@websy/websy-designs 1.12.4 → 1.12.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -121,13 +121,13 @@ class AuthHelper {
121
121
  })
122
122
  }
123
123
  isLoggedIn (req, res, next) {
124
- console.log(req.session)
124
+ // console.log(req.session)
125
125
  if (req.session && req.session.user && req.session.user.isAnonymous !== true) {
126
- console.log('in condition D')
126
+ // console.log('in condition D')
127
127
  next()
128
128
  }
129
129
  else {
130
- console.log('in condition E')
130
+ // console.log('in condition E')
131
131
  res.redirect('/login')
132
132
  }
133
133
  }
@@ -264,6 +264,8 @@ class PGHelper {
264
264
  updates.push(`${key} = ${(row[key] === null ? row[key] : `'${row[key]}'`)}`)
265
265
  }
266
266
  }
267
+ console.log('updates 1')
268
+ console.log(updates)
267
269
  sql += `
268
270
  UPDATE ${entity}
269
271
  SET ${updates.join(',')}
@@ -284,6 +286,8 @@ class PGHelper {
284
286
  // (d === null ? `${d}` : `'${d.replace(/'/)}'`)
285
287
  }
286
288
  }).join(',')
289
+ console.log('updates 2')
290
+ console.log(sqlValues)
287
291
  sql += `
288
292
  INSERT INTO ${entity} (${Object.keys(row).join(',')})
289
293
  VALUES (${sqlValues})
@@ -61,6 +61,8 @@ function APIRoutes (dbHelper, authHelper) {
61
61
  user = req.session.user
62
62
  }
63
63
  const sql = dbHelper.buildUpsert(req.params.entity, req.body, user)
64
+ console.log('upsert sql')
65
+ console.log(sql)
64
66
  dbHelper.execute(sql).then(response => res.json(response), err => res.json(err))
65
67
  })
66
68
  router.post('/:entity', authHelper.checkPermissions, (req, res) => {
@@ -55,11 +55,11 @@ function AuthRoutes (dbHelper, engine, app, Strategy) {
55
55
  }
56
56
  router.post('/login', (req, res) => {
57
57
  app.authHelper.login(req, res).then(user => {
58
- console.log('after login')
58
+ // console.log('after login')
59
59
  if (!req.session) {
60
60
  req.session = {}
61
61
  }
62
- console.log(user)
62
+ // console.log(user)
63
63
  req.session.user = user
64
64
  if (dbHelper) {
65
65
  const sId = sessionHelper.getSessionId(req)
@@ -82,7 +82,7 @@ function AuthRoutes (dbHelper, engine, app, Strategy) {
82
82
  // })
83
83
  }
84
84
  }, err => {
85
- console.log('in auth route', err)
85
+ // console.log('in auth route', err)
86
86
  res.json({err})
87
87
  })
88
88
  })
@@ -187,15 +187,15 @@ module.exports = function (options) {
187
187
  }
188
188
  }
189
189
  app.use(protectedRoutes)
190
- if (options.useAPI === true) {
191
- console.log('allowed keys', options.allowedKeys)
192
-
193
- app.use('/api', sanitizer.clean({
190
+ if (options.useAPI === true) {
191
+ app.use('/api', sanitizer.clean(Object.assign({}, {
194
192
  xss: true,
195
193
  noSql: true,
196
194
  sql: true,
195
+ noSqlLevel: 2,
196
+ sqlLevel: 2,
197
197
  allowedKeys: options.allowedKeys || []
198
- }), checkReferrer, protectedRoutes, require(`./routes/${version}/api`)(dbHelper, app.authHelper))
198
+ }, (dbOptions.sanitizeOptions || {}))), checkReferrer, protectedRoutes, require(`./routes/${version}/api`)(dbHelper, app.authHelper))
199
199
  }
200
200
  if (options.useShop === true) {
201
201
  app.use('/shop', protectedRoutes, require(`./routes/${version}/shop`)(dbHelper, options.dbEngine, app))
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@websy/websy-designs",
3
- "version": "1.12.4",
3
+ "version": "1.12.5",
4
4
  "main": "index.js",
5
5
  "scripts": {
6
6
  "test": "echo \"Error: no test specified\" && exit 1"