From d8cb491402e88a132959f7adeb18c1d68336895a Mon Sep 17 00:00:00 2001
From: Alex Kern <alex@kern.io>
Date: Fri, 1 May 2015 04:06:34 -0700
Subject: [PATCH] Use XKCD-style passphrases.

---
 css/index.styl              |  1 +
 index.js                    |  2 ++
 lib/components/Tempalink.js |  2 +-
 lib/db.js                   | 48 ++++++++++++++++---------------------
 lib/middleware/bootstrap.js |  4 ++--
 lib/routes.js               |  2 +-
 lib/server.js               | 10 +++++---
 package.json                |  7 +++---
 8 files changed, 39 insertions(+), 37 deletions(-)
 create mode 100644 index.js

diff --git a/css/index.styl b/css/index.styl
index 98f97ec..64535b8 100644
--- a/css/index.styl
+++ b/css/index.styl
@@ -164,6 +164,7 @@ p {
     height: 60px
     overflow: hidden
     background: green
+    transition: all 1s ease
 
     .progress-bar-inner {
         float: left
diff --git a/index.js b/index.js
new file mode 100644
index 0000000..d4eae3a
--- /dev/null
+++ b/index.js
@@ -0,0 +1,2 @@
+require('babel/register')
+module.exports = require('./lib/server')
diff --git a/lib/components/Tempalink.js b/lib/components/Tempalink.js
index 0836ebe..8cebd4c 100644
--- a/lib/components/Tempalink.js
+++ b/lib/components/Tempalink.js
@@ -7,7 +7,7 @@ export default class Tempalink extends React.Component {
   }
 
   render() {
-    var url = window.location.origin + '/d/' + this.props.token
+    var url = window.location.origin + '/' + this.props.token
     return <input
       className="tempalink"
       onClick={this.onClick.bind(this)}
diff --git a/lib/db.js b/lib/db.js
index d5e695c..3d29b1c 100644
--- a/lib/db.js
+++ b/lib/db.js
@@ -1,45 +1,39 @@
 import bases from 'bases'
 import crypto from 'crypto'
+import xkcdPassword from 'xkcd-password'
 
-var tokenLength = 8
-var tokens = {}
-
-exports.create = function (socket) {
-
-  var maxNum = Math.pow(62, tokenLength)
-  var numBytes = Math.ceil(Math.log(maxNum) / Math.log(256))
+const TOKEN_OPTIONS = {
+  numWords: 4,
+  minLength: 4,
+  maxLength: 8
+}
 
-  var token = ''
-  do {
-    do {
-      var bytes = crypto.randomBytes(numBytes)
-      var num = 0
-      for (var i = 0; i < bytes.length; i++) {
-        num += Math.pow(256, i) * bytes[i]
-      }
-    } while (num >= maxNum)
+var tokenGenerator = new xkcdPassword()
+var tokens = {}
 
-    token = bases.toBase62(num)
-  } while (token in tokens)
+export function create(socket) {
 
-  const result = {
-    token: token,
-    socket: socket
-  }
+  return tokenGenerator.generate(TOKEN_OPTIONS).then((parts) => {
+    const token = parts.join('-')
+    let result = {
+      token: token,
+      socket: socket
+    }
 
-  tokens[token] = result
-  return result
+    tokens[token] = result
+    return result
+  })
 
 }
 
-exports.exists = function (token) {
+export function exists(token) {
   return token in tokens
 }
 
-exports.find = function (token) {
+export function find(token) {
   return tokens[token]
 }
  
-exports.remove = function (client) {
+export function remove(client) {
   delete tokens[client.token]
 }
diff --git a/lib/middleware/bootstrap.js b/lib/middleware/bootstrap.js
index f10d888..505b629 100644
--- a/lib/middleware/bootstrap.js
+++ b/lib/middleware/bootstrap.js
@@ -3,9 +3,9 @@ var express = require('express')
 
 var routes = module.exports = new express.Router()
 
-routes.get('/d/:token', function (req, res, next) {
+routes.get(/^\/([a-z]+-[a-z]+-[a-z]+-[a-z]+)$/, function (req, res, next) {
 
-  var uploader = db.find(req.params.token)
+  var uploader = db.find(req.params[0])
   if (uploader) {
     res.locals.data = {
       DownloadStore: {
diff --git a/lib/routes.js b/lib/routes.js
index e3b6979..c5a1aa0 100644
--- a/lib/routes.js
+++ b/lib/routes.js
@@ -9,7 +9,7 @@ import ErrorPage from './components/ErrorPage'
 export default (
   <Route handler={App}>
     <DefaultRoute handler={UploadPage} />
-    <Route name="download" path="d/:token" handler={DownloadPage} />
+    <Route name="download" path="/:a-:b-:c-:d" handler={DownloadPage} />
     <Route name="error" path="error" handler={ErrorPage} />
     <NotFoundRoute handler={ErrorPage} />
   </Route>
diff --git a/lib/server.js b/lib/server.js
index 3af60cb..a4d47ad 100644
--- a/lib/server.js
+++ b/lib/server.js
@@ -34,9 +34,13 @@ io.on('connection', function (socket) {
   var upload = null
 
   socket.on('upload', function (metadata, res) {
-    if (!upload) upload = db.create(socket)
-    upload.metadata = metadata
-    res(upload.token)
+    if (upload) return
+    upload = true
+    db.create(socket).then((u) => {
+      upload = u
+      upload.metadata = metadata
+      res(upload.token)
+    })
   })
 
   socket.on('download', function (data) {
diff --git a/package.json b/package.json
index 8e1dead..41480e0 100644
--- a/package.json
+++ b/package.json
@@ -2,9 +2,9 @@
   "name": "filepizza",
   "version": "0.0.0",
   "description": "Peer-to-peer file transfers in your browser",
-  "main": "lib/server.js",
+  "main": "index.js",
   "scripts": {
-    "start": "./node_modules/.bin/babel-node lib/server.js"
+    "start": "node index.js"
   },
   "repository": {
     "type": "git",
@@ -35,7 +35,8 @@
     "react-router": "^0.13.1",
     "socket.io": "^1.3.5",
     "stylus": "^0.50.0",
-    "webrtcsupport": "^2.1.2"
+    "webrtcsupport": "^2.1.2",
+    "xkcd-password": "^1.2.0"
   },
   "engines": {
     "node": "0.10.x"