From 13c5cffa2fa7d39707a68b24ec08766a100b779f Mon Sep 17 00:00:00 2001 From: Julien Rousseau Date: Fri, 8 Dec 2023 10:56:50 -0500 Subject: [PATCH] updated examples --- examples/bun/http.ts | 4 +++- examples/deno/http.ts | 4 +++- examples/express/http.js | 4 +++- examples/node/http.ts | 4 +++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/examples/bun/http.ts b/examples/bun/http.ts index d4819a2..0cb3e2f 100644 --- a/examples/bun/http.ts +++ b/examples/bun/http.ts @@ -22,11 +22,13 @@ export default { if (!publicKey) return new Response("missing required public key in headers", { status: 400 }); if (!body) return new Response("missing body", { status: 400 }); + if (new Date().getTime() >= Number(expiry)) return new Response("signature expired", { status: 401 }); if (publicKey !== PUBLIC_KEY) return new Response("unknown public key", { status: 401 }); // validate signature using public key + const payload = JSON.stringify({ exp: expiry, id: publicKey }); const isVerified = nacl.sign.detached.verify( - Buffer.from(body), + Buffer.from(payload), Buffer.from(signature, "hex"), Buffer.from(publicKey, "hex") ); diff --git a/examples/deno/http.ts b/examples/deno/http.ts index fa9c66f..ed9a484 100644 --- a/examples/deno/http.ts +++ b/examples/deno/http.ts @@ -19,11 +19,13 @@ const handler = async (request: Request) => { if (!publicKey) return new Response("missing required public key in headers", { status: 400 }); if (!body) return new Response("missing body", { status: 400 }); + if (new Date().getTime() >= Number(expiry)) return new Response("signature expired", { status: 401 }); if (publicKey !== PUBLIC_KEY) return new Response("unknown public key", { status: 401 }); // TO-DO: 🚨 FIX CODE BELOW 🚨 // validate signature using public key - const isVerified = nacl.sign.detached.verify(encode(body), encode(signature), encode(PUBLIC_KEY)); + const payload = JSON.stringify({ exp: expiry, id: publicKey }); + const isVerified = nacl.sign.detached.verify(encode(payload), encode(signature), encode(PUBLIC_KEY)); console.dir({ signature, isVerified }); console.dir(body); diff --git a/examples/express/http.js b/examples/express/http.js index 25221eb..541e0a8 100644 --- a/examples/express/http.js +++ b/examples/express/http.js @@ -21,11 +21,13 @@ app.use(async (req, res) => { if (!publicKey) return new Response("missing required public key in headers", { status: 400 }); if (!body) return new Response("missing body", { status: 400 }); + if (new Date().getTime() >= Number(expiry)) return new Response("signature expired", { status: 401 }); if (publicKey !== PUBLIC_KEY) return new Response("unknown public key", { status: 401 }); // validate signature using public key + const payload = JSON.stringify({ exp: expiry, id: publicKey }); const isVerified = nacl.sign.detached.verify( - Buffer.from(body), + Buffer.from(payload), Buffer.from(signature, "hex"), Buffer.from(PUBLIC_KEY, "hex") ); diff --git a/examples/node/http.ts b/examples/node/http.ts index e4c91d5..0b4e482 100644 --- a/examples/node/http.ts +++ b/examples/node/http.ts @@ -35,11 +35,13 @@ server.on("request", async (req, res) => { if (!publicKey) return new Response("missing required public key in headers", { status: 400 }); if (!body) return new Response("missing body", { status: 400 }); + if (new Date().getTime() >= Number(expiry)) return new Response("signature expired", { status: 401 }); if (publicKey !== PUBLIC_KEY) return new Response("unknown public key", { status: 401 }); // validate signature using public key + const payload = JSON.stringify({ exp: expiry, id: publicKey }); const isVerified = nacl.sign.detached.verify( - Buffer.from(body), + Buffer.from(payload), Buffer.from(signature, "hex"), Buffer.from(PUBLIC_KEY, "hex") );