@apolitical/server 2.5.6-rc.1 → 2.6.0-rc.1

package/CHANGELOG.md

@@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.6.0] - 2022-07-25
+### Updated
+- `buildOptions` helper: use sessionSecret from argument if not in process.env
+
 ## [2.5.5] - 2022-07-19
 ### Added
 - Unit tests for `buildOptions` helper

package/README.md

@@ -248,3 +248,20 @@ start({ appLoader, port: 3000, swaggerDocument });
 The `swaggerDocument` variable can be provided when starting the server to define the API documentation. The documentation can be found at [http://localhost:3000/docs](http://localhost:3000/docs).
 
 For usage examples, see [jwt.apolitical.spec.js](tests/../test/integration/jwt.apolitical.spec.js) test cases.
+
+### Options helper
+
+The __Apolitical Server__ comes with an optsHelper function that can be used to generate an apolitical_auth header cookie when needed. This functionality is especially useful to generate an admin token when making request from one api to another.
+
+```js
+
+// Instantiate the hellper with a session secret
+const { buildOptions } = optsHelper({ sessionSecret: 'hello' });
+
+// If generating an admin token: authToken must be truthy boolean
+buildOptions({ headers: { authToken: true }})
+
+// If using token passed in: authToken must be a string
+buildOptions({ headers: { authToken: 'some-token' }})
+```
+

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apolitical/server",
-  "version": "2.5.6-rc.1",
+  "version": "2.6.0-rc.1",
   "description": "Node.js module to encapsulate Apolitical's express server setup",
   "author": "Apolitical Group Limited <engineering@apolitical.co>",
   "license": "MIT",

package/src/config.js

@@ -1,15 +1,14 @@
 'use strict';
 
-const { NODE_ENV, LOG_LEVEL, SESSION_SECRET } = process.env;
+const { NODE_ENV, LOG_LEVEL } = process.env;
 
 const NAME = 'apolitical-server';
-const VERSION = '2.5.0';
+const VERSION = '2.6.0';
 const ADMIN_ROLE = 'administrator';
 
 module.exports = {
   NODE_ENV,
   LOG_LEVEL,
-  SESSION_SECRET,
   LOGGER_OPTIONS: {
     logLevel: LOG_LEVEL,
     labels: {

package/src/helpers/opts.helper.js

@@ -1,51 +1,51 @@
 'use strict';
 
-module.exports = ({ jwtEncodeHelper, config }) => {
-  const { SESSION_SECRET } = config;
-  const {
-    APOLITICAL: { ISSUER, ADMIN_ROLE, COOKIE_KEY },
-  } = config.JWT;
+module.exports =
+  ({ jwtEncodeHelper, config }) =>
+  ({ sessionSecret }) => {
+    const {
+      APOLITICAL: { ISSUER, ADMIN_ROLE, COOKIE_KEY },
+    } = config.JWT;
 
-  function generateAdminToken(sessionSecret) {
-    const secret = SESSION_SECRET || sessionSecret;
-    const token = jwtEncodeHelper(secret, {
-      role: ADMIN_ROLE,
-      admin: true,
-      iss: ISSUER,
-      exp: Math.floor(Date.now() / 1000) + 90 * 24 * 3600,
-    });
-    return token;
-  }
-
-  function buildHeaders({ authToken }, sessionSecret) {
-    const headers = {};
-    if (authToken && typeof authToken === 'boolean') {
-      // When authToken is a boolean then generate an admin token
-      const adminToken = generateAdminToken(sessionSecret);
-      Object.assign(headers, { Cookie: `${COOKIE_KEY}=${adminToken}` });
-    } else if (authToken && typeof authToken === 'string') {
-      // When authToken is a string then use the it as the token
-      Object.assign(headers, { Cookie: `${COOKIE_KEY}=${authToken}` });
+    function generateAdminToken() {
+      const token = jwtEncodeHelper(sessionSecret, {
+        role: ADMIN_ROLE,
+        admin: true,
+        iss: ISSUER,
+        exp: Math.floor(Date.now() / 1000) + 90 * 24 * 3600,
+      });
+      return token;
     }
-    return headers;
-  }
 
-  function buildOptions({ headers, params, validateStatus, data, sessionSecret }) {
-    const opts = {};
-    if (headers) {
-      Object.assign(opts, { headers: buildHeaders(headers, sessionSecret) });
-    }
-    if (params) {
-      Object.assign(opts, { params });
+    function buildHeaders({ authToken }) {
+      const headers = {};
+      if (authToken && typeof authToken === 'boolean') {
+        // When authToken is a boolean then generate an admin token
+        const adminToken = generateAdminToken();
+        Object.assign(headers, { Cookie: `${COOKIE_KEY}=${adminToken}` });
+      } else if (authToken && typeof authToken === 'string') {
+        // When authToken is a string then use the it as the token
+        Object.assign(headers, { Cookie: `${COOKIE_KEY}=${authToken}` });
+      }
+      return headers;
     }
-    if (validateStatus) {
-      Object.assign(opts, { validateStatus });
-    }
-    if (data) {
-      Object.assign(opts, { data });
+
+    function buildOptions({ headers, params, validateStatus, data }) {
+      const opts = {};
+      if (headers) {
+        Object.assign(opts, { headers: buildHeaders(headers) });
+      }
+      if (params) {
+        Object.assign(opts, { params });
+      }
+      if (validateStatus) {
+        Object.assign(opts, { validateStatus });
+      }
+      if (data) {
+        Object.assign(opts, { data });
+      }
+      return opts;
     }
-    return opts;
-  }
 
-  return buildOptions;
-};
+    return { buildOptions };
+  };

package/src/services/server.service.js

@@ -21,8 +21,6 @@ module.exports = ({
       authentication: authenticationMiddleware,
       authorisation: authorisationMiddleware,
     },
-    request: {
-      buildOptions: optsHelper,
-    },
+    request: optsHelper,
   };
 };