lotus/node/modules/core.go
Jakub Sztandera 64fa6fd9e5 Draw the rest of the owl
Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai>
2020-09-10 17:41:55 -04:00

109 lines
2.8 KiB
Go

package modules
import (
"context"
"crypto/rand"
"errors"
"io"
"io/ioutil"
"path/filepath"
"github.com/gbrlsnchs/jwt/v3"
logging "github.com/ipfs/go-log/v2"
"github.com/libp2p/go-libp2p-core/peerstore"
record "github.com/libp2p/go-libp2p-record"
"golang.org/x/xerrors"
"github.com/filecoin-project/go-jsonrpc/auth"
"github.com/filecoin-project/lotus/api/apistruct"
"github.com/filecoin-project/lotus/build"
"github.com/filecoin-project/lotus/chain/types"
"github.com/filecoin-project/lotus/journal"
"github.com/filecoin-project/lotus/lib/addrutil"
"github.com/filecoin-project/lotus/node/modules/dtypes"
"github.com/filecoin-project/lotus/node/repo"
)
var log = logging.Logger("modules")
type Genesis func() (*types.BlockHeader, error)
// RecordValidator provides namesys compatible routing record validator
func RecordValidator(ps peerstore.Peerstore) record.Validator {
return record.NamespacedValidator{
"pk": record.PublicKeyValidator{},
}
}
const JWTSecretName = "auth-jwt-private" //nolint:gosec
const KTJwtHmacSecret = "jwt-hmac-secret" //nolint:gosec
type JwtPayload struct {
Allow []auth.Permission
}
func APISecret(keystore types.KeyStore, lr repo.LockedRepo) (*dtypes.APIAlg, error) {
key, err := keystore.Get(JWTSecretName)
if errors.Is(err, types.ErrKeyInfoNotFound) {
log.Warn("Generating new API secret")
sk, err := ioutil.ReadAll(io.LimitReader(rand.Reader, 32))
if err != nil {
return nil, err
}
key = types.KeyInfo{
Type: KTJwtHmacSecret,
PrivateKey: sk,
}
if err := keystore.Put(JWTSecretName, key); err != nil {
return nil, xerrors.Errorf("writing API secret: %w", err)
}
// TODO: make this configurable
p := JwtPayload{
Allow: apistruct.AllPermissions,
}
cliToken, err := jwt.Sign(&p, jwt.NewHS256(key.PrivateKey))
if err != nil {
return nil, err
}
if err := lr.SetAPIToken(cliToken); err != nil {
return nil, err
}
} else if err != nil {
return nil, xerrors.Errorf("could not get JWT Token: %w", err)
}
return (*dtypes.APIAlg)(jwt.NewHS256(key.PrivateKey)), nil
}
func ConfigBootstrap(peers []string) func() (dtypes.BootstrapPeers, error) {
return func() (dtypes.BootstrapPeers, error) {
return addrutil.ParseAddresses(context.TODO(), peers)
}
}
func BuiltinBootstrap() (dtypes.BootstrapPeers, error) {
return build.BuiltinBootstrap()
}
func DrandBootstrap(d dtypes.DrandSchedule) (dtypes.DrandBootstrap, error) {
// TODO: retry resolving, don't fail if at least one resolve succeeds
addrs, err := addrutil.ParseAddresses(context.TODO(), d[0].Config.Relays)
if err != nil {
log.Errorf("reoslving drand relays addresses: %+v", err)
return nil, nil
}
return addrs, nil
}
func SetupJournal(lr repo.LockedRepo) error {
return journal.InitializeSystemJournal(filepath.Join(lr.Path(), "journal"))
}