npm - @adaptivestone/framework - Versions diffs - 5.0.0-alpha.2 → 5.0.0-alpha.20 - Mend

@adaptivestone/framework 5.0.0-alpha.2 → 5.0.0-alpha.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/CHANGELOG.md +89 -0
package/commands/CreateUser.js +3 -1
package/commands/GenerateRandomBytes.js +15 -0
package/commands/migration/Migrate.js +1 -1
package/config/auth.js +5 -1
package/config/ipDetector.js +14 -0
package/controllers/Auth.js +1 -1
package/folderConfig.js +0 -1
package/helpers/files.js +8 -8
package/jsconfig.json +9 -0
package/modules/AbstractCommand.js +2 -1
package/modules/AbstractController.js +20 -16
package/modules/AbstractModel.d.ts +48 -0
package/modules/AbstractModel.js +20 -2
package/modules/Base.d.ts +5 -4
package/modules/Base.js +11 -1
package/package.json +12 -15
package/server.d.ts +7 -5
package/server.js +11 -7
package/services/cache/Cache.d.ts +2 -2
package/services/cache/Cache.js +10 -6
package/services/http/HttpServer.js +11 -19
package/services/http/middleware/GetUserByToken.js +2 -1
package/services/http/middleware/I18n.js +20 -21
package/services/http/middleware/IpDetector.js +59 -0
package/services/http/middleware/Pagination.js +3 -2
package/services/http/middleware/RateLimiter.js +8 -2
package/services/http/middleware/RequestParser.js +4 -1
package/services/messaging/email/index.js +7 -15
package/tests/setup.js +3 -1
package/tests/setupVitest.js +1 -1
package/types/TFoldersConfig.d.ts +0 -2
package/.eslintrc.cjs +0 -41
package/controllers/Auth.test.js +0 -451
package/controllers/Home.test.js +0 -12
package/models/Migration.test.js +0 -20
package/models/Sequence.test.js +0 -43
package/models/User.test.js +0 -143
package/modules/Modules.test.js +0 -18
package/services/cache/Cache.test.js +0 -81
package/services/http/middleware/Auth.test.js +0 -57
package/services/http/middleware/Cors.test.js +0 -147
package/services/http/middleware/GetUserByToken.test.js +0 -108
package/services/http/middleware/I18n.test.js +0 -96
package/services/http/middleware/PrepareAppInfo.test.js +0 -26
package/services/http/middleware/RateLimiter.test.js +0 -233
package/services/http/middleware/RequestParser.test.js +0 -112
package/services/http/middleware/Role.test.js +0 -93
package/services/http/middleware/StaticFiles.js +0 -59
package/services/validate/ValidateService.test.js +0 -107

package/services/cache/Cache.js CHANGED Viewed

@@ -43,8 +43,10 @@ class Cache extends Base {
     }
     const key = this.getKeyWithNameSpace(keyValue);
     // 5 mins default
-    let resolve = null;
-    let reject = null;
+    // eslint-disable-next-line no-unused-vars
+    let resolve = (value) => {};
+    // eslint-disable-next-line no-unused-vars
+    let reject = (value) => {};
     if (this.promiseMapping.has(key)) {
       return this.promiseMapping.get(key);
     }
@@ -69,12 +71,14 @@ class Cache extends Base {
         return Promise.reject(e);
       }
-      this.redisClient.setEx(
+      this.redisClient.set(
         key,
-        storeTime,
-        JSON.stringify(result, (jsonkey, value) =>
+        JSON.stringify(result, (_jsonkey, value) =>
           typeof value === 'bigint' ? `${value}n` : value,
         ),
+        {
+          EX: storeTime,
+        },
       );
     } else {
       this.logger.verbose(
@@ -84,7 +88,7 @@ class Cache extends Base {
         )}`,
       );
       try {
-        result = JSON.parse(result, (jsonkey, value) => {
+        result = JSON.parse(result, (_jsonkey, value) => {
           if (typeof value === 'string' && /^\d+n$/.test(value)) {
             return BigInt(value.slice(0, value.length - 1));
           }

package/services/http/HttpServer.js CHANGED Viewed

@@ -1,12 +1,12 @@
 import http from 'node:http';
-import path from 'node:path';
-import * as url from 'node:url';
+// import path from 'node:path';
+// import * as url from 'node:url';
 import express from 'express';
 import RequestLoggerMiddleware from './middleware/RequestLogger.js';
 import I18nMiddleware from './middleware/I18n.js';
 import PrepareAppInfoMiddleware from './middleware/PrepareAppInfo.js';
 import RequestParserMiddleware from './middleware/RequestParser.js';
-import StaticFilesMiddleware from './middleware/StaticFiles.js';
+import IpDetector from './middleware/IpDetector.js';
 import Cors from './middleware/Cors.js';
 import Base from '../../modules/Base.js';
@@ -18,14 +18,15 @@ class HttpServer extends Base {
     super(app);
     this.express = express();
     this.express.disable('x-powered-by');
-    const dirname = url.fileURLToPath(new URL('.', import.meta.url));
-    this.express.set('views', [
-      this.app.foldersConfig.views,
-      path.join(dirname, '../../views'),
-    ]);
-    this.express.set('view engine', 'pug');
+    // const dirname = url.fileURLToPath(new URL('.', import.meta.url));
+    // this.express.set('views', [
+    //   this.app.foldersConfig.views,
+    //   path.join(dirname, '../../views'),
+    // ]);
+    // this.express.set('view engine', 'pug');
     this.express.use(new PrepareAppInfoMiddleware(this.app).getMiddleware());
+    this.express.use(new IpDetector(this.app).getMiddleware());
     this.express.use(new RequestLoggerMiddleware(this.app).getMiddleware());
     this.express.use(new I18nMiddleware(this.app).getMiddleware());
@@ -35,15 +36,6 @@ class HttpServer extends Base {
         origins: httpConfig.corsDomains,
       }).getMiddleware(),
     );
-    // todo whitelist
-    this.express.use(
-      new StaticFilesMiddleware(this.app, {
-        folders: [
-          this.app.foldersConfig.public,
-          path.join(dirname, '../../public/files'),
-        ],
-      }).getMiddleware(),
-    );
     this.express.use(new RequestParserMiddleware(this.app).getMiddleware());
@@ -57,7 +49,7 @@ class HttpServer extends Base {
       res.status(500).json({ message: 'Something broke!' });
     });
-    this.httpServer = http.Server(this.express);
+    this.httpServer = http.createServer(this.express);
     const listener = this.httpServer.listen(
       httpConfig.port,

package/services/http/middleware/GetUserByToken.js CHANGED Viewed

@@ -5,13 +5,14 @@ class GetUserByToken extends AbstractMiddleware {
     return 'Grab a token and try to parse the user from it. It user exist will add req.appInfo.user variable';
   }
+  // eslint-disable-next-line class-methods-use-this
   get usedAuthParameters() {
     return [
       {
         name: 'Authorization',
         type: 'apiKey',
         in: 'header',
-        description: this?.description,
+        description: GetUserByToken.description,
       },
     ];
   }

package/services/http/middleware/I18n.js CHANGED Viewed

@@ -1,37 +1,36 @@
 import i18next from 'i18next';
 import BackendFS from 'i18next-fs-backend';
-import Backend from 'i18next-chained-backend';
 import AbstractMiddleware from './AbstractMiddleware.js';
 class I18n extends AbstractMiddleware {
+  cache = {};
+  enabled = true;
+  lookupQuerystring = '';
+  supportedLngs = [];
+  fallbackLng = 'en';
+  /** @type {i18next} */
+  i18n = {
+    // @ts-ignore
+    t: (text) => text,
+    language: 'en',
+  };
   constructor(app, params) {
     super(app, params);
     const I18NConfig = this.app.getConfig('i18n');
-    this.i18n = {
-      t: (text) => text,
-      language: I18NConfig.fallbackLng,
-    };
-    this.cache = {};
     if (I18NConfig.enabled) {
       this.logger.info('Enabling i18n support');
       this.i18n = i18next;
-      i18next.use(Backend).init({
+      i18next.use(BackendFS).init({
         backend: {
-          backends: [
-            BackendFS,
-            //  BackendFS,
-          ],
-          backendOptions: [
-            // {
-            //  loadPath: __dirname + '/../../locales/{{lng}}/{{ns}}.json',
-            //   addPath: __dirname + '/../../locales/{{lng}}/{{ns}}.missing.json'
-            // },
-            {
-              loadPath: `${this.app.foldersConfig.locales}/{{lng}}/{{ns}}.json`,
-              addPath: `${this.app.foldersConfig.locales}/{{lng}}/{{ns}}.missing.json`,
-            },
-          ],
+          loadPath: `${this.app.foldersConfig.locales}/{{lng}}/{{ns}}.json`,
+          addPath: `${this.app.foldersConfig.locales}/{{lng}}/{{ns}}.missing.json`,
         },
         fallbackLng: I18NConfig.fallbackLng,
         preload: I18NConfig.preload,

package/services/http/middleware/IpDetector.js ADDED Viewed

@@ -0,0 +1,59 @@
+import { BlockList } from 'node:net';
+import AbstractMiddleware from './AbstractMiddleware.js';
+class IpDetector extends AbstractMiddleware {
+  static get description() {
+    return 'Detect real user IP address. Support proxy and load balancer';
+  }
+  constructor(app, params) {
+    super(app, params);
+    const { trustedProxy } = this.app.getConfig('ipDetector');
+    this.blockList = new BlockList();
+    for (const subnet of trustedProxy) {
+      const addressType = subnet.includes(':') ? 'ipv6' : 'ipv4';
+      if (subnet.includes('/')) {
+        // CIDR
+        const [realSubnet, prefixLength] = subnet.split('/');
+        this.blockList.addSubnet(
+          realSubnet,
+          parseInt(prefixLength, 10),
+          addressType,
+        );
+      } else if (subnet.includes('-')) {
+        // RANGE
+        const [start, end] = subnet.split('-');
+        this.blockList.addRange(start, end, addressType);
+      } else {
+        // just an address
+        this.blockList.addAddress(subnet, addressType);
+      }
+    }
+  }
+  async middleware(req, res, next) {
+    const { headers } = this.app.getConfig('ipDetector');
+    const initialIp = req.socket.remoteAddress;
+    req.appInfo.ip = initialIp;
+    const addressType = initialIp.includes(':') ? 'ipv6' : 'ipv4';
+    if (this.blockList.check(initialIp, addressType)) {
+      // we can trust this source
+      for (const header of headers) {
+        // in a range
+        const ipHeader = req.headers[header.toLowerCase()];
+        if (ipHeader) {
+          const [firstIp] = ipHeader.split(',').map((ip) => ip.trim());
+          req.appInfo.ip = firstIp;
+          break;
+        }
+      }
+    }
+    next();
+  }
+}
+export default IpDetector;

package/services/http/middleware/Pagination.js CHANGED Viewed

@@ -19,8 +19,9 @@ class Pagination extends AbstractMiddleware {
   async middleware(req, res, next) {
     let { limit, maxLimit } = this.params;
-    limit = typeof limit === 'number' ? parseInt(limit, 10) : 10;
-    maxLimit = typeof maxLimit === 'number' ? parseInt(maxLimit, 10) : 100;
+    limit = (typeof limit !== 'number' ? parseInt(limit, 10) : limit) || 10;
+    maxLimit =
+      (typeof maxLimit !== 'number' ? parseInt(maxLimit, 10) : maxLimit) || 100;
     req.appInfo.pagination = {};
     req.appInfo.pagination.page =

package/services/http/middleware/RateLimiter.js CHANGED Viewed

@@ -78,10 +78,16 @@ class RateLimiter extends AbstractMiddleware {
     const key = [];
     if (ip) {
-      key.push(req.ip);
+      if (!req.appInfo.ip) {
+        this.logger.error(
+          `RateLimiter: Can't get remote address from request. Please check that you used IpDetecor middleware before RateLimiter`,
+        );
+      } else {
+        key.push(req.appInfo.ip);
+      }
     }
     if (route) {
-      key.push(req.originalUrl);
+      key.push(`${req.baseUrl ?? ''}${req.path ?? ''}`); // to avoid quesry params
     }
     if (user && req.appInfo?.user) {
       key.push(req.appInfo?.user.id);

package/services/http/middleware/RequestParser.js CHANGED Viewed

@@ -18,7 +18,10 @@ class RequestParser extends AbstractMiddleware {
       [fields, files] = await form.parse(req);
     } catch (err) {
       this.logger.error(`Parsing failed ${err}`);
-      return next(err);
+      return res.status(400).json({
+        message: `Error to parse your request. You provided invalid content type or content-length. Please check your request headers and content type.`,
+      });
+      // return next(err);
     }
     this.logger.verbose(
       `Parsing multipart/formdata request DONE ${Date.now() - time}ms`,

package/services/messaging/email/index.js CHANGED Viewed

@@ -66,7 +66,8 @@ class Mail extends Base {
    * @param {object} templateData
    * @returns string
    */
-  static async #renderTemplateFile({ type, fullPath } = {}, templateData = {}) {
+  // eslint-disable-next-line class-methods-use-this
+  async #renderTemplateFile({ type, fullPath } = {}, templateData = {}) {
     if (!type) {
       return null;
     }
@@ -116,19 +117,10 @@ class Mail extends Base {
     const [htmlRendered, subjectRendered, textRendered, extraCss] =
       await Promise.all([
-        this.constructor.#renderTemplateFile(
-          templates.html,
-          templateDataToRender,
-        ),
-        this.constructor.#renderTemplateFile(
-          templates.subject,
-          templateDataToRender,
-        ),
-        this.constructor.#renderTemplateFile(
-          templates.text,
-          templateDataToRender,
-        ),
-        this.constructor.#renderTemplateFile(templates.style),
+        this.#renderTemplateFile(templates.html, templateDataToRender),
+        this.#renderTemplateFile(templates.subject, templateDataToRender),
+        this.#renderTemplateFile(templates.text, templateDataToRender),
+        this.#renderTemplateFile(templates.style),
       ]);
     juice.tableElements = ['TABLE'];
@@ -171,7 +163,7 @@ class Mail extends Base {
   /**
    * Send provided text (html) to email. Low level function. All data should be prepared before sending (like inline styles)
-   * @param {objetc} app application
+   * @param {import('../../../server.js').default['app']} app application
    * @param {string} to send to
    * @param {string} subject email topic
    * @param {string} html hmlt body of emain

package/tests/setup.js CHANGED Viewed

@@ -1,5 +1,6 @@
 /* eslint-disable no-undef */
 import path from 'node:path';
+import { randomBytes } from 'node:crypto';
 import { MongoMemoryReplSet } from 'mongodb-memory-server';
 import mongoose from 'mongoose';
 import redis from 'redis';
@@ -19,6 +20,8 @@ beforeAll(async () => {
   });
   await mongoMemoryServerInstance.waitUntilRunning();
   process.env.LOGGER_CONSOLE_LEVEL = 'error';
+  process.env.AUTH_SALT = randomBytes(16).toString('hex');
   const connectionStringMongo = await mongoMemoryServerInstance.getUri();
   // console.info('MONGO_URI: ', connectionStringMongo);
   global.server = new Server({
@@ -27,7 +30,6 @@ beforeAll(async () => {
       controllers:
         process.env.TEST_FOLDER_CONTROLLERS || path.resolve('./controllers'),
       views: process.env.TEST_FOLDER_VIEWS || path.resolve('./views'),
-      public: process.env.TEST_FOLDER_PUBLIC || path.resolve('./public'),
       models: process.env.TEST_FOLDER_MODELS || path.resolve('./models'),
       emails:
         process.env.TEST_FOLDER_EMAIL ||

package/tests/setupVitest.js CHANGED Viewed

@@ -12,13 +12,13 @@ mongoose.set('autoIndex', false);
 beforeAll(async () => {
   process.env.LOGGER_CONSOLE_LEVEL = 'error';
+  process.env.AUTH_SALT = crypto.randomBytes(16).toString('hex');
   global.server = new Server({
     folders: {
       config: process.env.TEST_FOLDER_CONFIG || path.resolve('./config'),
       controllers:
         process.env.TEST_FOLDER_CONTROLLERS || path.resolve('./controllers'),
       views: process.env.TEST_FOLDER_VIEWS || path.resolve('./views'),
-      public: process.env.TEST_FOLDER_PUBLIC || path.resolve('./public'),
       models: process.env.TEST_FOLDER_MODELS || path.resolve('./models'),
       emails:
         process.env.TEST_FOLDER_EMAIL ||

package/types/TFoldersConfig.d.ts CHANGED Viewed

@@ -3,7 +3,6 @@
  * @param models path to folder with moidels files
  * @param controllers path to folder with controllers files
  * @param views path to folder with view files
- * @param public path to folder with public files
  * @param locales path to folder with locales files
  * @param emails path to folder with emails files
  */
@@ -12,7 +11,6 @@ type FolderConfig = {
   models: string;
   controllers: string;
   views: string;
-  public: string;
   emails: string;
 };

package/.eslintrc.cjs DELETED Viewed

@@ -1,41 +0,0 @@
-module.exports = {
-  env: {
-    es2023: true,
-    node: true,
-  },
-  extends: ['airbnb-base', 'prettier'],
-  plugins: ['prettier'],
-  parserOptions: {
-    ecmaVersion: 2023,
-  },
-  rules: {
-    'no-restricted-syntax': [
-      'error',
-      {
-        selector: 'ForInStatement',
-        message:
-          'for..in loops iterate over the entire prototype chain, which is virtually never what you want. Use Object.{keys,values,entries}, and iterate over the resulting array.',
-      },
-      {
-        selector: 'LabeledStatement',
-        message:
-          'Labels are a form of GOTO; using them makes code confusing and hard to maintain and understand.',
-      },
-      {
-        selector: 'WithStatement',
-        message:
-          '`with` is disallowed in strict mode because it makes code impossible to predict and optimize.',
-      },
-    ],
-    'prettier/prettier': 'error',
-    'import/extensions': 'off', // it have a problem with dynamic imports
-    'import/prefer-default-export': 'off', // we want to have signgke default export too
-  },
-  overrides: [
-    {
-      files: ['**/*.test.js'],
-      extends: ['plugin:vitest/all', 'plugin:vitest/recommended'],
-      plugins: ['vitest'],
-    },
-  ],
-};