WIP

2016-11-06 20:07:49 +00:00 · 2016-11-06 20:07:49 +00:00 · 855546f886
commit 855546f886
parent 1771467474
7 changed files with 157 additions and 131 deletions
--- a/lib/routes.js
+++ b/lib/routes.js
@ -1,5 +1,7 @@
 'use strict'

+const helmet = require('helmet')
+const bodyParser = require('body-parser')
 const BigNumber = require('bignumber.js')
 const logger = require('./logger')
 const configManager = require('./config-manager')
@ -332,13 +334,34 @@ function filterOldRequests (req, res, next) {
  next()
 }

+function authorize (req, res, next) {
+  const deviceId = req.connection.getPeerCertificate().fingerprint
+  console.log(deviceId)
+
+  return pair.isPaired(deviceId)
+  .then(r => {
+    if (r) {
+      req.deviceId = deviceId
+      return next()
+    }
+
+    throw new Error('Unauthorized')
+  })
+  .catch(e => res.status(403).end())
+}
+
 function init (opts) {
  plugins = opts.plugins

-  const authMiddleware = opts.authMiddleware
  const app = opts.app
  const localApp = opts.localApp

+  const authMiddleware = opts.devMode
+  ? (req, res, next) => next()
+  : authorize
+
+  app.use(helmet())
+  app.use(bodyParser.json())
  app.use(filterOldRequests)
  app.post('*', cacheAction)