UNPKG

@windingtree/wt-write-api

Version:

API to write data to the Winding Tree platform

github.com/windingtree/wt-write-api

windingtree/wt-write-api

132 lines (118 loc) 3.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
/* eslint-disable camelcase */ const crypto = require('crypto'); const { db } = require('../config'); const { validateWallet, validateUploaders } = require('../services/validators'); const TABLE = 'accounts'; module.exports.createTable = async function () { await db.schema.createTable(TABLE, (table) => { table.string('id').primary(); table.string('access_key').unique().notNullable(); // Hashed access key. table.string('wallet', 1023); table.string('uploaders', 1023); table.timestamps(true, true); }); }; module.exports.dropTable = async function () { await db.schema.dropTableIfExists(TABLE); }; async function _generateRandomString (bytesCnt, encoding) { return new Promise((resolve, reject) => { crypto.randomBytes(bytesCnt, (err, buffer) => { if (err) { return reject(err); } resolve(buffer.toString(encoding)); }); }); } /** * Generate a new secret key. */ async function _generateKey () { return _generateRandomString(32, 'base64'); } /** * Generate a random account ID. */ async function _generateID () { return _generateRandomString(8, 'hex'); } /** * Return a secure hash of the access key. * * Since access keys are long, randomly generated strings, we do * not need to use pbdkf2 nor salts. */ function _hashKey (accessKey) { const hash = crypto.createHash('sha256'); return hash.update(accessKey).digest('hex'); } const VALIDATED_FIELDS = [ { name: 'wallet', validator: validateWallet }, { name: 'uploaders', validator: validateUploaders }, ]; /** * Validate the given account data. */ function _validate (accountData) { for (const field of VALIDATED_FIELDS) { field.validator(accountData[field.name]); } } /** * Create a new account and return its ID and secret key. * * @param {Object} accountData * @return {Promise<Object>} */ module.exports.create = async function (accountData) { _validate(accountData); const accessKey = await _generateKey(), id = await _generateID(); await db(TABLE).insert({ id: id, wallet: JSON.stringify(accountData.wallet), uploaders: JSON.stringify(accountData.uploaders), access_key: _hashKey(accessKey), }); return { id, accessKey }; }; /** * Overwrite an existing account with new data. * * @param {Object} accountData * @return {Promise<void>} */ module.exports.update = async function (id, accountData) { _validate(accountData); await db(TABLE).where('id', id).update({ wallet: JSON.stringify(accountData.wallet), uploaders: JSON.stringify(accountData.uploaders), updated_at: db.fn.now(), }); }; /** * Get an account by access key. * * @param {String} accessKey * @return {Promise<Object>} */ module.exports.getByKey = async function (accessKey) { const account = (await db(TABLE).select('id', 'uploaders', 'wallet').where({ access_key: _hashKey(accessKey), }))[0]; return account && { id: account.id, wallet: JSON.parse(account.wallet), uploaders: JSON.parse(account.uploaders), }; }; /** * Delete an account by ID. * * @param {String} accessKey * @return {Promise<void>} */ module.exports.delete = async function (id) { await db(TABLE).where('id', id).delete(); };