From cb47fbf775dd21622864c0e7dcd79f8482740894 Mon Sep 17 00:00:00 2001 From: Michael Jackson Date: Fri, 8 Jun 2018 23:01:13 -0700 Subject: [PATCH] Add secretKey module --- .gitignore | 2 +- public.key => secret_key.pub | 0 server/AuthAPI.js | 44 ++++++++++++------------------------ server/secretKey.js | 31 +++++++++++++++++++++++++ 4 files changed, 46 insertions(+), 31 deletions(-) rename public.key => secret_key.pub (100%) create mode 100644 server/secretKey.js diff --git a/.gitignore b/.gitignore index 0dd9725..dd0f57d 100644 --- a/.gitignore +++ b/.gitignore @@ -9,5 +9,5 @@ npm-debug.log* yarn-debug.log* yarn-error.log* -private.key +secret_key /tokens diff --git a/public.key b/secret_key.pub similarity index 100% rename from public.key rename to secret_key.pub diff --git a/server/AuthAPI.js b/server/AuthAPI.js index 89980b0..91913c9 100644 --- a/server/AuthAPI.js +++ b/server/AuthAPI.js @@ -1,29 +1,8 @@ -const fs = require("fs"); -const path = require("path"); const crypto = require("crypto"); const jwt = require("jsonwebtoken"); -const invariant = require("invariant"); -const forge = require("node-forge"); const db = require("./utils/redis"); - -let keys; -if (process.env.NODE_ENV === "production") { - keys = { - public: fs.readFileSync(path.resolve(__dirname, "../public.key"), "utf8"), - private: process.env.PRIVATE_KEY - }; - - invariant(keys.private, "Missing $PRIVATE_KEY environment variable"); -} else { - // Generate a random keypair for dev/testing. - // See https://gist.github.com/sebadoom/2b70969e70db5da9a203bebd9cff099f - const keypair = forge.rsa.generateKeyPair({ bits: 2048 }); - keys = { - public: forge.pki.publicKeyToPem(keypair.publicKey, 72), - private: forge.pki.privateKeyToPem(keypair.privateKey, 72) - }; -} +const secretKey = require("./secretKey"); function getCurrentSeconds() { return Math.floor(Date.now() / 1000); @@ -42,13 +21,18 @@ function createToken(scopes = {}) { scopes }; - jwt.sign(payload, keys.private, { algorithm: "RS256" }, (error, token) => { - if (error) { - reject(error); - } else { - resolve(token); + jwt.sign( + payload, + secretKey.private, + { algorithm: "RS256" }, + (error, token) => { + if (error) { + reject(error); + } else { + resolve(token); + } } - }); + ); }); } @@ -58,7 +42,7 @@ function verifyToken(token) { return new Promise((resolve, reject) => { const options = { algorithms: ["RS256"] }; - jwt.verify(token, keys.public, options, (error, payload) => { + jwt.verify(token, secretKey.public, options, (error, payload) => { if (error) { reject(error); } else { @@ -107,7 +91,7 @@ function removeAllRevokedTokens() { } function getPublicKey() { - return keys.public; + return secretKey.public; } module.exports = { diff --git a/server/secretKey.js b/server/secretKey.js new file mode 100644 index 0000000..0b1d62b --- /dev/null +++ b/server/secretKey.js @@ -0,0 +1,31 @@ +const fs = require("fs"); +const path = require("path"); +const forge = require("node-forge"); +const invariant = require("invariant"); + +let secretKey; +if (process.env.NODE_ENV === "production") { + invariant( + process.env.PRIVATE_KEY, + "Missing $PRIVATE_KEY environment variable" + ); + + secretKey = { + public: fs.readFileSync( + path.resolve(__dirname, "../secret_key.pub"), + "utf8" + ), + private: process.env.PRIVATE_KEY + }; +} else { + // Generate a random keypair for dev/testing. + // See https://gist.github.com/sebadoom/2b70969e70db5da9a203bebd9cff099f + const keypair = forge.rsa.generateKeyPair({ bits: 2048 }); + + secretKey = { + public: forge.pki.publicKeyToPem(keypair.publicKey, 72), + private: forge.pki.privateKeyToPem(keypair.privateKey, 72) + }; +} + +module.exports = secretKey;