@@ -12,6 +12,9 @@ The following parameters can be set in config files or in env variables:
1212
1313- LOG_LEVEL: the log level
1414- PORT: the server port
15+ - AUTH_SECRET: TC auth secret
16+ - VALID_ISSUERS: TC auth valid issuers
17+ - ROLES: the roles allowed to access the app
1518- KAFKA_OPTIONS: Kafka consumer options, see https://www.npmjs.com/package/no-kafka for available options
1619- MAX_MESSAGE_COUNT: max message count to cache per topic
1720
@@ -55,7 +58,7 @@ For front end config, see ui/README.md.
5558## Front end UI setup
5659
5760- the front end UI's build folder content are exposed as public content by the app, so you may directly access it
58- via http://localhost:4000
61+ via http://localhost:3000
5962- or if you want to use it for development, then you may go to ui folder:
6063 run ` npm install ` , ` npm start ` , then access ` http://localhost:3000 `
6164- note that if the front end UI's config is changed, it must be re-built using ` npm run build ` in the ui folder
@@ -66,7 +69,7 @@ For front end config, see ui/README.md.
6669- install dependencies ` npm i `
6770- run code lint check ` npm run lint `
6871- run test ` npm run test `
69- - start app ` npm start ` , the app is running at ` http://localhost:4000 `
72+ - start app ` npm start ` , the app is running at ` http://localhost:3000 `
7073
7174## Heroku Deployment
7275
@@ -83,7 +86,12 @@ For front end config, see ui/README.md.
8386## Verification
8487
8588- setup stuff following above deployment
86- - in the UI, select a topic to view topic data stream
89+ - login ` https://accounts.topcoder-dev.com/member?retUrl=http:%2F%2Flocalhost:3000 ` with normal user credential ` 12321 / topcoder123 `
90+ - then browse ` http://localhost:3000 ` , you will see ` You do not have access to use this application. `
91+ - login in above page again with copilot and admin user credential ` mess / appirio123 `
92+ - then browse ` http://localhost:3000 ` , you need to manually browse it, the auto redirect doesn't work for this localhost URL,
93+ then you can access the app now
94+ - in the UI, select a topic to view topic data stream, note that you must click the 'View' button
8795- use the kafka-console-producer to generate some messages as above,
8896 then watch the UI, it should get some messages
8997- filter the messages and see results
@@ -93,12 +101,20 @@ For front end config, see ui/README.md.
93101
94102## Notes
95103
96- - To keep the web socket connection alive, the following approaches are used:
97- (a) the server will handle both ` error ` and ` close ` events to terminate the web socket connection,
98- so that client side will re-start a new connection
99- (b) client side will handle onerror and onclose to re-start a new connection to server
100- - The get/view topic, send message operations will show loading indicator,
101- but they are too fast because local back end is used, and especially for get/view topic operations web socket is used,
102- you may hardly see the indicator
103-
104+ - after installing libraries, update ` node_modules/tc-core-library-js/lib/auth/verifier.js ` , at line #23 , add code:
105+ ` return decodedToken && decodedToken.payload ? callback(null, decodedToken.payload) : callback(new Error('invalid token')); ` ,
106+ so that we will ignore the JWT verification, and directly use the decoded payload;
107+ this is because we don't know the JWT auth secret to verify the TC auth token.
108+ In production, if we properly configure AUTH_SECRET and VALID_ISSUERS, then we don't need this code change.
109+
110+ - I tried to fix some vulnerabilities issues, but not all are fixed, because many are due to ui's old libraries,
111+ and upgrading them will incur much code changes, so I don't fix them to avoid code change risks
112+
113+ - API security is handled at ` src/app.js `
114+
115+ - web socket security is handled at ` src/dataStreamWS.js ` , see ` authorized ` related handling
116+
117+ - tests are improved at ` test/datastream.test.js `
118+
119+ - front end is updated to send token to back end API and web socket
104120
0 commit comments