@lenne.tech/nest-server 10.2.4 → 10.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/common/interceptors/check-security.interceptor.js +1 -1
- package/dist/core/common/interceptors/check-security.interceptor.js.map +1 -1
- package/dist/core/common/services/crud.service.d.ts +14 -0
- package/dist/core/common/services/crud.service.js +30 -0
- package/dist/core/common/services/crud.service.js.map +1 -1
- package/dist/core.module.d.ts +1 -0
- package/dist/core.module.js +21 -2
- package/dist/core.module.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/src/core/common/interceptors/check-security.interceptor.ts +1 -1
- package/src/core/common/services/crud.service.ts +63 -0
- package/src/core.module.ts +31 -2
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lenne.tech/nest-server",
|
|
3
|
-
"version": "10.2.
|
|
3
|
+
"version": "10.2.6",
|
|
4
4
|
"description": "Modern, fast, powerful Node.js web framework in TypeScript based on Nest with a GraphQL API and a connection to MongoDB (or other databases).",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"node",
|
|
@@ -12,7 +12,7 @@ import { processDeep } from '../helpers/input.helper';
|
|
|
12
12
|
export class CheckSecurityInterceptor implements NestInterceptor {
|
|
13
13
|
intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
|
|
14
14
|
// Get current user
|
|
15
|
-
const user = getContextData(context)?.currentUser;
|
|
15
|
+
const user = getContextData(context)?.currentUser || null;
|
|
16
16
|
|
|
17
17
|
// Set force mode for sign in and sign up
|
|
18
18
|
let force = false;
|
|
@@ -311,6 +311,69 @@ export abstract class CrudService<
|
|
|
311
311
|
return this.findAndUpdateForce(filter, update, serviceOptions);
|
|
312
312
|
}
|
|
313
313
|
|
|
314
|
+
/**
|
|
315
|
+
* Find one item via filter
|
|
316
|
+
*/
|
|
317
|
+
async findOne(
|
|
318
|
+
filter?: FilterArgs | { filterQuery?: FilterQuery<any>; queryOptions?: QueryOptions },
|
|
319
|
+
serviceOptions?: ServiceOptions,
|
|
320
|
+
): Promise<Model> {
|
|
321
|
+
// If filter is not instance of FilterArgs a simple form with filterQuery and queryOptions is set
|
|
322
|
+
// and should not be processed as FilterArgs
|
|
323
|
+
if (!(filter instanceof FilterArgs) && serviceOptions?.inputType === FilterArgs) {
|
|
324
|
+
serviceOptions = Object.assign({ prepareInput: null }, serviceOptions, { inputType: null });
|
|
325
|
+
}
|
|
326
|
+
|
|
327
|
+
return this.process(
|
|
328
|
+
async (data) => {
|
|
329
|
+
|
|
330
|
+
// Prepare filter query
|
|
331
|
+
const filterQuery = { filterQuery: data?.input?.filterQuery, queryOptions: data?.input?.queryOptions };
|
|
332
|
+
if (data?.input instanceof FilterArgs) {
|
|
333
|
+
const converted = convertFilterArgsToQuery(data.input);
|
|
334
|
+
filterQuery.filterQuery = converted[0];
|
|
335
|
+
filterQuery.queryOptions = converted[1];
|
|
336
|
+
}
|
|
337
|
+
|
|
338
|
+
// Find in DB
|
|
339
|
+
let find = this.mainDbModel.findOne(filterQuery.filterQuery, null, filterQuery.queryOptions);
|
|
340
|
+
const collation = serviceOptions?.collation || ConfigService.get('mongoose.collation');
|
|
341
|
+
if (collation) {
|
|
342
|
+
find = find.collation(collation);
|
|
343
|
+
}
|
|
344
|
+
return find.exec();
|
|
345
|
+
},
|
|
346
|
+
{ input: filter, serviceOptions },
|
|
347
|
+
);
|
|
348
|
+
}
|
|
349
|
+
|
|
350
|
+
/**
|
|
351
|
+
* Find one item via filter without checks or restrictions
|
|
352
|
+
* Warning: Disables the handling of rights and restrictions!
|
|
353
|
+
*/
|
|
354
|
+
async findOneForce(
|
|
355
|
+
filter?: FilterArgs | { filterQuery?: FilterQuery<any>; queryOptions?: QueryOptions; samples?: number },
|
|
356
|
+
serviceOptions: ServiceOptions = {},
|
|
357
|
+
): Promise<Model> {
|
|
358
|
+
serviceOptions = serviceOptions || {};
|
|
359
|
+
serviceOptions.force = true;
|
|
360
|
+
return this.findOne(filter, serviceOptions);
|
|
361
|
+
}
|
|
362
|
+
|
|
363
|
+
/**
|
|
364
|
+
* Find one item via filter without checks, restrictions or preparations
|
|
365
|
+
* Warning: Disables the handling of rights and restrictions! The raw data may contain secrets (such as passwords).
|
|
366
|
+
*/
|
|
367
|
+
async findOneRaw(
|
|
368
|
+
filter?: FilterArgs | { filterQuery?: FilterQuery<any>; queryOptions?: QueryOptions; samples?: number },
|
|
369
|
+
serviceOptions: ServiceOptions = {},
|
|
370
|
+
): Promise<Model> {
|
|
371
|
+
serviceOptions = serviceOptions || {};
|
|
372
|
+
serviceOptions.prepareInput = null;
|
|
373
|
+
serviceOptions.prepareOutput = null;
|
|
374
|
+
return this.findOneForce(filter, serviceOptions);
|
|
375
|
+
}
|
|
376
|
+
|
|
314
377
|
/**
|
|
315
378
|
* CRUD alias for get
|
|
316
379
|
*/
|
package/src/core.module.ts
CHANGED
|
@@ -40,6 +40,26 @@ export class CoreModule implements NestModule {
|
|
|
40
40
|
consumer.apply(graphqlUploadExpress()).forRoutes('graphql');
|
|
41
41
|
}
|
|
42
42
|
|
|
43
|
+
/**
|
|
44
|
+
* Convert array with key value entries to header object
|
|
45
|
+
* e.g. ['Sec-WebSocket-Version', '13', 'Sec-WebSocket-Key', 'Yu4Lewa60jLk41YXcVrw0w==']
|
|
46
|
+
* => {
|
|
47
|
+
* 'Sec-WebSocket-Version': '13',
|
|
48
|
+
* 'Sec-WebSocket-Key': 'Yu4Lewa60jLk41YXcVrw0w==',
|
|
49
|
+
* }
|
|
50
|
+
*/
|
|
51
|
+
static getHeaderFromArray(array): Record<string, string> {
|
|
52
|
+
const result: Record<string, string> = {};
|
|
53
|
+
if (!array.length) {
|
|
54
|
+
return result;
|
|
55
|
+
}
|
|
56
|
+
for (let i = 0; i < array.length; i += 2) {
|
|
57
|
+
const key = array[i];
|
|
58
|
+
result[key] = array[i + 1];
|
|
59
|
+
}
|
|
60
|
+
return result;
|
|
61
|
+
}
|
|
62
|
+
|
|
43
63
|
/**
|
|
44
64
|
* Dynamic module
|
|
45
65
|
* see https://docs.nestjs.com/modules#dynamic-modules
|
|
@@ -78,6 +98,9 @@ export class CoreModule implements NestModule {
|
|
|
78
98
|
// verify authToken/getJwtPayLoad
|
|
79
99
|
const payload = authService.decodeJwt(authToken);
|
|
80
100
|
const user = await authService.validateUser(payload);
|
|
101
|
+
if (!user) {
|
|
102
|
+
throw new UnauthorizedException('No user found for token');
|
|
103
|
+
}
|
|
81
104
|
// the user/jwtPayload object found will be available as context.currentUser/jwtPayload in your GraphQL resolvers
|
|
82
105
|
return { user, headers: connectionParams };
|
|
83
106
|
}
|
|
@@ -91,14 +114,20 @@ export class CoreModule implements NestModule {
|
|
|
91
114
|
const { connectionParams, extra } = context;
|
|
92
115
|
if (config.graphQl.enableSubscriptionAuth) {
|
|
93
116
|
// get authToken from authorization header
|
|
94
|
-
const
|
|
117
|
+
const headers = this.getHeaderFromArray(extra.request?.rawHeaders);
|
|
118
|
+
const authToken: string
|
|
119
|
+
= connectionParams?.Authorization?.split(' ')[1]
|
|
120
|
+
?? headers.Authorization?.split(' ')[1];
|
|
95
121
|
if (authToken) {
|
|
96
122
|
// verify authToken/getJwtPayLoad
|
|
97
123
|
const payload = authService.decodeJwt(authToken);
|
|
98
124
|
const user = await authService.validateUser(payload);
|
|
125
|
+
if (!user) {
|
|
126
|
+
throw new UnauthorizedException('No user found for token');
|
|
127
|
+
}
|
|
99
128
|
// the user/jwtPayload object found will be available as context.currentUser/jwtPayload in your GraphQL resolvers
|
|
100
129
|
extra.user = user;
|
|
101
|
-
extra.
|
|
130
|
+
extra.headers = connectionParams ?? headers;
|
|
102
131
|
return extra;
|
|
103
132
|
}
|
|
104
133
|
|