-
Notifications
You must be signed in to change notification settings - Fork 8
/
app.js
executable file
·189 lines (164 loc) · 5.26 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
/*
Load Twilio configuration from .env config file - the following environment
variables should be set:
process.env.TWILIO_ACCOUNT_SID
process.env.TWILIO_API_KEY
process.env.TWILIO_API_SECRET
process.env.APP_HASH
process.env.VERIFICATION_SERVICE_SID
process.env.COUNTRY_CODE
*/
require('dotenv').load();
const http = require('http');
const path = require('path');
const express = require('express');
const jsonBodyParser = require('body-parser').json();
// Twilio Library
const Twilio = require('twilio');
// Check configuration variables
if (process.env.TWILIO_API_KEY == null ||
process.env.TWILIO_API_SECRET == null ||
process.env.TWILIO_ACCOUNT_SID == null ||
process.env.VERIFICATION_SERVICE_SID == null ||
process.env.COUNTRY_CODE == null) {
console.log('Please copy the .env.example file to .env, ' +
'and then add your Twilio API Key, API Secret, ' +
'and Account SID to the .env file. ' +
'Find them on https://www.twilio.com/console');
process.exit();
}
if (process.env.APP_HASH == null) {
console.log('Please provide a valid Android app hash, ' +
'in the .env file');
process.exit();
}
if (process.env.CLIENT_SECRET == null) {
console.log('Please provide a secret string to share, ' +
'between the app and the server ' +
'in the .env file');
process.exit();
}
const configuredClientSecret = process.env.CLIENT_SECRET;
// Initialize the Twilio Client
const twilioClient = new Twilio(process.env.TWILIO_API_KEY,
process.env.TWILIO_API_SECRET,
{accountSid: process.env.TWILIO_ACCOUNT_SID});
const SMSVerify = require('./SMSVerify.js');
const smsVerify = new SMSVerify(twilioClient,
process.env.APP_HASH,
process.env.VERIFICATION_SERVICE_SID,
process.env.COUNTRY_CODE);
// Create Express webapp
const app = express();
app.use(express.static(path.join(__dirname, 'public')));
/*
Sends a one-time code to the user's phone number for verification
*/
app.post('/api/request', jsonBodyParser, function(request, response) {
const clientSecret = request.body.client_secret;
const phone = request.body.phone;
if (clientSecret == null || phone == null) {
// send an error saying that both client_secret and phone are required
response.send(500, 'Both client_secret and phone are required.');
return;
}
if (configuredClientSecret != clientSecret) {
response.send(500, 'The client_secret parameter does not match.');
return;
}
smsVerify.request(phone);
response.send({
success: true,
});
});
/*
Verifies the one-time code for a phone number
*/
app.post('/api/verify', jsonBodyParser, function(request, response) {
const clientSecret = request.body.client_secret;
const phone = request.body.phone;
const smsMessage = request.body.sms_message;
if (clientSecret == null || phone == null || smsMessage == null) {
// send an error saying that all parameters are required
response.send(500, 'The client_secret, phone, ' +
'and sms_message parameters are required');
return;
}
if (configuredClientSecret != clientSecret) {
response.send(500, 'The client_secret parameter does not match.');
return;
}
smsVerify.verify(phone, smsMessage, function(isSuccessful) {
if (isSuccessful) {
response.send({
success: true,
phone: phone,
});
} else {
response.send({
success: false,
msg: 'Unable to validate code for this phone number',
});
}
});
});
/*
Resets the one-time code for a phone number
*/
app.post('/api/reset', jsonBodyParser, function(request, response) {
const clientSecret = request.body.client_secret;
const phone = request.body.phone;
if (clientSecret == null || phone == null) {
// send an error saying that all parameters are required
response.send(500,
'The client_secret and phone parameters are required');
return;
}
if (configuredClientSecret != clientSecret) {
response.send(500, 'The client_secret parameter does not match.');
return;
}
const isSuccessful = smsVerify.reset(phone);
if (isSuccessful) {
response.send({
success: true,
phone: phone,
});
} else {
response.send({
success: false,
msg: 'Unable to reset code for this phone number',
});
}
});
/*
* Basic health check - check environment variables have been
* configured correctly
*/
app.get('/config', function(request, response) {
response.json( {
TWILIO_ACCOUNT_SID: process.env.TWILIO_ACCOUNT_SID,
TWILIO_API_KEY: process.env.TWILIO_API_KEY,
TWILIO_API_SECRET: process.env.TWILIO_API_SECRET != '',
CLIENT_SECRET: process.env.CLIENT_SECRET,
APP_HASH: process.env.APP_HASH,
VERIFICATION_SERVICE_SID: process.env.VERIFICATION_SERVICE_SID,
COUNTRY_CODE: process.env.COUNTRY_CODE,
});
});
// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
console.trace(err);
res.status(err.status || 500);
res.send({
message: err.message,
error: {},
});
});
// Create http server and run it
const server = http.createServer(app);
const port = process.env.PORT || 3000;
server.listen(port, function() {
console.log('Express server running on *:' + port);
});