Add authorization token to file system api

2026-04-24 18:22:58 +02:00 · 2021-12-28 15:21:11 -05:00
parent cc4f07d037
commit 5d7d72a3e2
7 changed files with 564 additions and 96 deletions
@@ -0,0 +1,124 @@
+/* eslint-disable @typescript-eslint/no-var-requires */
+const http = require("http");
+const crypto = require('crypto');
+const log = require('electron-log');
+const Config = require('electron-config');
+const config = new Config();
+
+let server;
+let window;
+
+function initialize(win, callback) {
+  window = win;
+  server = http.createServer(async function (req, res) {
+    let body = "";
+
+    req.on("data", (chunk) => {
+      body += chunk.toString(); // convert Buffer to string
+    });
+    req.on("end", () => {
+      const providedToken = req.headers?.authorization?.replace('Bearer ', '') ?? '';
+      const isValid = providedToken === getAuthenticationToken();
+      if (isValid) {
+        log.log('Valid authentication token');
+      } else {
+        log.log('Invalid authentication token');
+        res.writeHead(401);
+        res.write('Invalid authentication token');
+        res.end();
+        return;
+      }
+
+      let data;
+      try {
+        data = JSON.parse(body);
+      } catch (error) {
+        log.warn(`Invalid body data`);
+        res.writeHead(400);
+        res.write('Invalid body data');
+        res.end();
+        return;
+      }
+
+      if (data) {
+        window.webContents.executeJavaScript(`document.saveFile("${data.filename}", "${data.code}")`).then((result) => {
+          res.write(result);
+          res.end();
+        });
+      }
+    });
+  });
+
+  const autostart = config.get('autostart', false);
+  if (autostart) {
+    return enable(callback);
+  }
+
+  if (callback) return callback();
+  return Promise.resolve();
+}
+
+
+function enable(callback) {
+  if (isListening()) {
+    log.warn('API server already listening');
+    return;
+  }
+
+  const port = config.get('port', 9990);
+  log.log(`Starting http server on port ${port}`);
+  return server.listen(port, "127.0.0.1", callback);
+}
+
+function disable() {
+  if (!isListening()) {
+    log.warn('API server not listening');
+    return;
+  }
+
+  log.log('Stopping http server');
+  return server.close();
+}
+
+function toggleServer() {
+  if (isListening()) {
+    return disable();
+  } else {
+    return enable();
+  }
+}
+
+function isListening() {
+  return server?.listening ?? false;
+}
+
+function toggleAutostart() {
+  const newValue = !isAutostart();
+  config.set('autostart', newValue);
+  log.log(`New autostart value is '${newValue}'`);
+}
+
+function isAutostart() {
+  return config.get('autostart');
+}
+
+function getAuthenticationToken() {
+  const token = config.get('token');
+  if (token) return token;
+
+  const newToken = generateToken();
+  config.set('token', newToken);
+  return newToken;
+}
+
+function generateToken() {
+  const buffer = crypto.randomBytes(48);
+  return buffer.toString('base64')
+}
+
+module.exports = {
+  initialize,
+  enable, disable, toggleServer,
+  toggleAutostart, isAutostart,
+  getAuthenticationToken, isListening,
+}