如何在 Hyperledger fabric 中通过快速 REST API 注册客户端
How can I register a Client through an express REST API in Hyperledger fabric
我想通过 REST API 注册应用程序的用户。我已经通过 enrollAdmin.js and registerUser.js 函数注册了管理员和用户,但我想通过节点 SDK 调用这些函数并使用用户名 (UUID) 动态 注册用户,以便它是完全匿名的。
作为用户名,我想创建一个唯一的 UUID 并将其保存在世界状态中,同时将该 UUID 与密码和姓名等个人信息一起保存在链下数据库中,以便我可以将个人信息与 UUID 相关联。
没错,我对注册新用户必须执行的所有不同步骤感到困惑:
我必须以什么顺序注册和注册用户,他们应该全部在 express API 还是在链代码中定义?
这是我创建 REST 的第一种方法Api,到目前为止我只定义了布局、连接配置文件和钱包。
如果有人可以帮助我在快速 REST API 中实施注册过程,以便 UUID 的身份保存在世界状态中,我将不胜感激。
提前致谢。
- server.js
'use strict';
var express = require('express');
var bodyParser = require('body-parser');
var app = express();
// Setting for Hyperledger Fabric
const { Wallets, FileSystemWallet, Gateway } = require('fabric-network');
const path = require('path');
const fs = require('fs');
const channelName = 'mychannel';
const mspOrg1 = 'Org1MSP';
const walletPath = path.join(__dirname, '..', 'wallet');
const ccpPath = path.resolve(__dirname, '..', 'connection-org1.json');
//register
app.post('/api/register', async function (req, res) {
try{
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
} catch (error) {
}
});
//login
app.post('/api/login', async function (req, res) {
try{
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
} catch (error) {
}
});
app.listen(3000, ()=>{
console.log("***********************************");
console.log("API server listening at localhost:3000");
console.log("***********************************");
});
你想要的过程很简单。中间以链下数据库作为映射table。我只写了核心流程逻辑。
/api/v1/register
验证检查
验证用户id唯一,必填信息值是否缺失,正则表达式是否正确,无错误信息。
生成随机 UUID
首先创建一个随机的、唯一的 uuid。 npm/uuid
const UUID = uuid.v4();
- register/enroll 用户到 fabric-ca
作为结构的用户执行注册过程。进入这个过程的信息是UUID,用户的信息不会存储在区块链中。
fabricUser是新创建的class,returns通过Enroll方法执行fabric用户注册和注册过程后的结果。
enrollment = await fabricUser.Enroll(UUID);
await wallet.put(enrollment);
- 插入数据库
在数据库中保存用户信息的同时,通过存储上面创建的UUID来映射它。
创建数据库作为示例,假设 mongodb.
db.collection('User').insertOne({
'uuid': UUID,
'user_id': <input_user_id>,
...
});
/api/v1/login
登录流程如下。
我不知道你想用什么authentication/authentication方法,所以我假设一个基于auth 2.0的token认证方法。
验证登录所需信息的有效性,是否有错误信息。
获取UUID
generateAuthToken 是一个生成 JWT.
的新函数
let res = await db.collection("User").findOne({'user_id': `<input_user_id>` });
return generateAuthToken(res.uuid);
/api/v1/invoke
Fabric资源请求流程如下
令牌验证和资源授权检查
从token
得到userName
getPayload 是一个函数,它从令牌中获取位于第一个索引处的有效负载值。
const rawPayload = getPayload(token);
const jsonPayload = JSON.parse(rawPayload);
return jsonPayload
- 获取钱包并调用链码
fabricChaincode是一个封装了fabric-sdk调用过程的函数。它是一个通过输入身份、链码信息和参数来执行调用的函数,returns一个结果。
const user = await db.collection("User").findOne({'user_id': jsonPayload.user_id });
const fabricIdentity = await wallet.get(user.uuid);
const res = fabricChaincode.invoke(fabricIdentity, `<your_chaincode_info>`, `<input_chaincode_params>`)
return res;
[编辑]
添加它以供您理解。
fabricUser.js
/*
* Copyright IBM Corp. All Rights Reserved.
*
* SPDX-License-Identifier: Apache-2.0
*/
'use strict';
const { Wallets } = require('fabric-network');
const FabricCAServices = require('fabric-ca-client');
const fs = require('fs');
const path = require('path');
async function Enroll(user_id) {
try {
// load the network configuration
const ccpPath = path.resolve(__dirname, '..', '..', 'test-network', 'organizations', 'peerOrganizations', 'org1.example.com', 'connection-org1.json');
const ccp = JSON.parse(fs.readFileSync(ccpPath, 'utf8'));
// Create a new CA client for interacting with the CA.
const caURL = ccp.certificateAuthorities['ca.org1.example.com'].url;
const ca = new FabricCAServices(caURL);
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = await Wallets.newFileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userIdentity = await wallet.get(user_id);
if (userIdentity) {
console.log(`An identity for the user ${user_id} already exists in the wallet`);
return;
}
// Check to see if we've already enrolled the admin user.
const adminIdentity = await wallet.get('admin');
if (!adminIdentity) {
console.log('An identity for the admin user "admin" does not exist in the wallet');
console.log('Run the enrollAdmin.js application before retrying');
return;
}
// build a user object for authenticating with the CA
const provider = wallet.getProviderRegistry().getProvider(adminIdentity.type);
const adminUser = await provider.getUserContext(adminIdentity, 'admin');
// Register the user, enroll the user, and import the new identity into the wallet.
const secret = await ca.register({
affiliation: 'org1.department1',
enrollmentID: user_id,
role: 'client'
}, adminUser);
const enrollment = await ca.enroll({
enrollmentID: user_id,
enrollmentSecret: secret
});
const x509Identity = {
credentials: {
certificate: enrollment.certificate,
privateKey: enrollment.key.toBytes(),
},
mspId: 'Org1MSP',
type: 'X.509',
};
await wallet.put(user_id, x509Identity);
console.log(`Successfully registered and enrolled admin user ${user_id} and imported it into the wallet`);
} catch (error) {
console.error(`Failed to register user ${user_id}: ${error}`);
process.exit(1);
}
}
module.exports = {
Enroll
}
api.js
const uuid = require('uuid');
const fabricUser = require('./fabricUser);
const UUID = uuid.v4();
let res = await fabricUser.Enroll(UUID);
console.log(res);
我想通过 REST API 注册应用程序的用户。我已经通过 enrollAdmin.js and registerUser.js 函数注册了管理员和用户,但我想通过节点 SDK 调用这些函数并使用用户名 (UUID) 动态 注册用户,以便它是完全匿名的。
作为用户名,我想创建一个唯一的 UUID 并将其保存在世界状态中,同时将该 UUID 与密码和姓名等个人信息一起保存在链下数据库中,以便我可以将个人信息与 UUID 相关联。
没错,我对注册新用户必须执行的所有不同步骤感到困惑:
我必须以什么顺序注册和注册用户,他们应该全部在 express API 还是在链代码中定义?
这是我创建 REST 的第一种方法Api,到目前为止我只定义了布局、连接配置文件和钱包。
如果有人可以帮助我在快速 REST API 中实施注册过程,以便 UUID 的身份保存在世界状态中,我将不胜感激。
提前致谢。
- server.js
'use strict';
var express = require('express');
var bodyParser = require('body-parser');
var app = express();
// Setting for Hyperledger Fabric
const { Wallets, FileSystemWallet, Gateway } = require('fabric-network');
const path = require('path');
const fs = require('fs');
const channelName = 'mychannel';
const mspOrg1 = 'Org1MSP';
const walletPath = path.join(__dirname, '..', 'wallet');
const ccpPath = path.resolve(__dirname, '..', 'connection-org1.json');
//register
app.post('/api/register', async function (req, res) {
try{
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
} catch (error) {
}
});
//login
app.post('/api/login', async function (req, res) {
try{
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
} catch (error) {
}
});
app.listen(3000, ()=>{
console.log("***********************************");
console.log("API server listening at localhost:3000");
console.log("***********************************");
});
你想要的过程很简单。中间以链下数据库作为映射table。我只写了核心流程逻辑。
/api/v1/register
验证检查
验证用户id唯一,必填信息值是否缺失,正则表达式是否正确,无错误信息。生成随机 UUID
首先创建一个随机的、唯一的 uuid。npm/uuid
const UUID = uuid.v4();
- register/enroll 用户到 fabric-ca
作为结构的用户执行注册过程。进入这个过程的信息是UUID,用户的信息不会存储在区块链中。
fabricUser是新创建的class,returns通过Enroll方法执行fabric用户注册和注册过程后的结果。
enrollment = await fabricUser.Enroll(UUID);
await wallet.put(enrollment);
- 插入数据库
在数据库中保存用户信息的同时,通过存储上面创建的UUID来映射它。 创建数据库作为示例,假设mongodb.
db.collection('User').insertOne({
'uuid': UUID,
'user_id': <input_user_id>,
...
});
/api/v1/login
登录流程如下。 我不知道你想用什么authentication/authentication方法,所以我假设一个基于auth 2.0的token认证方法。
验证登录所需信息的有效性,是否有错误信息。
获取UUID
的新函数
generateAuthToken是一个生成JWT.
let res = await db.collection("User").findOne({'user_id': `<input_user_id>` });
return generateAuthToken(res.uuid);
/api/v1/invoke
Fabric资源请求流程如下
令牌验证和资源授权检查
从
token
得到userNamegetPayload是一个函数,它从令牌中获取位于第一个索引处的有效负载值。
const rawPayload = getPayload(token);
const jsonPayload = JSON.parse(rawPayload);
return jsonPayload
- 获取钱包并调用链码
fabricChaincode是一个封装了fabric-sdk调用过程的函数。它是一个通过输入身份、链码信息和参数来执行调用的函数,returns一个结果。
const user = await db.collection("User").findOne({'user_id': jsonPayload.user_id });
const fabricIdentity = await wallet.get(user.uuid);
const res = fabricChaincode.invoke(fabricIdentity, `<your_chaincode_info>`, `<input_chaincode_params>`)
return res;
[编辑]
添加它以供您理解。
fabricUser.js
/*
* Copyright IBM Corp. All Rights Reserved.
*
* SPDX-License-Identifier: Apache-2.0
*/
'use strict';
const { Wallets } = require('fabric-network');
const FabricCAServices = require('fabric-ca-client');
const fs = require('fs');
const path = require('path');
async function Enroll(user_id) {
try {
// load the network configuration
const ccpPath = path.resolve(__dirname, '..', '..', 'test-network', 'organizations', 'peerOrganizations', 'org1.example.com', 'connection-org1.json');
const ccp = JSON.parse(fs.readFileSync(ccpPath, 'utf8'));
// Create a new CA client for interacting with the CA.
const caURL = ccp.certificateAuthorities['ca.org1.example.com'].url;
const ca = new FabricCAServices(caURL);
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = await Wallets.newFileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userIdentity = await wallet.get(user_id);
if (userIdentity) {
console.log(`An identity for the user ${user_id} already exists in the wallet`);
return;
}
// Check to see if we've already enrolled the admin user.
const adminIdentity = await wallet.get('admin');
if (!adminIdentity) {
console.log('An identity for the admin user "admin" does not exist in the wallet');
console.log('Run the enrollAdmin.js application before retrying');
return;
}
// build a user object for authenticating with the CA
const provider = wallet.getProviderRegistry().getProvider(adminIdentity.type);
const adminUser = await provider.getUserContext(adminIdentity, 'admin');
// Register the user, enroll the user, and import the new identity into the wallet.
const secret = await ca.register({
affiliation: 'org1.department1',
enrollmentID: user_id,
role: 'client'
}, adminUser);
const enrollment = await ca.enroll({
enrollmentID: user_id,
enrollmentSecret: secret
});
const x509Identity = {
credentials: {
certificate: enrollment.certificate,
privateKey: enrollment.key.toBytes(),
},
mspId: 'Org1MSP',
type: 'X.509',
};
await wallet.put(user_id, x509Identity);
console.log(`Successfully registered and enrolled admin user ${user_id} and imported it into the wallet`);
} catch (error) {
console.error(`Failed to register user ${user_id}: ${error}`);
process.exit(1);
}
}
module.exports = {
Enroll
}
api.js
const uuid = require('uuid');
const fabricUser = require('./fabricUser);
const UUID = uuid.v4();
let res = await fabricUser.Enroll(UUID);
console.log(res);