From 0112254526d99ac7812b2e12938472952eef37ce Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 21:13:13 +0000
Subject: [PATCH 1/8] Add 'timenow','listener' endpoints for Ledger compat
- Also, landing page HTML code cleanup
---
app_mongo.js | 225 +++++++++++++++++++++++++++++++++++----------------
1 file changed, 156 insertions(+), 69 deletions(-)
diff --git a/app_mongo.js b/app_mongo.js
index 9ebfdc4..99b47cb 100644
--- a/app_mongo.js
+++ b/app_mongo.js
@@ -30,6 +30,14 @@ const { WebSocket, WebSocketServer } = require('ws')
// Mogodb driver for externally store messageid and slates for ver 2.0.0. of epicbox, tp work with answer by wallet with slate id message
const { MongoClient } = require('mongodb');
+// Ledger Integration API support
+const mime = require('mime-types')
+const url = require('url')
+const path = require('path')
+
+// where is subfolder with your public files like index.html
+const baseDirectory = __dirname +"/public"
+
// Connection URL for mongo, please change if your mongo server is on other location, you can add authorization and open firewall for it.
// each instance of epicbox which you run on your domain must use the same mongodb -- so change to correct ip and remeber open ports in firewall
// it's good idea to add one field (createdat:new Date()) in stored document and set index with timeout which which can delete documents which are old about 3-4 days
@@ -56,11 +64,7 @@ var interval = null
// time of interval ( ms ) in which epicbox can try repeat send the oldest slate for address.
//
-var intervalperiod = 4000 // 4 seconds
-
-
-//Where is executable rust named epicboxlib compiled from epicboxlib subfolder
-var pathtoepicboxlib = "./epicboxlib"
+var intervalperiod = 4000 // 4 seconds
// amount of repeats FastSend message to wallet
var fast_send_repeats = 20
@@ -176,69 +180,152 @@ setInterval(()=>{
},60*60*1000);
-
-
-
const requestListener = function (req, res) {
- res.writeHead(200)
- res.end(`\n\
-\n\
-\n\
-Epicbox\n\
-\n\
-\n\
-\n\
-\n\
-Epicbox servers. Local server number 1
\n\
-Protocol 2.0.0
\n\
-epic-wallet to build with protocol 2.0.0\n\
-Asia, Australia - epicbox.hyperbig.com
\n\
-North America, South America - epicbox.epic.tech
\n\
-US East Cost - epicbox.epicnet.us
\n\
-Africa, Europe - epicbox.fastepic.eu
\n\
-
\n\
-More about Epic
\n\
-Epic Cash main webpage\n\
-
\n\
-
\n\
- Example use in toml file.\n\
-\n\
-\n\
-\n\
-\n\
-[epicbox]\n\
-epicbox_domain = 'epicbox.fastepic.eu'\n\
-epicbox_port = 443\n\
-epicbox_protocol_unsecure = false\n\
-epicbox_address_index = 0\n\
-epicbox_listener_interval = 10\n\
-\n\
-\n\
-
\n\
- start listen: epic-wallet listen -m epicbox
\n\
-
\n\
-\n\
-Epicbox Statistics from ${statistics.from.toUTCString()}:\n\
-
\n\
-\n\
-connections: ${statistics.connectionsInHour}
\n\
-active connections: ${statistics.activeconnections}
\n\
-subscribes: ${statistics.connectionsInHour}
\n\
-received slates: ${statistics.slatesReceivedInHour}
\n\
-relayed slates: ${statistics.slatesRelayedInHour}
\n\
-sending slate attempts: ${statistics.slatesAttempt}
\n\
-
\n\
-\n\
-`);
-}
-
-
+ if(req.method=="GET") {
+
+ try {
+
+ console.log(req.url)
+
+ var requestUrl = url.parse(req.url,true)
+
+ // need to use path.normalize so people can't access directories underneath baseDirectory
+ var fsPath = baseDirectory+path.normalize(requestUrl.pathname)
+
+ console.log(fsPath)
+ console.log(requestUrl)
+
+ switch (requestUrl.pathname) {
+
+ case "/": {
+ res.writeHead(200, { 'Content-Type':'text/html'});
+ res.end(`\n\
+ Epicbox\n\
+ \n\
+ Epicbox servers. Local server number 1
Protocol 2.0.0
\n\
+ epic-wallet to build with protocol 2.0.0\n\
+ Asia, Australia - epicbox.hyperbig.com
North America, South America - epicbox.epic.tech
\n\
+ US East Cost - epicbox.epicnet.us
Africa, Europe - epicbox.fastepic.eu
\n\
+ More about Epic
Epic Cash main webpage
\n\
+ Example use in toml file:\n\
+ \n\[epicbox]\n\epicbox_domain = 'epicbox.fastepic.eu'\n\epicbox_port = 443\n\epicbox_protocol_unsecure = false\n\epicbox_address_index = 0\n\epicbox_listener_interval = 10\n\
+
\n\
+ start listen: epic-wallet listen -m epicbox
\n\
+ Epicbox Statistics from ${statistics.from.toUTCString()}:
\n\
+ connections: ${statistics.connectionsInHour}
active connections: ${statistics.activeconnections}
\n\
+ subscribes: ${statistics.connectionsInHour}
received slates: ${statistics.slatesReceivedInHour}
\n\
+ relayed slates: ${statistics.slatesRelayedInHour}
sending slate attempts: ${statistics.slatesAttempt}
\n\
+
\n\
+ `);
+ break;
+ } // case '/'
+
+ case "/timenow": {
+
+ res.setHeader("Content-Type", "application/json")
+ res.writeHead(200)
+ var timestamp =Date.now();
+ res.end(JSON.stringify({time: timestamp}))
+
+ break;
+
+ } // case 'timenow
+
+ case "/listener": {
+ listener(requestUrl, res)
+ break;
+ } // case '/listener'
+
+ default: {
+ var fileStream = fs.createReadStream(fsPath)
+ res.setHeader("Content-Type",mime.contentType(path.extname(fsPath)))
+ fileStream.pipe(res)
+ fileStream.on('open', function() {
+ res.writeHead(200)
+ })
+ fileStream.on('error',function(e) {
+ res.end('No that file')
+ })
+ } // default
+ }
+
+ } catch(e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
+ }
+}
+function listener(requestUrl, res){
+
+ try {
+ // trick
+ let json = JSON.parse(JSON.stringify(requestUrl.query))
+
+ console.log(json)
+
+ if(json.hasOwnProperty("address") && json.hasOwnProperty("signature") && json.hasOwnProperty("timenow") ){
+
+ console.log("OK")
+
+ let from = json.address.split('@')
+ from = from[0]
+
+ // here we check address!!!
+
+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
+ const childadd = execFile(pathtoepicboxlib, ['verifyaddress', json.address, from], (erroradr, stdoutadr, stderradr) =>
+ {
+ if (erroradr) {
+ throw erroradr
+ }
+
+ var isTrueSetadr = (stdoutadr === 'true');
+
+ if(isTrueSetadr) {
+ // use rust program to verify signatures if they signet timenow by private key of address public key
+ const child = execFile(pathtoepicboxlib, ["verifysignature", from , json.timenow, json.signature], (error, stdout, stderr) => {
+
+ if (error) {
+ throw error;
+ }
+ var isTrueSet = (stdout === 'true');
+
+ if(isTrueSet){
+ const db = mongoclient.db(dbName);
+ const collection = db.collection(collectionname);
+
+ // show all slates where address is from query - sender and receiver
+ collection.find({queue:from, replyto:json.address}).project({
+ _id:0, queue:1, replyto:1, made:1, payload:1, createdat:1, expiration:1 }
+ ).toArray().then((SlatesMany =>
+ {
+ res.setHeader("Content-Type", "application/json")
+ res.writeHead(200)
+ res.end(JSON.stringify({slates:SlatesMany}))
+ }))
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong signature"}))
+ }
+ }) // end child
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong address"}))
+ }
+ }) // end childad
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"not enough data"}))
+ }
+ } catch (e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
+}
//
// HTTMl server creation with function for receives requests
@@ -955,12 +1042,12 @@ async function main() {
console.log('Connected successfully to mongo');
//run().catch(console.log);
-
+
server.listen(localepicboxserviceport)
-
+
interval = setInterval( forInterval, 2000);
-
- setInterval(forIntervalChallenge, 3*60*1000);
+
+ setInterval(forIntervalChallenge, 3*60*1000);
return "Epicbox ready to work.";
From 0a3665bcb6aae51d4796e1ccb82373b77f820345 Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 21:19:41 +0000
Subject: [PATCH 2/8] Add 'mime-type' package, 'public' folder for files
(unused)
---
package.json | 1 +
1 file changed, 1 insertion(+)
diff --git a/package.json b/package.json
index cc59cc2..d7cceaf 100644
--- a/package.json
+++ b/package.json
@@ -9,6 +9,7 @@
"author": "",
"license": "ISC",
"dependencies": {
+ "mime-types": "^2.1.35",
"mongodb": "^5.1.0",
"uid2": "^1.0.0",
"ws": "^8.12.1"
From e9ef71dcb2b81d8dd9fbb7925aa3518e9645f0ae Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 21:23:09 +0000
Subject: [PATCH 3/8] Add README.md in public folder, so we can push folder to
git
---
public/README.md | 3 +++
1 file changed, 3 insertions(+)
create mode 100644 public/README.md
diff --git a/public/README.md b/public/README.md
new file mode 100644
index 0000000..2681975
--- /dev/null
+++ b/public/README.md
@@ -0,0 +1,3 @@
+### Folder location for public-facing files
+
+HTML, images, whatever should go only in this folder.
From 13ab093d5e2ce678e69097d29f5d2995afa0d10c Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 21:53:56 +0000
Subject: [PATCH 4/8] Don't error if ebox address omits '@domain:port'
---
app_mongo.js | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/app_mongo.js b/app_mongo.js
index 99b47cb..cbd4ee9 100644
--- a/app_mongo.js
+++ b/app_mongo.js
@@ -270,8 +270,15 @@ function listener(requestUrl, res){
console.log("OK")
- let from = json.address.split('@')
- from = from[0]
+ var from;
+ let split = json.address.search('@');
+ if (split >= 0) {
+ from = json.address.split('@')
+ from = from[0]
+ } else {
+ from = json.address;
+ }
+ console.log("from = " + from);
// here we check address!!!
From b220a971f6252ba31b41e797919e839d74ca956d Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 22:00:59 +0000
Subject: [PATCH 5/8] Add same changes to app_mongo_many.js
---
app_mongo_many.js | 213 ++++++++++++++++++++++++++++++++++------------
1 file changed, 157 insertions(+), 56 deletions(-)
diff --git a/app_mongo_many.js b/app_mongo_many.js
index e7d2819..7417dfe 100644
--- a/app_mongo_many.js
+++ b/app_mongo_many.js
@@ -30,6 +30,14 @@ const { WebSocket, WebSocketServer } = require('ws')
// Mogodb driver for externally store messageid and slates for ver 2.0.0. of epicbox, tp work with answer by wallet with slate id message
const { MongoClient } = require('mongodb');
+// Ledger Integration API support
+const mime = require('mime-types')
+const url = require('url')
+const path = require('path')
+
+// where is subfolder with your public files like index.html
+const baseDirectory = __dirname +"/public"
+
// Connection URL for mongo, please change if your mongo server is on other location, you can add authorization and open firewall for it.
// each instance of epicbox which you run on your domain must use the same mongodb -- so change to correct ip and remeber open ports in firewall
// it's good idea to add one field (createdat:new Date()) in stored document and set index with timeout which which can delete documents which are old about 3-4 days
@@ -209,66 +217,159 @@ setInterval(()=>{
},60*60*1000);
+const requestListener = function (req, res) {
+ if(req.method=="GET") {
+
+ try {
+
+ console.log(req.url)
+
+ var requestUrl = url.parse(req.url,true)
+
+ // need to use path.normalize so people can't access directories underneath baseDirectory
+ var fsPath = baseDirectory+path.normalize(requestUrl.pathname)
+
+ console.log(fsPath)
+ console.log(requestUrl)
+
+ switch (requestUrl.pathname) {
+
+ case "/": {
+ res.writeHead(200, { 'Content-Type':'text/html'});
+ res.end(`\n\
+ Epicbox\n\
+ \n\
+ Epicbox servers. Local server number 1
Protocol 2.0.0
\n\
+ epic-wallet to build with protocol 2.0.0\n\
+ Asia, Australia - epicbox.hyperbig.com
North America, South America - epicbox.epic.tech
\n\
+ US East Cost - epicbox.epicnet.us
Africa, Europe - epicbox.fastepic.eu
\n\
+ More about Epic
Epic Cash main webpage
\n\
+ Example use in toml file:\n\
+ \n\[epicbox]\n\epicbox_domain = 'epicbox.fastepic.eu'\n\epicbox_port = 443\n\epicbox_protocol_unsecure = false\n\epicbox_address_index = 0\n\epicbox_listener_interval = 10\n\
+
\n\
+ start listen: epic-wallet listen -m epicbox
\n\
+ Epicbox Statistics from ${statistics.from.toUTCString()}:
\n\
+ connections: ${statistics.connectionsInHour}
active connections: ${statistics.activeconnections}
\n\
+ subscribes: ${statistics.connectionsInHour}
received slates: ${statistics.slatesReceivedInHour}
\n\
+ relayed slates: ${statistics.slatesRelayedInHour}
sending slate attempts: ${statistics.slatesAttempt}
\n\
+
\n\
+ `);
+ break;
+ } // case '/'
+
+ case "/timenow": {
+
+ res.setHeader("Content-Type", "application/json")
+ res.writeHead(200)
+ var timestamp =Date.now();
+ res.end(JSON.stringify({time: timestamp}))
+
+ break;
+
+ } // case 'timenow
+
+ case "/listener": {
+ listener(requestUrl, res)
+ break;
+ } // case '/listener'
+
+ default: {
+ var fileStream = fs.createReadStream(fsPath)
+ res.setHeader("Content-Type",mime.contentType(path.extname(fsPath)))
+ fileStream.pipe(res)
+ fileStream.on('open', function() {
+ res.writeHead(200)
+ })
+ fileStream.on('error',function(e) {
+ res.end('No that file')
+ })
+ } // default
+ }
-const requestListener = function (req, res) {
- res.writeHead(200)
- res.end(`\n\
-\n\
-\n\
-Epicbox\n\
-\n\
-\n\
-\n\
-\n\
-Epicbox servers. Local server number 1
\n\
-Protocol 2.0.0
\n\
-epic-wallet to build with protocol 2.0.0\n\
-Asia, Australia - epicbox.hyperbig.com
\n\
-North America, South America - epicbox.epic.tech
\n\
-US East Cost - epicbox.epicnet.us
\n\
-Africa, Europe - epicbox.fastepic.eu
\n\
-
\n\
-More about Epic
\n\
-Epic Cash main webpage\n\
-
\n\
-
\n\
- Example use in toml file.\n\
-\n\
-\n\
-\n\
-\n\
-[epicbox]\n\
-epicbox_domain = 'epicbox.fastepic.eu'\n\
-epicbox_port = 443\n\
-epicbox_protocol_unsecure = false\n\
-epicbox_address_index = 0\n\
-epicbox_listener_interval = 10\n\
-\n\
-\n\
-
\n\
- start listen: epic-wallet listen -m epicbox
\n\
-
\n\
-\n\
-Epicbox Statistics from ${statistics.from.toUTCString()}:\n\
-
\n\
-\n\
-connections: ${statistics.connectionsInHour}
\n\
-active connections: ${statistics.activeconnections}
\n\
-subscribes: ${statistics.connectionsInHour}
\n\
-received slates: ${statistics.slatesReceivedInHour}
\n\
-relayed slates: ${statistics.slatesRelayedInHour}
\n\
-sending slate attempts: ${statistics.slatesAttempt}
\n\
-
\n\
-\n\
-`);
+ } catch(e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
+ }
}
-
+function listener(requestUrl, res){
+
+ try {
+ // trick
+ let json = JSON.parse(JSON.stringify(requestUrl.query))
+
+ console.log(json)
+
+ if(json.hasOwnProperty("address") && json.hasOwnProperty("signature") && json.hasOwnProperty("timenow") ){
+
+ console.log("OK")
+
+ var from;
+ let split = json.address.search('@');
+ if (split >= 0) {
+ from = json.address.split('@')
+ from = from[0]
+ } else {
+ from = json.address;
+ }
+ console.log("from = " + from);
+
+ // here we check address!!!
+
+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
+ const childadd = execFile(pathtoepicboxlib, ['verifyaddress', json.address, from], (erroradr, stdoutadr, stderradr) =>
+ {
+ if (erroradr) {
+ throw erroradr
+ }
+
+ var isTrueSetadr = (stdoutadr === 'true');
+
+ if(isTrueSetadr) {
+ // use rust program to verify signatures if they signet timenow by private key of address public key
+ const child = execFile(pathtoepicboxlib, ["verifysignature", from , json.timenow, json.signature], (error, stdout, stderr) => {
+
+ if (error) {
+ throw error;
+ }
+ var isTrueSet = (stdout === 'true');
+
+ if(isTrueSet){
+ const db = mongoclient.db(dbName);
+ const collection = db.collection(collectionname);
+
+ // show all slates where address is from query - sender and receiver
+ collection.find({queue:from, replyto:json.address}).project({
+ _id:0, queue:1, replyto:1, made:1, payload:1, createdat:1, expiration:1 }
+ ).toArray().then((SlatesMany =>
+ {
+ res.setHeader("Content-Type", "application/json")
+ res.writeHead(200)
+ res.end(JSON.stringify({slates:SlatesMany}))
+ }))
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong signature"}))
+ }
+ }) // end child
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong address"}))
+ }
+ }) // end childad
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"not enough data"}))
+ }
+ } catch (e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
+}
//
//
From 2e461bf25f3b8b5293ab225a3822de34a9393a7c Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Wed, 26 Apr 2023 22:02:13 +0000
Subject: [PATCH 6/8] Add .gitignore for private files
---
.gitignore | 3 +++
1 file changed, 3 insertions(+)
create mode 100644 .gitignore
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..755f2d7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+epicboxlib
+package-lock.json
From 03ab7876b6aec5a54f1fd9b7e07201fbd43b00ee Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Tue, 2 May 2023 21:43:05 +0000
Subject: [PATCH 7/8] Add '/sender' endpoint, compat for POST methods
- Not completely functioning yet, but basics are
---
app_mongo.js | 185 +++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 181 insertions(+), 4 deletions(-)
diff --git a/app_mongo.js b/app_mongo.js
index cbd4ee9..91e8b33 100644
--- a/app_mongo.js
+++ b/app_mongo.js
@@ -34,6 +34,7 @@ const { MongoClient } = require('mongodb');
const mime = require('mime-types')
const url = require('url')
const path = require('path')
+const qs = require('querystring')
// where is subfolder with your public files like index.html
const baseDirectory = __dirname +"/public"
@@ -182,9 +183,9 @@ setInterval(()=>{
const requestListener = function (req, res) {
- if(req.method=="GET") {
+ if(req.method=="GET") {
- try {
+ try {
console.log(req.url)
@@ -234,9 +235,16 @@ const requestListener = function (req, res) {
case "/listener": {
listener(requestUrl, res)
- break;
+ break;
} // case '/listener'
+ case "/sender": {
+ res.writeHead(400)
+ res.end("HTTP method GET is not supported by this URL")
+ console.log("Error: GET is not permitted on \"sender\" URL, use POST instead")
+ break;
+ } // case '/sender'
+
default: {
var fileStream = fs.createReadStream(fsPath)
res.setHeader("Content-Type",mime.contentType(path.extname(fsPath)))
@@ -245,7 +253,7 @@ const requestListener = function (req, res) {
res.writeHead(200)
})
fileStream.on('error',function(e) {
- res.end('No that file')
+ res.end('File does not exist')
})
} // default
}
@@ -255,6 +263,59 @@ const requestListener = function (req, res) {
res.end() // end the response so browsers don't hang
console.log(e.stack)
}
+
+ } else if (req.method=="POST") {
+
+ try {
+ console.log(req.url)
+
+ var requestUrl = url.parse(req.url,true)
+
+ // need to use path.normalize so people can't access directories underneath baseDirectory
+ var fsPath = baseDirectory+path.normalize(requestUrl.pathname)
+
+ console.log(fsPath)
+ console.log(requestUrl)
+
+ switch (requestUrl.pathname) {
+
+ case "/sender": {
+ var requestBody = '';
+ req.on('data', function(data) {
+ requestBody += data;
+ if(requestBody.length > 1e7) {
+ res.writeHead(413, 'Request Entity Too Large', {'Content-Type': 'text/html'});
+ res.end('413413: Request Entity Too Large');
+ }
+ });
+ req.on('end', function() {
+ var formData = qs.parse(requestBody);
+ var obj = JSON.parse(JSON.stringify(formData));
+ console.log("requestBody = " + requestBody);
+ console.log("formData =" + obj);
+ sender(requestUrl, formData, res)
+ });
+ break;
+ } // case '/sender'
+
+ default: {
+ var fileStream = fs.createReadStream(fsPath)
+ res.setHeader("Content-Type",mime.contentType(path.extname(fsPath)))
+ fileStream.pipe(res)
+ fileStream.on('open', function() {
+ res.writeHead(200)
+ })
+ fileStream.on('error',function(e) {
+ res.end('File does not exist')
+ })
+ } // default
+ } // switch
+
+ } catch(e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
}
}
@@ -334,6 +395,122 @@ function listener(requestUrl, res){
}
}
+function sender(requestUrl, requestBody, res) {
+
+ try {
+ // trick
+ let jsonUrl = JSON.parse(JSON.stringify(requestUrl.query))
+
+ console.log(jsonUrl)
+
+ if(jsonUrl.hasOwnProperty("address")) {
+
+ console.log("OK")
+
+ var destination;
+ let split = jsonUrl.address.search('@');
+ if (split >= 0) {
+ destination = jsonUrl.address.split('@')
+ destination = destination[0]
+ } else {
+ destination = jsonUrl.address;
+ }
+ console.log("destination = " + destination);
+
+ // here we check address!!!
+
+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
+ const childadd = execFile(pathtoepicboxlib, ['verifyaddress', jsonUrl.address, destination], (erroradr, stdoutadr, stderradr) =>
+ {
+ if (erroradr) {
+ throw erroradr
+ }
+
+ var destinationValid = (stdoutadr === 'true');
+
+ if(destinationValid) {
+ console.log("Destination address is valid, moving on...");
+ // nothing else in URL, move onto checking request body
+ }
+ }) // end child
+ }
+
+ console.log(requestBody);
+ if (requestBody.hasOwnProperty("mapmessage") && requestBody.hasOwnProperty("from") && requestBody.hasOwnProperty("signature")) {
+
+ console.log("OK")
+
+ var fromAddress;
+ let split = requestBody.from.search('@');
+ if (split >= 0) {
+ fromAddress = requestBody.from.split('@')
+ fromAddress = fromAddress[0]
+ } else {
+ fromAddress = requestBody.from;
+ }
+ console.log("fromAddress = " + fromAddress);
+
+ // here we check address!!!
+
+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
+ const childadd = execFile(pathtoepicboxlib, ['verifyaddress', requestBody.address, fromAddress], (erroradr, stdoutadr, stderradr) =>
+ {
+ if (erroradr) {
+ throw erroradr
+ }
+
+ var senderAddressValid = (stdoutadr === 'true');
+
+ if(senderAddressValid) {
+
+ // use rust program to verify signatures if they signet timenow by private key of address public key
+ const child = execFile(pathtoepicboxlib, ["verifysignature", fromAddress, requestBody.mapmessage, requestBody.signature], (error, stdout, stderr) => {
+
+ if (error) {
+ throw error;
+ }
+ var signatureValid = (stdout === 'true');
+
+ if(signatureValid){
+ // TODO: add encrypted data to DB
+ const db = mongoclient.db(dbName);
+ console.log("Signature OK - Valid");
+
+ res.writeHead(200)
+ res.end("lastSeen: 1311110615")
+
+ //const collection = db.collection(collectionname);
+
+ // show all slates where address is from query - sender and receiver
+ //collection.find({queue:from, replyto:json.address}).project({
+ // _id:0, queue:1, replyto:1, made:1, payload:1, createdat:1, expiration:1 }
+ // ).toArray().then((SlatesMany =>
+ //{
+ // res.setHeader("Content-Type", "application/json")
+ // res.writeHead(200)
+ // res.end(JSON.stringify({slates:SlatesMany}))
+ //}))
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong signature"}))
+ }
+ }) // end child
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"wrong address"}))
+ }
+ }) // end childad
+ } else {
+ res.writeHead(200)
+ res.end(JSON.stringify({error:true, message:"not enough data"}))
+ }
+ } catch (e) {
+ res.writeHead(500)
+ res.end() // end the response so browsers don't hang
+ console.log(e.stack)
+ }
+}
+
//
// HTTMl server creation with function for receives requests
// Used by WebSocketServer
From a27241f0168bb17ffdb481181466afc534fb1158 Mon Sep 17 00:00:00 2001
From: who-biz <37732338+who-biz@users.noreply.github.com>
Date: Tue, 2 May 2023 22:03:56 +0000
Subject: [PATCH 8/8] Fix error in previous commit, pass through parsed object
to func
---
app_mongo.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/app_mongo.js b/app_mongo.js
index 91e8b33..23bb802 100644
--- a/app_mongo.js
+++ b/app_mongo.js
@@ -293,7 +293,7 @@ const requestListener = function (req, res) {
var obj = JSON.parse(JSON.stringify(formData));
console.log("requestBody = " + requestBody);
console.log("formData =" + obj);
- sender(requestUrl, formData, res)
+ sender(requestUrl, obj, res)
});
break;
} // case '/sender'
@@ -453,7 +453,7 @@ function sender(requestUrl, requestBody, res) {
// here we check address!!!
// use externally rust program to verify addresses - it is the same which is used to verify signatures
- const childadd = execFile(pathtoepicboxlib, ['verifyaddress', requestBody.address, fromAddress], (erroradr, stdoutadr, stderradr) =>
+ const childadd = execFile(pathtoepicboxlib, ['verifyaddress', requestBody.from, fromAddress], (erroradr, stdoutadr, stderradr) =>
{
if (erroradr) {
throw erroradr