Install the project dependencies:
npm install
Create a .env
file at the root of the repository and paste the following:
LIVE_API_KEY=liveApiKey
LIVE_USERNAME=liveAccountUsername
LIVE_PASSWORD=liveAccountPassword
DEMO_API_KEY=demoApiKey
DEMO_USERNAME=demoAccountUsername
DEMO_PASSWORD=demoAccountPassword
Replace the placeholder credentials with your own.
To run the tests once:
npm run test
To run the tests during development:
npm run test:watch
When logging into IG via the API, the password can be optionally encrypted for extra security to help prevent "man in the middle" attacks.
To send the password encrypted, an encryptionKey
and timeStamp
must first be requested via the session/encryptionKey
endpoint.
The returned encryptionKey
is in base64
format.
What is unclear to me is how the RSA token should be generated.
This post discusses the problem, but the solution is still not obvious to me.
So far I have gathered that the encryptionKey
is to be used to create an RSA token and then the password should be encrypted with the timeStamp
like so:
password + "|" + timeStamp
I am attempting to use the popular node-rsa
package to create the RSA token. However, I would like to know:
- What format should the RSA
key
be in?pkcs1
orpkcs8
?public
orprivate
?pem
order
?
- Should I wrap the
encryptionKey
in a header and footer? - Does the
encryptionKey
need to be decoded frombase64
before it is used?
The relevant code that configures the RSA key can be seen here.