#91 authorization header in electron app

2026-04-18 00:56:02 +00:00 · 2021-04-23 20:39:08 +02:00
parent 73a1fce919
commit 9a2d56bfe4
4 changed files with 30 additions and 3 deletions
--- a/app/src/electron.js
+++ b/app/src/electron.js
@@ -212,8 +212,9 @@ function createWindow() {
    ]);
    apiProcess.on('message', msg => {
      if (msg.msgtype == 'listening') {
-        const { port } = msg;
+        const { port, authorization } = msg;
        global['port'] = port;
+        global['authorization'] = authorization;
        loadMainWindow();
      }
    });
--- a/packages/api/src/main.js
+++ b/packages/api/src/main.js
@@ -9,6 +9,7 @@ const fs = require('fs');
 const findFreePort = require('find-free-port');
 const childProcessChecker = require('./utility/childProcessChecker');
 const path = require('path');
+const crypto = require('crypto');

 const useController = require('./utility/useController');
 const socket = require('./utility/socket');
@@ -31,6 +32,8 @@ const { rundir } = require('./utility/directories');
 const platformInfo = require('./utility/platformInfo');
 const processArgs = require('./utility/processArgs');

+let authorization = null;
+
 function start() {
  // console.log('process.argv', process.argv);

@@ -51,6 +54,13 @@ function start() {
    );
  }

+  app.use(function (req, res, next) {
+    if (authorization && req.headers.authorization != authorization) {
+      return res.status(403).json({ error: 'Not authorized!' });
+    }
+    next();
+  });
+
  app.use(cors());
  app.use(bodyParser.json({ limit: '50mb' }));

@@ -95,10 +105,12 @@ function start() {
  if (processArgs.dynport) {
    childProcessChecker();

+    authorization = crypto.randomBytes(32).toString('hex');
+
    findFreePort(53911, function (err, port) {
      server.listen(port, () => {
        console.log(`DbGate API listening on port ${port}`);
-        process.send({ msgtype: 'listening', port });
+        process.send({ msgtype: 'listening', port, authorization });
      });
    });
  } else if (platformInfo.isNpmDist) {
--- a/packages/web/src/utility/axiosInstance.js
+++ b/packages/web/src/utility/axiosInstance.js
@@ -1,5 +1,5 @@
 import axios from 'axios';
-import resolveApi from './resolveApi';
+import resolveApi, { resolveApiHeaders } from './resolveApi';

 const axiosInstance = axios.create({
  baseURL: resolveApi(),
@@ -9,6 +9,7 @@ axiosInstance.defaults.headers = {
  'Cache-Control': 'no-cache',
  Pragma: 'no-cache',
  Expires: '0',
+  ...resolveApiHeaders(),
 };

 export default axiosInstance;
--- a/packages/web/src/utility/resolveApi.ts
+++ b/packages/web/src/utility/resolveApi.ts
@@ -20,3 +20,16 @@ export default function resolveApi() {
  }
  return window.location.origin;
 }
+
+export function resolveApiHeaders() {
+  if (window['require']) {
+    const electron = window['require']('electron');
+
+    if (electron) {
+      return {
+        Authorization: electron.remote.getGlobal('authorization'),
+      };
+    }
+  }
+  return {};
+}