@websy/websy-designs 1.12.4 → 1.12.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -121,13 +121,13 @@ class AuthHelper {
|
|
|
121
121
|
})
|
|
122
122
|
}
|
|
123
123
|
isLoggedIn (req, res, next) {
|
|
124
|
-
console.log(req.session)
|
|
124
|
+
// console.log(req.session)
|
|
125
125
|
if (req.session && req.session.user && req.session.user.isAnonymous !== true) {
|
|
126
|
-
console.log('in condition D')
|
|
126
|
+
// console.log('in condition D')
|
|
127
127
|
next()
|
|
128
128
|
}
|
|
129
129
|
else {
|
|
130
|
-
console.log('in condition E')
|
|
130
|
+
// console.log('in condition E')
|
|
131
131
|
res.redirect('/login')
|
|
132
132
|
}
|
|
133
133
|
}
|
|
@@ -264,6 +264,8 @@ class PGHelper {
|
|
|
264
264
|
updates.push(`${key} = ${(row[key] === null ? row[key] : `'${row[key]}'`)}`)
|
|
265
265
|
}
|
|
266
266
|
}
|
|
267
|
+
console.log('updates 1')
|
|
268
|
+
console.log(updates)
|
|
267
269
|
sql += `
|
|
268
270
|
UPDATE ${entity}
|
|
269
271
|
SET ${updates.join(',')}
|
|
@@ -284,6 +286,8 @@ class PGHelper {
|
|
|
284
286
|
// (d === null ? `${d}` : `'${d.replace(/'/)}'`)
|
|
285
287
|
}
|
|
286
288
|
}).join(',')
|
|
289
|
+
console.log('updates 2')
|
|
290
|
+
console.log(sqlValues)
|
|
287
291
|
sql += `
|
|
288
292
|
INSERT INTO ${entity} (${Object.keys(row).join(',')})
|
|
289
293
|
VALUES (${sqlValues})
|
|
@@ -61,6 +61,8 @@ function APIRoutes (dbHelper, authHelper) {
|
|
|
61
61
|
user = req.session.user
|
|
62
62
|
}
|
|
63
63
|
const sql = dbHelper.buildUpsert(req.params.entity, req.body, user)
|
|
64
|
+
console.log('upsert sql')
|
|
65
|
+
console.log(sql)
|
|
64
66
|
dbHelper.execute(sql).then(response => res.json(response), err => res.json(err))
|
|
65
67
|
})
|
|
66
68
|
router.post('/:entity', authHelper.checkPermissions, (req, res) => {
|
|
@@ -55,11 +55,11 @@ function AuthRoutes (dbHelper, engine, app, Strategy) {
|
|
|
55
55
|
}
|
|
56
56
|
router.post('/login', (req, res) => {
|
|
57
57
|
app.authHelper.login(req, res).then(user => {
|
|
58
|
-
console.log('after login')
|
|
58
|
+
// console.log('after login')
|
|
59
59
|
if (!req.session) {
|
|
60
60
|
req.session = {}
|
|
61
61
|
}
|
|
62
|
-
console.log(user)
|
|
62
|
+
// console.log(user)
|
|
63
63
|
req.session.user = user
|
|
64
64
|
if (dbHelper) {
|
|
65
65
|
const sId = sessionHelper.getSessionId(req)
|
|
@@ -82,7 +82,7 @@ function AuthRoutes (dbHelper, engine, app, Strategy) {
|
|
|
82
82
|
// })
|
|
83
83
|
}
|
|
84
84
|
}, err => {
|
|
85
|
-
console.log('in auth route', err)
|
|
85
|
+
// console.log('in auth route', err)
|
|
86
86
|
res.json({err})
|
|
87
87
|
})
|
|
88
88
|
})
|
|
@@ -187,15 +187,15 @@ module.exports = function (options) {
|
|
|
187
187
|
}
|
|
188
188
|
}
|
|
189
189
|
app.use(protectedRoutes)
|
|
190
|
-
if (options.useAPI === true) {
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
app.use('/api', sanitizer.clean({
|
|
190
|
+
if (options.useAPI === true) {
|
|
191
|
+
app.use('/api', sanitizer.clean(Object.assign({}, {
|
|
194
192
|
xss: true,
|
|
195
193
|
noSql: true,
|
|
196
194
|
sql: true,
|
|
195
|
+
noSqlLevel: 2,
|
|
196
|
+
sqlLevel: 2,
|
|
197
197
|
allowedKeys: options.allowedKeys || []
|
|
198
|
-
}), checkReferrer, protectedRoutes, require(`./routes/${version}/api`)(dbHelper, app.authHelper))
|
|
198
|
+
}, (dbOptions.sanitizeOptions || {}))), checkReferrer, protectedRoutes, require(`./routes/${version}/api`)(dbHelper, app.authHelper))
|
|
199
199
|
}
|
|
200
200
|
if (options.useShop === true) {
|
|
201
201
|
app.use('/shop', protectedRoutes, require(`./routes/${version}/shop`)(dbHelper, options.dbEngine, app))
|