dylan.derr/Send
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implemented FxA

Browse source
This commit is contained in:
Danny Coates 2018-08-07 15:40:17 -07:00
parent 70bc2b7656
commit 718d74fa50
No known key found for this signature in database
GPG key ID: 4C442633C62E00CB
40 changed files with 1306 additions and 651 deletions
Download patch file Download diff file Expand all files Collapse all files

92
server/middleware/auth.js
View file

@ -1,38 +1,70 @@
const crypto = require('crypto');
const storage = require('../storage');
const fxa = require('../routes/fxa');
module.exports = async function(req, res, next) {
const id = req.params.id;
if (id && req.header('Authorization')) {
try {
const auth = req.header('Authorization').split(' ')[1];
const meta = await storage.metadata(id);
if (!meta) {
return res.sendStatus(404);
}
const hmac = crypto.createHmac(
'sha256',
Buffer.from(meta.auth, 'base64')
);
hmac.update(Buffer.from(meta.nonce, 'base64'));
const verifyHash = hmac.digest();
if (verifyHash.equals(Buffer.from(auth, 'base64'))) {
req.nonce = crypto.randomBytes(16).toString('base64');
storage.setField(id, 'nonce', req.nonce);
res.set('WWW-Authenticate', `send-v1 ${req.nonce}`);
req.authorized = true;
req.meta = meta;
} else {
res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
module.exports = {
hmac: async function(req, res, next) {
const id = req.params.id;
const authHeader = req.header('Authorization');
if (id && authHeader) {
try {
const auth = req.header('Authorization').split(' ')[1];
const meta = await storage.metadata(id);
if (!meta) {
return res.sendStatus(404);
}
const hmac = crypto.createHmac(
'sha256',
Buffer.from(meta.auth, 'base64')
);
hmac.update(Buffer.from(meta.nonce, 'base64'));
const verifyHash = hmac.digest();
if (verifyHash.equals(Buffer.from(auth, 'base64'))) {
req.nonce = crypto.randomBytes(16).toString('base64');
storage.setField(id, 'nonce', req.nonce);
res.set('WWW-Authenticate', `send-v1 ${req.nonce}`);
req.authorized = true;
req.meta = meta;
} else {
res.set('WWW-Authenticate', `send-v1 ${meta.nonce}`);
req.authorized = false;
}
} catch (e) {
req.authorized = false;
}
} catch (e) {
req.authorized = false;
}
}
if (req.authorized) {
next();
} else {
res.sendStatus(401);
if (req.authorized) {
next();
} else {
res.sendStatus(401);
}
},
owner: async function(req, res, next) {
const id = req.params.id;
const ownerToken = req.body.owner_token;
if (id && ownerToken) {
try {
req.meta = await storage.metadata(id);
if (!req.meta) {
return res.sendStatus(404);
}
req.authorized = req.meta.owner === ownerToken;
} catch (e) {
req.authorized = false;
}
}
if (req.authorized) {
next();
} else {
res.sendStatus(401);
}
},
fxa: async function(req, res, next) {
const authHeader = req.header('Authorization');
if (authHeader && /^Bearer\s/i.test(authHeader)) {
const token = authHeader.split(' ')[1];
req.user = await fxa.verify(token);
}
return next();
}
};

22
server/middleware/owner.js
View file

@ -1,22 +0,0 @@
const storage = require('../storage');
module.exports = async function(req, res, next) {
const id = req.params.id;
const ownerToken = req.body.owner_token;
if (id && ownerToken) {
try {
req.meta = await storage.metadata(id);
if (!req.meta) {
return res.sendStatus(404);
}
req.authorized = req.meta.owner === ownerToken;
} catch (e) {
req.authorized = false;
}
}
if (req.authorized) {
next();
} else {
res.sendStatus(401);
}
};