v12.0.0 - initial commit

packages/server/lib/middlewares/addRWBytes.js

@@ -0,0 +1,15 @@
+const addRWBytes = () => (req, res, next) => {
+  const handle = () => {
+    res.removeListener('finish', handle)
+    res.removeListener('close', handle)
+    res.bytesRead = req.connection.bytesRead
+    res.bytesWritten = req.connection.bytesWritten
+  }
+
+  res.on('finish', handle)
+  res.on('close', handle)
+
+  next()
+}
+
+module.exports = addRWBytes

packages/server/lib/middlewares/authorize.js

@@ -0,0 +1,21 @@
+const { getPairedMachineName } = require('../machine-loader')
+const logger = require('../logger')
+
+const authorize = function (req, res, next) {
+  return getPairedMachineName(req.deviceId)
+    .then(deviceName => {
+      if (deviceName) {
+        req.deviceName = deviceName
+        return next()
+      }
+
+      logger.error(`Device ${req.deviceId} not found`)
+      return res.status(403).json({ error: 'Forbidden' })
+    })
+    .catch(error => {
+      logger.error(error)
+      return next()
+    })
+}
+
+module.exports = authorize

packages/server/lib/middlewares/ca.js

@@ -0,0 +1,16 @@
+const pairing = require('../pairing')
+const logger = require('../logger')
+
+function ca(req, res) {
+  const token = req.query.token
+
+  return pairing
+    .authorizeCaDownload(token)
+    .then(ca => res.json({ ca }))
+    .catch(error => {
+      logger.error(error.message)
+      return res.status(403).json({ error: 'forbidden' })
+    })
+}
+
+module.exports = ca

packages/server/lib/middlewares/errorHandler.js

@@ -0,0 +1,14 @@
+const logger = require('../logger')
+
+function errorHandler(err, req, res, next) {
+  const statusCode = err.name === 'HTTPError' ? err.code || 500 : 500
+
+  const json = { error: err.message }
+
+  if (statusCode >= 400) logger.error(err)
+
+  res.status(statusCode).json(json)
+  next(err)
+}
+
+module.exports = errorHandler

packages/server/lib/middlewares/filterOldRequests.js

@@ -0,0 +1,31 @@
+const state = require('./state')
+const logger = require('../logger')
+
+const CLOCK_SKEW = 60 * 1000
+const REQUEST_TTL = 3 * 60 * 1000
+const THROTTLE_CLOCK_SKEW = 60 * 1000
+
+function filterOldRequests(req, res, next) {
+  const deviceTime = req.deviceTime
+  const deviceId = req.deviceId
+  const timestamp = Date.now()
+  const delta = timestamp - Date.parse(deviceTime)
+
+  const shouldTrigger =
+    !state.canLogClockSkewMap[deviceId] ||
+    timestamp - state.canLogClockSkewMap[deviceId] >= THROTTLE_CLOCK_SKEW
+
+  if (delta > CLOCK_SKEW && shouldTrigger) {
+    state.canLogClockSkewMap[deviceId] = timestamp
+    logger.error(
+      'Clock skew with lamassu-machine[%s] too high [%ss], adjust lamassu-machine clock',
+      req.deviceName,
+      (delta / 1000).toFixed(2),
+    )
+  }
+
+  if (delta > REQUEST_TTL) return res.status(408).json({ error: 'stale' })
+  next()
+}
+
+module.exports = filterOldRequests

packages/server/lib/middlewares/operatorId.js

@@ -0,0 +1,15 @@
+const { getOperatorId } = require('../operator')
+
+function findOperatorId(req, res, next) {
+  return getOperatorId('middleware')
+    .then(operatorId => {
+      res.locals.operatorId = operatorId
+      return next()
+    })
+    .catch(e => {
+      console.error('Error while computing operator id\n' + e)
+      next(e)
+    })
+}
+
+module.exports = findOperatorId

packages/server/lib/middlewares/populateDeviceId.js

@@ -0,0 +1,29 @@
+const crypto = require('crypto')
+
+//const IS_STRESS_TESTING = process.env.LAMASSU_STRESS_TESTING === 'YES'
+
+function sha256(buf) {
+  if (!buf) return null
+  const hash = crypto.createHash('sha256')
+
+  hash.update(buf)
+  return hash.digest('hex').toString('hex')
+}
+
+const populateDeviceId = function (req, res, next) {
+  const peerCert = req.socket.getPeerCertificate
+    ? req.socket.getPeerCertificate()
+    : null
+  let deviceId = peerCert?.raw ? sha256(peerCert.raw) : null
+
+  //if (!deviceId && IS_STRESS_TESTING) deviceId = req.headers.device_id
+
+  if (!deviceId)
+    return res.status(500).json({ error: 'Unable to find certificate' })
+  req.deviceId = deviceId
+  req.deviceTime = req.get('date')
+
+  next()
+}
+
+module.exports = populateDeviceId

packages/server/lib/middlewares/populateMachineSettings.js

@@ -0,0 +1,25 @@
+const machineSettings = require('../machine-settings')
+
+const getMachineVersion = machineVersion => {
+  if (!machineVersion) return null
+  machineVersion = parseInt(machineVersion, 10)
+  return isNaN(machineVersion) ? null : machineVersion
+}
+
+const populateMachineSettings = (req, res, next) => {
+  const deviceId = req.deviceId
+  const machineVersion = getMachineVersion(req.headers['settings-version'])
+  machineSettings
+    .getOrUpdate(deviceId, machineVersion)
+    .then(settings => {
+      if (!settings)
+        return next(
+          new Error(`No cached settings found for machine ${deviceId}`),
+        )
+      req.machineSettings = settings
+      next()
+    })
+    .catch(err => next(err))
+}
+
+module.exports = populateMachineSettings

packages/server/lib/middlewares/populateSettings.js

@@ -0,0 +1,89 @@
+const db = require('../db')
+const state = require('./state')
+const newSettingsLoader = require('../new-settings-loader')
+const logger = require('../logger')
+
+db.connect({ direct: true })
+  .then(sco => {
+    sco.client.on('notification', () => reloadCache())
+    return sco.none('LISTEN reload')
+  })
+  .catch(console.error)
+
+db.connect({ direct: true })
+  .then(sco => {
+    sco.client.on('notification', data => {
+      const parsedData = JSON.parse(data.payload)
+      return machineAction(parsedData.action, parsedData.value)
+    })
+    return sco.none('LISTEN machineAction')
+  })
+  .catch(console.error)
+
+function machineAction(type, value) {
+  const deviceId = value.deviceId
+  const pid = state.pids?.[deviceId]?.pid
+
+  switch (type) {
+    case 'reboot':
+      logger.debug(`Rebooting machine '${deviceId}'`)
+      state.reboots[deviceId] = pid
+      break
+    case 'shutdown':
+      logger.debug(`Shutting down machine '${deviceId}'`)
+      state.shutdowns[deviceId] = pid
+      break
+    case 'restartServices':
+      logger.debug(`Restarting services of machine '${deviceId}'`)
+      state.restartServicesMap[deviceId] = pid
+      break
+    case 'emptyUnit':
+      logger.debug(`Emptying units from machine '${deviceId}'`)
+      state.emptyUnit[deviceId] = pid
+      break
+    case 'refillUnit':
+      logger.debug(`Refilling recyclers from machine '${deviceId}'`)
+      state.refillUnit[deviceId] = pid
+      break
+    case 'diagnostics':
+      logger.debug(`Running diagnostics on machine '${deviceId}'`)
+      state.diagnostics[deviceId] = pid
+      break
+    default:
+      break
+  }
+}
+
+const updateCache = (versionId, settings) => {
+  const { settingsCache } = state
+  settingsCache.set(settings.version, settings)
+  if (!versionId) settingsCache.set('latest', settings)
+  return settings
+}
+
+const reloadCache = async versionId => {
+  const settings = await newSettingsLoader.load(versionId)
+  return updateCache(versionId, settings)
+}
+
+const getOrUpdateCached = async versionId =>
+  state.settingsCache.get(versionId || 'latest') ||
+  (await reloadCache(versionId))
+
+const populateSettings = function (req, res, next) {
+  const versionId = req.headers['config-version']
+
+  // Priority of configs to retrieve
+  // 1. Machine is in the middle of a transaction and has the config-version header set, fetch that config from cache or database, depending on whether it exists in cache
+  // 2. The operator settings changed, so we must update the cache
+  // 3. There's a cached config, send the cached value
+  // 4. There's no cached config, cache and send the latest config
+  getOrUpdateCached(versionId)
+    .then(settings => {
+      req.settings = settings
+      next()
+    })
+    .catch(next)
+}
+
+module.exports = populateSettings

packages/server/lib/middlewares/recordPing.js

@@ -0,0 +1,14 @@
+const { enqueueRecordPing } = require('../machine-loader')
+
+const record = (req, res, next) => {
+  enqueueRecordPing({
+    deviceId: req.deviceId,
+    last_online: req.deviceTime,
+    model: req.query.model,
+    version: req.query.version,
+    restrictionLevel: req.query.restrictionLevel || 0,
+  })
+  next()
+}
+
+module.exports = record

packages/server/lib/middlewares/rejectIncompatbleMachines.js

@@ -0,0 +1,35 @@
+const semver = require('semver')
+const version = require('../../package.json').version
+const logger = require('../logger')
+
+const rejectIncompatibleMachines = function (req, res, next) {
+  const machineVersion = req.query.version
+  const deviceId = req.deviceId
+
+  if (!machineVersion) return next()
+
+  const serverMajor = semver.major(version)
+  const machineMajor = semver.major(machineVersion)
+
+  if (serverMajor - machineMajor > 1) {
+    logger.error(
+      `Machine version too old: ${machineVersion} deviceId: ${deviceId}`,
+    )
+    return res.status(400).json({
+      error: 'Machine version too old',
+    })
+  }
+
+  if (serverMajor < machineMajor) {
+    logger.error(
+      `Machine version too new: ${machineVersion} deviceId: ${deviceId}`,
+    )
+    return res.status(400).json({
+      error: 'Machine version too new',
+    })
+  }
+
+  next()
+}
+
+module.exports = rejectIncompatibleMachines

packages/server/lib/middlewares/state.js

@@ -0,0 +1,21 @@
+const NodeCache = require('node-cache')
+const SETTINGS_CACHE_REFRESH = 3600
+
+module.exports = (function () {
+  return {
+    settingsCache: new NodeCache({
+      stdTTL: SETTINGS_CACHE_REFRESH,
+      checkperiod: SETTINGS_CACHE_REFRESH, // Clear cache every hour
+    }),
+    canLogClockSkewMap: {},
+    canGetLastSeenMap: {},
+    pids: {},
+    reboots: {},
+    shutdowns: {},
+    restartServicesMap: {},
+    emptyUnit: {},
+    refillUnit: {},
+    diagnostics: {},
+    mnemonic: null,
+  }
+})()