Issue Fix #167 & #168

5 years ago · d2e815aab6
parent 12edf3a616
commit d2e815aab6
11 changed files with 31 additions and 72 deletions
--- a/.gitignore
+++ b/.gitignore
@ -43,3 +43,4 @@ RTL.conf
 RTL-Multi-Node-Conf.json
 RTL-Multi-Node-Conf-1.json
 /backup/*
+cookies
--- a/angular/index.html
+++ b/angular/index.html
@ -8,5 +8,5 @@
 <link rel="stylesheet" href="styles.83644e00292bcd08f710.css"></head>
 <body>
  <rtl-app></rtl-app>
-<script type="text/javascript" src="runtime.26209474bfa8dc87a77c.js"></script><script type="text/javascript" src="polyfills.d68e8f4f73dfaef206f1.js"></script><script type="text/javascript" src="main.6c3ca97d1340edf66106.js"></script></body>
+<script type="text/javascript" src="runtime.26209474bfa8dc87a77c.js"></script><script type="text/javascript" src="polyfills.d68e8f4f73dfaef206f1.js"></script><script type="text/javascript" src="main.025b36ac6da731e47e44.js"></script></body>
 </html>
--- a/angular/main.025b36ac6da731e47e44.js
+++ b/angular/main.025b36ac6da731e47e44.js
--- a/connect.js
+++ b/connect.js
@ -523,7 +523,6 @@ connect.setServerConfiguration = () => {
    common.multi_node_setup = true;
    connect.setMultiNodeConfiguration(multiNodeConfFile);
  }
-  common.nodes.map(node => { connect.getAllNodeAllChannelBackup(node); });
 }

 module.exports = connect;
--- a/controllers/authenticate.js
+++ b/controllers/authenticate.js
@ -8,32 +8,9 @@ var crypto = require('crypto');
 var hash = crypto.createHash('sha256');
 var logger = require('./logger');

-exports.authenticateUserWithCookie = (req, res, next) => {
-  if(+common.rtl_sso) {
-    res.cookie('access-key', req.query['access-key'], { httpOnly: true, sameSite: true, secure: true });
-    res.set(
-      {
-        'Cache-Control': 'private, no-cache'
-      }
-    );
-    res.redirect(301, '/rtl/');
-  }
-  else
-  {
-    res.status(404).json({
-      message: "Login Failure!",
-      error: "SSO not available"
-    });
-  }
-};
-
 exports.authenticateUser = (req, res, next) => {
  if(+common.rtl_sso) {
-    const access_key = req.cookies['access-key'];
-    res.clearCookie("access-key");
-    // Replace access_key value from req.cookies['access-key'] to req.body.password to test SSO on http
-    // const access_key = atob(req.body.password);
-    if (common.cookie === access_key) {
+    if (crypto.createHash('sha256').update(common.cookie).digest('hex') === req.body.password) {
      connect.refreshCookie(common.rtl_cookie_path);
      const token = jwt.sign(
        { user: 'Custom_User', lndConfigPath: common.nodes[0].lnd_config_path, macaroonPath: common.nodes[0].macaroon_path },
--- a/controllers/getInfo.js
+++ b/controllers/getInfo.js
@ -1,6 +1,7 @@
 var request = require('request-promise');
 var common = require('../common');
 var logger = require('./logger');
+var connect = require('../connect');
 var options = {};

 exports.getInfo = (req, res, next) => {
@ -12,6 +13,7 @@ exports.getInfo = (req, res, next) => {
  } else {
    logger.info('\r\nSingle Node Setup!');
  }
+  common.nodes.map(node => { connect.getAllNodeAllChannelBackup(node); });
  logger.info('\r\nCalling getinfo from lnd server url: INFO: ' + options.url);
  request(options).then((body) => {
    logger.info('\r\nGetInfo: 9: ' + JSON.stringify(Date.now()) + ': INFO: ' + JSON.stringify(body));
@ -23,7 +25,6 @@ exports.getInfo = (req, res, next) => {
        error: (undefined === body || search_idx > -1) ? 'Error From Server!' : body.error
      });
    } else {
-      // res.status(200).json({});
      res.status(200).json(body);
    }
  })
--- a/package-lock.json
+++ b/package-lock.json
@ -1,6 +1,6 @@
 {
  "name": "rtl",
-  "version": "0.4.2-beta",
+  "version": "0.4.3-beta",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
@ -1470,7 +1470,8 @@
    "atob": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz",
-      "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg=="
+      "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==",
+      "dev": true
    },
    "autoprefixer": {
      "version": "9.4.6",
@ -6358,9 +6359,9 @@
      }
    },
    "lodash": {
-      "version": "4.17.11",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
-      "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
+      "version": "4.17.15",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
+      "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
    },
    "lodash.clonedeep": {
      "version": "4.5.0",
@ -6851,9 +6852,9 @@
      }
    },
    "mixin-deep": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
-      "integrity": "sha512-8ZItLHeEgaqEvd5lYBXfm4EZSFCX29Jb9K+lAHhDKzReKBQKj3R+7NOF6tjqYi9t4oI8VUfaWITJQm86wnXGNQ==",
+      "version": "1.3.2",
+      "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz",
+      "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==",
      "dev": true,
      "requires": {
        "for-in": "^1.0.2",
@ -8768,9 +8769,9 @@
      "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc="
    },
    "set-value": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz",
-      "integrity": "sha512-hw0yxk9GT/Hr5yJEYnHNKYXkIA8mVJgd9ditYZCe16ZczcaELYYcfvaXesNACk2O8O0nTiPQcQhGUQj8JLzeeg==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz",
+      "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==",
      "dev": true,
      "requires": {
        "extend-shallow": "^2.0.1",
@ -10188,38 +10189,15 @@
      "dev": true
    },
    "union-value": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.0.tgz",
-      "integrity": "sha1-XHHDTLW61dzr4+oM0IIHulqhrqQ=",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz",
+      "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==",
      "dev": true,
      "requires": {
        "arr-union": "^3.1.0",
        "get-value": "^2.0.6",
        "is-extendable": "^0.1.1",
-        "set-value": "^0.4.3"
-      },
-      "dependencies": {
-        "extend-shallow": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz",
-          "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=",
-          "dev": true,
-          "requires": {
-            "is-extendable": "^0.1.0"
-          }
-        },
-        "set-value": {
-          "version": "0.4.3",
-          "resolved": "https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz",
-          "integrity": "sha1-fbCPnT0i3H945Trzw79GZuzfzPE=",
-          "dev": true,
-          "requires": {
-            "extend-shallow": "^2.0.1",
-            "is-extendable": "^0.1.1",
-            "is-plain-object": "^2.0.1",
-            "to-object-path": "^0.3.0"
-          }
-        }
+        "set-value": "^2.0.1"
      }
    },
    "unique-filename": {
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "rtl",
-  "version": "0.4.2-beta",
+  "version": "0.4.3-beta",
  "license": "MIT",
  "scripts": {
    "ng": "ng",
@ -33,7 +33,6 @@
    "@swimlane/ngx-charts": "^10.0.0",
    "angular-user-idle": "^2.0.0",
    "angularx-qrcode": "^1.5.3",
-    "atob": "^2.1.2",
    "cookie-parser": "^1.4.4",
    "core-js": "^2.5.4",
    "express": "^4.16.4",
--- a/routes/authenticate.js
+++ b/routes/authenticate.js
@ -2,7 +2,6 @@ const AuthenticateController = require("../controllers/authenticate");
 const express = require("express");
 const router = express.Router();

-router.get("/cookie", AuthenticateController.authenticateUserWithCookie);
 router.post("/", AuthenticateController.authenticateUser);

 module.exports = router;
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@ -5,6 +5,7 @@ import { takeUntil, filter } from 'rxjs/operators';
 import { Store } from '@ngrx/store';
 import { Actions } from '@ngrx/effects';
 import { UserIdleService } from 'angular-user-idle';
+import * as sha256 from 'sha256';

 import { LoggerService } from './shared/services/logger.service';
 import { RTLConfiguration, Settings, Node } from './shared/models/RTLconfig';
@ -69,7 +70,7 @@ export class AppComponent implements OnInit, AfterViewInit, OnDestroy {
      if (actionPayload.type === RTLActions.SET_RTL_CONFIG) {
        if (!sessionStorage.getItem('token')) {
          if (+actionPayload.payload.sso.rtlSSO) {
-            this.store.dispatch(new RTLActions.Signin(window.btoa(this.accessKey)));
+            this.store.dispatch(new RTLActions.Signin(sha256(this.accessKey)));
          } else {
            this.router.navigate([this.appConfig.sso.logoutRedirectLink]);
          }
@ -111,7 +112,11 @@ export class AppComponent implements OnInit, AfterViewInit, OnDestroy {

  private readAccessKey() {
    const url = window.location.href;
-    return url.substring(url.lastIndexOf('/') + 1);
+    const ak = url.substring(url.lastIndexOf('access-key=') + 11).trim();
+    if (ak) {
+      this.store.dispatch(new RTLActions.Signout());
+    }
+    return ak;
  }

  initializeRemainingData() {
--- a/src/environments/version.ts
+++ b/src/environments/version.ts
@ -1 +1 @@
-export const VERSION = '0.4.2-beta';
+export const VERSION = '0.4.3-beta';