UNPKG

agneta-platform

Version:

Agneta Platform - Integrate and customize business applications

github.com/agneta/platform

agneta/platform

123 lines (100 loc) 3.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
/* Copyright 2017 Agneta Network Applications, LLC. * * Source file: services/lib/secrets.js * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ const cryptojs = require('crypto-js'); const _ = require('lodash'); const fs = require('fs-extra'); const path = require('path'); const filename = 'secrets.json'; //--------------------------------------------- var encryptionKey; var keyPath = path.join( process.cwd(), '../secret.json' ); var secretKey = process.env.SECRET_KEY || fs.readJsonSync(keyPath, 'utf8'); if (!secretKey) { throw new Error('Could not find the secret key to set sensitive data'); } //--------------------------------------------- var secretsPath = path.join(process.cwd(), filename); var keys = fs.readJsonSync(secretsPath); //---------------------------------------------------- // Check if secret key is valid var isValid = keys.isValid; if (!isValid) { throw new Error('Not a correct secret file'); } isValid = cryptojs.AES.decrypt( isValid.toString(), secretKey).toString(cryptojs.enc.Utf8); //console.log(keys); //console.log('isValid', isValid); //console.log('secretKey', secretKey); if (isValid != 'yes') { throw new Error('The secret key is incorrect'); } //---------------------------------------------------- // Decrypt all the object values _.deepMapValues(keys, function(value, path) { value = cryptojs.AES.decrypt(value, secretKey) .toString(cryptojs.enc.Utf8); _.set(keys, path, value); }); module.exports = function(app) { function getSecret(env, path) { var value = null; var obj = null; if (keys[env]) { obj = keys[env]; value = _.get(obj, path); } if (!value) { obj = keys.default; value = _.get(obj, path); } return value; } var secrets = { get: function(path, keep) { var env; if (_.isFunction(app.get)) { env = app.get('env'); } env = env || process.env.NODE_ENV; var result = getSecret(env, path, keep); if(path == 'db'){ if(result.host=='mongoDB' && (process.env.MODE == 'terminal')){ result.host='localhost'; } } return result; }, encrypt: function(value) { value = value.toString('utf8'); return cryptojs.AES.encrypt(value, encryptionKey).toString(); }, decrypt: function(value) { return cryptojs.AES.decrypt(value, encryptionKey).toString(cryptojs.enc.Utf8); } }; encryptionKey = encryptionKey || secrets.get('encryptionKey'); if(!encryptionKey){ throw new Error(`The encryptionKey needs to be stored in ${filename}`); } if (app) { app.secrets = secrets; } return secrets; };