@strapi/strapi 4.0.5 → 4.0.6

package/lib/Strapi.js

@@ -189,15 +189,13 @@ class Strapi {
   }
 
   sendStartupTelemetry() {
-    // Get database clients
-    const databaseClients = _.map(this.config.get('connections'), _.property('settings.client'));
-
     // Emit started event.
     // do not await to avoid slower startup
     this.telemetry.send('didStartServer', {
-      database: databaseClients,
-      plugins: this.config.installedPlugins,
-      providers: this.config.installedProviders,
+      database: strapi.config.get('database.connection.client'),
+      plugins: Object.keys(strapi.plugins),
+      // TODO: to add back
+      // providers: this.config.installedProviders,
     });
   }
 

package/lib/middlewares/index.js

@@ -12,8 +12,7 @@ const query = require('./query');
 const responseTime = require('./response-time');
 const responses = require('./responses');
 const security = require('./security');
-// TODO: add back ?
-// session: require('./session'),
+const session = require('./session');
 const publicStatic = require('./public');
 
 module.exports = {
@@ -23,6 +22,7 @@ module.exports = {
   cors,
   responseTime,
   poweredBy,
+  session,
   logger,
   compression,
   responses,

package/lib/middlewares/session.js

@@ -0,0 +1,28 @@
+'use strict';
+
+const { defaultsDeep, isEmpty, isArray } = require('lodash/fp');
+const session = require('koa-session');
+
+const defaultConfig = {
+  key: 'koa.sess',
+  maxAge: 86400000,
+  autoCommit: true,
+  overwrite: true,
+  httpOnly: true,
+  signed: true,
+  rolling: false,
+  renew: false,
+  secure: process.env.NODE_ENV === 'production' ? true : false,
+  sameSite: null,
+};
+
+module.exports = (userConfig, { strapi }) => {
+  const keys = strapi.server.app.keys;
+  if (!isArray(keys) || isEmpty(keys) || keys.some(isEmpty)) {
+    throw new Error(`App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`);
+  }
+
+  const config = defaultsDeep(defaultConfig, userConfig);
+
+  strapi.server.use(session(config, strapi.server.app));
+};

package/lib/services/fs.js

@@ -12,7 +12,7 @@ module.exports = strapi => {
 
     const normalizedPath = path.normalize(filePath).replace(/^\/?(\.\/|\.\.\/)+/, '');
 
-    return path.join(strapi.dirs.root, normalizedPath);
+    return path.resolve(strapi.dirs.root, normalizedPath);
   }
 
   const strapiFS = {

package/lib/services/server/index.js

@@ -28,7 +28,10 @@ const healthCheck = async ctx => {
  * @returns {Server}
  */
 const createServer = strapi => {
-  const app = createKoaApp({ proxy: strapi.config.get('server.proxy') });
+  const app = createKoaApp({
+    proxy: strapi.config.get('server.proxy'),
+    keys:  strapi.config.get('server.app.keys'),
+  });
 
   const router = new Router();
 

package/lib/services/server/koa.js

@@ -53,8 +53,9 @@ const addCustomMethods = app => {
   return app;
 };
 
-const createKoaApp = ({ proxy }) => {
+const createKoaApp = ({ proxy, keys }) => {
   const app = new Koa({ proxy });
+  app.keys = keys;
 
   addCustomMethods(app);
 

package/lib/services/server/middleware.js

@@ -5,6 +5,14 @@ const { propOr, isArray, isNil } = require('lodash/fp');
 
 const getMiddlewareConfig = propOr([], 'config.middlewares');
 
+const instantiateMiddleware = (middlewareFactory, name, config, strapi) => {
+  try {
+    return middlewareFactory(config, { strapi });
+  } catch (e) {
+    throw new Error(`Middleware "${name}": ${e.message}`);
+  }
+};
+
 const resolveRouteMiddlewares = (route, strapi) => {
   const middlewaresConfig = getMiddlewareConfig(route);
 
@@ -45,7 +53,7 @@ const resolveMiddlewares = (config, strapi) => {
 
       middlewares.push({
         name: item,
-        handler: middlewareFactory({}, { strapi }),
+        handler: instantiateMiddleware(middlewareFactory, item, {}, strapi),
       });
 
       continue;
@@ -58,16 +66,17 @@ const resolveMiddlewares = (config, strapi) => {
         const middlewareFactory = strapi.middleware(name);
         middlewares.push({
           name,
-          handler: middlewareFactory(config, { strapi }),
+          handler: instantiateMiddleware(middlewareFactory, name, config, strapi),
         });
 
         continue;
       }
 
       if (resolve) {
+        const resolvedMiddlewareFactory = resolveCustomMiddleware(resolve, strapi);
         middlewares.push({
           name: resolve,
-          handler: resolveCustomMiddleware(resolve, strapi)(config, { strapi }),
+          handler: instantiateMiddleware(resolvedMiddlewareFactory, item, config, strapi),
         });
 
         continue;

package/lib/services/server/register-middlewares.js

@@ -15,6 +15,7 @@ const defaultConfig = [
   'strapi::security',
   'strapi::cors',
   'strapi::poweredBy',
+  'strapi::session',
   'strapi::logger',
   'strapi::query',
   'strapi::body',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/strapi",
-  "version": "4.0.5",
+  "version": "4.0.6",
   "description": "An open source headless CMS solution to create and manage your own API. It provides a powerful dashboard and features to make your life easier. Databases supported: MySQL, MariaDB, PostgreSQL, SQLite",
   "keywords": [
     "strapi",
@@ -80,16 +80,16 @@
   "dependencies": {
     "@koa/cors": "3.1.0",
     "@koa/router": "10.1.1",
-    "@strapi/admin": "4.0.5",
-    "@strapi/database": "4.0.5",
-    "@strapi/generate-new": "4.0.5",
-    "@strapi/generators": "4.0.5",
-    "@strapi/logger": "4.0.5",
-    "@strapi/plugin-content-manager": "4.0.5",
-    "@strapi/plugin-content-type-builder": "4.0.5",
-    "@strapi/plugin-email": "4.0.5",
-    "@strapi/plugin-upload": "4.0.5",
-    "@strapi/utils": "4.0.5",
+    "@strapi/admin": "4.0.6",
+    "@strapi/database": "4.0.6",
+    "@strapi/generate-new": "4.0.6",
+    "@strapi/generators": "4.0.6",
+    "@strapi/logger": "4.0.6",
+    "@strapi/plugin-content-manager": "4.0.6",
+    "@strapi/plugin-content-type-builder": "4.0.6",
+    "@strapi/plugin-email": "4.0.6",
+    "@strapi/plugin-upload": "4.0.6",
+    "@strapi/utils": "4.0.6",
     "bcryptjs": "2.4.3",
     "boxen": "5.1.2",
     "chalk": "4.1.2",
@@ -117,7 +117,7 @@
     "koa-session": "6.2.0",
     "koa-static": "5.0.0",
     "lodash": "4.17.21",
-    "node-fetch": "2.6.5",
+    "node-fetch": "2.6.7",
     "node-machine-id": "1.1.12",
     "node-schedule": "2.0.0",
     "open": "8.2.1",
@@ -136,5 +136,5 @@
     "node": ">=12.22.0 <=16.x.x",
     "npm": ">=6.0.0"
   },
-  "gitHead": "45020eee065af8917011cc43398f95c4c624d6ad"
+  "gitHead": "5b48053946aacfb564ff423342fe70d79cd6d66d"
 }

package/lib/middlewares/session/defaults.json

@@ -1,18 +0,0 @@
-{
-  "session": {
-    "enabled": true,
-    "client": "cookie",
-    "key": "strapi.sid",
-    "prefix": "strapi:sess:",
-    "ttl": 864000000,
-    "rolling": false,
-    "secretKeys": ["mySecretKey1", "mySecretKey2"],
-    "cookie": {
-      "path": "/",
-      "httpOnly": true,
-      "maxAge": 864000000,
-      "rewrite": true,
-      "signed": false
-    }
-  }
-}

package/lib/middlewares/session/index.js

@@ -1,140 +0,0 @@
-'use strict';
-
-const path = require('path');
-const _ = require('lodash');
-const session = require('koa-session');
-
-/**
- * Session middleware
- */
-module.exports = strapi => {
-  const requireStore = store => {
-    return require(path.resolve(strapi.dirs.root, 'node_modules', 'koa-' + store));
-  };
-
-  const defineStore = session => {
-    if (_.isEmpty(_.get(session, 'client'))) {
-      return strapi.log.error(
-        '(middleware:session) please provide a valid client to store session'
-      );
-    } else if (_.isEmpty(_.get(session, 'connection'))) {
-      return strapi.log.error(
-        '(middleware:session) please provide connection for the session store'
-      );
-    } else if (!strapi.config.get(`database.connections.${session.connection}`)) {
-      return strapi.log.error(
-        '(middleware:session) please provide a valid connection for the session store'
-      );
-    }
-
-    session.settings = strapi.config.get(`database.connections.${session.connection}`);
-
-    // Define correct store name to avoid require to failed.
-    switch (session.client.toLowerCase()) {
-      case 'redis': {
-        const store = requireStore('redis');
-
-        session.settings.db = session.settings.database;
-
-        return store(session.settings);
-      }
-      case 'mysql': {
-        const Store = requireStore('mysql-session');
-
-        return new Store(session.settings);
-      }
-      case 'mongo': {
-        const Store = requireStore('generic-session-mongo');
-
-        session.settings.db = session.settings.database;
-
-        return new Store(session.settings);
-      }
-      case 'postgresql': {
-        const Store = requireStore('pg-session');
-
-        return new Store(session.settings, session.options);
-      }
-      case 'rethink': {
-        const Store = requireStore('generic-session-rethinkdb');
-
-        session.settings.dbName = session.settings.database;
-        session.settings.tableName = session.settings.table;
-
-        const sessionStore = new Store({
-          connection: session.settings,
-        });
-
-        // Create the DB, tables and indexes to store sessions.
-        sessionStore.setup();
-
-        return sessionStore;
-      }
-      case 'sqlite': {
-        const Store = requireStore('sqlite3-session');
-
-        return new Store(session.fileName, session.options);
-      }
-      case 'sequelize': {
-        const Store = requireStore('generic-session-sequelize');
-
-        // Sequelize needs to be instantiated.
-        if (!_.isObject(strapi.sequelize)) {
-          return null;
-        }
-
-        return new Store(strapi.sequelize, session.options);
-      }
-      default: {
-        return null;
-      }
-    }
-  };
-
-  return {
-    initialize() {
-      strapi.server.app.keys = strapi.config.get('middleware.settings.session.secretKeys');
-
-      if (
-        _.has(strapi.config.middleware.settings.session, 'client') &&
-        _.isString(strapi.config.middleware.settings.session.client) &&
-        strapi.config.middleware.settings.session.client !== 'cookie'
-      ) {
-        const store = defineStore(strapi.config.middleware.settings.session);
-
-        if (!_.isEmpty(store)) {
-          // Options object contains the defined store, the custom middlewares configurations
-          // and also the function which are located to `./config/functions/session.js`
-          const options = _.assign(
-            {
-              store,
-            },
-            strapi.config.middleware.settings.session
-          );
-
-          strapi.server.use(session(options, strapi.server.app));
-          strapi.server.use((ctx, next) => {
-            ctx.state = ctx.state || {};
-            ctx.state.session = ctx.session || {};
-
-            return next();
-          });
-        }
-      } else if (
-        _.has(strapi.config.middleware.settings.session, 'client') &&
-        _.isString(strapi.config.middleware.settings.session.client) &&
-        strapi.config.middleware.settings.session.client === 'cookie'
-      ) {
-        const options = _.assign(strapi.config.middleware.settings.session);
-
-        strapi.server.use(session(options, strapi.server.app));
-        strapi.server.use((ctx, next) => {
-          ctx.state = ctx.state || {};
-          ctx.state.session = ctx.session || {};
-
-          return next();
-        });
-      }
-    },
-  };
-};