@aeriajs/security 0.0.45 → 0.0.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/define.mjs +3 -2
  2. package/dist/immutability.mjs +47 -323
  3. package/dist/index.mjs +1 -0
  4. package/dist/ownership.mjs +26 -177
  5. package/dist/pagination.mjs +10 -147
  6. package/dist/rateLimiting.mjs +64 -238
  7. package/dist/types.mjs +1 -1
  8. package/dist/use.mjs +53 -261
  9. package/package.json +5 -5
package/dist/pagination.mjs CHANGED
@@ -1,149 +1,12 @@
1
- function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
2
- try {
3
- var info = gen[key](arg);
4
- var value = info.value;
5
- } catch (error) {
6
- reject(error);
7
- return;
8
- }
9
- if (info.done) {
10
- resolve(value);
11
- } else {
12
- Promise.resolve(value).then(_next, _throw);
13
- }
14
- }
15
- function _async_to_generator(fn) {
16
- return function() {
17
- var self = this, args = arguments;
18
- return new Promise(function(resolve, reject) {
19
- var gen = fn.apply(self, args);
20
- function _next(value) {
21
- asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
22
- }
23
- function _throw(err) {
24
- asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
25
- }
26
- _next(undefined);
27
- });
28
- };
29
- }
30
- function _ts_generator(thisArg, body) {
31
- var f, y, t, g, _ = {
32
- label: 0,
33
- sent: function() {
34
- if (t[0] & 1) throw t[1];
35
- return t[1];
36
- },
37
- trys: [],
38
- ops: []
39
- };
40
- return g = {
41
- next: verb(0),
42
- "throw": verb(1),
43
- "return": verb(2)
44
- }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
45
- return this;
46
- }), g;
47
- function verb(n) {
48
- return function(v) {
49
- return step([
50
- n,
51
- v
52
- ]);
53
- };
54
- }
55
- function step(op) {
56
- if (f) throw new TypeError("Generator is already executing.");
57
- while(_)try {
58
- if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
59
- if (y = 0, t) op = [
60
- op[0] & 2,
61
- t.value
62
- ];
63
- switch(op[0]){
64
- case 0:
65
- case 1:
66
- t = op;
67
- break;
68
- case 4:
69
- _.label++;
70
- return {
71
- value: op[1],
72
- done: false
73
- };
74
- case 5:
75
- _.label++;
76
- y = op[1];
77
- op = [
78
- 0
79
- ];
80
- continue;
81
- case 7:
82
- op = _.ops.pop();
83
- _.trys.pop();
84
- continue;
85
- default:
86
- if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
87
- _ = 0;
88
- continue;
89
- }
90
- if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
91
- _.label = op[1];
92
- break;
93
- }
94
- if (op[0] === 6 && _.label < t[1]) {
95
- _.label = t[1];
96
- t = op;
97
- break;
98
- }
99
- if (t && _.label < t[2]) {
100
- _.label = t[2];
101
- _.ops.push(op);
102
- break;
103
- }
104
- if (t[2]) _.ops.pop();
105
- _.trys.pop();
106
- continue;
107
- }
108
- op = body.call(thisArg, _);
109
- } catch (e) {
110
- op = [
111
- 6,
112
- e
113
- ];
114
- y = 0;
115
- } finally{
116
- f = t = 0;
117
- }
118
- if (op[0] & 5) throw op[1];
119
- return {
120
- value: op[0] ? op[1] : void 0,
121
- done: true
122
- };
123
- }
124
- }
1
+ "use strict";
125
2
  import { ACErrors } from "@aeriajs/types";
126
3
  import { left, right } from "@aeriajs/common";
127
- export var checkPagination = function() {
128
- var _ref = _async_to_generator(function(props) {
129
- var payload;
130
- return _ts_generator(this, function(_state) {
131
- payload = props.payload;
132
- if (payload.limit) {
133
- if (payload.limit <= 0 || payload.limit > 150) {
134
- return [
135
- 2,
136
- left(ACErrors.InvalidLimit)
137
- ];
138
- }
139
- }
140
- return [
141
- 2,
142
- right(payload)
143
- ];
144
- });
145
- });
146
- return function checkPagination(props) {
147
- return _ref.apply(this, arguments);
148
- };
149
- }();
4
+ export const checkPagination = async (props) => {
5
+ const { payload } = props;
6
+ if (payload.limit) {
7
+ if (payload.limit <= 0 || payload.limit > 150) {
8
+ return left(ACErrors.InvalidLimit);
9
+ }
10
+ }
11
+ return right(payload);
12
+ };
package/dist/rateLimiting.mjs CHANGED
@@ -1,243 +1,69 @@
1
- function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
2
- try {
3
- var info = gen[key](arg);
4
- var value = info.value;
5
- } catch (error) {
6
- reject(error);
7
- return;
8
- }
9
- if (info.done) {
10
- resolve(value);
11
- } else {
12
- Promise.resolve(value).then(_next, _throw);
13
- }
14
- }
15
- function _async_to_generator(fn) {
16
- return function() {
17
- var self = this, args = arguments;
18
- return new Promise(function(resolve, reject) {
19
- var gen = fn.apply(self, args);
20
- function _next(value) {
21
- asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
22
- }
23
- function _throw(err) {
24
- asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
25
- }
26
- _next(undefined);
27
- });
28
- };
29
- }
30
- function _define_property(obj, key, value) {
31
- if (key in obj) {
32
- Object.defineProperty(obj, key, {
33
- value: value,
34
- enumerable: true,
35
- configurable: true,
36
- writable: true
37
- });
38
- } else {
39
- obj[key] = value;
40
- }
41
- return obj;
42
- }
43
- function _ts_generator(thisArg, body) {
44
- var f, y, t, g, _ = {
45
- label: 0,
46
- sent: function() {
47
- if (t[0] & 1) throw t[1];
48
- return t[1];
49
- },
50
- trys: [],
51
- ops: []
52
- };
53
- return g = {
54
- next: verb(0),
55
- "throw": verb(1),
56
- "return": verb(2)
57
- }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
58
- return this;
59
- }), g;
60
- function verb(n) {
61
- return function(v) {
62
- return step([
63
- n,
64
- v
65
- ]);
66
- };
67
- }
68
- function step(op) {
69
- if (f) throw new TypeError("Generator is already executing.");
70
- while(_)try {
71
- if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
72
- if (y = 0, t) op = [
73
- op[0] & 2,
74
- t.value
75
- ];
76
- switch(op[0]){
77
- case 0:
78
- case 1:
79
- t = op;
80
- break;
81
- case 4:
82
- _.label++;
83
- return {
84
- value: op[1],
85
- done: false
86
- };
87
- case 5:
88
- _.label++;
89
- y = op[1];
90
- op = [
91
- 0
92
- ];
93
- continue;
94
- case 7:
95
- op = _.ops.pop();
96
- _.trys.pop();
97
- continue;
98
- default:
99
- if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
100
- _ = 0;
101
- continue;
102
- }
103
- if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
104
- _.label = op[1];
105
- break;
106
- }
107
- if (op[0] === 6 && _.label < t[1]) {
108
- _.label = t[1];
109
- t = op;
110
- break;
111
- }
112
- if (t && _.label < t[2]) {
113
- _.label = t[2];
114
- _.ops.push(op);
115
- break;
116
- }
117
- if (t[2]) _.ops.pop();
118
- _.trys.pop();
119
- continue;
120
- }
121
- op = body.call(thisArg, _);
122
- } catch (e) {
123
- op = [
124
- 6,
125
- e
126
- ];
127
- y = 0;
128
- } finally{
129
- f = t = 0;
130
- }
131
- if (op[0] & 5) throw op[1];
132
- return {
133
- value: op[0] ? op[1] : void 0,
134
- done: true
135
- };
136
- }
137
- }
1
+ "use strict";
138
2
  import { left, right } from "@aeriajs/common";
139
- export var RateLimitingErrors;
140
- (function(RateLimitingErrors) {
141
- RateLimitingErrors["Unauthenticated"] = "UNAUTHENTICATED";
142
- RateLimitingErrors["LimitReached"] = "LIMIT_REACHED";
143
- })(RateLimitingErrors || (RateLimitingErrors = {}));
144
- var getUser = function(context) {
145
- if (!context.token.authenticated) {
146
- throw new Error();
3
+ export var RateLimitingErrors = /* @__PURE__ */ ((RateLimitingErrors2) => {
4
+ RateLimitingErrors2["Unauthenticated"] = "UNAUTHENTICATED";
5
+ RateLimitingErrors2["LimitReached"] = "LIMIT_REACHED";
6
+ return RateLimitingErrors2;
7
+ })(RateLimitingErrors || {});
8
+ const getUser = (context) => {
9
+ if (!context.token.authenticated) {
10
+ throw new Error();
11
+ }
12
+ return context.collections.user.model.findOne(
13
+ {
14
+ _id: context.token.sub
15
+ },
16
+ {
17
+ resources_usage: 1
147
18
  }
148
- return context.collections.user.model.findOne({
149
- _id: context.token.sub
150
- }, {
151
- resources_usage: 1
152
- });
19
+ );
153
20
  };
154
- export var limitRate = function() {
155
- var _ref = _async_to_generator(function(context, params) {
156
- var _user_resources_usage, user, _tmp, _params_increment, increment, limit, scale, payload, usage, entry;
157
- return _ts_generator(this, function(_state) {
158
- switch(_state.label){
159
- case 0:
160
- _tmp = !context.token.authenticated;
161
- if (_tmp) return [
162
- 3,
163
- 2
164
- ];
165
- return [
166
- 4,
167
- getUser(context)
168
- ];
169
- case 1:
170
- _tmp = !(user = _state.sent());
171
- _state.label = 2;
172
- case 2:
173
- if (_tmp) {
174
- return [
175
- 2,
176
- left("UNAUTHENTICATED")
177
- ];
178
- }
179
- _params_increment = params.increment, increment = _params_increment === void 0 ? 1 : _params_increment, limit = params.limit, scale = params.scale;
180
- payload = {
181
- $inc: {
182
- hits: increment
183
- },
184
- $set: {}
185
- };
186
- usage = (_user_resources_usage = user.resources_usage) === null || _user_resources_usage === void 0 ? void 0 : _user_resources_usage.get(context.functionPath);
187
- if (!!usage) return [
188
- 3,
189
- 5
190
- ];
191
- return [
192
- 4,
193
- context.collections.resourceUsage.model.insertOne({
194
- hits: increment
195
- })
196
- ];
197
- case 3:
198
- entry = _state.sent();
199
- return [
200
- 4,
201
- context.collections.user.model.updateOne({
202
- _id: user._id
203
- }, {
204
- $set: _define_property({}, "resources_usage.".concat(context.functionPath), entry.insertedId)
205
- })
206
- ];
207
- case 4:
208
- _state.sent();
209
- return [
210
- 2,
211
- right(null)
212
- ];
213
- case 5:
214
- if (scale && new Date().getTime() / 1000 - usage.updated_at.getTime() / 1000 < scale) {
215
- return [
216
- 2,
217
- left("LIMIT_REACHED")
218
- ];
219
- }
220
- if (limit && usage.hits % limit === 0) {
221
- payload.$set = {
222
- last_maximum_reach: new Date()
223
- };
224
- }
225
- return [
226
- 4,
227
- context.collections.resourceUsage.model.updateOne({
228
- _id: usage._id
229
- }, payload)
230
- ];
231
- case 6:
232
- _state.sent();
233
- return [
234
- 2,
235
- right(null)
236
- ];
237
- }
238
- });
21
+ export const limitRate = async (context, params) => {
22
+ let user;
23
+ if (!context.token.authenticated || !(user = await getUser(context))) {
24
+ return left("UNAUTHENTICATED" /* Unauthenticated */);
25
+ }
26
+ const {
27
+ increment = 1,
28
+ limit,
29
+ scale
30
+ } = params;
31
+ const payload = {
32
+ $inc: {
33
+ hits: increment
34
+ },
35
+ $set: {}
36
+ };
37
+ const usage = user.resources_usage?.get(context.functionPath);
38
+ if (!usage) {
39
+ const entry = await context.collections.resourceUsage.model.insertOne({
40
+ hits: increment
239
41
  });
240
- return function limitRate(context, params) {
241
- return _ref.apply(this, arguments);
42
+ await context.collections.user.model.updateOne(
43
+ {
44
+ _id: user._id
45
+ },
46
+ {
47
+ $set: {
48
+ [`resources_usage.${context.functionPath}`]: entry.insertedId
49
+ }
50
+ }
51
+ );
52
+ return right(null);
53
+ }
54
+ if (scale && (/* @__PURE__ */ new Date()).getTime() / 1e3 - usage.updated_at.getTime() / 1e3 < scale) {
55
+ return left("LIMIT_REACHED" /* LimitReached */);
56
+ }
57
+ if (limit && usage.hits % limit === 0) {
58
+ payload.$set = {
59
+ last_maximum_reach: /* @__PURE__ */ new Date()
242
60
  };
243
- }();
61
+ }
62
+ await context.collections.resourceUsage.model.updateOne(
63
+ {
64
+ _id: usage._id
65
+ },
66
+ payload
67
+ );
68
+ return right(null);
69
+ };
package/dist/types.mjs CHANGED
@@ -1 +1 @@
1
- export { };
1
+ "use strict";