@azteam/express 1.2.186 → 1.2.189
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +2 -2
- package/src/Server.js +34 -19
- package/src/SocketServer.js +5 -6
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@azteam/express",
|
|
3
|
-
"version": "1.2.
|
|
3
|
+
"version": "1.2.189",
|
|
4
4
|
"main": "src/index.js",
|
|
5
5
|
"engines": {
|
|
6
6
|
"node": ">= 12.0.0",
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
"license": "MIT",
|
|
11
11
|
"dependencies": {
|
|
12
12
|
"@azteam/crypto": "1.0.24",
|
|
13
|
-
"@azteam/error": "1.0.
|
|
13
|
+
"@azteam/error": "1.0.20",
|
|
14
14
|
"@azteam/http-client": "1.0.93",
|
|
15
15
|
"@grpc/grpc-js": "1.6.7",
|
|
16
16
|
"@grpc/proto-loader": "0.6.12",
|
package/src/Server.js
CHANGED
|
@@ -10,7 +10,7 @@ import morgan from 'morgan';
|
|
|
10
10
|
import cors from 'cors';
|
|
11
11
|
import _ from 'lodash';
|
|
12
12
|
import 'express-async-errors';
|
|
13
|
-
import {errorCatch, ErrorException, NOT_FOUND, UNKNOWN} from '@azteam/error';
|
|
13
|
+
import {CORS, errorCatch, ErrorException, NOT_FOUND, UNKNOWN} from '@azteam/error';
|
|
14
14
|
|
|
15
15
|
const RES_TYPE = {
|
|
16
16
|
ARRAY: 'ARRAY',
|
|
@@ -19,26 +19,32 @@ const RES_TYPE = {
|
|
|
19
19
|
};
|
|
20
20
|
|
|
21
21
|
function omitItem(item, guard, allows) {
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
let guardFields = guard;
|
|
23
|
+
let itemFields = item;
|
|
24
|
+
|
|
25
|
+
if (_.isArray(guardFields)) {
|
|
26
|
+
guardFields = _.difference(guardFields, allows);
|
|
24
27
|
}
|
|
25
28
|
|
|
26
|
-
if (
|
|
27
|
-
|
|
29
|
+
if (itemFields.toJSON) {
|
|
30
|
+
itemFields = item.toJSON();
|
|
28
31
|
}
|
|
29
|
-
if (_.isObject(
|
|
30
|
-
if (
|
|
31
|
-
return _.pick(
|
|
32
|
+
if (_.isObject(itemFields)) {
|
|
33
|
+
if (guardFields === '*') {
|
|
34
|
+
return _.pick(itemFields, allows);
|
|
32
35
|
}
|
|
33
|
-
return _.omit(
|
|
36
|
+
return _.omit(itemFields, guardFields);
|
|
34
37
|
}
|
|
35
|
-
return
|
|
38
|
+
return itemFields;
|
|
36
39
|
}
|
|
37
40
|
|
|
38
41
|
class Server {
|
|
39
42
|
constructor(currentDir = '', options = {}) {
|
|
40
43
|
this.redis = null;
|
|
41
|
-
this.options =
|
|
44
|
+
this.options = {
|
|
45
|
+
isAllowEmptyOrigin: true,
|
|
46
|
+
...options,
|
|
47
|
+
};
|
|
42
48
|
|
|
43
49
|
this.cookieOptions = {
|
|
44
50
|
domain: null,
|
|
@@ -121,6 +127,7 @@ class Server {
|
|
|
121
127
|
if (!_.isEmpty(this.controllers)) {
|
|
122
128
|
const WHITE_LIST = this.whiteList;
|
|
123
129
|
const COOKIE_OPTIONS = this.cookieOptions;
|
|
130
|
+
const {isAllowEmptyOrigin} = this.options;
|
|
124
131
|
|
|
125
132
|
const app = express();
|
|
126
133
|
app.use(
|
|
@@ -140,11 +147,17 @@ class Server {
|
|
|
140
147
|
app.use(
|
|
141
148
|
cors({
|
|
142
149
|
credentials: true,
|
|
143
|
-
origin
|
|
144
|
-
if (!origin
|
|
150
|
+
origin(origin, callback) {
|
|
151
|
+
if (!origin) {
|
|
152
|
+
if (isAllowEmptyOrigin) {
|
|
153
|
+
callback(null, true);
|
|
154
|
+
} else {
|
|
155
|
+
callback(new ErrorException(CORS, `${origin} Not allowed by CORS`));
|
|
156
|
+
}
|
|
157
|
+
} else if (!WHITE_LIST.length || WHITE_LIST.some((re) => origin.endsWith(re))) {
|
|
145
158
|
callback(null, true);
|
|
146
159
|
} else {
|
|
147
|
-
callback(new
|
|
160
|
+
callback(new ErrorException(CORS, `${origin} Not allowed by CORS`));
|
|
148
161
|
}
|
|
149
162
|
},
|
|
150
163
|
})
|
|
@@ -184,22 +197,24 @@ class Server {
|
|
|
184
197
|
}
|
|
185
198
|
}
|
|
186
199
|
|
|
200
|
+
let responseGuard = guard;
|
|
201
|
+
const responseAllows = allows;
|
|
187
202
|
if (_.isArray(guard)) {
|
|
188
|
-
|
|
203
|
+
responseGuard = [...guard, '__v', '_id', 'deleted_at', 'updated_at', 'created_id', 'modified_id'];
|
|
189
204
|
if (resType === RES_TYPE.ARRAY || resType === RES_TYPE.DOCS) {
|
|
190
|
-
|
|
205
|
+
responseGuard = [...guard, 'metadata_disable', 'metadata_keywords', 'metadata_description', 'metadata_image_url'];
|
|
191
206
|
}
|
|
192
207
|
}
|
|
193
208
|
if (resType === RES_TYPE.DOCS) {
|
|
194
209
|
guardData.docs = _.map(data.docs, (item) => {
|
|
195
|
-
return omitItem(item,
|
|
210
|
+
return omitItem(item, responseGuard, responseAllows);
|
|
196
211
|
});
|
|
197
212
|
} else if (resType === RES_TYPE.ARRAY) {
|
|
198
213
|
guardData = _.map(data, (item) => {
|
|
199
|
-
return omitItem(item,
|
|
214
|
+
return omitItem(item, responseGuard, responseAllows);
|
|
200
215
|
});
|
|
201
216
|
} else if (resType === RES_TYPE.OBJECT) {
|
|
202
|
-
guardData = omitItem(data,
|
|
217
|
+
guardData = omitItem(data, responseGuard, responseAllows);
|
|
203
218
|
}
|
|
204
219
|
}
|
|
205
220
|
|
package/src/SocketServer.js
CHANGED
|
@@ -56,6 +56,7 @@ class SocketServer {
|
|
|
56
56
|
const versionDirs = fs.readdirSync(`${apiDir}/${dirName}`);
|
|
57
57
|
|
|
58
58
|
for (const versionName of versionDirs) {
|
|
59
|
+
// eslint-disable-next-line import/no-dynamic-require,global-require
|
|
59
60
|
const controller = require(`${apiDir}/${dirName}/${versionName}/controller`).default;
|
|
60
61
|
this.addController(dirName, versionName, controller);
|
|
61
62
|
}
|
|
@@ -83,7 +84,7 @@ class SocketServer {
|
|
|
83
84
|
},
|
|
84
85
|
cors: {
|
|
85
86
|
credentials: true,
|
|
86
|
-
origin
|
|
87
|
+
origin(origin, callback) {
|
|
87
88
|
if (!origin || !WHITE_LIST.length || WHITE_LIST.some((re) => origin.endsWith(re))) {
|
|
88
89
|
callback(null, true);
|
|
89
90
|
} else {
|
|
@@ -99,7 +100,7 @@ class SocketServer {
|
|
|
99
100
|
|
|
100
101
|
const msg = [];
|
|
101
102
|
_.map(this.controllers, (obj) => {
|
|
102
|
-
const controller = obj
|
|
103
|
+
const {controller} = obj;
|
|
103
104
|
|
|
104
105
|
_.map(controller, (item, key) => {
|
|
105
106
|
item.path = obj.version.startsWith('v') ? `/${obj.version}${item.path}` : item.path;
|
|
@@ -145,7 +146,7 @@ class SocketServer {
|
|
|
145
146
|
throw error;
|
|
146
147
|
}
|
|
147
148
|
|
|
148
|
-
let bind = typeof port === 'string' ?
|
|
149
|
+
let bind = typeof port === 'string' ? `Pipe ${port}` : `Port ${port}`;
|
|
149
150
|
|
|
150
151
|
switch (error.code) {
|
|
151
152
|
case 'EACCES':
|
|
@@ -164,10 +165,8 @@ class SocketServer {
|
|
|
164
165
|
server.listen(port);
|
|
165
166
|
|
|
166
167
|
return server;
|
|
167
|
-
} else {
|
|
168
|
-
throw Error('No controllers in use');
|
|
169
168
|
}
|
|
170
|
-
|
|
169
|
+
throw Error('No controllers in use');
|
|
171
170
|
}
|
|
172
171
|
|
|
173
172
|
setAlertCallback(callback) {
|