-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpackage.json
More file actions
107 lines (86 loc) · 3.2 KB
/
package.json
File metadata and controls
107 lines (86 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
const express = require('express');
const bodyParser = require('body-parser');
const mongoose = require('mongoose');
const crypto = require('crypto');
const path = require('path');
const app = express();
const PORT = 3000; // Set a open port
const endpoint_size = 16; // Set endpoint length
const mongo_uri = 'YOUR_MONGODB_URI'; // Add mongo uri
// Connect to MongoDB
mongoose.connect(mongo_uri, {
useNewUrlParser: true,
useUnifiedTopology: true
})
.then(() => console.log('Connected to MongoDB'))
.catch(err => console.error('Error connecting to MongoDB:', err));
// Create a Mongoose schema for storing tokens
const tokenSchema = new mongoose.Schema({
endpoint: String,
token: String,
passwordHash: String,
});
// Create a Mongoose model based on the schema
const Token = mongoose.model('Token', tokenSchema);
// Middleware to parse JSON bodies
app.use(bodyParser.json());
// Serve static files from the "public" directory
app.use(express.static(path.join(__dirname, 'public')));
// Handle requests to the root URL
app.get('/', (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'index.html'));
});
// Endpoint to store token securely
app.post('/store-token', async (req, res) => {
const { token, password } = req.body;
// Generate a unique endpoint ID
const endpoint = generateEndpoint();
try {
// Hash the password
const passwordHash = hashPassword(password);
// Store the token securely in MongoDB
const savedToken = await Token.create({ endpoint, token, passwordHash });
res.json({ endpoint: savedToken.endpoint });
} catch (error) {
console.error('Error storing token in MongoDB:', error);
res.status(500).json({ error: 'Failed to store token' });
}
});
// Endpoint to retrieve token using the endpoint ID and password
app.post('/get-token/:endpoint', async (req, res) => {
const { endpoint } = req.params;
const { password } = req.body;
try {
const storedToken = await Token.findOne({ endpoint }).exec();
if (!storedToken) {
return res.status(404).json({ error: 'Endpoint not found' });
}
if (comparePasswords(password, storedToken.passwordHash)) {
res.json({ token: storedToken.token });
} else {
res.status(401).json({ error: 'Unauthorized' });
}
} catch (error) {
console.error('Error retrieving token from MongoDB:', error);
res.status(500).json({ error: 'Failed to retrieve token' });
}
});
function generateEndpoint() {
return crypto.randomBytes(16).toString('hex');
}
// Hash the password
function hashPassword(password) {
const salt = crypto.randomBytes(endpoint_size).toString('hex');
const hash = crypto.pbkdf2Sync(password, salt, 10000, 64, 'sha512').toString('hex');
return `${salt}:${hash}`;
}
// Compare hashed password with plaintext password
function comparePasswords(password, hash) {
const [salt, originalHash] = hash.split(':');
const newHash = crypto.pbkdf2Sync(password, salt, 10000, 64, 'sha512').toString('hex');
return newHash === originalHash;
}
// Start the server
app.listen(PORT, () => {
console.log(`Server is running on http://localhost:${PORT}`);
});