@naturalcycles/backend-lib 9.44.1 → 9.45.0

package/dist/admin/base.admin.service.js

@@ -35,7 +35,6 @@ export class BaseAdminService {
         if (!email)
             return;
         console.log(`getEmailPermissions (${dimGrey(email)}) returning undefined (please override the implementation)`);
-        return;
     }
     /**
      * To be extended.
@@ -62,7 +61,6 @@ export class BaseAdminService {
                 return; // skip logging, expected error
             }
             req.error(`getEmailByToken error:`, err);
-            return;
         }
     }
     /**

package/dist/express/createDefaultApp.js

@@ -5,6 +5,7 @@ import { methodOverrideMiddleware } from '../server/methodOverrideMiddleware.js'
 import { notFoundMiddleware } from '../server/notFoundMiddleware.js';
 import { requestTimeoutMiddleware } from '../server/requestTimeoutMiddleware.js';
 import { simpleRequestLoggerMiddleware } from '../server/simpleRequestLoggerMiddleware.js';
+import { isGAE } from '../util.js';
 const isTest = process.env['APP_ENV'] === 'test';
 const isDev = process.env['APP_ENV'] === 'dev';
 export async function createDefaultApp(cfg) {
@@ -29,6 +30,25 @@ export async function createDefaultApp(cfg) {
     if (isDev) {
         app.use(simpleRequestLoggerMiddleware());
     }
+    if (!isTest) {
+        // leaks, load lazily
+        const { default: helmet } = await import('helmet');
+        app.use(helmet({
+            contentSecurityPolicy: false, // to allow "admin 401 auto-redirect"
+        }));
+    }
+    app.use(cors({
+        origin: true,
+        credentials: true,
+        // methods: 'GET,HEAD,PUT,PATCH,POST,DELETE', // default
+        maxAge: 86400,
+        ...cfg.corsOptions,
+    }));
+    if (!isGAE() && isTest) {
+        // compression is not used in AppEngine, because AppEngine provides it by default
+        const { default: compression } = await import('compression');
+        app.use(compression());
+    }
     // app.use(safeJsonMiddleware()) // optional
     // accepts application/json
     app.use(express.json({
@@ -55,20 +75,6 @@ export async function createDefaultApp(cfg) {
         ...cfg.bodyParserRawOptions,
     }));
     app.use(cookieParser());
-    if (!isTest) {
-        // leaks, load lazily
-        const { default: helmet } = await import('helmet');
-        app.use(helmet({
-            contentSecurityPolicy: false, // to allow "admin 401 auto-redirect"
-        }));
-    }
-    app.use(cors({
-        origin: true,
-        credentials: true,
-        // methods: 'GET,HEAD,PUT,PATCH,POST,DELETE', // default
-        maxAge: 86400,
-        ...cfg.corsOptions,
-    }));
     // app.use(clearBodyParserTimeout()) // removed by default
     // Static is now disabled by default due to performance
     // Without: 6500 rpsAvg

package/dist/server/server.model.d.ts

@@ -8,7 +8,7 @@ import type { Application, IRouter, NextFunction, Request, Response } from 'expr
  * `BackendRequest` seems to not conflict with anything right now.
  * Previous name `ExpressRequest` was clashing with Sentry.
  */
-export interface BackendRequest extends Request {
+export interface BackendRequest<BODY = unknown> extends Request {
     debug: CommonLogFunction;
     log: CommonLogFunction;
     warn: CommonLogFunction;
@@ -19,10 +19,10 @@ export interface BackendRequest extends Request {
      */
     userId?: string;
     /**
-     * It's set to unknown (instead of `any`) to prevent implicit use of any
+     * It defaults to unknown (instead of `any`) to prevent implicit use of any
      * in unexpected places.
      */
-    body: unknown;
+    body: BODY;
     /**
      * Raw Buffer of the `req.body`, before it's stringified and json-parsed.
      * Useful for when something mutates `req.body` json (e.g j validation), and you

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@naturalcycles/backend-lib",
   "type": "module",
-  "version": "9.44.1",
+  "version": "9.45.0",
   "peerDependencies": {
     "@sentry/node": "^10"
   },
@@ -10,10 +10,12 @@
     "@naturalcycles/js-lib": "^15",
     "@naturalcycles/nodejs-lib": "^15",
     "@types/body-parser": "^1",
+    "@types/compression": "^1",
     "@types/cookie-parser": "^1",
     "@types/cors": "^2",
     "@types/express": "^5",
     "@types/on-finished": "^2",
+    "compression": "^1",
     "cookie-parser": "^1",
     "cors": "^2",
     "dotenv": "^17",
@@ -29,7 +31,7 @@
     "@sentry/node": "^10",
     "@types/ejs": "^3",
     "fastify": "^5",
-    "@naturalcycles/dev-lib": "20.12.11"
+    "@naturalcycles/dev-lib": "20.15.0"
   },
   "exports": {
     ".": "./dist/index.js",

package/src/admin/base.admin.service.ts

@@ -65,7 +65,6 @@ export class BaseAdminService {
         email,
       )}) returning undefined (please override the implementation)`,
     )
-    return
   }
 
   /**
@@ -107,7 +106,6 @@ export class BaseAdminService {
       }
 
       req.error(`getEmailByToken error:`, err)
-      return
     }
   }
 

package/src/express/createDefaultApp.ts

@@ -16,6 +16,7 @@ import type {
   BackendRequestHandler,
 } from '../server/server.model.js'
 import { simpleRequestLoggerMiddleware } from '../server/simpleRequestLoggerMiddleware.js'
+import { isGAE } from '../util.js'
 
 const isTest = process.env['APP_ENV'] === 'test'
 const isDev = process.env['APP_ENV'] === 'dev'
@@ -51,6 +52,32 @@ export async function createDefaultApp(cfg: DefaultAppCfg): Promise<BackendAppli
     app.use(simpleRequestLoggerMiddleware())
   }
 
+  if (!isTest) {
+    // leaks, load lazily
+    const { default: helmet } = await import('helmet')
+    app.use(
+      helmet({
+        contentSecurityPolicy: false, // to allow "admin 401 auto-redirect"
+      }),
+    )
+  }
+
+  app.use(
+    cors({
+      origin: true,
+      credentials: true,
+      // methods: 'GET,HEAD,PUT,PATCH,POST,DELETE', // default
+      maxAge: 86400,
+      ...cfg.corsOptions,
+    }),
+  )
+
+  if (!isGAE() && isTest) {
+    // compression is not used in AppEngine, because AppEngine provides it by default
+    const { default: compression } = await import('compression')
+    app.use(compression())
+  }
+
   // app.use(safeJsonMiddleware()) // optional
 
   // accepts application/json
@@ -88,26 +115,6 @@ export async function createDefaultApp(cfg: DefaultAppCfg): Promise<BackendAppli
 
   app.use(cookieParser())
 
-  if (!isTest) {
-    // leaks, load lazily
-    const { default: helmet } = await import('helmet')
-    app.use(
-      helmet({
-        contentSecurityPolicy: false, // to allow "admin 401 auto-redirect"
-      }),
-    )
-  }
-
-  app.use(
-    cors({
-      origin: true,
-      credentials: true,
-      // methods: 'GET,HEAD,PUT,PATCH,POST,DELETE', // default
-      maxAge: 86400,
-      ...cfg.corsOptions,
-    }),
-  )
-
   // app.use(clearBodyParserTimeout()) // removed by default
 
   // Static is now disabled by default due to performance

package/src/server/server.model.ts

@@ -9,7 +9,7 @@ import type { Application, IRouter, NextFunction, Request, Response } from 'expr
  * `BackendRequest` seems to not conflict with anything right now.
  * Previous name `ExpressRequest` was clashing with Sentry.
  */
-export interface BackendRequest extends Request {
+export interface BackendRequest<BODY = unknown> extends Request {
   debug: CommonLogFunction
   log: CommonLogFunction
   warn: CommonLogFunction
@@ -22,10 +22,10 @@ export interface BackendRequest extends Request {
   userId?: string
 
   /**
-   * It's set to unknown (instead of `any`) to prevent implicit use of any
+   * It defaults to unknown (instead of `any`) to prevent implicit use of any
    * in unexpected places.
    */
-  body: unknown
+  body: BODY
 
   /**
    * Raw Buffer of the `req.body`, before it's stringified and json-parsed.