@reldens/server-utils 0.14.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +1 -0
  2. package/index.js +3 -1
  3. package/lib/app-server-factory.js +24 -25
  4. package/lib/encryptor.js +47 -0
  5. package/package.json +1 -1
package/README.md CHANGED
@@ -12,6 +12,7 @@ A set of helpers for Node.js to create a server and handle files.
12
12
  - File handler.
13
13
  - Express server factory.
14
14
  - Multer uploader factory.
15
+ - Password manager.
15
16
 
16
17
  Need something specific?
17
18
 
package/index.js CHANGED
@@ -7,9 +7,11 @@
7
7
  const { FileHandler } = require('./lib/file-handler');
8
8
  const { AppServerFactory } = require('./lib/app-server-factory');
9
9
  const { UploaderFactory } = require('./lib/uploader-factory');
10
+ const { Encryptor } = require('./lib/encryptor');
10
11
 
11
12
  module.exports = {
12
13
  FileHandler,
13
14
  AppServerFactory,
14
- UploaderFactory
15
+ UploaderFactory,
16
+ Encryptor
15
17
  };
package/lib/app-server-factory.js CHANGED
@@ -26,30 +26,29 @@ class AppServerFactory
26
26
  this.appServer = false;
27
27
  this.app = express();
28
28
  this.rateLimit = rateLimit;
29
- this.useCors = 1 === Number(process.env.RELDENS_USE_CORS || 1);
30
- this.useExpressJson = 1 === Number(process.env.RELDENS_USE_EXPRESS_JSON || 1);
31
- this.useUrlencoded = 1 === Number(process.env.RELDENS_USE_URLENCODED || 1);
32
- this.encoding = String(process.env.RELDENS_DEFAULT_ENCODING || 'utf-8');
33
- this.useHttps = 1 === Number(process.env.RELDENS_EXPRESS_USE_HTTPS || 0);
34
- this.passphrase = String(process.env.RELDENS_EXPRESS_HTTPS_PASSPHRASE || '');
35
- this.httpsChain = String(process.env.RELDENS_EXPRESS_HTTPS_CHAIN || '');
36
- this.keyPath = String(process.env.RELDENS_EXPRESS_HTTPS_PRIVATE_KEY || '');
37
- this.certPath = String(process.env.RELDENS_EXPRESS_HTTPS_CERT || '');
38
- this.trustedProxy = String(process.env.RELDENS_EXPRESS_TRUSTED_PROXY || '');
39
- this.windowMs = Number(process.env.RELDENS_EXPRESS_RATE_LIMIT_MS || 60000);
40
- this.maxRequests = Number(process.env.RELDENS_EXPRESS_RATE_LIMIT_MAX_REQUESTS || 30);
41
- this.applyKeyGenerator = 1 === Number(process.env.RELDENS_EXPRESS_RATE_LIMIT_APPLY_KEY_GENERATOR || 0);
42
- this.jsonLimit = String(process.env.RELDENS_EXPRESS_JSON_LIMIT || '1mb');
43
- this.urlencodedLimit = String(process.env.RELDENS_EXPRESS_URLENCODED_LIMIT || '1mb');
44
- this.useHelmet = 1 === Number(process.env.RELDENS_USE_HELMET || 1);
45
- this.useXssProtection = 1 === Number(process.env.RELDENS_USE_XSS_PROTECTION || 1);
46
- this.globalRateLimit = 1 === Number(process.env.RELDENS_GLOBAL_RATE_LIMIT || 0);
47
- this.corsOrigin = String(process.env.RELDENS_CORS_ORIGIN || '*');
48
- this.corsMethods = String(process.env.RELDENS_CORS_METHODS || 'GET,POST').split(',');
49
- this.corsHeaders = String(process.env.RELDENS_CORS_HEADERS || 'Content-Type,Authorization').split(',');
50
- this.tooManyRequestsMessage = String(
51
- process.env.RELDENS_TOO_MANY_REQUESTS_MESSAGE || 'Too many requests, please try again later.'
52
- );
29
+ this.useCors = true;
30
+ this.useExpressJson = true;
31
+ this.useUrlencoded = true;
32
+ this.encoding = 'utf-8';
33
+ this.useHttps = false;
34
+ this.passphrase = '';
35
+ this.httpsChain = '';
36
+ this.keyPath = '';
37
+ this.certPath = '';
38
+ this.trustedProxy = '';
39
+ this.windowMs = 60000;
40
+ this.maxRequests = 30;
41
+ this.applyKeyGenerator = false;
42
+ this.jsonLimit = '1mb';
43
+ this.urlencodedLimit = '1mb';
44
+ this.useHelmet = true;
45
+ this.helmetConfig = false;
46
+ this.useXssProtection = true;
47
+ this.globalRateLimit = 0;
48
+ this.corsOrigin = '*';
49
+ this.corsMethods = ['GET','POST'];
50
+ this.corsHeaders = ['Content-Type','Authorization'];
51
+ this.tooManyRequestsMessage = 'Too many requests, please try again later.';
53
52
  this.error = {};
54
53
  this.processErrorResponse = false;
55
54
  }
@@ -60,7 +59,7 @@ class AppServerFactory
60
59
  Object.assign(this, appServerConfig);
61
60
  }
62
61
  if(this.useHelmet){
63
- this.app.use(helmet());
62
+ this.app.use(this.helmetConfig ? helmet(this.helmetConfig) : helmet());
64
63
  }
65
64
  if(this.useCors){
66
65
  let corsOptions = {
package/lib/encryptor.js ADDED
@@ -0,0 +1,47 @@
1
+ /**
2
+ *
3
+ * Reldens - Encryptor
4
+ *
5
+ */
6
+
7
+ let crypto = require('crypto');
8
+
9
+ class Encryptor
10
+ {
11
+
12
+ constructor()
13
+ {
14
+ // recommended minimum for PBKDF2 with SHA-512
15
+ this.iterations = 60000;
16
+ this.keylen = 64;
17
+ this.digest = 'sha512';
18
+ }
19
+
20
+ encryptPassword(password)
21
+ {
22
+ // generate the password hash:
23
+ let salt = crypto.randomBytes(16).toString('hex');
24
+ let hash = crypto.pbkdf2Sync(password, salt, this.iterations, this.keylen, this.digest ).toString('hex');
25
+ return salt + ':' + hash;
26
+ }
27
+
28
+ validatePassword(password, storedPassword)
29
+ {
30
+ let parts = storedPassword.split(':');
31
+ if(2 !== parts.length){
32
+ return false;
33
+ }
34
+ let salt = parts[0];
35
+ let storedHash = parts[1];
36
+ let hash = crypto.pbkdf2Sync(password, salt, this.iterations, this.keylen, this.digest).toString('hex');
37
+ return storedHash === hash;
38
+ }
39
+
40
+ generateSecretKey()
41
+ {
42
+ return crypto.randomBytes(32).toString('hex');
43
+ }
44
+
45
+ }
46
+
47
+ module.exports.Encryptor = new Encryptor();
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@reldens/server-utils",
3
3
  "scope": "@reldens",
4
- "version": "0.14.0",
4
+ "version": "0.16.0",
5
5
  "description": "Reldens - Server Utils",
6
6
  "author": "Damian A. Pastorini",
7
7
  "license": "MIT",