movie-web/backend
1
0
Fork 0
mirror of https://github.com/movie-web/backend.git synced 2025-09-13 13:03:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Handle errors in challenge assertion

Browse Source
This commit is contained in:
William Oldham
2023-11-04 09:43:00 +00:00
parent 9c19cf509b
commit 5d32933ba0
1 changed files with 22 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/services/challenge.ts
View File

@@ -1,4 +1,8 @@
import { ChallengeCode } from '@/db/models/ChallengeCode'; import {
ChallengeCode,
ChallengeFlow,
ChallengeType,
} from '@/db/models/ChallengeCode';
import { StatusError } from '@/services/error'; import { StatusError } from '@/services/error';
import { EntityManager } from '@mikro-orm/core'; import { EntityManager } from '@mikro-orm/core';
import forge from 'node-forge'; import forge from 'node-forge';
@@ -28,19 +32,23 @@ export async function assertChallengeCode(
if (challenge.expiresAt.getTime() <= now) if (challenge.expiresAt.getTime() <= now)
throw new StatusError('Challenge Code Expired', 401); throw new StatusError('Challenge Code Expired', 401);
const verifiedChallenge = forge.pki.ed25519.verify({ try {
publicKey: new forge.util.ByteStringBuffer( const verifiedChallenge = forge.pki.ed25519.verify({
Buffer.from(publicKey, 'base64url'), publicKey: new forge.util.ByteStringBuffer(
), Buffer.from(publicKey, 'base64url'),
encoding: 'utf8', ),
signature: new forge.util.ByteStringBuffer( encoding: 'utf8',
Buffer.from(signature, 'base64url'), signature: new forge.util.ByteStringBuffer(
), Buffer.from(signature, 'base64url'),
message: code, ),
}); message: code,
});
if (!verifiedChallenge) if (!verifiedChallenge)
throw new StatusError('Challenge Code Signature Invalid', 401);
em.remove(challenge);
} catch (e) {
throw new StatusError('Challenge Code Signature Invalid', 401); throw new StatusError('Challenge Code Signature Invalid', 401);
}
em.remove(challenge);
} }