54 lines
1.4 KiB
TypeScript
54 lines
1.4 KiB
TypeScript
import { createHash, createHmac } from "node:crypto";
|
|
|
|
let machineIdSync: (original?: boolean) => string;
|
|
try {
|
|
// Use require() to bypass webpack static analysis that breaks the default export
|
|
const mod = require("node-machine-id");
|
|
machineIdSync = mod.machineIdSync || mod.default?.machineIdSync;
|
|
} catch {
|
|
machineIdSync = () => "";
|
|
}
|
|
|
|
const BUILTIN_DEFAULT_SALT = "omniroute-cli-auth-v1";
|
|
|
|
function getActiveSalt(): string {
|
|
return process.env.OMNIROUTE_CLI_SALT || BUILTIN_DEFAULT_SALT;
|
|
}
|
|
|
|
function deriveToken(rawId: string, salt: string): string {
|
|
return createHmac("sha256", rawId).update(salt).digest("hex");
|
|
}
|
|
|
|
let cached: string | null = null;
|
|
let cachedSalt: string | null = null;
|
|
|
|
export function getMachineTokenSync(salt?: string): string {
|
|
const activeSalt = salt ?? getActiveSalt();
|
|
try {
|
|
// machineIdSync(true) returns the original unhashed hardware ID.
|
|
const rawId = machineIdSync(true);
|
|
if (activeSalt === cachedSalt && cached !== null) return cached;
|
|
const token = deriveToken(rawId, activeSalt);
|
|
if (!salt) {
|
|
cached = token;
|
|
cachedSalt = activeSalt;
|
|
}
|
|
return token;
|
|
} catch {
|
|
return "";
|
|
}
|
|
}
|
|
|
|
export function getLegacyCliTokenSync(salt?: string): string {
|
|
const activeSalt = salt ?? getActiveSalt();
|
|
try {
|
|
const machineId = machineIdSync();
|
|
return createHash("sha256")
|
|
.update(machineId + activeSalt)
|
|
.digest("hex")
|
|
.substring(0, 32);
|
|
} catch {
|
|
return "";
|
|
}
|
|
}
|