@nitra/cf-security 5.0.1 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +2 -2
  2. package/package.json +16 -16
  3. package/src/jwt-both.js +5 -1
package/README.md CHANGED
@@ -8,7 +8,7 @@ Check security header in Cloud Functions
8
8
  X_NITRA_CF_KEY: secret
9
9
  ```
10
10
 
11
- ```JavaScript
11
+ ```js
12
12
  const { cfSecurity } = require('@nitra/cf-security')
13
13
 
14
14
  exports.function = async (req, res) => {
@@ -18,7 +18,7 @@ exports.function = async (req, res) => {
18
18
  }
19
19
  ```
20
20
 
21
- ```JavaScript
21
+ ```js
22
22
  import runSecurity from '@nitra/cf-security'
23
23
 
24
24
  if (!runSecurity(req, ["role1","role2"])) {
package/package.json CHANGED
@@ -1,7 +1,21 @@
1
1
  {
2
2
  "name": "@nitra/cf-security",
3
- "version": "5.0.1",
3
+ "version": "5.2.0",
4
4
  "description": "check header in serverless",
5
+ "homepage": "https://github.com/nitra/cf-security#readme",
6
+ "bugs": {
7
+ "url": "https://github.com/nitra/cf-security/issues"
8
+ },
9
+ "license": "ISC",
10
+ "author": "v@nitra.ai",
11
+ "repository": {
12
+ "type": "git",
13
+ "url": "git+https://github.com/nitra/cf-security.git"
14
+ },
15
+ "files": [
16
+ "src",
17
+ "types"
18
+ ],
5
19
  "type": "module",
6
20
  "types": "./types/index.d.ts",
7
21
  "exports": {
@@ -13,25 +27,11 @@
13
27
  "scripts": {
14
28
  "test": "env $(cat ./test/.env) npx coverage-node test/index.js"
15
29
  },
16
- "repository": {
17
- "type": "git",
18
- "url": "git+https://github.com/nitra/cf-security.git"
19
- },
20
- "author": "v@nitra.ai",
21
- "license": "ISC",
22
- "bugs": {
23
- "url": "https://github.com/nitra/cf-security/issues"
24
- },
25
- "homepage": "https://github.com/nitra/cf-security#readme",
26
30
  "dependencies": {
27
- "@nitra/check-env": "^3.2.0",
31
+ "@nitra/check-env": "^4.1.1",
28
32
  "@nitra/isenv": "^2.0.1",
29
33
  "@nitra/jwt": "^4.0.3"
30
34
  },
31
- "files": [
32
- "src",
33
- "types"
34
- ],
35
35
  "engines": {
36
36
  "node": ">=20.0.0"
37
37
  }
package/src/jwt-both.js CHANGED
@@ -10,7 +10,11 @@ import { runSecurityHeader } from './jwt.js'
10
10
  export default async (req, allowedRoles) => {
11
11
  // oxlint-disable-line require-await
12
12
  if (req.headers.authorization) {
13
- return runSecurityHeader(req, allowedRoles)
13
+ const authHeaders = req.headers.authorization.split(' ')
14
+ // Якщо це Basic авторизація, то беремо токен з Cookie
15
+ if (authHeaders[0] === 'Bearer') {
16
+ return runSecurityHeader(req, allowedRoles)
17
+ }
14
18
  }
15
19
  return runSecurityCookie(req, allowedRoles)
16
20
  }