From aca222b7602185d63701c8f7750dbfa031268c22 Mon Sep 17 00:00:00 2001 From: Johann Og Date: Tue, 23 Aug 2016 22:05:50 +0200 Subject: [PATCH] Add security by generating new validation words every x minutes --- package.json | 2 +- src/Setup.iced | 33 ++++++++++++++++++++++----------- src/Vault.iced | 7 ++++--- 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/package.json b/package.json index 15de775..25709fe 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "trailbot-watcher", "version": "0.1.5", "dependencies": { - "@horizon/client": "^1.1.1", + "@horizon/client": "^1.1.3", "chokidar": "^1.5.1", "coffee-script": "^1.10.0", "colors": "^1.1.2", diff --git a/src/Setup.iced b/src/Setup.iced index 7808024..7c674a4 100644 --- a/src/Setup.iced +++ b/src/Setup.iced @@ -34,12 +34,11 @@ class Configure name: 'vault' message: "Type the domain and port of the vault server you want to use" type: 'input' - #TODO set i.t back to production 'vault.trailbot.io:8443' - default: 'localhost:8443' + default: 'vault.trailbot.io:8443' ] .then (answers) => @alert "Ok, we are now generating a new PGP keypar for this watcher.", true - @alert "This may take up to a couple of minutes. Please wait while magic happens...\n " + @alert "This may take up to a couple of minutes. Please wait while the magic happens...\n " @progress = new progress ' Generating... [:bar] :percent'.bold, total: 330 complete: '=' @@ -59,26 +58,35 @@ class Configure watcher: watcher_pub_key expires: @getExpirationDate() - sentence = pgpWordList.toWords(exchange.channel).toString().replace(/,/g,' ') - @done = true + @alert "Now install Trailbot Client in your computer and start the setup wizard." , true @alert "The following 8 words will be required by the Trailbot Client:" - @alert "#{sentence}".cyan.bold, true + @alert "#{@channelToWords(exchange.channel)}".cyan.bold, true await new Vault this, answers.vault, watcherFP, defer vault - vault.save 'exchange', exchange + await vault.save 'exchange', exchange, defer {id} + process.exit 1 unless id + exchange.id = id + @alert "Waiting for confirmation from Trailbot Client..." , true - vault.watch 'exchange', exchange, (change) => + vault.watch 'exchange', exchange.id, (change) => # if change is null the document was deleted process.exit 0 unless change - if change && change.client + if change?.client + console.log "storage..." @localStorage.setItem 'client_pub_key', change.client vault.remove 'exchange', [change], (res) => console.log "file deleted" - - + # every 5 minutes generate new words + setInterval => + exchange.channel = @generateChannel() + vault.replace 'exchange', exchange + @alert "Time to get confirmation from Trailbot Client expired", true + @alert "New words generated" + @alert "#{@channelToWords(exchange.channel)}".cyan.bold, true + , 350000 @@ -108,6 +116,9 @@ class Configure now.setMinutes(now.getMinutes() + 5) now.toString() + channelToWords : (channel) => + pgpWordList.toWords(channel).toString().replace(/,/g,' ') + new Configure() diff --git a/src/Vault.iced b/src/Vault.iced index 56bd775..6914a0b 100644 --- a/src/Vault.iced +++ b/src/Vault.iced @@ -39,10 +39,10 @@ class Vault else 'anonymous' - save : (col, object) -> + save : (col, object, cb) -> console.log "Saving into #{col}" if @app.emit console.log 'SAVING', object if @app.emit - this[col]?.store object + this[col]?.store(object).subscribe(cb) replace : (col, object) -> console.log "Replacing into #{col}" if @app.emit @@ -58,7 +58,8 @@ class Vault console.log "Removing from #{col}" if @app.emit this[col].removeAll(ids) - + getCollection : () -> + @exchange module.exports = Vault