@mastra/express 1.3.17-alpha.1 → 1.3.17-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/dist/index.cjs +66 -36
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +68 -38
- package/dist/index.js.map +1 -1
- package/package.json +6 -6
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,23 @@
|
|
|
1
1
|
# @mastra/express
|
|
2
2
|
|
|
3
|
+
## 1.3.17-alpha.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Updated dependencies [[`fb0719a`](https://github.com/mastra-ai/mastra/commit/fb0719aef8072132efbcdca740e265f5f2b98a99), [`ca28c23`](https://github.com/mastra-ai/mastra/commit/ca28c232a2f18801a6cf20fe053479237b4d4fb0), [`39162cb`](https://github.com/mastra-ai/mastra/commit/39162cb952c0053fdd4ed7217ec7802a2027b19d)]:
|
|
8
|
+
- @mastra/server@1.32.0-alpha.3
|
|
9
|
+
- @mastra/core@1.32.0-alpha.3
|
|
10
|
+
|
|
11
|
+
## 1.3.17-alpha.2
|
|
12
|
+
|
|
13
|
+
### Patch Changes
|
|
14
|
+
|
|
15
|
+
- Added FGA enforcement to server adapter middleware, ensuring authorization checks are applied consistently across all built-in adapters. ([#15410](https://github.com/mastra-ai/mastra/pull/15410))
|
|
16
|
+
|
|
17
|
+
- Updated dependencies [[`86c0298`](https://github.com/mastra-ai/mastra/commit/86c0298e647306423c842f9d5ac827bd616bd13d), [`7fce309`](https://github.com/mastra-ai/mastra/commit/7fce30912b14170bfc41f0ac736cca0f39fe0cd4), [`cd96779`](https://github.com/mastra-ai/mastra/commit/cd9677937f113b2856dc8b9f3d4bdabcee58bb2e), [`7997c2e`](https://github.com/mastra-ai/mastra/commit/7997c2e55ddd121562a4098cd8d2b89c68433bf1), [`e97ccb9`](https://github.com/mastra-ai/mastra/commit/e97ccb900f8b7a390ce82c9f8eb8d6eb2c5e3777), [`f5afe62`](https://github.com/mastra-ai/mastra/commit/f5afe62beff3ae69148a35e55fe5375168897829), [`c5daf48`](https://github.com/mastra-ai/mastra/commit/c5daf48556e98c46ae06caf00f92c249912007e9), [`cd96779`](https://github.com/mastra-ai/mastra/commit/cd9677937f113b2856dc8b9f3d4bdabcee58bb2e), [`86c0298`](https://github.com/mastra-ai/mastra/commit/86c0298e647306423c842f9d5ac827bd616bd13d)]:
|
|
18
|
+
- @mastra/core@1.32.0-alpha.2
|
|
19
|
+
- @mastra/server@1.32.0-alpha.2
|
|
20
|
+
|
|
3
21
|
## 1.3.17-alpha.1
|
|
4
22
|
|
|
5
23
|
### Patch Changes
|
package/dist/index.cjs
CHANGED
|
@@ -596,13 +596,14 @@ var MastraServer = class extends serverAdapter.MastraServer {
|
|
|
596
596
|
buildAuthorizeContext: () => toWebRequest2(req)
|
|
597
597
|
});
|
|
598
598
|
if (authError) {
|
|
599
|
-
|
|
600
|
-
|
|
599
|
+
const authResult = authError;
|
|
600
|
+
if (authResult.headers) {
|
|
601
|
+
for (const [key, value] of Object.entries(authResult.headers)) {
|
|
601
602
|
res.setHeader(key, value);
|
|
602
603
|
}
|
|
603
604
|
}
|
|
604
|
-
if (
|
|
605
|
-
return res.status(
|
|
605
|
+
if (authResult.error) {
|
|
606
|
+
return res.status(authResult.status).json({ error: authResult.error });
|
|
606
607
|
}
|
|
607
608
|
}
|
|
608
609
|
const params = await this.getParams(route, req);
|
|
@@ -688,6 +689,14 @@ var MastraServer = class extends serverAdapter.MastraServer {
|
|
|
688
689
|
}
|
|
689
690
|
}
|
|
690
691
|
}
|
|
692
|
+
const fgaError = await serverAdapter.checkRouteFGA(this.mastra, route, res.locals.requestContext, {
|
|
693
|
+
...params.urlParams,
|
|
694
|
+
...params.queryParams,
|
|
695
|
+
...typeof params.body === "object" ? params.body : {}
|
|
696
|
+
});
|
|
697
|
+
if (fgaError) {
|
|
698
|
+
return res.status(fgaError.status).json({ error: fgaError.error, message: fgaError.message });
|
|
699
|
+
}
|
|
691
700
|
try {
|
|
692
701
|
const result = await route.handler(handlerParams);
|
|
693
702
|
await this.sendResponse(route, res, result, req, prefix);
|
|
@@ -715,47 +724,68 @@ var MastraServer = class extends serverAdapter.MastraServer {
|
|
|
715
724
|
this.app.use(async (req, res, next) => {
|
|
716
725
|
const path = String(req.path || "/");
|
|
717
726
|
const method = String(req.method || "GET");
|
|
718
|
-
|
|
727
|
+
const matchedRoute = auth.findMatchingCustomRoute(
|
|
728
|
+
path,
|
|
729
|
+
method,
|
|
730
|
+
this.customApiRoutes ?? this.mastra.getServer()?.apiRoutes
|
|
731
|
+
);
|
|
732
|
+
const shouldRunCustomRouteAuth = auth.isProtectedCustomRoute(path, method, this.customRouteAuthConfig);
|
|
733
|
+
const shouldRunCustomRouteFGA = !!matchedRoute?.route.fga;
|
|
734
|
+
if (shouldRunCustomRouteAuth || shouldRunCustomRouteFGA) {
|
|
719
735
|
const serverRoute = {
|
|
720
|
-
method,
|
|
721
|
-
path,
|
|
736
|
+
method: matchedRoute?.route.method ?? method,
|
|
737
|
+
path: matchedRoute?.route.path ?? path,
|
|
722
738
|
responseType: "json",
|
|
723
739
|
handler: async () => {
|
|
724
|
-
}
|
|
740
|
+
},
|
|
741
|
+
requiresAuth: matchedRoute?.route.requiresAuth,
|
|
742
|
+
requiresPermission: matchedRoute?.route.requiresPermission,
|
|
743
|
+
fga: matchedRoute?.route.fga
|
|
725
744
|
};
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
if (authError
|
|
737
|
-
|
|
738
|
-
|
|
745
|
+
if (shouldRunCustomRouteAuth) {
|
|
746
|
+
const authError = await this.checkRouteAuth(serverRoute, {
|
|
747
|
+
path,
|
|
748
|
+
method,
|
|
749
|
+
getHeader: (name) => req.headers[name.toLowerCase()],
|
|
750
|
+
getQuery: (name) => req.query[name],
|
|
751
|
+
requestContext: res.locals.requestContext,
|
|
752
|
+
request: toWebRequest2(req),
|
|
753
|
+
buildAuthorizeContext: () => toWebRequest2(req)
|
|
754
|
+
});
|
|
755
|
+
if (authError) {
|
|
756
|
+
const authResult = authError;
|
|
757
|
+
if (authResult.headers) {
|
|
758
|
+
for (const [key, value] of Object.entries(authResult.headers)) {
|
|
759
|
+
res.setHeader(key, value);
|
|
760
|
+
}
|
|
761
|
+
}
|
|
762
|
+
if (authResult.error) {
|
|
763
|
+
return res.status(authResult.status).json({ error: authResult.error });
|
|
739
764
|
}
|
|
740
765
|
}
|
|
741
|
-
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
error: permissionError.error,
|
|
754
|
-
message: permissionError.message
|
|
755
|
-
});
|
|
766
|
+
const authConfig = this.mastra.getServer()?.auth;
|
|
767
|
+
if (authConfig) {
|
|
768
|
+
const hasPermission = await loadHasPermission();
|
|
769
|
+
if (hasPermission) {
|
|
770
|
+
const userPermissions = res.locals.requestContext.get("userPermissions");
|
|
771
|
+
const permissionError = this.checkRoutePermission(serverRoute, userPermissions, hasPermission);
|
|
772
|
+
if (permissionError) {
|
|
773
|
+
return res.status(permissionError.status).json({
|
|
774
|
+
error: permissionError.error,
|
|
775
|
+
message: permissionError.message
|
|
776
|
+
});
|
|
777
|
+
}
|
|
756
778
|
}
|
|
757
779
|
}
|
|
758
780
|
}
|
|
781
|
+
const fgaError = await serverAdapter.checkRouteFGA(this.mastra, serverRoute, res.locals.requestContext, {
|
|
782
|
+
...matchedRoute?.params ?? {},
|
|
783
|
+
...req.query,
|
|
784
|
+
...typeof req.body === "object" && req.body !== null ? req.body : {}
|
|
785
|
+
});
|
|
786
|
+
if (fgaError) {
|
|
787
|
+
return res.status(fgaError.status).json({ error: fgaError.error, message: fgaError.message });
|
|
788
|
+
}
|
|
759
789
|
}
|
|
760
790
|
const response = await this.handleCustomRouteRequest(
|
|
761
791
|
`${req.protocol}://${req.get("host") || "localhost"}${req.originalUrl}`,
|