-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added new middleware and added new tests
- Loading branch information
1 parent
ae40afa
commit 963fd9b
Showing
4 changed files
with
123 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
import request from 'supertest' | ||
import makeServer from '../../server-test' | ||
import { getToken, getCreds } from '../../__util__/' | ||
|
||
const userCredentials = { | ||
signature: | ||
'0x7acee1dc0d8a07d3e4f2cd1cbbebed9098afea5600bbb1f8a99bd7154e2de4a35e42b868dd373a831e78f0bbf2a8d0340cc63fa8345e433fd3fe64b01bcae0781c', | ||
gdSignature: | ||
'0xd2e95cd11e2b3148674f2207d4f054dbf25e4d2a6e763418ba9bd62c5a99be621f738a0419c4754cc95395c93ac76688f781d7cb00dda0b79693c05de0bee4971b', | ||
nonce: 'a29344af372abf77dd68', | ||
profileSignature: | ||
'SEA{"m":"Login to GoodDAPPa29344af372abf77dd68","s":"nxiNDIdE714q1qTHGzXDy/uJqnXD4uE/QBQDym2ZTTN8cxQyBlODP7x/7+LQggC0K4uO6Y+tTddGLHdSyJGblQ=="}', | ||
profilePublickey: 'kxudRZes6qS44fus50kd0knUVftOeyDTQnmsnMmiaWA.uzJ1fJM0evhtave7yZ5OWBa2O91MBU7DNAHau8xUXYw' | ||
} | ||
|
||
describe.skip('loadtest-middleware', () => { | ||
let server | ||
|
||
beforeAll(done => { | ||
server = makeServer(done) | ||
}) | ||
|
||
afterAll(done => { | ||
server.close(err => { | ||
console.log({ err }) | ||
done() | ||
}) | ||
}) | ||
|
||
test('/test/add/whitelistUser', async () => { | ||
const token = await getToken(server) | ||
|
||
let res = await request(server) | ||
.post('/test/add/whitelistUser') | ||
.send(userCredentials) | ||
.set('Authorization', `Bearer ${token}`) | ||
|
||
expect(res.status).toBe(200) | ||
}) | ||
|
||
test('/storage/login/token witout auth creds', async () => { | ||
let res = await request(server).post('/test/add/whitelistUser') | ||
|
||
expect(res.status).toBe(401) | ||
}) | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
// @flow | ||
import jwt from 'jsonwebtoken' | ||
import passport from 'passport' | ||
import { ExtractJwt, Strategy } from 'passport-jwt' | ||
import { Router } from 'express' | ||
import * as ethUtil from 'ethereumjs-util' | ||
import { get, defaults } from 'lodash' | ||
import logger from '../../imports/pino-logger' | ||
import { wrapAsync, onlyInEnv } from '../utils/helpers' | ||
import UserDBPrivate from '../db/mongo/user-privat-provider' | ||
import Config from '../server.config.js' | ||
import AdminWallet from '../blockchain/AdminWallet' | ||
|
||
const jwtOptions = {} | ||
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken() | ||
jwtOptions.secretOrKey = Config.jwtPassword | ||
|
||
export const strategy = new Strategy(jwtOptions, async (jwtPayload, next) => { | ||
const log = logger.child({ from: 'loadtest-middleware' }) | ||
// usually this would be a database call: | ||
let user = await UserDBPrivate.getUser(jwtPayload.loggedInAs) | ||
log.debug('payload received', { jwtPayload, user }) | ||
//if user is empty make sure we have something | ||
user = defaults(user, jwtPayload, { identifier: jwtPayload.loggedInAs }) | ||
if (get(jwtPayload, 'loggedInAs')) { | ||
next(null, user) | ||
} else { | ||
next(null, false) | ||
} | ||
}) | ||
|
||
const recoverPublickey = (signature, msg, nonce) => { | ||
const sig = ethUtil.fromRpcSig(signature) | ||
|
||
const messageHash = ethUtil.keccak( | ||
`\u0019Ethereum Signed Message:\n${(msg.length + nonce.length).toString()}${msg}${nonce}` | ||
) | ||
|
||
const publicKey = ethUtil.ecrecover(messageHash, sig.v, sig.r, sig.s) | ||
const recovered = ethUtil.bufferToHex(ethUtil.pubToAddress(publicKey)) | ||
return recovered | ||
} | ||
|
||
const setup = (app: Router) => { | ||
passport.use(strategy) | ||
|
||
app.use(passport.initialize()) | ||
|
||
/** | ||
* Only for loadtets | ||
*/ | ||
app.post( | ||
'/test/add/whitelistUser', | ||
passport.authenticate('jwt', { session: false }), | ||
onlyInEnv('test'), | ||
wrapAsync(async (req, res, next) => { | ||
const { body, user } = req | ||
const gdSignature = body.gdSignature | ||
console.log('#############################################') | ||
console.log(gdSignature) | ||
console.log('#############################################') | ||
const nonce = body.nonce | ||
const msg = 'Login to GoodDAPP' | ||
const gdPublicAddress = recoverPublickey(gdSignature, msg, nonce) | ||
await AdminWallet.whitelistUser(gdPublicAddress, body.profilePublickey) | ||
res.json({ ok: 1 }) | ||
}) | ||
) | ||
|
||
logger.child({ from: 'loadtest-middleware' }).info('Done setup login middleware.') | ||
} | ||
|
||
export default setup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters