MAJOR: Updates for Authenticated Web UI and CLI #30
@ -707,6 +707,10 @@ function parseConfig(err, text) {
|
|||||||
}).then(function (resp) {
|
}).then(function (resp) {
|
||||||
//nonce = resp.headers['replay-nonce'];
|
//nonce = resp.headers['replay-nonce'];
|
||||||
if (!resp.body || 'valid' !== resp.body.status) {
|
if (!resp.body || 'valid' !== resp.body.status) {
|
||||||
|
console.error('request jws:', jws);
|
||||||
|
console.error('response:');
|
||||||
|
console.error(resp.headers);
|
||||||
|
console.error(resp.body);
|
||||||
throw new Error("did not successfully create or restore account");
|
throw new Error("did not successfully create or restore account");
|
||||||
}
|
}
|
||||||
return RC.requestAsync({ service: 'config', method: 'GET' }).catch(function (err) {
|
return RC.requestAsync({ service: 'config', method: 'GET' }).catch(function (err) {
|
||||||
|
|||||||
@ -1049,11 +1049,14 @@ function handleApi() {
|
|||||||
function mustTrust(req, res, next) {
|
function mustTrust(req, res, next) {
|
||||||
// TODO public routes should be explicitly marked
|
// TODO public routes should be explicitly marked
|
||||||
// trusted should be the default
|
// trusted should be the default
|
||||||
if (req.trusted) { next(); }
|
if (!req.trusted) {
|
||||||
res.statusCode = 400;
|
res.statusCode = 400;
|
||||||
res.send({"error":{"message": "this type of requests must be encoded as a jws payload"
|
res.send({"error":{"message": "this type of requests must be encoded as a jws payload"
|
||||||
+ " and signed by a trusted account holder"}});
|
+ " and signed by a trusted account holder"}});
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
next();
|
||||||
}
|
}
|
||||||
app.use(/\b(relay)\b/, mustTrust, controllers.relay);
|
app.use(/\b(relay)\b/, mustTrust, controllers.relay);
|
||||||
app.get(/\b(config)\b/, mustTrust, getConfigOnly);
|
app.get(/\b(config)\b/, mustTrust, getConfigOnly);
|
||||||
@ -1076,7 +1079,10 @@ function handleApi() {
|
|||||||
app.use(/\b(status)\b/, mustTrust, getStatus);
|
app.use(/\b(status)\b/, mustTrust, getStatus);
|
||||||
app.use(/\b(list)\b/, mustTrust, listSuccess);
|
app.use(/\b(list)\b/, mustTrust, listSuccess);
|
||||||
app.use('/', function (req, res) {
|
app.use('/', function (req, res) {
|
||||||
res.send({"error":{"message":"unrecognized rpc"}});
|
res.send({"error":{"message":"unrecognized rpc: [" + req.method + "] " + req.url + "\n"
|
||||||
|
+ JSON.stringify(req.headers) + "\n"
|
||||||
|
+ JSON.stringify(req.body) + "\n"
|
||||||
|
}});
|
||||||
});
|
});
|
||||||
|
|
||||||
return app;
|
return app;
|
||||||
|
|||||||
@ -51,16 +51,29 @@ module.exports = function eggspress() {
|
|||||||
res.end(e.message);
|
res.end(e.message);
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
console.log("[eggspress] matched pattern", todo[0], req.url);
|
||||||
console.log("[eggspress] matched pattern", todo[0], req.url);
|
if ('function' === typeof todo[1]) {
|
||||||
var p = todo[1](req, res, next);
|
// TODO this is prep-work
|
||||||
if (p && p.catch) {
|
todo[1] = [todo[1]];
|
||||||
p.catch(fail);
|
|
||||||
}
|
|
||||||
} catch(e) {
|
|
||||||
fail(e);
|
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var fns = todo[1].slice(0);
|
||||||
|
|
||||||
|
function nextTodo(err) {
|
||||||
|
if (err) { fail(err); return; }
|
||||||
|
var fn = fns.shift();
|
||||||
|
if (!fn) { next(err); return; }
|
||||||
|
try {
|
||||||
|
var p = fn(req, res, nextTodo);
|
||||||
|
if (p && p.catch) {
|
||||||
|
p.catch(fail);
|
||||||
|
}
|
||||||
|
} catch(e) {
|
||||||
|
fail(e);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
nextTodo();
|
||||||
}
|
}
|
||||||
|
|
||||||
res.send = eggSend;
|
res.send = eggSend;
|
||||||
@ -68,19 +81,22 @@ module.exports = function eggspress() {
|
|||||||
next();
|
next();
|
||||||
};
|
};
|
||||||
|
|
||||||
app.use = function (pattern, fn) {
|
app.use = function (pattern) {
|
||||||
return app._use('', pattern, fn);
|
var fns = Array.prototype.slice.call(arguments, 1);
|
||||||
|
return app._use('', pattern, fns);
|
||||||
};
|
};
|
||||||
[ 'HEAD', 'GET', 'POST', 'DELETE' ].forEach(function (method) {
|
[ 'HEAD', 'GET', 'POST', 'DELETE' ].forEach(function (method) {
|
||||||
app[method.toLowerCase()] = function (pattern, fn) {
|
app[method.toLowerCase()] = function (pattern) {
|
||||||
return app._use(method, pattern, fn);
|
var fns = Array.prototype.slice.call(arguments, 1);
|
||||||
|
return app._use(method, pattern, fns);
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
app.post = function (pattern, fn) {
|
app.post = function (pattern) {
|
||||||
return app._use('POST', pattern, fn);
|
var fns = Array.prototype.slice.call(arguments, 1);
|
||||||
|
return app._use('POST', pattern, fns);
|
||||||
};
|
};
|
||||||
app._use = function (method, pattern, fn) {
|
app._use = function (method, pattern, fns) {
|
||||||
// always end in a slash, for now
|
// always end in a slash, for now
|
||||||
if ('string' === typeof pattern) {
|
if ('string' === typeof pattern) {
|
||||||
pattern = pattern.replace(/\/$/, '') + '/';
|
pattern = pattern.replace(/\/$/, '') + '/';
|
||||||
@ -94,7 +110,7 @@ module.exports = function eggspress() {
|
|||||||
return b.length - a.length;
|
return b.length - a.length;
|
||||||
});
|
});
|
||||||
*/
|
*/
|
||||||
allPatterns.push([pattern, fn, method.toLowerCase()]);
|
allPatterns.push([pattern, fns, method.toLowerCase()]);
|
||||||
return app;
|
return app;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user