Skip to content

Commit

Permalink
use basic auth instead of JWT
Browse files Browse the repository at this point in the history
  • Loading branch information
@Kacper-RF
Kacper-RF committed Oct 11, 2023
1 parent 7701605 commit 6ade751
Show file tree
Hide file tree
Showing 7 changed files with 21 additions and 33 deletions.
14 changes: 7 additions & 7 deletions packages/backend/src/nest/app.module.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ import { Server as SocketIO } from 'socket.io'
import { StorageModule } from './storage/storage.module'
import { IpfsModule } from './ipfs/ipfs.module'
import { Level } from 'level'
import { verifyJWT } from '@quiet/common'
import { verifyToken } from '@quiet/common'

@Global()
@Module({
Expand Down Expand Up @@ -103,16 +103,16 @@ export class AppModule {
pingTimeout: 1000_000,
})
io.engine.use((req, res, next) => {
const authToken = req.headers['authorization']
if (!authToken) {
const authHeader = req.headers['authorization']
if (!authHeader) {
console.error('No authorization header')
res.writeHead(401, 'No authorization header')
res.end()
return
}

const socketIOToken = authToken && authToken.split(' ')[1]
if (!socketIOToken) {
const token = authHeader && authHeader.split(' ')[1]
if (!token) {
console.error('No auth token')
res.writeHead(401, 'No authorization token')
res.end()
Expand All @@ -126,10 +126,10 @@ export class AppModule {
return
}

if (verifyJWT(socketIOToken, options.socketIOSecret)) {
if (verifyToken(options.socketIOSecret, token)) {
next()
} else {
console.error('Wrong JWT')
console.error('Wrong basic token')
res.writeHead(401, 'Unauthorized')
res.end()
}
Expand Down
4 changes: 1 addition & 3 deletions packages/common/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
"devDependencies": {
"@quiet/eslint-config": "^1.3.0",
"@types/jest": "^26.0.23",
"@types/jsonwebtoken": "^9.0.3",
"@types/node": "^17.0.21",
"jest": "^26.6.3",
"ts-jest": "^26.5.2",
Expand All @@ -28,8 +27,7 @@
"dependencies": {
"@quiet/types": "^1.8.1",
"cross-env": "^5.2.0",
"debug": "^4.3.1",
"jsonwebtoken": "^9.0.2"
"debug": "^4.3.1"
},
"jest": {
"transform": {
Expand Down
8 changes: 8 additions & 0 deletions packages/common/src/auth.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
export const generateSecret = () => Math.floor(Math.random() * 100 ** 10).toString()

export const encodeSecret = (secret: string) => Buffer.from(secret).toString('base64')

export const verifyToken = (secret: string, token: string): boolean => {
const decoded = Buffer.from(token, 'base64').toString('ascii')
return decoded === secret
}
2 changes: 1 addition & 1 deletion packages/common/src/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,4 @@ export * from './sortPeers'
export * from './channelAddress'
export * from './naming'
export * from './fileData'
export * from './jwt'
export * from './auth'
18 changes: 0 additions & 18 deletions packages/common/src/jwt.ts
View file

This file was deleted.

2 changes: 1 addition & 1 deletion packages/desktop/src/main/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import { Crypto } from '@peculiar/webcrypto'
import logger from './logger'
import { DATA_DIR, DEV_DATA_DIR } from '../shared/static'
import { fork, ChildProcess } from 'child_process'
import { generateJWT, generateSecret, getFilesData } from '@quiet/common'
import { generateSecret, getFilesData } from '@quiet/common'
import { updateDesktopFile, processInvitationCode } from './invitation'
import { argvInvitationCode, retrieveInvitationCode } from '@quiet/common'
const ElectronStore = require('electron-store')
Expand Down
6 changes: 3 additions & 3 deletions packages/desktop/src/renderer/sagas/socket/socket.saga.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { socketActions } from './socket.slice'
import { eventChannel } from 'redux-saga'
import { displayMessageNotificationSaga } from '../notifications/notifications.saga'
import logger from '../../logger'
import { generateJWT } from '@quiet/common'
import { encodeSecret } from '@quiet/common'

const log = logger('socket')

Expand All @@ -17,11 +17,11 @@ export function* startConnectionSaga(
if (!dataPort) {
log.error('About to start connection but no dataPort found')
}
const jwtToken = generateJWT(socketIOSecret)
const token = encodeSecret(socketIOSecret)
const socket = yield* call(io, `http://127.0.0.1:${dataPort}`, {
withCredentials: true,
extraHeaders: {
authorization: `Bearer ${jwtToken}`,
authorization: `Basic ${token}`,
},
})
yield* fork(handleSocketLifecycleActions, socket)
Expand Down

0 comments on commit 6ade751

Please sign in to comment.