Backwards-compatible encrypted token functionality (Fixes #88)
This commit is contained in:
emad-salah
parent
003232bde7
commit
ba2e0ef1f9
2 changed files with 38 additions and 32 deletions
|
|
@ -257,8 +257,14 @@ module.exports = async (
|
||||||
}
|
}
|
||||||
|
|
||||||
const decryptedKey = Encryption.decryptKey({ deviceId, message: req.body.encryptionKey });
|
const decryptedKey = Encryption.decryptKey({ deviceId, message: req.body.encryptionKey });
|
||||||
const decryptedMessage = Encryption.decryptMessage({ message: req.body.data, key: decryptedKey, iv: req.body.iv })
|
const decryptedMessage = Encryption.decryptMessage({ message: req.body.data, key: decryptedKey, iv: req.body.iv });
|
||||||
|
const decryptedToken = req.body.token ? Encryption.decryptMessage({ message: req.body.token, key: decryptedKey, iv: req.body.iv }) : null;
|
||||||
req.body = JSON.parse(decryptedMessage);
|
req.body = JSON.parse(decryptedMessage);
|
||||||
|
|
||||||
|
if (decryptedToken) {
|
||||||
|
req.headers.authorization = decryptedToken;
|
||||||
|
}
|
||||||
|
|
||||||
return next();
|
return next();
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
logger.error(err);
|
logger.error(err);
|
||||||
|
|
@ -270,6 +276,37 @@ module.exports = async (
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
app.use(async (req, res, next) => {
|
||||||
|
logger.info('Route:', req.path)
|
||||||
|
if (unprotectedRoutes[req.method][req.path]) {
|
||||||
|
next()
|
||||||
|
} else {
|
||||||
|
try {
|
||||||
|
const response = await auth.validateToken(
|
||||||
|
req.headers.authorization.replace('Bearer ', '')
|
||||||
|
)
|
||||||
|
if (response.valid) {
|
||||||
|
next()
|
||||||
|
} else {
|
||||||
|
res.status(401).json({
|
||||||
|
field: 'authorization',
|
||||||
|
errorMessage:
|
||||||
|
"The authorization token you've supplied is invalid"
|
||||||
|
})
|
||||||
|
}
|
||||||
|
} catch (err) {
|
||||||
|
logger.error(
|
||||||
|
!req.headers.authorization
|
||||||
|
? 'Please add an Authorization header'
|
||||||
|
: err
|
||||||
|
)
|
||||||
|
res
|
||||||
|
.status(401)
|
||||||
|
.json({ field: 'authorization', errorMessage: 'Please log in' })
|
||||||
|
}
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
app.use(async (req, res, next) => {
|
app.use(async (req, res, next) => {
|
||||||
try {
|
try {
|
||||||
logger.info("Route:", req.path)
|
logger.info("Route:", req.path)
|
||||||
|
|
|
||||||
|
|
@ -163,37 +163,6 @@ const server = program => {
|
||||||
|
|
||||||
app.use(compression())
|
app.use(compression())
|
||||||
|
|
||||||
app.use(async (req, res, next) => {
|
|
||||||
logger.info('Route:', req.path)
|
|
||||||
if (unprotectedRoutes[req.method][req.path]) {
|
|
||||||
next()
|
|
||||||
} else {
|
|
||||||
try {
|
|
||||||
const response = await auth.validateToken(
|
|
||||||
req.headers.authorization.replace('Bearer ', '')
|
|
||||||
)
|
|
||||||
if (response.valid) {
|
|
||||||
next()
|
|
||||||
} else {
|
|
||||||
res.status(401).json({
|
|
||||||
field: 'authorization',
|
|
||||||
errorMessage:
|
|
||||||
"The authorization token you've supplied is invalid"
|
|
||||||
})
|
|
||||||
}
|
|
||||||
} catch (err) {
|
|
||||||
logger.error(
|
|
||||||
!req.headers.authorization
|
|
||||||
? 'Please add an Authorization header'
|
|
||||||
: err
|
|
||||||
)
|
|
||||||
res
|
|
||||||
.status(401)
|
|
||||||
.json({ field: 'authorization', errorMessage: 'Please log in' })
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
|
|
||||||
app.use((req, res, next) => {
|
app.use((req, res, next) => {
|
||||||
if (sensitiveRoutes[req.method][req.path]) {
|
if (sensitiveRoutes[req.method][req.path]) {
|
||||||
logger.info(
|
logger.info(
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue