@nitra/cf-security 4.2.0 → 4.4.0

package/package.json

@@ -1,13 +1,14 @@
 {
   "name": "@nitra/cf-security",
-  "version": "4.2.0",
+  "version": "4.4.0",
   "description": "check header in serverless",
   "type": "module",
   "types": "./types/index.d.ts",
   "exports": {
     ".": "./src/index.js",
     "./jwt": "./src/jwt.js",
-    "./jwt-c": "./src/jwt-c.js"
+    "./jwt-c": "./src/jwt-c.js",
+    "./jwt-both": "./src/jwt-both.js"
   },
   "scripts": {
     "test": "env $(cat ./test/.env) npx coverage-node test/index.js"
@@ -24,7 +25,7 @@
   "homepage": "https://github.com/nitra/cf-security#readme",
   "dependencies": {
     "@nitra/bunyan": "^2.0.1",
-    "@nitra/check-env": "^3.0.0",
+    "@nitra/check-env": "^3.1.0",
     "@nitra/isenv": "^2.0.1",
     "@nitra/jwt": "^3.7.0"
   },

package/src/jwt-both.js

@@ -0,0 +1,16 @@
+import { runSecurityHeader } from './jwt.js'
+import { runSecurityCookie } from './jwt-c.js'
+
+/**
+ * Check request for Nitra security з токеном в кукі
+ *
+ * @param {object} req - Fastify  Request for check
+ * @return {Promise<Object>} token if check passed
+ */
+export default async (req, allowedRoles) => {
+  if (req.headers.authorization) {
+    return runSecurityHeader(req, allowedRoles)
+  } else {
+    return runSecurityCookie(req, allowedRoles)
+  }
+}

package/src/jwt-c.js

@@ -1,6 +1,6 @@
-// @ts-ignore
 import verify from '@nitra/jwt/verify'
 import { isDev } from '@nitra/isenv'
+import { intersection } from './utils/intersection.js'
 
 /**
  * Check request for Nitra security з токеном в кукі
@@ -9,6 +9,18 @@ import { isDev } from '@nitra/isenv'
  * @return {Promise<Object>} token if check passed
  */
 export default async (req, allowedRoles) => {
+  const { parsed } = await runSecurityCookie(req, allowedRoles)
+  return parsed.body
+}
+
+/**
+ * Check request for Nitra security rules WI
+ *
+ * @param {object} req - Fastify  Request for check
+ * @param {Array} allowedRoles - Allowed roles
+ * @return {Promise<Object>} token if check passed
+ */
+export const runSecurityCookie = async (req, allowedRoles) => {
   if (!req.raw.headers?.cookie) {
     throw new Error('[verification] missing cookie')
   }
@@ -46,10 +58,5 @@ export default async (req, allowedRoles) => {
     throw new Error(`[verification] unallowed roles ${roleArray}`)
   }
 
-  return token.body
-}
-
-function intersection(a, b) {
-  const setA = new Set(a)
-  return b.filter(value => setA.has(value))
+  return { raw: c.__session, parsed: token.body }
 }

package/src/jwt.js

@@ -1,5 +1,6 @@
 import verify from '@nitra/jwt/verify'
 import { isDev } from '@nitra/isenv'
+import { intersection } from './utils/intersection.js'
 
 /**
  * Check request for Nitra security rules WI
@@ -9,6 +10,18 @@ import { isDev } from '@nitra/isenv'
  * @return {Promise<string>} token if check passed
  */
 export default async (req, allowedRoles) => {
+  const { parsed } = await runSecurityHeader(req, allowedRoles)
+  return parsed.body
+}
+
+/**
+ * Check request for Nitra security rules WI
+ *
+ * @param {object} req - Fastify  Request for check
+ * @param {Array} allowedRoles - Allowed roles
+ * @return {Promise<Object>} token if check passed
+ */
+export const runSecurityHeader = async (req, allowedRoles) => {
   // Для дева можна й не передавати токен
   if (isDev) {
     // Але якщо передали - то беремо контент з нього
@@ -50,10 +63,5 @@ export default async (req, allowedRoles) => {
     throw new Error(`[verification] unallowed roles ${roleArray}`)
   }
 
-  return token.body
-}
-
-function intersection(a, b) {
-  const setA = new Set(a)
-  return b.filter(value => setA.has(value))
+  return { raw: authHeaders[1], parsed: token.body }
 }

package/src/utils/intersection.js

@@ -0,0 +1,4 @@
+export function intersection(a, b) {
+  const setA = new Set(a)
+  return b.filter(value => setA.has(value))
+}