@yunfanye/sql-proxy 1.5.0 → 1.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +44 -9
- package/dist/cli.js +20 -7
- package/dist/cli.js.map +1 -1
- package/dist/client.d.ts +8 -0
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +17 -1
- package/dist/client.js.map +1 -1
- package/dist/connectors/sql-proxy.d.ts +2 -0
- package/dist/connectors/sql-proxy.d.ts.map +1 -1
- package/dist/connectors/sql-proxy.js +15 -2
- package/dist/connectors/sql-proxy.js.map +1 -1
- package/dist/server.d.ts +2 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +24 -0
- package/dist/server.js.map +1 -1
- package/dist/types.d.ts +1 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/validator.d.ts +1 -1
- package/dist/validator.d.ts.map +1 -1
- package/dist/validator.js +9 -2
- package/dist/validator.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -12,7 +12,8 @@ A lightweight SQL proxy server that accepts SQL queries via HTTP and executes th
|
|
|
12
12
|
- **Query logging**: All SQL queries are logged to the console with timestamps
|
|
13
13
|
- **Interactive setup**: Guided configuration wizard when no config file exists
|
|
14
14
|
- **Zero configuration start**: Just run `npx @yunfanye/sql-proxy` to get started
|
|
15
|
-
- **
|
|
15
|
+
- **Cloudflare Tunnel**: Expose your server to the internet via Cloudflare tunnel with `--tunnel`
|
|
16
|
+
- **Authentication**: Optional Bearer token authentication with `--auth-token`
|
|
16
17
|
|
|
17
18
|
## Installation
|
|
18
19
|
|
|
@@ -96,11 +97,14 @@ Connect to another sql-proxy instance for chaining proxies or accessing remote d
|
|
|
96
97
|
"db_engine": "sql-proxy",
|
|
97
98
|
"disallowed_tables": [],
|
|
98
99
|
"db_credentials": {
|
|
99
|
-
"DB_URL": "http://localhost:3001"
|
|
100
|
+
"DB_URL": "http://localhost:3001",
|
|
101
|
+
"AUTH_TOKEN": "secret-token"
|
|
100
102
|
}
|
|
101
103
|
}
|
|
102
104
|
```
|
|
103
105
|
|
|
106
|
+
The `AUTH_TOKEN` is optional. If provided, it will be sent as a `Authorization: Bearer <token>` header when connecting to the upstream sql-proxy server.
|
|
107
|
+
|
|
104
108
|
### Configuration Options
|
|
105
109
|
|
|
106
110
|
| Field | Type | Required | Description |
|
|
@@ -120,7 +124,8 @@ npx @yunfanye/sql-proxy [options]
|
|
|
120
124
|
| `-p, --port <number>` | Port to run the server on | 3000 |
|
|
121
125
|
| `-c, --config <path>` | Path to database config file | database_config.json |
|
|
122
126
|
| `--allow-write` | Allow write operations (INSERT, UPDATE, DELETE, etc.) | Read-only |
|
|
123
|
-
| `--
|
|
127
|
+
| `--auth-token <token>` | Require Bearer token authentication for all requests | Disabled |
|
|
128
|
+
| `--tunnel` | Create a Cloudflare tunnel for public access | - |
|
|
124
129
|
| `-h, --help` | Display help information | - |
|
|
125
130
|
| `-V, --version` | Display version number | - |
|
|
126
131
|
|
|
@@ -137,10 +142,13 @@ npx @yunfanye/sql-proxy --port 8080
|
|
|
137
142
|
npx @yunfanye/sql-proxy --allow-write
|
|
138
143
|
|
|
139
144
|
# Start with public internet access
|
|
140
|
-
npx @yunfanye/sql-proxy --
|
|
145
|
+
npx @yunfanye/sql-proxy --tunnel
|
|
146
|
+
|
|
147
|
+
# Start with authentication required
|
|
148
|
+
npx @yunfanye/sql-proxy --auth-token mysecrettoken
|
|
141
149
|
|
|
142
150
|
# Combine options
|
|
143
|
-
npx @yunfanye/sql-proxy --port 8080 --allow-write --
|
|
151
|
+
npx @yunfanye/sql-proxy --port 8080 --allow-write --tunnel --auth-token mysecrettoken
|
|
144
152
|
|
|
145
153
|
# Display help
|
|
146
154
|
npx @yunfanye/sql-proxy --help
|
|
@@ -214,6 +222,31 @@ List all available tables in the database.
|
|
|
214
222
|
|
|
215
223
|
## Security Features
|
|
216
224
|
|
|
225
|
+
### Authentication
|
|
226
|
+
|
|
227
|
+
Use the `--auth-token` flag to require authentication for all API requests:
|
|
228
|
+
|
|
229
|
+
```bash
|
|
230
|
+
npx @yunfanye/sql-proxy --auth-token mysecrettoken
|
|
231
|
+
```
|
|
232
|
+
|
|
233
|
+
When authentication is enabled, all requests must include the `Authorization` header with the Bearer token:
|
|
234
|
+
|
|
235
|
+
```bash
|
|
236
|
+
curl -X POST http://localhost:3000/query \
|
|
237
|
+
-H "Authorization: Bearer mysecrettoken" \
|
|
238
|
+
-H "Content-Type: application/json" \
|
|
239
|
+
-d '{"sql": "SELECT * FROM products"}'
|
|
240
|
+
```
|
|
241
|
+
|
|
242
|
+
**Error Response (Missing or invalid token):**
|
|
243
|
+
```json
|
|
244
|
+
{
|
|
245
|
+
"success": false,
|
|
246
|
+
"error": "Missing or invalid Authorization header. Expected: Bearer <token>"
|
|
247
|
+
}
|
|
248
|
+
```
|
|
249
|
+
|
|
217
250
|
### Read-Only Mode (Default)
|
|
218
251
|
|
|
219
252
|
By default, the server runs in read-only mode, only allowing SELECT queries. This prevents accidental or malicious data modifications.
|
|
@@ -267,12 +300,12 @@ All SQL queries are logged to the console with timestamps for auditing and debug
|
|
|
267
300
|
[2025-01-15T10:30:46.458Z] SQL: UPDATE products SET price = 29.99 WHERE id = 1
|
|
268
301
|
```
|
|
269
302
|
|
|
270
|
-
##
|
|
303
|
+
## Cloudflare Tunnel
|
|
271
304
|
|
|
272
|
-
Use the `--
|
|
305
|
+
Use the `--tunnel` flag to expose your local server to the internet via a Cloudflare tunnel:
|
|
273
306
|
|
|
274
307
|
```bash
|
|
275
|
-
npx @yunfanye/sql-proxy --
|
|
308
|
+
npx @yunfanye/sql-proxy --tunnel
|
|
276
309
|
```
|
|
277
310
|
|
|
278
311
|
This will:
|
|
@@ -422,6 +455,7 @@ type DbEngine = 'postgresql' | 'mysql' | 'snowsql' | 'sql-proxy';
|
|
|
422
455
|
|
|
423
456
|
interface StandardCredentials {
|
|
424
457
|
DB_URL: string;
|
|
458
|
+
AUTH_TOKEN?: string; // For sql-proxy chaining
|
|
425
459
|
}
|
|
426
460
|
|
|
427
461
|
interface SnowflakeCredentials {
|
|
@@ -471,7 +505,8 @@ const sqlProxyConfig: DatabaseConfig = {
|
|
|
471
505
|
db_engine: 'sql-proxy',
|
|
472
506
|
disallowed_tables: [],
|
|
473
507
|
db_credentials: {
|
|
474
|
-
DB_URL: 'http://localhost:3001'
|
|
508
|
+
DB_URL: 'http://localhost:3001',
|
|
509
|
+
AUTH_TOKEN: 'secret-token' // Optional: for authenticated upstream
|
|
475
510
|
}
|
|
476
511
|
};
|
|
477
512
|
```
|
package/dist/cli.js
CHANGED
|
@@ -12,8 +12,9 @@ program
|
|
|
12
12
|
.version('1.0.0')
|
|
13
13
|
.option('-p, --port <number>', 'Port to run the server on', '3000')
|
|
14
14
|
.option('-c, --config <path>', 'Path to database config file', 'database_config.json')
|
|
15
|
-
.option('--
|
|
15
|
+
.option('--tunnel', 'Create a Cloudflare tunnel to expose the server to the public internet')
|
|
16
16
|
.option('--allow-write', 'Allow write operations (INSERT, UPDATE, DELETE, etc.). By default, only read operations are allowed.')
|
|
17
|
+
.option('--auth-token <token>', 'Require this auth token in HTTP header for all requests. If set, clients must include "Authorization: Bearer <token>" header.')
|
|
17
18
|
.helpOption('-h, --help', 'Display help information')
|
|
18
19
|
.addHelpText('after', `
|
|
19
20
|
|
|
@@ -21,7 +22,8 @@ Examples:
|
|
|
21
22
|
$ npx @yunfanye/sql-proxy Start the server in read-only mode
|
|
22
23
|
$ npx @yunfanye/sql-proxy --port 8080 Start the server on port 8080
|
|
23
24
|
$ npx @yunfanye/sql-proxy --allow-write Start server with write operations enabled
|
|
24
|
-
$ npx @yunfanye/sql-proxy --
|
|
25
|
+
$ npx @yunfanye/sql-proxy --tunnel Start server with public Cloudflare tunnel
|
|
26
|
+
$ npx @yunfanye/sql-proxy --auth-token abc Require 'Authorization: Bearer abc' header
|
|
25
27
|
$ npx @yunfanye/sql-proxy --help Show this help message
|
|
26
28
|
|
|
27
29
|
Configuration:
|
|
@@ -32,6 +34,7 @@ Configuration:
|
|
|
32
34
|
- postgresql PostgreSQL database
|
|
33
35
|
- mysql MySQL database
|
|
34
36
|
- snowsql Snowflake data warehouse
|
|
37
|
+
- sql-proxy Chain to another sql-proxy instance
|
|
35
38
|
|
|
36
39
|
Example database_config.json for PostgreSQL/MySQL:
|
|
37
40
|
{
|
|
@@ -56,13 +59,22 @@ Configuration:
|
|
|
56
59
|
}
|
|
57
60
|
}
|
|
58
61
|
|
|
62
|
+
Example database_config.json for chaining to another sql-proxy:
|
|
63
|
+
{
|
|
64
|
+
"db_engine": "sql-proxy",
|
|
65
|
+
"db_credentials": {
|
|
66
|
+
"DB_URL": "http://localhost:3001",
|
|
67
|
+
"AUTH_TOKEN": "secret-token"
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
|
|
59
71
|
API Endpoints:
|
|
60
72
|
GET /health Health check endpoint
|
|
61
73
|
POST /query Execute a SQL query (JSON body: { "sql": "SELECT ..." })
|
|
62
74
|
GET /tables List all available tables
|
|
63
75
|
|
|
64
|
-
|
|
65
|
-
When using --
|
|
76
|
+
Cloudflare Tunnel (--tunnel):
|
|
77
|
+
When using --tunnel, the server creates a Cloudflare tunnel that exposes
|
|
66
78
|
your local server to the public internet. A unique URL will be printed
|
|
67
79
|
that can be accessed from anywhere. No Cloudflare account required.
|
|
68
80
|
|
|
@@ -72,6 +84,7 @@ Security:
|
|
|
72
84
|
- Use disallowed_tables to prevent access to sensitive tables
|
|
73
85
|
- The server validates SQL queries before execution
|
|
74
86
|
- Access to disallowed tables will be rejected with a 403 error
|
|
87
|
+
- Use --auth-token to require authentication via 'Authorization: Bearer <token>' header
|
|
75
88
|
`);
|
|
76
89
|
async function main() {
|
|
77
90
|
program.parse();
|
|
@@ -87,7 +100,7 @@ async function main() {
|
|
|
87
100
|
config = await (0, setup_1.runSetup)();
|
|
88
101
|
}
|
|
89
102
|
// Create and start the server
|
|
90
|
-
const server = new server_1.SqlProxyServer({ port, config, allowWrite: options.allowWrite });
|
|
103
|
+
const server = new server_1.SqlProxyServer({ port, config, allowWrite: options.allowWrite, authToken: options.authToken });
|
|
91
104
|
let tunnelInfo = null;
|
|
92
105
|
// Handle graceful shutdown
|
|
93
106
|
const shutdown = async () => {
|
|
@@ -104,8 +117,8 @@ async function main() {
|
|
|
104
117
|
process.on('SIGTERM', shutdown);
|
|
105
118
|
try {
|
|
106
119
|
await server.start();
|
|
107
|
-
// Create tunnel if --
|
|
108
|
-
if (options.
|
|
120
|
+
// Create tunnel if --tunnel flag is set (use actual port in case it changed)
|
|
121
|
+
if (options.tunnel) {
|
|
109
122
|
const actualPort = server.getPort();
|
|
110
123
|
tunnelInfo = await (0, tunnel_1.createTunnel)(actualPort);
|
|
111
124
|
console.log('');
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,mCAA+C;AAC/C,qCAA0C;AAC1C,qCAAoD;AAEpD,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,6GAA6G,CAAC;KAC1H,OAAO,CAAC,OAAO,CAAC;KAChB,MAAM,CAAC,qBAAqB,EAAE,2BAA2B,EAAE,MAAM,CAAC;KAClE,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,sBAAsB,CAAC;KACrF,MAAM,CAAC,UAAU,EAAE,wEAAwE,CAAC;KAC5F,MAAM,CAAC,eAAe,EAAE,sGAAsG,CAAC;KAC/H,UAAU,CAAC,YAAY,EAAE,0BAA0B,CAAC;KACpD,WAAW,CAAC,OAAO,EAAE
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,mCAA+C;AAC/C,qCAA0C;AAC1C,qCAAoD;AAEpD,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,6GAA6G,CAAC;KAC1H,OAAO,CAAC,OAAO,CAAC;KAChB,MAAM,CAAC,qBAAqB,EAAE,2BAA2B,EAAE,MAAM,CAAC;KAClE,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,sBAAsB,CAAC;KACrF,MAAM,CAAC,UAAU,EAAE,wEAAwE,CAAC;KAC5F,MAAM,CAAC,eAAe,EAAE,sGAAsG,CAAC;KAC/H,MAAM,CAAC,sBAAsB,EAAE,+HAA+H,CAAC;KAC/J,UAAU,CAAC,YAAY,EAAE,0BAA0B,CAAC;KACpD,WAAW,CAAC,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqEvB,CAAC,CAAC;AAEH,KAAK,UAAU,IAAI;IACjB,OAAO,CAAC,KAAK,EAAE,CAAC;IAChB,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAE/B,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAExC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QAClE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,+BAA+B;IAC/B,IAAI,MAAM,GAAG,IAAA,kBAAU,GAAE,CAAC;IAE1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,MAAM,IAAA,gBAAQ,GAAE,CAAC;IAC5B,CAAC;IAED,8BAA8B;IAC9B,MAAM,MAAM,GAAG,IAAI,uBAAc,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAElH,IAAI,UAAU,GAAsB,IAAI,CAAC;IAEzC,2BAA2B;IAC3B,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAElC,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC;QAC1B,CAAC;QAED,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAEhC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QAErB,6EAA6E;QAC7E,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;YACpC,UAAU,GAAG,MAAM,IAAA,qBAAY,EAAC,UAAU,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,KAAK,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,UAAU,UAAU,CAAC,GAAG,yBAAyB,CAAC,CAAC;YAC/D,OAAO,CAAC,GAAG,CAAC,UAAU,UAAU,CAAC,GAAG,8BAA8B,CAAC,CAAC;YACpE,OAAO,CAAC,GAAG,CAAC,UAAU,UAAU,CAAC,GAAG,wBAAwB,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/client.d.ts
CHANGED
|
@@ -48,6 +48,14 @@ export declare class DatabaseClient {
|
|
|
48
48
|
* Returns the list of disallowed tables.
|
|
49
49
|
*/
|
|
50
50
|
getDisallowedTables(): string[];
|
|
51
|
+
/**
|
|
52
|
+
* Executes a SQL query without validation.
|
|
53
|
+
* Use this method when you need to bypass validation checks (e.g., for trusted queries
|
|
54
|
+
* or when validation has already been performed externally).
|
|
55
|
+
* @param sql - The SQL query to execute
|
|
56
|
+
* @returns The query result
|
|
57
|
+
*/
|
|
58
|
+
executeQuery(sql: string): Promise<QueryResult>;
|
|
51
59
|
/**
|
|
52
60
|
* Validates and executes a SQL query.
|
|
53
61
|
* The query is first validated against disallowed tables and read-only mode,
|
package/dist/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAqB,WAAW,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAiB,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,UAAU,CAAC,EAAE,gBAAgB,CAAC;CAC/B;AAED;;;;GAIG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAkB;IAEnC;;;OAGG;gBACS,OAAO,EAAE,qBAAqB;IAM1C;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAK9B;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAKjC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,WAAW,IAAI,MAAM;IAIrB;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAI/B;;;;;;OAMG;IACG,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IA4BlE;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAMtC"}
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAqB,WAAW,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAiB,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,UAAU,CAAC,EAAE,gBAAgB,CAAC;CAC/B;AAED;;;;GAIG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,SAAS,CAAkB;IAEnC;;;OAGG;gBACS,OAAO,EAAE,qBAAqB;IAM1C;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAK9B;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAKjC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,WAAW,IAAI,MAAM;IAIrB;;OAEG;IACH,mBAAmB,IAAI,MAAM,EAAE;IAI/B;;;;;;OAMG;IACG,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAWrD;;;;;;OAMG;IACG,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IA4BlE;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAMtC"}
|
package/dist/client.js
CHANGED
|
@@ -59,6 +59,22 @@ class DatabaseClient {
|
|
|
59
59
|
getDisallowedTables() {
|
|
60
60
|
return this.config.disallowed_tables ?? [];
|
|
61
61
|
}
|
|
62
|
+
/**
|
|
63
|
+
* Executes a SQL query without validation.
|
|
64
|
+
* Use this method when you need to bypass validation checks (e.g., for trusted queries
|
|
65
|
+
* or when validation has already been performed externally).
|
|
66
|
+
* @param sql - The SQL query to execute
|
|
67
|
+
* @returns The query result
|
|
68
|
+
*/
|
|
69
|
+
async executeQuery(sql) {
|
|
70
|
+
if (!this.connected) {
|
|
71
|
+
return {
|
|
72
|
+
success: false,
|
|
73
|
+
error: 'Not connected to database. Call connect() first.',
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
return this.connector.executeQuery(sql);
|
|
77
|
+
}
|
|
62
78
|
/**
|
|
63
79
|
* Validates and executes a SQL query.
|
|
64
80
|
* The query is first validated against disallowed tables and read-only mode,
|
|
@@ -74,7 +90,7 @@ class DatabaseClient {
|
|
|
74
90
|
};
|
|
75
91
|
}
|
|
76
92
|
// Validate the query
|
|
77
|
-
const validation = (0, validator_1.validateQuery)(sql, this.config.disallowed_tables, !this.allowWrite);
|
|
93
|
+
const validation = (0, validator_1.validateQuery)(sql, this.config.disallowed_tables, !this.allowWrite, this.config.db_engine);
|
|
78
94
|
if (!validation.valid) {
|
|
79
95
|
return {
|
|
80
96
|
success: false,
|
package/dist/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAC/C,2CAA8D;AAW9D;;;;GAIG;AACH,MAAa,cAAc;IAMzB;;;OAGG;IACH,YAAY,OAA8B;QANlC,cAAS,GAAY,KAAK,CAAC;QAOjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;QAC9C,IAAI,CAAC,SAAS,GAAG,IAAA,4BAAe,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,GAAW;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,UAAU,GAAG,IAAA,yBAAa,EAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAC/C,2CAA8D;AAW9D;;;;GAIG;AACH,MAAa,cAAc;IAMzB;;;OAGG;IACH,YAAY,OAA8B;QANlC,cAAS,GAAY,KAAK,CAAC;QAOjC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;QAC9C,IAAI,CAAC,SAAS,GAAG,IAAA,4BAAe,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAAC,GAAW;QAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,GAAW;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kDAAkD;aAC1D,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,UAAU,GAAG,IAAA,yBAAa,EAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE9G,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,UAAU;aACX,CAAC;QACJ,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAEtD,OAAO;YACL,GAAG,MAAM;YACT,UAAU;SACX,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;IACrC,CAAC;CACF;AA7HD,wCA6HC"}
|
|
@@ -2,7 +2,9 @@ import { DatabaseConnector, QueryResult, StandardCredentials } from '../types';
|
|
|
2
2
|
export declare class SqlProxyConnector implements DatabaseConnector {
|
|
3
3
|
private baseUrl;
|
|
4
4
|
private connected;
|
|
5
|
+
private authToken?;
|
|
5
6
|
constructor(credentials: StandardCredentials);
|
|
7
|
+
private getHeaders;
|
|
6
8
|
connect(): Promise<void>;
|
|
7
9
|
disconnect(): Promise<void>;
|
|
8
10
|
executeQuery(sql: string): Promise<QueryResult>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sql-proxy.d.ts","sourceRoot":"","sources":["../../src/connectors/sql-proxy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAe/E,qBAAa,iBAAkB,YAAW,iBAAiB;IACzD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAkB;
|
|
1
|
+
{"version":3,"file":"sql-proxy.d.ts","sourceRoot":"","sources":["../../src/connectors/sql-proxy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAe/E,qBAAa,iBAAkB,YAAW,iBAAiB;IACzD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAkB;IACnC,OAAO,CAAC,SAAS,CAAC,CAAS;gBAEf,WAAW,EAAE,mBAAmB;IAM5C,OAAO,CAAC,UAAU;IAQZ,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAWxB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAqC/C,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;CAgBtC"}
|
|
@@ -6,10 +6,20 @@ class SqlProxyConnector {
|
|
|
6
6
|
this.connected = false;
|
|
7
7
|
// Remove trailing slash if present
|
|
8
8
|
this.baseUrl = credentials.DB_URL.replace(/\/$/, '');
|
|
9
|
+
this.authToken = credentials.AUTH_TOKEN;
|
|
10
|
+
}
|
|
11
|
+
getHeaders() {
|
|
12
|
+
const headers = {};
|
|
13
|
+
if (this.authToken) {
|
|
14
|
+
headers['Authorization'] = `Bearer ${this.authToken}`;
|
|
15
|
+
}
|
|
16
|
+
return headers;
|
|
9
17
|
}
|
|
10
18
|
async connect() {
|
|
11
19
|
// Test the connection by hitting the health endpoint
|
|
12
|
-
const response = await fetch(`${this.baseUrl}/health
|
|
20
|
+
const response = await fetch(`${this.baseUrl}/health`, {
|
|
21
|
+
headers: this.getHeaders(),
|
|
22
|
+
});
|
|
13
23
|
if (!response.ok) {
|
|
14
24
|
throw new Error(`Failed to connect to sql-proxy at ${this.baseUrl}: ${response.statusText}`);
|
|
15
25
|
}
|
|
@@ -27,6 +37,7 @@ class SqlProxyConnector {
|
|
|
27
37
|
method: 'POST',
|
|
28
38
|
headers: {
|
|
29
39
|
'Content-Type': 'application/json',
|
|
40
|
+
...this.getHeaders(),
|
|
30
41
|
},
|
|
31
42
|
body: JSON.stringify({ sql }),
|
|
32
43
|
});
|
|
@@ -56,7 +67,9 @@ class SqlProxyConnector {
|
|
|
56
67
|
if (!this.connected) {
|
|
57
68
|
throw new Error('Not connected to sql-proxy');
|
|
58
69
|
}
|
|
59
|
-
const response = await fetch(`${this.baseUrl}/tables
|
|
70
|
+
const response = await fetch(`${this.baseUrl}/tables`, {
|
|
71
|
+
headers: this.getHeaders(),
|
|
72
|
+
});
|
|
60
73
|
const result = await response.json();
|
|
61
74
|
if (result.success && result.tables) {
|
|
62
75
|
return result.tables;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sql-proxy.js","sourceRoot":"","sources":["../../src/connectors/sql-proxy.ts"],"names":[],"mappings":";;;AAeA,MAAa,iBAAiB;
|
|
1
|
+
{"version":3,"file":"sql-proxy.js","sourceRoot":"","sources":["../../src/connectors/sql-proxy.ts"],"names":[],"mappings":";;;AAeA,MAAa,iBAAiB;IAK5B,YAAY,WAAgC;QAHpC,cAAS,GAAY,KAAK,CAAC;QAIjC,mCAAmC;QACnC,IAAI,CAAC,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACrD,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,UAAU,CAAC;IAC1C,CAAC;IAEO,UAAU;QAChB,MAAM,OAAO,GAA2B,EAAE,CAAC;QAC3C,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,IAAI,CAAC,SAAS,EAAE,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,OAAO;QACX,qDAAqD;QACrD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,SAAS,EAAE;YACrD,OAAO,EAAE,IAAI,CAAC,UAAU,EAAE;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;QAC/F,CAAC;QACD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAW;QAC5B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QACjE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,EAAE;gBACpD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,GAAG,IAAI,CAAC,UAAU,EAAE;iBACrB;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC;aAC9B,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAA2B,CAAC;YAE9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;iBAC1B,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,MAAM,CAAC,KAAK;iBACpB,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,SAAS,EAAE;YACrD,OAAO,EAAE,IAAI,CAAC,UAAU,EAAE;SAC3B,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAA4B,CAAC;QAE/D,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YACpC,OAAO,MAAM,CAAC,MAAM,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,IAAI,uBAAuB,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;CACF;AAvFD,8CAuFC"}
|
package/dist/server.d.ts
CHANGED
|
@@ -3,6 +3,7 @@ export interface ServerOptions {
|
|
|
3
3
|
port: number;
|
|
4
4
|
config: DatabaseConfig;
|
|
5
5
|
allowWrite?: boolean;
|
|
6
|
+
authToken?: string;
|
|
6
7
|
}
|
|
7
8
|
export declare class SqlProxyServer {
|
|
8
9
|
private app;
|
|
@@ -10,6 +11,7 @@ export declare class SqlProxyServer {
|
|
|
10
11
|
private config;
|
|
11
12
|
private port;
|
|
12
13
|
private server;
|
|
14
|
+
private authToken?;
|
|
13
15
|
constructor(options: ServerOptions);
|
|
14
16
|
private setupMiddleware;
|
|
15
17
|
private setupRoutes;
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAGzC,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,cAAc,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,GAAG,CAAsB;IACjC,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,IAAI,CAAS;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAC,CAAS;gBAEf,OAAO,EAAE,aAAa;IAclC,OAAO,CAAC,eAAe;IAkCvB,OAAO,CAAC,WAAW;IAsGnB,OAAO,IAAI,MAAM;YAIH,SAAS;IAmBjB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IA6CtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAQ5B"}
|
package/dist/server.js
CHANGED
|
@@ -11,6 +11,7 @@ class SqlProxyServer {
|
|
|
11
11
|
this.app = (0, express_1.default)();
|
|
12
12
|
this.config = options.config;
|
|
13
13
|
this.port = options.port;
|
|
14
|
+
this.authToken = options.authToken;
|
|
14
15
|
this.client = new client_1.DatabaseClient({
|
|
15
16
|
config: options.config,
|
|
16
17
|
allowWrite: options.allowWrite,
|
|
@@ -26,6 +27,28 @@ class SqlProxyServer {
|
|
|
26
27
|
console.log(`[${new Date().toISOString()}] ${req.method} ${req.path}`);
|
|
27
28
|
next();
|
|
28
29
|
});
|
|
30
|
+
// Auth token validation
|
|
31
|
+
if (this.authToken) {
|
|
32
|
+
this.app.use((req, res, next) => {
|
|
33
|
+
const authHeader = req.headers.authorization;
|
|
34
|
+
if (!authHeader || !authHeader.startsWith('Bearer ')) {
|
|
35
|
+
res.status(401).json({
|
|
36
|
+
success: false,
|
|
37
|
+
error: 'Missing or invalid Authorization header. Expected: Bearer <token>',
|
|
38
|
+
});
|
|
39
|
+
return;
|
|
40
|
+
}
|
|
41
|
+
const token = authHeader.substring(7); // Remove 'Bearer ' prefix
|
|
42
|
+
if (token !== this.authToken) {
|
|
43
|
+
res.status(403).json({
|
|
44
|
+
success: false,
|
|
45
|
+
error: 'Invalid auth token',
|
|
46
|
+
});
|
|
47
|
+
return;
|
|
48
|
+
}
|
|
49
|
+
next();
|
|
50
|
+
});
|
|
51
|
+
}
|
|
29
52
|
}
|
|
30
53
|
setupRoutes() {
|
|
31
54
|
// Health check endpoint
|
|
@@ -179,6 +202,7 @@ class SqlProxyServer {
|
|
|
179
202
|
this.port = actualPort;
|
|
180
203
|
console.log(`SQL Proxy Server running on http://localhost:${this.port}`);
|
|
181
204
|
console.log(`Mode: ${this.client.isWriteAllowed() ? 'READ/WRITE' : 'READ-ONLY'}`);
|
|
205
|
+
console.log(`Auth: ${this.authToken ? 'ENABLED (Bearer token required)' : 'DISABLED'}`);
|
|
182
206
|
console.log('');
|
|
183
207
|
console.log('Endpoints:');
|
|
184
208
|
console.log(` GET http://localhost:${this.port}/health - Health check`);
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;;AAAA,sDAAmE;AAEnE,qCAA0C;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;;;;AAAA,sDAAmE;AAEnE,qCAA0C;AAS1C,MAAa,cAAc;IAQzB,YAAY,OAAsB;QAChC,IAAI,CAAC,GAAG,GAAG,IAAA,iBAAO,GAAE,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,uBAAc,CAAC;YAC/B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;SAC/B,CAAC,CAAC;QAEH,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAEO,eAAe;QACrB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QAEnD,kBAAkB;QAClB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC/D,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,EAAE,CAAC;QACT,CAAC,CAAC,CAAC;QAEH,wBAAwB;QACxB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;gBAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;gBAC7C,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACrD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,mEAAmE;qBAC3E,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;gBACjE,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;oBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,oBAAoB;qBAC5B,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBACD,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,WAAW;QACjB,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YACtD,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,IAAI,GAAW,CAAC;gBAEhB,wCAAwC;gBACxC,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACjC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC;gBACjB,CAAC;qBAAM,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;oBACpC,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,6DAA6D;qBACrE,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC/D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,2BAA2B;qBACnC,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,wBAAwB;gBACxB,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,UAAU,GAAG,EAAE,CAAC,CAAC;gBAEzD,iCAAiC;gBACjC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC;gBAE9D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,GAAG,CAAC,IAAI,CAAC;wBACP,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,MAAM,CAAC,IAAI;wBACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;qBAC1B,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,kEAAkE;oBAClE,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;oBAC7E,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;wBAC1B,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,MAAM,CAAC,KAAK;wBACnB,iBAAiB,EAAE,MAAM,CAAC,UAAU,EAAE,gBAAgB;qBACvD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;gBACrC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;YAC5D,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC9C,GAAG,CAAC,IAAI,CAAC;oBACP,OAAO,EAAE,IAAI;oBACb,MAAM;oBACN,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE;iBACrD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,KAAK,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,cAAc;QACd,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;YAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,WAAW;gBAClB,mBAAmB,EAAE;oBACnB,4BAA4B;oBAC5B,iCAAiC;oBACjC,qCAAqC;iBACtC;aACF,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,gBAAgB;QAChB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAU,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC3E,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,uBAAuB;aAC/B,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,IAAY,EAAE,aAAqB,EAAE;QAC3D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;gBACxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;gBACrB,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;gBAChD,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;oBAChD,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,sBAAsB,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;oBAC7D,MAAM,CAAC,KAAK,EAAE,CAAC;oBACf,IAAI,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACvE,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,KAAK;QACT,0BAA0B;QAC1B,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QAC7D,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAElD,wBAAwB;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YAC9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;YACrC,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBACvB,MAAM,YAAY,GAAG,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;oBACtD,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpE,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAEhB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QAED,gDAAgD;QAChD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QAEvB,OAAO,CAAC,GAAG,CAAC,gDAAgD,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAClF,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACxF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,yBAAyB,CAAC,CAAC;QAC3E,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,8BAA8B,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,CAAC,IAAI,wBAAwB,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;QACL,CAAC;QACD,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACjC,CAAC;CACF;AA1OD,wCA0OC"}
|
package/dist/types.d.ts
CHANGED
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,YAAY,GAAG,OAAO,GAAG,SAAS,GAAG,WAAW,CAAC;AAExE,MAAM,WAAW,oBAAoB;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,YAAY,GAAG,OAAO,GAAG,SAAS,GAAG,WAAW,CAAC;AAExE,MAAM,WAAW,oBAAoB;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,MAAM,aAAa,GAAG,oBAAoB,GAAG,mBAAmB,CAAC;AAEvE,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,QAAQ,CAAC;IACpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,cAAc,EAAE,aAAa,CAAC;CAC/B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAChD,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CACjC"}
|
package/dist/validator.d.ts
CHANGED
|
@@ -5,5 +5,5 @@ export interface ValidationResult {
|
|
|
5
5
|
disallowedTables?: string[];
|
|
6
6
|
isReadOnly?: boolean;
|
|
7
7
|
}
|
|
8
|
-
export declare function validateQuery(sql: string, disallowedTables?: string[], readOnly?: boolean): ValidationResult;
|
|
8
|
+
export declare function validateQuery(sql: string, disallowedTables?: string[], readOnly?: boolean, dbEngine?: string): ValidationResult;
|
|
9
9
|
//# sourceMappingURL=validator.d.ts.map
|
package/dist/validator.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAKD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,GAAE,OAAc,GAAG,gBAAgB,
|
|
1
|
+
{"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAKD,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,EAAE,QAAQ,GAAE,OAAc,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,gBAAgB,CAsDrI"}
|
package/dist/validator.js
CHANGED
|
@@ -5,10 +5,17 @@ const node_sql_parser_1 = require("node-sql-parser");
|
|
|
5
5
|
const parser = new node_sql_parser_1.Parser();
|
|
6
6
|
// SQL statement types that modify data
|
|
7
7
|
const WRITE_OPERATIONS = ['insert', 'update', 'delete', 'replace', 'truncate', 'drop', 'alter', 'create', 'rename'];
|
|
8
|
-
function validateQuery(sql, disallowedTables, readOnly = true) {
|
|
8
|
+
function validateQuery(sql, disallowedTables, readOnly = true, dbEngine) {
|
|
9
9
|
try {
|
|
10
|
+
// Map db engine to node-sql-parser database option
|
|
11
|
+
const databaseMap = {
|
|
12
|
+
postgresql: 'PostgreSQL',
|
|
13
|
+
mysql: 'MySQL',
|
|
14
|
+
snowflake: 'Snowflake',
|
|
15
|
+
};
|
|
16
|
+
const database = dbEngine ? databaseMap[dbEngine.toLowerCase()] : undefined;
|
|
10
17
|
// Parse the SQL to extract table references
|
|
11
|
-
const ast = parser.astify(sql);
|
|
18
|
+
const ast = parser.astify(sql, database ? { database } : undefined);
|
|
12
19
|
const tables = extractTables(ast);
|
|
13
20
|
const isReadOnly = checkIsReadOnly(ast);
|
|
14
21
|
// Check read-only mode
|
package/dist/validator.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":";;AAeA,
|
|
1
|
+
{"version":3,"file":"validator.js","sourceRoot":"","sources":["../src/validator.ts"],"names":[],"mappings":";;AAeA,sCAsDC;AArED,qDAAyC;AAEzC,MAAM,MAAM,GAAG,IAAI,wBAAM,EAAE,CAAC;AAU5B,uCAAuC;AACvC,MAAM,gBAAgB,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAEpH,SAAgB,aAAa,CAAC,GAAW,EAAE,gBAA2B,EAAE,WAAoB,IAAI,EAAE,QAAiB;IACjH,IAAI,CAAC;QACH,mDAAmD;QACnD,MAAM,WAAW,GAA2B;YAC1C,UAAU,EAAE,YAAY;YACxB,KAAK,EAAE,OAAO;YACd,SAAS,EAAE,WAAW;SACvB,CAAC;QACF,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5E,4CAA4C;QAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QAExC,uBAAuB;QACvB,IAAI,QAAQ,IAAI,CAAC,UAAU,EAAE,CAAC;YAC5B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM;gBACN,UAAU;gBACV,KAAK,EAAE,sHAAsH;aAC9H,CAAC;QACJ,CAAC;QAED,oDAAoD;QACpD,IAAI,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAC7C,CAAC;QAED,0DAA0D;QAC1D,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC1E,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAC9C,oBAAoB,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CACnD,CAAC;QAEF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM;gBACN,UAAU;gBACV,gBAAgB,EAAE,eAAe;gBACjC,KAAK,EAAE,8BAA8B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAClE,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAC7C,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,sBAAsB,KAAK,CAAC,OAAO,EAAE;SAC7C,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,GAAQ;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;IACrC,IAAI,IAAI,IAAI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,GAAQ;IAC7B,MAAM,MAAM,GAAgB,IAAI,GAAG,EAAE,CAAC;IAEtC,SAAS,QAAQ,CAAC,KAAU;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;aAAM,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACjF,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,SAAS,QAAQ,CAAC,IAAS;QACzB,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACvB,OAAO;QACT,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO;QAErC,0CAA0C;QAC1C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACrE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,mEAAmE;QACnE,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACnC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QAED,4CAA4C;QAC5C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;gBACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS,iBAAiB,CAAC,IAAS;QAClC,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;gBACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACf,oBAAoB;gBACpB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;oBACd,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,QAAQ,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC5B,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@yunfanye/sql-proxy",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.6.1",
|
|
4
4
|
"description": "A SQL proxy server that accepts SQL queries via HTTP and executes them against configured database backends (PostgreSQL, MySQL, Snowflake)",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|