Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
V
vernemq
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
1
Issues
1
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
stack
vernemq
Commits
8a325e19
Commit
8a325e19
authored
Sep 26, 2018
by
Chavee Issariyapat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add token validator
parent
ce94a13d
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
150 additions
and
75 deletions
+150
-75
authhook/auth_on_publish.js
+19
-14
authhook/auth_on_register.js
+40
-20
authhook/auth_on_subscribe.js
+15
-12
authhook/on_unsubscribe.js
+14
-10
authhook/utils/getGroupID.js
+11
-19
authhook/validator.js
+51
-0
No files found.
authhook/auth_on_publish.js
View file @
8a325e19
...
...
@@ -39,22 +39,27 @@ module.exports = function (options = {}) {
next
();
}
else
{
var
GGID
=
require
(
'./utils/getGroupID'
);
var
output
=
{};
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
)
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'pub'
,
_id
,
req
.
body
.
client_id
,
output
);
// get topic where concat with groupID
response
=
{
'result'
:
'ok'
,
'modifiers'
:
{
'topic'
:
_ftopic
,
'qos'
:
0
,
'retain'
:
false
GGID
.
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
,
function
(
group
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'pub'
,
group
,
req
.
body
.
client_id
,
output
);
// get topic where concat with groupID
response
=
{
'result'
:
'ok'
,
'modifiers'
:
{
'topic'
:
_ftopic
,
'qos'
:
0
,
'retain'
:
false
}
}
}
if
(
output
.
verb
==
'get'
||
output
.
verb
==
'read'
)
{
response
.
modifiers
.
payload
=
Buffer
.
from
(
req
.
body
.
client_id
).
toString
(
'base64'
);
}
res
.
send
(
response
);
next
();
if
(
output
.
verb
==
'get'
||
output
.
verb
==
'read'
)
{
response
.
modifiers
.
payload
=
Buffer
.
from
(
req
.
body
.
client_id
).
toString
(
'base64'
);
}
res
.
send
(
response
);
next
();
});
}
}
else
{
...
...
authhook/auth_on_register.js
View file @
8a325e19
var
validator
=
require
(
'./validator'
);
var
config
=
require
(
'config'
);
var
seneca
=
require
(
'seneca'
)({
log
:
'silent'
}).
client
({
port
:
config
.
get
(
'device_registry_port'
),
host
:
config
.
get
(
'device_registry_host'
)
});
// https://github.com/isaacs/node-lru-cache
var
LRU
=
require
(
"lru-cache"
),
...
...
@@ -8,39 +11,56 @@ var LRU = require("lru-cache"),
});
var
debug
=
false
;
var
authclient
=
require
(
'seneca'
)({
log
:
'silent'
})
.
client
({
port
:
config
.
get
(
'authserv_port'
),
host
:
config
.
get
(
'authserv_host'
)
});
// var authclient = require('seneca')({ log: 'silent' })
// .client({ port: config.get('authserv_port'), host: config.get('authserv_host') });
function
authCheck
(
client_id
,
token
,
password
,
callback
)
{
if
(
require
(
'./checkClientRole'
).
checkRealDB
(
token
))
{
// auth realtimedb by token
callback
(
true
)
callback
(
true
)
;
}
else
{
if
(
require
(
'./checkClientRole'
).
getRole
(
token
))
callback
(
true
)
// auth client device by token
else
{
authclient
.
act
({
role
:
'auth'
,
cmd
:
'token'
,
action
:
'info'
,
token
:
token
},
function
(
err
,
res
)
{
// auth client device by query from db
if
(
debug
)
{
console
.
log
(
"res ------>
\
n"
);
console
.
log
(
res
);
}
if
(
res
&&
res
.
data
)
{
try
{
var
jdata
=
JSON
.
parse
(
res
.
data
);
if
(
jdata
&&
jdata
.
code
==
200
)
{
callback
(
true
);
}
else
callback
(
false
);
}
catch
(
e
)
{
callback
(
false
);
}
callback
(
true
);
seneca
.
act
(
'cmd:getAccessTokenInfo, tokencode:'
+
token
,
function
(
err
,
res
)
{
if
(
!
err
&&
res
)
{
var
token_profile
=
(
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:{};
var
mqttauth
=
{
clientid
:
client_id
,
token
:
token
,
password
:
password
};
callback
(
validator
.
auth_connect
(
mqttauth
,
token_profile
)
);
}
else
{
callback
(
false
);
}
});
// authclient.act({ role: 'auth', cmd: 'token', action: 'info', token: token }, function (err, res) { // auth client device by query from db
// if (debug) {
// console.log("res ------>\n");
// console.log(res);
// }
// if (res && res.data) {
// try {
// var jdata = JSON.parse(res.data);
// if (jdata && jdata.code == 200) {
// callback(true);
// }
// else callback(false);
// } catch (e) {
// callback(false);
// }
// callback(true);
// }
// else {
// callback(false);
// }
// });
}
}
}
...
...
authhook/auth_on_subscribe.js
View file @
8a325e19
...
...
@@ -43,18 +43,21 @@ module.exports = function (options = {}) {
next
();
}
else
{
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
)
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'sub'
,
_id
,
req
.
body
.
client_id
)
// get topic where concat with groupID
var
_topic
=
[{
// setTopic for response
'topic'
:
_ftopic
,
'qos'
:
0
}]
response
=
{
'result'
:
'ok'
,
'topics'
:
_topic
}
res
.
send
(
response
);
next
();
var
GGID
=
require
(
'./utils/getGroupID'
);
GGID
.
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
,
function
(
group
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'sub'
,
group
,
req
.
body
.
client_id
)
// get topic where concat with groupID
var
_topic
=
[{
// setTopic for response
'topic'
:
_ftopic
,
'qos'
:
0
}]
response
=
{
'result'
:
'ok'
,
'topics'
:
_topic
}
res
.
send
(
response
);
next
();
});
}
}
else
{
...
...
authhook/on_unsubscribe.js
View file @
8a325e19
...
...
@@ -16,17 +16,20 @@ function on_unsubscribe(req, res, next) {
next
()
}
else
{
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
token
,
client_id
)
if
(
_id
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'unsub'
,
_id
,
client_id
)
response
=
{
"result"
:
"ok"
,
"topics"
:
[
_ftopic
]
var
GGID
=
require
(
'./utils/getGroupID'
);
GGID
.
getGroupID
(
token
,
client_id
,
function
(
group
)
{
if
(
group
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'unsub'
,
group
,
client_id
)
response
=
{
"result"
:
"ok"
,
"topics"
:
[
_ftopic
]
}
}
}
else
response
=
{
'result'
:
'no'
}
res
.
send
(
response
);
next
()
else
response
=
{
'result'
:
'no'
}
res
.
send
(
response
);
next
()
});
}
}
module
.
exports
.
on_unsubscribe
=
on_unsubscribe
\ No newline at end of file
authhook/utils/getGroupID.js
View file @
8a325e19
module
.
exports
.
getGroupID
=
getGroupID
var
config
=
require
(
'config'
);
var
seneca
=
require
(
'seneca'
)({
log
:
'silent'
}).
client
({
port
:
config
.
get
(
'device_registry_port'
),
host
:
config
.
get
(
'device_registry_host'
)
});
var
getRole
=
require
(
'../checkClientRole'
).
getRole
async
function
getGroupID
(
token
,
client_id
)
{
function
getGroupID
(
token
,
client_id
,
callback
)
{
var
role
=
getRole
(
token
);
if
(
role
&&
role
.
hasOwnProperty
(
'groupId'
))
{
return
role
.
groupId
;
callback
(
role
.
groupId
)
;
}
else
{
var
group
=
await
doDB
(
client_id
);
return
group
;
doDB
(
client_id
,
function
(
group
)
{
callback
(
group
);
});
}
}
module
.
exports
.
getGroupID
=
getGroupID
function
doDB
(
client_id
)
{
return
new
Promise
((
resolve
,
reject
)
=>
{
seneca
.
act
(
'cmd:getGroupByClientid, clientid:'
+
client_id
,
function
(
err
,
res
)
{
if
(
err
)
reject
(
err
);
else
resolve
((
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:
null
);
});
function
doDB
(
client_id
,
callback
)
{
seneca
.
act
(
'cmd:getGroupByClientid, clientid:'
+
client_id
,
function
(
err
,
res
)
{
if
(
err
)
callback
(
null
);
else
callback
((
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:
null
);
});
}
//Test
async
function
test
()
{
var
g
=
await
getGroupID
(
''
,
'aw9f0d2c-aliceclient'
);
console
.
log
(
g
);
}
test
();
\ No newline at end of file
authhook/validator.js
0 → 100644
View file @
8a325e19
module
.
exports
.
auth_connect
=
auth_connect
/*
{ _key: '1196651',
_id: 'access_token/1196651',
_rev: '_XdtTzQK--_',
"type": "v1",
"code": "f2a05d9a420e141d2d268b0c41f2af8e",
"device": "bd2w9fkc-bobclient",
"scope": [
"w:@shadow/read",
"w:@shadow/write"
],
"iat": 1537502874269,
"nbf": 1537502874269,
"exp": 1537609874269,
"for": [
{
"clientid": "bd2w9fkc-bobclient",
"verify": false
}
],
"user": "nexpie"
}
*/
function
auth_connect
(
mqttauth
,
token_profile
)
{
var
res
=
{
status
:
true
}
if
(
token_profile
)
{
if
(
token_profile
.
for
)
{
var
found
=
false
;
for
(
var
i
=
0
;
i
<
token_profile
.
for
.
length
;
i
++
)
{
if
(
token_profile
.
for
[
i
].
clientid
==
mqttauth
.
clientid
)
{
found
=
true
;
break
;
}
}
if
(
!
found
)
return
{
status
:
false
,
reason
:
'uneligible'
};
}
if
(
Date
.
now
()
>
token_profile
.
exp
)
return
{
status
:
false
,
reason
:
'expired'
};
if
(
token_profile
.
nbf
&&
(
Date
.
now
()
<
token_profile
.
nbf
))
return
{
status
:
false
,
reason
:
'uneligible'
};
return
{
status
:
true
};
}
else
return
false
;
}
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment