@access-dlsu/leapify 0.260507.4 → 0.260507.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/auth.d.ts.map +1 -1
- package/dist/auth/middleware.d.ts.map +1 -1
- package/dist/{chunk-LJ5BSSYE.js → chunk-5YYVBPAE.js} +20 -5
- package/dist/chunk-5YYVBPAE.js.map +1 -0
- package/dist/{chunk-BFMJDSDI.cjs → chunk-LVKPYSXI.cjs} +20 -5
- package/dist/chunk-LVKPYSXI.cjs.map +1 -0
- package/dist/{chunk-MCOLCTFX.js → chunk-OZ6HZKR5.js} +20 -5
- package/dist/chunk-OZ6HZKR5.js.map +1 -0
- package/dist/{chunk-MKWVLWVJ.cjs → chunk-S5DBMZVP.cjs} +20 -5
- package/dist/chunk-S5DBMZVP.cjs.map +1 -0
- package/dist/client/auth.d.ts +1 -13
- package/dist/client/auth.d.ts.map +1 -1
- package/dist/client/index.cjs.map +1 -1
- package/dist/client/index.js.map +1 -1
- package/dist/db/migrate.d.ts.map +1 -1
- package/dist/index.cjs +63 -31
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +41 -9
- package/dist/index.js.map +1 -1
- package/dist/lib/middleware/cors.d.ts.map +1 -1
- package/dist/lib/middleware/pow-challenge.cjs +6 -6
- package/dist/lib/middleware/pow-challenge.d.ts.map +1 -1
- package/dist/lib/middleware/pow-challenge.js +1 -1
- package/dist/worker.js +58 -11
- package/dist/worker.js.map +1 -1
- package/package.json +153 -153
- package/dist/chunk-BFMJDSDI.cjs.map +0 -1
- package/dist/chunk-LJ5BSSYE.js.map +0 -1
- package/dist/chunk-MCOLCTFX.js.map +0 -1
- package/dist/chunk-MKWVLWVJ.cjs.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../../src/lib/middleware/cors.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAA;AAE7C,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,EAAE,GAAG,iBAAiB,
|
|
1
|
+
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../../src/lib/middleware/cors.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAA;AAE7C,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,EAAE,GAAG,iBAAiB,CA6ChF"}
|
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var chunkLVKPYSXI_cjs = require('../../chunk-LVKPYSXI.cjs');
|
|
4
4
|
require('../../chunk-EMMSS5I5.cjs');
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
|
|
8
8
|
Object.defineProperty(exports, "POW_COOKIE_NAME", {
|
|
9
9
|
enumerable: true,
|
|
10
|
-
get: function () { return
|
|
10
|
+
get: function () { return chunkLVKPYSXI_cjs.POW_COOKIE_NAME; }
|
|
11
11
|
});
|
|
12
12
|
Object.defineProperty(exports, "POW_PATH", {
|
|
13
13
|
enumerable: true,
|
|
14
|
-
get: function () { return
|
|
14
|
+
get: function () { return chunkLVKPYSXI_cjs.POW_PATH; }
|
|
15
15
|
});
|
|
16
16
|
Object.defineProperty(exports, "POW_VERIFY_PATH", {
|
|
17
17
|
enumerable: true,
|
|
18
|
-
get: function () { return
|
|
18
|
+
get: function () { return chunkLVKPYSXI_cjs.POW_VERIFY_PATH; }
|
|
19
19
|
});
|
|
20
20
|
Object.defineProperty(exports, "createPowChallengeMiddleware", {
|
|
21
21
|
enumerable: true,
|
|
22
|
-
get: function () { return
|
|
22
|
+
get: function () { return chunkLVKPYSXI_cjs.createPowChallengeMiddleware; }
|
|
23
23
|
});
|
|
24
24
|
Object.defineProperty(exports, "handlePowVerify", {
|
|
25
25
|
enumerable: true,
|
|
26
|
-
get: function () { return
|
|
26
|
+
get: function () { return chunkLVKPYSXI_cjs.handlePowVerify; }
|
|
27
27
|
});
|
|
28
28
|
//# sourceMappingURL=pow-challenge.cjs.map
|
|
29
29
|
//# sourceMappingURL=pow-challenge.cjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pow-challenge.d.ts","sourceRoot":"","sources":["../../../src/lib/middleware/pow-challenge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAIlD,yCAAyC;AACzC,eAAO,MAAM,QAAQ,6BAA6B,CAAA;AAElD,sCAAsC;AACtC,eAAO,MAAM,eAAe,oCAAuB,CAAA;AAEnD,qCAAqC;AACrC,eAAO,MAAM,eAAe,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"pow-challenge.d.ts","sourceRoot":"","sources":["../../../src/lib/middleware/pow-challenge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAIlD,yCAAyC;AACzC,eAAO,MAAM,QAAQ,6BAA6B,CAAA;AAElD,sCAAsC;AACtC,eAAO,MAAM,eAAe,oCAAuB,CAAA;AAEnD,qCAAqC;AACrC,eAAO,MAAM,eAAe,gBAAgB,CAAA;AAmM5C;;;;;GAKG;AACH,wBAAsB,eAAe,CACnC,CAAC,EAAE,OAAO,CAAC;IAAE,QAAQ,EAAE,eAAe,CAAA;CAAE,CAAC;;;;;;;;;;;;oEAkE1C;AAID;;;;;;;GAOG;AACH,wBAAgB,4BAA4B;cACN,eAAe;yBAgDpD"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { POW_COOKIE_NAME, POW_PATH, POW_VERIFY_PATH, createPowChallengeMiddleware, handlePowVerify } from '../../chunk-
|
|
1
|
+
export { POW_COOKIE_NAME, POW_PATH, POW_VERIFY_PATH, createPowChallengeMiddleware, handlePowVerify } from '../../chunk-5YYVBPAE.js';
|
|
2
2
|
import '../../chunk-G3PMV62Z.js';
|
|
3
3
|
//# sourceMappingURL=pow-challenge.js.map
|
|
4
4
|
//# sourceMappingURL=pow-challenge.js.map
|
package/dist/worker.js
CHANGED
|
@@ -25097,11 +25097,14 @@ function parseCmsMode(raw2) {
|
|
|
25097
25097
|
|
|
25098
25098
|
// node_modules/hono/dist/middleware/cors/index.js
|
|
25099
25099
|
var cors = (options) => {
|
|
25100
|
-
const
|
|
25100
|
+
const defaults = {
|
|
25101
25101
|
origin: "*",
|
|
25102
25102
|
allowMethods: ["GET", "HEAD", "PUT", "POST", "DELETE", "PATCH"],
|
|
25103
25103
|
allowHeaders: [],
|
|
25104
|
-
exposeHeaders: []
|
|
25104
|
+
exposeHeaders: []
|
|
25105
|
+
};
|
|
25106
|
+
const opts = {
|
|
25107
|
+
...defaults,
|
|
25105
25108
|
...options
|
|
25106
25109
|
};
|
|
25107
25110
|
const findAllowOrigin = ((optsOrigin) => {
|
|
@@ -25192,9 +25195,22 @@ function createCorsMiddleware(allowedOrigins) {
|
|
|
25192
25195
|
});
|
|
25193
25196
|
return async (c, next) => {
|
|
25194
25197
|
const origin = c.req.header("origin");
|
|
25198
|
+
if (c.req.path.startsWith("/api/uploads/images")) {
|
|
25199
|
+
c.header("Access-Control-Allow-Origin", "*");
|
|
25200
|
+
c.header("Access-Control-Allow-Methods", "GET, OPTIONS");
|
|
25201
|
+
if (c.req.method === "OPTIONS") {
|
|
25202
|
+
return c.body(null, 204);
|
|
25203
|
+
}
|
|
25204
|
+
return next();
|
|
25205
|
+
}
|
|
25195
25206
|
if (!c.req.path.startsWith("/health") && !c.req.path.startsWith("/api/auth") && !c.req.path.startsWith("/internal") && origin && !allowedOrigins.includes("*") && !allowedOrigins.includes(origin)) {
|
|
25196
25207
|
return c.json(
|
|
25197
|
-
{
|
|
25208
|
+
{
|
|
25209
|
+
error: {
|
|
25210
|
+
code: "DOMAIN_RESTRICTED",
|
|
25211
|
+
message: `Origin ${origin} is not allowed`
|
|
25212
|
+
}
|
|
25213
|
+
},
|
|
25198
25214
|
403
|
|
25199
25215
|
);
|
|
25200
25216
|
}
|
|
@@ -25230,7 +25246,15 @@ var CHALLENGE_KV_PREFIX = "pow:challenge:";
|
|
|
25230
25246
|
var DEFAULT_POW_DIFFICULTY = 4;
|
|
25231
25247
|
var CHALLENGE_TTL_SEC = 120;
|
|
25232
25248
|
var COOKIE_MAX_AGE_SEC = 3600;
|
|
25233
|
-
var EXEMPT_PATHS = [
|
|
25249
|
+
var EXEMPT_PATHS = [
|
|
25250
|
+
"/health",
|
|
25251
|
+
"/internal",
|
|
25252
|
+
"/api/auth",
|
|
25253
|
+
"/api/uploads/images",
|
|
25254
|
+
"/api/classes",
|
|
25255
|
+
"/api/faqs",
|
|
25256
|
+
"/api/config"
|
|
25257
|
+
];
|
|
25234
25258
|
function base64urlEncode(bytes) {
|
|
25235
25259
|
let binary2 = "";
|
|
25236
25260
|
for (const byte of bytes) {
|
|
@@ -25395,16 +25419,23 @@ async function handlePowVerify(c) {
|
|
|
25395
25419
|
const secret = c.env.INTERNAL_API_SECRET;
|
|
25396
25420
|
const ip = getClientIp(c);
|
|
25397
25421
|
const token = await signCookie(secret, ip);
|
|
25422
|
+
const isSecure = c.req.raw.url.startsWith("https") || c.req.header("x-forwarded-proto") === "https";
|
|
25398
25423
|
c.header(
|
|
25399
25424
|
"Set-Cookie",
|
|
25400
|
-
`${POW_COOKIE_NAME}=${token}; Path=/; Max-Age=${COOKIE_MAX_AGE_SEC}; Secure; HttpOnly; SameSite=Lax`
|
|
25425
|
+
`${POW_COOKIE_NAME}=${token}; Path=/; Max-Age=${COOKIE_MAX_AGE_SEC}; ${isSecure ? "Secure; " : ""}HttpOnly; SameSite=Lax`
|
|
25401
25426
|
);
|
|
25402
25427
|
return c.json({ redirect: redir || "/" });
|
|
25403
25428
|
}
|
|
25404
25429
|
function createPowChallengeMiddleware() {
|
|
25405
25430
|
return createMiddleware(async (c, next) => {
|
|
25406
25431
|
if (c.req.path === POW_VERIFY_PATH) return next();
|
|
25407
|
-
|
|
25432
|
+
const normalizedPath = c.req.path.toLowerCase().replace(/\/$/, "");
|
|
25433
|
+
const isExempt = EXEMPT_PATHS.some((p) => {
|
|
25434
|
+
const ep = p.toLowerCase().replace(/\/$/, "");
|
|
25435
|
+
return normalizedPath === ep || normalizedPath.startsWith(ep + "/");
|
|
25436
|
+
});
|
|
25437
|
+
console.log(`[pow] path=${c.req.path} normalized=${normalizedPath} exempt=${isExempt}`);
|
|
25438
|
+
if (isExempt) return next();
|
|
25408
25439
|
if (c.req.method === "OPTIONS") return next();
|
|
25409
25440
|
if (c.req.header("Authorization")) return next();
|
|
25410
25441
|
const cookieHeader = c.req.header("Cookie") ?? "";
|
|
@@ -62840,11 +62871,21 @@ function createAuth(env2) {
|
|
|
62840
62871
|
};
|
|
62841
62872
|
if (isFirstUser) {
|
|
62842
62873
|
await db.insert(users).values(base).onConflictDoUpdate({
|
|
62843
|
-
target: users.
|
|
62844
|
-
set: {
|
|
62874
|
+
target: users.email,
|
|
62875
|
+
set: {
|
|
62876
|
+
betterAuthId: user.id,
|
|
62877
|
+
role: "super_admin",
|
|
62878
|
+
name: user.name ?? user.email.split("@")[0]
|
|
62879
|
+
}
|
|
62845
62880
|
});
|
|
62846
62881
|
} else {
|
|
62847
|
-
await db.insert(users).values(base).
|
|
62882
|
+
await db.insert(users).values(base).onConflictDoUpdate({
|
|
62883
|
+
target: users.email,
|
|
62884
|
+
set: {
|
|
62885
|
+
betterAuthId: user.id,
|
|
62886
|
+
name: user.name ?? user.email.split("@")[0]
|
|
62887
|
+
}
|
|
62888
|
+
});
|
|
62848
62889
|
}
|
|
62849
62890
|
}
|
|
62850
62891
|
}
|
|
@@ -62873,7 +62914,13 @@ async function resolveUser(env2, betterAuthUserId, betterAuthUserEmail, betterAu
|
|
|
62873
62914
|
betterAuthId: betterAuthUserId,
|
|
62874
62915
|
email: betterAuthUserEmail,
|
|
62875
62916
|
name: betterAuthUserName ?? betterAuthUserEmail.split("@")[0]
|
|
62876
|
-
}).
|
|
62917
|
+
}).onConflictDoUpdate({
|
|
62918
|
+
target: users.email,
|
|
62919
|
+
set: {
|
|
62920
|
+
betterAuthId: betterAuthUserId,
|
|
62921
|
+
name: betterAuthUserName ?? betterAuthUserEmail.split("@")[0]
|
|
62922
|
+
}
|
|
62923
|
+
}).returning();
|
|
62877
62924
|
dbUser = created;
|
|
62878
62925
|
}
|
|
62879
62926
|
if (!dbUser) throw unauthorized("Failed to resolve user record");
|
|
@@ -66282,7 +66329,7 @@ async function ensureDatabase(d1) {
|
|
|
66282
66329
|
try {
|
|
66283
66330
|
await d1.prepare(sql3).run();
|
|
66284
66331
|
} catch (err) {
|
|
66285
|
-
if (err?.message?.includes("duplicate column") || err?.message?.includes("no such column
|
|
66332
|
+
if (err?.message?.includes("duplicate column") || err?.message?.includes("no such column") && err?.message?.includes("is_major")) {
|
|
66286
66333
|
continue;
|
|
66287
66334
|
}
|
|
66288
66335
|
throw err;
|