@niledatabase/server 3.0.0-alpha.32 → 3.0.0-alpha.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/server.cjs.development.js +85 -67
  2. package/dist/server.cjs.development.js.map +1 -1
  3. package/dist/server.cjs.production.min.js +1 -1
  4. package/dist/server.cjs.production.min.js.map +1 -1
  5. package/dist/server.esm.js +85 -67
  6. package/dist/server.esm.js.map +1 -1
  7. package/dist/types.d.ts +1 -0
  8. package/dist/utils/Config/envVars.d.ts +1 -0
  9. package/dist/utils/Config/index.d.ts +1 -0
  10. package/dist/utils/fetch.d.ts +2 -0
  11. package/package.json +2 -2
package/dist/server.cjs.development.js CHANGED
@@ -465,6 +465,13 @@ function Logger(config) {
465
465
  };
466
466
  }
467
467
 
468
+ var getSecureCookies = function getSecureCookies(cfg) {
469
+ var config = cfg.config;
470
+ if (process.env.NILEDB_SECURECOOKIES) {
471
+ return Boolean(process.env.NILEDB_SECURECOOKIES);
472
+ }
473
+ return config == null ? void 0 : config.secureCookies;
474
+ };
468
475
  var getDatabaseId = function getDatabaseId(cfg) {
469
476
  var config = cfg.config,
470
477
  logger = cfg.logger;
@@ -681,6 +688,7 @@ var Config = /*#__PURE__*/function () {
681
688
  this.routePrefix = void 0;
682
689
  this.routes = void 0;
683
690
  this.logger = void 0;
691
+ this.secureCookies = void 0;
684
692
  this.debug = void 0;
685
693
  this.db = void 0;
686
694
  this.api = void 0;
@@ -852,6 +860,7 @@ var Config = /*#__PURE__*/function () {
852
860
  throw new Error('Password is required. Set NILEDB_PASSWORD as an environment variable or set `password` in the config options.');
853
861
  }
854
862
  }
863
+ this.secureCookies = getSecureCookies(_envVarConfig);
855
864
  this.databaseId = getDatabaseId(_envVarConfig);
856
865
  this.databaseName = getDatabaseName(_envVarConfig);
857
866
  this._tenantId = getTenantId(_envVarConfig);
@@ -1489,6 +1498,7 @@ var ResponseError = function ResponseError(body, init) {
1489
1498
 
1490
1499
  var X_NILE_TENANT = 'niledb-tenant-id';
1491
1500
  var X_NILE_USER_ID = 'niledb-user-id';
1501
+ var X_NILE_SECURECOOKIES = 'niledb-useSecureCookies';
1492
1502
  function getTokenFromCookie(headers, cookieKey) {
1493
1503
  var _headers$get;
1494
1504
  var cookie = (_headers$get = headers.get('cookie')) == null ? void 0 : _headers$get.split('; ');
@@ -1530,52 +1540,60 @@ function getUserFromHttp(headers, config) {
1530
1540
  }
1531
1541
  return (_headers$get2 = headers == null ? void 0 : headers.get(X_NILE_USER_ID)) != null ? _headers$get2 : config.userId;
1532
1542
  }
1543
+ function makeBasicHeaders(config, opts) {
1544
+ var _config$api;
1545
+ var headers = new Headers(opts == null ? void 0 : opts.headers);
1546
+ headers.set('content-type', 'application/json; charset=utf-8');
1547
+ var cookieKey = (_config$api = config.api) == null ? void 0 : _config$api.cookieKey;
1548
+ // this is old, but still maybe something worth keeping.
1549
+ var authHeader = headers.get('Authorization');
1550
+ if (!authHeader) {
1551
+ var token = getTokenFromCookie(headers, cookieKey);
1552
+ if (token) {
1553
+ headers.set('Authorization', "Bearer " + token);
1554
+ } else if (getToken({
1555
+ config: config
1556
+ })) {
1557
+ headers.set('Authorization', "Bearer " + getToken({
1558
+ config: config
1559
+ }));
1560
+ }
1561
+ }
1562
+ if (config.secureCookies) {
1563
+ headers.set(X_NILE_SECURECOOKIES, 'true');
1564
+ }
1565
+ return headers;
1566
+ }
1533
1567
  function _fetch(_x, _x2, _x3) {
1534
1568
  return _fetch2.apply(this, arguments);
1535
1569
  }
1536
1570
  function _fetch2() {
1537
1571
  _fetch2 = _asyncToGenerator(/*#__PURE__*/_regeneratorRuntime().mark(function _callee(config, path, opts) {
1538
- var _config$api, _config$api2;
1539
- var _Logger, debug, error, url, cookieKey, headers, basicHeaders, authHeader, token, tenantId, userId, useableUrl, _response$status, response, _opts$method, _opts$method2, res, errorHandler, msg, _res, message, _res2, _res2$errors, _message;
1572
+ var _config$api2;
1573
+ var _Logger, debug, error, url, headers, tenantId, basicHeaders, userId, useableUrl, _response$status, response, _opts$method, _opts$method2, res, errorHandler, msg, _res, message, _res2, _res2$errors, _message;
1540
1574
  return _regeneratorRuntime().wrap(function _callee$(_context) {
1541
1575
  while (1) switch (_context.prev = _context.next) {
1542
1576
  case 0:
1543
1577
  _Logger = Logger(config, '[server]'), debug = _Logger.debug, error = _Logger.error;
1544
- url = "" + ((_config$api = config.api) == null ? void 0 : _config$api.basePath) + path;
1545
- cookieKey = (_config$api2 = config.api) == null ? void 0 : _config$api2.cookieKey;
1578
+ url = "" + ((_config$api2 = config.api) == null ? void 0 : _config$api2.basePath) + path;
1546
1579
  headers = new Headers(opts == null ? void 0 : opts.headers);
1547
- basicHeaders = new Headers(opts == null ? void 0 : opts.headers);
1548
- basicHeaders.set('content-type', 'application/json; charset=utf-8');
1549
- // this is old, but still maybe something worth keeping.
1550
- authHeader = headers.get('Authorization');
1551
- if (!authHeader) {
1552
- token = getTokenFromCookie(headers, cookieKey);
1553
- if (token) {
1554
- basicHeaders.set('Authorization', "Bearer " + token);
1555
- } else if (getToken({
1556
- config: config
1557
- })) {
1558
- basicHeaders.set('Authorization', "Bearer " + getToken({
1559
- config: config
1560
- }));
1561
- }
1562
- }
1563
1580
  tenantId = getTenantFromHttp(headers, config);
1581
+ basicHeaders = makeBasicHeaders(config, opts);
1564
1582
  updateTenantId(tenantId);
1565
1583
  userId = getUserFromHttp(headers, config);
1566
1584
  updateUserId(userId);
1567
1585
  if (!(url.includes('{tenantId}') && !tenantId)) {
1568
- _context.next = 14;
1586
+ _context.next = 10;
1569
1587
  break;
1570
1588
  }
1571
1589
  return _context.abrupt("return", new ResponseError('tenantId is not set for request', {
1572
1590
  status: 400
1573
1591
  }));
1574
- case 14:
1592
+ case 10:
1575
1593
  useableUrl = url.replace('{tenantId}', encodeURIComponent(String(tenantId))).replace('{userId}', encodeURIComponent(String(userId)));
1576
1594
  debug("[fetch] " + useableUrl);
1577
- _context.prev = 16;
1578
- _context.next = 19;
1595
+ _context.prev = 12;
1596
+ _context.next = 15;
1579
1597
  return fetch(useableUrl, _extends({}, opts, {
1580
1598
  headers: basicHeaders
1581
1599
  }))["catch"](function (e) {
@@ -1584,111 +1602,111 @@ function _fetch2() {
1584
1602
  stack: e.stack
1585
1603
  });
1586
1604
  });
1587
- case 19:
1605
+ case 15:
1588
1606
  response = _context.sent;
1589
1607
  if (!(response && response.status >= 200 && response.status < 300)) {
1590
- _context.next = 42;
1608
+ _context.next = 38;
1591
1609
  break;
1592
1610
  }
1593
1611
  if (!(typeof response.clone === 'function')) {
1594
- _context.next = 41;
1612
+ _context.next = 37;
1595
1613
  break;
1596
1614
  }
1597
- _context.prev = 22;
1615
+ _context.prev = 18;
1598
1616
  _context.t0 = debug;
1599
1617
  _context.t1 = "[fetch][response][" + ((_opts$method = opts == null ? void 0 : opts.method) != null ? _opts$method : 'GET') + "] " + response.status + " " + useableUrl;
1600
- _context.next = 27;
1618
+ _context.next = 23;
1601
1619
  return response.clone().json();
1602
- case 27:
1620
+ case 23:
1603
1621
  _context.t2 = _context.sent;
1604
1622
  _context.t3 = {
1605
1623
  body: _context.t2
1606
1624
  };
1607
1625
  (0, _context.t0)(_context.t1, _context.t3);
1608
- _context.next = 41;
1626
+ _context.next = 37;
1609
1627
  break;
1610
- case 32:
1611
- _context.prev = 32;
1612
- _context.t4 = _context["catch"](22);
1628
+ case 28:
1629
+ _context.prev = 28;
1630
+ _context.t4 = _context["catch"](18);
1613
1631
  _context.t5 = debug;
1614
1632
  _context.t6 = "[fetch][response][" + ((_opts$method2 = opts == null ? void 0 : opts.method) != null ? _opts$method2 : 'GET') + "] " + response.status + " " + useableUrl;
1615
- _context.next = 38;
1633
+ _context.next = 34;
1616
1634
  return response.clone().text();
1617
- case 38:
1635
+ case 34:
1618
1636
  _context.t7 = _context.sent;
1619
1637
  _context.t8 = {
1620
1638
  body: _context.t7
1621
1639
  };
1622
1640
  (0, _context.t5)(_context.t6, _context.t8);
1623
- case 41:
1641
+ case 37:
1624
1642
  return _context.abrupt("return", response);
1625
- case 42:
1643
+ case 38:
1626
1644
  if (!((response == null ? void 0 : response.status) === 404)) {
1627
- _context.next = 44;
1645
+ _context.next = 40;
1628
1646
  break;
1629
1647
  }
1630
1648
  return _context.abrupt("return", new ResponseError('Not found', {
1631
1649
  status: 404
1632
1650
  }));
1633
- case 44:
1651
+ case 40:
1634
1652
  if (!((response == null ? void 0 : response.status) === 401)) {
1635
- _context.next = 46;
1653
+ _context.next = 42;
1636
1654
  break;
1637
1655
  }
1638
1656
  return _context.abrupt("return", new ResponseError('Unauthorized', {
1639
1657
  status: 401
1640
1658
  }));
1641
- case 46:
1659
+ case 42:
1642
1660
  if (!((response == null ? void 0 : response.status) === 405)) {
1643
- _context.next = 48;
1661
+ _context.next = 44;
1644
1662
  break;
1645
1663
  }
1646
1664
  return _context.abrupt("return", new ResponseError('Method not allowed', {
1647
1665
  status: 405
1648
1666
  }));
1649
- case 48:
1667
+ case 44:
1650
1668
  errorHandler = typeof (response == null ? void 0 : response.clone) === 'function' ? response.clone() : null;
1651
1669
  msg = '';
1652
- _context.prev = 50;
1653
- _context.next = 53;
1670
+ _context.prev = 46;
1671
+ _context.next = 49;
1654
1672
  return response == null ? void 0 : response.json();
1655
- case 53:
1673
+ case 49:
1656
1674
  res = _context.sent;
1657
- _context.next = 64;
1675
+ _context.next = 60;
1658
1676
  break;
1659
- case 56:
1660
- _context.prev = 56;
1661
- _context.t9 = _context["catch"](50);
1677
+ case 52:
1678
+ _context.prev = 52;
1679
+ _context.t9 = _context["catch"](46);
1662
1680
  if (!errorHandler) {
1663
- _context.next = 63;
1681
+ _context.next = 59;
1664
1682
  break;
1665
1683
  }
1666
- _context.next = 61;
1684
+ _context.next = 57;
1667
1685
  return errorHandler.text();
1668
- case 61:
1686
+ case 57:
1669
1687
  msg = _context.sent;
1670
1688
  if (msg) {
1671
1689
  error("[fetch][response] status: " + errorHandler.status + "]", {
1672
1690
  message: msg
1673
1691
  });
1674
1692
  }
1675
- case 63:
1693
+ case 59:
1676
1694
  if (!msg) {
1677
1695
  error('[fetch][response]', {
1678
1696
  e: _context.t9
1679
1697
  });
1680
1698
  }
1681
- case 64:
1699
+ case 60:
1682
1700
  if (!msg) {
1683
- _context.next = 66;
1701
+ _context.next = 62;
1684
1702
  break;
1685
1703
  }
1686
1704
  return _context.abrupt("return", new ResponseError(msg, {
1687
1705
  status: errorHandler == null ? void 0 : errorHandler.status
1688
1706
  }));
1689
- case 66:
1707
+ case 62:
1690
1708
  if (!(res && 'message' in res)) {
1691
- _context.next = 70;
1709
+ _context.next = 66;
1692
1710
  break;
1693
1711
  }
1694
1712
  _res = res, message = _res.message;
@@ -1696,9 +1714,9 @@ function _fetch2() {
1696
1714
  return _context.abrupt("return", new ResponseError(message, {
1697
1715
  status: 400
1698
1716
  }));
1699
- case 70:
1717
+ case 66:
1700
1718
  if (!(res && 'errors' in res)) {
1701
- _context.next = 74;
1719
+ _context.next = 70;
1702
1720
  break;
1703
1721
  }
1704
1722
  _res2 = res, _res2$errors = _res2.errors, _message = _res2$errors[0];
@@ -1706,24 +1724,24 @@ function _fetch2() {
1706
1724
  return _context.abrupt("return", new ResponseError(_message, {
1707
1725
  status: 400
1708
1726
  }));
1709
- case 74:
1727
+ case 70:
1710
1728
  error("[fetch][response] status: " + (errorHandler == null ? void 0 : errorHandler.status) + "] UNHANDLED ERROR", {
1711
1729
  res: res
1712
1730
  });
1713
1731
  return _context.abrupt("return", new ResponseError(null, {
1714
1732
  status: (_response$status = response == null ? void 0 : response.status) != null ? _response$status : 500
1715
1733
  }));
1716
- case 78:
1717
- _context.prev = 78;
1718
- _context.t10 = _context["catch"](16);
1734
+ case 74:
1735
+ _context.prev = 74;
1736
+ _context.t10 = _context["catch"](12);
1719
1737
  return _context.abrupt("return", new ResponseError('an unexpected error has occurred', {
1720
1738
  status: 500
1721
1739
  }));
1722
- case 81:
1740
+ case 77:
1723
1741
  case "end":
1724
1742
  return _context.stop();
1725
1743
  }
1726
- }, _callee, null, [[16, 78], [22, 32], [50, 56]]);
1744
+ }, _callee, null, [[12, 74], [18, 28], [46, 52]]);
1727
1745
  }));
1728
1746
  return _fetch2.apply(this, arguments);
1729
1747
  }