Await sodium library initialisation before using it. Fixes #40

5e840488 · Aral Balkan · c83ebb2e · 5e840488
Verified Commit 5e840488 authored Apr 25, 2018 by Aral Balkan
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 13 deletions

server/index.js server/index.js +11 -13

No files found.
--- a/server/index.js
+++ b/server/index.js
@@ -23,9 +23,10 @@ function startFeathersServer () {
  })
 }

-// On first run of the server only, create a server secret. This
+// If it doesn’t already exist, create a server secret. This
 // server secret is used to sign the JSON Web Tokens that we use
-// for stateless authentication.
+// for stateless authentication. (This should only happen on first run of
+// an instance unless the server secret is manually deleted on the server.)
 async function createAndPersitServerSecretIfItDoesntAlreadyExist () {
  if (!app.get('serverSecretFileExists')) {
    //
@@ -34,17 +35,14 @@ async function createAndPersitServerSecretIfItDoesntAlreadyExist () {
    //
    logger.info('Server secret does not exist, creating this one time.')

-    try {
-      // Create a server secret as the owner of the site is registering. This is
-      // the secret that we will use to sign JSON Web Tokens (JWTs).
-      const serverSecret = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES)
-      const serverSecretInHex = sodium.to_hex(serverSecret)
-      const serverSecretObject = { serverSecret: serverSecretInHex }
-    } catch (error) {
-      const message = `Error trying to use sodium. ${error}`
-      logger.error(message)
-      throw new Error(message)
-    }
+    // Sodium’s initialisation is asynchronous. Wait for it complete before using it.
+    await sodium.ready
+
+    // Create a server secret as the owner of the site is registering. This is
+    // the secret that we will use to sign JSON Web Tokens (JWTs).
+    const serverSecret = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES)
+    const serverSecretInHex = sodium.to_hex(serverSecret)
+    const serverSecretObject = { serverSecret: serverSecretInHex }

    try {
      // Write the keys file to a data file in a directory for this spike that