|
|
@@ -1,6 +1,7 @@
|
|
|
var passport = require('passport-strategy')
|
|
|
, siwe = require('siwe')
|
|
|
, util = require('util')
|
|
|
+ , SessionStore = require('./store/session');
|
|
|
|
|
|
function Strategy(options, verify) {
|
|
|
if (typeof options == 'function') {
|
|
|
@@ -12,6 +13,7 @@ function Strategy(options, verify) {
|
|
|
this.name = 'ethereum';
|
|
|
this._verify = verify;
|
|
|
this._passReqToCallback = options.passReqToCallback;
|
|
|
+ this._store = options.store || new SessionStore();
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
@@ -30,34 +32,40 @@ Strategy.prototype.authenticate = function(req, options) {
|
|
|
if (!signature) { return this.fail({ message: 'Missing signature' }, 400); }
|
|
|
|
|
|
var self = this;
|
|
|
-
|
|
|
var siweMessage = new siwe.SiweMessage(message);
|
|
|
|
|
|
- siweMessage.validate(signature)
|
|
|
- .then(function(message) {
|
|
|
- console.log('valid!');
|
|
|
- console.log(message);
|
|
|
+ this._store.verify(req, siweMessage.nonce, function(err, ok, info) {
|
|
|
+ if (!ok) {
|
|
|
+ return self.fail(info, 403);
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ siweMessage.validate(signature)
|
|
|
+ .then(function(message) {
|
|
|
+ console.log('valid!');
|
|
|
+ console.log(message);
|
|
|
|
|
|
|
|
|
- function verified(err, user, info) {
|
|
|
- if (err) { return self.error(err); }
|
|
|
- if (!user) { return self.fail(info); }
|
|
|
- self.success(user, info);
|
|
|
- }
|
|
|
+ function verified(err, user, info) {
|
|
|
+ if (err) { return self.error(err); }
|
|
|
+ if (!user) { return self.fail(info); }
|
|
|
+ self.success(user, info);
|
|
|
+ }
|
|
|
|
|
|
- try {
|
|
|
- if (self._passReqToCallback) {
|
|
|
- self._verify(req, message.address, verified);
|
|
|
- } else {
|
|
|
- self._verify(message.address, verified);
|
|
|
+ try {
|
|
|
+ if (self._passReqToCallback) {
|
|
|
+ self._verify(req, message.address, verified);
|
|
|
+ } else {
|
|
|
+ self._verify(message.address, verified);
|
|
|
+ }
|
|
|
+ } catch (ex) {
|
|
|
+ return self.error(ex);
|
|
|
}
|
|
|
- } catch (ex) {
|
|
|
- return self.error(ex);
|
|
|
- }
|
|
|
- })
|
|
|
- .catch(function(err) {
|
|
|
- return self.fail({ message: 'Invalid signature' });
|
|
|
- });
|
|
|
+ })
|
|
|
+ .catch(function(err) {
|
|
|
+ return self.fail({ message: 'Invalid signature' });
|
|
|
+ });
|
|
|
+ });
|
|
|
};
|
|
|
|
|
|
/**
|
Jared Hanson