@nitra/cf-security 4.5.2 → 4.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +4 -4
  2. package/src/index.js +3 -4
  3. package/src/jwt-both.js +2 -2
  4. package/src/jwt-c.js +6 -5
  5. package/src/jwt.js +2 -4
  6. package/src/utils/intersection.js +5 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nitra/cf-security",
3
- "version": "4.5.2",
3
+ "version": "4.5.4",
4
4
  "description": "check header in serverless",
5
5
  "type": "module",
6
6
  "types": "./types/index.d.ts",
@@ -24,10 +24,10 @@
24
24
  },
25
25
  "homepage": "https://github.com/nitra/cf-security#readme",
26
26
  "dependencies": {
27
- "@nitra/bunyan": "^2.0.1",
28
- "@nitra/check-env": "^3.1.0",
27
+ "@nitra/bunyan": "^2.0.3",
28
+ "@nitra/check-env": "^3.2.0",
29
29
  "@nitra/isenv": "^2.0.1",
30
- "@nitra/jwt": "^3.7.0"
30
+ "@nitra/jwt": "^3.7.1"
31
31
  },
32
32
  "files": [
33
33
  "src",
package/src/index.js CHANGED
@@ -3,17 +3,16 @@ checkEnv(['X_NITRA_CF_KEY'])
3
3
 
4
4
  /**
5
5
  * Check request for Nitra security rules
6
- *
7
6
  * @param {object} req - ApolloServer or Express Request for check
8
- * @return {boolean} if check passed
7
+ * @returns {boolean} if check passed
9
8
  */
10
9
  export default function (req) {
11
- if (typeof req.headers === 'undefined') {
10
+ if (req.headers === undefined) {
12
11
  req.log.info('Request without headers')
13
12
  return false
14
13
  }
15
14
 
16
- if (typeof req.headers['x-nitra-cf-key'] === 'undefined') {
15
+ if (req.headers['x-nitra-cf-key'] === undefined) {
17
16
  req.log.info('Nitra key not exist in request')
18
17
  return false
19
18
  }
package/src/jwt-both.js CHANGED
@@ -3,9 +3,9 @@ import { runSecurityCookie } from './jwt-c.js'
3
3
 
4
4
  /**
5
5
  * Check request for Nitra security з токеном в кукі
6
- *
7
6
  * @param {object} req - Fastify Request for check
8
- * @return {Promise<Object>} token if check passed
7
+ * @param allowedRoles
8
+ * @returns {Promise<object>} token if check passed
9
9
  */
10
10
  export default async (req, allowedRoles) => {
11
11
  if (req.headers.authorization) {
package/src/jwt-c.js CHANGED
@@ -4,9 +4,9 @@ import { intersection } from './utils/intersection.js'
4
4
 
5
5
  /**
6
6
  * Check request for Nitra security з токеном в кукі
7
- *
8
7
  * @param {object} req - Fastify Request for check
9
- * @return {Promise<Object>} token if check passed
8
+ * @param allowedRoles
9
+ * @returns {Promise<object>} token if check passed
10
10
  */
11
11
  export default async (req, allowedRoles) => {
12
12
  const { parsed } = await runSecurityCookie(req, allowedRoles)
@@ -15,10 +15,9 @@ export default async (req, allowedRoles) => {
15
15
 
16
16
  /**
17
17
  * Check request for Nitra security rules WI
18
- *
19
18
  * @param {object} req - Fastify Request for check
20
19
  * @param {Array} allowedRoles - Allowed roles
21
- * @return {Promise<Object>} token if check passed
20
+ * @returns {Promise<object>} token if check passed
22
21
  */
23
22
  export const runSecurityCookie = async (req, allowedRoles) => {
24
23
  if (!req.raw.headers?.cookie) {
@@ -26,7 +25,9 @@ export const runSecurityCookie = async (req, allowedRoles) => {
26
25
  }
27
26
 
28
27
  // Читаємо кукі
29
- const c = Object.fromEntries(req.raw.headers.cookie.split('; ').map(v => v.split(/=(.*)/s).map(decodeURIComponent)))
28
+ const c = Object.fromEntries(
29
+ req.raw.headers.cookie.split('; ').map(v => v.split(/=(.*)/s).map(x => decodeURIComponent(x)))
30
+ )
30
31
 
31
32
  // Для дева можна й не передавати токен
32
33
  if (isDev) {
package/src/jwt.js CHANGED
@@ -4,10 +4,9 @@ import { intersection } from './utils/intersection.js'
4
4
 
5
5
  /**
6
6
  * Check request for Nitra security rules WI
7
- *
8
7
  * @param {object} req - Fastify Request for check
9
8
  * @param {Array} allowedRoles - Allowed roles
10
- * @return {Promise<string>} token if check passed
9
+ * @returns {Promise<string>} token if check passed
11
10
  */
12
11
  export default async (req, allowedRoles) => {
13
12
  const { parsed } = await runSecurityHeader(req, allowedRoles)
@@ -16,10 +15,9 @@ export default async (req, allowedRoles) => {
16
15
 
17
16
  /**
18
17
  * Check request for Nitra security rules WI
19
- *
20
18
  * @param {object} req - Fastify Request for check
21
19
  * @param {Array} allowedRoles - Allowed roles
22
- * @return {Promise<Object>} token if check passed
20
+ * @returns {Promise<object>} token if check passed
23
21
  */
24
22
  export const runSecurityHeader = async (req, allowedRoles) => {
25
23
  // Для дева можна й не передавати токен
package/src/utils/intersection.js CHANGED
@@ -1,3 +1,8 @@
1
+ /**
2
+ *
3
+ * @param a
4
+ * @param b
5
+ */
1
6
  export function intersection(a, b) {
2
7
  const setA = new Set(a)
3
8
  return b.filter(value => setA.has(value))