From cf5a22b4706dbe0f0b7590a8a5514c62c85682bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cla=CC=81udio=20Sa=CC=81=20de=20Castro?=
 <claudio@hiades.com.br>
Date: Sun, 24 Sep 2017 12:03:38 -0300
Subject: [PATCH 1/2] Allow for specification of host (network card) on which
 the server should listen.

---
 config/properties_QA.conf          | 1 +
 config/properties_development.conf | 1 +
 config/properties_production.conf  | 1 +
 startup.js                         | 2 +-
 4 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/config/properties_QA.conf b/config/properties_QA.conf
index 84c1472..9a64428 100644
--- a/config/properties_QA.conf
+++ b/config/properties_QA.conf
@@ -1,5 +1,6 @@
 #The most basic HTTP server settings, must at least contain the port value
 [server]
+hostname=localhost
 https_port=8181
 http_port=8180
 #cookies_secret=
diff --git a/config/properties_development.conf b/config/properties_development.conf
index c0be2eb..f8df5da 100644
--- a/config/properties_development.conf
+++ b/config/properties_development.conf
@@ -1,5 +1,6 @@
 #The most basic HTTP server settings, must at least contain the port value
 [server]
+hostname=localhost
 https_port=8181
 http_port=8180
 #cookies_secret=
diff --git a/config/properties_production.conf b/config/properties_production.conf
index c2a081e..a5987c5 100644
--- a/config/properties_production.conf
+++ b/config/properties_production.conf
@@ -1,5 +1,6 @@
 #The most basic HTTP server settings, must at least contain the port value
 [server]
+hostname=localhost
 https_port=8181
 http_port=8180
 #cookies_secret=
diff --git a/startup.js b/startup.js
index 9d22c24..313587a 100644
--- a/startup.js
+++ b/startup.js
@@ -53,7 +53,7 @@ folders.forEach(function (dir) {
   }
 })
 
-server.http_server.listen(server.port, function (err) {
+server.http_server.listen(server.port, properties.server.hostname, function (err) {
   if (err) {
     logger.info('Critical Error so killing server - ' + err)
     casimir.running = false

From c3638c2766d724021a92582788682ead7dc1f962 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cla=CC=81udio=20Sa=CC=81=20de=20Castro?=
 <claudio@hiades.com.br>
Date: Thu, 28 Sep 2017 08:42:49 -0300
Subject: [PATCH 2/2] New additions to configuration file:  - A new entry used
 to specify the user that is allowed to access the non-public API requests;  -
 New entries used to specify both the Biitorrent and the DHT ports.

---
 bin/casimir.js                     | 6 +++---
 config/properties_QA.conf          | 4 ++++
 config/properties_development.conf | 4 ++++
 config/properties_production.conf  | 4 ++++
 startup.js                         | 4 ++--
 5 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/bin/casimir.js b/bin/casimir.js
index c109764..243bc8b 100644
--- a/bin/casimir.js
+++ b/bin/casimir.js
@@ -32,13 +32,13 @@ var Storage = require(path.join(__dirname, '/../app/modules/storage.js'))
 var storage = new Storage(properties)
 
 var verifyCallback = function (jwtToken, req, res, next) {
-  if (!properties.JWT.jwtTokenSecret) {
+  if (!properties.JWT.user || !properties.JWT.jwtTokenSecret) {
     return next()
   }
   try {
     var decoded = jwt.decode(jwtToken, properties.JWT.jwtTokenSecret)
     var expiration = Date.parse(decoded.exp)
-    if (expiration > Date.now()) {
+    if (expiration > Date.now() && properties.JWT.user === decoded.iss) {
       req.user = decoded.iss
     }
   } catch (e) {
@@ -48,7 +48,7 @@ var verifyCallback = function (jwtToken, req, res, next) {
 }
 
 var accessCallback = function (req, res, next) {
-  if (!properties.JWT.jwtTokenSecret) {
+  if (!properties.JWT.user || !properties.JWT.jwtTokenSecret) {
     return next() // if no JWT secret is provided, consider this a public end-point
   }
   next(['Unauthorized', 401])
diff --git a/config/properties_QA.conf b/config/properties_QA.conf
index 9a64428..e8ec531 100644
--- a/config/properties_QA.conf
+++ b/config/properties_QA.conf
@@ -22,6 +22,7 @@ type=QA
 
 #JWT runs the authentication for the private API. Decomment the next lines to use it
 [JWT]
+#user=
 #jwtTokenSecret=
 
 [AWS]
@@ -30,6 +31,9 @@ type=QA
 #S3bucket=
 
 [torrent]
+torrentPort=13231
+dhtPort=20000
+#seed=false
 seedBulkSize=20
 seedBulkIntervalInMs=60000
 
diff --git a/config/properties_development.conf b/config/properties_development.conf
index f8df5da..d19e1d1 100644
--- a/config/properties_development.conf
+++ b/config/properties_development.conf
@@ -22,6 +22,7 @@ type=development
 
 #JWT runs the authentication for the private API. Decomment the next lines to use it
 [JWT]
+#user=
 #jwtTokenSecret=
 
 [AWS]
@@ -30,6 +31,9 @@ type=development
 #S3bucket=
 
 [torrent]
+torrentPort=13231
+dhtPort=20000
+#seed=false
 #fromTorrentHash=
 seedBulkSize=20
 seedBulkIntervalInMs=60000
diff --git a/config/properties_production.conf b/config/properties_production.conf
index a5987c5..e01f8a8 100644
--- a/config/properties_production.conf
+++ b/config/properties_production.conf
@@ -22,6 +22,7 @@ type=production
 
 #JWT runs the authentication for the private API. Decomment the next lines to use it
 [JWT]
+#user=
 #jwtTokenSecret=
 
 [AWS]
@@ -30,6 +31,9 @@ type=production
 #S3bucket=
 
 [torrent]
+torrentPort=13231
+dhtPort=20000
+#seed=false
 seedBulkSize=100
 seedBulkIntervalInMs=60000
 
diff --git a/startup.js b/startup.js
index 313587a..2acbe40 100644
--- a/startup.js
+++ b/startup.js
@@ -8,8 +8,8 @@ var fs = require('graceful-fs')
 
 var torrentProperties = {
   client: {
-    // torrentPort: 13231,
-    // dhtPort: 20000,
+    torrentPort: properties.torrent.torrentPort,
+    dhtPort: properties.torrent.dhtPort,
   // Enable DHT (default=true), or options object for DHT
     dht: true,
   // Max number of peers to connect to per torrent (default=100)