UNPKG

btc-rpc-explorer

Version:

Open-source, self-hosted Bitcoin explorer

github.com/janoside/btc-rpc-explorer

janoside/btc-rpc-explorer

86 lines (69 loc) 2.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
// // IMPORTANT MESSAGE!!! // // Dear contributor, please take great care when modifying this code. // It was written defensively with attention to a lot of details in order to prevent security issues. // As a result of such care it avoided a problem that occurred in RTL which had similar but subtly broken logic // see https://github.com/Ride-The-Lightning/RTL/issues/610 // // So before you change anything, please think twice about the consequences. "use strict"; const crypto = require('crypto'); const fs = require('fs'); const utils = require("./utils.js"); const authCookieName = "btcexp_auth"; function generateToken() { // Normally we would use 16 => 128 bits of entropy which is sufficiennt // But since we're going to base64 it and there would be padding (==), // It's a wasted space, why not use padding for some additional entropy? :) // The replacing is to make it URL-safe return crypto.randomBytes(18).toString("base64").replace(/\+/g, '-').replace(/\//g, '_') } function updateToken(tokenFile) { // This implements atomic update of the token file to avoid corrupted tokens causing trouble // If first saves the token into a temporary file and then moves it over. The move is atomic. // The token could also be synced but since the next boot overwrites it anyway, disk corruption // is not an issue. var newToken = generateToken(); var tmpFileName = tokenFile + ".tmp"; // It is important that we use the generated token, and NOT read back what was written. // This avoids using predictable token if filesystem gets corrupted (e.g. in case of ENOSPC). fs.writeFileSync(tmpFileName, newToken); fs.renameSync(tmpFileName, tokenFile); return newToken; } module.exports = (tokenFile, loginRedirect) => { // Reinitializing the token at start is important due to same reason we don't read it back. // It also avoids races when another process binds the same port and reads the token in order to later use // it to attack this app. var token = updateToken(tokenFile); var cookies = new Set(); return (req, res, next) => { if (req.cookies && cookies.has(req.cookies[authCookieName])) { req.authenticated = true; return next(); } let matchingToken = false; if (req.query.token) { try { // We use timingSafeEqual to avoid timing attacks matchingToken = crypto.timingSafeEqual(Buffer.from(req.query.token, "utf8"), Buffer.from(token, "utf8")); } catch (e) { utils.logError("23rheuweesaa", e); } } if (matchingToken) { req.authenticated = true; token = updateToken(tokenFile); let cookie = generateToken(); cookies.add(cookie); res.cookie(authCookieName, cookie); return next(); } if (loginRedirect) { res.redirect(loginRedirect); } else { res.sendStatus(401); } }; }