@ladjs/web 11.1.1 → 12.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +29 -19
- package/package.json +16 -16
package/index.js
CHANGED
|
@@ -38,6 +38,7 @@ const koaConnect = require('koa-connect');
|
|
|
38
38
|
const methodOverride = require('koa-methodoverride');
|
|
39
39
|
const ms = require('ms');
|
|
40
40
|
const multimatch = require('multimatch');
|
|
41
|
+
const ratelimit = require('@ladjs/koa-simple-ratelimit');
|
|
41
42
|
const redisStore = require('koa-redis');
|
|
42
43
|
const removeTrailingSlashes = require('koa-no-trailing-slash');
|
|
43
44
|
const requestId = require('express-request-id');
|
|
@@ -48,7 +49,6 @@ const session = require('koa-generic-session');
|
|
|
48
49
|
const sharedConfig = require('@ladjs/shared-config');
|
|
49
50
|
const views = require('koa-views');
|
|
50
51
|
const { boolean } = require('boolean');
|
|
51
|
-
const { ratelimit } = require('koa-simple-ratelimit');
|
|
52
52
|
|
|
53
53
|
const defaultSrc = isSANB(process.env.WEB_HOST)
|
|
54
54
|
? [
|
|
@@ -60,13 +60,17 @@ const defaultSrc = isSANB(process.env.WEB_HOST)
|
|
|
60
60
|
`${process.env.WEB_HOST}:*`
|
|
61
61
|
]
|
|
62
62
|
: null;
|
|
63
|
+
|
|
63
64
|
const reportUri = isSANB(process.env.WEB_URL)
|
|
64
65
|
? `${process.env.WEB_URL}/report`
|
|
65
66
|
: null;
|
|
66
67
|
|
|
68
|
+
const INVALID_TOKEN_MESSAGE = 'Invalid CSRF token.';
|
|
69
|
+
const RATE_LIMIT_EXCEEDED = `Rate limit exceeded, retry in %s.`;
|
|
70
|
+
|
|
67
71
|
class Web {
|
|
68
72
|
// eslint-disable-next-line complexity
|
|
69
|
-
constructor(config) {
|
|
73
|
+
constructor(config, client) {
|
|
70
74
|
this.config = {
|
|
71
75
|
...sharedConfig('WEB'),
|
|
72
76
|
meta: {},
|
|
@@ -170,9 +174,17 @@ class Web {
|
|
|
170
174
|
...this.config.cabin
|
|
171
175
|
});
|
|
172
176
|
|
|
177
|
+
// initialize redis
|
|
178
|
+
this.client = client
|
|
179
|
+
? client
|
|
180
|
+
: new Redis(this.config.redis, cabin, this.config.redisMonitor);
|
|
181
|
+
|
|
173
182
|
// initialize the app
|
|
174
183
|
const app = new Koa();
|
|
175
184
|
|
|
185
|
+
// allow middleware to access redis client
|
|
186
|
+
app.context.client = this.client;
|
|
187
|
+
|
|
176
188
|
// listen for error and log events emitted by app
|
|
177
189
|
app.on('error', (err, ctx) => {
|
|
178
190
|
const level = err.status && err.status < 500 ? 'warn' : 'error';
|
|
@@ -181,16 +193,6 @@ class Web {
|
|
|
181
193
|
});
|
|
182
194
|
app.on('log', cabin.log);
|
|
183
195
|
|
|
184
|
-
// initialize redis
|
|
185
|
-
const client = new Redis(
|
|
186
|
-
this.config.redis,
|
|
187
|
-
cabin,
|
|
188
|
-
this.config.redisMonitor
|
|
189
|
-
);
|
|
190
|
-
|
|
191
|
-
// allow middleware to access redis client
|
|
192
|
-
app.context.client = client;
|
|
193
|
-
|
|
194
196
|
// override koa's undocumented error handler
|
|
195
197
|
app.context.onerror = errorHandler(this.config.cookiesKey, cabin);
|
|
196
198
|
|
|
@@ -240,7 +242,14 @@ class Web {
|
|
|
240
242
|
|
|
241
243
|
return ratelimit({
|
|
242
244
|
...this.config.rateLimit,
|
|
243
|
-
db: client
|
|
245
|
+
db: this.client,
|
|
246
|
+
logger: cabin,
|
|
247
|
+
errorMessage(exp) {
|
|
248
|
+
const fn =
|
|
249
|
+
typeof ctx.request.t === 'function' ? ctx.request.t : util.format;
|
|
250
|
+
// NOTE: ms does not support i18n localization
|
|
251
|
+
return fn(RATE_LIMIT_EXCEEDED, ms(exp, { long: true }));
|
|
252
|
+
}
|
|
244
253
|
})(ctx, next);
|
|
245
254
|
});
|
|
246
255
|
}
|
|
@@ -324,7 +333,7 @@ class Web {
|
|
|
324
333
|
app.keys = this.config.sessionKeys;
|
|
325
334
|
app.use(
|
|
326
335
|
session({
|
|
327
|
-
store: redisStore({ client }),
|
|
336
|
+
store: redisStore({ client: this.client }),
|
|
328
337
|
key: this.config.cookiesKey,
|
|
329
338
|
cookie: this.config.cookies,
|
|
330
339
|
genSid: this.config.genSid,
|
|
@@ -357,7 +366,10 @@ class Web {
|
|
|
357
366
|
if (this.config.csrf && process.env.NODE_ENV !== 'test') {
|
|
358
367
|
const csrf = new CSRF({
|
|
359
368
|
...this.config.csrf,
|
|
360
|
-
invalidTokenMessage: (ctx) =>
|
|
369
|
+
invalidTokenMessage: (ctx) =>
|
|
370
|
+
typeof ctx.request.t === 'function'
|
|
371
|
+
? ctx.request.t(INVALID_TOKEN_MESSAGE)
|
|
372
|
+
: INVALID_TOKEN_MESSAGE
|
|
361
373
|
});
|
|
362
374
|
app.use(async (ctx, next) => {
|
|
363
375
|
// check against ignored/whitelisted redirect middleware paths
|
|
@@ -413,15 +425,13 @@ class Web {
|
|
|
413
425
|
}
|
|
414
426
|
|
|
415
427
|
// start server on either http or http2
|
|
416
|
-
|
|
428
|
+
this.server =
|
|
417
429
|
this.config.protocol === 'https'
|
|
418
430
|
? http2.createSecureServer(this.config.ssl, app.callback())
|
|
419
431
|
: http.createServer(app.callback());
|
|
420
432
|
|
|
421
|
-
// expose app
|
|
433
|
+
// expose the app
|
|
422
434
|
this.app = app;
|
|
423
|
-
this.server = server;
|
|
424
|
-
this.client = client;
|
|
425
435
|
|
|
426
436
|
// bind listen/close to this
|
|
427
437
|
this.listen = this.listen.bind(this);
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ladjs/web",
|
|
3
3
|
"description": "Web server for Lad",
|
|
4
|
-
"version": "
|
|
4
|
+
"version": "12.0.1",
|
|
5
5
|
"author": "Nick Baugh <niftylettuce@gmail.com> (http://niftylettuce.com/)",
|
|
6
6
|
"ava": {
|
|
7
7
|
"failFast": true,
|
|
@@ -20,20 +20,21 @@
|
|
|
20
20
|
"Nick Baugh <niftylettuce@gmail.com> (http://niftylettuce.com/)"
|
|
21
21
|
],
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@hapi/boom": "^
|
|
23
|
+
"@hapi/boom": "^10.0.0",
|
|
24
24
|
"@koa/router": "^10.1.1",
|
|
25
|
-
"@ladjs/i18n": "^7.2.
|
|
25
|
+
"@ladjs/i18n": "^7.2.6",
|
|
26
26
|
"@ladjs/koa-better-static": "^2.0.1",
|
|
27
27
|
"@ladjs/koa-cache-responses": "^0.0.3",
|
|
28
28
|
"@ladjs/koa-isajax": "^2.0.0",
|
|
29
|
+
"@ladjs/koa-simple-ratelimit": "^3.0.0",
|
|
29
30
|
"@ladjs/redis": "^1.0.7",
|
|
30
|
-
"@ladjs/shared-config": "^6.0.
|
|
31
|
+
"@ladjs/shared-config": "^6.0.2",
|
|
31
32
|
"@ladjs/state-helper": "^1.0.0",
|
|
32
33
|
"@ladjs/store-ip-address": "^0.0.7",
|
|
33
|
-
"boolean": "^3.
|
|
34
|
-
"cabin": "^9.1.
|
|
34
|
+
"boolean": "^3.2.0",
|
|
35
|
+
"cabin": "^9.1.2",
|
|
35
36
|
"crypto-random-string": "3",
|
|
36
|
-
"express-request-id": "
|
|
37
|
+
"express-request-id": "1.4.1",
|
|
37
38
|
"is-string-and-not-blank": "^0.0.2",
|
|
38
39
|
"kcors": "^2.2.2",
|
|
39
40
|
"koa": "^2.13.4",
|
|
@@ -58,7 +59,6 @@
|
|
|
58
59
|
"koa-no-trailing-slash": "^2.1.0",
|
|
59
60
|
"koa-redirect-loop": "^1.0.2",
|
|
60
61
|
"koa-redis": "^4.0.1",
|
|
61
|
-
"koa-simple-ratelimit": "^5.1.1",
|
|
62
62
|
"koa-views": "^8.0.0",
|
|
63
63
|
"lodash": "^4.17.21",
|
|
64
64
|
"ms": "^2.1.3",
|
|
@@ -67,22 +67,22 @@
|
|
|
67
67
|
"response-time": "^2.3.2"
|
|
68
68
|
},
|
|
69
69
|
"devDependencies": {
|
|
70
|
-
"@commitlint/cli": "^
|
|
71
|
-
"@commitlint/config-conventional": "^
|
|
72
|
-
"ava": "^4.0
|
|
70
|
+
"@commitlint/cli": "^17.0.1",
|
|
71
|
+
"@commitlint/config-conventional": "^17.0.0",
|
|
72
|
+
"ava": "^4.2.0",
|
|
73
73
|
"codecov": "^3.8.3",
|
|
74
74
|
"cross-env": "^7.0.3",
|
|
75
|
-
"eslint": "^8.
|
|
75
|
+
"eslint": "^8.16.0",
|
|
76
76
|
"eslint-config-xo-lass": "^1.0.6",
|
|
77
77
|
"fixpack": "^4.0.0",
|
|
78
|
-
"husky": "^
|
|
79
|
-
"lint-staged": "^12.
|
|
78
|
+
"husky": "^8.0.1",
|
|
79
|
+
"lint-staged": "^12.4.2",
|
|
80
80
|
"nyc": "^15.1.0",
|
|
81
81
|
"pug": "^3.0.2",
|
|
82
82
|
"remark-cli": "^10.0.1",
|
|
83
83
|
"remark-preset-github": "^4.0.1",
|
|
84
|
-
"supertest": "^6.2.
|
|
85
|
-
"xo": "^0.
|
|
84
|
+
"supertest": "^6.2.3",
|
|
85
|
+
"xo": "^0.49.0"
|
|
86
86
|
},
|
|
87
87
|
"engines": {
|
|
88
88
|
"node": ">=10.10.0"
|