Skip to content

Commit

Permalink
Merge pull request #578 from alemayhu/fix/hash-tokens
Browse files Browse the repository at this point in the history 
fix: repair the broken down migration
  • Loading branch information
@aalemayhu
aalemayhu authored Apr 10, 2022
2 parents 3df210b + 6f83080 commit ecd15ba
Show file tree
Hide file tree
Showing 11 changed files with 126 additions and 18 deletions.
5 changes: 0 additions & 5 deletions server/lib/User/getNotionData.ts
View file

This file was deleted.

6 changes: 3 additions & 3 deletions server/lib/jobs/ConversionJob.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { Knex } from "knex";

import performConversion from "../../routes/notion/convert/helpers/performConversion";
import TokenHandler from "../misc/TokenHandler";
import NotionAPIWrapper from "../notion/NotionAPIWrapper";
import getNotionData from "../User/getNotionData";

export default class ConversionJob {
db: Knex;
Expand Down Expand Up @@ -58,8 +58,8 @@ export default class ConversionJob {
console.log("jobs", jobs);
jobs.forEach(async (job) => {
try {
const data = await getNotionData(DB, job.owner);
const api = new NotionAPIWrapper(data.token);
const token = await TokenHandler.GetNotionToken(job.owner);
const api = new NotionAPIWrapper(token!);
await performConversion(api, job.object_id, job.owner, null, null);
} catch (error) {
await new ConversionJob(DB).completed(job.object_id, job.owner);
Expand Down
11 changes: 8 additions & 3 deletions server/lib/misc/TokenHandler.ts
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
import crypto from "crypto";

import jwt from "jsonwebtoken";
import { Knex } from "knex";

import DB from "../storage/db";
import hashToken from "./hashToken";
import unHashToken from "./unHashToken";

interface User {
owner: string;
Expand All @@ -21,7 +22,7 @@ class TokenHandler {
workspace_icon: data.workspace_icon,
workspace_id: data.workspace_id,
notion_owner: data.owner,
token: data.access_token,
token: hashToken(data.access_token),
owner: user,
})
.onConflict("owner")
Expand Down Expand Up @@ -62,7 +63,11 @@ class TokenHandler {
if (!owner) {
return null;
}
return DB("notion_tokens").where({ owner }).returning("token").first();
const row = await DB("notion_tokens")
.where({ owner })
.returning("token")
.first();
return unHashToken(row.token);
}

static async GetPatreonToken(owner: number) {
Expand Down
8 changes: 8 additions & 0 deletions server/lib/misc/hashToken.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
import CryptoJS from "crypto-js";

export default function hashToken(token: string): string {
return CryptoJS.AES.encrypt(
token,
process.env.THE_HASHING_SECRET!
).toString();
}
7 changes: 7 additions & 0 deletions server/lib/misc/unHashToken.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
import CryptoJS from "crypto-js";

export default function unHashToken(hashed: string): string {
return CryptoJS.AES.decrypt(hashed, process.env.THE_HASHING_SECRET!).toString(
CryptoJS.enc.Utf8
);
}
11 changes: 11 additions & 0 deletions server/migrations/20220410100114_add-encrypted-field-notion-tokens.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
module.exports.up = (knex) => {
return knex.schema.table("notion_tokens", (table) => {
table.boolean("encrypted").defaultTo(false);
});
};

module.exports.down = (knex) => {
return knex.schema.table("notion_tokens", (table) => {
table.dropColumn("encrypted");
});
};
57 changes: 57 additions & 0 deletions server/migrations/20220410101019_hash-all-notion-tokens.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
const CryptoJS = require("crypto-js");

function unHashToken(token) {
return CryptoJS.AES.decrypt(token, process.env.THE_HASHING_SECRET).toString(
CryptoJS.enc.Utf8
);
}

function hashToken(token) {
return CryptoJS.AES.encrypt(token, process.env.THE_HASHING_SECRET).toString();
}

module.exports.up = (knex) => {
return knex
.select()
.from("notion_tokens")
.then((users) => {
return knex.transaction((trx) => {
return knex.schema
.table("notion_tokens", () =>
Promise.all(
users.map((row) => {
return knex("notion_tokens")
.update({ token: hashToken(row.token), encrypted: true })
.where({ owner: row.owner, encrypted: false })
.transacting(trx);
})
)
)
.then(trx.commit)
.catch(trx.rollback);
});
});
};

module.exports.down = (knex) => {
return knex
.select()
.from("notion_tokens")
.then((users) => {
return knex.transaction((trx) => {
return knex.schema
.table("notion_tokens", () =>
Promise.all(
users.map((row) => {
return knex("notion_tokens")
.update({ token: unHashToken(row.token), encrypted: false })
.where({ owner: row.owner, encrypted: true })
.transacting(trx);
})
)
)
.then(trx.commit)
.catch(trx.rollback);
});
});
};
28 changes: 26 additions & 2 deletions server/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion server/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"notion2anki"
],
"author": "Alexander Alemayhu",
"version": "0.9.7",
"version": "0.10.2",
"engines": {
"node": ">=12.0.0"
},
Expand Down Expand Up @@ -51,6 +51,7 @@
"bcryptjs": "^2.4.3",
"cheerio": "1.0.0-rc.3",
"cookie-parser": "^1.4.5",
"crypto-js": "^4.1.1",
"express": "^4.17.1",
"find-remove": "^2.0.3",
"json-markup": "^1.1.3",
Expand All @@ -73,6 +74,7 @@
"@types/base-64": "^1.0.0",
"@types/cheerio": "^0.22.28",
"@types/cookie-parser": "^1.4.2",
"@types/crypto-js": "^4.1.1",
"@types/dotenv": "^8.2.0",
"@types/express": "^4.17.11",
"@types/find-remove": "^2.0.0",
Expand Down
5 changes: 2 additions & 3 deletions server/routes/notion/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import getPage from "./getPage";
import getBlocks from "./getBlocks";
import getBlock from "./getBlock";
import getDatabase from "./getDatabase";
import getNotionData from "../../lib/User/getNotionData";
import { queryDatabase } from "./queryDatabase";

const router = express.Router();
Expand All @@ -20,8 +19,8 @@ const ConfigureNotionAPI = async (
res: express.Response
): Promise<NotionAPIWrapper> => {
console.debug("Configuring Notion API for " + req.originalUrl);
const data = await getNotionData(DB, res.locals.owner);
return new NotionAPIWrapper(data.token);
const token = await TokenHandler.GetNotionToken(res.locals.owner);
return new NotionAPIWrapper(token!);
};

router.get("/connect", RequireAuthentication, async (req, res) => {
Expand Down
2 changes: 1 addition & 1 deletion server/routes/users/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,7 @@ router.post("/register", async (req, res, next) => {
}
});

const distDir = path.join(__dirname, "../../web/build");
const distDir = path.join(__dirname, "../../../web/build");
router.get("/r/:id", async (req, res, next) => {
try {
const reset_token = req.params.id;
Expand Down

0 comments on commit ecd15ba

Please sign in to comment.