@dwp/govuk-casa 8.2.1 → 8.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/README.md +1 -0
- package/dist/casa.d.ts +203 -1
- package/dist/casa.js +131 -2
- package/dist/lib/CasaTemplateLoader.d.ts +4 -0
- package/dist/lib/CasaTemplateLoader.js +5 -0
- package/dist/lib/JourneyContext.d.ts +85 -13
- package/dist/lib/JourneyContext.js +78 -5
- package/dist/lib/Plan.d.ts +122 -49
- package/dist/lib/Plan.js +161 -37
- package/dist/lib/ValidationError.d.ts +38 -48
- package/dist/lib/ValidationError.js +30 -42
- package/dist/lib/ValidatorFactory.d.ts +42 -52
- package/dist/lib/ValidatorFactory.js +37 -48
- package/dist/lib/configuration-ingestor.d.ts +18 -4
- package/dist/lib/configuration-ingestor.js +23 -10
- package/dist/lib/configure.d.ts +4 -0
- package/dist/lib/configure.js +20 -52
- package/dist/lib/end-session.d.ts +3 -2
- package/dist/lib/end-session.js +2 -1
- package/dist/lib/field.d.ts +97 -35
- package/dist/lib/field.js +90 -41
- package/dist/lib/nunjucks-filters.d.ts +12 -2
- package/dist/lib/nunjucks-filters.js +11 -1
- package/dist/lib/nunjucks.d.ts +1 -0
- package/dist/lib/nunjucks.js +1 -0
- package/dist/lib/utils.d.ts +46 -14
- package/dist/lib/utils.js +43 -26
- package/dist/lib/validators/dateObject.d.ts +75 -1
- package/dist/lib/validators/dateObject.js +29 -18
- package/dist/lib/validators/email.d.ts +28 -1
- package/dist/lib/validators/email.js +20 -9
- package/dist/lib/validators/inArray.d.ts +34 -1
- package/dist/lib/validators/inArray.js +21 -0
- package/dist/lib/validators/index.js +3 -0
- package/dist/lib/validators/nino.d.ts +34 -1
- package/dist/lib/validators/nino.js +17 -7
- package/dist/lib/validators/postalAddressObject.d.ts +68 -1
- package/dist/lib/validators/postalAddressObject.js +27 -15
- package/dist/lib/validators/regex.d.ts +35 -1
- package/dist/lib/validators/regex.js +17 -7
- package/dist/lib/validators/required.d.ts +28 -1
- package/dist/lib/validators/required.js +19 -6
- package/dist/lib/validators/strlen.d.ts +40 -1
- package/dist/lib/validators/strlen.js +18 -8
- package/dist/lib/validators/wordCount.d.ts +40 -1
- package/dist/lib/validators/wordCount.js +18 -8
- package/dist/lib/waypoint-url.d.ts +1 -0
- package/dist/lib/waypoint-url.js +10 -0
- package/dist/middleware/data.js +21 -5
- package/dist/middleware/gather-fields.js +1 -0
- package/dist/middleware/pre.js +1 -0
- package/dist/middleware/steer-journey.js +2 -1
- package/dist/middleware/strip-proxy-path.d.ts +4 -0
- package/dist/middleware/strip-proxy-path.js +56 -0
- package/dist/middleware/validate-fields.js +3 -0
- package/dist/routes/ancillary.d.ts +16 -5
- package/dist/routes/ancillary.js +7 -3
- package/dist/routes/journey.d.ts +30 -6
- package/dist/routes/journey.js +27 -0
- package/dist/routes/static.d.ts +1 -0
- package/dist/routes/static.js +2 -1
- package/package.json +16 -11
- package/views/casa/components/character-count/README.md +1 -1
- package/views/casa/components/input/README.md +1 -1
- package/views/casa/components/radios/README.md +2 -2
- package/views/casa/components/textarea/README.md +1 -1
|
@@ -1,83 +1,73 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* @
|
|
2
|
+
* @access private
|
|
3
|
+
* @typedef {import('../casa').ErrorMessageConfig} ErrorMessageConfig
|
|
3
4
|
*/
|
|
4
5
|
/**
|
|
6
|
+
* @access private
|
|
5
7
|
* @typedef {import('./index').JourneyContext} JourneyContext
|
|
6
8
|
*/
|
|
7
9
|
/**
|
|
10
|
+
* @access private
|
|
8
11
|
* @typedef {import('./index').ValidationError} ValidationError
|
|
9
12
|
*/
|
|
10
13
|
/**
|
|
11
|
-
* @
|
|
12
|
-
* @
|
|
13
|
-
* @property {ProcessorFunction} sanitise Sanitise a given value prior to validation
|
|
14
|
-
* @property {object} config Configuration
|
|
15
|
-
* @property {string} name Validator name
|
|
14
|
+
* @access private
|
|
15
|
+
* @typedef {import('../casa').ValidateContext} ValidateContext
|
|
16
16
|
*/
|
|
17
17
|
/**
|
|
18
|
-
* @
|
|
19
|
-
* @
|
|
20
|
-
* @param {ValidateContext} context
|
|
21
|
-
* @returns {ValidationError[]}
|
|
18
|
+
* @access private
|
|
19
|
+
* @typedef {import('../casa').Validator} Validator
|
|
22
20
|
*/
|
|
23
21
|
/**
|
|
24
|
-
* @typedef {object}
|
|
25
|
-
* @property {
|
|
26
|
-
|
|
27
|
-
|
|
22
|
+
* @typedef {object} ValidatorFactoryOptions
|
|
23
|
+
* @property {ErrorMessageConfig} errorMsg Error message
|
|
24
|
+
*/
|
|
25
|
+
/**
|
|
26
|
+
* @class
|
|
27
|
+
* @memberof module:@dwp/govuk-casa
|
|
28
28
|
*/
|
|
29
29
|
export default class ValidatorFactory {
|
|
30
30
|
/**
|
|
31
31
|
* This is a convenience method that will return a consistently object
|
|
32
32
|
* structure containing validation and sanitisation methods.
|
|
33
33
|
*
|
|
34
|
-
* @param {
|
|
34
|
+
* @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
|
|
35
35
|
* @returns {Validator} Validator object
|
|
36
36
|
* @throws {TypeError} When configurarion is invalid.
|
|
37
37
|
*/
|
|
38
|
-
static make(config?:
|
|
39
|
-
static coerceToValidatorObject(input: any): any;
|
|
40
|
-
constructor(config?: {});
|
|
41
|
-
config: {};
|
|
42
|
-
validate(fieldValue: any, context: any): void;
|
|
43
|
-
sanitise(fieldValue: any): any;
|
|
44
|
-
}
|
|
45
|
-
export type ProcessorFunction = import('./index').ProcessorFunction;
|
|
46
|
-
export type JourneyContext = import('./index').JourneyContext;
|
|
47
|
-
export type ValidationError = import('./index').ValidationError;
|
|
48
|
-
export type Validator = {
|
|
49
|
-
/**
|
|
50
|
-
* Validation function
|
|
51
|
-
*/
|
|
52
|
-
validate: ValidateFunction;
|
|
53
|
-
/**
|
|
54
|
-
* Sanitise a given value prior to validation
|
|
55
|
-
*/
|
|
56
|
-
sanitise: any;
|
|
57
|
-
/**
|
|
58
|
-
* Configuration
|
|
59
|
-
*/
|
|
60
|
-
config: object;
|
|
38
|
+
static make(config?: ValidatorFactoryOptions): Validator;
|
|
61
39
|
/**
|
|
62
|
-
*
|
|
40
|
+
* NEVER CALL THIS DIRECTLY. USE `make()`.
|
|
41
|
+
*
|
|
42
|
+
* @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
|
|
63
43
|
*/
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
export type ValidateFunction = (value: any, context: ValidateContext) => ValidationError[];
|
|
67
|
-
/**
|
|
68
|
-
* Context passed to validate function
|
|
69
|
-
*/
|
|
70
|
-
export type ValidateContext = {
|
|
44
|
+
constructor(config?: ValidatorFactoryOptions);
|
|
45
|
+
config: ValidatorFactoryOptions;
|
|
71
46
|
/**
|
|
72
|
-
*
|
|
47
|
+
* Validate the given value.
|
|
48
|
+
*
|
|
49
|
+
* @param {any} fieldValue Value to validate
|
|
50
|
+
* @param {ValidateContext} context Contextual information
|
|
51
|
+
* @returns {ValidationError[]} A list of errors (empty if no errors found)
|
|
52
|
+
* @throws {Error}
|
|
73
53
|
*/
|
|
74
|
-
|
|
54
|
+
validate(fieldValue: any, context: ValidateContext): ValidationError[];
|
|
75
55
|
/**
|
|
76
|
-
*
|
|
56
|
+
* Sanitise the given value.
|
|
57
|
+
*
|
|
58
|
+
* @param {any} fieldValue Value to validate
|
|
59
|
+
* @returns {any} The sanitised value
|
|
77
60
|
*/
|
|
78
|
-
|
|
61
|
+
sanitise(fieldValue: any): any;
|
|
62
|
+
}
|
|
63
|
+
export type ErrorMessageConfig = import('../casa').ErrorMessageConfig;
|
|
64
|
+
export type JourneyContext = import('./index').JourneyContext;
|
|
65
|
+
export type ValidationError = import('./index').ValidationError;
|
|
66
|
+
export type ValidateContext = import('../casa').ValidateContext;
|
|
67
|
+
export type Validator = import('../casa').Validator;
|
|
68
|
+
export type ValidatorFactoryOptions = {
|
|
79
69
|
/**
|
|
80
|
-
*
|
|
70
|
+
* Error message
|
|
81
71
|
*/
|
|
82
|
-
|
|
72
|
+
errorMsg: ErrorMessageConfig;
|
|
83
73
|
};
|
|
@@ -7,39 +7,39 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
7
7
|
const lodash_1 = __importDefault(require("lodash"));
|
|
8
8
|
const { isPlainObject } = lodash_1.default; // CommonJS
|
|
9
9
|
/**
|
|
10
|
-
* @
|
|
10
|
+
* @access private
|
|
11
|
+
* @typedef {import('../casa').ErrorMessageConfig} ErrorMessageConfig
|
|
11
12
|
*/
|
|
12
13
|
/**
|
|
14
|
+
* @access private
|
|
13
15
|
* @typedef {import('./index').JourneyContext} JourneyContext
|
|
14
16
|
*/
|
|
15
17
|
/**
|
|
18
|
+
* @access private
|
|
16
19
|
* @typedef {import('./index').ValidationError} ValidationError
|
|
17
20
|
*/
|
|
18
21
|
/**
|
|
19
|
-
* @
|
|
20
|
-
* @
|
|
21
|
-
* @property {ProcessorFunction} sanitise Sanitise a given value prior to validation
|
|
22
|
-
* @property {object} config Configuration
|
|
23
|
-
* @property {string} name Validator name
|
|
22
|
+
* @access private
|
|
23
|
+
* @typedef {import('../casa').ValidateContext} ValidateContext
|
|
24
24
|
*/
|
|
25
25
|
/**
|
|
26
|
-
* @
|
|
27
|
-
* @
|
|
28
|
-
* @param {ValidateContext} context
|
|
29
|
-
* @returns {ValidationError[]}
|
|
26
|
+
* @access private
|
|
27
|
+
* @typedef {import('../casa').Validator} Validator
|
|
30
28
|
*/
|
|
31
29
|
/**
|
|
32
|
-
* @typedef {object}
|
|
33
|
-
* @property {
|
|
34
|
-
|
|
35
|
-
|
|
30
|
+
* @typedef {object} ValidatorFactoryOptions
|
|
31
|
+
* @property {ErrorMessageConfig} errorMsg Error message
|
|
32
|
+
*/
|
|
33
|
+
/**
|
|
34
|
+
* @class
|
|
35
|
+
* @memberof module:@dwp/govuk-casa
|
|
36
36
|
*/
|
|
37
37
|
class ValidatorFactory {
|
|
38
38
|
/**
|
|
39
39
|
* This is a convenience method that will return a consistently object
|
|
40
40
|
* structure containing validation and sanitisation methods.
|
|
41
41
|
*
|
|
42
|
-
* @param {
|
|
42
|
+
* @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
|
|
43
43
|
* @returns {Validator} Validator object
|
|
44
44
|
* @throws {TypeError} When configurarion is invalid.
|
|
45
45
|
*/
|
|
@@ -57,48 +57,37 @@ class ValidatorFactory {
|
|
|
57
57
|
Object.freeze(instance);
|
|
58
58
|
return instance;
|
|
59
59
|
}
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
// An uninstantied Validator subclass
|
|
66
|
-
if (typeof input === 'function' && Reflect.getPrototypeOf(input) === ValidatorFactory) {
|
|
67
|
-
validator = input.make();
|
|
68
|
-
}
|
|
69
|
-
else if (typeof input === 'function') {
|
|
70
|
-
// A plain function is assumed to be just the validation logic. We do not
|
|
71
|
-
// bind the function to `validator` here because it may already be bound to
|
|
72
|
-
// another context in userland.
|
|
73
|
-
validator.name = input.name || input.constructor.name || 'unknown';
|
|
74
|
-
validator.validate = input;
|
|
75
|
-
}
|
|
76
|
-
else if (isPlainObject(input)) {
|
|
77
|
-
// A plain object
|
|
78
|
-
validator = {
|
|
79
|
-
validate: input.validate || validator.validate,
|
|
80
|
-
sanitise: input.sanitise || validator.sanitise,
|
|
81
|
-
config: input.config || validator.config,
|
|
82
|
-
name: input.name || validator.name,
|
|
83
|
-
};
|
|
84
|
-
}
|
|
85
|
-
else {
|
|
86
|
-
// An unsupported scenario
|
|
87
|
-
throw new TypeError(`Cannot coerce input to a validator object (typeof = ${typeof input})`);
|
|
88
|
-
}
|
|
89
|
-
return validator;
|
|
90
|
-
}
|
|
60
|
+
/**
|
|
61
|
+
* NEVER CALL THIS DIRECTLY. USE `make()`.
|
|
62
|
+
*
|
|
63
|
+
* @param {ValidatorFactoryOptions} config Validator config (custom to each validator)
|
|
64
|
+
*/
|
|
91
65
|
constructor(config = {}) {
|
|
92
66
|
if (new.target === ValidatorFactory) {
|
|
93
67
|
throw new TypeError('Cannot instantiate the abstract class, ValidatorFactory');
|
|
94
68
|
}
|
|
95
69
|
this.config = config;
|
|
96
70
|
}
|
|
97
|
-
/* eslint-disable
|
|
71
|
+
/* eslint-disable no-unused-vars */
|
|
72
|
+
/* eslint-disable-next-line jsdoc/require-returns-check */
|
|
73
|
+
/**
|
|
74
|
+
* Validate the given value.
|
|
75
|
+
*
|
|
76
|
+
* @param {any} fieldValue Value to validate
|
|
77
|
+
* @param {ValidateContext} context Contextual information
|
|
78
|
+
* @returns {ValidationError[]} A list of errors (empty if no errors found)
|
|
79
|
+
* @throws {Error}
|
|
80
|
+
*/
|
|
98
81
|
validate(fieldValue, context) {
|
|
99
82
|
throw new Error('validate() method has not been implemented');
|
|
100
83
|
}
|
|
101
|
-
/* eslint-disable-next-line
|
|
84
|
+
/* eslint-disable-next-line jsdoc/require-returns-check */
|
|
85
|
+
/**
|
|
86
|
+
* Sanitise the given value.
|
|
87
|
+
*
|
|
88
|
+
* @param {any} fieldValue Value to validate
|
|
89
|
+
* @returns {any} The sanitised value
|
|
90
|
+
*/
|
|
102
91
|
sanitise(fieldValue) {
|
|
103
92
|
return fieldValue;
|
|
104
93
|
}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Validates and sanitises i18n obejct.
|
|
3
3
|
*
|
|
4
|
+
* @access private
|
|
4
5
|
* @param {object} i18n Object to validate.
|
|
5
6
|
* @param {Function} cb Callback function that receives the validated value.
|
|
6
7
|
* @throws {TypeError} For invalid object.
|
|
@@ -10,6 +11,7 @@ export function validateI18nObject(i18n?: object, cb?: Function): object;
|
|
|
10
11
|
/**
|
|
11
12
|
* Validates and sanitises i18n directory.
|
|
12
13
|
*
|
|
14
|
+
* @access private
|
|
13
15
|
* @param {Array} dirs Array of directories.
|
|
14
16
|
* @throws {SyntaxError} For invalid directories.
|
|
15
17
|
* @throws {TypeError} For invalid type.
|
|
@@ -19,6 +21,7 @@ export function validateI18nDirs(dirs?: any[]): any[];
|
|
|
19
21
|
/**
|
|
20
22
|
* Validates and sanitises i18n locales.
|
|
21
23
|
*
|
|
24
|
+
* @access private
|
|
22
25
|
* @param {Array} locales Array of locales.
|
|
23
26
|
* @throws {SyntaxError} For invalid locales.
|
|
24
27
|
* @throws {TypeError} For invalid type.
|
|
@@ -28,15 +31,16 @@ export function validateI18nLocales(locales?: any[]): any[];
|
|
|
28
31
|
/**
|
|
29
32
|
* Validates and sanitises mount url.
|
|
30
33
|
*
|
|
31
|
-
* @
|
|
32
|
-
* @param {string}
|
|
34
|
+
* @access private
|
|
35
|
+
* @param {string} mountUrl Prefix for all URLs in the browser address bar
|
|
33
36
|
* @throws {SyntaxError} For invalid URL.
|
|
34
|
-
* @returns {string} Sanitised URL.
|
|
37
|
+
* @returns {string|undefined} Sanitised URL.
|
|
35
38
|
*/
|
|
36
|
-
export function validateMountUrl(mountUrl: string
|
|
39
|
+
export function validateMountUrl(mountUrl: string): string | undefined;
|
|
37
40
|
/**
|
|
38
41
|
* Validates and sanitises sessions object.
|
|
39
42
|
*
|
|
43
|
+
* @access private
|
|
40
44
|
* @param {object} session Object to validate.
|
|
41
45
|
* @param {Function} cb Callback function that receives the validated value.
|
|
42
46
|
* @throws {TypeError} For invalid object.
|
|
@@ -46,6 +50,7 @@ export function validateSessionObject(session?: object, cb?: Function): object;
|
|
|
46
50
|
/**
|
|
47
51
|
* Validates and sanitises view directory.
|
|
48
52
|
*
|
|
53
|
+
* @access private
|
|
49
54
|
* @param {Array} dirs Array of directories.
|
|
50
55
|
* @throws {SyntaxError} For invalid directories.
|
|
51
56
|
* @throws {TypeError} For invalid type.
|
|
@@ -55,6 +60,7 @@ export function validateViews(dirs?: any[]): any[];
|
|
|
55
60
|
/**
|
|
56
61
|
* Validates and sanitises sessions secret.
|
|
57
62
|
*
|
|
63
|
+
* @access private
|
|
58
64
|
* @param {string} secret Session secret.
|
|
59
65
|
* @throws {ReferenceError} For missing value type.
|
|
60
66
|
* @throws {TypeError} For invalid value.
|
|
@@ -64,6 +70,7 @@ export function validateSessionSecret(secret: string): string;
|
|
|
64
70
|
/**
|
|
65
71
|
* Validates and sanitises sessions ttl.
|
|
66
72
|
*
|
|
73
|
+
* @access private
|
|
67
74
|
* @param {number} ttl Session ttl (seconds).
|
|
68
75
|
* @throws {ReferenceError} For missing value type.
|
|
69
76
|
* @throws {TypeError} For invalid value.
|
|
@@ -73,6 +80,7 @@ export function validateSessionTtl(ttl?: number): number;
|
|
|
73
80
|
/**
|
|
74
81
|
* Validates and sanitises sessions name.
|
|
75
82
|
*
|
|
83
|
+
* @access private
|
|
76
84
|
* @param {string} [name=casa-session] Session name.
|
|
77
85
|
* @throws {ReferenceError} For missing value type.
|
|
78
86
|
* @throws {TypeError} For invalid value.
|
|
@@ -82,6 +90,7 @@ export function validateSessionName(name?: string | undefined): string;
|
|
|
82
90
|
/**
|
|
83
91
|
* Validates and sanitises sessions secure flag.
|
|
84
92
|
*
|
|
93
|
+
* @access private
|
|
85
94
|
* @param {boolean} [secure=false] Session secure flag.
|
|
86
95
|
* @throws {ReferenceError} For missing value type.
|
|
87
96
|
* @throws {TypeError} For invalid value.
|
|
@@ -91,6 +100,7 @@ export function validateSessionSecure(secure?: boolean | undefined): string;
|
|
|
91
100
|
/**
|
|
92
101
|
* Validates and sanitises sessions store.
|
|
93
102
|
*
|
|
103
|
+
* @access private
|
|
94
104
|
* @param {Function} store Session store.
|
|
95
105
|
* @returns {Function} Store.
|
|
96
106
|
*/
|
|
@@ -98,6 +108,7 @@ export function validateSessionStore(store: Function): Function;
|
|
|
98
108
|
/**
|
|
99
109
|
* Validates and sanitises sessions cookie url path.
|
|
100
110
|
*
|
|
111
|
+
* @access private
|
|
101
112
|
* @param {string} cookiePath Session cookie url path.
|
|
102
113
|
* @param {string} defaultPath Default path if none specified.
|
|
103
114
|
* @returns {string} Cookie path.
|
|
@@ -111,6 +122,7 @@ export function validateSessionCookiePath(cookiePath: string, defaultPath?: stri
|
|
|
111
122
|
* Lax
|
|
112
123
|
* None
|
|
113
124
|
*
|
|
125
|
+
* @access private
|
|
114
126
|
* @param {any} cookieSameSite Session cookie "sameSite" flag
|
|
115
127
|
* @param {any} defaultFlag Default path if none specified
|
|
116
128
|
* @returns {boolean} cookie path
|
|
@@ -127,6 +139,7 @@ export function validateEvents(events: any): any;
|
|
|
127
139
|
/**
|
|
128
140
|
* Validates helmet configuration function.
|
|
129
141
|
*
|
|
142
|
+
* @access private
|
|
130
143
|
* @param {HelmetConfigurator} helmetConfigurator Configuration function
|
|
131
144
|
* @returns {HelmetConfigurator} Validated configuration function
|
|
132
145
|
* @throws {TypeError} when passed a non-function
|
|
@@ -135,6 +148,7 @@ export function validateHelmetConfigurator(helmetConfigurator: HelmetConfigurato
|
|
|
135
148
|
/**
|
|
136
149
|
* Ingest, validate, sanitise and manipulate configuration parameters.
|
|
137
150
|
*
|
|
151
|
+
* @access private
|
|
138
152
|
* @param {ConfigurationOptions} config Config to ingest.
|
|
139
153
|
* @throws {Error|SyntaxError|TypeError} For invalid config values.
|
|
140
154
|
* @returns {object} Immutable config object.
|
|
@@ -10,9 +10,11 @@ const Plan_js_1 = __importDefault(require("./Plan.js"));
|
|
|
10
10
|
const logger_js_1 = __importDefault(require("./logger.js"));
|
|
11
11
|
const utils_js_1 = require("./utils.js");
|
|
12
12
|
/**
|
|
13
|
+
* @access private
|
|
13
14
|
* @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
|
|
14
15
|
*/
|
|
15
16
|
/**
|
|
17
|
+
* @access private
|
|
16
18
|
* @typedef {import('../casa').HelmetConfigurator} HelmetConfigurator
|
|
17
19
|
*/
|
|
18
20
|
const log = (0, logger_js_1.default)('lib:configuration-ingestor');
|
|
@@ -20,6 +22,7 @@ const echo = (a) => (a);
|
|
|
20
22
|
/**
|
|
21
23
|
* Validates and sanitises i18n obejct.
|
|
22
24
|
*
|
|
25
|
+
* @access private
|
|
23
26
|
* @param {object} i18n Object to validate.
|
|
24
27
|
* @param {Function} cb Callback function that receives the validated value.
|
|
25
28
|
* @throws {TypeError} For invalid object.
|
|
@@ -35,6 +38,7 @@ exports.validateI18nObject = validateI18nObject;
|
|
|
35
38
|
/**
|
|
36
39
|
* Validates and sanitises i18n directory.
|
|
37
40
|
*
|
|
41
|
+
* @access private
|
|
38
42
|
* @param {Array} dirs Array of directories.
|
|
39
43
|
* @throws {SyntaxError} For invalid directories.
|
|
40
44
|
* @throws {TypeError} For invalid type.
|
|
@@ -55,6 +59,7 @@ exports.validateI18nDirs = validateI18nDirs;
|
|
|
55
59
|
/**
|
|
56
60
|
* Validates and sanitises i18n locales.
|
|
57
61
|
*
|
|
62
|
+
* @access private
|
|
58
63
|
* @param {Array} locales Array of locales.
|
|
59
64
|
* @throws {SyntaxError} For invalid locales.
|
|
60
65
|
* @throws {TypeError} For invalid type.
|
|
@@ -75,17 +80,17 @@ exports.validateI18nLocales = validateI18nLocales;
|
|
|
75
80
|
/**
|
|
76
81
|
* Validates and sanitises mount url.
|
|
77
82
|
*
|
|
78
|
-
* @
|
|
79
|
-
* @param {string}
|
|
83
|
+
* @access private
|
|
84
|
+
* @param {string} mountUrl Prefix for all URLs in the browser address bar
|
|
80
85
|
* @throws {SyntaxError} For invalid URL.
|
|
81
|
-
* @returns {string} Sanitised URL.
|
|
86
|
+
* @returns {string|undefined} Sanitised URL.
|
|
82
87
|
*/
|
|
83
|
-
function validateMountUrl(mountUrl
|
|
88
|
+
function validateMountUrl(mountUrl) {
|
|
84
89
|
if (typeof mountUrl === 'undefined') {
|
|
85
|
-
return
|
|
90
|
+
return undefined;
|
|
86
91
|
}
|
|
87
92
|
if (!mountUrl.match(/\/$/)) {
|
|
88
|
-
throw new SyntaxError(
|
|
93
|
+
throw new SyntaxError('mountUrl must include a trailing slash (/)');
|
|
89
94
|
}
|
|
90
95
|
return mountUrl;
|
|
91
96
|
}
|
|
@@ -93,6 +98,7 @@ exports.validateMountUrl = validateMountUrl;
|
|
|
93
98
|
/**
|
|
94
99
|
* Validates and sanitises sessions object.
|
|
95
100
|
*
|
|
101
|
+
* @access private
|
|
96
102
|
* @param {object} session Object to validate.
|
|
97
103
|
* @param {Function} cb Callback function that receives the validated value.
|
|
98
104
|
* @throws {TypeError} For invalid object.
|
|
@@ -111,6 +117,7 @@ exports.validateSessionObject = validateSessionObject;
|
|
|
111
117
|
/**
|
|
112
118
|
* Validates and sanitises view directory.
|
|
113
119
|
*
|
|
120
|
+
* @access private
|
|
114
121
|
* @param {Array} dirs Array of directories.
|
|
115
122
|
* @throws {SyntaxError} For invalid directories.
|
|
116
123
|
* @throws {TypeError} For invalid type.
|
|
@@ -131,6 +138,7 @@ exports.validateViews = validateViews;
|
|
|
131
138
|
/**
|
|
132
139
|
* Validates and sanitises sessions secret.
|
|
133
140
|
*
|
|
141
|
+
* @access private
|
|
134
142
|
* @param {string} secret Session secret.
|
|
135
143
|
* @throws {ReferenceError} For missing value type.
|
|
136
144
|
* @throws {TypeError} For invalid value.
|
|
@@ -149,6 +157,7 @@ exports.validateSessionSecret = validateSessionSecret;
|
|
|
149
157
|
/**
|
|
150
158
|
* Validates and sanitises sessions ttl.
|
|
151
159
|
*
|
|
160
|
+
* @access private
|
|
152
161
|
* @param {number} ttl Session ttl (seconds).
|
|
153
162
|
* @throws {ReferenceError} For missing value type.
|
|
154
163
|
* @throws {TypeError} For invalid value.
|
|
@@ -164,6 +173,7 @@ exports.validateSessionTtl = validateSessionTtl;
|
|
|
164
173
|
/**
|
|
165
174
|
* Validates and sanitises sessions name.
|
|
166
175
|
*
|
|
176
|
+
* @access private
|
|
167
177
|
* @param {string} [name=casa-session] Session name.
|
|
168
178
|
* @throws {ReferenceError} For missing value type.
|
|
169
179
|
* @throws {TypeError} For invalid value.
|
|
@@ -179,6 +189,7 @@ exports.validateSessionName = validateSessionName;
|
|
|
179
189
|
/**
|
|
180
190
|
* Validates and sanitises sessions secure flag.
|
|
181
191
|
*
|
|
192
|
+
* @access private
|
|
182
193
|
* @param {boolean} [secure=false] Session secure flag.
|
|
183
194
|
* @throws {ReferenceError} For missing value type.
|
|
184
195
|
* @throws {TypeError} For invalid value.
|
|
@@ -194,6 +205,7 @@ exports.validateSessionSecure = validateSessionSecure;
|
|
|
194
205
|
/**
|
|
195
206
|
* Validates and sanitises sessions store.
|
|
196
207
|
*
|
|
208
|
+
* @access private
|
|
197
209
|
* @param {Function} store Session store.
|
|
198
210
|
* @returns {Function} Store.
|
|
199
211
|
*/
|
|
@@ -208,6 +220,7 @@ exports.validateSessionStore = validateSessionStore;
|
|
|
208
220
|
/**
|
|
209
221
|
* Validates and sanitises sessions cookie url path.
|
|
210
222
|
*
|
|
223
|
+
* @access private
|
|
211
224
|
* @param {string} cookiePath Session cookie url path.
|
|
212
225
|
* @param {string} defaultPath Default path if none specified.
|
|
213
226
|
* @returns {string} Cookie path.
|
|
@@ -227,6 +240,7 @@ exports.validateSessionCookiePath = validateSessionCookiePath;
|
|
|
227
240
|
* Lax
|
|
228
241
|
* None
|
|
229
242
|
*
|
|
243
|
+
* @access private
|
|
230
244
|
* @param {any} cookieSameSite Session cookie "sameSite" flag
|
|
231
245
|
* @param {any} defaultFlag Default path if none specified
|
|
232
246
|
* @returns {boolean} cookie path
|
|
@@ -357,6 +371,7 @@ exports.validateEvents = validateEvents;
|
|
|
357
371
|
/**
|
|
358
372
|
* Validates helmet configuration function.
|
|
359
373
|
*
|
|
374
|
+
* @access private
|
|
360
375
|
* @param {HelmetConfigurator} helmetConfigurator Configuration function
|
|
361
376
|
* @returns {HelmetConfigurator} Validated configuration function
|
|
362
377
|
* @throws {TypeError} when passed a non-function
|
|
@@ -371,6 +386,7 @@ exports.validateHelmetConfigurator = validateHelmetConfigurator;
|
|
|
371
386
|
/**
|
|
372
387
|
* Ingest, validate, sanitise and manipulate configuration parameters.
|
|
373
388
|
*
|
|
389
|
+
* @access private
|
|
374
390
|
* @param {ConfigurationOptions} config Config to ingest.
|
|
375
391
|
* @throws {Error|SyntaxError|TypeError} For invalid config values.
|
|
376
392
|
* @returns {object} Immutable config object.
|
|
@@ -382,10 +398,7 @@ function ingest(config = {}) {
|
|
|
382
398
|
dirs: validateI18nDirs(i18n.dirs),
|
|
383
399
|
locales: validateI18nLocales(i18n.locales),
|
|
384
400
|
})),
|
|
385
|
-
//
|
|
386
|
-
// This will be removed in next major version
|
|
387
|
-
//
|
|
388
|
-
// Public URL from which the app will be served
|
|
401
|
+
// URL that will prefix all URLs in the browser address bar
|
|
389
402
|
mountUrl: validateMountUrl(config.mountUrl),
|
|
390
403
|
// Session
|
|
391
404
|
session: validateSessionObject(config.session, (session) => ({
|
package/dist/lib/configure.d.ts
CHANGED
|
@@ -1,15 +1,19 @@
|
|
|
1
1
|
/**
|
|
2
|
+
* @access private
|
|
2
3
|
* @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
|
|
3
4
|
*/
|
|
4
5
|
/**
|
|
6
|
+
* @access private
|
|
5
7
|
* @typedef {import('../casa').ConfigurationOptions} ConfigureResult
|
|
6
8
|
*/
|
|
7
9
|
/**
|
|
10
|
+
* @access private
|
|
8
11
|
* @typedef {import('../casa').Mounter} Mounter
|
|
9
12
|
*/
|
|
10
13
|
/**
|
|
11
14
|
* Configure some middleware for use in creating a new CASA app.
|
|
12
15
|
*
|
|
16
|
+
* @memberof module:@dwp/govuk-casa
|
|
13
17
|
* @param {ConfigurationOptions} config Configuration options
|
|
14
18
|
* @returns {ConfigureResult} Result
|
|
15
19
|
*/
|
package/dist/lib/configure.js
CHANGED
|
@@ -16,6 +16,7 @@ const nunjucks_js_1 = __importDefault(require("./nunjucks.js"));
|
|
|
16
16
|
const static_js_1 = __importDefault(require("../routes/static.js"));
|
|
17
17
|
const ancillary_js_1 = __importDefault(require("../routes/ancillary.js"));
|
|
18
18
|
const journey_js_1 = __importDefault(require("../routes/journey.js"));
|
|
19
|
+
const strip_proxy_path_js_1 = __importDefault(require("../middleware/strip-proxy-path.js"));
|
|
19
20
|
const pre_js_1 = __importDefault(require("../middleware/pre.js"));
|
|
20
21
|
const post_js_1 = __importDefault(require("../middleware/post.js"));
|
|
21
22
|
const session_js_1 = __importDefault(require("../middleware/session.js"));
|
|
@@ -23,20 +24,22 @@ const i18n_js_1 = __importDefault(require("../middleware/i18n.js"));
|
|
|
23
24
|
const data_js_1 = __importDefault(require("../middleware/data.js"));
|
|
24
25
|
const body_parser_js_1 = __importDefault(require("../middleware/body-parser.js"));
|
|
25
26
|
const csrf_js_1 = __importDefault(require("../middleware/csrf.js"));
|
|
26
|
-
const logger_js_1 = __importDefault(require("./logger.js"));
|
|
27
|
-
const log = (0, logger_js_1.default)('lib:configure');
|
|
28
27
|
/**
|
|
28
|
+
* @access private
|
|
29
29
|
* @typedef {import('../casa').ConfigurationOptions} ConfigurationOptions
|
|
30
30
|
*/
|
|
31
31
|
/**
|
|
32
|
+
* @access private
|
|
32
33
|
* @typedef {import('../casa').ConfigurationOptions} ConfigureResult
|
|
33
34
|
*/
|
|
34
35
|
/**
|
|
36
|
+
* @access private
|
|
35
37
|
* @typedef {import('../casa').Mounter} Mounter
|
|
36
38
|
*/
|
|
37
39
|
/**
|
|
38
40
|
* Configure some middleware for use in creating a new CASA app.
|
|
39
41
|
*
|
|
42
|
+
* @memberof module:@dwp/govuk-casa
|
|
40
43
|
* @param {ConfigurationOptions} config Configuration options
|
|
41
44
|
* @returns {ConfigureResult} Result
|
|
42
45
|
*/
|
|
@@ -48,7 +51,7 @@ function configure(config = {}) {
|
|
|
48
51
|
plugin.configure(config);
|
|
49
52
|
});
|
|
50
53
|
// Extract config
|
|
51
|
-
const { mountUrl
|
|
54
|
+
const { mountUrl, views = [], session = {
|
|
52
55
|
secret: 'secret',
|
|
53
56
|
name: 'casasession',
|
|
54
57
|
secure: false,
|
|
@@ -134,54 +137,10 @@ function configure(config = {}) {
|
|
|
134
137
|
const mount = (app, { route = '/' } = {}) => {
|
|
135
138
|
nunjucksEnv.express(app);
|
|
136
139
|
app.set('view engine', 'njk');
|
|
137
|
-
//
|
|
138
|
-
//
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
//
|
|
142
|
-
// In some cases, the URL on which `app` instance is mounted might include a
|
|
143
|
-
// proxy path so that it can handle incoming requests that have had a path
|
|
144
|
-
// prepended to it by an intermediary, such as nginx. This would be common
|
|
145
|
-
// in a hosting environment that serves several separate applications.
|
|
146
|
-
//
|
|
147
|
-
// This bit of middleware removes that proxy path segment from the request
|
|
148
|
-
// so that all subsequent middleware behave as if it was never present.
|
|
149
|
-
//
|
|
150
|
-
// e.g. Where the proxy path is `my-proxy`, then a request to
|
|
151
|
-
// `/my-proxy/app` will be seen as `/app` in all subsequent middleware, and
|
|
152
|
-
// all URLs generated for the browser will use `/app`.
|
|
153
|
-
//
|
|
154
|
-
// Using `config.mountUrl` rather than `mountUrl` here to test whether the
|
|
155
|
-
// consumer explicitly set a `mountUrl`, in which case we're dealing with
|
|
156
|
-
// backwards-compatibility mode.
|
|
157
|
-
//
|
|
158
|
-
// This intervention would not be needed for apps that omit `mountUrl` as if
|
|
159
|
-
// so, it's assumed they're following the guidance for setting up a proxy
|
|
160
|
-
// as described in `docs/guides/setup-behind-a-proxy.md`.
|
|
161
|
-
if (config.mountUrl) {
|
|
162
|
-
log.warn('[DEPRECATION WARNING] Using configuration attribute, mountUrl. This will be removed in an upcoming major version');
|
|
163
|
-
app.use((req, res, next) => {
|
|
164
|
-
// Mimic what the `docs/guides/setup-behind-a-proxy.md` guidance
|
|
165
|
-
// recommends for stripping off any proxy prefixes to leave just the
|
|
166
|
-
// "mountUrl" remaining.
|
|
167
|
-
const originalBaseUrl = req.baseUrl;
|
|
168
|
-
req.baseUrl = mountUrl.replace(/\/$/, '');
|
|
169
|
-
// If the app has been mounted directly on the specific `mountUrl`, then
|
|
170
|
-
// there's nothing we need to do and can let this request pass-through.
|
|
171
|
-
if (req.baseUrl === originalBaseUrl) {
|
|
172
|
-
next();
|
|
173
|
-
}
|
|
174
|
-
else if (req.__CASA_BASE_URL_REWRITTEN__) {
|
|
175
|
-
delete req.__CASA_BASE_URL_REWRITTEN__;
|
|
176
|
-
next();
|
|
177
|
-
}
|
|
178
|
-
else {
|
|
179
|
-
// Issuing this call will re-run this same middleware, so we use this
|
|
180
|
-
// `__CASA_BASE_URL_REWRITTEN__` flag to prevent recursion.
|
|
181
|
-
req.__CASA_BASE_URL_REWRITTEN__ = true;
|
|
182
|
-
req.app.handle(req, res, next);
|
|
183
|
-
}
|
|
184
|
-
});
|
|
140
|
+
// If a `mountUrl` has been defined, then we're potentially in "proxy mode",
|
|
141
|
+
// in which we strip the proxy path prefix from the incoming request URLs.
|
|
142
|
+
if (mountUrl) {
|
|
143
|
+
app.use((0, strip_proxy_path_js_1.default)({ mountUrl }));
|
|
185
144
|
}
|
|
186
145
|
// Attach a handler to redirect requests for `/` to the first waypoint in
|
|
187
146
|
// the plan
|
|
@@ -195,7 +154,16 @@ function configure(config = {}) {
|
|
|
195
154
|
res.redirect(302, `${reqPath}${reqParams}`);
|
|
196
155
|
});
|
|
197
156
|
}
|
|
198
|
-
//
|
|
157
|
+
// Capture the mount path of this CASA app, before any parameterised path
|
|
158
|
+
// segments exert influence over `req.baseUrl` in the `router` further below.
|
|
159
|
+
// This can later be used by middleware that wants to use the
|
|
160
|
+
// "unparameterised" version of the request's `baseUrl`, such as the static
|
|
161
|
+
// router's middleware.
|
|
162
|
+
app.use((req, res, next) => {
|
|
163
|
+
req.unparameterisedBaseUrl = req.baseUrl;
|
|
164
|
+
next();
|
|
165
|
+
});
|
|
166
|
+
// Serve static assets from the `app` rather than the `router`. The router
|
|
199
167
|
// may contain paramaterised path segments which would mean serving static
|
|
200
168
|
// assets over a dynamic URL each time, thus causing lots of cache misses on
|
|
201
169
|
// the browser.
|
|
@@ -6,8 +6,9 @@
|
|
|
6
6
|
* Note: this will not remove the session from server-side storage, which will
|
|
7
7
|
* instead be left up to the storage mechanism to clean up.
|
|
8
8
|
*
|
|
9
|
-
* @
|
|
9
|
+
* @memberof module:@dwp/govuk-casa
|
|
10
|
+
* @param {import('express').Request} req HTTP request
|
|
10
11
|
* @param {Function} next Chain
|
|
11
12
|
* @returns {void}
|
|
12
13
|
*/
|
|
13
|
-
export default function endSession(req:
|
|
14
|
+
export default function endSession(req: import('express').Request, next: Function): void;
|