admin data

2021-02-10 19:09:24 +01:00
parent 93bff025e9
commit 1949f1522d
4 changed files with 8 additions and 27 deletions
--- a/app.js
+++ b/app.js
@@ -3,12 +3,6 @@ const { port, dbPass, cookiesSecret } = config;
 const express = require("express");
 const app = express();
 const loaders = require("./loaders/index.js");
-
-/* const crypto = require("crypto")
-crypto.generateKeyPair("rsa", { modulusLength: 2048 }, (err, publicKey, privateKey) => {
-  console.log(publicKey.export({ format: "pem", type: "pkcs1" }))
-  console.log(privateKey.export({ format: "pem", type: "pkcs1" }))
-}) */
 //
 // Server init function
 //
--- a/config/index.js
+++ b/config/index.js
@@ -13,4 +13,3 @@ exports.MAIL_PASS = process.env.MAIL_PASS;
 exports.s3_key = process.env.S3_KEY;
 exports.s3_secret = process.env.S3_SECRET;
 exports.appkey = process.env.APP_KEY
-exports.publicKey = process.env.PUBLIC_KEY
--- a/routes/routeAdmin.js
+++ b/routes/routeAdmin.js
@@ -1,23 +1,23 @@
 const express = require("express");
+const jwt = require('jsonwebtoken')
 const { appkey } = require("../config")
 const { fetchAllAdminData } = require("../services/databaseServices.js");
 const {
    newError,
-    handleError,
-    encryptRSA
+    handleError
  } = require("../services/services.js");

 var router = express.Router();

 router.post("/getall", async (req, res) => {
    try {
-        if(req.body.key === appkey){
-            const results = await fetchAllAdminData();
-            const encrypted = encryptRSA(results)
-            res.send(encrypted) 
-        } else {
+        const verified = jwt.verify(req.body.token, appkey, {ignoreExpiration: false})
+        if(!verified){
            throw newError("Brak dostępu", 403)
        }
+        const results = await fetchAllAdminData();
+        const encrypted = jwt.sign(results, appkey, {expiresIn: "30m"})
+        res.send(encrypted) 
    } catch (error) {
        handleError(error, res)
    }
--- a/services/services.js
+++ b/services/services.js
@@ -26,17 +26,6 @@ function handleError(error, responseObject) {
  }
 }

-function encryptRSA(data) {
-  const encrypted = crypto.publicEncrypt({
-    key: publicKey,
-    padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
-    oaepHash: "sha256"
-  },
-    Buffer.from(JSON.stringify(data))
-  )
-  return encrypted;
-}
-
 async function validateRestaurant(id) {
  if (!mongoose.Types.ObjectId.isValid(id))
    throw newError("Nieprawidłowy ID", 204);
@@ -205,4 +194,3 @@ exports.hashPass = hashPass;
 exports.saveImage = saveImage;
 exports.generateRefreshToken = generateRefreshToken;
 exports.validateRefreshToken = validateRefreshToken;
-exports.encryptRSA = encryptRSA