Browse Source

storage-node-v2: Add timestamp validation on upload request.

Shamil Gadelshin 3 years ago
parent
commit
a312cf5491

+ 5 - 1
storage-node-v2/src/services/helpers/auth.ts

@@ -20,7 +20,7 @@ export interface RequestData {
 }
 
 export interface UploadTokenBody extends RequestData {
-  timestamp: number
+  validUntil: number // timestamp
 }
 
 export interface UploadToken {
@@ -82,4 +82,8 @@ export function verifyUploadTokenData(
   if (token.data.bagId !== request.bagId) {
     throw new Error('Unexpected bagId')
   }
+
+  if (token.data.validUntil < Date.now()) {
+    throw new Error('Token expired')
+  }
 }

+ 7 - 1
storage-node-v2/src/services/webApi/controllers/publicApi.ts

@@ -68,7 +68,7 @@ export async function authToken(
     await validateTokenRequest(api, tokenRequest)
 
     const tokenBody: UploadTokenBody = {
-      timestamp: Date.now(),
+      validUntil: getTokenExpirationTime(),
       ...tokenRequest.data,
     }
     const signedToken = createUploadToken(tokenBody, account)
@@ -150,3 +150,9 @@ async function validateTokenRequest(
     throw new Error(`Provided controller account and member id don't match.`)
   }
 }
+
+// TODO: move to config or set to 10 seconds
+const TokenExpirationPeriod: number = 100 * 1000 // seconds
+function getTokenExpirationTime(): number {
+  return Date.now() + TokenExpirationPeriod
+}