ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2025-01-31 00:23:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add secret/apikey based authentication to the supervisor.

Browse Source
This commit is contained in:
Pagan Gazzard 2015-01-28 15:13:26 +00:00 committed by Pablo Carranza Vélez
parent fafef6cc6f
commit 1784c75c57
3 changed files with 50 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@ -21,6 +21,7 @@
"network-checker": "git+ssh://git@bitbucket.org:rulemotion/network-checker.git#v0.0.1", "network-checker": "git+ssh://git@bitbucket.org:rulemotion/network-checker.git#v0.0.1",
"ngrok": "~0.1.97", "ngrok": "~0.1.97",
"pubnub": "~3.6.4", "pubnub": "~3.6.4",
"randomstring": "~1.0.3",
"request": "^2.51.0", "request": "^2.51.0",
"pinejs-client-js": "git+ssh://git@bitbucket.org:rulemotion/pinejs-client-js.git#v0.3.1", "pinejs-client-js": "git+ssh://git@bitbucket.org:rulemotion/pinejs-client-js.git#v0.3.1",
"sqlite3": "~3.0.4", "sqlite3": "~3.0.4",

82
src/api.coffee
View File

@ -6,44 +6,50 @@ application = require './application'
tty = require './lib/tty' tty = require './lib/tty'
knex = require './db' knex = require './db'
api = express() module.exports = (secret) ->
api.use(express.bodyParser()) api = express()
api.use(express.bodyParser())
api.use (req, res, next) ->
if req.query.apikey is secret
next()
else
res.send(401)
api.post '/v1/blink', (req, res) -> api.post '/v1/blink', (req, res) ->
utils.mixpanelTrack('Device blink') utils.mixpanelTrack('Device blink')
utils.blink.pattern.start() utils.blink.pattern.start()
setTimeout(utils.blink.pattern.stop, 15000) setTimeout(utils.blink.pattern.stop, 15000)
res.send(200)
api.post '/v1/update', (req, res) ->
utils.mixpanelTrack('Update notification')
application.update()
res.send(204)
api.post '/v1/spawn-tty', (req, res) ->
appId = req.body.appId
utils.mixpanelTrack('Spawn tty', appId)
if !appId?
res.send(400, 'Missing app id')
knex('app').select().where({appId})
.then ([ app ]) ->
if !app?
throw new Error('App not found')
tty.start(app)
.then (url) ->
res.send(200, url)
.catch (err) ->
res.send(503, err?.message or err or 'Unknown error')
api.post '/v1/despawn-tty', (req, res) ->
appId = req.body.appId
utils.mixpanelTrack('Despawn tty', appId)
if !appId?
res.send(400, 'Missing app id')
tty.stop(appId)
.then ->
res.send(200) res.send(200)
.catch (err) ->
res.send(503, err?.message or err or 'Unknown error')
module.exports = api api.post '/v1/update', (req, res) ->
utils.mixpanelTrack('Update notification')
application.update()
res.send(204)
api.post '/v1/spawn-tty', (req, res) ->
appId = req.body.appId
utils.mixpanelTrack('Spawn tty', appId)
if !appId?
res.send(400, 'Missing app id')
knex('app').select().where({appId})
.then ([ app ]) ->
if !app?
throw new Error('App not found')
tty.start(app)
.then (url) ->
res.send(200, url)
.catch (err) ->
res.send(503, err?.message or err or 'Unknown error')
api.post '/v1/despawn-tty', (req, res) ->
appId = req.body.appId
utils.mixpanelTrack('Despawn tty', appId)
if !appId?
res.send(400, 'Missing app id')
tty.stop(appId)
.then ->
res.send(200)
.catch (err) ->
res.send(503, err?.message or err or 'Unknown error')
return api

6
src/app.coffee
View File

@ -31,11 +31,15 @@ knex.init.then ->
api = require './api' api = require './api'
application = require './application' application = require './application'
randomstring = require 'randomstring'
console.log('Starting API server..') console.log('Starting API server..')
api.listen(config.listenPort) secret = randomstring.generate()
api(secret).listen(config.listenPort)
application.updateDeviceInfo( application.updateDeviceInfo(
api_port: config.listenPort api_port: config.listenPort
api_secret: secret
# Retry the device info update every 5s until it finally succeeds.
5000 5000
) )