@budibase/backend-core 2.13.32 → 2.13.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +50 -25
- package/dist/index.js.map +4 -4
- package/dist/index.js.meta.json +1 -1
- package/dist/package.json +4 -4
- package/dist/plugins.js.meta.json +1 -1
- package/dist/src/auth/auth.d.ts +0 -1
- package/dist/src/auth/auth.js +2 -3
- package/dist/src/auth/auth.js.map +1 -1
- package/dist/src/middleware/authenticated.js +2 -1
- package/dist/src/middleware/authenticated.js.map +1 -1
- package/dist/src/middleware/passport/datasource/google.js +3 -0
- package/dist/src/middleware/passport/datasource/google.js.map +1 -1
- package/dist/src/objectStore/objectStore.js +17 -6
- package/dist/src/objectStore/objectStore.js.map +1 -1
- package/dist/src/security/encryption.js +6 -0
- package/dist/src/security/encryption.js.map +1 -1
- package/dist/src/utils/utils.d.ts +2 -2
- package/dist/src/utils/utils.js +8 -15
- package/dist/src/utils/utils.js.map +1 -1
- package/package.json +4 -4
- package/src/auth/auth.ts +3 -3
- package/src/middleware/authenticated.ts +4 -2
- package/src/middleware/passport/datasource/google.ts +9 -2
- package/src/objectStore/objectStore.ts +20 -7
- package/src/security/encryption.ts +6 -0
- package/src/utils/utils.ts +13 -21
package/dist/index.js
CHANGED
|
@@ -1469,6 +1469,13 @@ var init_searchFilter = __esm({
|
|
|
1469
1469
|
}
|
|
1470
1470
|
});
|
|
1471
1471
|
|
|
1472
|
+
// ../types/src/api/web/cookies.ts
|
|
1473
|
+
var init_cookies = __esm({
|
|
1474
|
+
"../types/src/api/web/cookies.ts"() {
|
|
1475
|
+
"use strict";
|
|
1476
|
+
}
|
|
1477
|
+
});
|
|
1478
|
+
|
|
1472
1479
|
// ../types/src/api/web/index.ts
|
|
1473
1480
|
var init_web = __esm({
|
|
1474
1481
|
"../types/src/api/web/index.ts"() {
|
|
@@ -1484,6 +1491,7 @@ var init_web = __esm({
|
|
|
1484
1491
|
init_global2();
|
|
1485
1492
|
init_pagination();
|
|
1486
1493
|
init_searchFilter();
|
|
1494
|
+
init_cookies();
|
|
1487
1495
|
}
|
|
1488
1496
|
});
|
|
1489
1497
|
|
|
@@ -4939,20 +4947,33 @@ async function retrieveDirectory(bucketName, path2) {
|
|
|
4939
4947
|
let writePath = (0, import_path2.join)(budibaseTempDir(), (0, import_uuid2.v4)());
|
|
4940
4948
|
import_fs3.default.mkdirSync(writePath);
|
|
4941
4949
|
const objects = await listAllObjects(bucketName, path2);
|
|
4942
|
-
let
|
|
4943
|
-
objects.map((obj) =>
|
|
4950
|
+
let streams = await Promise.all(
|
|
4951
|
+
objects.map((obj) => getReadStream(bucketName, obj.Key))
|
|
4944
4952
|
);
|
|
4945
4953
|
let count = 0;
|
|
4954
|
+
const writePromises = [];
|
|
4946
4955
|
for (let obj of objects) {
|
|
4947
4956
|
const filename = obj.Key;
|
|
4948
|
-
const
|
|
4957
|
+
const stream2 = streams[count++];
|
|
4949
4958
|
const possiblePath = filename.split("/");
|
|
4950
|
-
|
|
4951
|
-
|
|
4952
|
-
|
|
4959
|
+
const dirs = possiblePath.slice(0, possiblePath.length - 1);
|
|
4960
|
+
const possibleDir = (0, import_path2.join)(writePath, ...dirs);
|
|
4961
|
+
if (possiblePath.length > 1 && !import_fs3.default.existsSync(possibleDir)) {
|
|
4962
|
+
import_fs3.default.mkdirSync(possibleDir, { recursive: true });
|
|
4953
4963
|
}
|
|
4954
|
-
import_fs3.default.
|
|
4964
|
+
const writeStream = import_fs3.default.createWriteStream((0, import_path2.join)(writePath, ...possiblePath), {
|
|
4965
|
+
mode: 420
|
|
4966
|
+
});
|
|
4967
|
+
stream2.pipe(writeStream);
|
|
4968
|
+
writePromises.push(
|
|
4969
|
+
new Promise((resolve, reject) => {
|
|
4970
|
+
stream2.on("finish", resolve);
|
|
4971
|
+
stream2.on("error", reject);
|
|
4972
|
+
writeStream.on("error", reject);
|
|
4973
|
+
})
|
|
4974
|
+
);
|
|
4955
4975
|
}
|
|
4976
|
+
await Promise.all(writePromises);
|
|
4956
4977
|
return writePath;
|
|
4957
4978
|
}
|
|
4958
4979
|
async function deleteFile(bucketName, filepath) {
|
|
@@ -6752,7 +6773,7 @@ init_constants3();
|
|
|
6752
6773
|
init_environment2();
|
|
6753
6774
|
init_context2();
|
|
6754
6775
|
init_src();
|
|
6755
|
-
var
|
|
6776
|
+
var import_jsonwebtoken = __toESM(require("jsonwebtoken"));
|
|
6756
6777
|
var APP_PREFIX3 = "app" /* APP */ + SEPARATOR;
|
|
6757
6778
|
var PROD_APP_PREFIX = "/app/";
|
|
6758
6779
|
var BUILDER_PREVIEW_PATH = "/app/preview";
|
|
@@ -6784,10 +6805,7 @@ function isServingApp(ctx) {
|
|
|
6784
6805
|
if (ctx.path.startsWith(`/${APP_PREFIX3}`)) {
|
|
6785
6806
|
return true;
|
|
6786
6807
|
}
|
|
6787
|
-
|
|
6788
|
-
return true;
|
|
6789
|
-
}
|
|
6790
|
-
return false;
|
|
6808
|
+
return ctx.path.startsWith(PROD_APP_PREFIX);
|
|
6791
6809
|
}
|
|
6792
6810
|
function isServingBuilder(ctx) {
|
|
6793
6811
|
return ctx.path.startsWith(BUILDER_APP_PREFIX);
|
|
@@ -6834,13 +6852,13 @@ function parseAppIdFromUrl(url) {
|
|
|
6834
6852
|
}
|
|
6835
6853
|
function openJwt(token) {
|
|
6836
6854
|
if (!token) {
|
|
6837
|
-
return
|
|
6855
|
+
return void 0;
|
|
6838
6856
|
}
|
|
6839
6857
|
try {
|
|
6840
|
-
return
|
|
6858
|
+
return import_jsonwebtoken.default.verify(token, environment_default.JWT_SECRET);
|
|
6841
6859
|
} catch (e) {
|
|
6842
6860
|
if (environment_default.JWT_SECRET_FALLBACK) {
|
|
6843
|
-
return
|
|
6861
|
+
return import_jsonwebtoken.default.verify(token, environment_default.JWT_SECRET_FALLBACK);
|
|
6844
6862
|
} else {
|
|
6845
6863
|
throw e;
|
|
6846
6864
|
}
|
|
@@ -6850,21 +6868,18 @@ function isValidInternalAPIKey(apiKey) {
|
|
|
6850
6868
|
if (environment_default.INTERNAL_API_KEY && environment_default.INTERNAL_API_KEY === apiKey) {
|
|
6851
6869
|
return true;
|
|
6852
6870
|
}
|
|
6853
|
-
|
|
6854
|
-
return true;
|
|
6855
|
-
}
|
|
6856
|
-
return false;
|
|
6871
|
+
return !!(environment_default.INTERNAL_API_KEY_FALLBACK && environment_default.INTERNAL_API_KEY_FALLBACK === apiKey);
|
|
6857
6872
|
}
|
|
6858
6873
|
function getCookie(ctx, name) {
|
|
6859
6874
|
const cookie = ctx.cookies.get(name);
|
|
6860
6875
|
if (!cookie) {
|
|
6861
|
-
return
|
|
6876
|
+
return void 0;
|
|
6862
6877
|
}
|
|
6863
6878
|
return openJwt(cookie);
|
|
6864
6879
|
}
|
|
6865
6880
|
function setCookie(ctx, value, name = "builder", opts = { sign: true }) {
|
|
6866
6881
|
if (value && opts && opts.sign) {
|
|
6867
|
-
value =
|
|
6882
|
+
value = import_jsonwebtoken.default.sign(value, environment_default.JWT_SECRET);
|
|
6868
6883
|
}
|
|
6869
6884
|
const config = {
|
|
6870
6885
|
expires: MAX_VALID_DATE,
|
|
@@ -11959,7 +11974,6 @@ __export(auth_exports, {
|
|
|
11959
11974
|
google: () => google_exports,
|
|
11960
11975
|
internalApi: () => internalApi_default,
|
|
11961
11976
|
joiValidator: () => joi_validator_exports,
|
|
11962
|
-
jwt: () => jwt2,
|
|
11963
11977
|
oidc: () => oidc_exports,
|
|
11964
11978
|
passport: () => passport,
|
|
11965
11979
|
platformLogout: () => platformLogout,
|
|
@@ -12360,7 +12374,13 @@ async function postAuth(passport2, ctx, next) {
|
|
|
12360
12374
|
const config = await fetchGoogleCreds();
|
|
12361
12375
|
const platformUrl = await getPlatformUrl({ tenantAware: false });
|
|
12362
12376
|
let callbackUrl = `${platformUrl}/api/global/auth/datasource/google/callback`;
|
|
12363
|
-
const authStateCookie = getCookie(
|
|
12377
|
+
const authStateCookie = getCookie(
|
|
12378
|
+
ctx,
|
|
12379
|
+
"budibase:datasourceauth" /* DatasourceAuth */
|
|
12380
|
+
);
|
|
12381
|
+
if (!authStateCookie) {
|
|
12382
|
+
throw new Error("Unable to fetch datasource auth cookie");
|
|
12383
|
+
}
|
|
12364
12384
|
return passport2.authenticate(
|
|
12365
12385
|
new GoogleStrategy2(
|
|
12366
12386
|
{
|
|
@@ -12497,6 +12517,9 @@ function decrypt(input, secretOption = "api" /* API */) {
|
|
|
12497
12517
|
async function encryptFile({ dir, filename }, secret) {
|
|
12498
12518
|
const outputFileName = `${filename}.enc`;
|
|
12499
12519
|
const filePath = (0, import_path4.join)(dir, filename);
|
|
12520
|
+
if (import_fs5.default.lstatSync(filePath).isDirectory()) {
|
|
12521
|
+
throw new Error("Unable to encrypt directory");
|
|
12522
|
+
}
|
|
12500
12523
|
const inputFile = import_fs5.default.createReadStream(filePath);
|
|
12501
12524
|
const outputFile = import_fs5.default.createWriteStream((0, import_path4.join)(dir, outputFileName));
|
|
12502
12525
|
const salt = import_crypto.default.randomBytes(SALT_LENGTH);
|
|
@@ -12523,6 +12546,9 @@ async function getSaltAndIV(path2) {
|
|
|
12523
12546
|
return { salt, iv };
|
|
12524
12547
|
}
|
|
12525
12548
|
async function decryptFile(inputPath, outputPath, secret) {
|
|
12549
|
+
if (import_fs5.default.lstatSync(inputPath).isDirectory()) {
|
|
12550
|
+
throw new Error("Unable to encrypt directory");
|
|
12551
|
+
}
|
|
12526
12552
|
const { salt, iv } = await getSaltAndIV(inputPath);
|
|
12527
12553
|
const inputFile = import_fs5.default.createReadStream(inputPath, {
|
|
12528
12554
|
start: SALT_LENGTH + IV_LENGTH
|
|
@@ -12987,7 +13013,6 @@ var buildAuthMiddleware = authenticated_default;
|
|
|
12987
13013
|
var buildTenancyMiddleware = tenancy_default;
|
|
12988
13014
|
var buildCsrfMiddleware = csrf_default;
|
|
12989
13015
|
var passport = _passport;
|
|
12990
|
-
var jwt2 = require("jsonwebtoken");
|
|
12991
13016
|
_passport.use(new LocalStrategy(local_exports.options, local_exports.authenticate));
|
|
12992
13017
|
async function refreshOIDCAccessToken(chosenConfig, refreshToken) {
|
|
12993
13018
|
const callbackUrl = await oidc_exports.getCallbackUrl();
|
|
@@ -13092,7 +13117,7 @@ async function platformLogout(opts) {
|
|
|
13092
13117
|
throw new Error("Koa context must be supplied to logout.");
|
|
13093
13118
|
const currentSession = getCookie(ctx, "budibase:auth" /* Auth */);
|
|
13094
13119
|
let sessions = await getSessionsForUser(userId);
|
|
13095
|
-
if (keepActiveSession) {
|
|
13120
|
+
if (currentSession && keepActiveSession) {
|
|
13096
13121
|
sessions = sessions.filter(
|
|
13097
13122
|
(session) => session.sessionId !== currentSession.sessionId
|
|
13098
13123
|
);
|