aiolabs/lightning-pub
2
0
Fork 0
Code Issues 9 Pull requests 4 Projects Releases Packages Wiki Activity Actions

Merge pull request #13 from shocknet/bug/wallet_status_middleware

Browse source 
Bug/wallet status middleware
This commit is contained in:
Daniel Lugo 2019-12-18 15:25:51 -04:00 committed by GitHub
commit ed8f6d31fe
5 changed files with 94 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.eslintrc.json
View file

@ -60,7 +60,9 @@
"consistent-return": "off", "consistent-return": "off",
"no-shadow": "off" "no-shadow": "off",
// We're usually throwing objects throughout the API to allow for more detailed error messages
"no-throw-literal": "off"
}, },
"parser": "babel-eslint", "parser": "babel-eslint",
"env": { "env": {

3
services/auth/auth.js
View file

@ -108,6 +108,9 @@ class Auth {
const key = jwt.decode(token).data.timestamp const key = jwt.decode(token).data.timestamp
const secrets = await this.readSecrets() const secrets = await this.readSecrets()
const secret = secrets[key] const secret = secrets[key]
if (!secret) {
throw { valid: false }
}
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
jwt.verify(token, secret, (err, decoded) => { jwt.verify(token, secret, (err, decoded) => {
if (err) { if (err) {

49
src/routes.js
View file

@ -14,6 +14,7 @@ const auth = require("../services/auth/auth");
const FS = require("../utils/fs"); const FS = require("../utils/fs");
const LightningServices = require("../utils/lightningServices"); const LightningServices = require("../utils/lightningServices");
const GunDB = require("../services/gunDB/Mediator"); const GunDB = require("../services/gunDB/Mediator");
const { unprotectedRoutes } = require("../utils/protectedRoutes");
const DEFAULT_MAX_NUM_ROUTES_TO_QUERY = 10; const DEFAULT_MAX_NUM_ROUTES_TO_QUERY = 10;
@ -181,6 +182,54 @@ module.exports = (
} }
}; };
app.use(async (req, res, next) => {
try {
console.log("Route:", req.path)
if (unprotectedRoutes[req.method][req.path]) {
next();
return;
}
if (req.path.includes("/api/lnd")) {
const walletStatus = await walletExists();
const availableService = await getAvailableService();
const statusMessage = availableService.walletStatus;
if (walletStatus) {
if (statusMessage === "unlocked") {
return next();
}
return res
.status(401)
.json({
field: "wallet",
errorMessage: statusMessage
? statusMessage
: "unknown"
})
}
return res
.status(401)
.json({
field: "wallet",
errorMessage: "Please create a wallet before using the API"
});
}
} catch (err) {
logger.error(err);
res
.status(500)
.json({
field: "wallet",
errorMessage: err.message
? err.message
: err
});
}
});
app.use(["/ping"], responseTime()); app.use(["/ping"], responseTime());
/** /**

40
src/server.js
View file

@ -14,6 +14,7 @@ const server = program => {
const bodyParser = require("body-parser"); const bodyParser = require("body-parser");
const session = require("express-session"); const session = require("express-session");
const methodOverride = require("method-override"); const methodOverride = require("method-override");
const { unprotectedRoutes, sensitiveRoutes } = require("../utils/protectedRoutes");
// load app default configuration data // load app default configuration data
const defaults = require("../config/defaults")(program.mainnet); const defaults = require("../config/defaults")(program.mainnet);
// define useful global variables ====================================== // define useful global variables ======================================
@ -46,26 +47,6 @@ const server = program => {
// init lnd module ================= // init lnd module =================
const lnd = require("../services/lnd/lnd")(LightningServices.services.lightning); const lnd = require("../services/lnd/lnd")(LightningServices.services.lightning);
const unprotectedRoutes = {
GET: {
"/healthz": true,
"/ping": true,
// Errors out when viewing an API page from the browser
"/favicon.ico": true,
"/api/lnd/connect": true,
"/api/lnd/wallet/status": true,
"/api/lnd/auth": true
},
POST: {
"/api/lnd/connect": true,
"/api/lnd/wallet": true,
"/api/lnd/wallet/existing": true,
"/api/lnd/auth": true
},
PUT: {},
DELETE: {}
};
const auth = require("../services/auth/auth"); const auth = require("../services/auth/auth");
app.use(async (req, res, next) => { app.use(async (req, res, next) => {
@ -80,24 +61,19 @@ const server = program => {
if (response.valid) { if (response.valid) {
next(); next();
} else { } else {
res.status(401).json({ message: "Please log in" }); res.status(401).json({ field: "authorization", errorMessage: "The authorization token you've supplied is invalid" });
} }
} catch (err) { } catch (err) {
logger.error(err); logger.error(
res.status(401).json({ message: "Please log in" }); !req.headers.authorization
? "Please add an Authorization header"
: err
);
res.status(401).json({ field: "authorization", errorMessage: "Please log in" });
} }
} }
}); });
const sensitiveRoutes = {
GET: {},
POST: {
"/api/lnd/connect": true,
"/api/lnd/wallet": true
},
PUT: {},
DELETE: {}
};
app.use((req, res, next) => { app.use((req, res, next) => {
if (sensitiveRoutes[req.method][req.path]) { if (sensitiveRoutes[req.method][req.path]) {
console.log( console.log(

30
utils/protectedRoutes.js Normal file
View file

@ -0,0 +1,30 @@
module.exports = {
unprotectedRoutes: {
GET: {
"/healthz": true,
"/ping": true,
// Errors out when viewing an API page from the browser
"/favicon.ico": true,
"/api/lnd/connect": true,
"/api/lnd/wallet/status": true,
"/api/lnd/auth": true
},
POST: {
"/api/lnd/connect": true,
"/api/lnd/wallet": true,
"/api/lnd/wallet/existing": true,
"/api/lnd/auth": true
},
PUT: {},
DELETE: {}
},
sensitiveRoutes: {
GET: {},
POST: {
"/api/lnd/connect": true,
"/api/lnd/wallet": true
},
PUT: {},
DELETE: {}
}
}