@reldens/server-utils 0.28.0 → 0.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -7
- package/lib/app-server-factory.js +34 -16
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
# Reldens - Server Utils
|
|
2
2
|
|
|
3
|
-
A Node.js server toolkit providing secure application server creation, file handling, encryption, and file upload capabilities for production-ready applications.
|
|
3
|
+
A Node.js server toolkit providing secure application server creation, file handling, encryption, and file upload capabilities for production-ready applications with modular security configurations.
|
|
4
4
|
|
|
5
5
|
[](https://github.com/damian-pastorini/reldens)
|
|
6
6
|
|
|
7
7
|
## Features
|
|
8
8
|
|
|
9
9
|
### AppServerFactory
|
|
10
|
-
- Complete Express.js server configuration with security
|
|
10
|
+
- Complete Express.js server configuration with modular security
|
|
11
11
|
- HTTPS/HTTP server creation with SSL certificate management
|
|
12
12
|
- SNI (Server Name Indication) support for multi-domain hosting
|
|
13
13
|
- Virtual host management with domain mapping
|
|
@@ -20,8 +20,18 @@ A Node.js server toolkit providing secure application server creation, file hand
|
|
|
20
20
|
- Trusted proxy configuration
|
|
21
21
|
- Request parsing with size limits and validation
|
|
22
22
|
- Static file serving with security headers
|
|
23
|
+
- Compression middleware with smart filtering
|
|
23
24
|
- Input validation utilities
|
|
24
25
|
|
|
26
|
+
#### Modular Security Components
|
|
27
|
+
The AppServerFactory now uses specialized security configurers:
|
|
28
|
+
|
|
29
|
+
- **CorsConfigurer** - Dynamic CORS origin validation with development domain support
|
|
30
|
+
- **DevelopmentModeDetector** - Automatic development environment detection
|
|
31
|
+
- **ProtocolEnforcer** - Protocol redirection with development mode awareness
|
|
32
|
+
- **RateLimitConfigurer** - Global and endpoint-specific rate limiting
|
|
33
|
+
- **SecurityConfigurer** - Helmet integration with CSP management and XSS protection
|
|
34
|
+
|
|
25
35
|
### FileHandler
|
|
26
36
|
- Secure file system operations with path validation
|
|
27
37
|
- File and folder creation, copying, and removal
|
|
@@ -34,6 +44,8 @@ A Node.js server toolkit providing secure application server creation, file hand
|
|
|
34
44
|
- Temporary file creation
|
|
35
45
|
- File quarantine functionality for security threats
|
|
36
46
|
- Binary file head reading for type detection
|
|
47
|
+
- Directory walking with callback processing
|
|
48
|
+
- File comparison and relative path calculations
|
|
37
49
|
- Comprehensive error handling with detailed context
|
|
38
50
|
|
|
39
51
|
### Encryptor
|
|
@@ -77,7 +89,8 @@ let appServerFactory = new AppServerFactory();
|
|
|
77
89
|
let serverResult = appServerFactory.createAppServer({
|
|
78
90
|
port: 3000,
|
|
79
91
|
useHttps: false,
|
|
80
|
-
autoListen: true
|
|
92
|
+
autoListen: true,
|
|
93
|
+
useCompression: true
|
|
81
94
|
});
|
|
82
95
|
|
|
83
96
|
if(serverResult){
|
|
@@ -183,7 +196,9 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
183
196
|
useVirtualHosts: true,
|
|
184
197
|
keyPath: '/ssl/default.key',
|
|
185
198
|
certPath: '/ssl/default.crt',
|
|
186
|
-
port: 443
|
|
199
|
+
port: 443,
|
|
200
|
+
enforceProtocol: true,
|
|
201
|
+
developmentMultiplier: 10
|
|
187
202
|
});
|
|
188
203
|
```
|
|
189
204
|
|
|
@@ -192,7 +207,7 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
192
207
|
```javascript
|
|
193
208
|
let appServerFactory = new AppServerFactory();
|
|
194
209
|
|
|
195
|
-
// Add development domains
|
|
210
|
+
// Add development domains (automatically detected)
|
|
196
211
|
appServerFactory.addDevelopmentDomain('localhost');
|
|
197
212
|
appServerFactory.addDevelopmentDomain('dev.myapp.local');
|
|
198
213
|
|
|
@@ -200,6 +215,11 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
200
215
|
port: 3000,
|
|
201
216
|
corsOrigin: ['http://localhost:3000', 'http://dev.myapp.local:3000'],
|
|
202
217
|
developmentMultiplier: 5, // More lenient rate limiting in dev
|
|
218
|
+
developmentPorts: [3000, 3001, 8080],
|
|
219
|
+
developmentExternalDomains: {
|
|
220
|
+
'script-src': ['https://cdn.example.com'],
|
|
221
|
+
'style-src': ['https://fonts.googleapis.com']
|
|
222
|
+
}
|
|
203
223
|
});
|
|
204
224
|
```
|
|
205
225
|
|
|
@@ -222,7 +242,9 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
222
242
|
globalRateLimit: 100, // requests per window
|
|
223
243
|
windowMs: 60000, // 1 minute
|
|
224
244
|
maxRequests: 30,
|
|
225
|
-
trustedProxy: '127.0.0.1'
|
|
245
|
+
trustedProxy: '127.0.0.1',
|
|
246
|
+
useXssProtection: true,
|
|
247
|
+
sanitizeOptions: {allowedTags: [], allowedAttributes: {}}
|
|
226
248
|
});
|
|
227
249
|
```
|
|
228
250
|
|
|
@@ -237,7 +259,6 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
237
259
|
- `enableServeHome(app, callback)` - Enables homepage serving
|
|
238
260
|
- `serveStatics(app, staticPath)` - Serves static files
|
|
239
261
|
- `serveStaticsPath(app, route, staticPath)` - Serves static files on specific route
|
|
240
|
-
- `validateInput(input, type)` - Validates input against predefined patterns
|
|
241
262
|
- `enableCSP(cspOptions)` - Enables Content Security Policy
|
|
242
263
|
- `listen(port)` - Starts server listening
|
|
243
264
|
- `close()` - Gracefully closes server
|
|
@@ -263,6 +284,13 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
263
284
|
- `generateSecureFilename(originalName)` - Generates cryptographically secure filename
|
|
264
285
|
- `quarantineFile(path, reason)` - Moves file to quarantine folder
|
|
265
286
|
- `createTempFile(prefix, extension)` - Creates a temporary file path
|
|
287
|
+
- `moveFile(from, to)` - Moves file to new location
|
|
288
|
+
- `getFileSize(path)` - Gets file size in bytes
|
|
289
|
+
- `compareFiles(file1, file2)` - Compares file contents
|
|
290
|
+
- `getRelativePath(from, to)` - Calculates relative path
|
|
291
|
+
- `walkDirectory(path, callback)` - Recursively processes directory tree
|
|
292
|
+
- `getDirectorySize(path)` - Calculates total directory size
|
|
293
|
+
- `emptyDirectory(path)` - Removes all contents from directory
|
|
266
294
|
|
|
267
295
|
### Encryptor Methods
|
|
268
296
|
|
|
@@ -284,6 +312,7 @@ let serverResult = appServerFactory.createAppServer({
|
|
|
284
312
|
- `validateFilenameSecurity(filename)` - Validates filename for security
|
|
285
313
|
- `validateFile(file, allowedType, callback)` - Validates a file during upload
|
|
286
314
|
- `validateFileContents(file, allowedType)` - Validates file content after upload
|
|
315
|
+
- `convertToRegex(key)` - Converts MIME type patterns to regex
|
|
287
316
|
|
|
288
317
|
## Security Features
|
|
289
318
|
|
|
@@ -97,12 +97,30 @@ class AppServerFactory
|
|
|
97
97
|
};
|
|
98
98
|
}
|
|
99
99
|
|
|
100
|
+
parseUrl(url)
|
|
101
|
+
{
|
|
102
|
+
if(!url || 'string' !== typeof url){
|
|
103
|
+
return false;
|
|
104
|
+
}
|
|
105
|
+
let cleanUrl = url.trim();
|
|
106
|
+
if(!cleanUrl.startsWith('http://') && !cleanUrl.startsWith('https://')){
|
|
107
|
+
return false;
|
|
108
|
+
}
|
|
109
|
+
let isHttps = cleanUrl.startsWith('https://');
|
|
110
|
+
let domain = cleanUrl.replace(/^https?:\/\//, '').split(':')[0];
|
|
111
|
+
return {
|
|
112
|
+
isHttps,
|
|
113
|
+
domain,
|
|
114
|
+
protocol: isHttps ? 'https' : 'http'
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
|
|
100
118
|
createAppServer(appServerConfig)
|
|
101
119
|
{
|
|
102
120
|
if(appServerConfig){
|
|
103
121
|
Object.assign(this, appServerConfig);
|
|
104
122
|
}
|
|
105
|
-
this.
|
|
123
|
+
this.processEnvironmentUrls();
|
|
106
124
|
this.detectDevelopmentMode();
|
|
107
125
|
this.setupDevelopmentConfiguration();
|
|
108
126
|
this.setupProtocolEnforcement();
|
|
@@ -124,23 +142,23 @@ class AppServerFactory
|
|
|
124
142
|
return {app: this.app, appServer: this.appServer};
|
|
125
143
|
}
|
|
126
144
|
|
|
127
|
-
|
|
145
|
+
processEnvironmentUrls()
|
|
128
146
|
{
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
{
|
|
137
|
-
let hostDomain = this.extractDomainFromHttpUrl(process.env.RELDENS_APP_HOST);
|
|
138
|
-
let publicDomain = this.extractDomainFromHttpUrl(process.env.RELDENS_PUBLIC_URL);
|
|
139
|
-
if(hostDomain && !this.developmentDomains.includes(hostDomain)){
|
|
140
|
-
this.developmentDomains.push(hostDomain);
|
|
147
|
+
let publicUrlInfo = this.parseUrl(process.env.RELDENS_PUBLIC_URL);
|
|
148
|
+
let hostUrlInfo = this.parseUrl(process.env.RELDENS_APP_HOST);
|
|
149
|
+
if(publicUrlInfo){
|
|
150
|
+
this.useHttps = publicUrlInfo.isHttps;
|
|
151
|
+
if(!this.developmentDomains.includes(publicUrlInfo.domain)){
|
|
152
|
+
this.developmentDomains.push(publicUrlInfo.domain);
|
|
153
|
+
}
|
|
141
154
|
}
|
|
142
|
-
if(
|
|
143
|
-
|
|
155
|
+
if(hostUrlInfo){
|
|
156
|
+
if(!publicUrlInfo){
|
|
157
|
+
this.useHttps = hostUrlInfo.isHttps;
|
|
158
|
+
}
|
|
159
|
+
if(!this.developmentDomains.includes(hostUrlInfo.domain)){
|
|
160
|
+
this.developmentDomains.push(hostUrlInfo.domain);
|
|
161
|
+
}
|
|
144
162
|
}
|
|
145
163
|
}
|
|
146
164
|
|