diff --git a/chimera/splitAndValidateEnvVars.js b/chimera/splitAndValidateEnvVars.js index 2a1511c..6961c5e 100644 --- a/chimera/splitAndValidateEnvVars.js +++ b/chimera/splitAndValidateEnvVars.js @@ -34,8 +34,11 @@ const isFolderCheck = (varName) => { } const confirmPath = (varName, shouldBeFolder=false) => { + if(process.env[varName].length == 0){ + return + } const isAbsolutePath = path.isAbsolute(process.env[varName]) - if(process.env[varName].length != 0 && !isAbsolutePath){ + if(!isAbsolutePath){ console.log(varName, "SHOULD BE AN ABSOLUTE PATH") allEnvPresent = false return @@ -136,9 +139,19 @@ confirmPath("livestream_FOLDERPATH", true) writeVarLine("object_ON") writeVarLine("object_PORT") env.gateway += writeVarLine("object_HOST") +writeVarLine("object_FULL_URL") +env.lib += writeVarLine("object_AUTH") + +writeVarLine("object_CAMERA_URLS") writeVarLine("object_minimumConfidence") writeVarLine("object_alertUrls") +writeVarLine("object_headless_ON") +writeVarLine("object_browser_FILEPATH") +confirmPath("object_browser_FILEPATH") +writeVarLine("object_data_FOLDERPATH") +confirmPath("object_data_FOLDERPATH", true) + env.memory += writeVarLine("memory_ON") env.memory += writeVarLine("memory_PORT") env.memory += writeVarLine("memory_HOST") diff --git a/env.example b/env.example index ec181e4..53decd5 100644 --- a/env.example +++ b/env.example @@ -128,12 +128,18 @@ livestream_CAMERA_URL_1 = Full url with authentication for rtsp stream object_ON = (true | false) object_PORT = Port for object server object_HOST = https://object.server.example or http://127.0.0.1:8081 +object_FULL_URL = https://chimera.server.example/object or http://127.0.0.1:8081/object +object_AUTH = Authorization token to bypass auth for object (keep secret) object_CAMERA_URLS = array of strings with HLS stream urls object_minimumConfidence = minimum confidence to warrant an alert for people detection object_alertUrls = object webhook url array +object_headless_ON = (true | false) +object_browser_FILEPATH = file path to browser for object headless to use +object_data_FOLDERPATH = folder path to hold temp data + ################################################################## # # Memory diff --git a/lib/utils/auth.js b/lib/utils/auth.js index fa69631..bbf546b 100644 --- a/lib/utils/auth.js +++ b/lib/utils/auth.js @@ -3,6 +3,7 @@ const jwt = require("jsonwebtoken") const bcrypt = require("bcryptjs") const schedulableUrls = ["/convert/createVideo", "/convert/createZip", "/file/pathMetrics", "/file/pathDelete", "/file/pathClean"] +const objectUrl = "/livestream/feed/" module.exports = { authorize: (req, res, next) => { @@ -16,6 +17,10 @@ module.exports = { let [key, value] = cookie.split("=") return key == "bearertoken" && value.includes("Bearer") }) + const objectTokenCookie = cookies.find((cookie) => { + let [key] = cookie.split("=") + return key == "objecttoken" + }) if(bearerTokenCookie){ const bearerToken = bearerTokenCookie.split("=")[1] jwt.verify(bearerToken.split("%20")[1], secretKey, (err, decoded) => { @@ -26,6 +31,15 @@ module.exports = { } }) } + else if(objectTokenCookie){ + const objectToken = objectTokenCookie.split("=")[1] + if(req.path.includes(objectUrl) && objectToken == process.env.object_AUTH){ + next() + } + else{ + method == "GET" ? res.redirect(303, "/?loginForm") : res.status(401).send({error: "unauthorized"}) + } + } else method == "GET" ? res.redirect(303, "/?loginForm") : res.status(401).send({error: "unauthorized"}) } else method == "GET" ? res.redirect(303, "/?loginForm") : res.status(401).send({error: "unauthorized"}) }, diff --git a/package.json b/package.json index a9e964b..35f1b09 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "chimera", - "version": "5.0.4", + "version": "5.1.0", "description": "a microservices based security camera system", "main": "server.js", "engines": { @@ -80,7 +80,7 @@ "mkdirp": "^1.0.4", "ncp": "^2.0.0", "npm-run-all": "^4.1.5", - "object": "jjjpanda/object#v3.2.0", + "object": "jjjpanda/object#v3.3.0", "pg": "^8.7.1", "pm2": "^5.1.2", "rimraf": "^3.0.2",