From 2b9fadf4b46ebd35b24874c82aaa065c70cf1ede Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Wed, 6 Jun 2018 10:58:01 +0000 Subject: [PATCH] working new account --- lib/extensions.js | 137 ++++++++++++++++++++++++++-------------------- package.json | 2 + 2 files changed, 81 insertions(+), 58 deletions(-) diff --git a/lib/extensions.js b/lib/extensions.js index d647642..01793c7 100644 --- a/lib/extensions.js +++ b/lib/extensions.js @@ -7,81 +7,83 @@ curl -s --user 'api:YOUR_API_KEY' \ -F subject='Hello' \ -F text='Testing some Mailgun awesomeness!' */ +var _auths = module.exports._auths = {}; module.exports.authenticate = function (opts) { + console.log("It's auth'n time!"); var util = require('util'); var requestAsync = util.promisify(require('request')); var state = opts.state; var jwtoken = opts.auth; + var auth; var mailer = { user: 'wizard@telebit.cloud' , secret: 'fbbf21d73c9d2f480bd0e71f5f18494e' }; var crypto = require('crypto'); - if (!state._auths) { - state._auths = {}; - } - if ('{' === jwtoken) { - try { - auth = JSON.parse(auth); - } catch(e) { - auth = null; - } - if (auth && /^.+@.+\..+$.test(auth.subject)) { - var id = crypto.randomBytes(16).toString('hex'); - state._auths[id] = {}; - return requestAsync({ - url: 'https://api.mailgun.net/v3/YOUR_DOMAIN_NAME/messages' - , method: 'POST' - , auth: { user: 'api', pass: 'key-70ef48178081df19783ecfbe6fed5e9a' } - , formData: { - from: 'Telebit Wizard ' - , to: auth.subject - , subject: 'Telebit: Magic Link Login' - , text: "Here's your magic login link. Just click to confirm your login attempt:\n\n" - + ' https://www.telebit.cloud/login/?magic=' + id + '\n\n' - + "The login request came from '" + auth.hostname + "'\n " - + "(" + auth.os_arch + " " + auth.os_platform + " " + auth.os_release + ")\n" - } - }).then(function () { - console.log("[DEBUG] email was sent, or so they say"); - return new state.Promise(function (resolve, reject) { - // TODO use global interval whenever the number of active links is high - var t = setTimeout(function () { - delete state._auths[id]; - var err = new Error("Login Failure: Magic Link was not clicked within 5 minutes"); - err.code = 'E_LOGIN_TIMEOUT'; - reject(); - }, 300 * 1000); - - function authorize() { - clearTimeout(t); - delete state._auths[id]; - var hri = require('human-readable-ids').hri; - var hrname = hri.random() + '.telebit.cloud'; - var jwt = require('jsonwebtoken'); - var tokenData = { - domains: [ hrname ] - , ports: [ 1024 + Math.round(Math.random() * 6300) ] - , aud: 'telebit.cloud' - , iss: Math.round(Date.now() / 1000) - , id: id - }; - tokenData.jwt = jwt.sign(tokenData, state.secret); - resolve(tokenData); - } + console.log('[DEBUG] ext auth', jwtoken); + auth = jwtoken; + if ('object' === typeof auth && /^.+@.+\..+$/.test(auth.subject)) { + console.log('parsed'); + var id = crypto.randomBytes(16).toString('hex'); + console.log("[DEBUG] gonna send email"); + return requestAsync({ + url: 'https://api.mailgun.net/v3/telebit.cloud/messages' + , method: 'POST' + , auth: { user: 'api', pass: 'key-70ef48178081df19783ecfbe6fed5e9a' } + , formData: { + from: 'Telebit Wizard ' + , to: auth.subject + , subject: 'Telebit: Magic Link Login' + , text: "Here's your magic login link. Just click to confirm your login attempt:\n\n" + + ' https://www.telebit.cloud/login/?magic=' + id + '\n\n' + + "The login request came from '" + auth.hostname + "'\n " + + "(" + auth.os_arch + " " + auth.os_platform + " " + auth.os_release + ")\n" + } + }).then(function (resp) { + console.log("[DEBUG] email was sent, or so they say"); + console.log(resp.body); + return new state.Promise(function (resolve, reject) { + // TODO use global interval whenever the number of active links is high + var t = setTimeout(function () { + console.log("the moon lady wins :-/"); + delete _auths[id]; + var err = new Error("Login Failure: Magic Link was not clicked within 5 minutes"); + err.code = 'E_LOGIN_TIMEOUT'; + reject(); + }, 300 * 1000); - state._auths[id] = { - fn: authorize - , dt: Date.now() - , reject: reject + function authorize() { + console.log("mighty auth'n ranger!"); + clearTimeout(t); + delete _auths[id]; + var hri = require('human-readable-ids').hri; + var hrname = hri.random() + '.telebit.cloud'; + var jwt = require('jsonwebtoken'); + var tokenData = { + domains: [ hrname ] + , ports: [ 1024 + Math.round(Math.random() * 6300) ] + , aud: 'telebit.cloud' + , iss: Math.round(Date.now() / 1000) + , id: id + , hostname: auth.hostname }; + tokenData.jwt = jwt.sign(tokenData, state.secret); + resolve(tokenData); + return tokenData; + } + + _auths[id] = { + dt: Date.now() + , resolve: authorize + , reject: reject + }; - }); }); - } + }); } + console.log("just trying a normal token..."); try { decoded = jwt.decode(jwtoken, { complete: true }); } catch(e) { @@ -90,3 +92,22 @@ module.exports.authenticate = function (opts) { return state.defaults.authenticate(opts.auth); }; +var express = require('express'); +var app = express(); +app.use('/login', function (req, res) { + var tokenData; + var magic = req.query.magic; + if (_auths[magic]) { + tokenData = _auths[magic].resolve(); + res.send("

Your device is authorized for the following:

" + JSON.stringify(tokenData, null, 2) + "
"); + } else { + res.send("

Invalid Magic Link

" + + "
'" + magic + "' isn't a valid link.\nLinks are only good for 5 minutes, so act fast.\n"
+    + "(" + new Date(1000*((_auths[magic]||{}).dt||0)).toISOString() + ")
\n" + ); + } +}); +module.exports.webadmin = function (state, req, res) { + console.log('[DEBUG] extensions webadmin'); + app(req, res); +}; diff --git a/package.json b/package.json index 285ae8e..566a2f7 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "dependencies": { "bluebird": "^3.5.1", "cluster-store": "^2.0.8", + "express": "^4.16.3", "finalhandler": "^1.1.1", "greenlock": "^2.2.4", "human-readable-ids": "^1.0.4", @@ -47,6 +48,7 @@ "proxy-packer": "^1.4.3", "recase": "^1.0.4", "redirect-https": "^1.1.5", + "request": "^2.87.0", "serve-static": "^1.13.2", "sni": "^1.0.0", "ws": "^5.1.1"