WIP

2016-10-21 17:46:11 +03:00 · 2016-10-21 17:46:11 +03:00 · 6422c36644
commit 6422c36644
parent 03edd9c7e0
6 changed files with 71 additions and 10 deletions
--- a/bin/lamassu-server
+++ b/bin/lamassu-server
@ -16,7 +16,8 @@ if (!httpOnly) {
  try {
    options.https = {
      key: fs.readFileSync(options.certKeyPath),
-      cert: fs.readFileSync(options.certPath)
+      cert: fs.readFileSync(options.certPath),
+      requestCert: true
    }
  } catch (err) {
    console.log('Please configure your certificate.')
--- a/lib/app.js
+++ b/lib/app.js
@ -9,6 +9,8 @@ var plugins = require('./plugins')
 var logger = require('./logger')
 var configManager = require('./config-manager')

+const db = require('./db')
+
 module.exports = function (options) {
  var app = express()
  var server
@ -61,10 +63,14 @@ module.exports = function (options) {
      server = http.createServer(app)

      authMiddleware = function (req, res, next) {
-        req.device = {}
-        console.log('DEBUG2')
-        console.log(req.route)
-        return next()
+        const deviceId = req.connection.getPeerCertificate().fingerprint
+        const sql = 'select id from devices where device_id=$1 and authorized=$2'
+        db.one(sql, [deviceId, true])
+        .then(() => {
+          req.deviceId = deviceId
+          next()
+        })
+        .catch(e => res.status(403).end())
      }
    }

@ -72,7 +78,7 @@ module.exports = function (options) {

    var localApp = express()
    localApp.use(bodyParser.json())
-    var localServer = http.createServer(localApp)
+    var localServer = http.createServer({localAddress: 'localhost'}, localApp)
    var localPort = 7070

    console.log('DEBUG7 ****************')
--- a/lib/db.js
+++ b/lib/db.js
@ -0,0 +1,4 @@
+const pgp = require('pg-promise')()
+const psqlUrl = require('../lib/options').postgresql
+
+module.exports = {db: pgp(psqlUrl)}
--- a/lib/pair.js
+++ b/lib/pair.js
@ -0,0 +1,45 @@
+const fs = require('fs')
+const pify = require('pify')
+const readFile = pify(fs.readFile)
+const path = require('path')
+const crypto = require('crypto')
+const db = require('./db')
+
+const CA_PATH = path.resolve(__dirname, '..', 'ca-cert.pem')
+
+function totem (ipAddress) {
+  return readFile(CA_PATH)
+  .then(data => {
+    const caHash = crypto.createHash('sha256').update(data).digest()
+    const token = crypto.randomBytes(32)
+    const ip = Buffer.from(ipAddress.split('.').map(s => parseInt(s, 10)))
+    const buf = Buffer.concat([ip, caHash, token])
+    const sql = 'insert into pairing_tokens (token) values ($1)'
+
+    return db.none(sql, [token.toString('hex')])
+    .then(() => buf.toString('base64'))
+  })
+}
+
+function pair (token, deviceId) {
+  const sql = `delete from pairing_tokens
+    where token=$1
+    returning created < now() - interval '1 hour' as expired`
+  return db.one(sql, [token])
+  .then(r => {
+    if (r.expired) return false
+
+    const pairSql = 'insert into paired_devices (device_id) values ($1)'
+    return db.none(pairSql, [deviceId])
+    .then(() => true)
+  })
+}
+
+function isPaired (deviceId) {
+  const sql = 'select device_id from paired_devices where device_id=$1'
+
+  return db.one(sql, [deviceId])
+  .then(() => true)
+}
+
+module.exports = {totem, pair, isPaired}
--- a/lib/routes.js
+++ b/lib/routes.js
@ -223,11 +223,14 @@ function verifyTx (req, res) {
 }

 function pair (req, res) {
-  // const token = req.body.token
-  // const name = req.body.name
+  const token = req.body.token
+  const deviceId = getDeviceId(req)

-  // TODO: Pair
-  res.json({success: true})
+  return pair.pair(token, deviceId)
+  .then(valid => {
+    if (valid) return res.status(200).end()
+    return res.status(408).end()
+  })
 }

 function phoneCode (req, res) {
--- a/todo.txt
+++ b/todo.txt
@ -102,3 +102,5 @@ options: configure per machine; configure per crypto/fiat
 - cartridge counts -- where to store? already in db, not ideal but can fix later

 - twoWayMode should be per crypto
+
+- add cassette count handling in machines/actions in admin