user rsa key for federation

2019-07-29 14:10:18 +02:00
parent f98820dafe
commit 64beb39baa
7 changed files with 73 additions and 16 deletions
--- a/server/api/models/user.js
+++ b/server/api/models/user.js
@@ -1,5 +1,9 @@
 'use strict'
 const bcrypt = require('bcryptjs')
+const crypto = require('crypto')
+const util = require('util')
+
+const generateKeyPair = util.promisify(crypto.generateKeyPair)

 module.exports = (sequelize, DataTypes) => {
  const user = sequelize.define('user', {
@@ -20,7 +24,8 @@ module.exports = (sequelize, DataTypes) => {
    password: DataTypes.STRING,
    recover_code: DataTypes.STRING,
    is_admin: DataTypes.BOOLEAN,
-    is_active: DataTypes.BOOLEAN
+    is_active: DataTypes.BOOLEAN,
+    rsa: DataTypes.JSONB
  }, {
    scopes: {
      withoutPassword: {
@@ -48,5 +53,22 @@ module.exports = (sequelize, DataTypes) => {
    }
  })

+  user.beforeCreate(async (user, options) => {
+    // generate rsa keys
+    console.error('generate rsa key')
+    const rsa = await generateKeyPair('rsa', {
+      modulusLength: 4096,
+      publicKeyEncoding: {
+        type: 'spki',
+        format: 'pem'
+      },
+      privateKeyEncoding: {
+        type: 'pkcs8',
+        format: 'pem'
+      }
+    })
+    user.rsa = rsa
+  })
+
  return user
 };
--- a/server/federation/index.js
+++ b/server/federation/index.js
@@ -8,7 +8,6 @@ router.get('/u/:name', async (req, res) => {
  if (!name) return res.status(400).send('Bad request.')
  const user = await User.findOne({where: { username: name }})
  if (!user) return res.status(404).send(`No record found for ${name}`)
-  const domain = 'local'
  const ret = {
    '@context': [
      'https://www.w3.org/ns/activitystreams',
@@ -22,7 +21,7 @@ router.get('/u/:name', async (req, res) => {
    'publicKey': {
      'id': `${config.baseurl}/federation/u/${name}#main-key`,
      'owner': `${config.baseurl}/federation/u/${name}`,
-      'publicKeyPem': user.pubkey
+      'publicKeyPem': user.rsa.publicKey
    }
  }
  res.json(ret)
--- a/server/migrations/20190729103119-add_rsa.js
+++ b/server/migrations/20190729103119-add_rsa.js
@@ -0,0 +1,26 @@
+'use strict';
+
+module.exports = {
+  up: (queryInterface, Sequelize) => {
+    return queryInterface.addColumn('users', 'rsa', {
+      type: Sequelize.JSONB
+    })
+    /*
+      Add altering commands here.
+      Return a promise to correctly handle asynchronicity.
+
+      Example:
+      return queryInterface.createTable('users', { id: Sequelize.INTEGER });
+    */
+  },
+
+  down: (queryInterface, Sequelize) => {
+    /*
+      Add reverting commands here.
+      Return a promise to correctly handle asynchronicity.
+
+      Example:
+      return queryInterface.dropTable('users');
+    */
+  }
+};