@develit-io/backend-sdk 5.40.1 → 5.41.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +70 -72
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -583,36 +583,35 @@ const jwt = () => {
|
|
|
583
583
|
|
|
584
584
|
const ip = () => {
|
|
585
585
|
return createMiddleware(async (context, next) => {
|
|
586
|
-
if (["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
const { data: organization, error } = await organizationService.getOrganization({
|
|
603
|
-
organizationId: user.organizationId
|
|
604
|
-
});
|
|
605
|
-
if (!organization || error) {
|
|
606
|
-
throw new HTTPException(404, {
|
|
607
|
-
message: "Failed to retrieve organization."
|
|
586
|
+
if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
|
|
587
|
+
const requestIp = context.req.header("cf-connecting-ip") || context.req.header("x-forwarded-for");
|
|
588
|
+
if (!requestIp) {
|
|
589
|
+
throw new HTTPException(401, {
|
|
590
|
+
message: "Failed to retrieve request IP address."
|
|
591
|
+
});
|
|
592
|
+
}
|
|
593
|
+
const user = context.get("user");
|
|
594
|
+
if (!user.organizationId) {
|
|
595
|
+
throw new HTTPException(401, {
|
|
596
|
+
message: "Failed to retrieve request organization ID."
|
|
597
|
+
});
|
|
598
|
+
}
|
|
599
|
+
const organizationService = context.env.ORGANIZATION_SERVICE;
|
|
600
|
+
const { data: organization, error } = await organizationService.getOrganization({
|
|
601
|
+
organizationId: user.organizationId
|
|
608
602
|
});
|
|
609
|
-
|
|
610
|
-
if (organization.ipAuthorization) {
|
|
611
|
-
if (!organization.authorizedIps.map((ip2) => ip2.ip).includes(requestIp)) {
|
|
603
|
+
if (!organization || error) {
|
|
612
604
|
throw new HTTPException(404, {
|
|
613
|
-
message: "
|
|
605
|
+
message: "Failed to retrieve organization."
|
|
614
606
|
});
|
|
615
607
|
}
|
|
608
|
+
if (organization.ipAuthorization) {
|
|
609
|
+
if (!organization.authorizedIps.map((ip2) => ip2.ip).includes(requestIp)) {
|
|
610
|
+
throw new HTTPException(404, {
|
|
611
|
+
message: "Forbidden"
|
|
612
|
+
});
|
|
613
|
+
}
|
|
614
|
+
}
|
|
616
615
|
}
|
|
617
616
|
await next();
|
|
618
617
|
});
|
|
@@ -655,54 +654,53 @@ const logger = () => {
|
|
|
655
654
|
|
|
656
655
|
const signature = () => {
|
|
657
656
|
return createMiddleware(async (context, next) => {
|
|
658
|
-
if (["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
|
|
663
|
-
|
|
664
|
-
|
|
665
|
-
|
|
666
|
-
|
|
667
|
-
|
|
668
|
-
|
|
669
|
-
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
|
|
677
|
-
|
|
678
|
-
|
|
679
|
-
|
|
680
|
-
|
|
681
|
-
const { data: organization, error } = await organizationService.getOrganization({
|
|
682
|
-
organizationId: user.organizationId
|
|
683
|
-
});
|
|
684
|
-
if (!organization || error) {
|
|
685
|
-
throw new HTTPException(404, {
|
|
686
|
-
message: "Failed to retrieve organization."
|
|
687
|
-
});
|
|
688
|
-
}
|
|
689
|
-
const signatureKey = organization.signatureKeys.filter(
|
|
690
|
-
(signatureKey2) => signatureKey2.name === signatureKeyHeader
|
|
691
|
-
)[0];
|
|
692
|
-
if (!signatureKey) {
|
|
693
|
-
throw new HTTPException(404, {
|
|
694
|
-
message: "Signature key not found."
|
|
657
|
+
if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
|
|
658
|
+
const signatureHeader = context.req.header("X-Signature");
|
|
659
|
+
if (!signatureHeader) {
|
|
660
|
+
throw new HTTPException(401, {
|
|
661
|
+
message: `The 'X-Signature' header must exist and must have a value.`
|
|
662
|
+
});
|
|
663
|
+
}
|
|
664
|
+
const signatureKeyHeader = context.req.header("X-Signature-Key");
|
|
665
|
+
if (!signatureKeyHeader) {
|
|
666
|
+
throw new HTTPException(401, {
|
|
667
|
+
message: `The 'X-Signature-Key' header must exist and must have a value.`
|
|
668
|
+
});
|
|
669
|
+
}
|
|
670
|
+
const payload = JSON.stringify(await context.req.json().catch(() => null));
|
|
671
|
+
const user = context.get("user");
|
|
672
|
+
if (!user.organizationId) {
|
|
673
|
+
throw new HTTPException(401, {
|
|
674
|
+
message: "Failed to retrieve request organization ID."
|
|
675
|
+
});
|
|
676
|
+
}
|
|
677
|
+
const organizationService = context.env.ORGANIZATION_SERVICE;
|
|
678
|
+
const { data: organization, error } = await organizationService.getOrganization({
|
|
679
|
+
organizationId: user.organizationId
|
|
695
680
|
});
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
699
|
-
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
681
|
+
if (!organization || error) {
|
|
682
|
+
throw new HTTPException(404, {
|
|
683
|
+
message: "Failed to retrieve organization."
|
|
684
|
+
});
|
|
685
|
+
}
|
|
686
|
+
const signatureKey = organization.signatureKeys.filter(
|
|
687
|
+
(signatureKey2) => signatureKey2.name === signatureKeyHeader
|
|
688
|
+
)[0];
|
|
689
|
+
if (!signatureKey) {
|
|
690
|
+
throw new HTTPException(404, {
|
|
691
|
+
message: "Signature key not found."
|
|
692
|
+
});
|
|
693
|
+
}
|
|
694
|
+
const isVerified = await verify({
|
|
695
|
+
signature: signatureHeader,
|
|
696
|
+
publicKey: signatureKey.publicKey,
|
|
697
|
+
data: payload
|
|
705
698
|
});
|
|
699
|
+
if (!isVerified) {
|
|
700
|
+
throw new HTTPException(401, {
|
|
701
|
+
message: "Invalid signature key or signature."
|
|
702
|
+
});
|
|
703
|
+
}
|
|
706
704
|
}
|
|
707
705
|
await next();
|
|
708
706
|
});
|