summaryrefslogtreecommitdiff
authorMichael Krelin <hacker@klever.net>2013-11-25 20:52:38 (UTC)
committer Michael Krelin <hacker@klever.net>2013-11-25 20:52:38 (UTC)
commit352f2216eec032efce4bdeddd2ffe5a9e326a99d (patch) (unidiff)
tree902272eaff4d42c0e732cc446baa3b5958cfae73
parentc79ee694f71f787e896fe3f954316723ef0f5544 (diff)
downloadclipperz-352f2216eec032efce4bdeddd2ffe5a9e326a99d.zip
clipperz-352f2216eec032efce4bdeddd2ffe5a9e326a99d.tar.gz
clipperz-352f2216eec032efce4bdeddd2ffe5a9e326a99d.tar.bz2
postgresql-based clipperz own session store
the use thereof is not mandatory, but may come in handy for the standalone deployment
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--backend/node/src/app.js20
-rw-r--r--backend/node/src/clipperz.js37
-rw-r--r--backend/node/src/clipperz.schema.sql7
3 files changed, 54 insertions, 10 deletions
diff --git a/backend/node/src/app.js b/backend/node/src/app.js
index d4d60c2..61c2c72 100644
--- a/backend/node/src/app.js
+++ b/backend/node/src/app.js
@@ -8,42 +8,44 @@ var LOGGER = BUNYAN.createLogger({
8 req: BUNYAN.stdSerializers.req, 8 req: BUNYAN.stdSerializers.req,
9 res: BUNYAN.stdSerializers.res, 9 res: BUNYAN.stdSerializers.res,
10 err: BUNYAN.stdSerializers.err 10 err: BUNYAN.stdSerializers.err
11 }, 11 },
12 src: true 12 src: true
13}); 13});
14 14
15 15
16var EXPRESS = require('express'); 16var EXPRESS = require('express');
17var HTTP = require('http'); 17var HTTP = require('http');
18var PATH = require('path'); 18var PATH = require('path');
19 19
20
21var CLIPPERZ = require('./clipperz');
22var CONF = require('./conf');
23var clipperz = CLIPPERZ({
24 psql: CONF.psql||'postgresql:///clipperz',
25 logger: LOGGER,
26 dump_template: PATH.join(__dirname,'htdocs/beta/index.html')
27});
28
29
20var app = EXPRESS(); 30var app = EXPRESS();
21 31
22app.set('port', process.env.PORT || 3000); 32app.set('port', process.env.PORT || 3000);
23app.use(EXPRESS.logger('dev')); 33app.use(EXPRESS.logger('dev'));
24app.use(EXPRESS.urlencoded()); 34app.use(EXPRESS.urlencoded());
25app.use(EXPRESS.methodOverride()); 35app.use(EXPRESS.methodOverride());
26app.use(EXPRESS.cookieParser('your secret here')); 36app.use(EXPRESS.cookieParser('your secret here'));
27app.use(EXPRESS.session()); 37app.use(EXPRESS.session({secret:'99 little bugs in the code', key:'sid', store: clipperz.session_store() }));
28app.use(app.router); 38app.use(app.router);
29app.use(EXPRESS.static(PATH.join(__dirname, 'htdocs/'))); 39app.use(EXPRESS.static(PATH.join(__dirname, 'htdocs/')));
30if ('development' == app.get('env')) { 40if ('development' == app.get('env')) {
31 app.use(EXPRESS.errorHandler()); 41 app.use(EXPRESS.errorHandler());
32} 42}
33 43
34 44
35var CLIPPERZ = require('./clipperz');
36var CONF = require('./conf');
37var clipperz = CLIPPERZ({
38 psql: CONF.psql||'postgresql:///clipperz',
39 logger: LOGGER,
40 dump_template: PATH.join(__dirname,'htdocs/beta/index.html')
41});
42
43app.post('/json',clipperz.json); 45app.post('/json',clipperz.json);
44app.get('/beta/dump',clipperz.dump); 46app.get('/beta/dump',clipperz.dump);
45 47
46 48
47HTTP.createServer(app).listen(app.get('port'), function(){ 49HTTP.createServer(app).listen(app.get('port'), function(){
48 LOGGER.info({port:app.get('port')},"Listener established"); 50 LOGGER.info({port:app.get('port')},"Listener established");
49}); 51});
diff --git a/backend/node/src/clipperz.js b/backend/node/src/clipperz.js
index eebd5bf..73af0a0 100644
--- a/backend/node/src/clipperz.js
+++ b/backend/node/src/clipperz.js
@@ -1,26 +1,57 @@
1var FS = require('fs'); 1var FS = require('fs');
2var CRYPTO = require('crypto'); 2var CRYPTO = require('crypto');
3var BIGNUM = require('bignum'); 3var BIGNUM = require('bignum');
4var ASYNC = require('async'); 4var ASYNC = require('async');
5 5
6var express_store = require('express').session.Store;
7
6function clipperz_hash(v) { 8function clipperz_hash(v) {
7 return CRYPTO.createHash('sha256').update( 9 return CRYPTO.createHash('sha256').update(
8 CRYPTO.createHash('sha256').update(v).digest('binary') 10 CRYPTO.createHash('sha256').update(v).digest('binary')
9 ).digest('hex'); 11 ).digest('hex');
10}; 12};
11function clipperz_random() { 13function clipperz_random() {
12 for(var r = '';r.length<64;r+=''+BIGNUM(Math.floor(Math.random()*1e18)).toString(16)); 14 for(var r = '';r.length<64;r+=''+BIGNUM(Math.floor(Math.random()*1e18)).toString(16));
13 return r.substr(0,64); 15 return r.substr(0,64);
14}; 16};
17function clipperz_store(PG) {
18 var rv = function(o) { express_store.call(this,o); }
19 rv.prototype.get = function(sid,cb) { PG.Q(
20 "SELECT s_data FROM clipperz.thesession WHERE s_id=$1",[sid],
21 function(e,r) { cb(e,(e||!r.rowCount)?null:r.rows[0].s_data); }
22 ) };
23 rv.prototype.set = function(sid,data,cb) { PG.Q(
24 "UPDATE clipperz.thesession SET s_data=$1, s_mtime=current_timestamp"
25 +" WHERE s_id=$2",[data,sid], function(e,r) {
26 if(e) return cb(e);
27 if(r.rowCount) return cb();
28 PG.Q("INSERT INTO clipperz.thesession (s_id,s_data) VALUES ($1,$2)",[sid,data],cb);
29 }
30 ) };
31 rv.prototype.destroy = function(sid,cb) { PG.Q(
32 "DELETE FROM clipperz.thesession WHERE s_id=$1",[sid],cb
33 ) };
34 rv.prototype.length = function(cb) { PG.Q(
35 "SELECT count(*) AS c FROM clipperz.thesession", function(e,r) {
36 cb(e,e?null:r.rows[0].c);
37 }
38 ) };
39 rv.prototype.length = function(cb) { PQ.Q(
40 "DELETE FROM clipperz.thesession", cb
41 ) };
42 rv.prototype.__proto__ = express_store.prototype;
43 return rv;
44}
45
15var srp_g = BIGNUM(2); 46var srp_g = BIGNUM(2);
16var srp_n = BIGNUM("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3",16); 47var srp_n = BIGNUM("115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3",16);
17var n123 = '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00'; 48var n123 = '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00';
18 49
19 50
20var CLIPPERZ = module.exports = function(CONFIG) { 51var CLIPPERZ = module.exports = function(CONFIG) {
21 52
22 var LOGGER = CONFIG.logger||{trace:function(){}}; 53 var LOGGER = CONFIG.logger||{trace:function(){}};
23 54
24 var PG = { 55 var PG = {
25 url: CONFIG.psql, 56 url: CONFIG.psql,
26 PG: require('pg').native, 57 PG: require('pg').native,
@@ -67,25 +98,25 @@ var CLIPPERZ = module.exports = function(CONFIG) {
67 }, 98 },
68 end: function(e,cb) { 99 end: function(e,cb) {
69 if(e) return LOGGER.trace(e,"rolling back transaction due to an error"),this.rollback(cb); 100 if(e) return LOGGER.trace(e,"rolling back transaction due to an error"),this.rollback(cb);
70 this.commit(cb); 101 this.commit(cb);
71 } 102 }
72 }); 103 });
73 }); 104 });
74 }); 105 });
75 } 106 }
76 }; 107 };
77 108
78 109
79 return { 110 var rv = {
80 111
81 json: function clipperz_json(req,res,cb) { 112 json: function clipperz_json(req,res,cb) {
82 var method = req.body.method, pp = JSON.parse(req.body.parameters).parameters; 113 var method = req.body.method, pp = JSON.parse(req.body.parameters).parameters;
83 var message = pp.message; 114 var message = pp.message;
84 var ppp = pp.parameters; 115 var ppp = pp.parameters;
85 res.res = function(o) { return res.json({result:o}) }; 116 res.res = function(o) { return res.json({result:o}) };
86 LOGGER.trace({method:method,parameters:pp},"JSON request"); 117 LOGGER.trace({method:method,parameters:pp},"JSON request");
87 118
88 switch(method) { 119 switch(method) {
89 case 'registration': 120 case 'registration':
90 switch(message) { 121 switch(message) {
91 case 'completeRegistration': return PG.Q( 122 case 'completeRegistration': return PG.Q(
@@ -523,15 +554,19 @@ var CLIPPERZ = module.exports = function(CONFIG) {
523 var ojs = { users: { 554 var ojs = { users: {
524 catchAllUser: { __masterkey_test_value__: 'masterkey', s: n123, v: n123 } 555 catchAllUser: { __masterkey_test_value__: 'masterkey', s: n123, v: n123 }
525 } }; 556 } };
526 r.u.d.records = r.records; 557 r.u.d.records = r.records;
527 ojs.users[r.u.u] = r.u.d; 558 ojs.users[r.u.u] = r.u.d;
528 res.send(r.html.replace('/*offline_data_placeholder*/', 559 res.send(r.html.replace('/*offline_data_placeholder*/',
529 "_clipperz_dump_data_="+JSON.stringify(ojs) 560 "_clipperz_dump_data_="+JSON.stringify(ojs)
530 +";" 561 +";"
531 +"Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" 562 +"Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();"
532 +"Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();")); 563 +"Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();"));
533 }); 564 });
534 } 565 }
566
535 }; 567 };
568 rv.__defineGetter__('session_store',function(){ return function(o) { return new (clipperz_store(PG))(o) } });
569
570 return rv;
536 571
537}; 572};
diff --git a/backend/node/src/clipperz.schema.sql b/backend/node/src/clipperz.schema.sql
index ba6f482..1c2305c 100644
--- a/backend/node/src/clipperz.schema.sql
+++ b/backend/node/src/clipperz.schema.sql
@@ -49,12 +49,19 @@ CREATE TABLE clipperz.theotp (
49 otp_id serial PRIMARY KEY, 49 otp_id serial PRIMARY KEY,
50 u_id integer REFERENCES clipperz.theuser (u_id) ON UPDATE CASCADE ON DELETE CASCADE, 50 u_id integer REFERENCES clipperz.theuser (u_id) ON UPDATE CASCADE ON DELETE CASCADE,
51 otps_id integer REFERENCES clipperz.otpstatus (otps_id) ON UPDATE CASCADE ON DELETE CASCADE, 51 otps_id integer REFERENCES clipperz.otpstatus (otps_id) ON UPDATE CASCADE ON DELETE CASCADE,
52 otp_ref varchar NOT NULL UNIQUE, 52 otp_ref varchar NOT NULL UNIQUE,
53 otp_key varchar NOT NULL UNIQUE, 53 otp_key varchar NOT NULL UNIQUE,
54 otp_key_checksum varchar NOT NULL, 54 otp_key_checksum varchar NOT NULL,
55 otp_data varchar NOT NULL, 55 otp_data varchar NOT NULL,
56 otp_version varchar NOT NULL, 56 otp_version varchar NOT NULL,
57 otp_ctime timestamp NOT NULL DEFAULT current_timestamp, 57 otp_ctime timestamp NOT NULL DEFAULT current_timestamp,
58 otp_rtime timestamp NOT NULL DEFAULT current_timestamp, 58 otp_rtime timestamp NOT NULL DEFAULT current_timestamp,
59 otp_utime timestamp NOT NULL DEFAULT current_timestamp 59 otp_utime timestamp NOT NULL DEFAULT current_timestamp
60); 60);
61
62CREATE TABLE clipperz.thesession (
63 s_id varchar PRIMARY KEY,
64 s_data json,
65 s_ctime timestamp DEFAULT current_timestamp,
66 s_mtime timestamp DEFAULT current_timestamp
67);