67 lines
2.1 KiB
JavaScript
67 lines
2.1 KiB
JavaScript
const fetch = require('node-fetch')
|
|
const secp256k1 = require('secp256k1')
|
|
const bs58 = require('base-x')("123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz")
|
|
const allowedUsers = require("./users.js")
|
|
var mongo = require("./mongoHelp.js")
|
|
|
|
|
|
async function verifyMsg (obj, username) {
|
|
if (!allowedUsers.includes(obj.sender)) {
|
|
return {"Message": "User Not Allowed"}
|
|
} else if (allowedUsers.includes(username)) {
|
|
return {"Message": "Can't modify trusted users"}
|
|
} else {
|
|
result = await fetch("https://avalon.d.tube/account/"+obj.sender)
|
|
sender = await result.json()
|
|
|
|
// thanks adrien
|
|
var allowedPubKeys = [sender.pub]
|
|
if (sender.keys)
|
|
for (let i = 0; i < sender.keys.length; i++)
|
|
allowedPubKeys.push(sender.keys[i].pub)
|
|
console.log(allowedPubKeys)
|
|
for (let i = 0; i < allowedPubKeys.length; i++) {
|
|
var bufferHash = Buffer.from(obj.hash, 'hex')
|
|
var b58sign = bs58.decode(obj.signature)
|
|
var b58pub = bs58.decode(allowedPubKeys[i])
|
|
if (secp256k1.ecdsaVerify(b58sign, bufferHash, b58pub)) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
}
|
|
|
|
// {
|
|
// "user": "bigbootybitch",
|
|
// "status": "black",
|
|
// "reason": "1",
|
|
// "sender": "nannal",
|
|
// "ts": 1602024774158,
|
|
// "hash": "e5eb92c035c2528af5311998d14bf0be3ced0e87505c8f6481ce7ca63148b974",
|
|
// "signature": "bjNjRSnuJokydPzGCKZy7kExDeAT8mUS3iCzRzQR3y5owaBh1Mhh2UyPLHqR3bzxsK6fw13JtvCz65exPr2JsGB"
|
|
// }
|
|
|
|
|
|
list = {
|
|
getStatus: async (status) => {
|
|
return await mongo.get("list","list",{"status": status})
|
|
},
|
|
getUser: async (username) => {
|
|
return await mongo.get("list","list",{"user": username})
|
|
},
|
|
writeUser: async (obj) => {
|
|
ver = await verifyMsg(obj)
|
|
if (ver == true) {
|
|
console.log(obj)
|
|
mongo.put("list","list",obj)
|
|
return {"Message":"Success"}
|
|
} else {
|
|
return ver
|
|
}
|
|
|
|
},
|
|
}
|
|
|
|
module.exports = list
|