Disclaimer: I'm totally new to Node.js and Socket.io and this is more like a Javascript/general programming question than a Node.js specific question but since it's written in Node.js I had to post it here.
I have a function like this
configs.socket.on('device_pair_authorization', function(device, callback) {
var pair_token = device.pair_token;
var server_signature = device.server_signature;
if(pair_token && server_signature) {
var decipher = crypto.createDecipher('aes-256-cbc', 'SOME_KEY');
var decryptedSignature = decipher.update(server_signature, 'base64', 'utf8');
decryptedSignature = decryptedSignature + decipher.final('utf8');
deSigJSON = JSON.parse(decryptedSignature);
if(deSigJSON.user_id && deSigJSON.pair_token) {
if(deSigJSON.pair_token === pair_token) {
var server_handshake_token = deSigJSON.server_token;
if(server_handshake_token) {
//VALIDATED
var one_time_access_token = crypto.createHash('sha512').update([Math.random(), server_handshake_token, new Date()].join()).digest('base64');
var expires = new Date().getTime() + 60;
callback({
is_authorized: true,
one_time_access_token: one_time_access_token
});
}
callback({
is_authorized: false,
error: "Server Token Is Missing"
});
}
callback({
is_authorized: false,
error: "Pair Token is Incorrect"
});
}
callback({
is_authorized: false,
error: "Signature is corrupted"
});
}
callback({
is_authorized: false,
error: "Pair_Token or Server_Signature is missing"
});
});
The whole idea is that the function is a authorization function and to prevent fraud, each step is checked separately and if something goes wrong in the middle of the checks, the callback is executed with a specific error message and is_authorized=false. If everything goes well, the callback is executed with is_authorized=true and a token is sent back.
My problem is, the code does not look neat to me and I'm sure there is a way to modify this code so that callback is not written multiple times but I don't know why.
I want to re-write the code in a more professional way. Any suggestions?
You don't need any special async flow helpers here, just format you code properly. But you could take a look on Q promises helpers , Async.js and PubSubJS
configs.socket.on('device_pair_authorization', function(device, callback) {
var pair_token = device.pair_token;
var server_signature = device.server_signature;
var errorCallback = function(error) {
callback({
is_authorized: false,
error: error
});
}
if(!pair_token || !server_signature) {
return errorCallback("Pair_Token or Server_Signature is missing")
}
var decipher = crypto.createDecipher('aes-256-cbc', 'SOME_KEY');
var decryptedSignature = decipher.update(server_signature, 'base64', 'utf8');
decryptedSignature = decryptedSignature + decipher.final('utf8');
deSigJSON = JSON.parse(decryptedSignature);
if(!deSigJSON.user_id || !deSigJSON.pair_token) {
return errorCallback("Signature is corrupted");
}
if(deSigJSON.pair_token !== pair_token) {
return errorCallback("Pair Token is Incorrect");
}
if(!deSigJSON.server_token) {
return errorCallback("Server Token Is Missing");
}
//VALIDATED
var server_handshake_token = deSigJSON.server_token;
var one_time_access_token = crypto.createHash('sha512').update([
Math.random(), server_handshake_token, new Date()
].join()).digest('base64');
var expires = new Date().getTime() + 60;
callback({
is_authorized: true,
one_time_access_token: one_time_access_token
});
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.