121 lines
2.7 KiB
Go
121 lines
2.7 KiB
Go
package modules
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"github.com/filecoin-project/go-lotus/build"
|
|
"github.com/filecoin-project/go-lotus/node/modules/helpers"
|
|
"github.com/gbrlsnchs/jwt/v3"
|
|
logging "github.com/ipfs/go-log"
|
|
"github.com/libp2p/go-libp2p-core/host"
|
|
"github.com/libp2p/go-libp2p-core/peerstore"
|
|
record "github.com/libp2p/go-libp2p-record"
|
|
"go.uber.org/fx"
|
|
"golang.org/x/xerrors"
|
|
"io"
|
|
"io/ioutil"
|
|
"time"
|
|
|
|
"github.com/filecoin-project/go-lotus/api"
|
|
"github.com/filecoin-project/go-lotus/chain/types"
|
|
"github.com/filecoin-project/go-lotus/node/modules/dtypes"
|
|
"github.com/filecoin-project/go-lotus/node/repo"
|
|
)
|
|
|
|
var log = logging.Logger("modules")
|
|
|
|
type Genesis func() (*types.BlockHeader, error)
|
|
|
|
// RecordValidator provides namesys compatible routing record validator
|
|
func RecordValidator(ps peerstore.Peerstore) record.Validator {
|
|
return record.NamespacedValidator{
|
|
"pk": record.PublicKeyValidator{},
|
|
}
|
|
}
|
|
|
|
const JWTSecretName = "auth-jwt-private"
|
|
|
|
type jwtPayload struct {
|
|
Allow []string
|
|
}
|
|
|
|
func APISecret(keystore types.KeyStore, lr repo.LockedRepo) (*dtypes.APIAlg, error) {
|
|
key, err := keystore.Get(JWTSecretName)
|
|
if err != nil {
|
|
log.Warn("Generating new API secret")
|
|
|
|
sk, err := ioutil.ReadAll(io.LimitReader(rand.Reader, 32))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
key = types.KeyInfo{
|
|
Type: "jwt-hmac-secret",
|
|
PrivateKey: sk,
|
|
}
|
|
|
|
if err := keystore.Put(JWTSecretName, key); err != nil {
|
|
return nil, xerrors.Errorf("writing API secret: %w", err)
|
|
}
|
|
|
|
// TODO: make this configurable
|
|
p := jwtPayload{
|
|
Allow: api.AllPermissions,
|
|
}
|
|
|
|
cliToken, err := jwt.Sign(&p, jwt.NewHS256(key.PrivateKey))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := lr.SetAPIToken(cliToken); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return (*dtypes.APIAlg)(jwt.NewHS256(key.PrivateKey)), nil
|
|
}
|
|
|
|
func Bootstrap(mctx helpers.MetricsCtx, lc fx.Lifecycle, host host.Host) {
|
|
ctx, cancel := context.WithCancel(mctx)
|
|
|
|
lc.Append(fx.Hook{
|
|
OnStart: func(_ context.Context) error {
|
|
go func() {
|
|
for {
|
|
sctx, cancel := context.WithTimeout(ctx, build.BlockDelay*time.Second/2)
|
|
<-sctx.Done()
|
|
cancel()
|
|
|
|
if ctx.Err() != nil {
|
|
return
|
|
}
|
|
|
|
if len(host.Network().Conns()) > 0 {
|
|
continue
|
|
}
|
|
|
|
log.Warn("No peers connected, performing automatic bootstrap")
|
|
|
|
pis, err := build.BuiltinBootstrap()
|
|
if err != nil {
|
|
log.Error("Getting bootstrap addrs: ", err)
|
|
return
|
|
}
|
|
|
|
for _, pi := range pis {
|
|
if err := host.Connect(ctx, pi); err != nil {
|
|
log.Warn("bootstrap connect failed: ", err)
|
|
}
|
|
}
|
|
}
|
|
}()
|
|
return nil
|
|
},
|
|
OnStop: func(_ context.Context) error {
|
|
cancel()
|
|
return nil
|
|
},
|
|
})
|
|
}
|