@shadimakhoul/ggcoach 1.0.17 → 1.0.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config/initExpress.d.ts +1 -1
- package/dist/config/initExpress.d.ts.map +1 -1
- package/dist/config/initExpress.js +2 -2
- package/dist/config/initExpress.js.map +1 -1
- package/dist/middleware/cors.d.ts +1 -1
- package/dist/middleware/cors.d.ts.map +1 -1
- package/dist/middleware/cors.js +15 -4
- package/dist/middleware/cors.js.map +1 -1
- package/dist/utils/index.d.ts +1 -0
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +1 -0
- package/dist/utils/index.js.map +1 -1
- package/dist/utils/secrets.d.ts +10 -0
- package/dist/utils/secrets.d.ts.map +1 -0
- package/dist/utils/secrets.js +40 -0
- package/dist/utils/secrets.js.map +1 -0
- package/package.json +1 -1
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare function initExpress(isDevelopment: boolean, allowedOrigins?: string[]): import("express-serve-static-core").Express;
|
|
1
|
+
export declare function initExpress(isDevelopment: boolean, allowedOrigins?: string[], allowedHosts?: string[]): import("express-serve-static-core").Express;
|
|
2
2
|
//# sourceMappingURL=initExpress.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initExpress.d.ts","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,aAAa,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,+
|
|
1
|
+
{"version":3,"file":"initExpress.d.ts","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,aAAa,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,MAAM,EAAE,+CAiBrG"}
|
|
@@ -10,10 +10,10 @@ const helmet_1 = __importDefault(require("helmet"));
|
|
|
10
10
|
const morgan_1 = __importDefault(require("morgan"));
|
|
11
11
|
const middleware_1 = require("../middleware");
|
|
12
12
|
const utils_1 = require("../utils");
|
|
13
|
-
function initExpress(isDevelopment, allowedOrigins) {
|
|
13
|
+
function initExpress(isDevelopment, allowedOrigins, allowedHosts) {
|
|
14
14
|
const app = (0, express_1.default)();
|
|
15
15
|
app.use((0, helmet_1.default)());
|
|
16
|
-
app.use((0, cors_1.default)((0, middleware_1.createCorsOptions)(allowedOrigins)));
|
|
16
|
+
app.use((0, cors_1.default)((0, middleware_1.createCorsOptions)(allowedOrigins, allowedHosts)));
|
|
17
17
|
app.use(middleware_1.generalRateLimiter);
|
|
18
18
|
app.use(express_1.default.json({ limit: "10mb" }));
|
|
19
19
|
app.use(express_1.default.urlencoded({ extended: true, limit: "10mb" }));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initExpress.js","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,sDAA8B;AAC9B,oDAA4B;AAC5B,oDAA4B;AAC5B,8CAAsE;AACtE,oCAAoC;AAEpC,SAAgB,WAAW,CAAC,aAAsB,EAAE,cAAyB;
|
|
1
|
+
{"version":3,"file":"initExpress.js","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,sDAA8B;AAC9B,oDAA4B;AAC5B,oDAA4B;AAC5B,8CAAsE;AACtE,oCAAoC;AAEpC,SAAgB,WAAW,CAAC,aAAsB,EAAE,cAAyB,EAAE,YAAuB;IACpG,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;IAEtB,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;IAClB,GAAG,CAAC,GAAG,CAAC,IAAA,cAAI,EAAC,IAAA,8BAAiB,EAAC,cAAc,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC;IAC/D,GAAG,CAAC,GAAG,CAAC,+BAAkB,CAAC,CAAC;IAE5B,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAE/D,IAAI,aAAa,EAAE,CAAC;QAClB,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC,KAAK,EAAE,EAAE,MAAM,EAAN,cAAM,EAAS,CAAC,CAAC,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC,UAAU,EAAE,EAAE,MAAM,EAAN,cAAM,EAAS,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAjBD,kCAiBC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import cors from "cors";
|
|
2
|
-
export declare const createCorsOptions: (allowedOrigins?: string[]) => {
|
|
2
|
+
export declare const createCorsOptions: (allowedOrigins?: string[], allowedHosts?: string[]) => {
|
|
3
3
|
origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => void;
|
|
4
4
|
credentials: boolean;
|
|
5
5
|
methods: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,eAAO,MAAM,iBAAiB,oBAAqB,MAAM,EAAE,iBAAiB,MAAM,EAAE;qBAoBtE,MAAM,GAAG,SAAS,kBACV,KAAK,GAAG,IAAI,UAAU,OAAO,KAAK,IAAI;;;;;;;CAwB3D,CAAC;AAEF,eAAO,MAAM,WAAW;qBA3BV,MAAM,GAAG,SAAS,kBACV,KAAK,GAAG,IAAI,UAAU,OAAO,KAAK,IAAI;;;;;;;CA0Bd,CAAC;AAE/C,eAAO,MAAM,cAAc;;;;oCAAoB,CAAC"}
|
package/dist/middleware/cors.js
CHANGED
|
@@ -5,18 +5,30 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.corsMiddleware = exports.corsOptions = exports.createCorsOptions = void 0;
|
|
7
7
|
const cors_1 = __importDefault(require("cors"));
|
|
8
|
-
const createCorsOptions = (allowedOrigins) => {
|
|
8
|
+
const createCorsOptions = (allowedOrigins, allowedHosts) => {
|
|
9
9
|
const allowAllOrigins = !allowedOrigins;
|
|
10
10
|
const finalAllowedOrigins = allowAllOrigins
|
|
11
11
|
? []
|
|
12
12
|
: Array.from(new Set(allowedOrigins.map((origin) => origin.toLowerCase())));
|
|
13
|
+
const isHostAllowed = (origin) => {
|
|
14
|
+
if (!allowedHosts?.length)
|
|
15
|
+
return false;
|
|
16
|
+
try {
|
|
17
|
+
const { hostname } = new URL(origin);
|
|
18
|
+
return allowedHosts.some((host) => hostname === host || hostname.endsWith(`.${host}`));
|
|
19
|
+
}
|
|
20
|
+
catch {
|
|
21
|
+
return false;
|
|
22
|
+
}
|
|
23
|
+
};
|
|
13
24
|
return {
|
|
14
25
|
origin: (origin, callback) => {
|
|
15
|
-
// Allow no-origin requests (Postman, mobile apps)
|
|
16
26
|
if (!origin)
|
|
17
27
|
return callback(null, true);
|
|
18
28
|
if (allowAllOrigins)
|
|
19
29
|
return callback(null, true);
|
|
30
|
+
if (isHostAllowed(origin))
|
|
31
|
+
return callback(null, true);
|
|
20
32
|
if (finalAllowedOrigins.includes(origin.toLowerCase())) {
|
|
21
33
|
return callback(null, true);
|
|
22
34
|
}
|
|
@@ -30,13 +42,12 @@ const createCorsOptions = (allowedOrigins) => {
|
|
|
30
42
|
"X-Requested-With",
|
|
31
43
|
"X-Request-ID",
|
|
32
44
|
],
|
|
33
|
-
exposedHeaders: ["X-Request-ID"],
|
|
45
|
+
exposedHeaders: ["X-Request-ID"],
|
|
34
46
|
preflightContinue: false,
|
|
35
47
|
optionsSuccessStatus: 200,
|
|
36
48
|
};
|
|
37
49
|
};
|
|
38
50
|
exports.createCorsOptions = createCorsOptions;
|
|
39
|
-
// Default cors options using DEFAULT_ORIGINS
|
|
40
51
|
exports.corsOptions = (0, exports.createCorsOptions)();
|
|
41
52
|
exports.corsMiddleware = (0, cors_1.default)(exports.corsOptions);
|
|
42
53
|
//# sourceMappingURL=cors.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;
|
|
1
|
+
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAEjB,MAAM,iBAAiB,GAAG,CAAC,cAAyB,EAAE,YAAuB,EAAE,EAAE;IACtF,MAAM,eAAe,GAAG,CAAC,cAAc,CAAC;IACxC,MAAM,mBAAmB,GAAG,eAAe;QACzC,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC;IAE9E,MAAM,aAAa,GAAG,CAAC,MAAc,EAAW,EAAE;QAChD,IAAI,CAAC,YAAY,EAAE,MAAM;YAAE,OAAO,KAAK,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;YACrC,OAAO,YAAY,CAAC,IAAI,CACtB,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,KAAK,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC,CAC7D,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC;IAEF,OAAO;QACL,MAAM,EAAE,CACN,MAA0B,EAC1B,QAAsD,EACtD,EAAE;YACF,IAAI,CAAC,MAAM;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACzC,IAAI,eAAe;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACjD,IAAI,aAAa,CAAC,MAAM,CAAC;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,mBAAmB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvD,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,OAAO,QAAQ,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;QACpD,CAAC;QAED,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;QAC7D,cAAc,EAAE;YACd,cAAc;YACd,eAAe;YACf,kBAAkB;YAClB,cAAc;SACf;QACD,cAAc,EAAE,CAAC,cAAc,CAAC;QAChC,iBAAiB,EAAE,KAAK;QACxB,oBAAoB,EAAE,GAAG;KAC1B,CAAC;AACJ,CAAC,CAAC;AA7CW,QAAA,iBAAiB,qBA6C5B;AAEW,QAAA,WAAW,GAAG,IAAA,yBAAiB,GAAE,CAAC;AAElC,QAAA,cAAc,GAAG,IAAA,cAAI,EAAC,mBAAW,CAAC,CAAC"}
|
package/dist/utils/index.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,gBAAgB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,OAAO,CAAC;AACtB,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAC1B,cAAc,gBAAgB,CAAC"}
|
package/dist/utils/index.js
CHANGED
|
@@ -17,5 +17,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
17
17
|
__exportStar(require("./jwt"), exports);
|
|
18
18
|
__exportStar(require("./logger"), exports);
|
|
19
19
|
__exportStar(require("./openapi"), exports);
|
|
20
|
+
__exportStar(require("./secrets"), exports);
|
|
20
21
|
__exportStar(require("./zodToOpenAPI"), exports);
|
|
21
22
|
//# sourceMappingURL=index.js.map
|
package/dist/utils/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,wCAAsB;AACtB,2CAAyB;AACzB,4CAA0B;AAC1B,iDAA+B"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,wCAAsB;AACtB,2CAAyB;AACzB,4CAA0B;AAC1B,4CAA0B;AAC1B,iDAA+B"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
type BootstrapSecretsOptions = {
|
|
2
|
+
secretsServiceUrl: string;
|
|
3
|
+
internalServiceToken?: string;
|
|
4
|
+
dev?: boolean;
|
|
5
|
+
retries?: number;
|
|
6
|
+
retryDelayMs?: number;
|
|
7
|
+
};
|
|
8
|
+
export declare const bootstrapSecrets: (serviceName: string, options: BootstrapSecretsOptions) => Promise<void>;
|
|
9
|
+
export {};
|
|
10
|
+
//# sourceMappingURL=secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../utils/secrets.ts"],"names":[],"mappings":"AAAA,KAAK,uBAAuB,GAAG;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAIF,eAAO,MAAM,gBAAgB,gBACd,MAAM,WACV,uBAAuB,KAC/B,QAAQ,IAAI,CA+Cd,CAAC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.bootstrapSecrets = void 0;
|
|
4
|
+
const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
|
|
5
|
+
const bootstrapSecrets = async (serviceName, options) => {
|
|
6
|
+
const { secretsServiceUrl, internalServiceToken, dev = false, retries = 0, retryDelayMs = 3000 } = options;
|
|
7
|
+
const baseUrl = secretsServiceUrl?.replace(/\/+$/, '');
|
|
8
|
+
if (!baseUrl) {
|
|
9
|
+
return;
|
|
10
|
+
}
|
|
11
|
+
const maxAttempts = retries + 1;
|
|
12
|
+
for (let attempt = 1; attempt <= maxAttempts; attempt++) {
|
|
13
|
+
try {
|
|
14
|
+
const response = await fetch(`${baseUrl}/api/secrets/bootstrap/${serviceName}?dev=${dev}`, {
|
|
15
|
+
headers: internalServiceToken
|
|
16
|
+
? { 'x-internal-token': internalServiceToken }
|
|
17
|
+
: {},
|
|
18
|
+
});
|
|
19
|
+
if (!response.ok) {
|
|
20
|
+
throw new Error(`Secrets service responded with status ${response.status}`);
|
|
21
|
+
}
|
|
22
|
+
const payload = (await response.json());
|
|
23
|
+
Object.entries(payload.data?.secrets || {}).forEach(([key, value]) => {
|
|
24
|
+
if ((process.env[key] == null || process.env[key] === '') && typeof value === 'string') {
|
|
25
|
+
process.env[key] = value;
|
|
26
|
+
}
|
|
27
|
+
});
|
|
28
|
+
return;
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
const isLast = attempt === maxAttempts;
|
|
32
|
+
if (isLast || retries === 0) {
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
await sleep(retryDelayMs);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
};
|
|
39
|
+
exports.bootstrapSecrets = bootstrapSecrets;
|
|
40
|
+
//# sourceMappingURL=secrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../utils/secrets.ts"],"names":[],"mappings":";;;AAQA,MAAM,KAAK,GAAG,CAAC,EAAU,EAAiB,EAAE,CAAC,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAExF,MAAM,gBAAgB,GAAG,KAAK,EACnC,WAAmB,EACnB,OAAgC,EACjB,EAAE;IACjB,MAAM,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,GAAG,GAAG,KAAK,EAAE,OAAO,GAAG,CAAC,EAAE,YAAY,GAAG,IAAI,EAAE,GAC9F,OAAO,CAAC;IAEV,MAAM,OAAO,GAAG,iBAAiB,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAEvD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;IACT,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,GAAG,CAAC,CAAC;IAEhC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,GAAG,OAAO,0BAA0B,WAAW,QAAQ,GAAG,EAAE,EAC5D;gBACE,OAAO,EAAE,oBAAoB;oBAC3B,CAAC,CAAC,EAAE,kBAAkB,EAAE,oBAAoB,EAAE;oBAC9C,CAAC,CAAC,EAAE;aACP,CACF,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,yCAAyC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC9E,CAAC;YAED,MAAM,OAAO,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAErC,CAAC;YAEF,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;gBACnE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACvF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;gBAC3B,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,OAAO;QACT,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,OAAO,KAAK,WAAW,CAAC;YACvC,IAAI,MAAM,IAAI,OAAO,KAAK,CAAC,EAAE,CAAC;gBAC5B,OAAO;YACT,CAAC;YAED,MAAM,KAAK,CAAC,YAAY,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAlDW,QAAA,gBAAgB,oBAkD3B"}
|