hd-auth/auth.sigidli.com
1
1
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Genesis commit

Browse Source
This commit is contained in:
Kgothatso
2019-11-23 23:08:03 +02:00
parent 479b59cf51
commit a590b8ff3f
52 changed files with 15901 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

279
server/router/account/index.js Normal file
View File

@@ -0,0 +1,279 @@
/**
* This router handles things related to the web browser experience...
*/
// This is the mock data we working with...
module.exports = function (options) {
const config = require('config');
var QRCode = require('qrcode');
var express = options.express;
const db = options.db;
const hdAuthUtil = options.hdAuthUtil;
var router = express.Router();
router.route('/')
.get(function(request, response, next) {
response.render("home", {
user: request.user,
pageTitle: "HDAuth - Account"
})
});
router.route('/authenticate')
.get(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
response.render("login-displayName", {
user: request.user,
pageTitle: "HDAuth - Login"
})
}
})
.post(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
db.User.findOne({
where: {
displayName: request.body.displayName
},
include: [
{
association: db.User.ExtendedPublicKeys,
required: true
}
]
}).then(user => {
if(user) {
// TODO: Support multiple login options...
const loginMessage = {
userIdentifier: user.displayName,
domainUrl: "sigidli.com" // TODO: Replace with config value...
}
const challenge = hdAuthUtil.createChallenge(
user.extendedPublicKeys[0].xpub,
JSON.stringify(loginMessage) // TODO: Create a login body...
)
QRCode.toDataURL(JSON.stringify(challenge), function (err, url) {
if(err) {
console.error(err);
}
response.render("xpub-login", {
// challenge user to sign thier xpub
challenge: challenge,
qrCode: url,
user: request.user
})
})
} else {
// User doesn't exist register account
response.render("login-signup", {
user: request.user,
displayName: request.body.displayName,
pageTitle: "HD Auth - Signup",
});
}
}).catch(error => {
console.error("Failed to fulfill account/authenticate post", request.body);
console.error("Reason: ", error);
response.render("error", {
message: "This site didn't have the time for error handling."
})
})
}
});
router.route('/authenticate/response')
.post(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
// Verify challenge
if(hdAuthUtil.verifyHDAuthChallengeResponse(request.body)) {
// user passed challenge...
var loginMessage = JSON.parse(request.body.message);
db.User.findOne({
where: {
displayName: loginMessage.userIdentifier,
},
include: [
{
association: db.User.ExtendedPublicKeys
}
]
}).then(user => {
if(user) {
// User created we can authenticate them on the site...
request.logIn(user, function(err) {
if (err) { return next(err); }
return response.redirect('/');
});
} else {
console.error("Authenticated user doesn't exist: ", loginMessage);
}
}).catch(error => {
console.error("Failed to create authenticated user");
console.error("Error: ", error);
next(error);
})
} else {
// user failed challenge
console.error("User failed to authenticate");
// Create new challenge and try again...
return response.redirect('/authenticate');
}
}
})
router.route('/register')
.get(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
response.render("account-registration", {
user: request.user,
newUser: {},
pageTitle: "HDAuth - Registration"
})
}
})
router.route('/register/xpub')
.post(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
db.User.build({
displayName: request.body.displayName,
extendedPublicKeys: [
{
xpub: request.body.xpub
}
]
}, {
include: [
{
association: db.User.ExtendedPublicKeys
}
]
}).validate()
.then(xpubUser => {
if (xpubUser) {
// Challenge
const registerationMessage = {
userIdentifier: xpubUser.displayName, // identifier the user supplies on the login page
user: xpubUser,
serviceExtendedPublicKey: config.get("bip32.serviceAuthenticatingExtendedPublicKey"),
url: "sigidli.com"
}
const challenge = hdAuthUtil.createChallenge(
request.body.xpub, // update this to identifier...
JSON.stringify(registerationMessage)
)
QRCode.toDataURL(JSON.stringify(challenge), function (err, url) {
if(err) {
console.error(err);
}
response.render("xpub-account-registeration-challenge", {
xpubUser: xpubUser,
// challenge user to sign thier xpub
challenge: challenge,
qrCode: url,
user: request.user
})
})
} else {
console.log("Empty User")
// TODO: error handling..
response.render("error", {
user: request.user,
message: "VOID"
})
}
}).catch(error => {
console.error("Failed to create user");
console.error("Reason: ", error);
// TODO: error handling..
response.render("error", {
user: request.user,
message: "Failed to create user"
})
})
}
})
router.route('/register/xpub/response')
.post(function(request, response, next) {
if(request.user) {
response.redirect('/account');
} else {
// Verify challenge
if(hdAuthUtil.verifyHDAuthChallengeResponse(request.body)) {
// user passed challenge...
// TODO: Load registration request from challenge.message
// TODO: build and validate that user owns xpub...
var xpubUser = JSON.parse(request.body.message).user;
// Possibility that username is taken...
// TODO: Create user without username
db.User.create(xpubUser, {
include: [
{
association: db.User.ExtendedPublicKeys
}
]
}).then(user => {
if(user) {
// User created we can authenticate them on the site...
request.logIn(user, function(err) {
if (err) { return next(err); }
return response.redirect('/');
});
}
}).catch(error => {
console.error("Failed to create authenticated user");
console.error("Error: ", error);
next(error);
})
} else {
// user failed challenge
// TODO: Validate input
// TODO: Createa new challenge
console.error("User failed to authenticate");
// Create new challenge and try again...
}
}
})
router.route('/logout')
.post(function(request, response, next) {
if(request.user) {
request.logout();
response.redirect('/');
// db.Session.destroy({
// where: {
// sid: request.sessionID
// }
// }).then(() => {
// console.log("")
// }).catch(error => {
// next(error);
// console.error("Log out error: ", error);
// })
} else {
// No user...
response.redirect('/');
}
});
// TODO: add other endpoints
return router;
};

28
server/router/index.js Normal file
View File

@@ -0,0 +1,28 @@
/**
* This router handles things related to the web browser experience...
*/
// This is the mock data we working with...
module.exports = function (options) {
var express = options.express;
const db = options.db;
var router = express.Router();
router.route('/')
.get(function(request, response, next) {
response.render("home", {
user: request.user,
pageTitle: "HDAuth - Home"
})
});
// TODO: load child routers automatically
var accountRouter = require('./account/index.js')(options);
router.use('/account', accountRouter);
return router;
};