@reldens/server-utils 0.15.0 → 0.17.0

package/README.md

@@ -12,6 +12,7 @@ A set of helpers for Node.js to create a server and handle files.
 - File handler.
 - Express server factory.
 - Multer uploader factory.
+- Password manager.
 
 Need something specific?
 

package/index.js

@@ -7,9 +7,11 @@
 const { FileHandler } = require('./lib/file-handler');
 const { AppServerFactory } = require('./lib/app-server-factory');
 const { UploaderFactory } = require('./lib/uploader-factory');
+const { Encryptor } = require('./lib/encryptor');
 
 module.exports = {
     FileHandler,
     AppServerFactory,
-    UploaderFactory
+    UploaderFactory,
+    Encryptor
 };

package/lib/app-server-factory.js

@@ -51,6 +51,11 @@ class AppServerFactory
         this.tooManyRequestsMessage = 'Too many requests, please try again later.';
         this.error = {};
         this.processErrorResponse = false;
+        this.port = 3000;
+        this.autoListen = false;
+        this.domains = [];
+        this.useVirtualHosts = false;
+        this.defaultDomain = '';
     }
 
     createAppServer(appServerConfig)
@@ -61,6 +66,9 @@ class AppServerFactory
         if(this.useHelmet){
             this.app.use(this.helmetConfig ? helmet(this.helmetConfig) : helmet());
         }
+        if(this.useVirtualHosts){
+            this.setupVirtualHosts();
+        }
         if(this.useCors){
             let corsOptions = {
                 origin: this.corsOrigin,
@@ -89,9 +97,11 @@ class AppServerFactory
                 if(!req.body){
                     return next();
                 }
-                if(typeof req.body === 'object'){
-                    for(let key in req.body){
-                        if(typeof req.body[key] === 'string'){
+                if('object' === typeof req.body){
+                    let bodyKeys = Object.keys(req.body);
+                    for(let i = 0; i < bodyKeys.length; i++){
+                        let key = bodyKeys[i];
+                        if('string' === typeof req.body[key]){
                             req.body[key] = sanitizeHtml(req.body[key]);
                         }
                     }
@@ -102,7 +112,7 @@ class AppServerFactory
         if(this.useExpressJson){
             this.app.use(this.applicationFramework.json({
                 limit: this.jsonLimit,
-                verify: this.verifyContentTypeJson
+                verify: this.verifyContentTypeJson.bind(this)
             }));
         }
         if(this.useUrlencoded){
@@ -115,6 +125,13 @@ class AppServerFactory
             this.app.enable('trust proxy', this.trustedProxy);
         }
         this.appServer = this.createServer();
+        if(!this.appServer){
+            this.error = {message: 'Failed to create app server'};
+            return false;
+        }
+        if(this.autoListen){
+            this.listen();
+        }
         return {app: this.app, appServer: this.appServer};
     }
 
@@ -122,13 +139,57 @@ class AppServerFactory
     {
         let contentType = req.headers['content-type'] || '';
         if(
-            req.method === 'POST'
+            'POST' === req.method
             && 0 < buf.length
             && !contentType.includes('application/json')
             && !contentType.includes('multipart/form-data')
         ){
-            throw new Error('Invalid content-type');
+            this.error = {message: 'Invalid content-type for JSON request'};
+            return false;
+        }
+    }
+
+    setupVirtualHosts()
+    {
+        if(0 === this.domains.length){
+            return;
         }
+        this.app.use((req, res, next) => {
+            let hostname = req.get('host');
+            if(!hostname){
+                if(this.defaultDomain){
+                    req.domain = this.defaultDomain;
+                    return next();
+                }
+                this.error = {message: 'No hostname provided and no default domain configured'};
+                return res.status(400).send('Bad Request');
+            }
+            let domain = this.findDomainConfig(hostname);
+            if(!domain){
+                if(this.defaultDomain){
+                    req.domain = this.defaultDomain;
+                    return next();
+                }
+                this.error = {message: 'Unknown domain: '+hostname};
+                return res.status(404).send('Domain not found');
+            }
+            req.domain = domain;
+            next();
+        });
+    }
+
+    findDomainConfig(hostname)
+    {
+        for(let i = 0; i < this.domains.length; i++){
+            let domain = this.domains[i];
+            if(domain.hostname === hostname){
+                return domain;
+            }
+            if(domain.aliases && domain.aliases.includes(hostname)){
+                return domain;
+            }
+        }
+        return false;
     }
 
     createServer()
@@ -136,12 +197,22 @@ class AppServerFactory
         if(!this.useHttps){
             return http.createServer(this.app);
         }
+        if(this.useVirtualHosts && 0 < this.domains.length){
+            return this.createHttpsServerWithSNI();
+        }
+        return this.createSingleHttpsServer();
+    }
+
+    createSingleHttpsServer()
+    {
         let key = FileHandler.readFile(this.keyPath, 'Key');
         if(!key){
+            this.error = {message: 'Could not read SSL key file: '+this.keyPath};
             return false;
         }
         let cert = FileHandler.readFile(this.certPath, 'Cert');
         if(!cert){
+            this.error = {message: 'Could not read SSL certificate file: '+this.certPath};
             return false;
         }
         let credentials = {
@@ -158,6 +229,67 @@ class AppServerFactory
         return https.createServer(credentials, this.app);
     }
 
+    createHttpsServerWithSNI()
+    {
+        let defaultCredentials = this.loadDefaultCredentials();
+        if(!defaultCredentials){
+            return false;
+        }
+        let httpsOptions = Object.assign({}, defaultCredentials);
+        httpsOptions.SNICallback = (hostname, callback) => {
+            let domain = this.findDomainConfig(hostname);
+            if(!domain || !domain.keyPath || !domain.certPath){
+                return callback(null, null);
+            }
+            let key = FileHandler.readFile(domain.keyPath, 'Domain Key');
+            if(!key){
+                this.error = {message: 'Could not read domain SSL key: '+domain.keyPath};
+                return callback(null, null);
+            }
+            let cert = FileHandler.readFile(domain.certPath, 'Domain Cert');
+            if(!cert){
+                this.error = {message: 'Could not read domain SSL certificate: '+domain.certPath};
+                return callback(null, null);
+            }
+            let ctx = require('tls').createSecureContext({
+                key: key.toString(),
+                cert: cert.toString()
+            });
+            callback(null, ctx);
+        };
+        return https.createServer(httpsOptions, this.app);
+    }
+
+    loadDefaultCredentials()
+    {
+        let key = FileHandler.readFile(this.keyPath, 'Default Key');
+        if(!key){
+            this.error = {message: 'Could not read default SSL key file: '+this.keyPath};
+            return false;
+        }
+        let cert = FileHandler.readFile(this.certPath, 'Default Cert');
+        if(!cert){
+            this.error = {message: 'Could not read default SSL certificate file: '+this.certPath};
+            return false;
+        }
+        return {
+            key: key.toString(),
+            cert: cert.toString(),
+            passphrase: this.passphrase
+        };
+    }
+
+    listen(port)
+    {
+        let listenPort = port || this.port;
+        if(!this.appServer){
+            this.error = {message: 'Cannot listen: app server not created'};
+            return false;
+        }
+        this.appServer.listen(listenPort);
+        return true;
+    }
+
     async enableServeHome(app, homePageLoadCallback)
     {
         let limiterParams = {
@@ -189,16 +321,16 @@ class AppServerFactory
                     }
                     return res.status(500).send(errorMessage);
                 }
-                try {
-                    return res.send(await homePageLoadCallback(req));
-                } catch(error){
-                    let message = 'Error loading homepage.';
-                    this.error = {message, error};
+                let homepageContent = await homePageLoadCallback(req);
+                if(!homepageContent){
+                    let message = 'Error loading homepage content';
+                    this.error = {message};
                     if('function' === typeof this.processErrorResponse){
                         return this.processErrorResponse(500, message, req, res);
                     }
                     return res.status(500).send(message);
                 }
+                return res.send(homepageContent);
             }
             next();
         });
@@ -207,8 +339,8 @@ class AppServerFactory
     async serveStatics(app, statics)
     {
         if(!FileHandler.isValidPath(statics)){
-            this.error = {message: 'Invalid statics path.'};
-            return;
+            this.error = {message: 'Invalid statics path: '+statics};
+            return false;
         }
         let staticOptions = {
             maxAge: '1d',
@@ -220,13 +352,14 @@ class AppServerFactory
             }
         };
         app.use(this.applicationFramework.static(statics, staticOptions));
+        return true;
     }
 
     async serveStaticsPath(app, staticsPath, statics)
     {
         if(!FileHandler.isValidPath(staticsPath) || !FileHandler.isValidPath(statics)){
-            this.error = {message: 'Invalid statics path to be served.'};
-            return;
+            this.error = {message: 'Invalid statics path to be served: '+staticsPath+' -> '+statics};
+            return false;
         }
         let staticOptions = {
             maxAge: '1d',
@@ -238,6 +371,25 @@ class AppServerFactory
             }
         };
         app.use(staticsPath, this.applicationFramework.static(statics, staticOptions));
+        return true;
+    }
+
+    addDomain(domainConfig)
+    {
+        if(!domainConfig.hostname){
+            this.error = {message: 'Domain configuration missing hostname'};
+            return false;
+        }
+        this.domains.push(domainConfig);
+        return true;
+    }
+
+    async close()
+    {
+        if(!this.appServer){
+            return true;
+        }
+        return await this.appServer.close();
     }
 
 }

package/lib/encryptor.js

@@ -0,0 +1,47 @@
+/**
+ *
+ * Reldens - Encryptor
+ *
+ */
+
+let crypto = require('crypto');
+
+class Encryptor
+{
+
+    constructor()
+    {
+        // recommended minimum for PBKDF2 with SHA-512
+        this.iterations = 60000;
+        this.keylen = 64;
+        this.digest = 'sha512';
+    }
+
+    encryptPassword(password)
+    {
+        // generate the password hash:
+        let salt = crypto.randomBytes(16).toString('hex');
+        let hash = crypto.pbkdf2Sync(password, salt, this.iterations, this.keylen, this.digest ).toString('hex');
+        return salt + ':' + hash;
+    }
+
+    validatePassword(password, storedPassword)
+    {
+        let parts = storedPassword.split(':');
+        if(2 !== parts.length){
+            return false;
+        }
+        let salt = parts[0];
+        let storedHash = parts[1];
+        let hash = crypto.pbkdf2Sync(password, salt, this.iterations, this.keylen, this.digest).toString('hex');
+        return storedHash === hash;
+    }
+
+    generateSecretKey()
+    {
+        return crypto.randomBytes(32).toString('hex');
+    }
+
+}
+
+module.exports.Encryptor = new Encryptor();

package/lib/file-handler.js

@@ -203,6 +203,53 @@ class FileHandler
         return false;
     }
 
+    isFolder(dirPath)
+    {
+        if(!this.isValidPath(dirPath)){
+            this.error = {message: 'Invalid folder path.', dirPath};
+            return false;
+        }
+        if(!this.exists(dirPath)){
+            return false;
+        }
+        try {
+            return fs.lstatSync(dirPath).isDirectory();
+        } catch (error) {
+            this.error = {message: 'Can not check folder.', error, dirPath};
+        }
+        return false;
+    }
+
+    getFilesInFolder(dirPath, extensions = [])
+    {
+        if(!this.isValidPath(dirPath)){
+            this.error = {message: 'Invalid folder path.', dirPath};
+            return [];
+        }
+        let files = this.readFolder(dirPath);
+        if(0 === files.length){
+            return [];
+        }
+        let result = [];
+        for(let file of files){
+            let filePath = path.join(dirPath, file);
+            if(!this.isFile(filePath)){
+                continue;
+            }
+            if(0 === extensions.length){
+                result.push(file);
+                continue;
+            }
+            for(let ext of extensions){
+                if(file.endsWith(ext)){
+                    result.push(file);
+                    break;
+                }
+            }
+        }
+        return result;
+    }
+
     permissionsCheck(systemPath)
     {
         if(!this.isValidPath(systemPath)){

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@reldens/server-utils",
     "scope": "@reldens",
-    "version": "0.15.0",
+    "version": "0.17.0",
     "description": "Reldens - Server Utils",
     "author": "Damian A. Pastorini",
     "license": "MIT",
@@ -42,6 +42,6 @@
         "express-session": "1.18.1",
         "helmet": "8.1.0",
         "multer": "^1.4.5-lts.2",
-        "sanitize-html": "^2.16.0"
+        "sanitize-html": "^2.17.0"
     }
 }