Skip to content

Commit

Permalink
fix: using slashauth magic link
Browse files Browse the repository at this point in the history 
fix: returning bearer in magic link
  • Loading branch information
@Jasonvdb
Jasonvdb committed Sep 4, 2023
1 parent 135127b commit 537c6da
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 44 deletions.
39 changes: 8 additions & 31 deletions backup-server/src/authServer.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@ const { SlashAuthServer} = require('@slashtags/slashauth')
const b4a = require('b4a')
const sodium = require('sodium-universal')

const fancyUserDB = new Map(); //TODO actually make fancy

function createKeyPair (seed) {
const publicKey = b4a.allocUnsafe(sodium.crypto_sign_PUBLICKEYBYTES)
const secretKey = b4a.allocUnsafe(sodium.crypto_sign_SECRETKEYBYTES)
Expand All @@ -18,41 +16,21 @@ function createKeyPair (seed) {
}

function createToken () {
const token = b4a.allocUnsafe(sodium.crypto_sign_BYTES)
sodium.randombytes_buf(token)
const token = b4a.allocUnsafe(sodium.crypto_sign_BYTES);
sodium.randombytes_buf(token);

return token.toString('hex')
return token.toString('hex');
}

const createAuthServer = async ({port, host, seed}) => {
console.log(fancyUserDB);

const createAuthServer = async ({port, host, seed, magiclink}) => {
const keypair = createKeyPair(Buffer.from(seed, 'hex'));

console.log(`Auth server pub key: ${keypair.publicKey.toString('hex')}`);

const authz = ({ publicKey, token: sessionToken }) => {
console.log('\n**authz**')
console.log(publicKey)
console.log(sessionToken) //TODO do I need this?
console.log('****\n')

const bearerToken = createToken();

// fancyUserDB.set(sessionToken, publicKey); //User has new session
// fancySessionsDB.set(bearerToken, sessionToken); //Bearer token lookup for auth validation

fancyUserDB.set(bearerToken, publicKey); //User has new session
return {
status: 'ok',
token: bearerToken
}
}

const magiclink = ({ publicKey }) => {
const authz = ({ publicKey, token }) => {
return {
status: 'ok',
ml: 'http://localhost:8000/v0.1/users/123' //Unused for now
status: 'not-supported',
token: ''
}
}

Expand All @@ -72,5 +50,4 @@ const createAuthServer = async ({port, host, seed}) => {
}

exports.createAuthServer = createAuthServer;
exports.createSessionToken = createToken;
exports.fancyUserDB = fancyUserDB;
exports.createToken = createToken;
30 changes: 21 additions & 9 deletions backup-server/src/server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,10 @@ const Fastify = require('fastify')

const FancyStorage = require('./fancyStorage');
const { formatFileSize } = require('./helpers');
const { createAuthServer, createSessionToken, fancyUserDB } = require('./authServer');
const { createAuthServer, createToken } = require('./authServer');

let storage = new FancyStorage(); //TODO actually make fancy
const storage = new FancyStorage(); //TODO actually make fancy
const users = new Map(); // bearer -> pubkey

let labels = [
'ping',
Expand Down Expand Up @@ -54,18 +55,19 @@ fastify.route({
method: 'GET',
url: `/${version}/auth`,
handler: async (request, reply) => {
const sessionToken = createSessionToken();
const sessionToken = createToken();
const slashauthURL = authServer.formatUrl(sessionToken)
return {slashauth: slashauthURL};
}
});

const authCheckHandler = async (request, reply) => {
const bearerToken = request.headers.authorization;

if (!bearerToken || !fancyUserDB.get(bearerToken)) {
reply.code(401).send("Unauthorized");

if (!bearerToken || !users.has(bearerToken)) {
fastify.log.error("Unauthorized or missing token");
reply.code(401);
return {error: "Unauthorized"};
}
}

Expand All @@ -86,7 +88,7 @@ fastify.route({

const {label, channelId, network} = query;
const bearerToken = headers.authorization;
const pubkey = fancyUserDB.get(bearerToken);
const pubkey = users.get(bearerToken);

let key = label;
let subdir = '';
Expand Down Expand Up @@ -118,7 +120,7 @@ fastify.route({

const {label, channelId, network} = query;
const bearerToken = headers.authorization;
const pubkey = fancyUserDB.get(bearerToken);
const pubkey = users.get(bearerToken);

let key = label;
let subdir = '';
Expand Down Expand Up @@ -175,8 +177,18 @@ fastify.route({
});

module.exports = async ({host, port, authPort, seed}) => {
const magiclink = (publicKey) => {
const bearer = createToken();
users.set(bearer, publicKey);

return {
status: 'ok',
bearer,
}
}

try {
authServer = await createAuthServer({host, port: authPort, seed});
authServer = await createAuthServer({host, port: authPort, seed, magiclink});
await fastify.listen({ port, host });
} catch (err) {
fastify.log.error(err);
Expand Down
18 changes: 15 additions & 3 deletions backup-server/test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,27 @@ const getBearerAuthToken = async ({backupServer, seed}) => {
// use authServer's publicKey for pinning
const client = new SlashAuthClient({ keypair })

const {status, token} = await client.authz(slashauthURL)
// const {status, token} = await client.authz(slashauthURL)
const { status, bearer } = await client.magiclink(slashauthURL);

if (status !== 'ok') {
throw new Error('Authz failed')
}

console.log(`token: ${token}`);
// console.log(`ml: ${ml}`);
//
// //Post to ml link and get token
// const mlRes = await fetch(ml, {
// method: 'POST'
// });
// const mlBody = await mlRes.json();
// console.log(mlBody);
//
// const {bearer} = mlBody;

return token;
console.log("Using bearer token: " + bearer);

return bearer;
}

const testBackup = async (bearerToken) => {
Expand Down
2 changes: 1 addition & 1 deletion example/yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1428,7 +1428,7 @@
"@sinonjs/commons" "^1.7.0"

"@synonymdev/react-native-ldk@../lib":
version "0.0.103"
version "0.0.104"
dependencies:
bitcoinjs-lib "^6.0.2"

Expand Down

0 comments on commit 537c6da

Please sign in to comment.