Skip to content
This repository has been archived by the owner on Oct 14, 2022. It is now read-only.

Sturdier approveDomains logic #74

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Sturdier approveDomains logic #74

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4b5b516
Sturdier approveDomains logic
martinheidegger Jan 10, 2018
0e02cdd
Allowing any domain if hostname is missing
martinheidegger Jan 10, 2018
dbd243d
Linting
martinheidegger Jan 10, 2018
84cbc66
Allowing - in archive names
martinheidegger Jan 10, 2018
2ea04f9
Typo in using the hostname
martinheidegger Feb 13, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 33 additions & 25 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -326,42 +326,50 @@ function addConfigHelpers (config) {
}

function approveDomains (config, cloud) {
var domainReg
if (config.hostname) {
// Dots in domains are normal but dots in a regexp would be replaced with "any character"
var regHost = (config.hostname || '').replace(/\./g, '\\.')
if (config.sites === 'per-archive') {
domainReg = new RegExp(`^((.+)-([^.]+)\\.)?${regHost}$`, 'g')
} else if (config.sites === 'per-user') {
domainReg = new RegExp(`^(()([^.]+)\\.)?${regHost}$`, 'g')
} else {
domainReg = new RegExp(`^${regHost}$`, 'g')
}
} else {
// Allow any domain
domainReg = /.?/g
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we throw in this case?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like this would just be a misconfiguration. We could probably throw an error as config validation around https://github.com/beakerbrowser/hashbase/blob/master/lib/config.js#L30

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like the default configuration of most tests omits the hostname: https://travis-ci.org/beakerbrowser/hashbase/builds/327215556#L1654

}
return async (options, certs, cb) => {
var {domain} = options
options.agreeTos = true
options.email = config.letsencrypt.email

// toplevel domain?
if (domain === config.hostname) {
return cb(null, {options, certs})
var domainParts = domainReg.exec(domain)
if (!domainParts) {
return cb(new Error('invalid domain'))
}
var archiveName = domainParts[2]
var userName = domainParts[3]

// try looking up the site
try {
var archiveName
var userName
var domainParts = domain.split('.')
if (config.sites === 'per-user') {
// make sure the user record exists
userName = domainParts[0]
await cloud.usersDB.getByUsername(userName)
return cb(null, {options, certs})
} else if (config.sites === 'per-archive') {
// make sure the user and archive records exists
if (domainParts.length === 3) {
userName = archiveName = domainParts[0]
} else {
archiveName = domainParts[0]
userName = domainParts[1]
if (userName) {
var userRecord = await cloud.usersDB.getByUsername(userName)
if (!userRecord) {
return cb(new Error(`${userName} is not a user`))
}
let userRecord = await cloud.usersDB.getByUsername(userName)
let archiveRecord = userRecord.archives.find(a => a.name === archiveName)
if (archiveRecord) {
return cb(null, {options, certs})
if (archiveName) {
var archiveRecord = userRecord.archives.find(a => a.name === archiveName)
if (!archiveRecord) {
return cb(new Error(`Archive ${archiveName} for user ${userName} not found!`))
}
}
}
} catch (e) {}
cb(new Error('Invalid domain'))
} catch (e) {
return cb(e)
}
cb(null, {options, certs})
}
}

Expand Down