From 26104246ec87a8223af8ccdcdf837871440bc0f7 Mon Sep 17 00:00:00 2001 From: petehunt Date: Wed, 31 Dec 2014 03:52:59 -0500 Subject: [PATCH 1/3] Add Authbox support --- .gitignore | 1 + package.json | 1 + server/app.js | 48 +++++++++++++++++++++++++++++++++++++----------- 3 files changed, 39 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index 584df56..37acb9a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ banned_numbers.js mixpanel_config.js +authbox_config.js keys.json *.swp diff --git a/package.json b/package.json index 6a37296..03743bd 100644 --- a/package.json +++ b/package.json @@ -6,6 +6,7 @@ } , "dependencies": { "express": "~3.5.1" + , "authbox": "^0.9.2" , "jade": "~0.14.2" , "nodemailer": "~0.6.1" , "redis-url": "~0.2.0" diff --git a/server/app.js b/server/app.js index 448b6e4..a880323 100644 --- a/server/app.js +++ b/server/app.js @@ -1,5 +1,6 @@ var express = require('express') , app = express() + , authbox = require('authbox') , _ = require('underscore') , fs = require('fs') , mixpanel = require('mixpanel') @@ -21,7 +22,8 @@ try { } var mpq - , mixpanel_config; + , mixpanel_config + , authbox_config; try { mixpanel_config = require('./mixpanel_config.js'); mpq = new mixpanel.Client(mixpanel_config.api_key); @@ -29,6 +31,13 @@ try { mpq = {track: function() {}}; } +try { + authbox_config = require('./authbox_config.js'); + authbox.configure(authbox_config); +} catch(e) { + authbox = {log: function() {}}; +} + var access_keys; try { // Optionally, you may specify special access keys in a keys.json file. @@ -45,6 +54,7 @@ app.set('view engine', 'jade'); app.use(express.cookieParser()); app.use(express.static(__dirname + '/public')); +app.use(authbox.middleware); app.use(express.bodyParser()); // App routes @@ -79,21 +89,16 @@ app.post('/intl', function(req, res) { // App helper functions function textRequestHandler(req, res, number, region, key) { + var authbox_details = { + $actionName: 'text' + }; + if (!number || !req.body.message) { mpq.track('incomplete request'); + authbox.log(req, _.extend(authbox_details, {$failureReason: 'incomplete_request'})); res.send({success:false, message:'Number and message parameters are required.'}); return; } - if (banned_numbers.BLACKLIST[number]) { - mpq.track('banned number'); - res.send({success:false,message:'Sorry, texts to this number are disabled.'}); - return; - } - - var ip = req.connection.remoteAddress; - if (!ip || ip === '127.0.0.1') { - ip = req.header('X-Real-IP'); - } var message = req.body.message; if (message.indexOf(':') > -1) { @@ -102,6 +107,23 @@ function textRequestHandler(req, res, number, region, key) { message = ' ' + message; } + _.extend(authbox_details, { + recipient__phone: number, + message__text: message + }); + + if (banned_numbers.BLACKLIST[number]) { + mpq.track('banned number'); + authbox.log(req, _.extend(authbox_details, {$failureReason: 'banned_number'})); + res.send({success:false,message:'Sorry, texts to this number are disabled.'}); + return; + } + + var ip = req.connection.remoteAddress; + if (!ip || ip === '127.0.0.1') { + ip = req.header('X-Real-IP'); + } + var tracking_details = { number: number, message: req.body.message, @@ -115,6 +137,7 @@ function textRequestHandler(req, res, number, region, key) { text.send(number, message, region, function(err) { if (err) { mpq.track('sendText failed', tracking_details); + authbox.log(req, _.extend(authbox_details, {$failureReason: 'gateway_failed'})); res.send(_.extend(response_obj, { success:false, @@ -123,6 +146,7 @@ function textRequestHandler(req, res, number, region, key) { } else { mpq.track('sendText success', tracking_details); + authbox.log(req, _.extend(authbox_details, {$success: true})); res.send(_.extend(response_obj, {success:true})); } }); @@ -160,6 +184,7 @@ function textRequestHandler(req, res, number, region, key) { }, 1000*60*3); if (num > 3) { mpq.track('exceeded phone quota'); + authbox.log(req, _.extend(authbox_details, {$failureReason: 'exceeded_phone_quota'})); res.send({success:false, message:'Exceeded quota for this phone number. ' + number}); return; } @@ -173,6 +198,7 @@ function textRequestHandler(req, res, number, region, key) { } if (num > 75) { mpq.track('exceeded ip quota'); + authbox.log(req, _.extend(authbox_details, {$failureReason: 'exceeded_ip_quota'})); res.send({success:false, message:'Exceeded quota for this IP address. ' + ip}); return; } From 5ca3eff6c28b346de1126fe328b365eecee2552e Mon Sep 17 00:00:00 2001 From: Ian Webster Date: Sat, 3 Jan 2015 14:48:45 -0500 Subject: [PATCH 2/3] Hash phone number sent to authbox and don't crash w no authbox config --- package.json | 2 +- server/app.js | 32 +++++++++++++++++--------------- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/package.json b/package.json index 03743bd..296d393 100644 --- a/package.json +++ b/package.json @@ -8,10 +8,10 @@ "express": "~3.5.1" , "authbox": "^0.9.2" , "jade": "~0.14.2" + , "mixpanel": "~0.0.19" , "nodemailer": "~0.6.1" , "redis-url": "~0.2.0" , "underscore": "~1.6.0" - , "mixpanel": "~0.0.19" } , "devDependencies": { } diff --git a/server/app.js b/server/app.js index a880323..40f1674 100644 --- a/server/app.js +++ b/server/app.js @@ -1,15 +1,23 @@ var express = require('express') , app = express() - , authbox = require('authbox') , _ = require('underscore') + , authbox = require('authbox') + , crypto = require('crypto') + , exec = require('child_process').exec , fs = require('fs') , mixpanel = require('mixpanel') - , exec = require('child_process').exec - , spawn = require('child_process').spawn - , Stream = require('stream') , redis = require('redis-url').connect() + , spawn = require('child_process').spawn , text = require('../lib/text'); +// Express config +app.set('views', __dirname + '/views'); +app.set('view engine', 'jade'); + +app.use(express.cookieParser()); +app.use(express.static(__dirname + '/public')); +app.use(express.bodyParser()); + // Enable log messages when sending texts. text.debug(true); @@ -34,6 +42,7 @@ try { try { authbox_config = require('./authbox_config.js'); authbox.configure(authbox_config); + app.use(authbox.middleware); } catch(e) { authbox = {log: function() {}}; } @@ -48,15 +57,6 @@ try { access_keys = {}; } -// Express config -app.set('views', __dirname + '/views'); -app.set('view engine', 'jade'); - -app.use(express.cookieParser()); -app.use(express.static(__dirname + '/public')); -app.use(authbox.middleware); -app.use(express.bodyParser()); - // App routes app.get('/', function(req, res) { fs.readFile(__dirname + '/views/index.html', 'utf8', function(err, text){ @@ -103,12 +103,14 @@ function textRequestHandler(req, res, number, region, key) { var message = req.body.message; if (message.indexOf(':') > -1) { // Handle problem with vtext where message would not get sent properly if it - // contains a colon + // contains a colon. message = ' ' + message; } + shasum.update(number); + var authbox_digest = shasum.digest('hex'); _.extend(authbox_details, { - recipient__phone: number, + recipient: number, message__text: message }); From 604fd06b01908c2b0e4cb4e4cb4b617f454cf7bd Mon Sep 17 00:00:00 2001 From: Ian Webster Date: Sat, 3 Jan 2015 14:50:18 -0500 Subject: [PATCH 3/3] Add example authbox config --- server/authbox_config_example.js | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 server/authbox_config_example.js diff --git a/server/authbox_config_example.js b/server/authbox_config_example.js new file mode 100644 index 0000000..ac1607d --- /dev/null +++ b/server/authbox_config_example.js @@ -0,0 +1,4 @@ +module.exports = { + apiKey: 'foobar', + secretKey: '1234567' +};