remove bucket and bucket-list args, check bucket owner directly calling the contract (#27)

This commit is contained in:
Andrea Franz 2020-07-01 18:18:03 +02:00 committed by GitHub
parent 670c20b3c9
commit 23c04a558a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 17 additions and 55 deletions

View File

@ -27,7 +27,7 @@ ifndef BUCKET
endif
run-relayer: check-relayer-env-variables
node scripts/relay.js \
env PORT=$(PORT) node scripts/relay.js \
--endpoint=$(ENDPOINT) \
--account=$(KEYSTORES_PATH)/keystore.json \
--passfile=$(KEYSTORES_PATH)/keystore-passfile.txt \

View File

@ -81,10 +81,6 @@ The options are
`--passfile`: the path to a file storing the password for the JSON encoded private key. Always used with --account.
`--bucket-list`: a file containing a list of bucket addresses one per line. Only transactions to these addresses will be accepted
`--bucket`: same as above, but instead a single address is provided on the command line directly.
### HTTP interface
The http interface is very simple

View File

@ -28,6 +28,9 @@ module.exports = class Account {
return accounts[0];
}
address() {
return this.sender.address;
}
loadAccount(account, passfile) {
let json = fs.readFileSync(account, "utf-8");

View File

@ -183,11 +183,15 @@ async function run() {
const decimals = await getDecimals(argv["amount-decimals"], !argv["nft"]);
let file = fs.readFileSync(argv["file"], 'utf8');
keycards = file.split("\n").filter(line => line.trim() !== "").map((line) => processLine(line, decimals));
keycards = file
.split("\n")
.filter(line => line.trim() !== "" && !/^#/.test(line.trim()))
.map((line) => processLine(line, decimals));
for (let keycard of keycards) {
const create = argv["nft"] ? transferNFT : createRedeemable;
await create(keycard);
console.log(`http://test-pn.keycard.cash/redeem/#/buckets/${bucket}/redeemables/${keycard.keycard}`)
}
} else if (!hasDoneSomething) {
console.error("the --file option must be specified");

View File

@ -16,8 +16,6 @@ const port = process.env.PORT || 3000;
const app = express();
app.use(morgan('combined'))
let allowedBuckets = [];
async function redeem(bucket, message, sig) {
Bucket.transactionConfirmationBlocks = 1;
Bucket.options.address = bucket;
@ -37,15 +35,17 @@ function validateNumber(num) {
return !isNaN(parseInt(num));
}
function validateBucket(bucket) {
return allowedBuckets.includes(bucket.toLowerCase());
async function validateBucket(bucket) {
Bucket.options.address = bucket;
const owner = await Bucket.methods.owner().call();
return account.address() === owner;
}
function validateRequest(body) {
async function validateRequest(body) {
if (!validateAddress(body.bucket)) {
return "invalid bucket address";
} else if (!validateBucket(body.bucket)) {
return "cannot send to this bucket";
} else if (!await validateBucket(body.bucket)) {
return "invalid bucket owner";
} else if (body.message === undefined) {
return "message must be specified";
} else if (!validateNumber(body.message.blockNumber)) {
@ -71,7 +71,7 @@ async function redeemRequest(req, res) {
res.append("Access-Control-Allow-Origin", ["*"]);
res.append("Access-Control-Allow-Headers", ["*"]);
let err = validateRequest(req.body);
let err = await validateRequest(req.body);
if (err) {
res.status(400).json({error: err});
}
@ -85,53 +85,12 @@ async function redeemRequest(req, res) {
}
}
function bucketRequest(req, res) {
if (validateBucket(req.params.address)) {
res.status(200).json({"allowed": true});
} else {
res.status(404).json({"allowed": false});
}
}
function loadBucketList(path) {
let file = fs.readFileSync(path, 'utf8');
allowedBuckets = file.split("\n").map((line) => line.toLowerCase().trim());
}
function checkBuckets() {
allowedBuckets = allowedBuckets.filter((line) => {
if (validateAddress(line)) {
return true;
} else {
console.warn(`${line} is an invalid bucket address, ignored`);
return false;
}
});
if (allowedBuckets.length == 0) {
console.error("no valid buckets, exiting");
process.exit(1);
}
}
async function run() {
if (argv["bucket-list"]) {
loadBucketList(argv["bucket-list"]);
} else if (argv["bucket"]) {
allowedBuckets = [argv["bucket"].toLowerCase()];
} else {
console.error("the either the --bucket or --bucket-list option must be specified");
process.exit(1);
}
checkBuckets();
await account.init(argv);
app.use(express.json());
app.post('/redeem', redeemRequest);
app.options('/redeem', redeemOptions);
app.get('/bucket/:address', bucketRequest);
app.listen(port, () => console.log(`Relayer listening at http://localhost:${port}`));
}