add jwt_key (#14)

* add jwt_key

* jwt key should be disabled during fn call

* add jsonwebtoken

* pass auth headers with fn call

* display token with curl command

client/components/FnRouteForm.vue

@@ -13,6 +13,12 @@
           <input type="text" class="form-control" placeholder="e.g. iron/hello"  v-model="route.image" @keydown.enter.prevent="">
         </div>
       </div>
+      <div class="form-group">
+        <label class="col-sm-3 control-label">Jwt Key</label>
+        <div class="col-sm-9">
+          <input type="text" class="form-control" placeholder=""  v-model="route.jwt_key" @keydown.enter.prevent="">
+        </div>
+      </div>
       <div class="form-group">
         <label class="col-sm-3 control-label">Type</label>
         <div class="col-sm-9">

client/components/FnRunFunction.vue

@@ -13,16 +13,26 @@
           <input type="text" class="form-control" v-model="route.path" disabled>
         </div>
       </div>
+      <div class="form-group" v-if="route.jwt_key">
+        <label class="col-sm-3 control-label">Jwt Key</label>
+        <div class="col-sm-9">
+          <input type="text" class="form-control" v-model="route.jwt_key" disabled>
+        </div>
+      </div>
       <div class="form-group">
         <label class="col-sm-3 control-label">Payload</label>
         <div class="col-sm-9">
-          <textarea class="form-control" v-model="payload" placeholder="e.g. {}"></textarea>
+          <textarea class="form-control" v-model="payload" placeholder="e.g. {}" v-on:change="calculateToken"></textarea>
         </div>
       </div>
-      <div>
+      <div v-if="!route.jwt_key">
         <h5>cURL command</h5>
         <pre>curl -X POST -d '{{payload}}' {{apiUrl}}r/{{encodeURIComponent(this.app.name)}}/{{encodeURIComponent(this.route.path)}}</pre>
       </div>
+      <div v-if="route.jwt_key">
+        <h5>cURL command</h5>
+        <pre>curl -X POST -H 'Authorization: Bearer {{authToken}}' -d '{{payload}}' {{apiUrl}}r/{{encodeURIComponent(this.app.name)}}/{{encodeURIComponent(this.route.path)}}</pre>
+      </div>
 
       <div v-show="output">
         <h5>Output</h5>
@@ -40,6 +50,7 @@
 import Modal from '../lib/VueBootstrapModal.vue';
 import { eventBus } from '../client';
 import { defaultErrorHandler, getApiUrl } from '../lib/helpers';
+const jwt = require('jsonwebtoken');
 
 export default {
   props: ['app'],
@@ -52,6 +63,7 @@ export default {
       show: false,
       submitting: false,
       payload: '{}',
+      authToken: null,
       output: null,
       apiUrl: ''
     }
@@ -71,6 +83,9 @@ export default {
         method: 'POST',
         data: JSON.stringify({payload: this.payload}),
         contentType: "application/json",
+        headers: {
+          'X-Jwt-Key': this.route.jwt_key
+        },
         dataType: 'json',
         success: (res) => {
           console.log("res", res);
@@ -84,6 +99,9 @@ export default {
         }
       })
     },
+    calculateToken: function() {
+      this.authToken = jwt.sign(this.payload, this.route.jwt_key);
+    },
   },
   created:  function (){
     var t = this;
@@ -92,6 +110,12 @@ export default {
       this.payload = '{}';
       this.output = null;
       this.show = true;
+      if(this.route.jwt_key) {
+        this.calculateToken();
+      }
+    });
+    eventBus.$on('calculateToken', () => {
+      this.calculateToken();
     });
     getApiUrl( url => t.apiUrl = url );
   }

package.json

@@ -12,6 +12,7 @@
     "express": "~4.13.4",
     "file-loader": "^0.8.5",
     "imports-loader": "^0.6.5",
+    "jsonwebtoken": "^8.1.1",
     "lodash": "^4.13.1",
     "request": "^2.72.0",
     "resolve-url-loader": "^1.4.3",

server/controllers/routes.js

@@ -1,5 +1,6 @@
 var express = require('express');
 var router = express.Router();
+var jwt = require('jsonwebtoken');
 var helpers = require('../helpers/app-helpers.js');
 
 router.get('/:app/routes', function(req, res) {
@@ -62,8 +63,16 @@ router.post('/:app/routes/:route/run', function(req, res) {
     res.status(400).json({msg: text});
   }
   var data = req.body.payload;
+  if (req.headers['x-jwt-key']) {
+    var token = jwt.sign(data, req.headers['x-jwt-key']);
+    var authHeader = {'Authorization': 'Bearer ' + token };
+  }
+  else {
+    var authHeader = {};
+  }
+  var path = "/r/" + encodeURIComponent(req.params.app)+ "/" + encodeURIComponent(req.params.route);
+  helpers.execApiEndpointRaw('POST', req,  path, {}, data, successcb, errcb, authHeader);
 
-  helpers.execApiEndpointRaw('POST', req,  "/r/" + encodeURIComponent(req.params.app)+ "/" + encodeURIComponent(req.params.route), {}, data, successcb, errcb);
 });
 
 

server/helpers/app-helpers.js

@@ -30,23 +30,25 @@ exports.postApiEndpoint = function(req, path, params, postfields, successcb, err
   exports.execApiEndpoint('POST', req, path, params, postfields, successcb, errorcb);
 }
 
-exports.execApiEndpoint = function(method, req, path, params, postfields, successcb, errorcb) {
+exports.execApiEndpoint = function(method, req, path, params, postfields, successcb, errorcb, headers) {
   var options = {
     uri: exports.apiFullUrl(req, path),
     method: method,
-    json: postfields
+    json: postfields,
+    headers: headers
   };
 
   console.log(options.method + " " + options.uri + ", params: ", options.json);
 
   request(options, function(error, response, body){exports.requrestCb(successcb, errorcb, error, response, body)});
 }
 
-exports.execApiEndpointRaw = function(method, req, path, params, postfields, successcb, errorcb) {
+exports.execApiEndpointRaw = function(method, req, path, params, postfields, successcb, errorcb, headers) {
   var options = {
     uri: exports.apiFullUrl(req, path),
     method: method,
-    body: postfields
+    body: postfields,
+    headers: headers
   };
 
   console.log(options.method + " " + options.uri + ", params: ", options.body);