RTL/server/utils/authCheck.ts

import jwt from 'jsonwebtoken';
import csurf from 'csurf/index.js';
import { Common, CommonService } from './common.js';
import { Logger, LoggerService } from './logger.js';

const common: CommonService = Common;
const logger: LoggerService = Logger;
const csurfProtection = csurf({ cookie: true });

export const isAuthenticated = (req, res, next) => {
  try {
    const token = req.headers.authorization.split(' ')[1];
    jwt.verify(token, common.secret_key);
    next();
  } catch (error) {
    const errMsg = 'Authentication Failed! Please Login First!';
    const err = common.handleError({ statusCode: 401, message: 'Authentication Error', error: errMsg }, 'AuthCheck', errMsg, req.session.selectedNode);
    return res.status(err.statusCode).json({ message: err.message, error: err.error });
  }
};

export const verifyWSUser = (info, next) => {
  const headers = JSON.parse(JSON.stringify(info.req.headers));
  const protocols = !info.req.headers['sec-websocket-protocol'] ? [] : info.req.headers['sec-websocket-protocol'].split(',')?.map((s) => s.trim());
  const jwToken = (protocols && protocols.length > 0) ? protocols[0] : '';
  if (!jwToken || jwToken === '') {
    next(false, 401, 'Authentication Failed! Please Login First!');
  } else {
    jwt.verify(jwToken, common.secret_key, (verificationErr) => {
      if (verificationErr) {
        next(false, 401, 'Authentication Failed! Please Login First!');
      } else {
        try {
          let updatedReq = null;
          try {
            updatedReq = JSON.parse(JSON.stringify(info.req));
          } catch (err) {
            updatedReq = info.req;
          }
          let cookies = null;
          try {
            cookies = '{"' + headers.cookie?.replace(/ /g, '')?.replace(/;/g, '","').trim()?.replace(/[=]/g, '":"') + '"}';
            updatedReq['cookies'] = JSON.parse(cookies);
          } catch (err) {
            cookies = {};
            updatedReq['cookies'] = JSON.parse(cookies);
            logger.log({ selectedNode: common.selectedNode, level: 'WARN', fileName: 'AuthCheck', msg: '403 Unable to read CSRF token cookie', data: err });
          }
          csurfProtection(updatedReq, null, (err) => {
            if (err) {
              next(false, 403, 'Invalid CSRF token!');
            } else {
              next(true);
            }
          });
        } catch (err) {
          logger.log({ selectedNode: common.selectedNode, level: 'WARN', fileName: 'AuthCheck', msg: '403 Unable to verify CSRF token', data: err });
          next(true);
        }
      }
    });
  }
};
Release 0.12.0 (#916) Release 0.12.0 2 years ago			`import jwt from 'jsonwebtoken';`
			`import csurf from 'csurf/index.js';`
			`import { Common, CommonService } from './common.js';`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`import { Logger, LoggerService } from './logger.js';`
Release 0.12.0 (#916) Release 0.12.0 2 years ago
			`const common: CommonService = Common;`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`const logger: LoggerService = Logger;`
Release 0.12.0 (#916) Release 0.12.0 2 years ago			`const csurfProtection = csurf({ cookie: true });`

			`export const isAuthenticated = (req, res, next) => {`
			`try {`
			`const token = req.headers.authorization.split(' ')[1];`
			`jwt.verify(token, common.secret_key);`
			`next();`
			`} catch (error) {`
			`const errMsg = 'Authentication Failed! Please Login First!';`
			`const err = common.handleError({ statusCode: 401, message: 'Authentication Error', error: errMsg }, 'AuthCheck', errMsg, req.session.selectedNode);`
			`return res.status(err.statusCode).json({ message: err.message, error: err.error });`
			`}`
			`};`

			`export const verifyWSUser = (info, next) => {`
			`const headers = JSON.parse(JSON.stringify(info.req.headers));`
CLN Forwarding history filter and lint fixes CLN Forwarding history filter and lint fixes 2 years ago			`const protocols = !info.req.headers['sec-websocket-protocol'] ? [] : info.req.headers['sec-websocket-protocol'].split(',')?.map((s) => s.trim());`
Release 0.12.0 (#916) Release 0.12.0 2 years ago			`const jwToken = (protocols && protocols.length > 0) ? protocols[0] : '';`
			`if (!jwToken \|\| jwToken === '') {`
			`next(false, 401, 'Authentication Failed! Please Login First!');`
			`} else {`
			`jwt.verify(jwToken, common.secret_key, (verificationErr) => {`
			`if (verificationErr) {`
			`next(false, 401, 'Authentication Failed! Please Login First!');`
			`} else {`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`try {`
			`let updatedReq = null;`
			`try {`
			`updatedReq = JSON.parse(JSON.stringify(info.req));`
			`} catch (err) {`
			`updatedReq = info.req;`
Release 0.12.0 (#916) Release 0.12.0 2 years ago			`}`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`let cookies = null;`
			`try {`
CLN Forwarding history filter and lint fixes CLN Forwarding history filter and lint fixes 2 years ago			`cookies = '{"' + headers.cookie?.replace(/ /g, '')?.replace(/;/g, '","').trim()?.replace(/[=]/g, '":"') + '"}';`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`updatedReq['cookies'] = JSON.parse(cookies);`
			`} catch (err) {`
			`cookies = {};`
			`updatedReq['cookies'] = JSON.parse(cookies);`
Release 0.15.1 (#1406) * rm .DS_Store * Add watchfrontenddev command for npm * Fix toggle issues in sidenav (pinning and on page refresh) * Add copy-to-clipboard fallback if navigator.clipboard is not available (#1336) * add copy-to-clipboard fallback if navigator.clipboard is not available * amend copy fallback * clipboard copy lint fixes and frontend build * fix: add missing boltz state `transaction.lockupFailed` (#1349) * fix: boltzd docs link (#1354) * exit gracefully (#1356) * allow for eclair updated relayed audit format (#1363) * feat: add boltz service to cln (#1352) * lint fix * Request Params Cleanup * cln: Boltz auto-send (#1366) * Bug-fix (CLN Boltz): Hide claim tx id and routing fee for non-zero conf reverse swap * cln: Boltz auto-send - Added auto send option for Swap In - Checking compatiblity with v2.0.0 and above * Test import fixes * Update help.component.ts (#1379) Fixed broken link under "Help" -> "Node Settings" * Backend config fix (#1382) * Updating Common Application Configuration * Fixed get RTL Conf * Update Application Settings * application and settings case change * Unified config models * Default node update * 2FA and Password reset * Final application settings update * Config Settings and Authentication case fixed * Node Setting Fix * Fiat currency Symbol fix * CLN: Fiat symbol fix * All: Fiat symbol fix * Update node settings * Services UI fix * CLN: Removed child node settings * All: Removed child node settings * Test fixes * mempool links for onchain information (#1383) * Tests fix Tests fix * UI for Block Explorer Configuration (#1385) * Bump fee with mempool information (#1386) * Mempool openchannel minfee (#1388) Open channel model block if min fee is higher * Show error on login screen if rune is incorrect and getinfo throws error (#1391) * cln: Removed channel lookup call for update policy (#1392) * ECL: On-chain Transactions, Invoice and Payments pagination (#1393) Done most of the UI changes to accommodate pagination on transactions, payments and invoices tables but true pagination cannot be implemented till total number of records are missing from the API response. Once the issue https://github.com/ACINQ/eclair/issues/2855 is fixed, I will uncomment pagination changes in the frontend. * lnd: Onchain CPFP (#1394) - UTXO label bug fix - Warning on utxo label for "sweep" in text. * Bug fixes after testing * Testing bug fixes (#1401) * Bug fix 2: lnd: Link channel point to explorer and show fee on close channel too * lnd: explorer link on pending channels * Node lookup link on view channel peer pubkey * Testing bug fixes (#1402) * Bug fix 2: lnd: Link channel point to explorer and show fee on close channel too * lnd: explorer link on pending channels * Node lookup link on view channel peer pubkey * test fixes * ng update to v18.0.x * Updating install with --legacy-peer-deps --------- Co-authored-by: Grzegorz Kućmierz <gkucmierz@gmail.com> Co-authored-by: lacksfish <lacksfish@gmail.com> Co-authored-by: jackstar12 <62219658+jackstar12@users.noreply.github.com> Co-authored-by: Kilian <19181985+kilrau@users.noreply.github.com> Co-authored-by: Taylor King <taylorbradleyking@gmail.com> Co-authored-by: Fishcake <128653975+fishcakeday@users.noreply.github.com> Co-authored-by: Ant <72945059+2140data@users.noreply.github.com> 2 days ago			`logger.log({ selectedNode: common.selectedNode, level: 'WARN', fileName: 'AuthCheck', msg: '403 Unable to read CSRF token cookie', data: err });`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`}`
			`csurfProtection(updatedReq, null, (err) => {`
			`if (err) {`
			`next(false, 403, 'Invalid CSRF token!');`
			`} else {`
			`next(true);`
			`}`
			`});`
			`} catch (err) {`
Release 0.15.1 (#1406) * rm .DS_Store * Add watchfrontenddev command for npm * Fix toggle issues in sidenav (pinning and on page refresh) * Add copy-to-clipboard fallback if navigator.clipboard is not available (#1336) * add copy-to-clipboard fallback if navigator.clipboard is not available * amend copy fallback * clipboard copy lint fixes and frontend build * fix: add missing boltz state `transaction.lockupFailed` (#1349) * fix: boltzd docs link (#1354) * exit gracefully (#1356) * allow for eclair updated relayed audit format (#1363) * feat: add boltz service to cln (#1352) * lint fix * Request Params Cleanup * cln: Boltz auto-send (#1366) * Bug-fix (CLN Boltz): Hide claim tx id and routing fee for non-zero conf reverse swap * cln: Boltz auto-send - Added auto send option for Swap In - Checking compatiblity with v2.0.0 and above * Test import fixes * Update help.component.ts (#1379) Fixed broken link under "Help" -> "Node Settings" * Backend config fix (#1382) * Updating Common Application Configuration * Fixed get RTL Conf * Update Application Settings * application and settings case change * Unified config models * Default node update * 2FA and Password reset * Final application settings update * Config Settings and Authentication case fixed * Node Setting Fix * Fiat currency Symbol fix * CLN: Fiat symbol fix * All: Fiat symbol fix * Update node settings * Services UI fix * CLN: Removed child node settings * All: Removed child node settings * Test fixes * mempool links for onchain information (#1383) * Tests fix Tests fix * UI for Block Explorer Configuration (#1385) * Bump fee with mempool information (#1386) * Mempool openchannel minfee (#1388) Open channel model block if min fee is higher * Show error on login screen if rune is incorrect and getinfo throws error (#1391) * cln: Removed channel lookup call for update policy (#1392) * ECL: On-chain Transactions, Invoice and Payments pagination (#1393) Done most of the UI changes to accommodate pagination on transactions, payments and invoices tables but true pagination cannot be implemented till total number of records are missing from the API response. Once the issue https://github.com/ACINQ/eclair/issues/2855 is fixed, I will uncomment pagination changes in the frontend. * lnd: Onchain CPFP (#1394) - UTXO label bug fix - Warning on utxo label for "sweep" in text. * Bug fixes after testing * Testing bug fixes (#1401) * Bug fix 2: lnd: Link channel point to explorer and show fee on close channel too * lnd: explorer link on pending channels * Node lookup link on view channel peer pubkey * Testing bug fixes (#1402) * Bug fix 2: lnd: Link channel point to explorer and show fee on close channel too * lnd: explorer link on pending channels * Node lookup link on view channel peer pubkey * test fixes * ng update to v18.0.x * Updating install with --legacy-peer-deps --------- Co-authored-by: Grzegorz Kućmierz <gkucmierz@gmail.com> Co-authored-by: lacksfish <lacksfish@gmail.com> Co-authored-by: jackstar12 <62219658+jackstar12@users.noreply.github.com> Co-authored-by: Kilian <19181985+kilrau@users.noreply.github.com> Co-authored-by: Taylor King <taylorbradleyking@gmail.com> Co-authored-by: Fishcake <128653975+fishcakeday@users.noreply.github.com> Co-authored-by: Ant <72945059+2140data@users.noreply.github.com> 2 days ago			`logger.log({ selectedNode: common.selectedNode, level: 'WARN', fileName: 'AuthCheck', msg: '403 Unable to verify CSRF token', data: err });`
Release 0.12.1 (#932) Offers QR Code bug fix Websocket Authcheck csrf cookie validation Bug Fix: Wrong year in Date #918 Improved INFO & DEBUG Logging LND: Bug fix Color Setting in Config #925 2FA button toggle #906 Bug Fix: HTLC viewing #924 All Tooltips on form controls are updated with mat-icon:info Co-authored-by: saiy2k <saiy2k@gmail.com> 2 years ago			`next(true);`
			`}`
Release 0.12.0 (#916) Release 0.12.0 2 years ago			`}`
			`});`
			`}`
			`};`