@scriptdb/cli 1.0.9 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/index.js +38 -30
- package/package.json +3 -3
package/README.md
CHANGED
package/dist/index.js
CHANGED
|
@@ -93810,6 +93810,7 @@ class Protocal {
|
|
|
93810
93810
|
IP_FAIL_WINDOW_MS;
|
|
93811
93811
|
MAX_LOGIN_ATTEMPTS;
|
|
93812
93812
|
LOCK_DURATION_MS;
|
|
93813
|
+
ENABLE_IP_LOCKOUT;
|
|
93813
93814
|
MAX_MESSAGE_BYTES;
|
|
93814
93815
|
MAX_MESSAGES_PER_CONNECTION;
|
|
93815
93816
|
CONNECTION_TIMEOUT_MS;
|
|
@@ -93923,9 +93924,10 @@ class Protocal {
|
|
|
93923
93924
|
});
|
|
93924
93925
|
this.loginAttemptCache = new Map;
|
|
93925
93926
|
this.ipAttemptCache = new Map;
|
|
93926
|
-
this.IP_FAIL_WINDOW_MS = options2.ipFailWindowMs || 15 * 60 * 1000;
|
|
93927
|
-
this.MAX_LOGIN_ATTEMPTS = options2.maxLoginAttempts || 5;
|
|
93928
|
-
this.LOCK_DURATION_MS = options2.lockDurationMs || 15 * 60 * 1000;
|
|
93927
|
+
this.IP_FAIL_WINDOW_MS = options2.ipFailWindowMs || fileConfig.ipFailWindowMs || 15 * 60 * 1000;
|
|
93928
|
+
this.MAX_LOGIN_ATTEMPTS = options2.maxLoginAttempts || fileConfig.maxLoginAttempts || 5;
|
|
93929
|
+
this.LOCK_DURATION_MS = options2.lockDurationMs || fileConfig.lockDurationMs || 15 * 60 * 1000;
|
|
93930
|
+
this.ENABLE_IP_LOCKOUT = options2.enableIpLockout !== undefined ? options2.enableIpLockout : fileConfig.enableIpLockout !== undefined ? fileConfig.enableIpLockout : true;
|
|
93929
93931
|
this.MAX_MESSAGE_BYTES = options2.maxMessageBytes || 64 * 1024;
|
|
93930
93932
|
this.MAX_MESSAGES_PER_CONNECTION = options2.maxMessagesPerConnection || 1000;
|
|
93931
93933
|
this.CONNECTION_TIMEOUT_MS = typeof options2.connectionTimeoutMs === "number" ? options2.connectionTimeoutMs : typeof fileConfig.connectionTimeoutMs === "number" ? fileConfig.connectionTimeoutMs : 0;
|
|
@@ -94371,32 +94373,34 @@ class Protocal {
|
|
|
94371
94373
|
err: e && e.message || String(e)
|
|
94372
94374
|
});
|
|
94373
94375
|
}
|
|
94374
|
-
|
|
94375
|
-
|
|
94376
|
-
|
|
94377
|
-
|
|
94378
|
-
|
|
94379
|
-
|
|
94380
|
-
|
|
94381
|
-
|
|
94382
|
-
|
|
94383
|
-
ipRec.
|
|
94384
|
-
|
|
94385
|
-
ip
|
|
94386
|
-
|
|
94387
|
-
|
|
94388
|
-
}
|
|
94389
|
-
this.ipAttemptCache.set(remoteIP, ipRec);
|
|
94390
|
-
if (ipRec.lockedUntil && ipRec.lockedUntil > nowTs) {
|
|
94391
|
-
this.audit("ip.locked", { ip: remoteIP });
|
|
94392
|
-
try {
|
|
94393
|
-
sendWithBackpressure({
|
|
94394
|
-
command: "login",
|
|
94395
|
-
message: "LOCKED_IP",
|
|
94396
|
-
data: null
|
|
94376
|
+
if (this.ENABLE_IP_LOCKOUT) {
|
|
94377
|
+
const nowTs = Date.now();
|
|
94378
|
+
const ipRec = this.ipAttemptCache.get(remoteIP) || {
|
|
94379
|
+
attempts: 0,
|
|
94380
|
+
lockedUntil: 0,
|
|
94381
|
+
expiresAt: nowTs + this._attemptCacheTTL
|
|
94382
|
+
};
|
|
94383
|
+
ipRec.attempts = (ipRec.attempts || 0) + 1;
|
|
94384
|
+
ipRec.expiresAt = nowTs + this._attemptCacheTTL;
|
|
94385
|
+
if (ipRec.attempts >= this.MAX_LOGIN_ATTEMPTS) {
|
|
94386
|
+
ipRec.lockedUntil = nowTs + this.LOCK_DURATION_MS;
|
|
94387
|
+
this.audit("ip.lockout", {
|
|
94388
|
+
ip: remoteIP,
|
|
94389
|
+
attempts: ipRec.attempts
|
|
94397
94390
|
});
|
|
94398
|
-
}
|
|
94399
|
-
|
|
94391
|
+
}
|
|
94392
|
+
this.ipAttemptCache.set(remoteIP, ipRec);
|
|
94393
|
+
if (ipRec.lockedUntil && ipRec.lockedUntil > nowTs) {
|
|
94394
|
+
this.audit("ip.locked", { ip: remoteIP });
|
|
94395
|
+
try {
|
|
94396
|
+
sendWithBackpressure({
|
|
94397
|
+
command: "login",
|
|
94398
|
+
message: "LOCKED_IP",
|
|
94399
|
+
data: null
|
|
94400
|
+
});
|
|
94401
|
+
} catch (e) {}
|
|
94402
|
+
break;
|
|
94403
|
+
}
|
|
94400
94404
|
}
|
|
94401
94405
|
const now = Date.now();
|
|
94402
94406
|
const record = this.loginAttemptCache.get(username) || {
|
|
@@ -95253,7 +95257,7 @@ import { spawn } from "node:child_process";
|
|
|
95253
95257
|
import Storage from "@scriptdb/storage";
|
|
95254
95258
|
var pkgData = `{
|
|
95255
95259
|
"name": "scriptdb-workspace",
|
|
95256
|
-
"version": "1.0
|
|
95260
|
+
"version": "1.1.0",
|
|
95257
95261
|
"description": "ScriptDB workspace for custom scripts, services, and databases",
|
|
95258
95262
|
"private": true,
|
|
95259
95263
|
"devDependencies": {
|
|
@@ -95340,6 +95344,10 @@ var configDefault = {
|
|
|
95340
95344
|
GITHUB_URL: "",
|
|
95341
95345
|
GITHUB_TOKEN: "",
|
|
95342
95346
|
GITHUB_BRANCH: "main",
|
|
95347
|
+
enableIpLockout: true,
|
|
95348
|
+
ipFailWindowMs: 900000,
|
|
95349
|
+
maxLoginAttempts: 5,
|
|
95350
|
+
lockDurationMs: 900000,
|
|
95343
95351
|
users: [
|
|
95344
95352
|
{
|
|
95345
95353
|
username: "admin",
|
|
@@ -97295,7 +97303,7 @@ function ensureScriptDBDir() {
|
|
|
97295
97303
|
if (!existsSync3(PACKAGE_JSON)) {
|
|
97296
97304
|
const packageJsonContent = {
|
|
97297
97305
|
name: "scriptdb-workspace",
|
|
97298
|
-
version: "1.0
|
|
97306
|
+
version: "1.1.0",
|
|
97299
97307
|
description: "ScriptDB workspace for custom scripts, services, and databases",
|
|
97300
97308
|
private: true,
|
|
97301
97309
|
devDependencies: {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@scriptdb/cli",
|
|
3
|
-
"version": "1.0
|
|
3
|
+
"version": "1.1.0",
|
|
4
4
|
"description": "CLI tool to start and manage ScriptDB server",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -38,8 +38,8 @@
|
|
|
38
38
|
"typescript": "^5.0.0"
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
|
-
"@scriptdb/client": "^1.0
|
|
42
|
-
"@scriptdb/server": "^1.0
|
|
41
|
+
"@scriptdb/client": "^1.1.0",
|
|
42
|
+
"@scriptdb/server": "^1.1.0",
|
|
43
43
|
"bcryptjs": "^3.0.3",
|
|
44
44
|
"bottleneck": "^2.19.5",
|
|
45
45
|
"jsonwebtoken": "^9.0.3",
|