var input = '';
var dots = document.querySelectorAll('.dot'), numbers = document.querySelectorAll('.number');
-function displayPincode() {
+function request(method, url, body, callback) {
var xhr = new XMLHttpRequest();
xhr.onload = function() {
if (xhr.status === 200 || xhr.status === 201) {
- publicKey = xhr.responseText;
+ callback(xhr.responseText);
} else {
console.error(xhr.responseText);
}
};
- xhr.open('GET', serverURL + ':' + serverPort + '/pincode/publicKey');
- xhr.send();
+ xhr.open(method, url);
+ if (body) {
+ xhr.setRequestHeader("Content-Type", "application/json");
+ xhr.send(JSON.stringify(body));
+ } else {
+ xhr.send();
+ }
+}
+
+function displayPincode() {
+ request('GET', `${serverURL}:${serverPort}/pincode/publicKey`,
+ null,
+ (result) => {
+ publicKey = result;
+ }
+ );
}
function init() {
});
}
-async function sendPinCode(data) {
+function handleResult(result) {
+ if (result === 'retry') {
+ dots.forEach(function (dot, index) {
+ dot.classList.add('wrong');
+ });
+ document.body.classList.add('wrong');
+ setTimeout(function () {
+ alert('Failed to input 5 times. A new Pincode has been generated, so check the TV notification.');
+ }, 1000);
+ } else {
+ chkPinCode(result === 'true' ? true : false);
+ }
+}
+
+function sendPinCode(data) {
var encrypt = new JSEncrypt();
encrypt.setPublicKey(publicKey);
- var xhr = new XMLHttpRequest();
- xhr.onload = function() {
- if (xhr.status === 200 || xhr.status === 201) {
- console.log(`result : ${xhr.responseText}`);
- if (xhr.responseText === 'retry') {
- dots.forEach(function(dot, index) {
- dot.classList.add('wrong');
- });
- document.body.classList.add('wrong');
- setTimeout(function() {
- alert('Failed to input 5 times. A new Pincode has been generated, so check the TV notification.');
- }, 1000);
- } else {
- chkPinCode(xhr.responseText === 'true' ? true : false);
- }
- } else {
- console.error(xhr.responseText);
- }
- };
- xhr.open('POST', serverURL + ':' + serverPort + '/pincode/pinCodeToServer');
- xhr.setRequestHeader("Content-Type", "application/json");
var data = encrypt.encrypt(data);
console.log(`${TAG} data: ${data}`);
- xhr.send(JSON.stringify({ pincode: data.toString("utf8") }));
+ data = { pincode: data.toString("utf8") };
+
+ request('POST', `${serverURL}:${serverPort}/pincode/pinCodeToServer`,
+ data,
+ (result) => {
+ handleResult(result);
+ }
+ );
+}
+
+function verifyPincode(pincode) {
+ request('POST', `${serverURL}:${serverPort}/pincode/verifyPincode`,
+ { pincode }, // need to encrypt by server public key (nice-to-have)
+ (result) => {
+ handleResult(result);
+ }
+ );
}
function chkPinCode(returnVal) {
}
window.onload = function() {
- displayPincode();
- init();
+ let queryString = location.search;
+ if (queryString) {
+ let pincode = queryString.substr(3); // strip '?p='
+ console.log(`${TAG} pincode : ${pincode}`);
+ verifyPincode(pincode);
+ } else {
+ displayPincode();
+ init();
+ }
};
'use strict';
const express = require('express');
-const fs = require('fs');
const http = require('http');
const path = require('path');
const relayServer = require('./relay-server.js');
const session = require('express-session');
const cookieParser = require('cookie-parser');
const EventEmitter = require('events');
-const XMLHttpRequest = require('xmlhttprequest').XMLHttpRequest;
const crypto = require('crypto');
const { Security } = require('./security.js');
const JSEncryptLib = require('./jsencrypt');
var tryCount = 0;
var sip;
var clientPublicKeys = {};
+var oneTimePincode = '';
// The pincode is disabled just for demo.
var DEMO_MODE = false;
try {
evtEmit.emit(data[0]['key'], 'message', data[0]['value']);
} catch (e) {
- console.log('wrt.message.port has exception' + e);
+ console.log(`${TAG} wrt.message.port has exception ${e}`);
}
});
}
}
}
+let clearOtpTimer = null;
+function generateOneTimePinCode() {
+ const byteData = crypto.randomBytes(256);
+ if (!oneTimePincode) {
+ oneTimePincode = parseInt(byteData.toString('hex').substr(0, 8), 16).toString().substr(0, 4);
+ }
+ if (clearOtpTimer) {
+ clearTimeout(clearOtpTimer);
+ }
+ clearOtpTimer = setTimeout(() => {
+ oneTimePincode = '';
+ }, 60 * 1000);
+
+ console.log(`${TAG} oneTimePincode : ${oneTimePincode}`);
+ return oneTimePincode;
+}
+
async function displayPincode(req) {
// Generate pincode
- const byteData = crypto.randomBytes(256);
- req.session.pincode = parseInt(byteData.toString('hex').substr(0, 8), 16).toString().substr(0, 4);
+ req.session.pincode = generateOneTimePinCode();
// Generate RSA keys
await security.awaitKeyPair(req);
// Show pincode popup
}
var HTTPserverStart = function() {
+ console.log(`${TAG} HTTPserverStart`);
evtEmit = new EventEmitter();
const app = express();
app.engine('html', require('ejs').renderFile);
comparePincode(req, res, resultData);
});
+ app.post('/pincode/verifyPincode', express.json(), (req, res) => {
+ // Verify onetime pincode
+ const resultData = req.body['pincode'];
+ console.log(`${TAG} verifyPincode resultData : ${resultData}`);
+ let base64otp = Buffer.from(oneTimePincode, 'utf8').toString('base64');
+ let isSame = (base64otp == resultData);
+ if (isSame)
+ req.session.ip = getIp(req.socket.remoteAddress);
+ res.send(isSame);
+ });
+
app.post('/pincode/publicKeyToServer', express.json(), (req, res) => {
const pkgId = req.body['pkgId']
if (clientPublicKeys[pkgId] === undefined)