@stamhoofd/backend-middleware 2.1.1

package/package.json

@@ -0,0 +1,20 @@
+{
+    "name": "@stamhoofd/backend-middleware",
+    "version": "2.1.1",
+    "main": "./dist/index.js",
+    "types": "./dist/index.d.ts",
+    "license": "UNLICENCED",
+    "sideEffects": false,
+    "files": [
+        "src"
+    ],
+    "scripts": {
+        "build": "tsc -b",
+        "build:full": "rm -rf ./dist && yarn build"
+    },
+    "dependencies": {
+        "@simonbackx/simple-endpoints": "1.13.0",
+        "@simonbackx/simple-errors": "^1.4",
+        "@simonbackx/simple-logging": "^1.0.1"
+    }
+}

package/src/CORSMiddleware.ts

@@ -0,0 +1,28 @@
+import { EncodedResponse, Request, ResponseMiddleware } from "@simonbackx/simple-endpoints";
+
+export const CORSMiddleware: ResponseMiddleware = {
+    handleResponse(request: Request, response: EncodedResponse) {
+        response.headers["Access-Control-Allow-Origin"] = request.headers.origin ?? "*"
+        response.headers["Access-Control-Allow-Methods"] = "POST, GET, OPTIONS, PATCH, PUT, DELETE"
+        response.headers["Access-Control-Allow-Headers"] = request.headers["access-control-request-headers"] ?? "*";
+        response.headers["Access-Control-Max-Age"] = "86400"; // Cache 24h
+        
+        if (request.method !== "OPTIONS") {
+            // Expose all headers
+            const exposeHeaders = Object.keys(response.headers).map(h => h.toLowerCase()).filter(h => !['content-length', 'cache-control', 'content-language', 'content-type', 'expires', 'last-modified', 'pragma'].includes(h)).join(", ");
+            if (exposeHeaders) {
+                response.headers["Access-Control-Expose-Headers"] = exposeHeaders
+            }
+        }
+        
+        // Not needed
+        // response.headers["Access-Control-Allow-Credentials"] = "true";
+
+        // API is public
+        response.headers["Cross-Origin-Resource-Policy"] = "cross-origin"
+
+        if (request.headers.origin && !response.headers["Vary"]) {
+            response.headers["Vary"] = "Origin"
+        }
+    }
+}

package/src/LogMiddleware.ts

@@ -0,0 +1,127 @@
+import { EncodedResponse, Request, RequestMiddleware,ResponseMiddleware } from "@simonbackx/simple-endpoints";
+import { isSimpleError, isSimpleErrors } from "@simonbackx/simple-errors";
+import { logger, StyledText } from "@simonbackx/simple-logging";
+let requestCounter = 0;
+
+function logRequestDetails(request: Request) {
+    if (Object.keys(request.query).length) {
+        const json: any = {...request.query}
+        if (json && json.password) {
+            json.password = '*******'
+        }
+        logger.error(
+            ...requestPrefix(request, 'query'),
+            "Request query was ",
+            json
+        )
+    }
+
+    request.body.then((body) => {
+        if (!body) {
+            return
+        }
+        try {
+            const json = JSON.parse(body)
+            if (Array.isArray(json) || Object.keys(json).length) {
+                if (json && json.password) {
+                    json.password = '*******'
+                }
+
+                logger.error(
+                    ...requestPrefix(request, 'body'),
+                    "Request body was ",
+                    json
+                )
+            }
+        } catch (e) {
+            logger.error(
+                ...requestPrefix(request, 'body'),
+                "Request body was ",
+                body
+            )
+        }
+    }).catch(console.error)
+}
+
+function requestOneLiner(request: Request): (StyledText | string)[]  {
+    return [
+        new StyledText(request.method).addClass('request', 'method', request.method.toLowerCase()),
+        ' ',
+        new StyledText(request.url).addClass('request', 'url'),
+        ' (',
+            new StyledText(request.getIP()).addClass('request', 'ip'),
+            '@',
+            new StyledText(request.host).addClass('request', 'host'),
+        ')'
+    ]
+}
+
+function requestPrefix(request: Request, ...classes: string[]): (StyledText | string)[] {
+    return [
+        new StyledText(`[R${((request as any)._uniqueIndex as number).toString().padStart(4, "0")}] `).addClass('request', 'tag', ...classes),
+    ]
+}
+
+export const LogMiddleware: ResponseMiddleware & RequestMiddleware = {
+    handleRequest(request: Request) {
+        (request as any)._uniqueIndex = requestCounter++
+        (request as any)._startTime = process.hrtime();
+
+        if (request.method == "OPTIONS") {
+            if (STAMHOOFD.environment === "development") {
+                logger.log(
+                    ...requestPrefix(request),
+                    ...requestOneLiner(request)
+                )
+            }
+            return
+        }
+
+        logger.log(
+            ...requestPrefix(request),
+            ...requestOneLiner(request)
+        )
+    },
+
+    wrapRun<T>(run: () => Promise<T>, request: Request) {
+        return logger.setContext({
+            prefixes: requestPrefix(request, 'output'),
+            tags: ['request', 'request-output']
+        }, run)
+    },
+
+    handleResponse(request: Request, response: EncodedResponse, error?: Error) {
+        const endTime = process.hrtime();
+        const startTime = (request as any)._startTime ?? endTime;
+        const timeInMs = Math.round((endTime[0] - startTime[0]) * 1000 + (endTime[1] - startTime[1]) / 1000000);
+
+        if (request.method !== "OPTIONS") {
+            logger.log(
+                ...requestPrefix(request, 'time'),
+                response.status + " - Finished in "+timeInMs+"ms"
+            )
+        }
+
+        if (error) {
+            if (isSimpleError(error) || isSimpleErrors(error)) {
+                if (!error.hasCode("expired_access_token") && !error.hasCode('unknown_domain') && !error.hasCode('unknown_webshop')) {
+                    logger.error(
+                        ...requestPrefix(request, 'error'),
+                        "Request with error in response ",
+                        new StyledText(error).addClass('request', 'error')
+                    )
+
+                    logRequestDetails(request)
+                }
+            } else {
+                logger.error(
+                    ...requestPrefix(request, 'error'),
+                    "Request with internal error ",
+                    new StyledText(error).addClass('request', 'error')
+                )
+
+                logRequestDetails(request)
+            }
+        }
+    }
+}

package/src/VersionMiddleware.ts

@@ -0,0 +1,84 @@
+import { EncodedResponse, Request, RequestMiddleware, ResponseMiddleware } from "@simonbackx/simple-endpoints";
+import { isSimpleError, isSimpleErrors, SimpleError } from "@simonbackx/simple-errors";
+import { Version } from "@stamhoofd/structures";
+
+export class VersionMiddleware implements RequestMiddleware, ResponseMiddleware {
+    minimumVersion: number | undefined
+    latestVersions: {android: number, ios: number, web: number}
+
+    constructor(options: {latestVersions: {android: number, ios: number, web: number}, minimumVersion?: number}) {
+        this.minimumVersion = options.minimumVersion
+        this.latestVersions = options.latestVersions
+    }
+
+    handleRequest(request: Request) {
+        if (!this.minimumVersion) {
+            return
+        }
+
+        const platform = request.headers["x-platform"];
+
+        let version!: number;
+
+        try {
+            version = request.getVersion()
+        } catch (e) {
+            if ((isSimpleError(e) || isSimpleErrors(e)) && e.hasCode('missing_version')) {
+                // Allow missing version on /openid/ path
+                if (request.url.startsWith("/openid/")) {
+                    request.version = this.latestVersions.web
+                    return
+                }
+            }
+            throw e;
+        }
+
+        /*if (request.getIP() === '') {
+            throw new SimpleError({
+                code: "blocked",
+                statusCode: 400,
+                message: "Temporary blocked",
+                human: "Jouw verbinding is tijdelijk geblokkeerd. Gelieve contact op te nemen met hallo@stamhoofd.be"
+            })
+        }*/
+
+        if (version < this.minimumVersion) {
+            // WARNING: update caddy config for on demand certificates, because we don't want to throw errors over there!
+            if (platform === "web" || platform === undefined) {
+                throw new SimpleError({
+                    code: "client_update_required",
+                    statusCode: 400,
+                    message: "Er is een noodzakelijke update beschikbaar. Herlaad de pagina en wis indien nodig de cache van jouw browser.",
+                    human: "Er is een noodzakelijke update beschikbaar. Herlaad de pagina en wis indien nodig de cache van jouw browser."
+                })
+            } else {
+                throw new SimpleError({
+                    code: "client_update_required",
+                    statusCode: 400,
+                    message: "Er is een noodzakelijke update beschikbaar. Update de app en probeer opnieuw!",
+                    human: "Er is een noodzakelijke update beschikbaar. Update de app en probeer opnieuw!"
+                })
+            }
+        }
+    }
+
+    handleResponse(request: Request, response: EncodedResponse) {
+        const platform = request.headers["x-platform"];
+
+        if (platform === "android") {
+            response.headers["X-Platform-Latest-Version"] = this.latestVersions.android
+        }
+        if (platform === "ios") {
+            response.headers["X-Platform-Latest-Version"] = this.latestVersions.ios
+        }
+        if (platform === "web") {
+            response.headers["X-Platform-Latest-Version"] = this.latestVersions.web
+        }
+
+        try {
+            response.headers["X-Version"] = Math.min(Version, request.getVersion())
+        } catch (e) {
+            // No version provided or invalid version
+        }
+    }
+}