add JWT

TryQuiet · Oct 10, 2023 · 8913c3d · 8913c3d
1 parent 3dbbae3
commit 8913c3d
Show file tree

Hide file tree

Showing 6 changed files with 278 additions and 16 deletions.
diff --git a/packages/backend/src/nest/app.module.ts b/packages/backend/src/nest/app.module.ts
@@ -32,7 +32,7 @@ import { Server as SocketIO } from 'socket.io'
 import { StorageModule } from './storage/storage.module'
 import { IpfsModule } from './ipfs/ipfs.module'
 import { Level } from 'level'
-import { getCors } from './common/utils'
+import { verifyJWT } from '@quiet/common'
 
 @Global()
 @Module({
@@ -103,11 +103,17 @@ export class AppModule {
               pingTimeout: 1000_000,
             })
             io.use((socket, next) => {
-              const socketIOToken = socket.handshake.headers['authorization']
-              console.log('token - client side', socketIOToken)
-              console.log('token - server side', options.socketIOToken)
-              // validate JWT token
-              next()
+              const authToken = socket.handshake.headers['authorization']
+              const socketIOToken = authToken && authToken.split(' ')[1]
+
+              if (!socketIOToken) {
+                throw new Error('no auth token')
+              }
+              if (verifyJWT(socketIOToken)) {
+                next()
+              } else {
+                new Error('Socket authentication error')
+              }
             })
             return { server, io }
           },

diff --git a/packages/common/package-lock.json b/packages/common/package-lock.json
diff --git a/packages/common/package.json b/packages/common/package.json
@@ -19,6 +19,7 @@
   "devDependencies": {
     "@quiet/eslint-config": "^1.3.0",
     "@types/jest": "^26.0.23",
+    "@types/jsonwebtoken": "^9.0.3",
     "@types/node": "^17.0.21",
     "jest": "^26.6.3",
     "ts-jest": "^26.5.2",
@@ -27,7 +28,8 @@
   "dependencies": {
     "@quiet/types": "^1.8.1",
     "cross-env": "^5.2.0",
-    "debug": "^4.3.1"
+    "debug": "^4.3.1",
+    "jsonwebtoken": "^9.0.2"
   },
   "jest": {
     "transform": {

diff --git a/packages/common/src/index.ts b/packages/common/src/index.ts
@@ -7,3 +7,4 @@ export * from './sortPeers'
 export * from './channelAddress'
 export * from './naming'
 export * from './fileData'
+export * from './jwt'
diff --git a/packages/common/src/jwt.ts b/packages/common/src/jwt.ts
@@ -0,0 +1,17 @@
+import { sign, verify } from 'jsonwebtoken'
+
+interface JwtPayload {
+  appName: string
+}
+
+const SECRET = 'secret' //temporary
+const APP_NAME = 'Quiet'
+
+export const generateJWT = () => {
+  return sign({ appName: APP_NAME }, SECRET, { algorithm: 'HS256' })
+}
+
+export const verifyJWT = (token: string): boolean => {
+  const isVerify = verify(token, SECRET) as JwtPayload
+  return isVerify.appName === APP_NAME ? true : false
+}