@maroonedsoftware/koa 1.15.5 → 1.15.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +33 -10
- package/package.json +5 -5
package/README.md
CHANGED
|
@@ -104,6 +104,20 @@ router.get('/api/me', async ctx => {
|
|
|
104
104
|
});
|
|
105
105
|
```
|
|
106
106
|
|
|
107
|
+
### Authorization
|
|
108
|
+
|
|
109
|
+
`requireSecurity` is router middleware that runs after `authenticationMiddleware`. It throws 401 when the request is unauthenticated and, if `roles` is provided, throws 403 unless the authenticated context has at least one of the listed roles.
|
|
110
|
+
|
|
111
|
+
```typescript
|
|
112
|
+
import { requireSecurity } from '@maroonedsoftware/koa';
|
|
113
|
+
|
|
114
|
+
// Require any authenticated user
|
|
115
|
+
router.get('/api/profile', requireSecurity(), handler);
|
|
116
|
+
|
|
117
|
+
// Require at least one of the given roles
|
|
118
|
+
router.delete('/api/users/:id', requireSecurity({ roles: ['admin'] }), handler);
|
|
119
|
+
```
|
|
120
|
+
|
|
107
121
|
### CORS
|
|
108
122
|
|
|
109
123
|
```typescript
|
|
@@ -188,27 +202,36 @@ router.post(
|
|
|
188
202
|
`defaultParserMappings` is the built-in MIME-type-to-parser map used by `bodyParserMiddleware`. You can extend or replace it to register additional parsers:
|
|
189
203
|
|
|
190
204
|
```typescript
|
|
191
|
-
import {
|
|
192
|
-
|
|
205
|
+
import {
|
|
206
|
+
defaultParserMappings,
|
|
207
|
+
BinaryParser,
|
|
208
|
+
ServerKitParserMappings,
|
|
209
|
+
} from '@maroonedsoftware/koa';
|
|
193
210
|
|
|
194
211
|
const customMappings = {
|
|
195
212
|
...defaultParserMappings,
|
|
196
213
|
pdf: BinaryParser,
|
|
197
214
|
};
|
|
198
215
|
|
|
199
|
-
//
|
|
216
|
+
// Register the mappings in the DI container; ServerKitBodyParser will resolve them.
|
|
217
|
+
const builder = diRegistry.register(ServerKitParserMappings).useMap();
|
|
218
|
+
for (const [mimeType, parser] of Object.entries(customMappings)) {
|
|
219
|
+
builder.add(mimeType, parser);
|
|
220
|
+
}
|
|
200
221
|
```
|
|
201
222
|
|
|
202
223
|
The default mappings are:
|
|
203
224
|
|
|
204
|
-
| MIME subtype | Parser
|
|
205
|
-
| -------------------- |
|
|
206
|
-
| `json` | `JsonParser`
|
|
207
|
-
| `application/*+json` | `JsonParser`
|
|
208
|
-
| `urlencoded` | `FormParser`
|
|
209
|
-
| `text` | `TextParser`
|
|
225
|
+
| MIME subtype | Parser |
|
|
226
|
+
| -------------------- | ----------------- |
|
|
227
|
+
| `json` | `JsonParser` |
|
|
228
|
+
| `application/*+json` | `JsonParser` |
|
|
229
|
+
| `urlencoded` | `FormParser` |
|
|
230
|
+
| `text` | `TextParser` |
|
|
210
231
|
| `multipart` | `MultipartParser` |
|
|
211
232
|
|
|
233
|
+
`BinaryParser` is exported but not registered in `defaultParserMappings`; add it explicitly to handle raw payloads such as PDFs or images.
|
|
234
|
+
|
|
212
235
|
## API
|
|
213
236
|
|
|
214
237
|
### ServerKitContext
|
|
@@ -236,7 +259,7 @@ The default mappings are:
|
|
|
236
259
|
| `authenticationMiddleware()` | Resolves `Authorization` header via `AuthenticationSchemeHandler`; populates `ctx.authenticationContext` |
|
|
237
260
|
| `bodyParserMiddleware(contentTypes)` | Parses body by allowed MIME types; throws 400/411/415/422 on invalid input |
|
|
238
261
|
| `requireSignature(optionsKey)` | Verifies HMAC of `ctx.rawBody` against a request header; throws 401 on mismatch |
|
|
239
|
-
| `requireSecurity(options?)` | Throws 401 when unauthenticated; throws 403 when
|
|
262
|
+
| `requireSecurity(options?)` | Throws 401 when unauthenticated; throws 403 when none of the `options.roles` are present |
|
|
240
263
|
|
|
241
264
|
### Parser options
|
|
242
265
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@maroonedsoftware/koa",
|
|
3
|
-
"version": "1.15.
|
|
3
|
+
"version": "1.15.6",
|
|
4
4
|
"description": "Koa middleware, body parsing, and utilities for ServerKit",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Marooned Software",
|
|
@@ -37,12 +37,12 @@
|
|
|
37
37
|
"qs": "^6.15.1",
|
|
38
38
|
"rate-limiter-flexible": "^11.0.1",
|
|
39
39
|
"raw-body": "^3.0.2",
|
|
40
|
+
"@maroonedsoftware/authentication": "0.14.1",
|
|
41
|
+
"@maroonedsoftware/multipart": "1.1.1",
|
|
40
42
|
"@maroonedsoftware/appconfig": "1.4.0",
|
|
43
|
+
"@maroonedsoftware/utilities": "1.7.0",
|
|
41
44
|
"@maroonedsoftware/errors": "1.5.0",
|
|
42
|
-
"@maroonedsoftware/logger": "1.1.0"
|
|
43
|
-
"@maroonedsoftware/multipart": "1.1.1",
|
|
44
|
-
"@maroonedsoftware/authentication": "0.14.0",
|
|
45
|
-
"@maroonedsoftware/utilities": "1.7.0"
|
|
45
|
+
"@maroonedsoftware/logger": "1.1.0"
|
|
46
46
|
},
|
|
47
47
|
"peerDependencies": {
|
|
48
48
|
"@koa/cors": "^5.0.0",
|