feat(center-nodes): validate shared secret on node registration
This commit is contained in:
18
Fabric.Backend.Center/src/nodes/dto.register-node.dto.ts
Normal file
18
Fabric.Backend.Center/src/nodes/dto.register-node.dto.ts
Normal file
@@ -0,0 +1,18 @@
|
||||
import { IsString, IsUrl, MinLength } from 'class-validator';
|
||||
|
||||
export class RegisterNodeDto {
|
||||
@IsString()
|
||||
@MinLength(3)
|
||||
nodeId!: string;
|
||||
|
||||
@IsString()
|
||||
@MinLength(2)
|
||||
name!: string;
|
||||
|
||||
@IsUrl({ require_tld: false })
|
||||
endpoint!: string;
|
||||
|
||||
@IsString()
|
||||
@MinLength(8)
|
||||
sharedSecret!: string;
|
||||
}
|
||||
@@ -1,24 +1,53 @@
|
||||
import { Body, Controller, Get, Post } from '@nestjs/common';
|
||||
|
||||
type NodeRegistration = {
|
||||
nodeId?: string;
|
||||
name?: string;
|
||||
endpoint?: string;
|
||||
handshakeProof?: string;
|
||||
};
|
||||
import {
|
||||
Body,
|
||||
Controller,
|
||||
ForbiddenException,
|
||||
Get,
|
||||
Post,
|
||||
} from '@nestjs/common';
|
||||
import { InjectRepository } from '@nestjs/typeorm';
|
||||
import { Repository } from 'typeorm';
|
||||
import { GuildNode } from '../entities/guild-node.entity';
|
||||
import { RegisterNodeDto } from './dto.register-node.dto';
|
||||
|
||||
@Controller('nodes')
|
||||
export class NodesController {
|
||||
private readonly nodes: NodeRegistration[] = [];
|
||||
constructor(
|
||||
@InjectRepository(GuildNode)
|
||||
private readonly nodeRepo: Repository<GuildNode>,
|
||||
) {}
|
||||
|
||||
@Post('register')
|
||||
register(@Body() body: NodeRegistration) {
|
||||
this.nodes.push(body);
|
||||
return { status: 'accepted', handshake: 'todo-verify-shared-secret', node: body };
|
||||
async register(@Body() body: RegisterNodeDto) {
|
||||
if (body.sharedSecret !== process.env.CENTER_SHARED_SECRET) {
|
||||
throw new ForbiddenException('invalid shared secret');
|
||||
}
|
||||
|
||||
const node = this.nodeRepo.create({
|
||||
nodeId: body.nodeId,
|
||||
name: body.name,
|
||||
endpoint: body.endpoint,
|
||||
status: 'active',
|
||||
});
|
||||
const saved = await this.nodeRepo.save(node);
|
||||
|
||||
return {
|
||||
status: 'accepted',
|
||||
node: {
|
||||
id: saved.id,
|
||||
nodeId: saved.nodeId,
|
||||
name: saved.name,
|
||||
endpoint: saved.endpoint,
|
||||
status: saved.status,
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
@Get()
|
||||
list() {
|
||||
return { items: this.nodes };
|
||||
async list() {
|
||||
const items = await this.nodeRepo.find({
|
||||
order: { createdAt: 'DESC' },
|
||||
});
|
||||
return { items };
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,10 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||
import { NodesController } from './nodes.controller';
|
||||
import { GuildNode } from '../entities/guild-node.entity';
|
||||
|
||||
@Module({
|
||||
imports: [TypeOrmModule.forFeature([GuildNode])],
|
||||
controllers: [NodesController],
|
||||
})
|
||||
export class NodesModule {}
|
||||
|
||||
Reference in New Issue
Block a user