Added public/private keypairs for user (and hid from logging)
This commit is contained in:
Nathan Byrd
parent
dc7f902182
commit
9f33c8b21d
|
|
@ -32,7 +32,7 @@ module.exports = class Log {
|
||||||
};
|
};
|
||||||
|
|
||||||
// try to remove sensitive info by default, e.g. 'password' fields
|
// try to remove sensitive info by default, e.g. 'password' fields
|
||||||
['formData', 'formValue'].forEach(keyName => {
|
['formData', 'formValue', 'user'].forEach(keyName => {
|
||||||
serializers[keyName] = fd => Log.hideSensitive(fd);
|
serializers[keyName] = fd => Log.hideSensitive(fd);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -65,7 +65,7 @@ module.exports = class Log {
|
||||||
//
|
//
|
||||||
return JSON.parse(
|
return JSON.parse(
|
||||||
JSON.stringify(obj).replace(
|
JSON.stringify(obj).replace(
|
||||||
/"(password|passwordConfirm|key|authCode)"\s?:\s?"([^"]+)"/,
|
/"(password|passwordConfirm|key|authCode|private_key_main)"\s?:\s?"([^"]+)"/,
|
||||||
(match, valueName) => {
|
(match, valueName) => {
|
||||||
return `"${valueName}":"********"`;
|
return `"${valueName}":"********"`;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
25
core/user.js
25
core/user.js
|
|
@ -547,6 +547,11 @@ module.exports = class User {
|
||||||
|
|
||||||
async.series(
|
async.series(
|
||||||
[
|
[
|
||||||
|
function setKeyPair(callback) {
|
||||||
|
self.generateMainKeyPair(err => {
|
||||||
|
return callback(err);
|
||||||
|
});
|
||||||
|
},
|
||||||
function saveProps(callback) {
|
function saveProps(callback) {
|
||||||
self.persistProperties(self.properties, trans, err => {
|
self.persistProperties(self.properties, trans, err => {
|
||||||
return callback(err);
|
return callback(err);
|
||||||
|
|
@ -638,6 +643,26 @@ module.exports = class User {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
generateMainKeyPair(cb) {
|
||||||
|
crypto.generateKeyPair('rsa', {
|
||||||
|
modulusLength: 4096,
|
||||||
|
publicKeyEncoding: {
|
||||||
|
type: 'spki',
|
||||||
|
format: 'pem'
|
||||||
|
},
|
||||||
|
privateKeyEncoding: {
|
||||||
|
type: 'pkcs8',
|
||||||
|
format: 'pem'
|
||||||
|
}
|
||||||
|
}, (err, publicKey, privateKey) => {
|
||||||
|
if (!err) {
|
||||||
|
this.setProperty(UserProps.PrivateKeyMain, privateKey);
|
||||||
|
this.setProperty(UserProps.PublicKeyMain, publicKey);
|
||||||
|
}
|
||||||
|
return cb(err);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
persistProperties(properties, transOrDb, cb) {
|
persistProperties(properties, transOrDb, cb) {
|
||||||
if (!_.isFunction(cb) && _.isFunction(transOrDb)) {
|
if (!_.isFunction(cb) && _.isFunction(transOrDb)) {
|
||||||
cb = transOrDb;
|
cb = transOrDb;
|
||||||
|
|
|
||||||
|
|
@ -66,4 +66,6 @@ module.exports = {
|
||||||
AuthFactor2OTP: 'auth_factor2_otp', // If present, OTP type for 2FA. See OTPTypes
|
AuthFactor2OTP: 'auth_factor2_otp', // If present, OTP type for 2FA. See OTPTypes
|
||||||
AuthFactor2OTPSecret: 'auth_factor2_otp_secret', // Secret used in conjunction with OTP 2FA
|
AuthFactor2OTPSecret: 'auth_factor2_otp_secret', // Secret used in conjunction with OTP 2FA
|
||||||
AuthFactor2OTPBackupCodes: 'auth_factor2_otp_backup', // JSON array of backup codes
|
AuthFactor2OTPBackupCodes: 'auth_factor2_otp_backup', // JSON array of backup codes
|
||||||
|
PublicKeyMain: 'public_key_main', // RSA public key for user
|
||||||
|
PrivateKeyMain: 'private_key_main', // RSA private key (corresponding to PublicKeyMain)
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue