@@ -34,6 +34,7 @@ const { MongoClient } = require('mongodb');
3434const mime = require ( 'mime-types' )
3535const url = require ( 'url' )
3636const path = require ( 'path' )
37+ const qs = require ( 'querystring' )
3738
3839// where is subfolder with your public files like index.html
3940const baseDirectory = __dirname + "/public"
@@ -182,9 +183,9 @@ setInterval(()=>{
182183
183184const requestListener = function ( req , res ) {
184185
185- if ( req . method == "GET" ) {
186+ if ( req . method == "GET" ) {
186187
187- try {
188+ try {
188189
189190 console . log ( req . url )
190191
@@ -234,9 +235,16 @@ const requestListener = function (req, res) {
234235
235236 case "/listener" : {
236237 listener ( requestUrl , res )
237- break ;
238+ break ;
238239 } // case '/listener'
239240
241+ case "/sender" : {
242+ res . writeHead ( 400 )
243+ res . end ( "HTTP method GET is not supported by this URL" )
244+ console . log ( "Error: GET is not permitted on \"sender\" URL, use POST instead" )
245+ break ;
246+ } // case '/sender'
247+
240248 default : {
241249 var fileStream = fs . createReadStream ( fsPath )
242250 res . setHeader ( "Content-Type" , mime . contentType ( path . extname ( fsPath ) ) )
@@ -245,7 +253,7 @@ const requestListener = function (req, res) {
245253 res . writeHead ( 200 )
246254 } )
247255 fileStream . on ( 'error' , function ( e ) {
248- res . end ( 'No that file ' )
256+ res . end ( 'File does not exist ' )
249257 } )
250258 } // default
251259 }
@@ -255,6 +263,59 @@ const requestListener = function (req, res) {
255263 res . end ( ) // end the response so browsers don't hang
256264 console . log ( e . stack )
257265 }
266+
267+ } else if ( req . method == "POST" ) {
268+
269+ try {
270+ console . log ( req . url )
271+
272+ var requestUrl = url . parse ( req . url , true )
273+
274+ // need to use path.normalize so people can't access directories underneath baseDirectory
275+ var fsPath = baseDirectory + path . normalize ( requestUrl . pathname )
276+
277+ console . log ( fsPath )
278+ console . log ( requestUrl )
279+
280+ switch ( requestUrl . pathname ) {
281+
282+ case "/sender" : {
283+ var requestBody = '' ;
284+ req . on ( 'data' , function ( data ) {
285+ requestBody += data ;
286+ if ( requestBody . length > 1e7 ) {
287+ res . writeHead ( 413 , 'Request Entity Too Large' , { 'Content-Type' : 'text/html' } ) ;
288+ res . end ( '<!doctype html><html><head><title>413</title></head><body>413: Request Entity Too Large</body></html>' ) ;
289+ }
290+ } ) ;
291+ req . on ( 'end' , function ( ) {
292+ var formData = qs . parse ( requestBody ) ;
293+ var obj = JSON . parse ( JSON . stringify ( formData ) ) ;
294+ console . log ( "requestBody = " + requestBody ) ;
295+ console . log ( "formData =" + obj ) ;
296+ sender ( requestUrl , formData , res )
297+ } ) ;
298+ break ;
299+ } // case '/sender'
300+
301+ default : {
302+ var fileStream = fs . createReadStream ( fsPath )
303+ res . setHeader ( "Content-Type" , mime . contentType ( path . extname ( fsPath ) ) )
304+ fileStream . pipe ( res )
305+ fileStream . on ( 'open' , function ( ) {
306+ res . writeHead ( 200 )
307+ } )
308+ fileStream . on ( 'error' , function ( e ) {
309+ res . end ( 'File does not exist' )
310+ } )
311+ } // default
312+ } // switch
313+
314+ } catch ( e ) {
315+ res . writeHead ( 500 )
316+ res . end ( ) // end the response so browsers don't hang
317+ console . log ( e . stack )
318+ }
258319 }
259320}
260321
@@ -334,6 +395,122 @@ function listener(requestUrl, res){
334395 }
335396}
336397
398+ function sender ( requestUrl , requestBody , res ) {
399+
400+ try {
401+ // trick
402+ let jsonUrl = JSON . parse ( JSON . stringify ( requestUrl . query ) )
403+
404+ console . log ( jsonUrl )
405+
406+ if ( jsonUrl . hasOwnProperty ( "address" ) ) {
407+
408+ console . log ( "OK" )
409+
410+ var destination ;
411+ let split = jsonUrl . address . search ( '@' ) ;
412+ if ( split >= 0 ) {
413+ destination = jsonUrl . address . split ( '@' )
414+ destination = destination [ 0 ]
415+ } else {
416+ destination = jsonUrl . address ;
417+ }
418+ console . log ( "destination = " + destination ) ;
419+
420+ // here we check address!!!
421+
422+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
423+ const childadd = execFile ( pathtoepicboxlib , [ 'verifyaddress' , jsonUrl . address , destination ] , ( erroradr , stdoutadr , stderradr ) =>
424+ {
425+ if ( erroradr ) {
426+ throw erroradr
427+ }
428+
429+ var destinationValid = ( stdoutadr === 'true' ) ;
430+
431+ if ( destinationValid ) {
432+ console . log ( "Destination address is valid, moving on..." ) ;
433+ // nothing else in URL, move onto checking request body
434+ }
435+ } ) // end child
436+ }
437+
438+ console . log ( requestBody ) ;
439+ if ( requestBody . hasOwnProperty ( "mapmessage" ) && requestBody . hasOwnProperty ( "from" ) && requestBody . hasOwnProperty ( "signature" ) ) {
440+
441+ console . log ( "OK" )
442+
443+ var fromAddress ;
444+ let split = requestBody . from . search ( '@' ) ;
445+ if ( split >= 0 ) {
446+ fromAddress = requestBody . from . split ( '@' )
447+ fromAddress = fromAddress [ 0 ]
448+ } else {
449+ fromAddress = requestBody . from ;
450+ }
451+ console . log ( "fromAddress = " + fromAddress ) ;
452+
453+ // here we check address!!!
454+
455+ // use externally rust program to verify addresses - it is the same which is used to verify signatures
456+ const childadd = execFile ( pathtoepicboxlib , [ 'verifyaddress' , requestBody . address , fromAddress ] , ( erroradr , stdoutadr , stderradr ) =>
457+ {
458+ if ( erroradr ) {
459+ throw erroradr
460+ }
461+
462+ var senderAddressValid = ( stdoutadr === 'true' ) ;
463+
464+ if ( senderAddressValid ) {
465+
466+ // use rust program to verify signatures if they signet timenow by private key of address public key
467+ const child = execFile ( pathtoepicboxlib , [ "verifysignature" , fromAddress , requestBody . mapmessage , requestBody . signature ] , ( error , stdout , stderr ) => {
468+
469+ if ( error ) {
470+ throw error ;
471+ }
472+ var signatureValid = ( stdout === 'true' ) ;
473+
474+ if ( signatureValid ) {
475+ // TODO: add encrypted data to DB
476+ const db = mongoclient . db ( dbName ) ;
477+ console . log ( "Signature OK - Valid" ) ;
478+
479+ res . writeHead ( 200 )
480+ res . end ( "lastSeen: 1311110615" )
481+
482+ //const collection = db.collection(collectionname);
483+
484+ // show all slates where address is from query - sender and receiver
485+ //collection.find({queue:from, replyto:json.address}).project({
486+ // _id:0, queue:1, replyto:1, made:1, payload:1, createdat:1, expiration:1 }
487+ // ).toArray().then((SlatesMany =>
488+ //{
489+ // res.setHeader("Content-Type", "application/json")
490+ // res.writeHead(200)
491+ // res.end(JSON.stringify({slates:SlatesMany}))
492+ //}))
493+ } else {
494+ res . writeHead ( 200 )
495+ res . end ( JSON . stringify ( { error :true , message :"wrong signature" } ) )
496+ }
497+ } ) // end child
498+ } else {
499+ res . writeHead ( 200 )
500+ res . end ( JSON . stringify ( { error :true , message :"wrong address" } ) )
501+ }
502+ } ) // end childad
503+ } else {
504+ res . writeHead ( 200 )
505+ res . end ( JSON . stringify ( { error :true , message :"not enough data" } ) )
506+ }
507+ } catch ( e ) {
508+ res . writeHead ( 500 )
509+ res . end ( ) // end the response so browsers don't hang
510+ console . log ( e . stack )
511+ }
512+ }
513+
337514//
338515// HTTMl server creation with function for receives requests
339516// Used by WebSocketServer
0 commit comments