diff --git a/.gitignore b/.gitignore index 316c8dc..f6f8dde 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,6 @@ jspm_packages # Optional REPL history .node_repl_history + +# Environment files +.env \ No newline at end of file diff --git a/README.md b/README.md index da4e9f7..6f82b98 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ YES, indeed it is powered by `Node.js v6` on `Raspberry PI 3`. -## 2. Reuqirements +## 2. Requirements ### 2.1 Equipment * [**Raspberry PI 3 Model B**](https://www.raspberrypi.org/products/raspberry-pi-3-model-b/) with the latest **Raspbian OS** installed * **Node.js v6.0** diff --git a/create_env.js b/create_env.js new file mode 100644 index 0000000..734d7fa --- /dev/null +++ b/create_env.js @@ -0,0 +1,31 @@ +const fs = require('fs'); +const crypto = require('crypto'); +const bcrypt = require('bcrypt'); +const prompt = require('prompt'); + +prompt.start(); + + +prompt.get({ + properties: { + username: { + pattern: /^[a-zA-Z\s\-]+$/, + message: 'Username must be only letters, spaces, or dashes', + required: true + }, + password: { + hidden: true + } + } + }, function (err, result) { + if (err) console.error('Failed to create a .env file'); + + const password = bcrypt.hashSync(result.password, 10) + + fs.writeFile( + '.env', + 'COOKIE_SECRET=' + crypto.randomBytes(40).toString('hex') + '\n' + + 'USERNAME=' + result.username + '\n' + + 'PASSWORD=' + password + '\n' + ); +}); \ No newline at end of file diff --git a/lib/app.js b/lib/app.js index 696d52e..02900fd 100644 --- a/lib/app.js +++ b/lib/app.js @@ -4,13 +4,15 @@ const express = require("express"); const path = require("path"); const session = require("express-session"); const FileStore = require('session-file-store')(session); - +const dotenv = require('dotenv'); +var crypto = require("crypto"); /** * Setup express app */ const app = express(); const passport = require("./passport"); +dotenv.config(); /** * Parsers @@ -19,7 +21,8 @@ app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); app.use(cookieParser()); app.use(session({ - secret: "aedf1829f7", + secret: (process.env.COOKIE_SECRET && process.env.COOKIE_SECRET !== '') ? + process.env.COOKIE_SECRET : crypto.randomBytes(40).toString('hex'), resave: false, saveUninitialized: true, cookie: { secure: false, maxAge: 1000 * 60 * 60 * 24 * 100 }, diff --git a/lib/passport.js b/lib/passport.js index b8805bb..6986ec2 100644 --- a/lib/passport.js +++ b/lib/passport.js @@ -1,13 +1,22 @@ const LocalStrategy = require("passport-local").Strategy; const md5 = require("md5"); +const bcrypt = require('bcrypt'); const passport = require("passport"); +const dotenv = require('dotenv'); +dotenv.config(); passport.use("local", new LocalStrategy({ usernameField: 'username', passwordField: 'password' }, (username, password, done) => { - if (username === "admin" && md5(password) === "a99e2bc0efaa6c17888f2946aedc6be8") + const serverUsername = (process.env.USERNAME && process.env.USERNAME !== '') ? + process.env.USERNAME : 'admin'; + const serverPassword = (process.env.PASSWORD && process.env.PASSWORD !== '') ? + process.env.PASSWORD : '$2y$10$BiQ8hbUWvjnu4Yi59i4e/u0LKMcoOzAn/5oeZjh5JrzekAeVn4oX.'; + + if (!process.env.PASSWORD) password = md5(password) + if (username === serverUsername && bcrypt.compareSync(password, serverPassword)) { return done(null, { id: "admin" diff --git a/package.json b/package.json index 44e46db..b4e7a95 100644 --- a/package.json +++ b/package.json @@ -17,8 +17,10 @@ }, "homepage": "https://github.com/MagicCube/rpi-man#readme", "dependencies": { + "bcrypt": "3.0.6", "body-parser": "^1.15.2", "cookie-parser": "^1.4.3", + "dotenv": "8.0.0", "express": "^4.14.0", "express-session": "^1.14.0", "md5": "^2.1.0", @@ -26,6 +28,7 @@ "passport": "^0.3.2", "passport-local": "^1.0.0", "pty.js": "^0.3.1", + "prompt": "1.0.0", "session-file-store": "^0.2.0", "socket.io": "^1.4.8" }, diff --git a/rpi-man-get b/rpi-man-get index 6df683a..8d819fd 100755 --- a/rpi-man-get +++ b/rpi-man-get @@ -9,6 +9,8 @@ install() { echo "Installing rpi-man..." install_dependencies + echo "Generating .env file" + node create_env.js echo "Make rpi-man-server as global command..." ln -s $path/bin/rpi-man-server $bin_path echo "Make rpi-man-server run at startup..."