Commit cc3b8e7a authored by Frauke's avatar Frauke

Initial commit

parents
# http://editorconfig.org
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
[*.md]
trim_trailing_whitespace = false
# Logs
logs
*.log
# Runtime data
pids
*.pid
*.seed
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Compiled binary addons (http://nodejs.org/api/addons.html)
build/Release
# Dependency directory
# Commenting this out is preferred by some people, see
# https://www.npmjs.org/doc/misc/npm-faq.html#should-i-check-my-node_modules-folder-into-git-
node_modules
# Users Environment Variables
.lock-wscript
# IDEs and editors (shamelessly copied from @angular/cli's .gitignore)
/.idea
.project
.classpath
.c9/
*.launch
.settings/
*.sublime-workspace
# IDE - VSCode
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
### Linux ###
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
### OSX ###
*.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
### Windows ###
# Windows thumbnail cache files
Thumbs.db
ehthumbs.db
ehthumbs_vista.db
# Folder config file
Desktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msm
*.msp
# Windows shortcuts
*.lnk
# Others
lib/
data/
public/js/*
server/files
The MIT License (MIT)
Copyright (c) 2015 Feathers
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
# publickey-auth-feathers
> Spike 5
## About
This project uses [Feathers](http://feathersjs.com). An open source web framework for building modern real-time applications.
## Getting Started
Getting up and running is as easy as 1, 2, 3.
1. Make sure you have [NodeJS](https://nodejs.org/) and [npm](https://www.npmjs.com/) installed.
2. Install your dependencies
```
cd path/to/publickey-auth-feathers; npm install
```
3. Start your app
```
npm start
```
## Testing
Simply run `npm test` and all your tests in the `test/` directory will be run.
## Scaffolding
Feathers has a powerful command line interface. Here are a few things it can do:
```
$ npm install -g @feathersjs/cli # Install Feathers CLI
$ feathers generate service # Generate a new Service
$ feathers generate hook # Generate a new Hook
$ feathers generate model # Generate a new Model
$ feathers help # Show all commands
```
## Help
For more information on all the things you can do with Feathers visit [docs.feathersjs.com](http://docs.feathersjs.com).
## Changelog
__0.1.0__
- Initial release
## License
Copyright (c) 2016
Licensed under the [MIT license](LICENSE).
// Basic helper functions to directly write stuff to indexedDB through the browserAPI.
// Might be that we need to implement a shim for older browsers (shimIndexedDB)
function callOnStore (dbname, storeName, fn_) {
const indexedDB = window.indexedDB || window.mozIndexedDB || window.webkitIndexedDB || window.msIndexedDB
// Open or create the database.
const request = indexedDB.open(dbname, 1)
// Create the schema
request.onupgradeneeded = () => {
let db = request.result
let store = db.createObjectStore(storeName, {keyPath: 'id'})
}
request.onsuccess = () => {
let db = request.result
let transaction = db.transaction(storeName, 'readwrite')
let store = transaction.objectStore(storeName)
fn_(store)
transaction.oncomplete = () => db.close()
}
}
module.exports = {
callOnStore
}
const sodium = require('libsodium-wrappers')
class Keys {
/**
* keyLength has been set to 32. This to be able to use the secretbox
* method inside libsodium.
*/
constructor () {
this.privateKey
this.publicKey
this.password
this.encryptedPrivateKey
this.keySettings = {
keyLength: 32,
opslimit: sodium.crypto_pwhash_OPSLIMIT_MODERATE,
memlimit: 10777215,
algorithm: sodium.crypto_pwhash_ALG_DEFAULT,
saltBytes: sodium.crypto_pwhash_SALTBYTES
}
this.salt = sodium.randombytes_buf(this.keySettings.saltBytes)
this.nonce = sodium.randombytes_buf(24)
}
generateKeys () {
const keyPair = sodium.crypto_sign_keypair()
this.publicKey = keyPair.publicKey
this.privateKey = keyPair.privateKey
}
encryptPassword (password) {
this.password = sodium.crypto_pwhash(this.keySettings.keyLength, password, this.salt, this.keySettings.opslimit, this.keySettings.memlimit, this.keySettings.algorithm)
}
encryptPrivateKey () {
this.encryptedPrivateKey = sodium.crypto_secretbox_easy(this.privateKey, this.nonce, this.password)
}
decryptPrivateKey () {
this.privateKey = sodium.crypto_secretbox_open_easy(this.encryptedPrivateKey, this.nonce, this.password)
}
signMessage (nonce) {
return sodium.crypto_sign(nonce, this.privateKey)
}
stringify (value) {
return sodium.to_hex(value)
}
parse (value) {
return sodium.from_hex(value)
}
}
module.exports = Keys
const indexedDB = require('./indexedDB')
const form = document.getElementById('logout')
form.addEventListener('submit', (e) => {
e.preventDefault()
indexedDB.callOnStore('Indienet', 'keyStore', (store) => {
store.clear()
window.location = '/sign-in.html'
})
})
const axios = require('axios')
// Custom modules
const indexedDB = require('./indexedDB')
const Keys = require('./keys')
const form = document.getElementById('register')
const privateForm = document.getElementById('private')
function loadedKeyPair () {
indexedDB.callOnStore('testkeystore', 'keyStore', (store) => {
const getData = store.get(1)
getData.onsuccess = (event) => {
const keys = getData.result.keys
}
})
}
// loadedKeyPair()
form.addEventListener('submit', (e) => {
e.preventDefault()
const password = e.target.password.value
const keyPair = new Keys()
keyPair.generateKeys()
keyPair.encryptPassword(password)
keyPair.encryptPrivateKey()
console.log(keyPair)
const postKeys = axios.post('keys',
{
salt: keyPair.stringify(keyPair.salt),
nonce: keyPair.stringify(keyPair.nonce),
publicKey: keyPair.stringify(keyPair.publicKey),
privateKey: keyPair.stringify(keyPair.encryptedPrivateKey)
})
postKeys.then((values) => {
indexedDB.callOnStore('Indienet', 'keyStore', (store) => {
store.put({
id: 1,
unencryptedPrivateKey: keyPair.privateKey
})
})
}).catch((err) => {
console.log(err)
})
})
privateForm.addEventListener('submit', (e) => {
e.preventDefault()
indexedDB.callOnStore('Indienet', 'keyStore', (store) => {
const getData = store.get(2)
getData.onsuccess = (event) => {
const jwt = getData.result.jwt
axios({
url: 'private',
method: 'get',
headers: { 'Authorization': `Bearer ${jwt}` }
}).then((data) => {
console.log(data)
}).catch((err) => {
console.log(err)
})
}
})
})
const axios = require('axios')
// Custom modules
const indexedDB = require('./indexedDB')
const form = document.getElementById('sign-in')
const Keys = require('./keys')
form.addEventListener('submit', (e) => {
e.preventDefault()
const password = e.target.password.value
let key = new Keys()
axios.get('keys/privatekey').then(function (response) {
key.salt = key.parse(response.data.salt)
key.nonce = key.parse(response.data.nonce)
key.encryptedPrivateKey = key.parse(response.data.encryptedPrivateKey)
key.encryptPassword(password)
key.decryptPrivateKey()
// Save private key to indexedDB.
indexedDB.callOnStore('Indienet', 'keyStore', (store) => {
store.put({
id: 1,
unencryptedPrivateKey: key.privateKey
})
})
return axios.get('authorize/nonce')
}).then((nonce) => {
const signedMessage = key.signMessage(key.parse(nonce.data))
return axios.post('authorize', {
signedMessage: key.stringify(signedMessage)
})
}).then((jwt) => {
indexedDB.callOnStore('Indienet', 'keyStore', (store) => {
store.put({
id: 2,
jwt: jwt.data
})
})
window.location = 'signed-in.html'
}).catch((err) => {
console.log(err)
})
})
{
"host": "localhost",
"port": 3030,
"public": "../public/",
"paginate": {
"default": 10,
"max": 50
}
}
{
"host": "publickey-auth-feathers-app.feathersjs.com",
"port": "PORT"
}
var browserify = require('browserify')
var gulp = require('gulp')
var source = require('vinyl-source-stream')
var rename = require('gulp-rename')
var glob = require('glob')
var es = require('event-stream')
gulp.task('js:bundle', function (done) {
glob('./client/**/**.js', function (err, files) {
if (err) done(err)
var tasks = files.map(function (entry) {
return browserify({ entries: [entry] })
.bundle()
.pipe(source(entry))
.pipe(rename({
dirname: ''
}))
.pipe(gulp.dest('./public/js'))
})
es.merge(tasks).on('end', done)
})
})
gulp.task('watch', () =>
gulp.watch('./client/**/*.js', ['js:bundle'])
)
This diff is collapsed.
{
"name": "publickey-auth-feathers",
"description": "Spike 5",
"version": "0.0.0",
"homepage": "http://indienet.info/spikes/security",
"main": "server",
"keywords": [
"feathers"
],
"repository": {
"type": "git",
"url": "git@source.ind.ie:indienet/spikes/security/publickey-auth-feathers.git"
},
"author": {
"name": "Wim Vantomme",
"email": "wim.vantomme@daraja.be"
},
"contributors": [
"Frauke Vanderzijpen <frauke.vanderzijpen@digipolis.gent>"
],
"license": "AGPLv3",
"bugs": {},
"directories": {
"lib": "server",
"test": "test/"
},
"engines": {
"node": "^8.0.0",
"npm": ">= 3.0.0"
},
"scripts": {
"test": "npm run eslint && npm run mocha",
"start": "node server/",
"watch": "nodemon server",
"mocha": "mocha test/ --recursive --exit"
},
"dependencies": {
"@feathersjs/authentication": "^2.1.1",
"@feathersjs/authentication-jwt": "^2.0.0",
"@feathersjs/configuration": "^1.0.2",
"@feathersjs/errors": "^3.2.2",
"@feathersjs/express": "^1.1.2",
"@feathersjs/feathers": "^3.0.5",
"@feathersjs/socketio": "^3.0.2",
"axios": "^0.17.1",
"compression": "^1.7.1",
"cors": "^2.8.4",
"helmet": "^3.9.0",
"jsonwebtoken": "^8.1.1",
"libsodium-wrappers": "^0.7.3",
"passport-custom": "^1.0.5",
"serve-favicon": "^2.4.5",
"winston": "^2.4.0"
},
"devDependencies": {
"browserify": "^15.2.0",
"event-stream": "^3.3.4",
"glob": "^7.1.2",
"gulp": "^3.9.1",
"gulp-rename": "^1.2.2",
"mocha": "^5.0.0",
"request": "^2.83.0",
"request-promise": "^4.2.2",
"standard": "^10.0.3",
"vinyl-source-stream": "^2.0.0"
}
}
<html>
<head>
<title>Welcome to Indienet spike 5!</title>
</head>
<body>
<form action="register" method="post" id="register">
<label for="password">Password</label>
<input type="password" name="password" id="password">
<input type="submit" value="Create site">
</form>
<form action="private" id="private">
<input type="submit" value="Get private data">
</form>
<script src="js/script.js"></script>
</body>
</html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Document</title>
</head>
<body>
<h1>Welcome to Igent</h1>
<p>Please sign in on your website</p>
<form action="sign-in" method="post" id="sign-in">
<label for="password">Password</label>
<input type="password" name="password" id="password">
<input type="submit" value="Create site">
</form>
<script src="js/sign-in.js"></script>
</body>
</html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Succesfully signed in</title>
</head>
<body>
<h1>Welcome to my.gent</h1>
<p>This is my personal space</p>
<form action="logout" id="logout">
<input type="submit" value="Log out">
</form>
<script src="js/logout.js"></script>
</body>
</html>
\ No newline at end of file
// Application hooks that run for every service
const logger = require('./hooks/logger')
module.exports = {
before: {
all: [ logger() ],
find: [],
get: [],
create: [],
update: [],
patch: [],
remove: []
},
after: {
all: [ logger() ],
find: [],
get: [],
create: [],
update: [],
patch: [],
remove: []
},
error: {
all: [ logger() ],
find: [],
get: [],
create: [],
update: [],
patch: [],
remove: []
}
}
const path = require('path')
const favicon = require('serve-favicon')
const compress = require('compression')
const cors = require('cors')
const helmet = require('helmet')
const logger = require('winston')
const feathers = require('@feathersjs/feathers')
const configuration = require('@feathersjs/configuration')
const express = require('@feathersjs/express')
const socketio = require('@feathersjs/socketio