Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
V
vernemq
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
1
Issues
1
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
stack
vernemq
Commits
8a325e19
Commit
8a325e19
authored
Sep 26, 2018
by
Chavee Issariyapat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add token validator
parent
ce94a13d
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
150 additions
and
75 deletions
+150
-75
authhook/auth_on_publish.js
+19
-14
authhook/auth_on_register.js
+40
-20
authhook/auth_on_subscribe.js
+15
-12
authhook/on_unsubscribe.js
+14
-10
authhook/utils/getGroupID.js
+11
-19
authhook/validator.js
+51
-0
No files found.
authhook/auth_on_publish.js
View file @
8a325e19
...
@@ -39,22 +39,27 @@ module.exports = function (options = {}) {
...
@@ -39,22 +39,27 @@ module.exports = function (options = {}) {
next
();
next
();
}
}
else
{
else
{
var
GGID
=
require
(
'./utils/getGroupID'
);
var
output
=
{};
var
output
=
{};
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
)
GGID
.
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
,
function
(
group
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'pub'
,
_id
,
req
.
body
.
client_id
,
output
);
// get topic where concat with groupID
response
=
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'pub'
,
group
,
req
.
body
.
client_id
,
output
);
// get topic where concat with groupID
'result'
:
'ok'
,
response
=
{
'modifiers'
:
{
'result'
:
'ok'
,
'topic'
:
_ftopic
,
'modifiers'
:
{
'qos'
:
0
,
'topic'
:
_ftopic
,
'retain'
:
false
'qos'
:
0
,
'retain'
:
false
}
}
}
}
if
(
output
.
verb
==
'get'
||
output
.
verb
==
'read'
)
{
if
(
output
.
verb
==
'get'
||
output
.
verb
==
'read'
)
{
response
.
modifiers
.
payload
=
Buffer
.
from
(
req
.
body
.
client_id
).
toString
(
'base64'
);
response
.
modifiers
.
payload
=
Buffer
.
from
(
req
.
body
.
client_id
).
toString
(
'base64'
);
}
}
res
.
send
(
response
);
res
.
send
(
response
);
next
();
next
();
});
}
}
}
}
else
{
else
{
...
...
authhook/auth_on_register.js
View file @
8a325e19
var
validator
=
require
(
'./validator'
);
var
config
=
require
(
'config'
);
var
config
=
require
(
'config'
);
var
seneca
=
require
(
'seneca'
)({
log
:
'silent'
}).
client
({
port
:
config
.
get
(
'device_registry_port'
),
host
:
config
.
get
(
'device_registry_host'
)
});
// https://github.com/isaacs/node-lru-cache
// https://github.com/isaacs/node-lru-cache
var
LRU
=
require
(
"lru-cache"
),
var
LRU
=
require
(
"lru-cache"
),
...
@@ -8,39 +11,56 @@ var LRU = require("lru-cache"),
...
@@ -8,39 +11,56 @@ var LRU = require("lru-cache"),
});
});
var
debug
=
false
;
var
debug
=
false
;
var
authclient
=
require
(
'seneca'
)({
log
:
'silent'
})
// var authclient = require('seneca')({ log: 'silent' })
.
client
({
port
:
config
.
get
(
'authserv_port'
),
host
:
config
.
get
(
'authserv_host'
)
});
// .client({ port: config.get('authserv_port'), host: config.get('authserv_host') });
function
authCheck
(
client_id
,
token
,
password
,
callback
)
{
function
authCheck
(
client_id
,
token
,
password
,
callback
)
{
if
(
require
(
'./checkClientRole'
).
checkRealDB
(
token
))
{
// auth realtimedb by token
if
(
require
(
'./checkClientRole'
).
checkRealDB
(
token
))
{
// auth realtimedb by token
callback
(
true
)
callback
(
true
)
;
}
}
else
{
else
{
if
(
require
(
'./checkClientRole'
).
getRole
(
token
))
callback
(
true
)
// auth client device by token
if
(
require
(
'./checkClientRole'
).
getRole
(
token
))
callback
(
true
)
// auth client device by token
else
{
else
{
authclient
.
act
({
role
:
'auth'
,
cmd
:
'token'
,
action
:
'info'
,
token
:
token
},
function
(
err
,
res
)
{
// auth client device by query from db
seneca
.
act
(
'cmd:getAccessTokenInfo, tokencode:'
+
token
,
function
(
err
,
res
)
{
if
(
debug
)
{
if
(
!
err
&&
res
)
{
console
.
log
(
"res ------>
\
n"
);
var
token_profile
=
(
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:{};
console
.
log
(
res
);
var
mqttauth
=
{
}
clientid
:
client_id
,
token
:
token
,
if
(
res
&&
res
.
data
)
{
password
:
password
try
{
};
var
jdata
=
JSON
.
parse
(
res
.
data
);
callback
(
validator
.
auth_connect
(
mqttauth
,
token_profile
)
);
if
(
jdata
&&
jdata
.
code
==
200
)
{
callback
(
true
);
}
else
callback
(
false
);
}
catch
(
e
)
{
callback
(
false
);
}
callback
(
true
);
}
}
else
{
else
{
callback
(
false
);
callback
(
false
);
}
}
});
});
// authclient.act({ role: 'auth', cmd: 'token', action: 'info', token: token }, function (err, res) { // auth client device by query from db
// if (debug) {
// console.log("res ------>\n");
// console.log(res);
// }
// if (res && res.data) {
// try {
// var jdata = JSON.parse(res.data);
// if (jdata && jdata.code == 200) {
// callback(true);
// }
// else callback(false);
// } catch (e) {
// callback(false);
// }
// callback(true);
// }
// else {
// callback(false);
// }
// });
}
}
}
}
}
}
...
...
authhook/auth_on_subscribe.js
View file @
8a325e19
...
@@ -43,18 +43,21 @@ module.exports = function (options = {}) {
...
@@ -43,18 +43,21 @@ module.exports = function (options = {}) {
next
();
next
();
}
}
else
{
else
{
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
)
var
GGID
=
require
(
'./utils/getGroupID'
);
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'sub'
,
_id
,
req
.
body
.
client_id
)
// get topic where concat with groupID
var
_topic
=
[{
// setTopic for response
GGID
.
getGroupID
(
req
.
body
.
username
,
req
.
body
.
client_id
,
function
(
group
)
{
'topic'
:
_ftopic
,
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'sub'
,
group
,
req
.
body
.
client_id
)
// get topic where concat with groupID
'qos'
:
0
var
_topic
=
[{
// setTopic for response
}]
'topic'
:
_ftopic
,
response
=
{
'qos'
:
0
'result'
:
'ok'
,
}]
'topics'
:
_topic
response
=
{
}
'result'
:
'ok'
,
res
.
send
(
response
);
'topics'
:
_topic
next
();
}
res
.
send
(
response
);
next
();
});
}
}
}
}
else
{
else
{
...
...
authhook/on_unsubscribe.js
View file @
8a325e19
...
@@ -16,17 +16,20 @@ function on_unsubscribe(req, res, next) {
...
@@ -16,17 +16,20 @@ function on_unsubscribe(req, res, next) {
next
()
next
()
}
}
else
{
else
{
var
_id
=
require
(
'./utils/getGroupID'
).
getGroupID
(
token
,
client_id
)
var
GGID
=
require
(
'./utils/getGroupID'
);
if
(
_id
)
{
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'unsub'
,
_id
,
client_id
)
GGID
.
getGroupID
(
token
,
client_id
,
function
(
group
)
{
response
=
{
if
(
group
)
{
"result"
:
"ok"
,
var
_ftopic
=
require
(
'./utils/getTopic'
).
rewriteTopic
(
topic
,
'unsub'
,
group
,
client_id
)
"topics"
:
[
_ftopic
]
response
=
{
"result"
:
"ok"
,
"topics"
:
[
_ftopic
]
}
}
}
}
else
response
=
{
'result'
:
'no'
}
else
response
=
{
'result'
:
'no'
}
res
.
send
(
response
);
res
.
send
(
response
);
next
()
next
()
});
}
}
}
}
module
.
exports
.
on_unsubscribe
=
on_unsubscribe
module
.
exports
.
on_unsubscribe
=
on_unsubscribe
\ No newline at end of file
authhook/utils/getGroupID.js
View file @
8a325e19
module
.
exports
.
getGroupID
=
getGroupID
var
config
=
require
(
'config'
);
var
config
=
require
(
'config'
);
var
seneca
=
require
(
'seneca'
)({
log
:
'silent'
}).
client
({
port
:
config
.
get
(
'device_registry_port'
),
host
:
config
.
get
(
'device_registry_host'
)
});
var
seneca
=
require
(
'seneca'
)({
log
:
'silent'
}).
client
({
port
:
config
.
get
(
'device_registry_port'
),
host
:
config
.
get
(
'device_registry_host'
)
});
var
getRole
=
require
(
'../checkClientRole'
).
getRole
var
getRole
=
require
(
'../checkClientRole'
).
getRole
async
function
getGroupID
(
token
,
client_id
)
{
function
getGroupID
(
token
,
client_id
,
callback
)
{
var
role
=
getRole
(
token
);
var
role
=
getRole
(
token
);
if
(
role
&&
role
.
hasOwnProperty
(
'groupId'
))
{
if
(
role
&&
role
.
hasOwnProperty
(
'groupId'
))
{
return
role
.
groupId
;
callback
(
role
.
groupId
)
;
}
}
else
{
else
{
var
group
=
await
doDB
(
client_id
);
doDB
(
client_id
,
function
(
group
)
{
return
group
;
callback
(
group
);
});
}
}
}
}
module
.
exports
.
getGroupID
=
getGroupID
function
doDB
(
client_id
)
{
function
doDB
(
client_id
,
callback
)
{
return
new
Promise
((
resolve
,
reject
)
=>
{
seneca
.
act
(
'cmd:getGroupByClientid, clientid:'
+
client_id
,
function
(
err
,
res
)
{
seneca
.
act
(
'cmd:getGroupByClientid, clientid:'
+
client_id
,
function
(
err
,
res
)
{
if
(
err
)
callback
(
null
);
if
(
err
)
reject
(
err
);
else
callback
((
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:
null
);
else
resolve
((
res
&&
res
.
result
&&
res
.
result
[
0
])?
res
.
result
[
0
]:
null
);
});
});
});
}
}
//Test
async
function
test
()
{
var
g
=
await
getGroupID
(
''
,
'aw9f0d2c-aliceclient'
);
console
.
log
(
g
);
}
test
();
\ No newline at end of file
authhook/validator.js
0 → 100644
View file @
8a325e19
module
.
exports
.
auth_connect
=
auth_connect
/*
{ _key: '1196651',
_id: 'access_token/1196651',
_rev: '_XdtTzQK--_',
"type": "v1",
"code": "f2a05d9a420e141d2d268b0c41f2af8e",
"device": "bd2w9fkc-bobclient",
"scope": [
"w:@shadow/read",
"w:@shadow/write"
],
"iat": 1537502874269,
"nbf": 1537502874269,
"exp": 1537609874269,
"for": [
{
"clientid": "bd2w9fkc-bobclient",
"verify": false
}
],
"user": "nexpie"
}
*/
function
auth_connect
(
mqttauth
,
token_profile
)
{
var
res
=
{
status
:
true
}
if
(
token_profile
)
{
if
(
token_profile
.
for
)
{
var
found
=
false
;
for
(
var
i
=
0
;
i
<
token_profile
.
for
.
length
;
i
++
)
{
if
(
token_profile
.
for
[
i
].
clientid
==
mqttauth
.
clientid
)
{
found
=
true
;
break
;
}
}
if
(
!
found
)
return
{
status
:
false
,
reason
:
'uneligible'
};
}
if
(
Date
.
now
()
>
token_profile
.
exp
)
return
{
status
:
false
,
reason
:
'expired'
};
if
(
token_profile
.
nbf
&&
(
Date
.
now
()
<
token_profile
.
nbf
))
return
{
status
:
false
,
reason
:
'uneligible'
};
return
{
status
:
true
};
}
else
return
false
;
}
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment