Add dockerfile. Add config by env.

Hexagon · Dec 7, 2021 · e71651e · e71651e
1 parent c966bb8
commit e71651e
Show file tree

Hide file tree

Showing 8 changed files with 46 additions and 29 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,7 @@
+FROM node:16-alpine
+COPY . /usr/src/app
+WORKDIR /usr/src/app
+RUN npm install --no-cache
+EXPOSE 3000
+RUN chmod +x /usr/src/app/docker-entrypoint.sh
+ENTRYPOINT ["/usr/src/app/docker-entrypoint.sh", "npm", "start"]
diff --git a/app.js b/app.js
@@ -5,7 +5,7 @@ const cookieParser  = require('cookie-parser');
 const path          = require('path');
 const crypto        = require('crypto');
 
-const config        = require('./config.json');
+const config        = require('./config');
 const defaultroutes = require('./routes/default');
 const webuathnauth  = require('./routes/webauthn.js');
 
@@ -33,17 +33,21 @@ app.use('/webauthn', webuathnauth);
 const port = config.port || 3000;
 
 // Local development
-const https = require("https");
-const fs = require('fs');
-var privateKey = fs.readFileSync('./keys/key.pem');
-var certificate = fs.readFileSync('./keys/cert.pem');
-https.createServer({
-  key: privateKey,
-  cert: certificate
-}, app).listen(port);
+if (config.mode === "development") {
+  const https = require("https");
+  const fs = require('fs');
+  var privateKey = fs.readFileSync('./keys/key.pem');
+  var certificate = fs.readFileSync('./keys/cert.pem');
+  https.createServer({
+    key: privateKey,
+    cert: certificate
+  }, app).listen(port);  
 
 // "Production" HTTP - (for use behind https proxy)
-// app.listen(port);
+} else {
+  app.listen(port);
+
+}
 
 console.log(`Started app on port ${port}`);
 

diff --git a/config.js b/config.js
@@ -0,0 +1,15 @@
+let config = {
+    "port": 3000,
+    "origin": "https://localhost:3000",
+    "rpId": "localhost",
+    "rpName": "Webauthn Skeleton",
+    "mode": "development"
+};
+
+config.port = process.env.PORT || config.port;
+config.origin = process.env.WAS_ORIGIN || config.origin;
+config.rpId = process.env.WAS_RPID || config.rpId;
+config.rpName = process.env.WAS_RPNAME || config.rpName;
+config.mode = process.env.WAS_MODE || config.mode;
+
+module.exports = config;
diff --git a/config.json b/config.json
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+set -e
+
+exec "$@"
diff --git a/package.json b/package.json
@@ -4,7 +4,8 @@
   "description": "Skeleton for a Node.js powered Web Authentication API enabled website",
   "main": "app.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "start": "node app.js"
   },
   "repository": {
     "type": "git",

diff --git a/routes/webauthn.js b/routes/webauthn.js
@@ -1,6 +1,6 @@
 const express   = require('express');
 const Fido2     = require('../utils/fido2');
-const config    = require('../config.json');
+const config    = require('../config');
 const crypto    = require('crypto');
 const router    = express.Router();
 const database  = require('./db');
@@ -129,8 +129,6 @@ router.post('/response', async (request, response) => {
             counter: result.authnrData.get("counter"),
         };
 
-        console.log('Successful registration, user authorized with token', token);
-
         database[request.session.username].authenticators.push(token);
         database[request.session.username].registered = true
 
@@ -169,7 +167,7 @@ router.post('/response', async (request, response) => {
                 break;
 
             } catch (e) {
-                console.log(e);
+
             }
         }
         // authentication complete!

diff --git a/utils/fido2.js b/utils/fido2.js
@@ -4,13 +4,10 @@ const base64url = require("@hexagon/base64-arraybuffer");
 
 class Fido2 {
     constructor(rpId, rpName, rpIcon) {
-        // could also use one or more of the options below,
-        // which just makes the options calls easier later on:
         this.f2l = new Fido2Lib({
-            timeout: 60000,
+            timeout: 90000,
             rpId,
             rpName,
-            //rpIcon: "https://example.com/logo.png",
             challengeSize: 128,
             attestation: "none",
             cryptoParams: [-7, -257],
@@ -44,11 +41,7 @@ class Fido2 {
             factor: "either"
         };
         var regResult = await this.f2l.attestationResult(clientAttestationResponse, attestationExpectations); // will throw on error
-
-        // registration complete!
-        // save publicKey and counter from regResult to user's info for future authentication calls
         return regResult;
-
     }
 
     async login(username) {