Acasă Explorează Ajutor
Înregistrare Autentificare
MTDAO
/
passport-ethereum-fork
3
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: main
Ramuri Etichete
passport-ethere...
/
lib
/
strategy.js

strategy.js 2.7 KB
Permalink Istoric Crud

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. var passport = require('passport-strategy')
    2. 

  2.   , siwe = require('siwe')
    3. 

  3.   , url = require('url')
    4. 

  4.   , util = require('util')
    5. 

  5.   , utils = require('./utils')
    6. 

  6.   , SessionStore = require('./store/session');
    7. 

  7. 

  8. function Strategy(options, verify) {
    9. 

  9.   if (typeof options == 'function') {
    10. 

  10.     verify = options;
    11. 

  11.     options = {};
    12. 

  12.   }
    13. 

  13.   if (!verify) { throw new TypeError('EthereumStrategy requires a verify function'); }
    14. 

  14.   
    15. 

  15.   this.name = 'ethereum';
    16. 

  16.   this._verify = verify;
    17. 

  17.   this._passReqToCallback = options.passReqToCallback;
    18. 

  18.   this._store = options.store || new SessionStore();
    19. 

  19. }
    20. 

  20. 

  21. /**
    22. 

  22.  * Inherit from `passport.Strategy`.
    23. 

  23.  */
    24. 

  24. util.inherits(Strategy, passport.Strategy);
    25. 

  25. 

  26. Strategy.prototype.authenticate = function(req, options) {
    27. 

  27.   //console.log(req.body);
    28. 

  28.   
    29. 

  29.   var message = req.body.message
    30. 

  30.     , signature = req.body.signature;
    31. 

  31.   
    32. 

  32.   if (!message) { return this.fail({ message: 'Missing message.' }, 400); }
    33. 

  33.   if (!signature) { return this.fail({ message: 'Missing signature.' }, 400); }
    34. 

  34.   
    35. 

  35.   var self = this;
    36. 

  36.   
    37. 

  37.   var siweMessage;
    38. 

  38.   try {
    39. 

  39.     var siweMessage = new siwe.SiweMessage(message);
    40. 

  40.   } catch(ex) {
    41. 

  41.     return self.fail({ message: 'Malformed message.' }, 403);
    42. 

  42.   }
    43. 

  43.   
    44. 

  44.   var origin = utils.originalOrigin(req);
    45. 

  45.   if (origin !== siweMessage.uri) {
    46. 

  46.     return self.fail({ message: 'URI mismatch.' }, 403);
    47. 

  47.   }
    48. 

  48.   
    49. 

  49.   const domain = new URL(req.get("origin")).host;
    50. 

  50.   if (domain !== siweMessage.domain) {
    51. 

  51.     return self.fail({ message: 'Domain mismatch.' }, 403);
    52. 

  52.   }
    53. 

  53.   
    54. 

  54.   if (siweMessage.notBefore) {
    55. 

  55.     if (new Date(siweMessage.notBefore).getTime() > new Date().getTime()) {
    56. 

  56.       return self.fail({ message: 'Message not yet valid.' }, 403);
    57. 

  57.     }
    58. 

  58.   }
    59. 

  59.   
    60. 

  60.   this._store.verify(req, siweMessage.nonce, function(err, ok, info) {
    61. 

  61.     if (!ok) {
    62. 

  62.       return self.fail(info, 403);
    63. 

  63.     }
    64. 

  64.   
    65. 

  65.     siweMessage.validate(signature)
    66. 

  66.       .then(function(message) {
    67. 

  67.         function verified(err, user, info) {
    68. 

  68.           if (err) { return self.error(err); }
    69. 

  69.           if (!user) { return self.fail(info); }
    70. 

  70.           self.success(user, info);
    71. 

  71.         }
    72. 

  72.       
    73. 

  73.         try {
    74. 

  74.           if (self._passReqToCallback) {
    75. 

  75.             self._verify(req, message.address, verified);
    76. 

  76.           } else {
    77. 

  77.             var arity = self._verify.length;
    78. 

  78.             switch (arity) {
    79. 

  79.             case 3:
    80. 

  80.               return self._verify(message.address, message.chainId, verified);
    81. 

  81.             default:
    82. 

  82.               return self._verify(message.address, verified);
    83. 

  83.             }
    84. 

  84.           }
    85. 

  85.         } catch (ex) {
    86. 

  86.           return self.error(ex);
    87. 

  87.         }
    88. 

  88.       })
    89. 

  89.       .catch(function(err) {
    90. 

  90.         return self.fail({ message: err.message || 'Invalid signature.' }, 403);
    91. 

  91.       });
    92. 

  92.   });
    93. 

  93. };
    94. 

  94. 

  95. /**
    96. 

  96.  * Expose `Strategy`.
    97. 

  97.  */
    98. 

  98. module.exports = Strategy;
    99.