Merge pull request #29 from ln-markets/add-password

kibotrel · web-flow · commit 24a917c13894 · 2021-11-25T16:27:23.000+01:00
diff --git a/apps/api/package.json b/apps/api/package.json
@@ -26,6 +26,7 @@
     "cuid": "^2.1.8",
     "dotenv": "^10.0.0",
     "express": "^4.17.1",
+    "express-session": "^1.17.2",
     "express-winston": "^4.2.0",
     "helmet": "^4.6.0",
     "ln-service": "^52.14.2",
diff --git a/apps/api/src/express.js b/apps/api/src/express.js
@@ -24,6 +24,7 @@ module.exports = () => {
   app.use(bodyParser.json({ extended: false }))
   app.use(bodyParser.text())
   app.use(bodyParser.urlencoded({ extended: false }))
+  app.use(require('@/middleware/session.js'))
   app.get('/status', (req, res) => {
     res.status(200).end()
   })
diff --git a/apps/api/src/helpers/errors.js b/apps/api/src/helpers/errors.js
@@ -0,0 +1,15 @@
+module.exports = class HttpError extends Error {
+  constructor(status, code, message, details) {
+    if (!status) throw new Error('An HTTP Error need a status')
+    if (!code) throw new Error('An HTTP Error need a code')
+
+    super(code)
+
+    this.name = 'HttpError'
+    this.status = status
+
+    if (code) this.code = code
+    if (message) this.message = message
+    if (details) this.details = details
+  }
+}
diff --git a/apps/api/src/middleware/auth.js b/apps/api/src/middleware/auth.js
@@ -0,0 +1,12 @@
+const HttpError = require('@/helpers/errors.js')
+
+module.exports = (req, res, next) => {
+  if (!req.session || !req.session.auth) {
+    throw new HttpError(
+      401,
+      'unauthorized',
+      'You do not have permission to reach this ressource.'
+    )
+  }
+  next()
+}
diff --git a/apps/api/src/middleware/cors.js b/apps/api/src/middleware/cors.js
@@ -1,6 +1,8 @@
 const cors = require('cors')
 
 module.exports = cors({
+  credentials: true,
+  exposedHeaders: ['Set-Cookie', 'Cookie'],
   origin: (origin, callback) => {
     if (
       !origin ||
diff --git a/apps/api/src/middleware/errors.js b/apps/api/src/middleware/errors.js
@@ -1,3 +1,5 @@
+const HttpError = require('@/helpers/errors.js')
+
 const handleLNMarketsRestError = (error) => {
   const { message, statusCode, code } = error
 
@@ -21,15 +23,28 @@ const internalError = (opt = {}) => {
     statusCode,
     json: {
       code: 'internalError',
-      message: 'Internal error',
+      message: 'Internal error.',
+    },
+  }
+}
+
+const parseHttpError = ({ status, code, message }) => {
+  return {
+    statusCode: status,
+    json: {
+      code,
+      message: message || code,
     },
   }
 }
 
 module.exports = (error, req, res, next) => {
   let response
+
   if (error.name === 'LNMarketsRestError') {
     response = handleLNMarketsRestError(error)
+  } else if (error instanceof HttpError) {
+    response = parseHttpError(error)
   } else {
     response = internalError()
   }
diff --git a/apps/api/src/middleware/session.js b/apps/api/src/middleware/session.js
@@ -0,0 +1,23 @@
+const dotenv = require('dotenv')
+dotenv.config()
+
+const def = {
+  userSecret: 'Default user secret change me',
+}
+
+const session = require('express-session')
+
+module.exports = session({
+  secret: process.env.SESSION_USER_SECRET || def.userSecret,
+  resave: false,
+  saveUninitialized: true,
+  name: process.env.SESSION_USER_COOKIE_NAME || 'session',
+  cookie: {
+    httpOnly: true,
+    maxAge:
+      parseInt(process.env.SESSION_USER_COOKIE_MAXAGE) ||
+      1000 * 60 * 60 * 24 * 30,
+    path: '/',
+    sameSite: process.env.SESSION_COOKIE_SAMESITE || true,
+  },
+})
diff --git a/apps/api/src/routes/index.js b/apps/api/src/routes/index.js
@@ -1,9 +1,11 @@
 const express = require('express')
-const router = express.Router()
+const isAuth = require('@/middleware/auth.js')
 
-router.get('/auth', require('./auth/get.js'))
-router.get('/futures', require('./futures/get.js'))
+const router = express.Router()
 
+router.get('/auth', [isAuth], require('./auth/get.js'))
+router.get('/futures', [isAuth], require('./futures/get.js'))
+router.post('/login', require('./login/post.js'))
 router.use('/user', require('./user/index.js'))
 
 module.exports = router
diff --git a/apps/api/src/routes/login/post.js b/apps/api/src/routes/login/post.js
@@ -0,0 +1,15 @@
+const HttpError = require('@/helpers/errors.js')
+
+module.exports = (req, res, next) => {
+  try {
+    if (req.body.password === process.env.APP_PASSWORD) {
+      req.session.auth = true
+    } else {
+      throw new HttpError(400, 'wrongPassword', 'Given password is incorrect.')
+    }
+
+    res.end()
+  } catch (error) {
+    next(error)
+  }
+}
diff --git a/apps/api/src/routes/user/deposit/post.js b/apps/api/src/routes/user/deposit/post.js
@@ -1,6 +1,8 @@
 const LNMarketsAPI = require('@/classes/lnmarkets-api.js')
 const LND = require('@/classes/lnd.js')
 
+const HttpError = require('@/helpers/errors.js')
+
 module.exports = async (req, res, next) => {
   try {
     const { amount } = req.body
@@ -13,7 +15,11 @@ module.exports = async (req, res, next) => {
     const { tokens } = await LND.decodePaymentRequest({ request })
 
     if (amount !== tokens) {
-      throw new Error('WrongAmountInvoice')
+      throw new HttpError(
+        400,
+        'WrongAmountInvoice',
+        'Amount request does not match with tokens in payment request.'
+      )
     }
 
     const { secret, paths } = await LND.pay({ request })
diff --git a/apps/api/src/routes/user/index.js b/apps/api/src/routes/user/index.js
@@ -1,9 +1,10 @@
 const express = require('express')
+const isAuth = require('@/middleware/auth.js')
 
 const router = express.Router()
 
-router.get('/', require('./get.js'))
-router.post('/deposit', require('./deposit/post.js'))
-router.post('/withdraw', require('./withdraw/post.js'))
+router.get('/', [isAuth], require('./get.js'))
+router.post('/deposit', [isAuth], require('./deposit/post.js'))
+router.post('/withdraw', [isAuth], require('./withdraw/post.js'))
 
 module.exports = router
diff --git a/apps/front/package.json b/apps/front/package.json
@@ -18,6 +18,7 @@
   "dependencies": {
     "@fortawesome/fontawesome-svg-core": "^1.2.35",
     "@fortawesome/free-brands-svg-icons": "^5.15.3",
+    "@fortawesome/free-regular-svg-icons": "^5.15.4",
     "@fortawesome/free-solid-svg-icons": "^5.15.3",
     "@fortawesome/vue-fontawesome": "^3.0.0-4",
     "mitt": "^3.0.0",
diff --git a/apps/front/src/App.vue b/apps/front/src/App.vue
@@ -1,42 +1,33 @@
 <template>
-  <div class="app-container">
-    <nav-header />
+  <div class="app-container" :class="isLandingPage ? 'h-full' : ''">
+    <nav-header v-if="!isLandingPage" />
     <router-view />
-    <nav-footer />
+    <nav-footer v-if="!isLandingPage" />
   </div>
   <lnm-umbrel-notifications />
   <modals-container />
 </template>
 
 <script>
-import { onMounted } from 'vue'
-import { useStore } from 'vuex'
+import { useRouter } from 'vue-router'
+
 import NavFooter from '@/layout/Footer.vue'
 import NavHeader from '@/layout/Header.vue'
 import { ModalsContainer } from 'vue-final-modal'
+import { computed } from 'vue'
 
 export default {
   components: { NavFooter, NavHeader, ModalsContainer },
   setup() {
-    const store = useStore()
-
-    const getUser = () => store.dispatch('user/get')
-    const getFutures = () => store.dispatch('futures/get')
-    const updateProfileInterval = () =>
-      store.dispatch('user/updateProfileInterval')
-    const showDisclaimer = () => store.dispatch('showDisclaimer')
+    const routeur = useRouter()
 
-    onMounted(() => {
-      showDisclaimer()
-      getUser().then(() => {
-        getFutures()
-        updateProfileInterval()
-      })
+    const isLandingPage = computed(() => {
+      return routeur.currentRoute.value.path === '/'
     })
 
     return {
-      getUser,
-      getFutures,
+      routeur,
+      isLandingPage,
     }
   },
 }
diff --git a/apps/front/src/components/Modal.vue b/apps/front/src/components/Modal.vue
@@ -1,18 +1,18 @@
 <template>
   <vue-final-modal
     :z-index-base="999"
-    classes="flex justify-center items-center"
-    content-class="relative flex flex-col mx-4 p-4 border rounded bg-white modal-content"
+    classes="flex fixed top-0 right-0 bottom-0 left-0 justify-center items-center bg-black bg-opacity-40"
+    content-class="flex overflow-x-auto flex-col w-5/6 lg:w-2/3 bg-white rounded-md shadow-2xl"
   >
     <div
-      class="py-2 text-3xl text-center border-b border-gray-500 font-semi-bold"
+      class="p-4 text-2xl sm:text-3xl font-bold text-center bg-gray-100 border-b-2"
     >
       <slot name="title"></slot>
     </div>
-    <div class="my-2">
+    <div class="p-4">
       <slot name="content"></slot>
     </div>
-    <div class="flex justify-evenly items-center py-2 w-full">
+    <div class="flex justify-around py-4 bg-gray-100 border-t-2">
       <slot name="footer"></slot>
     </div>
   </vue-final-modal>
diff --git a/apps/front/src/components/font-awesome.js b/apps/front/src/components/font-awesome.js
@@ -11,6 +11,8 @@ import {
   faQuestionCircle,
 } from '@fortawesome/free-solid-svg-icons'
 
+import { faEye, faEyeSlash } from '@fortawesome/free-regular-svg-icons'
+
 import {
   faTwitter,
   faTelegram,
@@ -29,7 +31,9 @@ library.add(
   faExclamationCircle,
   faCheckCircle,
   faQuestionCircle,
-  faDiscord
+  faDiscord,
+  faEyeSlash,
+  faEye
 )
 
 export default FontAwesomeIcon
diff --git a/apps/front/src/components/index.js b/apps/front/src/components/index.js
@@ -1,6 +1,7 @@
 import Button from './Button.vue'
 import Modal from './Modal.vue'
 import Slider from './Slider.vue'
+
 import FontAwesomeIcon from './font-awesome.js'
 
 export default (app) => {
diff --git a/apps/front/src/layout/Header.vue b/apps/front/src/layout/Header.vue
@@ -5,7 +5,7 @@
     <div
       class="float-left my-5 mx-8 w-16 h-auto font-bold hover:text-yellow-300 cursor-pointer"
     >
-      <a href="https://lnmarkets.com" rel="noopener" target="_blank">
+      <a :href="host" rel="noopener" target="_blank">
         <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1920 643.9364">
           <g fill="currentColor">
             <path
@@ -28,11 +28,22 @@
 </template>
 
 <script>
+import { ref } from 'vue'
+
+const mode = import.meta.env.MODE
+
 export default {
   name: 'LnmUmbrelHeader',
 
   setup() {
-    return {}
+    const host = ref(
+      mode === 'development'
+        ? 'https:/testnet.lnmarkets.com'
+        : 'https://lnmarkets.com'
+    )
+    return {
+      host,
+    }
   },
 }
 </script>
diff --git a/apps/front/src/plugins/client.js b/apps/front/src/plugins/client.js
@@ -33,6 +33,7 @@ export default class Client {
       }),
       mode: 'cors',
       cache: 'no-cache',
+      credentials: 'include',
     }
   }
 
diff --git a/apps/front/src/router/index.js b/apps/front/src/router/index.js
@@ -1,13 +1,20 @@
 import { createRouter, createWebHistory } from 'vue-router'
-import Index from '@/views/Index.vue'
+
+import Profile from '@/views/profile/Index.vue'
+import Authentication from '@/views/auth/Index.vue'
 
 const options = {
   history: createWebHistory(),
   routes: [
     {
       path: '/',
+      name: 'authentication',
+      component: Authentication,
+    },
+    {
+      path: '/app',
       name: 'profile',
-      component: Index,
+      component: Profile,
     },
   ],
 }
diff --git a/apps/front/src/store/index.js b/apps/front/src/store/index.js
@@ -44,6 +44,7 @@ export default createStore({
       })
 
       console.error(error)
+      return Promise.reject(error)
     },
   },
   mutations: {
diff --git a/apps/front/src/store/user/actions.js b/apps/front/src/store/user/actions.js
@@ -72,4 +72,13 @@ export default {
       return dispatch('error', error, { root: true })
     }
   },
+
+  async loginToUmbrel({ dispatch }, password) {
+    try {
+      console.log(password)
+      await api.post({ path: '/api/login', body: { password } })
+    } catch (error) {
+      return dispatch('error', error, { root: true })
+    }
+  },
 }
diff --git a/apps/front/src/views/auth/Index.vue b/apps/front/src/views/auth/Index.vue
diff --git a/apps/front/src/views/profile/Account.vue b/apps/front/src/views/profile/Account.vue
diff --git a/apps/front/src/views/profile/Actions.vue b/apps/front/src/views/profile/Actions.vue
diff --git a/apps/front/src/views/profile/Index.vue b/apps/front/src/views/profile/Index.vue
diff --git a/apps/front/src/views/profile/MarketData.vue b/apps/front/src/views/profile/MarketData.vue
diff --git a/apps/front/src/views/profile/Positions.vue b/apps/front/src/views/profile/Positions.vue
diff --git a/apps/front/src/views/profile/Profile.vue b/apps/front/src/views/profile/Profile.vue
diff --git a/dev/local/docker-compose.yml b/dev/local/docker-compose.yml
diff --git a/docker-compose.yml b/docker-compose.yml
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
