trusted-setup-server/server/controllers/contribute.js

/* eslint-disable no-console */
const fs = require('fs').promises
const path = require('path')
const util = require('util')
const exec = util.promisify(require('child_process').exec)
const crypto = require('crypto')
const aws = require('aws-sdk')
const express = require('express')
const { Mutex } = require('async-mutex')
const multer = require('multer')
const blake2 = require('blake2')

const mutex = new Mutex()
const s3 = new aws.S3()
const router = express.Router()
const { Contribution } = require('../models')
const upload = multer({ dest: '/tmp/tornado' })

async function uploadToS3({ filename, contributionIndex }) {
  const fileContent = await fs.readFile(`/tmp/tornado/${filename}`)
  return s3
    .upload({
      Bucket: process.env.AWS_S3_BUCKET,
      Key: `response_${contributionIndex}`,
      ACL: 'public-read',
      Body: fileContent
    })
    .promise()
}

async function verifyResponse({ filename }) {
  console.log('Running verifier')
  const { stdout, stderr } = await exec(
    `../bin/phase2_verify_contribution circuit.json current.params /tmp/tornado/${filename}`,
    {
      cwd: './server/snark_files/',
      env: { RUST_BACKTRACE: 1 }
    }
  )
  console.log(stdout)
  console.error(stderr)
}

router.get('/challenge', (req, res) => {
  res.sendFile('./snark_files/current.params', { root: path.join(__dirname, '../') })
})

router.get('/contributions', async (req, res) => {
  const contributions = await Contribution.findAll({
    attributes: ['id', 'name', 'company', 'handle', 'socialType', 'attestation']
  })
  res.json(contributions)
})

router.post('/response', upload.single('response'), async (req, res) => {
  if (!req.file) {
    res.status(400).send('Missing response file')
    return
  }

  await mutex.runExclusive(async () => {
    const contributionIndex = await Contribution.nextContributionIndex()
    try {
      console.log(`Started processing contribution ${contributionIndex}`)
      await verifyResponse({ filename: req.file.filename })
    } catch (e) {
      console.error('Got error during verifying', e)
      await fs.unlink(`/tmp/tornado/${req.file.filename}`)
      res.status(422).send(e.toString())
      return
    }

    try {
      const socialType = req.session.socialType || 'anonymous'
      let name = null
      let company = null
      let handle = null
      let token = null
      if (socialType !== 'anonymous' && req.body) {
        name = req.body.name || null
        company = req.body.company || null
        handle = req.session.handle || null
      } else {
        token = crypto.randomBytes(32).toString('hex')
      }

      await Contribution.create({ name, company, handle, socialType, token })

      console.log('Contribution is correct, uploading to storage')
      if (process.env.DISABLE_S3 !== 'true') {
        await uploadToS3({ filename: req.file.filename, contributionIndex })
      }

      console.log('Committing changes')
      await fs.copyFile(`/tmp/tornado/${req.file.filename}`, './server/snark_files/current.params')
      await fs.copyFile(
        './server/snark_files/current.params',
        `./server/snark_files/response_${contributionIndex}`
      )

      console.log('Contribution finished.')
      res.json({ contributionIndex, token })
    } catch (e) {
      console.error('Got error during save', e)
      res.status(503).send(e.toString())
    } finally {
      await fs.unlink(`/tmp/tornado/${req.file.filename}`)
    }
  })
})

router.post('/authorize_contribution', async (req, res) => {
  if (!req.body || !req.body.name || !req.body.token) {
    res.status(404).send('Wrong request params')
  }

  const contribution = await Contribution.findOne({ where: { token: req.body.token } })
  if (!contribution) {
    res.status(404).send('There is no such contribution')
    return
  }

  if (contribution.dataValues.socialType !== 'anonymous') {
    res.status(404).send('The contribution is already authorized')
    return
  }

  if (!req.session.socialType || req.session.socialType === 'anonymous') {
    res.status(403).send('Access forbidden')
    return
  }

  try {
    await Contribution.update(
      {
        name: req.body.name,
        company: req.body.company,
        handle: req.session.handle,
        socialType: req.session.socialType
      },
      { where: { id: contribution.dataValues.id }, individualHooks: true }
    )
    res.send('OK')
  } catch (e) {
    console.error('updateError', e)
    res.status(404).send('Update error')
  }
})

router.post('/get_contribution_index', async (req, res) => {
  if (!req.body || !req.body.token) {
    res.status(404).send('Wrong request params')
  }

  const contribution = await Contribution.findOne({ where: { token: req.body.token } })
  if (!contribution) {
    res.status(404).send('There is no such contribution')
    return
  }

  if (contribution.dataValues.socialType !== 'anonymous') {
    res.status(404).send('The contribution is already authorized')
    return
  }

  return res.json({ id: contribution.dataValues.id }).send()
})

module.exports = router
authorize button feature 2020-02-08 19:47:21 +01:00			`/* eslint-disable no-console */`
updates 2020-01-29 12:30:50 +01:00			`const fs = require('fs').promises`
			`const path = require('path')`
			`const util = require('util')`
			`const exec = util.promisify(require('child_process').exec)`
updates 2020-02-07 10:21:53 +01:00			`const crypto = require('crypto')`
s3 2020-01-30 15:00:34 +01:00			`const aws = require('aws-sdk')`
updates 2020-01-29 12:30:50 +01:00			`const express = require('express')`
			`const { Mutex } = require('async-mutex')`
make it work again! 2020-01-29 17:59:37 +01:00			`const multer = require('multer')`
contribution hash; authorize fix 2020-02-29 12:22:45 +01:00			`const blake2 = require('blake2')`
s3 2020-01-30 15:00:34 +01:00
			`const mutex = new Mutex()`
			`const s3 = new aws.S3()`
			`const router = express.Router()`
ORM and validation 2020-02-06 15:24:04 +01:00			`const { Contribution } = require('../models')`
make it work again! 2020-01-29 17:59:37 +01:00			`const upload = multer({ dest: '/tmp/tornado' })`
updates 2020-01-29 12:30:50 +01:00
ORM and validation 2020-02-06 15:24:04 +01:00			`async function uploadToS3({ filename, contributionIndex }) {`
s3 2020-01-30 15:00:34 +01:00			const fileContent = await fs.readFile(`/tmp/tornado/${filename}`)
			`return s3`
			`.upload({`
			`Bucket: process.env.AWS_S3_BUCKET,`
ORM and validation 2020-02-06 15:24:04 +01:00			Key: `response_${contributionIndex}`,
s3 2020-01-30 15:00:34 +01:00			`ACL: 'public-read',`
			`Body: fileContent`
			`})`
			`.promise()`
			`}`
updates 2020-01-29 12:30:50 +01:00
make it work again! 2020-01-29 17:59:37 +01:00			`async function verifyResponse({ filename }) {`
updates 2020-01-29 12:30:50 +01:00			`console.log('Running verifier')`
			`const { stdout, stderr } = await exec(`
db; docker updates 2020-01-31 18:03:09 +01:00			`../bin/phase2_verify_contribution circuit.json current.params /tmp/tornado/${filename}`,
make it work again! 2020-01-29 17:59:37 +01:00			`{`
			`cwd: './server/snark_files/',`
			`env: { RUST_BACKTRACE: 1 }`
updates 2020-01-29 12:30:50 +01:00			`}`
			`)`
			`console.log(stdout)`
			`console.error(stderr)`
			`}`

			`router.get('/challenge', (req, res) => {`
			`res.sendFile('./snark_files/current.params', { root: path.join(__dirname, '../') })`
			`})`

			`router.get('/contributions', async (req, res) => {`
ORM and validation 2020-02-06 15:24:04 +01:00			`const contributions = await Contribution.findAll({`
attestation watcher 2020-02-25 15:13:09 +01:00			`attributes: ['id', 'name', 'company', 'handle', 'socialType', 'attestation']`
ORM and validation 2020-02-06 15:24:04 +01:00			`})`
attestation watcher 2020-02-25 15:13:09 +01:00			`res.json(contributions)`
updates 2020-01-29 12:30:50 +01:00			`})`

make it work again! 2020-01-29 17:59:37 +01:00			`router.post('/response', upload.single('response'), async (req, res) => {`
			`if (!req.file) {`
updates 2020-01-29 12:30:50 +01:00			`res.status(400).send('Missing response file')`
			`return`
			`}`

			`await mutex.runExclusive(async () => {`
ORM and validation 2020-02-06 15:24:04 +01:00			`const contributionIndex = await Contribution.nextContributionIndex()`
updates 2020-01-29 12:30:50 +01:00			`try {`
ORM and validation 2020-02-06 15:24:04 +01:00			console.log(`Started processing contribution ${contributionIndex}`)
make it work again! 2020-01-29 17:59:37 +01:00			`await verifyResponse({ filename: req.file.filename })`
updates 2020-01-29 12:30:50 +01:00			`} catch (e) {`
ORM and validation 2020-02-06 15:24:04 +01:00			`console.error('Got error during verifying', e)`
			await fs.unlink(`/tmp/tornado/${req.file.filename}`)
updates 2020-01-29 12:30:50 +01:00			`res.status(422).send(e.toString())`
make it work again! 2020-01-29 17:59:37 +01:00			`return`
updates 2020-01-29 12:30:50 +01:00			`}`

			`try {`
index page contributions 2020-02-05 16:02:34 +01:00			`const socialType = req.session.socialType \|\| 'anonymous'`
			`let name = null`
			`let company = null`
			`let handle = null`
updates 2020-02-07 10:21:53 +01:00			`let token = null`
index page contributions 2020-02-05 16:02:34 +01:00			`if (socialType !== 'anonymous' && req.body) {`
			`name = req.body.name \|\| null`
			`company = req.body.company \|\| null`
			`handle = req.session.handle \|\| null`
updates 2020-02-07 10:21:53 +01:00			`} else {`
			`token = crypto.randomBytes(32).toString('hex')`
index page contributions 2020-02-05 16:02:34 +01:00			`}`

get hash from webassm 2020-04-27 13:11:35 +02:00			`await Contribution.create({ name, company, handle, socialType, token })`
ORM and validation 2020-02-06 15:24:04 +01:00
			`console.log('Contribution is correct, uploading to storage')`
			`if (process.env.DISABLE_S3 !== 'true') {`
			`await uploadToS3({ filename: req.file.filename, contributionIndex })`
			`}`

			`console.log('Committing changes')`
fix fs.rename issue 2020-04-13 18:09:33 +02:00			await fs.copyFile(`/tmp/tornado/${req.file.filename}`, './server/snark_files/current.params')
add dockerignore file; readme update 2020-02-08 16:57:49 +01:00			`await fs.copyFile(`
			`'./server/snark_files/current.params',`
			`./server/snark_files/response_${contributionIndex}`
			`)`
ORM and validation 2020-02-06 15:24:04 +01:00
get hash from webassm 2020-04-27 13:11:35 +02:00			`console.log('Contribution finished.')`
			`res.json({ contributionIndex, token })`
updates 2020-01-29 12:30:50 +01:00			`} catch (e) {`
ORM and validation 2020-02-06 15:24:04 +01:00			`console.error('Got error during save', e)`
updates 2020-01-29 12:30:50 +01:00			`res.status(503).send(e.toString())`
fix fs.rename issue 2020-04-13 18:09:33 +02:00			`} finally {`
			await fs.unlink(`/tmp/tornado/${req.file.filename}`)
updates 2020-01-29 12:30:50 +01:00			`}`
			`})`
			`})`

authorize button feature 2020-02-08 19:47:21 +01:00			`router.post('/authorize_contribution', async (req, res) => {`
			`if (!req.body \|\| !req.body.name \|\| !req.body.token) {`
			`res.status(404).send('Wrong request params')`
			`}`

			`const contribution = await Contribution.findOne({ where: { token: req.body.token } })`
			`if (!contribution) {`
			`res.status(404).send('There is no such contribution')`
			`return`
			`}`

			`if (contribution.dataValues.socialType !== 'anonymous') {`
			`res.status(404).send('The contribution is already authorized')`
			`return`
			`}`

			`if (!req.session.socialType \|\| req.session.socialType === 'anonymous') {`
			`res.status(403).send('Access forbidden')`
			`return`
			`}`

			`try {`
			`await Contribution.update(`
			`{`
			`name: req.body.name,`
			`company: req.body.company,`
			`handle: req.session.handle,`
			`socialType: req.session.socialType`
			`},`
contribution hash; authorize fix 2020-02-29 12:22:45 +01:00			`{ where: { id: contribution.dataValues.id }, individualHooks: true }`
authorize button feature 2020-02-08 19:47:21 +01:00			`)`
contribution hash; authorize fix 2020-02-29 12:22:45 +01:00			`res.send('OK')`
authorize button feature 2020-02-08 19:47:21 +01:00			`} catch (e) {`
			`console.error('updateError', e)`
			`res.status(404).send('Update error')`
			`}`
			`})`

restrict symbols -fix validation on update query 2020-02-14 15:13:11 +01:00			`router.post('/get_contribution_index', async (req, res) => {`
check contribution 2020-02-11 10:53:41 +01:00			`if (!req.body \|\| !req.body.token) {`
			`res.status(404).send('Wrong request params')`
			`}`

			`const contribution = await Contribution.findOne({ where: { token: req.body.token } })`
			`if (!contribution) {`
			`res.status(404).send('There is no such contribution')`
			`return`
			`}`

			`if (contribution.dataValues.socialType !== 'anonymous') {`
			`res.status(404).send('The contribution is already authorized')`
			`return`
			`}`

			`return res.json({ id: contribution.dataValues.id }).send()`
			`})`

make it work again! 2020-01-29 17:59:37 +01:00			`module.exports = router`