exonum-http-get-auth
Authenticate HTTP GET requests in Exonum through AWS-like header signing.
Exonum already features functionality to auth POST, so you can filter the data added to blockchain. This crate allows you to also authenticate reading.
Request validation is based on signing url, method and timestamp (requests decay in 30 sec after signing to prevent replay attacks) and putting the signature into http header.
Usage:
extern crate exonum_http_get_auth;
use authenticate_request;
Provided authenticate_request()
method returns a function to be passed as an argument into the router
's get()
handler :
router.get;
and a little more more generic way in case you want to authenticate multiple requests with the same key:
let auth = ;
router.get;
Front-end side:
Proper request should have fields:
x-date
date in ISO8601 formatx-auth
64-byte SHA256 signature of concatedurl+method+date
UTF-8 array (method
is always"GET"
)
Example:
const Exonum = require;
const lib = require;
const date = .;
console.log;
const method = 'GET';
const address = 'http://127.0.0.1:8000/my_endpoint';
const keys = ;
const data = ;
const signature = ;
var reqHeaders = ;
reqHeaders.;
reqHeaders.;
var options = ;
var authRequest = ;
.
.;