docs: add user guides for use grpc basic auth (#193)

* docs: add user guides for use grpc basic auth * fix: removed trashed docs * fix: move online tools for second way for generate * fix: linter errors * fix: linter errors * fix: linter errors * fix: remove description of htpasswd * fix: remove description of htpasswd on en and ar
pactus-project · Mar 16, 2024 · 88ee326 · 88ee326
1 parent 7cbe1b7
commit 88ee326
Show file tree

Hide file tree

Showing 9 changed files with 333 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,6 @@ npm-debug.log
 todo
 *.lock
 .vscode
+.idea
+package-lock.json
+.npmrc
diff --git a/website/_i18n/ar.yml b/website/_i18n/ar.yml
@@ -448,6 +448,7 @@ dict:
     reduce_network: How to reduce the network usage?
     run_pactus_metrics: How to run Pactus Metrics?
     grpc-sign-transactions: How to sign transaction using gRPC?
+    grpc-basic-auth: How to secure gRPC using basic authentication?
     wallet_seed_important: >
       <b>Wallet seed is important<b>
       <br><br>

diff --git a/website/_i18n/ar/user-guides/grpc-basic-auth/index.md b/website/_i18n/ar/user-guides/grpc-basic-auth/index.md
@@ -0,0 +1,106 @@
+---
+version: 1
+---
+
+## Preface
+
+The Pactus Blockchain offers a gRPC interface, enabling users to interact with both the blockchain
+and its native wallet. To enhance the security of gRPC APIs, we have implemented a Basic Authentication
+mechanism. This approach aims to provide a straightforward yet effective means for authenticating clients accessing the APIs.
+
+**Note:** This mechanism secures gRPC, gRPC gateway, and HTTP communications.
+
+## Generate Basic Auth
+
+To enable basic authentication, you need to generate basic authentication credentials using an online
+tool or a predefined utility.
+
+Example Format:
+
+```shell
+username: foo
+password: bar
+
+result: foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda
+```
+
+### Generate by using htpasswd tool
+
+1. Install the `htpasswd` tool from [Apache](https://httpd.apache.org/docs/2.4/programs/htpasswd.html).
+2. Use the `htpasswd` command-line tool to generate a bcrypt-hashed password. Here's the general syntax:
+
+```shell
+htpasswd -bnBC 10 <username> <password>
+```
+
+- `-b`: Use the command line to provide the password.
+- `-n`: Output the hashed password to the console rather than updating a file.
+- `-B`: Force the use of the bcrypt encryption algorithm.
+- `-C cost`: Set the cost factor for the bcrypt algorithm. Higher values result in slower hashing but are more secure.
+- `username`: The username for which you are generating the password.
+- `password`: The password you wish to hash.
+
+Example:
+
+```shell
+htpasswd -bnBC 10 user pass
+```
+
+This process results in a bcrypt-hashed password that can be used for basic authentication.
+
+### Generate With Online tool
+
+To generate basic authentication credentials, you can use the following form to create a hashed credential.
+
+<script src="https://cdnjs.cloudflare.com/ajax/libs/bcryptjs/2.4.3/bcrypt.min.js"
+integrity="sha512-DNI/FJdkfyeuPUal7lDkRVg0mFY2n4IZJJYqPbQWLL0COxLi6G6nmf5gr1vW1Bd4wYC09hOvZVsSclfXxUTU/w=="
+crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+<script>
+      function generateHtpasswd() {
+        var username = document.getElementById("username").value;
+        var password = document.getElementById("password").value;
+        var bcrypt = dcodeIO.bcrypt;
+        // Generate salt
+        var salt = bcrypt.genSaltSync(10);
+
+        // Hash the password
+        var hash = bcrypt.hashSync(password, salt);
+
+        // Output the htpasswd format
+        var htpasswd = username + ":" + hash;
+        document.getElementById("output").innerHTML =
+          "<pre>" + htpasswd + "</pre>";
+      }
+</script>
+
+<form id="passwdForm">
+  <label for="username">Username</label><br />
+  <input type="text" id="username" name="username" /><br />
+  <label for="password">Password</label><br />
+  <input type="password" id="password" name="password" /><br /><br />
+  <button type="button" onclick="generateHtpasswd()">
+    Generate
+  </button>
+<br>
+<br>
+<p id="output"></p>
+</form>
+
+## Enable Basic Auth in the Config
+
+1. Open the `config.toml` file in your Pactus directory.
+
+- Windows:`C:\Users\{user}\pactus`
+- Linux and Mac: `/home/{user}/pactus`
+
+2. Insert the generated user with the hashed password into the `basic_auth_credential` field in the config file.
+
+```toml
+[grpc]
+enable = true
+enable_wallet = false
+listen = "127.0.0.1:50051"
+basic_auth_credential = "foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda"
+```
+
+3. Restart or run the node to apply this configuration.
diff --git a/website/_i18n/en.yml b/website/_i18n/en.yml
@@ -449,6 +449,7 @@ dict:
     reduce_network: How to reduce the network usage?
     run_pactus_metrics: How to run Pactus Metrics?
     grpc-sign-transactions: How to sign transaction using gRPC?
+    grpc-basic-auth: How to secure gRPC using basic authentication?
     wallet_seed_important: >
       <b>Wallet seed is important</b>
       <br><br>

diff --git a/website/_i18n/en/user-guides/grpc-basic-auth/index.md b/website/_i18n/en/user-guides/grpc-basic-auth/index.md
@@ -0,0 +1,106 @@
+---
+version: 1
+---
+
+## Preface
+
+The Pactus Blockchain offers a gRPC interface, enabling users to interact with both the blockchain
+and its native wallet. To enhance the security of gRPC APIs, we have implemented a Basic Authentication
+mechanism. This approach aims to provide a straightforward yet effective means for authenticating clients accessing the APIs.
+
+**Note:** This mechanism secures gRPC, gRPC gateway, and HTTP communications.
+
+## Generate Basic Auth
+
+To enable basic authentication, you need to generate basic authentication credentials using an online
+tool or a predefined utility.
+
+Example Format:
+
+```shell
+username: foo
+password: bar
+
+result: foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda
+```
+
+### Generate by using htpasswd tool
+
+1. Install the `htpasswd` tool from [Apache](https://httpd.apache.org/docs/2.4/programs/htpasswd.html).
+2. Use the `htpasswd` command-line tool to generate a bcrypt-hashed password. Here's the general syntax:
+
+```shell
+htpasswd -bnBC 10 <username> <password>
+```
+
+- `-b`: Use the command line to provide the password.
+- `-n`: Output the hashed password to the console rather than updating a file.
+- `-B`: Force the use of the bcrypt encryption algorithm.
+- `-C cost`: Set the cost factor for the bcrypt algorithm. Higher values result in slower hashing but are more secure.
+- `username`: The username for which you are generating the password.
+- `password`: The password you wish to hash.
+
+Example:
+
+```shell
+htpasswd -bnBC 10 user pass
+```
+
+This process results in a bcrypt-hashed password that can be used for basic authentication.
+
+### Generate With Online tool
+
+To generate basic authentication credentials, you can use the following form to create a hashed credential.
+
+<script src="https://cdnjs.cloudflare.com/ajax/libs/bcryptjs/2.4.3/bcrypt.min.js"
+integrity="sha512-DNI/FJdkfyeuPUal7lDkRVg0mFY2n4IZJJYqPbQWLL0COxLi6G6nmf5gr1vW1Bd4wYC09hOvZVsSclfXxUTU/w=="
+crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+<script>
+      function generateHtpasswd() {
+        var username = document.getElementById("username").value;
+        var password = document.getElementById("password").value;
+        var bcrypt = dcodeIO.bcrypt;
+        // Generate salt
+        var salt = bcrypt.genSaltSync(10);
+
+        // Hash the password
+        var hash = bcrypt.hashSync(password, salt);
+
+        // Output the htpasswd format
+        var htpasswd = username + ":" + hash;
+        document.getElementById("output").innerHTML =
+          "<pre>" + htpasswd + "</pre>";
+      }
+</script>
+
+<form id="passwdForm">
+  <label for="username">Username</label><br />
+  <input type="text" id="username" name="username" /><br />
+  <label for="password">Password</label><br />
+  <input type="password" id="password" name="password" /><br /><br />
+  <button type="button" onclick="generateHtpasswd()">
+    Generate
+  </button>
+<br>
+<br>
+<p id="output"></p>
+</form>
+
+## Enable Basic Auth in the Config
+
+1. Open the `config.toml` file in your Pactus directory.
+
+- Windows:`C:\Users\{user}\pactus`
+- Linux and Mac: `/home/{user}/pactus`
+
+2. Insert the generated user with the hashed password into the `basic_auth_credential` field in the config file.
+
+```toml
+[grpc]
+enable = true
+enable_wallet = false
+listen = "127.0.0.1:50051"
+basic_auth_credential = "foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda"
+```
+
+3. Restart or run the node to apply this configuration.
diff --git a/website/_i18n/zh.yml b/website/_i18n/zh.yml
@@ -430,6 +430,7 @@ dict:
     reduce_network: How to reduce the network usage?
     run_pactus_metrics: How to run Pactus Metrics?
     grpc-sign-transactions: How to sign transaction using gRPC?
+    grpc-basic-auth: How to secure gRPC using basic authentication?
     wallet_seed_important: >
       <b>Wallet seed is important</b>
       <br><br>

diff --git a/website/_i18n/zh/user-guides/grpc-basic-auth/index.md b/website/_i18n/zh/user-guides/grpc-basic-auth/index.md
@@ -0,0 +1,106 @@
+---
+version: 1
+---
+
+## Preface
+
+The Pactus Blockchain offers a gRPC interface, enabling users to interact with both the blockchain
+and its native wallet. To enhance the security of gRPC APIs, we have implemented a Basic Authentication
+mechanism. This approach aims to provide a straightforward yet effective means for authenticating clients accessing the APIs.
+
+**Note:** This mechanism secures gRPC, gRPC gateway, and HTTP communications.
+
+## Generate Basic Auth
+
+To enable basic authentication, you need to generate basic authentication credentials using an online
+tool or a predefined utility.
+
+Example Format:
+
+```shell
+username: foo
+password: bar
+
+result: foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda
+```
+
+### Generate by using htpasswd tool
+
+1. Install the `htpasswd` tool from [Apache](https://httpd.apache.org/docs/2.4/programs/htpasswd.html).
+2. Use the `htpasswd` command-line tool to generate a bcrypt-hashed password. Here's the general syntax:
+
+```shell
+htpasswd -bnBC 10 <username> <password>
+```
+
+- `-b`: Use the command line to provide the password.
+- `-n`: Output the hashed password to the console rather than updating a file.
+- `-B`: Force the use of the bcrypt encryption algorithm.
+- `-C cost`: Set the cost factor for the bcrypt algorithm. Higher values result in slower hashing but are more secure.
+- `username`: The username for which you are generating the password.
+- `password`: The password you wish to hash.
+
+Example:
+
+```shell
+htpasswd -bnBC 10 user pass
+```
+
+This process results in a bcrypt-hashed password that can be used for basic authentication.
+
+### Generate With Online tool
+
+To generate basic authentication credentials, you can use the following form to create a hashed credential.
+
+<script src="https://cdnjs.cloudflare.com/ajax/libs/bcryptjs/2.4.3/bcrypt.min.js"
+integrity="sha512-DNI/FJdkfyeuPUal7lDkRVg0mFY2n4IZJJYqPbQWLL0COxLi6G6nmf5gr1vW1Bd4wYC09hOvZVsSclfXxUTU/w=="
+crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+<script>
+      function generateHtpasswd() {
+        var username = document.getElementById("username").value;
+        var password = document.getElementById("password").value;
+        var bcrypt = dcodeIO.bcrypt;
+        // Generate salt
+        var salt = bcrypt.genSaltSync(10);
+
+        // Hash the password
+        var hash = bcrypt.hashSync(password, salt);
+
+        // Output the htpasswd format
+        var htpasswd = username + ":" + hash;
+        document.getElementById("output").innerHTML =
+          "<pre>" + htpasswd + "</pre>";
+      }
+</script>
+
+<form id="passwdForm">
+  <label for="username">Username</label><br />
+  <input type="text" id="username" name="username" /><br />
+  <label for="password">Password</label><br />
+  <input type="password" id="password" name="password" /><br /><br />
+  <button type="button" onclick="generateHtpasswd()">
+    Generate
+  </button>
+<br>
+<br>
+<p id="output"></p>
+</form>
+
+## Enable Basic Auth in the Config
+
+1. Open the `config.toml` file in your Pactus directory.
+
+- Windows:`C:\Users\{user}\pactus`
+- Linux and Mac: `/home/{user}/pactus`
+
+2. Insert the generated user with the hashed password into the `basic_auth_credential` field in the config file.
+
+```toml
+[grpc]
+  enable = true
+  enable_wallet = false
+  listen = "127.0.0.1:50051"
+  basic_auth_credential = "foo:$2a$10$nl6VKEzSENIK5dmzoADgKeTFtCusQxeVCZiXkRzzbyfG.bLpHtrda"
+```
+
+3. Restart or run the node to apply this configuration.
diff --git a/website/user-guides/grpc-basic-auth/index.md b/website/user-guides/grpc-basic-auth/index.md
@@ -0,0 +1,8 @@
+---
+layout: guide
+title: dict.guide.grpc-basic-auth
+---
+
+# {% t dict.guide.grpc-basic-auth %}
+
+{% translate_with_version user-guides/grpc-basic-auth/index.md %}
diff --git a/website/user-guides/index.md b/website/user-guides/index.md
@@ -16,4 +16,5 @@ title: dict.guide.title
   <li><a href="{{ site.baseurl }}/user-guides/reduce-network">{% t dict.guide.reduce_network %}</a></li>
   <li><a href="{{ site.baseurl }}/user-guides/run-pactus-metrics">{% t dict.guide.run_pactus_metrics %}</a></li>
   <li><a href="{{ site.baseurl }}/user-guides/grpc-sign-transactions">{% t dict.guide.grpc-sign-transactions %}</a></li>
+  <li><a href="{{ site.baseurl }}/user-guides/grpc-basic-auth">{% t dict.guide.grpc-basic-auth %}</a></li>
 </ul>
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,3 +7,6 @@ npm-debug.log @@
     todo
     *.lock
     .vscode
+    .idea
+    package-lock.json
+    .npmrc