From cdf24f899c8bd80753630ab3a4616a1a863289f8 Mon Sep 17 00:00:00 2001 From: Type-Style Date: Mon, 2 Sep 2024 21:19:32 +0200 Subject: [PATCH] [CHANGE] #84, writing key check to be simpler, introduced scripts for setting up environment variables --- .eslintrc.json | 2 +- .github/workflows/main.yml | 5 ++--- init/generateKey.js | 30 ++++++++++++++++++++++++++++++ init/generatePassword.js | 29 +++++++++++++++++++++++++++++ src/models/entry.ts | 4 ++-- src/scripts/crypt.ts | 4 ++-- src/scripts/token.ts | 4 ++-- src/tests/login.test.ts | 1 - 8 files changed, 68 insertions(+), 11 deletions(-) create mode 100644 init/generateKey.js create mode 100644 init/generatePassword.js diff --git a/.eslintrc.json b/.eslintrc.json index f09bcb4..c69a5cb 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -22,6 +22,6 @@ //"@typescript-eslint/no-unused-vars": "warn" "jest/no-conditional-expect": "off" }, - "ignorePatterns": ["dist", "jest.config.js", "httpdocs", "webpack.config.js", "src/client"] + "ignorePatterns": ["dist", "jest.config.js", "httpdocs", "webpack.config.js", "src/client", "init"] } diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e31f256..1817825 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,8 +14,7 @@ jobs: NODE_ENV: ${{ vars.NODE_ENV }} LOCALHOST: ${{ vars.LOCALHOST }} LOCALHOSTV6: ${{ vars.LOCALHOSTV6 }} - KEYA: ${{ secrets.KEYA }} - KEYB: ${{ secrets.KEYB }} + KEY: ${{ secrets.KEY }} USER_TEST: ${{ secrets.USER_TEST }} steps: @@ -30,7 +29,7 @@ jobs: - run: npm run build --if-present - name: Start server run: | - sudo NODE_ENV=$NODE_ENV LOCALHOST=$LOCALHOST LOCALHOSTV6=$LOCALHOSTV6 KEYA=$KEYA KEYB=$KEYB USER_TEST=$USER_TEST npm start & + sudo NODE_ENV=$NODE_ENV LOCALHOST=$LOCALHOST LOCALHOSTV6=$LOCALHOSTV6 KEY=$KEY USER_TEST=$USER_TEST npm start & sleep 15 # Give server some time to start - name: Check if server is running run: | diff --git a/init/generateKey.js b/init/generateKey.js new file mode 100644 index 0000000..e2633f0 --- /dev/null +++ b/init/generateKey.js @@ -0,0 +1,30 @@ +/* +* Usage: open console run: node init/generateKey.js +* type desired key and hit enter +* copy output to .env add a line starting with: +* KEY= +* directly followed by your output +*/ + +// Import required modules +const readline = require('readline'); + +// set up readline to read input from the console +const rl = readline.createInterface({ + input: process.stdin, + output: process.stdout +}); + +// Prompt user for input +rl.question('Enter the string to be encoded: ', (input) => { + // encode to escape special chars + const escapedString = encodeURIComponent(input); + + // convert the escaped string to base64 + const base64String = Buffer.from(escapedString).toString('base64'); + + // print the result + console.log('Base64 Encoded String:', base64String); + + rl.close(); +}); \ No newline at end of file diff --git a/init/generatePassword.js b/init/generatePassword.js new file mode 100644 index 0000000..c9afad4 --- /dev/null +++ b/init/generatePassword.js @@ -0,0 +1,29 @@ +/* +* This is used to setup Passwords initially +* You can create passwords using the same logic as in the environment +* Prerequisite: You need to have KEY already generated! +* Run the build command from the package.json (npm run build) +* Then call the compiled version of this script using the key as environment variable like so: +* KEY=your-key node ./init/generatePassword.js +* Enter your password +* Copy that to the Environment Variables and .env file +* USER-WHATEVER= +* followed by the output of the console +*/ + +// Import required modules +const readline = require('readline'); +const { crypt } = require('../dist/scripts/crypt'); + +// Set up readline to read input from the console +const rl = readline.createInterface({ + input: process.stdin, + output: process.stdout +}); + +// Prompt user for input +rl.question('Enter Password to be generated: ', async (input) => { + const cryptedPassword = await crypt(input); + console.log(cryptedPassword); + rl.close(); +}); \ No newline at end of file diff --git a/src/models/entry.ts b/src/models/entry.ts index 799177b..cec338c 100644 --- a/src/models/entry.ts +++ b/src/models/entry.ts @@ -138,12 +138,12 @@ export function checkTime(value: string) { async function checkKey(value: string) { if (!value) { throw new Error('Key required'); } - if (!process.env.KEYB) { throw new Error('Configuration wrong'); } + if (!process.env.KEY) { throw new Error('Configuration wrong: KEY is missing in environment variables'); } if (process.env.NODE_ENV != "production" && value == "test") { return true; // dev testing convenience } - const result = await compare(decodeURIComponent(value), process.env.KEYB); + const result = Buffer.from(encodeURIComponent(value)).toString('base64') == process.env.KEY; if (!result) { throw new Error('Key does not match'); diff --git a/src/scripts/crypt.ts b/src/scripts/crypt.ts index 6bef0df..3ce03db 100644 --- a/src/scripts/crypt.ts +++ b/src/scripts/crypt.ts @@ -12,7 +12,7 @@ export const compare = async function (password: string, hash: string) { } function pepper(password: string) { - const key = process.env.KEYA; - if (!key) { throw new Error('KEYA is not defined in the environment variables'); } + const key = process.env.KEY; + if (!key) { throw new Error('KEY is not defined in the environment variables'); } return password + crypto.createHmac('sha256', key).digest("base64"); } diff --git a/src/scripts/token.ts b/src/scripts/token.ts index 9a012f2..4dc99ec 100644 --- a/src/scripts/token.ts +++ b/src/scripts/token.ts @@ -44,7 +44,7 @@ export function cleanupCSRF() { } export function validateJWT(req: Request) { - const key = process.env.KEYA; + const key = process.env.KEY; const header = req.header('Authorization'); const [type, token] = header ? header.split(' ') : ""; let payload: string | jwt.JwtPayload = ""; @@ -78,7 +78,7 @@ export function validateJWT(req: Request) { } export function createJWT(req: Request, res: Response) { - const key = process.env.KEYA; + const key = process.env.KEY; if (!key) { throw new Error('Configuration is wrong'); } const today = new Date(); const dateString = today.toLocaleDateString("de-DE", { weekday: "short", year: 'numeric', month: 'numeric', day: 'numeric', hour: '2-digit', minute: '2-digit', second: '2-digit' }); diff --git a/src/tests/login.test.ts b/src/tests/login.test.ts index e7a593e..0a934bd 100644 --- a/src/tests/login.test.ts +++ b/src/tests/login.test.ts @@ -81,7 +81,6 @@ describe('Login', () => { it('test invalid credentials to return error', async () => { try { userDataWithToken.csrfToken = csrfToken; - console.log("csrfToken %o", userDataWithToken.csrfToken); await axios.post('http://localhost:80/login', qs.stringify(userDataWithToken)); } catch (error) { const axiosError = error as AxiosError;