mirror of https://github.com/calzoneman/sync.git
Remove redundant signing logic from IP session cookie
This commit is contained in:
parent
6bfbbc0c01
commit
de309d675e
|
@ -2,7 +2,7 @@
|
||||||
"author": "Calvin Montgomery",
|
"author": "Calvin Montgomery",
|
||||||
"name": "CyTube",
|
"name": "CyTube",
|
||||||
"description": "Online media synchronizer and chat",
|
"description": "Online media synchronizer and chat",
|
||||||
"version": "3.36.0",
|
"version": "3.36.1",
|
||||||
"repository": {
|
"repository": {
|
||||||
"url": "http://github.com/calzoneman/sync"
|
"url": "http://github.com/calzoneman/sync"
|
||||||
},
|
},
|
||||||
|
|
|
@ -2,71 +2,39 @@ import path from 'path';
|
||||||
import fs from 'fs';
|
import fs from 'fs';
|
||||||
import crypto from 'crypto';
|
import crypto from 'crypto';
|
||||||
|
|
||||||
const STATE_FOLDER_PATH = path.resolve(__dirname, '..', '..', '..', 'state');
|
|
||||||
const SALT_PATH = path.resolve(__dirname, '..', '..', '..', 'state', 'ipsessionsalt.json');
|
|
||||||
|
|
||||||
const NO_EXPIRATION = new Date('Fri, 31 Dec 9999 23:59:59 GMT');
|
const NO_EXPIRATION = new Date('Fri, 31 Dec 9999 23:59:59 GMT');
|
||||||
var SALT;
|
|
||||||
try {
|
|
||||||
SALT = require(SALT_PATH);
|
|
||||||
} catch (error) {
|
|
||||||
SALT = crypto.randomBytes(32).toString('base64');
|
|
||||||
try {
|
|
||||||
fs.mkdirSync(STATE_FOLDER_PATH);
|
|
||||||
} catch (error) {
|
|
||||||
if (error.code !== 'EEXIST') {
|
|
||||||
throw error;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
fs.writeFileSync(SALT_PATH, JSON.stringify(SALT));
|
|
||||||
}
|
|
||||||
|
|
||||||
function sha256(input) {
|
|
||||||
var hash = crypto.createHash("sha256");
|
|
||||||
hash.update(input);
|
|
||||||
return hash.digest("base64");
|
|
||||||
}
|
|
||||||
|
|
||||||
export function createIPSessionCookie(ip, date) {
|
export function createIPSessionCookie(ip, date) {
|
||||||
const hashInput = [
|
|
||||||
ip,
|
|
||||||
date.getTime(),
|
|
||||||
SALT
|
|
||||||
].join(':');
|
|
||||||
|
|
||||||
return [
|
return [
|
||||||
date.getTime(),
|
ip,
|
||||||
sha256(hashInput)
|
date.getTime()
|
||||||
].join(':');
|
].join(':');
|
||||||
}
|
}
|
||||||
|
|
||||||
export function verifyIPSessionCookie(ip, cookie) {
|
export function verifyIPSessionCookie(ip, cookie) {
|
||||||
const parts = cookie.split(':');
|
const parts = cookie.split(':');
|
||||||
if (parts.length !== 2) {
|
if (parts.length !== 2) {
|
||||||
return false;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
const timestamp = parseInt(parts[0], 10);
|
if (parts[0] !== ip) {
|
||||||
if (isNaN(timestamp)) {
|
return null;
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const date = new Date(timestamp);
|
const unixtime = parseInt(parts[1], 10);
|
||||||
const expected = createIPSessionCookie(ip, date);
|
const date = new Date(unixtime);
|
||||||
if (expected !== cookie) {
|
if (isNaN(date.getTime())) {
|
||||||
return false;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return { date };
|
||||||
date: date,
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
export function ipSessionCookieMiddleware(req, res, next) {
|
export function ipSessionCookieMiddleware(req, res, next) {
|
||||||
var firstSeen = new Date();
|
let firstSeen = new Date();
|
||||||
var hasSession = false;
|
let hasSession = false;
|
||||||
if (req.signedCookies && req.signedCookies['ip-session']) {
|
if (req.signedCookies && req.signedCookies['ip-session']) {
|
||||||
var sessionMatch = verifyIPSessionCookie(req.realIP, req.signedCookies['ip-session']);
|
const sessionMatch = verifyIPSessionCookie(req.realIP, req.signedCookies['ip-session']);
|
||||||
if (sessionMatch) {
|
if (sessionMatch) {
|
||||||
hasSession = true;
|
hasSession = true;
|
||||||
firstSeen = sessionMatch.date;
|
firstSeen = sessionMatch.date;
|
||||||
|
|
Loading…
Reference in New Issue