npm - @azteam/express - Versions diffs - 1.2.328 → 1.2.330 - Mend

@azteam/express 1.2.328 → 1.2.330

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/lib/middleware/authMiddleware.js +1 -1
package/lib/middleware/index.js +7 -0
package/lib/middleware/recaptchaMiddleware.js +25 -1
package/lib/middleware/verifyGoogleAppMiddleware.js +1 -1
package/package.json +1 -1
package/src/middleware/authMiddleware.js +1 -1
package/src/middleware/index.js +1 -0
package/src/middleware/recaptchaMiddleware.js +19 -1
package/src/middleware/verifyGoogleAppMiddleware.js +2 -2

package/lib/middleware/authMiddleware.js CHANGED Viewed

@@ -80,7 +80,7 @@ function _default(cbLoginAPI) {
               _context.next = 30;
               break;
             case 29:
-              return _context.abrupt("return", next((0, _error.ErrorException)(_error.TOKEN_FAILED)));
+              throw new _error.ErrorException(_error.TOKEN_FAILED);
             case 30:
               return _context.abrupt("return", next());
             case 31:

package/lib/middleware/index.js CHANGED Viewed

@@ -39,6 +39,12 @@ Object.defineProperty(exports, "paginateMiddleware", {
     return _paginateMiddleware["default"];
   }
 });
+Object.defineProperty(exports, "recaptchaMiddleware", {
+  enumerable: true,
+  get: function get() {
+    return _recaptchaMiddleware["default"];
+  }
+});
 Object.defineProperty(exports, "roleMiddleware", {
   enumerable: true,
   get: function get() {
@@ -80,4 +86,5 @@ var _validateMiddleware = _interopRequireDefault(require("./validateMiddleware")
 var _limitRequestMiddleware = _interopRequireDefault(require("./limitRequestMiddleware"));
 var _cacheMiddleware = _interopRequireDefault(require("./cacheMiddleware"));
 var _verifyGoogleAppMiddleware = _interopRequireDefault(require("./verifyGoogleAppMiddleware"));
+var _recaptchaMiddleware = _interopRequireDefault(require("./recaptchaMiddleware"));
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }

package/lib/middleware/recaptchaMiddleware.js CHANGED Viewed

@@ -5,18 +5,42 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports["default"] = _default;
+var _httpClient = _interopRequireDefault(require("@azteam/http-client"));
+var _error = require("@azteam/error");
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { "default": obj }; }
 function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return exports; }; var exports = {}, Op = Object.prototype, hasOwn = Op.hasOwnProperty, $Symbol = "function" == typeof Symbol ? Symbol : {}, iteratorSymbol = $Symbol.iterator || "@@iterator", asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator", toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag"; function define(obj, key, value) { return Object.defineProperty(obj, key, { value: value, enumerable: !0, configurable: !0, writable: !0 }), obj[key]; } try { define({}, ""); } catch (err) { define = function define(obj, key, value) { return obj[key] = value; }; } function wrap(innerFn, outerFn, self, tryLocsList) { var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator, generator = Object.create(protoGenerator.prototype), context = new Context(tryLocsList || []); return generator._invoke = function (innerFn, self, context) { var state = "suspendedStart"; return function (method, arg) { if ("executing" === state) throw new Error("Generator is already running"); if ("completed" === state) { if ("throw" === method) throw arg; return doneResult(); } for (context.method = method, context.arg = arg;;) { var delegate = context.delegate; if (delegate) { var delegateResult = maybeInvokeDelegate(delegate, context); if (delegateResult) { if (delegateResult === ContinueSentinel) continue; return delegateResult; } } if ("next" === context.method) context.sent = context._sent = context.arg;else if ("throw" === context.method) { if ("suspendedStart" === state) throw state = "completed", context.arg; context.dispatchException(context.arg); } else "return" === context.method && context.abrupt("return", context.arg); state = "executing"; var record = tryCatch(innerFn, self, context); if ("normal" === record.type) { if (state = context.done ? "completed" : "suspendedYield", record.arg === ContinueSentinel) continue; return { value: record.arg, done: context.done }; } "throw" === record.type && (state = "completed", context.method = "throw", context.arg = record.arg); } }; }(innerFn, self, context), generator; } function tryCatch(fn, obj, arg) { try { return { type: "normal", arg: fn.call(obj, arg) }; } catch (err) { return { type: "throw", arg: err }; } } exports.wrap = wrap; var ContinueSentinel = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var IteratorPrototype = {}; define(IteratorPrototype, iteratorSymbol, function () { return this; }); var getProto = Object.getPrototypeOf, NativeIteratorPrototype = getProto && getProto(getProto(values([]))); NativeIteratorPrototype && NativeIteratorPrototype !== Op && hasOwn.call(NativeIteratorPrototype, iteratorSymbol) && (IteratorPrototype = NativeIteratorPrototype); var Gp = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(IteratorPrototype); function defineIteratorMethods(prototype) { ["next", "throw", "return"].forEach(function (method) { define(prototype, method, function (arg) { return this._invoke(method, arg); }); }); } function AsyncIterator(generator, PromiseImpl) { function invoke(method, arg, resolve, reject) { var record = tryCatch(generator[method], generator, arg); if ("throw" !== record.type) { var result = record.arg, value = result.value; return value && "object" == _typeof(value) && hasOwn.call(value, "__await") ? PromiseImpl.resolve(value.__await).then(function (value) { invoke("next", value, resolve, reject); }, function (err) { invoke("throw", err, resolve, reject); }) : PromiseImpl.resolve(value).then(function (unwrapped) { result.value = unwrapped, resolve(result); }, function (error) { return invoke("throw", error, resolve, reject); }); } reject(record.arg); } var previousPromise; this._invoke = function (method, arg) { function callInvokeWithMethodAndArg() { return new PromiseImpl(function (resolve, reject) { invoke(method, arg, resolve, reject); }); } return previousPromise = previousPromise ? previousPromise.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg(); }; } function maybeInvokeDelegate(delegate, context) { var method = delegate.iterator[context.method]; if (undefined === method) { if (context.delegate = null, "throw" === context.method) { if (delegate.iterator["return"] && (context.method = "return", context.arg = undefined, maybeInvokeDelegate(delegate, context), "throw" === context.method)) return ContinueSentinel; context.method = "throw", context.arg = new TypeError("The iterator does not provide a 'throw' method"); } return ContinueSentinel; } var record = tryCatch(method, delegate.iterator, context.arg); if ("throw" === record.type) return context.method = "throw", context.arg = record.arg, context.delegate = null, ContinueSentinel; var info = record.arg; return info ? info.done ? (context[delegate.resultName] = info.value, context.next = delegate.nextLoc, "return" !== context.method && (context.method = "next", context.arg = undefined), context.delegate = null, ContinueSentinel) : info : (context.method = "throw", context.arg = new TypeError("iterator result is not an object"), context.delegate = null, ContinueSentinel); } function pushTryEntry(locs) { var entry = { tryLoc: locs[0] }; 1 in locs && (entry.catchLoc = locs[1]), 2 in locs && (entry.finallyLoc = locs[2], entry.afterLoc = locs[3]), this.tryEntries.push(entry); } function resetTryEntry(entry) { var record = entry.completion || {}; record.type = "normal", delete record.arg, entry.completion = record; } function Context(tryLocsList) { this.tryEntries = [{ tryLoc: "root" }], tryLocsList.forEach(pushTryEntry, this), this.reset(!0); } function values(iterable) { if (iterable) { var iteratorMethod = iterable[iteratorSymbol]; if (iteratorMethod) return iteratorMethod.call(iterable); if ("function" == typeof iterable.next) return iterable; if (!isNaN(iterable.length)) { var i = -1, next = function next() { for (; ++i < iterable.length;) { if (hasOwn.call(iterable, i)) return next.value = iterable[i], next.done = !1, next; } return next.value = undefined, next.done = !0, next; }; return next.next = next; } } return { next: doneResult }; } function doneResult() { return { value: undefined, done: !0 }; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, define(Gp, "constructor", GeneratorFunctionPrototype), define(GeneratorFunctionPrototype, "constructor", GeneratorFunction), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, toStringTagSymbol, "GeneratorFunction"), exports.isGeneratorFunction = function (genFun) { var ctor = "function" == typeof genFun && genFun.constructor; return !!ctor && (ctor === GeneratorFunction || "GeneratorFunction" === (ctor.displayName || ctor.name)); }, exports.mark = function (genFun) { return Object.setPrototypeOf ? Object.setPrototypeOf(genFun, GeneratorFunctionPrototype) : (genFun.__proto__ = GeneratorFunctionPrototype, define(genFun, toStringTagSymbol, "GeneratorFunction")), genFun.prototype = Object.create(Gp), genFun; }, exports.awrap = function (arg) { return { __await: arg }; }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, asyncIteratorSymbol, function () { return this; }), exports.AsyncIterator = AsyncIterator, exports.async = function (innerFn, outerFn, self, tryLocsList, PromiseImpl) { void 0 === PromiseImpl && (PromiseImpl = Promise); var iter = new AsyncIterator(wrap(innerFn, outerFn, self, tryLocsList), PromiseImpl); return exports.isGeneratorFunction(outerFn) ? iter : iter.next().then(function (result) { return result.done ? result.value : iter.next(); }); }, defineIteratorMethods(Gp), define(Gp, toStringTagSymbol, "Generator"), define(Gp, iteratorSymbol, function () { return this; }), define(Gp, "toString", function () { return "[object Generator]"; }), exports.keys = function (object) { var keys = []; for (var key in object) { keys.push(key); } return keys.reverse(), function next() { for (; keys.length;) { var key = keys.pop(); if (key in object) return next.value = key, next.done = !1, next; } return next.done = !0, next; }; }, exports.values = values, Context.prototype = { constructor: Context, reset: function reset(skipTempReset) { if (this.prev = 0, this.next = 0, this.sent = this._sent = undefined, this.done = !1, this.delegate = null, this.method = "next", this.arg = undefined, this.tryEntries.forEach(resetTryEntry), !skipTempReset) for (var name in this) { "t" === name.charAt(0) && hasOwn.call(this, name) && !isNaN(+name.slice(1)) && (this[name] = undefined); } }, stop: function stop() { this.done = !0; var rootRecord = this.tryEntries[0].completion; if ("throw" === rootRecord.type) throw rootRecord.arg; return this.rval; }, dispatchException: function dispatchException(exception) { if (this.done) throw exception; var context = this; function handle(loc, caught) { return record.type = "throw", record.arg = exception, context.next = loc, caught && (context.method = "next", context.arg = undefined), !!caught; } for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i], record = entry.completion; if ("root" === entry.tryLoc) return handle("end"); if (entry.tryLoc <= this.prev) { var hasCatch = hasOwn.call(entry, "catchLoc"), hasFinally = hasOwn.call(entry, "finallyLoc"); if (hasCatch && hasFinally) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } else if (hasCatch) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); } else { if (!hasFinally) throw new Error("try statement without catch or finally"); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } } } }, abrupt: function abrupt(type, arg) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc <= this.prev && hasOwn.call(entry, "finallyLoc") && this.prev < entry.finallyLoc) { var finallyEntry = entry; break; } } finallyEntry && ("break" === type || "continue" === type) && finallyEntry.tryLoc <= arg && arg <= finallyEntry.finallyLoc && (finallyEntry = null); var record = finallyEntry ? finallyEntry.completion : {}; return record.type = type, record.arg = arg, finallyEntry ? (this.method = "next", this.next = finallyEntry.finallyLoc, ContinueSentinel) : this.complete(record); }, complete: function complete(record, afterLoc) { if ("throw" === record.type) throw record.arg; return "break" === record.type || "continue" === record.type ? this.next = record.arg : "return" === record.type ? (this.rval = this.arg = record.arg, this.method = "return", this.next = "end") : "normal" === record.type && afterLoc && (this.next = afterLoc), ContinueSentinel; }, finish: function finish(finallyLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.finallyLoc === finallyLoc) return this.complete(entry.completion, entry.afterLoc), resetTryEntry(entry), ContinueSentinel; } }, "catch": function _catch(tryLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc === tryLoc) { var record = entry.completion; if ("throw" === record.type) { var thrown = record.arg; resetTryEntry(entry); } return thrown; } } throw new Error("illegal catch attempt"); }, delegateYield: function delegateYield(iterable, resultName, nextLoc) { return this.delegate = { iterator: values(iterable), resultName: resultName, nextLoc: nextLoc }, "next" === this.method && (this.arg = undefined), ContinueSentinel; } }, exports; }
 function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
 function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
 function _default(secretKey) {
   return /*#__PURE__*/function () {
     var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(req, res, next) {
+      var client, data;
       return _regeneratorRuntime().wrap(function _callee$(_context) {
         while (1) {
           switch (_context.prev = _context.next) {
             case 0:
+              if (req.body.captcha) {
+                _context.next = 2;
+                break;
+              }
+              throw new _error.ErrorException(_error.MISSING_PARAM);
+            case 2:
+              client = new _httpClient["default"]();
+              _context.next = 5;
+              return client.post('https://www.google.com/recaptcha/api/siteverify', {
+                secret: secretKey,
+                response: req.body.captcha
+              });
+            case 5:
+              data = _context.sent;
+              if (!data.success) {
+                _context.next = 8;
+                break;
+              }
               return _context.abrupt("return", next());
-            case 1:
+            case 8:
+              throw new _error.ErrorException(_error.RECAPTCHA);
+            case 9:
             case "end":
               return _context.stop();
           }

package/lib/middleware/verifyGoogleAppMiddleware.js CHANGED Viewed

@@ -21,7 +21,7 @@ function _default() {
                 _context.next = 2;
                 break;
               }
-              return _context.abrupt("return", next(new _error.ErrorException(_error.CREDENTIAL_FAILED)));
+              throw new _error.ErrorException(_error.CREDENTIAL_FAILED);
             case 2:
               req.user.google_api_credential = JSON.parse((0, _crypto.decryptAES)(req.user.google_api_credential, process.env.SECRET_KEY));
               return _context.abrupt("return", next());

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@azteam/express",
-    "version": "1.2.328",
+    "version": "1.2.330",
     "main": "./lib/index.js",
     "module": "./src/index.js",
     "scripts": {

package/src/middleware/authMiddleware.js CHANGED Viewed

@@ -42,7 +42,7 @@ export default function (cbLoginAPI) {
                     if (data) {
                         req.user = data;
                     } else {
-                        return next(ErrorException(TOKEN_FAILED));
+                        throw new ErrorException(TOKEN_FAILED);
                     }
                 }
             }

package/src/middleware/index.js CHANGED Viewed

@@ -9,3 +9,4 @@ export {default as validateMiddleware} from './validateMiddleware';
 export {default as limitRequestMiddleware} from './limitRequestMiddleware';
 export {default as cacheMiddleware} from './cacheMiddleware';
 export {default as verifyGoogleAppMiddleware} from './verifyGoogleAppMiddleware';
+export {default as recaptchaMiddleware} from './recaptchaMiddleware';

package/src/middleware/recaptchaMiddleware.js CHANGED Viewed

@@ -1,5 +1,23 @@
+import HttpClient from '@azteam/http-client';
+import {ErrorException, MISSING_PARAM, RECAPTCHA} from '@azteam/error';
 export default function (secretKey) {
     return async function (req, res, next) {
-        return next();
+        if (!req.body.captcha) {
+            throw new ErrorException(MISSING_PARAM);
+        }
+        const client = new HttpClient();
+        const data = await client.post('https://www.google.com/recaptcha/api/siteverify', {
+            secret: secretKey,
+            response: req.body.captcha,
+        });
+        if (data.success) {
+            return next();
+        }
+        throw new ErrorException(RECAPTCHA);
     };
 }

package/src/middleware/verifyGoogleAppMiddleware.js CHANGED Viewed

@@ -1,10 +1,10 @@
 import {decryptAES} from '@azteam/crypto';
-import {ErrorException, CREDENTIAL_FAILED} from '@azteam/error';
+import {CREDENTIAL_FAILED, ErrorException} from '@azteam/error';
 export default function () {
     return async function (req, res, next) {
         if (!req.user.google_api_credential) {
-            return next(new ErrorException(CREDENTIAL_FAILED));
+            throw new ErrorException(CREDENTIAL_FAILED);
         }
         req.user.google_api_credential = JSON.parse(decryptAES(req.user.google_api_credential, process.env.SECRET_KEY));
         return next();