npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

microtunnel-server

v1.0.7

Published

NodeJS library for post-quantum communication between apps

Downloads

14

Readme

microtunnel-server

microtunnel-server is an express based library to enable post-quantum protected communication between apps (it must be used with microtunnel-client). You can send any JSON-serializable data. It also uses supersphincs for app authentication, kyber-crystals for asymmetric encryption and symcryptor for symmetric encryption.

Installation

npm i microtunnel-server

Usage

First, you have to create app credentials and save them in a json file. Enter in module path typing cd path-to-your-project/node-modules/microtunnel-server and then run npm run -s cred-generate > ../../appCred.json to save the credentials in your project root.

// appCred.json
{
    // Supersphincs keys base-64 encoded
    "publicKey": "X67kzs9zrKfbayvF5SIsulZzfUYHeTm6BoFTD/BWiryIcOWcaR8d6M4LpaOylCi4DqY59ABNt1nNnfFZjG4akE4hcKaMyx5ar9Uds2Op687uecLGWb0n6W+voSDKzMS8",
    "privateKey": "A7sP+3n8KCPgXw7VjziPHZHyDL3eavr6iRn1ampyONlfruTOz3Osp9trK8XlIiy6VnN9Rgd5OboGgVMP8FaKvKggCD7A59Lp4M3LaA9XQi8P+SppMxTmapwjfKVJMacSA0fQnqLZ2m/MP3/YcnyG1TH+RFyEM4O/fE7kxB1/fF+IcOWcaR8d6M4LpaOylCi4DqY59ABNt1nNnfFZjG4akE4hcKaMyx5ar9Uds2Op687uecLGWb0n6W+voSDKzMS8",

    // Random bytes base-64 encoded for ID
    "agent": "285gWsTqj3Gza+3AxJn1qrWzAvf/Lf5i"
}

Then you have to create a JSON file containing clients info. In this example we have two apps named frontEnd and sessions:

// authClients.json
{
    "frontEnd": {
        // Client IP
        "ip": "127.0.0.1",

        // The Agent ID of the App
        "agent": "TvjXC2wCNbDS/+sURWP1Oi1lsTKW3ZqT",

        // Supersphincs public key of the client base-64 encoded
        "publicKey": "VvYTfCAhiEDW3abLLhO2ane27HMivnNSLjfKxd4jnOiGCOW0UEXjjacgoZrn/BPvNv+bmerLr0HB+71X2+Eh5NXH2JO6kAoM+SCQblUk3gDyqRbVbYkg/RSCl/6oe0wY"
    },
    "sessions": [
        {
            // Client IP
            "ip": "192.168.0.3",

            // The Agent ID of the App
            "agent": "vwoA1JzkT6d7SXjIBoZ2egYlSn6Ajzge",

            // Supersphincs public key of the client base-64 encoded
            "publicKey": "rPyoqSZrNNUVpjKdhGLDD4sjXd8lgIgnRBY2NP5n8PDDLSvoLoD5n4GjaxbAfSDjagBjN8zztUQTNG1EKO9IgpgTLkfkTkhWqdgkC/K3EQLh6AMCZ8snlnles2QrbHAy"
        },
        {
            "ip": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
            "agent": "z1Wprk1s6BCuP0hYz1b9pWTcV26IF9xG",
            "publicKey": "Zs8jcZlLAAPN/UxmErQ+XfYJ9R2GpL7YIv25lMGTwu3/jjmOzdITcWb2YZTntxWBJBJXzNOcXNWpRJRKAUi4/imJtj88jH03EcW7tq0FiVTeZTSxRBWiGAinouFrtVzf"
        }
    ]
}

Then you can require the module and load it in your express app:

const express = require( 'express' );
const app = express();
require( 'microtunnel-server' )( app,
    {
        appCredFile: 'appCred.json',
        authClientsFile: 'authClients.json'
    }
);

// This is a standard express GET route
app.get( '/page/:id', ( req, res ) => {
    const pageId = req.params.id;
    res.json( `Received pageId: ${pageId} via public route` );
} );

// This is an authenticated express GET route for every client in authClients.json
app.authGet( true, '/page/:id', ( req, res ) => {
    const pageId = req.params.id;
    res.json( `Received pageId: ${pageId} via autheticated route from ${req.tunnelClt.name}` );
} );

// This is an authenticated express POST route limited to 'frontEnd' client in authClients.json
app.authPost( 'frontEnd', '/another-route', ( req, res ) => {
    const data = req.body;
    res.json( { receivedData: data } );
} )

app.listen( 3000, '0.0.0.0' );

Configuration

require( 'microtunnel-server' )( app, options )

Paramaters

  • app Required - An Express app/router instance
  • options Optional - An object containing custom configuration:
    • api Optional - Root path for microtunnel (note: must be the same for clients) - Default '/microtunnel'
    • resetMinutes Optional - Max duration for any session in minutes - Default 15
    • appCredFile Optional - Relative path of the credentials file - Default: enviroment var APP_CRED
    • authClientsFile Optional - Relative path of the autherized clients file - Default: enviroment var AUTH_CLTS

Methods

app.authGet

app.authGet( clientName: String | Array | true, route: String, callback: Function [, ...callback: Function] )

Parameters

  • clientName Required - To grant access to route only for authorized clients you can set it as a string containing client name or as an array of these. Otherwise you can authorize every clients setting it to true
  • route Required - The path for which the middleware function is invoked in Express-style
  • callback Required - Callback functions that accept req, res and next

app.authPost

app.authPost( clientName: String | Array | true, route: String, callback: Function [, ...callback: Function] )

Parameters

  • clientName Required - To grant access to route only for authorized clients you can set it as a string containing client name or as an array of these. Otherwise you can authorize every clients setting it to true
  • route Required - The path for which the middleware function is invoked in Express-style
  • callback Required - Callback functions that accept req, res and next

Note

  • Request body will always be decrypted for POST method
  • You can call req.tunnelClt to show current client properties
  • Both res.send and res.json will decrypt data sent to clients but microtunnel-client auto-parses from JSON so use res.json
  • Since every communication is encrypted you can call res.json once for each request
  • app.use will not affect microtunnel routes
  • The POST routes /microtunnel/auth1 and /microtunnel/auth2 are reserved (these will change if you changed default root microtunnel path)