Implement user-id.verify

This commit is contained in:
Tankred Hase 2016-05-30 16:06:52 +02:00
parent 279992379f
commit f930ee38e9
4 changed files with 31 additions and 7 deletions

View File

@ -115,7 +115,7 @@ function injectDependencies() {
userId = new UserId(mongo);
publicKey = new PublicKey(openpgp, mongo, email, userId);
hkp = new HKP(publicKey);
rest = new REST(publicKey);
rest = new REST(publicKey, userId);
}
function readCredentials() {

View File

@ -28,7 +28,7 @@ class HKP {
/**
* Create an instance of the HKP server
* @param {Object} publicKey An instance of the public key controller
* @param {Object} publicKey An instance of the public key service
*/
constructor(publicKey) {
this._publicKey = publicKey;

View File

@ -27,10 +27,12 @@ class REST {
/**
* Create an instance of the REST server
* @param {Object} publicKey An instance of the public key controller
* @param {Object} publicKey An instance of the public key service
* @param {Object} userId An instance of the user id service
*/
constructor(publicKey) {
constructor(publicKey, userId) {
this._publicKey = publicKey;
this._userId = userId;
}
/**
@ -50,9 +52,16 @@ class REST {
ctx.status = 201;
}
/**
* Verify a public key's user id via http GET
* @param {Object} ctx The koa request/response context
*/
*verify(ctx) {
ctx.throw(501, 'Not implemented!');
yield;
let q = { keyid:ctx.query.keyid, nonce:ctx.query.nonce };
if (!util.validateKeyId(q.keyid) && !util.isString(q.nonce)) {
ctx.throw(400, 'Invalid request!');
}
yield this._userId.verify(q);
}
/**

View File

@ -18,6 +18,7 @@
'use strict';
const uuid = require('node-uuid');
const util = require('./util');
/**
* Database documents have the format:
@ -60,11 +61,25 @@ class UserId {
});
let r = yield this._mongo.batch(userIds, DB_TYPE);
if (r.insertedCount !== userIds.length) {
throw new Error('Failed to persist user ids');
util.throw(500, 'Failed to persist user ids');
}
return userIds;
}
/**
* Verify a user id by proving knowledge of the nonce.
* @param {string} keyid Correspronding public key id
* @param {string} nonce The verification nonce proving email address ownership
* @yield {undefined}
*/
*verify(options) {
let uid = this._mongo.get(options, DB_TYPE);
if (!uid) {
util.throw(404, 'User id not found');
}
yield this._mongo.update(uid, { verified:true, nonce:null }, DB_TYPE);
}
/**
* Get a verified user IDs either by key id or email address.
* There can only be one verified user ID for an email address