npm - @open-wa/wa-automate - Versions diffs - 4.43.5 → 4.44.2 - Mend

@open-wa/wa-automate 4.43.5 → 4.44.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/cli/cli-options.js CHANGED Viewed

@@ -240,6 +240,31 @@ exports.optionList = [{
         typeLabel: '{yellow {underline "--max-memory-restart 300M"}}',
         description: "Offload the EASY API to local instance of pm2. You can add pm2 specific arguments also if you want."
     },
+    {
+        name: 'privkey',
+        type: String,
+        typeLabel: '{yellow {underline "./privatekey.pem"}}',
+        description: "The private key to use for the TLS connection. --cert is also required"
+    },
+    {
+        name: 'cert',
+        type: String,
+        typeLabel: '{yellow {underline "./certificate.pem"}}',
+        description: "The certificate to use for the TLS connection. --privkey is also required"
+    },
+    {
+        name: 'helmet',
+        type: Boolean,
+        description: "Enable helmet middleware for security.",
+    },
+    {
+        name: 'allow-ips',
+        type: String,
+        //@ts-ignore
+        isMultiple: true,
+        typeLabel: '{blueBright {underline 192.168.0.1,192.168.0.2}}',
+        description: "Allow only these IPs to connect to the EASY API. By default, all IPs are allowed."
+    },
     {
         name: 'help',
         description: 'Print this usage guide.'

package/dist/cli/index.js CHANGED Viewed

@@ -102,6 +102,7 @@ function start() {
         }
         try {
             const client = yield (0, index_1.create)(Object.assign({}, createConfig));
+            (0, server_1.setupHttpServer)(cliConfig);
             if (cliConfig.autoReject) {
                 yield client.autoReject(cliConfig.onCall);
             }

package/dist/cli/server.d.ts CHANGED Viewed

@@ -1,11 +1,12 @@
 /// <reference types="node" />
-import http from 'http';
+import http from 'node:http';
 import { Client } from '..';
 export declare const app: import("express-serve-static-core").Express;
-export declare const server: http.Server;
+export declare let server: http.Server;
 export declare type cliFlags = {
     [k: string]: number | string | boolean;
 };
+export declare const setupHttpServer: (cliConfig: cliFlags) => void;
 export declare const setUpExpressApp: () => void;
 export declare const enableCORSRequests: () => void;
 export declare const setupAuthenticationLayer: (cliConfig: cliFlags) => void;

package/dist/cli/server.js CHANGED Viewed

@@ -31,10 +31,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.setupSocketServer = exports.setupBotPressHandler = exports.setupChatwoot = exports.setupTwilioCompatibleWebhook = exports.setupMediaMiddleware = exports.listListeners = exports.getCommands = exports.setupRefocusDisengageMiddleware = exports.setupSwaggerStatsMiddleware = exports.setupApiDocs = exports.setupAuthenticationLayer = exports.enableCORSRequests = exports.setUpExpressApp = exports.server = exports.app = void 0;
+exports.setupSocketServer = exports.setupBotPressHandler = exports.setupChatwoot = exports.setupTwilioCompatibleWebhook = exports.setupMediaMiddleware = exports.listListeners = exports.getCommands = exports.setupRefocusDisengageMiddleware = exports.setupSwaggerStatsMiddleware = exports.setupApiDocs = exports.setupAuthenticationLayer = exports.enableCORSRequests = exports.setUpExpressApp = exports.setupHttpServer = exports.server = exports.app = void 0;
 //@ts-ignore
 const express_1 = __importDefault(require("express"));
-const http_1 = __importDefault(require("http"));
+const node_https_1 = __importDefault(require("node:https"));
+const node_http_1 = __importDefault(require("node:http"));
 const collections_1 = require("./collections");
 const express_robots_txt_1 = __importDefault(require("express-robots-txt"));
 const swagger_ui_express_1 = __importDefault(require("swagger-ui-express"));
@@ -42,15 +43,69 @@ const axios_1 = __importDefault(require("axios"));
 const parse_function_1 = __importDefault(require("parse-function"));
 const __1 = require("..");
 const qs_1 = __importDefault(require("qs"));
+const fs = __importStar(require("fs"));
 const xmlbuilder2_1 = require("xmlbuilder2");
 const chatwoot_1 = require("./integrations/chatwoot");
+const express_ipfilter_1 = require("express-ipfilter");
+const helmet_1 = __importDefault(require("helmet"));
 exports.app = (0, express_1.default)();
-exports.server = http_1.default.createServer(exports.app);
+exports.server = node_http_1.default.createServer(exports.app);
 const trimChatId = (chatId) => chatId.replace("@c.us", "").replace("@g.us", "");
 const socketListenerCallbacks = {};
 // const existingListeners = () => Object.keys(Object.keys(socketListenerCallbacks).flatMap(id=>Object.keys(socketListenerCallbacks[id])).reduce((acc,curr)=>{acc[curr]=true;return acc},{}))
 const existingListeners = [];
 const getCallbacks = (listener) => Object.keys(socketListenerCallbacks).flatMap(k => socketListenerCallbacks[k]).map(o => o[listener]).filter(x => x);
+const setupHttpServer = (cliConfig) => {
+    //check if there is an allow IP list:
+    if (cliConfig.allowIps) {
+        let allowIps = cliConfig.allowIps;
+        if (!Array.isArray(cliConfig.allowIps))
+            allowIps = [cliConfig.allowIps];
+        if (Array.isArray(allowIps) && allowIps.length > 0 && allowIps[0]) {
+            console.log("Allowed IPs", allowIps);
+            let allowIpsOptions = {
+                mode: 'allow',
+                forbidden: 'You are not authorized to access this page.',
+                log: false
+            };
+            if (cliConfig.verbose)
+                allowIpsOptions = Object.assign(Object.assign({}, allowIpsOptions), { logLevel: 'deny', log: true });
+            exports.app.use((0, express_ipfilter_1.IpFilter)(allowIps, allowIpsOptions));
+            exports.app.use((err, req, res, next) => {
+                if (err instanceof express_ipfilter_1.IpDeniedError) {
+                    res.status(401);
+                    res.send("Access Denied");
+                    return;
+                }
+                next();
+            });
+        }
+    }
+    if (cliConfig.helmet) {
+        //@ts-ignore
+        exports.app.use((0, helmet_1.default)());
+    }
+    const privkey = `${process.env.PRIV || cliConfig.privkey || ""}`;
+    const cert = `${process.env.CERT || cliConfig.cert || ""}`;
+    if (privkey && cert) {
+        console.log("HTTPS Mode:", privkey, cert);
+        const privContents = fs.readFileSync(privkey);
+        const certContents = fs.readFileSync(cert);
+        exports.app.use((req, res, next) => {
+            if (!req.secure && req.get('x-forwarded-proto') !== 'https' && process.env.NODE_ENV !== "development") {
+                return res.redirect('https://' + req.get('host') + req.url);
+            }
+            next();
+        });
+        if (privContents && certContents) {
+            const options = { key: privContents, cert: certContents };
+            exports.server = node_https_1.default.createServer(options, exports.app);
+            return;
+        }
+    }
+    exports.server = node_http_1.default.createServer(exports.app);
+};
+exports.setupHttpServer = setupHttpServer;
 const setUpExpressApp = () => {
     exports.app.use((0, express_robots_txt_1.default)({ UserAgent: '*', Disallow: '/' }));
     //@ts-ignore

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@open-wa/wa-automate",
-  "version": "4.43.5",
+  "version": "4.44.2",
   "licenseCheckUrl": "https://funcs.openwa.dev/license-check",
   "brokenMethodReportUrl": "https://funcs.openwa.dev/report-bm",
   "patches": "https://cdn.openwa.dev/patches.json",
@@ -75,7 +75,7 @@
     "@types/localtunnel": "^2.0.1",
     "@types/marked": "^4.0.2",
     "@types/mime-types": "^2.1.0",
-    "@types/node": "^17.0.13",
+    "@types/node": "^18.7.6",
     "@types/puppeteer": "^5.4.0",
     "@types/shelljs": "^0.8.5",
     "@types/winston-syslog": "^2.4.0",
@@ -123,12 +123,14 @@
     "death": "^1.1.0",
     "eventemitter2": "^6.4.4",
     "express": "^4.17.1",
+    "express-ipfilter": "^1.3.1",
     "express-robots-txt": "^1.0.0",
     "find-up": "^5.0.0",
     "form-data": "^4.0.0",
     "fs-extra": "^10.0.0",
     "get-port": "^5.1.1",
     "hasha": "^5.2.0",
+    "helmet": "^5.1.1",
     "image-type": "^4.1.0",
     "is-url-superb": "^5.0.0",
     "json5": "^2.2.0",