@shadimakhoul/ggcoach 1.0.18 → 1.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config/initExpress.d.ts +1 -1
- package/dist/config/initExpress.d.ts.map +1 -1
- package/dist/config/initExpress.js +2 -2
- package/dist/config/initExpress.js.map +1 -1
- package/dist/middleware/auth.js +2 -2
- package/dist/middleware/cors.d.ts +1 -1
- package/dist/middleware/cors.d.ts.map +1 -1
- package/dist/middleware/cors.js +15 -4
- package/dist/middleware/cors.js.map +1 -1
- package/package.json +1 -1
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare function initExpress(isDevelopment: boolean, allowedOrigins?: string[]): import("express-serve-static-core").Express;
|
|
1
|
+
export declare function initExpress(isDevelopment: boolean, allowedOrigins?: string[], allowedHosts?: string[]): import("express-serve-static-core").Express;
|
|
2
2
|
//# sourceMappingURL=initExpress.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initExpress.d.ts","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,aAAa,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,+
|
|
1
|
+
{"version":3,"file":"initExpress.d.ts","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,aAAa,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,MAAM,EAAE,+CAiBrG"}
|
|
@@ -10,10 +10,10 @@ const helmet_1 = __importDefault(require("helmet"));
|
|
|
10
10
|
const morgan_1 = __importDefault(require("morgan"));
|
|
11
11
|
const middleware_1 = require("../middleware");
|
|
12
12
|
const utils_1 = require("../utils");
|
|
13
|
-
function initExpress(isDevelopment, allowedOrigins) {
|
|
13
|
+
function initExpress(isDevelopment, allowedOrigins, allowedHosts) {
|
|
14
14
|
const app = (0, express_1.default)();
|
|
15
15
|
app.use((0, helmet_1.default)());
|
|
16
|
-
app.use((0, cors_1.default)((0, middleware_1.createCorsOptions)(allowedOrigins)));
|
|
16
|
+
app.use((0, cors_1.default)((0, middleware_1.createCorsOptions)(allowedOrigins, allowedHosts)));
|
|
17
17
|
app.use(middleware_1.generalRateLimiter);
|
|
18
18
|
app.use(express_1.default.json({ limit: "10mb" }));
|
|
19
19
|
app.use(express_1.default.urlencoded({ extended: true, limit: "10mb" }));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initExpress.js","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,sDAA8B;AAC9B,oDAA4B;AAC5B,oDAA4B;AAC5B,8CAAsE;AACtE,oCAAoC;AAEpC,SAAgB,WAAW,CAAC,aAAsB,EAAE,cAAyB;
|
|
1
|
+
{"version":3,"file":"initExpress.js","sourceRoot":"","sources":["../../config/initExpress.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,sDAA8B;AAC9B,oDAA4B;AAC5B,oDAA4B;AAC5B,8CAAsE;AACtE,oCAAoC;AAEpC,SAAgB,WAAW,CAAC,aAAsB,EAAE,cAAyB,EAAE,YAAuB;IACpG,MAAM,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;IAEtB,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;IAClB,GAAG,CAAC,GAAG,CAAC,IAAA,cAAI,EAAC,IAAA,8BAAiB,EAAC,cAAc,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC;IAC/D,GAAG,CAAC,GAAG,CAAC,+BAAkB,CAAC,CAAC;IAE5B,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAE/D,IAAI,aAAa,EAAE,CAAC;QAClB,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC,KAAK,EAAE,EAAE,MAAM,EAAN,cAAM,EAAS,CAAC,CAAC,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,GAAG,CAAC,IAAA,gBAAM,EAAC,UAAU,EAAE,EAAE,MAAM,EAAN,cAAM,EAAS,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAjBD,kCAiBC"}
|
package/dist/middleware/auth.js
CHANGED
|
@@ -26,7 +26,7 @@ const authenticateToken = (JWT_SECRET) => {
|
|
|
26
26
|
});
|
|
27
27
|
const isValid = await validateTokenWithRedis(decoded);
|
|
28
28
|
if (!isValid) {
|
|
29
|
-
res.status(
|
|
29
|
+
res.status(401).json({
|
|
30
30
|
success: false,
|
|
31
31
|
message: "Invalid or expired token",
|
|
32
32
|
});
|
|
@@ -36,7 +36,7 @@ const authenticateToken = (JWT_SECRET) => {
|
|
|
36
36
|
next();
|
|
37
37
|
}
|
|
38
38
|
catch (error) {
|
|
39
|
-
res.status(
|
|
39
|
+
res.status(401).json({
|
|
40
40
|
success: false,
|
|
41
41
|
message: "Invalid or expired token",
|
|
42
42
|
});
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import cors from "cors";
|
|
2
|
-
export declare const createCorsOptions: (allowedOrigins?: string[]) => {
|
|
2
|
+
export declare const createCorsOptions: (allowedOrigins?: string[], allowedHosts?: string[]) => {
|
|
3
3
|
origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => void;
|
|
4
4
|
credentials: boolean;
|
|
5
5
|
methods: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,eAAO,MAAM,iBAAiB,oBAAqB,MAAM,EAAE;
|
|
1
|
+
{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,eAAO,MAAM,iBAAiB,oBAAqB,MAAM,EAAE,iBAAiB,MAAM,EAAE;qBAoBtE,MAAM,GAAG,SAAS,kBACV,KAAK,GAAG,IAAI,UAAU,OAAO,KAAK,IAAI;;;;;;;CAwB3D,CAAC;AAEF,eAAO,MAAM,WAAW;qBA3BV,MAAM,GAAG,SAAS,kBACV,KAAK,GAAG,IAAI,UAAU,OAAO,KAAK,IAAI;;;;;;;CA0Bd,CAAC;AAE/C,eAAO,MAAM,cAAc;;;;oCAAoB,CAAC"}
|
package/dist/middleware/cors.js
CHANGED
|
@@ -5,18 +5,30 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.corsMiddleware = exports.corsOptions = exports.createCorsOptions = void 0;
|
|
7
7
|
const cors_1 = __importDefault(require("cors"));
|
|
8
|
-
const createCorsOptions = (allowedOrigins) => {
|
|
8
|
+
const createCorsOptions = (allowedOrigins, allowedHosts) => {
|
|
9
9
|
const allowAllOrigins = !allowedOrigins;
|
|
10
10
|
const finalAllowedOrigins = allowAllOrigins
|
|
11
11
|
? []
|
|
12
12
|
: Array.from(new Set(allowedOrigins.map((origin) => origin.toLowerCase())));
|
|
13
|
+
const isHostAllowed = (origin) => {
|
|
14
|
+
if (!allowedHosts?.length)
|
|
15
|
+
return false;
|
|
16
|
+
try {
|
|
17
|
+
const { hostname } = new URL(origin);
|
|
18
|
+
return allowedHosts.some((host) => hostname === host || hostname.endsWith(`.${host}`));
|
|
19
|
+
}
|
|
20
|
+
catch {
|
|
21
|
+
return false;
|
|
22
|
+
}
|
|
23
|
+
};
|
|
13
24
|
return {
|
|
14
25
|
origin: (origin, callback) => {
|
|
15
|
-
// Allow no-origin requests (Postman, mobile apps)
|
|
16
26
|
if (!origin)
|
|
17
27
|
return callback(null, true);
|
|
18
28
|
if (allowAllOrigins)
|
|
19
29
|
return callback(null, true);
|
|
30
|
+
if (isHostAllowed(origin))
|
|
31
|
+
return callback(null, true);
|
|
20
32
|
if (finalAllowedOrigins.includes(origin.toLowerCase())) {
|
|
21
33
|
return callback(null, true);
|
|
22
34
|
}
|
|
@@ -30,13 +42,12 @@ const createCorsOptions = (allowedOrigins) => {
|
|
|
30
42
|
"X-Requested-With",
|
|
31
43
|
"X-Request-ID",
|
|
32
44
|
],
|
|
33
|
-
exposedHeaders: ["X-Request-ID"],
|
|
45
|
+
exposedHeaders: ["X-Request-ID"],
|
|
34
46
|
preflightContinue: false,
|
|
35
47
|
optionsSuccessStatus: 200,
|
|
36
48
|
};
|
|
37
49
|
};
|
|
38
50
|
exports.createCorsOptions = createCorsOptions;
|
|
39
|
-
// Default cors options using DEFAULT_ORIGINS
|
|
40
51
|
exports.corsOptions = (0, exports.createCorsOptions)();
|
|
41
52
|
exports.corsMiddleware = (0, cors_1.default)(exports.corsOptions);
|
|
42
53
|
//# sourceMappingURL=cors.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAEjB,MAAM,iBAAiB,GAAG,CAAC,cAAyB,EAAE,EAAE;
|
|
1
|
+
{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../middleware/cors.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAEjB,MAAM,iBAAiB,GAAG,CAAC,cAAyB,EAAE,YAAuB,EAAE,EAAE;IACtF,MAAM,eAAe,GAAG,CAAC,cAAc,CAAC;IACxC,MAAM,mBAAmB,GAAG,eAAe;QACzC,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC;IAE9E,MAAM,aAAa,GAAG,CAAC,MAAc,EAAW,EAAE;QAChD,IAAI,CAAC,YAAY,EAAE,MAAM;YAAE,OAAO,KAAK,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;YACrC,OAAO,YAAY,CAAC,IAAI,CACtB,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,KAAK,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC,CAC7D,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC;IAEF,OAAO;QACL,MAAM,EAAE,CACN,MAA0B,EAC1B,QAAsD,EACtD,EAAE;YACF,IAAI,CAAC,MAAM;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACzC,IAAI,eAAe;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACjD,IAAI,aAAa,CAAC,MAAM,CAAC;gBAAE,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACvD,IAAI,mBAAmB,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACvD,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,OAAO,QAAQ,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;QACpD,CAAC;QAED,WAAW,EAAE,IAAI;QACjB,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;QAC7D,cAAc,EAAE;YACd,cAAc;YACd,eAAe;YACf,kBAAkB;YAClB,cAAc;SACf;QACD,cAAc,EAAE,CAAC,cAAc,CAAC;QAChC,iBAAiB,EAAE,KAAK;QACxB,oBAAoB,EAAE,GAAG;KAC1B,CAAC;AACJ,CAAC,CAAC;AA7CW,QAAA,iBAAiB,qBA6C5B;AAEW,QAAA,WAAW,GAAG,IAAA,yBAAiB,GAAE,CAAC;AAElC,QAAA,cAAc,GAAG,IAAA,cAAI,EAAC,mBAAW,CAAC,CAAC"}
|