mirror of
https://github.com/status-im/embark-area-51.git
synced 2025-01-23 13:48:49 +00:00
authorize each request through header
This commit is contained in:
parent
4ac0d39889
commit
925c5c1065
@ -22,8 +22,7 @@ class AppContainer extends Component {
|
|||||||
this.state = {
|
this.state = {
|
||||||
authenticateError: null
|
authenticateError: null
|
||||||
};
|
};
|
||||||
}
|
|
||||||
componentDidMount() {
|
|
||||||
let token;
|
let token;
|
||||||
if (this.props.location.search) {
|
if (this.props.location.search) {
|
||||||
token = queryString.parse(this.props.location.search).token;
|
token = queryString.parse(this.props.location.search).token;
|
||||||
@ -37,6 +36,8 @@ class AppContainer extends Component {
|
|||||||
}
|
}
|
||||||
this.setState({authenticateError: null});
|
this.setState({authenticateError: null});
|
||||||
});
|
});
|
||||||
|
}
|
||||||
|
componentDidMount() {
|
||||||
this.props.initBlockHeader();
|
this.props.initBlockHeader();
|
||||||
this.props.fetchProcesses();
|
this.props.fetchProcesses();
|
||||||
this.props.fetchVersions();
|
this.props.fetchVersions();
|
||||||
|
@ -39,7 +39,7 @@ export const fetchFile = doRequest.bind(null, actions.file, api.fetchFile);
|
|||||||
export const postFile = doRequest.bind(null, actions.saveFile, api.postFile);
|
export const postFile = doRequest.bind(null, actions.saveFile, api.postFile);
|
||||||
export const deleteFile = doRequest.bind(null, actions.removeFile, api.deleteFile);
|
export const deleteFile = doRequest.bind(null, actions.removeFile, api.deleteFile);
|
||||||
export const fetchEthGas = doRequest.bind(null, actions.gasOracle, api.getEthGasAPI);
|
export const fetchEthGas = doRequest.bind(null, actions.gasOracle, api.getEthGasAPI);
|
||||||
export const authenticate = doRequest.bind(null, actions.authenticate, api.authenticate);
|
export const authenticate = doRequest.bind(null, actions.authenticate, api.authorize);
|
||||||
|
|
||||||
export const fetchCurrentFile = doRequest.bind(null, actions.currentFile, storage.fetchCurrentFile);
|
export const fetchCurrentFile = doRequest.bind(null, actions.currentFile, storage.fetchCurrentFile);
|
||||||
export const postCurrentFile = doRequest.bind(null, actions.saveCurrentFile, storage.postCurrentFile);
|
export const postCurrentFile = doRequest.bind(null, actions.saveCurrentFile, storage.postCurrentFile);
|
||||||
|
@ -1,7 +1,9 @@
|
|||||||
import axios from "axios";
|
import axios from "axios";
|
||||||
import constants from '../constants';
|
import constants from '../constants';
|
||||||
|
import {get as cacheGet} from '../services/cache';
|
||||||
|
|
||||||
function get(path, params = {}, endpoint) {
|
function get(path, params = {}, endpoint) {
|
||||||
|
axios.defaults.headers.common['Authorization'] = cacheGet('token');
|
||||||
const callback = params.callback || function(){};
|
const callback = params.callback || function(){};
|
||||||
return axios.get((endpoint || constants.httpEndpoint) + path, params)
|
return axios.get((endpoint || constants.httpEndpoint) + path, params)
|
||||||
.then((response) => {
|
.then((response) => {
|
||||||
@ -16,6 +18,7 @@ function get(path, params = {}, endpoint) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function post(path, params = {}) {
|
function post(path, params = {}) {
|
||||||
|
axios.defaults.headers.common['Authorization'] = cacheGet('token');
|
||||||
const callback = params.callback || function(){};
|
const callback = params.callback || function(){};
|
||||||
delete params.callback;
|
delete params.callback;
|
||||||
return axios.post(constants.httpEndpoint + path, params)
|
return axios.post(constants.httpEndpoint + path, params)
|
||||||
@ -32,6 +35,7 @@ function post(path, params = {}) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function destroy(path, params = {}) {
|
function destroy(path, params = {}) {
|
||||||
|
axios.defaults.headers.common['Authorization'] = cacheGet('token');
|
||||||
const callback = params.callback || function(){};
|
const callback = params.callback || function(){};
|
||||||
return axios.delete(constants.httpEndpoint + path, params)
|
return axios.delete(constants.httpEndpoint + path, params)
|
||||||
.then((response) => {
|
.then((response) => {
|
||||||
@ -154,8 +158,8 @@ export function deleteFile(payload) {
|
|||||||
return destroy('/file', {params: payload});
|
return destroy('/file', {params: payload});
|
||||||
}
|
}
|
||||||
|
|
||||||
export function authenticate(payload) {
|
export function authorize(payload) {
|
||||||
return post('/authenticate', payload);
|
return post('/authorize', payload);
|
||||||
}
|
}
|
||||||
|
|
||||||
export function listenToChannel(channel) {
|
export function listenToChannel(channel) {
|
||||||
|
@ -1,29 +1,28 @@
|
|||||||
const uuid = require('uuid/v1');
|
const uuid = require('uuid/v1');
|
||||||
|
|
||||||
class Authenticator {
|
const ERROR_OBJ = {error: __('Wrong authentication token. Get your token from the Embark console by typing `token`')};
|
||||||
|
|
||||||
|
class Authenticator {
|
||||||
constructor(embark, _options) {
|
constructor(embark, _options) {
|
||||||
this.authToken = uuid();
|
this.authToken = uuid();
|
||||||
this.embark = embark;
|
this.embark = embark;
|
||||||
this.logger = embark.logger;
|
this.logger = embark.logger;
|
||||||
|
this.events = embark.events;
|
||||||
|
|
||||||
this.registerCalls();
|
this.registerCalls();
|
||||||
embark.events.once('outputDone', () => {
|
this.registerEvents();
|
||||||
embark.logger.info(__('Access the web backend with the following url: %s',
|
|
||||||
('http://localhost:8000/embark?token=' + this.authToken).underline));
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
|
|
||||||
registerCalls() {
|
registerCalls() {
|
||||||
this.embark.registerAPICall(
|
this.embark.registerAPICall(
|
||||||
'post',
|
'post',
|
||||||
'/embark-api/authenticate',
|
'/embark-api/authorize',
|
||||||
(req, res) => {
|
(req, res) => {
|
||||||
if (req.body.token !== this.authToken) {
|
if (req.body.token !== this.authToken) {
|
||||||
this.logger.warn(__('Someone tried and failed to authenticate to the backend'));
|
this.logger.warn(__('Someone tried and failed to authorize to the backend'));
|
||||||
this.logger.warn(__('- User-Agent: %s', req.headers['user-agent']));
|
this.logger.warn(__('- User-Agent: %s', req.headers['user-agent']));
|
||||||
this.logger.warn(__('- Referer: %s', req.headers.referer));
|
this.logger.warn(__('- Referer: %s', req.headers.referer));
|
||||||
return res.send({error: __('Wrong authentication token. Get your token from the Embark console by typing `token`')});
|
return res.send(ERROR_OBJ);
|
||||||
}
|
}
|
||||||
res.send();
|
res.send();
|
||||||
}
|
}
|
||||||
@ -38,6 +37,20 @@ class Authenticator {
|
|||||||
};
|
};
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
registerEvents() {
|
||||||
|
this.events.once('outputDone', () => {
|
||||||
|
this.logger.info(__('Access the web backend with the following url: %s',
|
||||||
|
('http://localhost:8000/embark?token=' + this.authToken).underline));
|
||||||
|
});
|
||||||
|
|
||||||
|
this.events.setCommandHandler('api:authorize', (token, cb) => {
|
||||||
|
if (token !== this.authToken) {
|
||||||
|
return cb(ERROR_OBJ);
|
||||||
|
}
|
||||||
|
cb();
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = Authenticator;
|
module.exports = Authenticator;
|
||||||
|
@ -49,13 +49,13 @@ class Server {
|
|||||||
|
|
||||||
for (let apiCall of apiCalls) {
|
for (let apiCall of apiCalls) {
|
||||||
console.dir("adding " + apiCall.method + " " + apiCall.endpoint);
|
console.dir("adding " + apiCall.method + " " + apiCall.endpoint);
|
||||||
app[apiCall.method].apply(app, [apiCall.endpoint, apiCall.cb]);
|
app[apiCall.method].apply(app, [apiCall.endpoint, this.applyAPIFunction.bind(this, apiCall.cb)]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
this.events.on('plugins:register:api', (apiCall) => {
|
this.events.on('plugins:register:api', (apiCall) => {
|
||||||
console.dir("adding " + apiCall.method + " " + apiCall.endpoint);
|
console.dir("adding " + apiCall.method + " " + apiCall.endpoint);
|
||||||
app[apiCall.method].apply(app, [apiCall.endpoint, apiCall.cb]);
|
app[apiCall.method].apply(app, [apiCall.endpoint, this.applyAPIFunction.bind(this, apiCall.cb)]);
|
||||||
});
|
});
|
||||||
|
|
||||||
app.get('/embark/*', function(req, res) {
|
app.get('/embark/*', function(req, res) {
|
||||||
@ -78,6 +78,16 @@ class Server {
|
|||||||
":" + this.port).bold.underline.green);
|
":" + this.port).bold.underline.green);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
applyAPIFunction (cb, req, res) {
|
||||||
|
this.events.request('api:authorize', req.headers.authorization, (err) => {
|
||||||
|
if (err) {
|
||||||
|
const send = res.send ? res.send.bind(res) : req.send.bind(req); // WS only has the first params
|
||||||
|
return send(err);
|
||||||
|
}
|
||||||
|
cb(req, res);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
stop(callback) {
|
stop(callback) {
|
||||||
callback = callback || function () {};
|
callback = callback || function () {};
|
||||||
if (!this.server || !this.server.listening) {
|
if (!this.server || !this.server.listening) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user