Skip to content
This repository has been archived by the owner on Oct 19, 2021. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
add api token in rest api
add apiBeareAuth

add token in .env-sample
  • Loading branch information
nayuta-kohei authored and NayutaNakashima committed Jul 10, 2019
1 parent 10c3715 commit 37fd8f9
Show file tree
Hide file tree
Showing 13 changed files with 146 additions and 13 deletions.
1 change: 1 addition & 0 deletions ptarmapi/.env-sample
Expand Up @@ -6,3 +6,4 @@ BITCOIND_RPC_PORT=18332
BITCOIND_HOST="localhost"
BITCOIND_USER="bitcoinuser"
BITCOIND_PASS="bitcoinpassword"
API_TOKEN="ptarmigan"
5 changes: 4 additions & 1 deletion ptarmapi/package.json
Expand Up @@ -26,6 +26,7 @@
"@nestjs/common": "^6.4.1",
"@nestjs/core": "^6.4.1",
"@nestjs/microservices": "^6.4.1",
"@nestjs/passport": "^6.1.0",
"@nestjs/platform-express": "^6.4.1",
"@nestjs/platform-socket.io": "^6.4.1",
"@nestjs/platform-ws": "^6.4.1",
Expand All @@ -37,6 +38,8 @@
"jayson": "^2.1.2",
"lru-cache": "^5.1.1",
"nestjs-config": "^1.3.21",
"passport": "^0.4.0",
"passport-http-bearer": "^1.0.1",
"reflect-metadata": "^0.1.13",
"request-promise": "^4.2.4",
"rimraf": "^2.6.2",
Expand Down Expand Up @@ -76,4 +79,4 @@
"coverageDirectory": "../coverage",
"testEnvironment": "node"
}
}
}
6 changes: 5 additions & 1 deletion ptarmapi/script/addfinal.sh
Expand Up @@ -25,13 +25,17 @@ json=$(cat << EOS
EOS
)

if [ "${API_TOKEN:-unknown}" == unknown ]; then
API_TOKEN=ptarmigan
fi

curl=`cat <<EOS
curl
-s -o
--verbose
--request POST
http://0.0.0.0:3000/notification/addfinal
--header 'Content-Type: application/json'
--header "Authorization: Bearer $API_TOKEN"
--data '$json'
EOS`
eval ${curl}
6 changes: 5 additions & 1 deletion ptarmapi/script/htlcchanged.sh
Expand Up @@ -16,12 +16,16 @@ cat << EOS | jq -e '.'
}
EOS

if [ "${API_TOKEN:-unknown}" == unknown ]; then
API_TOKEN=ptarmigan
fi

curl=`cat <<EOS
curl
-s -o
--verbose
--request POST
http://0.0.0.0:3000/notification/htlcchanged
--header 'Content-Type: application/json'
--header "Authorization: Bearer $API_TOKEN"
EOS`
eval ${curl}
3 changes: 2 additions & 1 deletion ptarmapi/src/app.module.ts
Expand Up @@ -7,13 +7,14 @@ import { ConfigModule } from 'nestjs-config';
import { BitcoinService } from './bitcoin/bitcoin.service';
import { CacheService } from './cache/cache.servies';
import { InvoicesGateway } from './notifications/invoices.gateway';

import { AuthModule } from './auth/auth.module';
import * as path from 'path';

@Module({
controllers: [AppController, PtarmiganController],
providers: [AppService, PtarmiganService, BitcoinService, CacheService, InvoicesGateway],
imports: [
AuthModule,
ConfigModule.load(path.resolve(__dirname, 'config', '**/!(*.d).{ts,js}')),
],
})
Expand Down
13 changes: 13 additions & 0 deletions ptarmapi/src/auth/auth.module.ts
@@ -0,0 +1,13 @@
import { Module } from '@nestjs/common';
import { AuthService } from './auth.service';
import { HttpStrategy } from './http.strategy';
import { PassportModule } from '@nestjs/passport';

@Module({
imports: [
PassportModule.register({ defaultStrategy: 'bearer' }),
],
providers: [AuthService, HttpStrategy],
exports: [PassportModule, AuthService],
})
export class AuthModule {}
16 changes: 16 additions & 0 deletions ptarmapi/src/auth/auth.service.ts
@@ -0,0 +1,16 @@
import { Injectable } from '@nestjs/common';
import { ConfigService } from 'nestjs-config';

@Injectable()
export class AuthService {

constructor() { }

async validateApiToken(token: string): Promise<any> {
const apiToken = ConfigService.get('ptarmigan.apiToken');
if (token === apiToken) {
return true;
}
return false;
}
}
19 changes: 19 additions & 0 deletions ptarmapi/src/auth/http.strategy.ts
@@ -0,0 +1,19 @@
import { Strategy } from 'passport-http-bearer';
import { PassportStrategy } from '@nestjs/passport';
import { Injectable, UnauthorizedException } from '@nestjs/common';
import { AuthService } from './auth.service';

@Injectable()
export class HttpStrategy extends PassportStrategy(Strategy) {
constructor(private readonly authService: AuthService) {
super();
}

async validate(token: string) {
const apiToken = await this.authService.validateApiToken(token);
if (!apiToken) {
throw new UnauthorizedException();
}
return apiToken;
}
}
1 change: 1 addition & 0 deletions ptarmapi/src/config/ptarmigan.ts
Expand Up @@ -7,4 +7,5 @@ export default {
bitcoindHost: process.env.BITCOIND_HOST || 'localhost',
bitcoindUser: process.env.BITCOIND_USER || 'bitcoinuser',
bitcoindPassword: process.env.BITCOIND_PASSWORD || 'bitcoinpassword',
apiToken: process.env.API_TOKEN || 'ptarmigan',
};
4 changes: 3 additions & 1 deletion ptarmapi/src/main.ts
@@ -1,5 +1,5 @@
import { NestFactory } from '@nestjs/core';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import { SwaggerModule, DocumentBuilder, SwaggerBaseConfig } from '@nestjs/swagger';
import { AppModule } from './app.module';
import { Logger } from '@nestjs/common';
import { ConfigService } from 'nestjs-config';
Expand All @@ -14,6 +14,7 @@ async function bootstrap() {
const options = new DocumentBuilder()
.setTitle('ptarmigan REST-API')
.setDescription('Lightning Network implementation ptarmigan REST-API')
.addBearerAuth('Authorization', 'header')
.setVersion('0.2')
.build();
const document = SwaggerModule.createDocument(app, options);
Expand All @@ -24,6 +25,7 @@ async function bootstrap() {
Logger.log('ptarmdHost: + ' + config.get('ptarmigan.ptarmdHost'));
Logger.log('bitcoindRpcPort: ' + config.get('ptarmigan.bitcoindRpcPort'));
Logger.log('bitcoindHost: ' + config.get('ptarmigan.bitcoindHost'));
Logger.log('bitcoindHost: ' + config.get('ptarmigan.apiToken'));

await app.listen(3000);
}
Expand Down
4 changes: 3 additions & 1 deletion ptarmapi/src/notifications/invoices.gateway.ts
Expand Up @@ -8,14 +8,16 @@ import {
OnGatewayDisconnect,
} from '@nestjs/websockets';
import { Server, Socket } from 'ws';
import { Logger } from '@nestjs/common';
import { Logger, UseGuards } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';

@WebSocketGateway({ path: '/ws' })
export class InvoicesGateway implements OnGatewayConnection, OnGatewayInit, OnGatewayDisconnect {

private logger = new Logger('InvoicesGateway');
clients: Socket[] = [];

@UseGuards(AuthGuard())
@WebSocketServer()
server: Server;

Expand Down

0 comments on commit 37fd8f9

Please sign in to comment.