diff --git a/.size-snapshot.json b/.size-snapshot.json index ea5577a..1e0dcb2 100644 --- a/.size-snapshot.json +++ b/.size-snapshot.json @@ -1,11 +1,11 @@ { "public/_assets/main.js": { - "bundled": 106742, - "minified": 41138, - "gzipped": 12988 + "bundled": 106911, + "minified": 41169, + "gzipped": 13005 }, "public/_assets/autoIndex.js": { - "bundled": 44018, + "bundled": 44017, "minified": 15077, "gzipped": 5142 } diff --git a/.travis.yml b/.travis.yml index 5112e9c..7fa52d7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,13 @@ language: node_js node_js: node cache: npm env: - secure: Z/uibhTgn2S4fy12WQs1wopytecb0Eo2O1qkT4FyEuu4xjSM0ZQ5zKP3eRSRAfr7tTZbTro1zRGWjNCQjJSNvm/6Ftyzp7aN8tFd7zVlZSGIJWGGItB1vqz3ls5ynt6EGLk6SRPtsHCiunaIzYUCLl5c1kFyjyqW3Aab77TQL6sNeTEOb2nS9wDi4xEfS1yDcJIT3swupHf4+tHtTHBMqwtvTpqdyRwkoauAaP94qWP2Glz3YnEpgJFLfvI9MHlOG+dMs6iroJ6UTzNfYOeWKq7xXrmtH2DY0u93fa9JOFIe4CrcSEt88fSO4o1BcdnPitLoB5GfgC8G4IanmtPTMl/3lrnjA2LkhqNs4w4ad9Xhd0fMLRKDofKSRarhMmfMxRY8o14K/2AmUWoS6DBjiOoHap7UTwdPxh2RmEhctG9ufvaQOXD6LAT2pewx9I9Jdg/FrEF7pCnuJxV8jFn8CryQw9QFYAqvgesjJNuHhjfoQdtuqNAQZl6RjoD0lg5iTnr/iwxfE6ayPilKPw7bJNw+yPUgNC//0rCj/KGcOS+9Ho2eD48Qh0GWpOOYBHhxVoo9oF2M1evlMpuuMXfM5KT++XZbxUbDZj1L22eYQDKF0Cwaf4NLCJ0/K5Wwcjphshmk7iy2t5c+JL76T5lFTt/aYQMGNdMdqB/Ato8aow8= + global: + - secure: uKf/ZaQjLXOQE+h/HE2YhabzndG/gYtDU2hfo799hgyb/W1ojgW3NJZyS2H4SJ3ESaGSwc0L6x/CRGc6jn09rx4iDEzt5jeIQhA4IrEIlLEEarnn3amUqrQ4syd2GPpqsFROu7d5aQDK/dZHLk5Hpv1y9Atz392VCWnro5Pbc0tkRkMaCPZLEgs2A6wK0aYzX3X7FACyBXBc/xA+FfzevpAx7SVt10A6pxx8rYbqrmz0hi4NEH8wmynN35imKxRCVWblHv8ty7ZkyfTv7kUaEW0wBfTxJNh/Kio4Y71Jg/DI6lekF0oY2gAqZ+JnReC94po2HEaF15NuC6j35HHv56CtTUQBRl/nKrItPI7PMuPlyCHi5ChuSD3Oc5Hmu2UiRh5le+iNLjHrpXD25tAOPUfSmrgkaLIn0fdqeKnO3D4Be55KTnWhDlSWjyaQFR9POUvIQwWzjdTflIegRQIzNEC6z9fAp+YDpVyCgbpHbWk0xF8lrEqvBRoJ8vOTYTNUiYM/XPWrv552MyC90th8yCaWl+Dhf2Zso1/neIAejbwhGhFXUeXHxkUK+JDYvfDlq4yrg8h4MPuZ0SE3U5sqvFeNxxFbvNLxbbWLOYmaAXfYrdjT3Ns0TEQc49ZUkLz5feGsIkh+CpiqVRUoBVCizrnAU6mzW2E7IsHVES1ILVY= + - secure: 2glMrYXCJv0NAtO3MouSWhijwdUDaYPTWuNT+la0A4hxIF+N00j2+kgqjidJAmijpmPICEyeXe5RtdLVER8Wye8Nz6FocagC/bM3TKmGg689033HjUU1f4YDXkrhemywWV+Kdgnd+98bFWmUBUGy0c0m+C2GR+DocYchIVwzHH7NVUwRd+byE5CtW3xSMhrKVPhiQgeCBbMYLCHCrsppAsxRChRYcteYAXsR4DeT9BRyZ2q35FNNxh3NuVOBUoH1jUMEbJJ+te1UwxLM1mZRJ5GpJ1B6349myX0L5I5DxoYZqTMUSbYGFB5Ad1NZjEXxS6WtrlWRlsviX5ER3J8AkfPh4sjVt9IqAinBeMhW3SUeK2qazdWE/7zyb3n5sL4/74epGeLp6Sq4OHVDVTiDMVN1rW+9no0IKknvgzqDVkdp3/ShJnQj0TrZYjXyn2wnmYcfMIHjsqWr+uY0oFbyZDNeIGV9f/KW1Rx8XZt3pqiR2AuxLrvKTpPL/Zffu5GXryM53gpcWFoXFHjpBfFbRP250wLiCqNY+XZSA7okzv6vIsykXsHU6FEu7SYiZZhX2mfJQOSRa/+64wuhKwNllSuLIj1I9n/myaSUNQa5Lor6jzsDz4dbXP/tEnh93mXvdKe3DdS9LG7Ca9V8YfxOWccJhT7gXf7DVFMNI5VNMvw= + - secure: rrZwddgjDOdZj81JRQ6Z+PWEGodJG4FcWk+BOkfF7HrMKK30ZAQwjJWAxb33OrhGLrZ2QFVoAD4kbMYlV8oo/OBtiXHgR2Xv1JKW74VF7r+VdKk4MGvuqXuprbauRfJYnR0aAH16H/l0+dKLtma4FL7moD33f7+UYac8xRRKC9dFsT8xxxfznTpqTP2loDZPsBJ+EaCzWGK2n/wTegGirxVHcS/dAj6yN6EIdAr+ekAgzGtqIaRAVYkGW3qRvz8FXA0PRzZopgBrLcAaWpot9yDIaS0K+vrVNF05fWF5CPP8ygOjd7I04DsoGd4S/5aW45yALxIasElZCMWesrcmNL/fCn+BFolJQY/aoZVqiOiL6h3u7/OLL6gOwXeJhLx/qMS3WcaeoudzhpjMg9q6urgA9FrViCdY21CoFcRxw8ZFXi92CFx3c2Tn8QoFLumHHOS9F8ZJ0t+EMC6fJ6kS2P+GWO6Iwvt+ONOeB88ZnzIViyH66y43+i/Zrqzs28KW5i7sTcrx3zFQrEuWCLS6jMhWYsesvi/hsqfWlvMu3c9V6YxNSgZJHtmlpXN4Bq28chS3S5YVr2pV5rmLywSchcfmJgQoPikPwJ8qinm0egnmr/ukOcKELtaSTlPz+tZL/tVjwC6Qkzh4ELzVxmX1wWZGJgERFHEUHuC2LeXnn94= +before_install: +- openssl aes-256-cbc -K $encrypted_a35d52d190dd_key -iv $encrypted_a35d52d190dd_iv + -in secret_key.enc -out secret_key -d script: - NODE_ENV=production npm run build before_deploy: @@ -10,11 +16,7 @@ before_deploy: deploy: - provider: script skip_cleanup: true - script: $(npm bin -g)/firebase deploy - --project unpkg-gcp - --message "https://travis-ci.com/$TRAVIS_REPO_SLUG/builds/$TRAVIS_BUILD_ID" - --token $FIREBASE_TOKEN - --non-interactive - --force + script: $(npm bin -g)/firebase deploy --project unpkg-gcp --message "https://travis-ci.com/$TRAVIS_REPO_SLUG/builds/$TRAVIS_BUILD_ID" + --token $FIREBASE_TOKEN --non-interactive --force on: branch: firebase-hosting diff --git a/functions/package-lock.json b/functions/package-lock.json index afa1b3b..bafcf7a 100644 --- a/functions/package-lock.json +++ b/functions/package-lock.json @@ -3382,11 +3382,6 @@ "is-stream": "^1.0.1" } }, - "node-forge": { - "version": "0.7.6", - "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz", - "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==" - }, "nth-check": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/nth-check/-/nth-check-1.0.2.tgz", diff --git a/functions/package.json b/functions/package.json index aadaac3..226a02f 100644 --- a/functions/package.json +++ b/functions/package.json @@ -30,7 +30,6 @@ "lru-cache": "^5.1.1", "mime": "^2.4.0", "ndjson": "^1.5.0", - "node-forge": "^0.7.6", "pretty-bytes": "^5.1.0", "prop-types": "^15.6.2", "react": "^16.7.0", diff --git a/modules/actions/showPublicKey.js b/modules/actions/showPublicKey.js index 8f69034..09e7708 100644 --- a/modules/actions/showPublicKey.js +++ b/modules/actions/showPublicKey.js @@ -1,4 +1,4 @@ -import secretKey from '../secretKey'; +import { secretKey } from '../config'; export default function showPublicKey(req, res) { res.send({ publicKey: secretKey.public }); diff --git a/modules/config.js b/modules/config.js index 5f1e558..353c653 100644 --- a/modules/config.js +++ b/modules/config.js @@ -1,4 +1,10 @@ +import invariant from 'invariant'; + export const npmRegistryURL = process.env.NPM_REGISTRY_URL || 'https://registry.npmjs.org'; export const origin = process.env.ORIGIN || 'http://localhost:5000'; + +export const secretKey = process.env.SECRET_KEY; + +invariant(secretKey, 'Missing $SECRET_KEY environment variable'); diff --git a/modules/secretKey.js b/modules/secretKey.js deleted file mode 100644 index 5da0a76..0000000 --- a/modules/secretKey.js +++ /dev/null @@ -1,31 +0,0 @@ -import fs from 'fs'; -import path from 'path'; -import forge from 'node-forge'; -import invariant from 'invariant'; - -let secretKey; -if (process.env.NODE_ENV === 'production') { - invariant( - process.env.PRIVATE_KEY, - 'Missing $PRIVATE_KEY environment variable' - ); - - secretKey = { - public: fs.readFileSync( - path.resolve(__dirname, '../secret_key.pub'), - 'utf8' - ), - private: process.env.PRIVATE_KEY - }; -} else { - // Generate a random keypair for dev/testing. - // See https://gist.github.com/sebadoom/2b70969e70db5da9a203bebd9cff099f - const keypair = forge.rsa.generateKeyPair({ bits: 2048 }); - - secretKey = { - public: forge.pki.publicKeyToPem(keypair.publicKey, 72), - private: forge.pki.privateKeyToPem(keypair.privateKey, 72) - }; -} - -export default secretKey; diff --git a/modules/utils/auth.js b/modules/utils/auth.js index 9cfce11..35b1b49 100644 --- a/modules/utils/auth.js +++ b/modules/utils/auth.js @@ -2,7 +2,7 @@ import crypto from 'crypto'; import jwt from 'jsonwebtoken'; import data from './data'; -import secretKey from '../secretKey'; +import { secretKey } from '../config'; function getCurrentSeconds() { return Math.floor(Date.now() / 1000); diff --git a/package-lock.json b/package-lock.json index ae157a7..8e4c64c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3007,6 +3007,11 @@ } } }, + "date-fns": { + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-1.30.1.tgz", + "integrity": "sha512-hBSVCvSmWC+QypYObzwGOd9wqdDpOt+0wl0KbU+R+uuZBS1jN8VsD1ss3irQDknRj5NvxiTF6oj/nDRnN/UQNw==" + }, "date-now": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz", @@ -6690,6 +6695,12 @@ "is-stream": "^1.0.1" } }, + "node-forge": { + "version": "0.7.6", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz", + "integrity": "sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==", + "dev": true + }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", @@ -6879,6 +6890,11 @@ "integrity": "sha512-FTMyFUm2wBcGHnH2eXmz7tC6IwlqQZ6mVZ+6dm6vZ4IQIHjs6FdNsQBuKGPuUUUY6NfJw2PshC08Tn6LzLDOag==", "dev": true }, + "object-path": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/object-path/-/object-path-0.6.0.tgz", + "integrity": "sha1-tpp9EQk3k08zbKVh/ZvhrXt+DLc=" + }, "object-visit": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", @@ -7271,6 +7287,11 @@ "integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks=", "dev": true }, + "pretty-bytes": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.1.0.tgz", + "integrity": "sha512-wa5+qGVg9Yt7PB6rYm3kXlKzgzgivYTLRandezh43jjRqgyDyP+9YxfJpJiLs9yKD1WeU8/OvtToWpW7255FtA==" + }, "pretty-format": { "version": "22.4.3", "resolved": "http://registry.npmjs.org/pretty-format/-/pretty-format-22.4.3.tgz", @@ -8914,6 +8935,14 @@ "kind-of": "^3.2.0" } }, + "sort-by": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/sort-by/-/sort-by-1.2.0.tgz", + "integrity": "sha1-7ZK7/5/SKEtB9lA+OElmB7Il/m8=", + "requires": { + "object-path": "0.6.0" + } + }, "source-map": { "version": "0.5.7", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", diff --git a/package.json b/package.json index c415ea9..831f0d7 100644 --- a/package.json +++ b/package.json @@ -28,6 +28,7 @@ "invariant": "^2.2.2", "isomorphic-fetch": "^2.2.1", "jest": "^22.4.4", + "node-forge": "^0.7.6", "rollup": "^1.0.0", "rollup-plugin-babel": "^4.2.0", "rollup-plugin-commonjs": "^9.2.0", @@ -37,5 +38,10 @@ "rollup-plugin-size-snapshot": "^0.7.0", "rollup-plugin-url": "^2.1.0", "supertest": "^3.0.0" + }, + "dependencies": { + "date-fns": "^1.30.1", + "pretty-bytes": "^5.1.0", + "sort-by": "^1.2.0" } } diff --git a/rollup.config.js b/rollup.config.js index 2e7d268..61774b0 100644 --- a/rollup.config.js +++ b/rollup.config.js @@ -1,6 +1,7 @@ +const fs = require('fs'); const path = require('path'); const builtinModules = require('module').builtinModules; - +const forge = require('node-forge'); const babel = require('rollup-plugin-babel'); const commonjs = require('rollup-plugin-commonjs'); const json = require('rollup-plugin-json'); @@ -15,6 +16,26 @@ const dev = env === 'development'; // Allow storing env vars in .env in dev. if (dev) require('dotenv').config(); +function readFile(file) { + return fs.readFileSync(path.resolve(__dirname, file), 'utf8'); +} + +let secretKey; +if (process.env.NODE_ENV === 'production') { + secretKey = { + public: readFile('./secret_key.pub'), + private: readFile('./secret_key') + }; +} else { + // Generate a random keypair for dev/testing. + // See https://gist.github.com/sebadoom/2b70969e70db5da9a203bebd9cff099f + const keypair = forge.rsa.generateKeyPair({ bits: 2048 }); + secretKey = { + public: forge.pki.publicKeyToPem(keypair.publicKey, 72), + private: forge.pki.privateKeyToPem(keypair.privateKey, 72) + }; +} + const functionsIndex = { external: id => true, input: path.resolve(__dirname, 'modules/functions/index.js'), @@ -63,7 +84,7 @@ const functions = [ 'process.env.CLOUDFLARE_KEY': JSON.stringify( process.env.CLOUDFLARE_KEY ), - 'process.env.SECRET_KEY': JSON.stringify(process.env.SECRET_KEY) + 'process.env.SECRET_KEY': JSON.stringify(secretKey) }) ] }; diff --git a/secret_key.enc b/secret_key.enc new file mode 100644 index 0000000..f47bdf5 Binary files /dev/null and b/secret_key.enc differ