypto.createHash('sha256').update(token).digest('base64');
if (user.authToken == null || user.authToken != hashedToken) {
res.writeHead(401, 'Access invalid for user', { 'Content-Type': 'text/plain' });
res.end('Invalid credentials');
}
else {
next();
}
}
});
}
exports.authModule = authModule;
function decryptMacaroon(password, macaroon) {
try {
const decrypted = cryptoJS.AES.decrypt(macaroon || '', password).toString(cryptoJS.enc.Base64);
const decryptResult = atob(decrypted);
return decryptResult;
}
catch (e) {
console.error('cipher mismatch, macaroon decryption failed');
console.error(e);
return '';
}
}
function base64ToHex(str) {
const raw = atob(str);
let result = '';
for (let i = 0; i < raw.length; i++) {
const hex = raw.charCodeAt(i).toString(16);
result += (hex.length === 2 ? hex : '0' + hex);
}
return result.toUpperCase();
}
exports.base64ToHex = base64ToHex;
const atob = a => Buffer.from(a, 'base64').toString('binary');
//# sourceMappingURL=auth.js.map