adminforth 2.17.0-next.33 → 2.17.0-next.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.d.ts +1 -1
- package/dist/auth.d.ts.map +1 -1
- package/dist/auth.js +9 -2
- package/dist/auth.js.map +1 -1
- package/package.json +2 -1
package/dist/auth.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import { IAdminForthAuth } from './types/Back.js';
|
|
|
3
3
|
declare class AdminForthAuth implements IAdminForthAuth {
|
|
4
4
|
adminforth: AdminForth;
|
|
5
5
|
constructor(adminforth: any);
|
|
6
|
-
getClientIp(headers: object):
|
|
6
|
+
getClientIp(headers: object): string;
|
|
7
7
|
removeAuthCookie(response: any): void;
|
|
8
8
|
setAuthCookie({ expireInDuration, response, username, pk }: {
|
|
9
9
|
expireInDuration?: string;
|
package/dist/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../auth.ts"],"names":[],"mappings":"AAGA,OAAO,UAAU,MAAM,YAAY,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../auth.ts"],"names":[],"mappings":"AAGA,OAAO,UAAU,MAAM,YAAY,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAoClD,cAAM,cAAe,YAAW,eAAe;IAC7C,UAAU,EAAE,UAAU,CAAC;gBAEX,UAAU,KAAA;IAIxB,WAAW,CAAC,OAAO,EAAE,MAAM;IAkCzB,gBAAgB,CAAC,QAAQ,KAAA;IAKzB,aAAa,CAAC,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAC,EAAE;QACzD,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,QAAQ,EAAE,GAAG,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAA;KAClB;IAWD,kBAAkB,CAAC,EAAC,QAAQ,EAAE,IAAI,EAAC;;;KAAA;IAKnC,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE;QACrC,QAAQ,EAAE,GAAG,CAAC;QAAC,OAAO,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;YAAC,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;YAAC,QAAQ,EAAE,OAAO,CAAA;SAAE,CAAA;KAC3I;IAiBD,eAAe,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACjC,OAAO,EAAE;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAC,EAAE,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KACtD,GAAG,MAAM,GAAG,IAAI;IAKjB,QAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,GAAE,MAAM,GAAG,MAAc,GAAG,MAAM;IAW7E,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,GAAE,OAAO,GAAG,SAAgB,GAAG,OAAO,CAAC,MAAM,CAAC;WAsChG,oBAAoB,CAAC,QAAQ,KAAA;WAM7B,cAAc,CAAC,QAAQ,KAAA,EAAE,cAAc,KAAA;CAOrD;AAED,eAAe,cAAc,CAAC"}
|
package/dist/auth.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import jwt from 'jsonwebtoken';
|
|
2
2
|
import crypto from 'crypto';
|
|
3
3
|
import { afLogger } from './modules/logger.js';
|
|
4
|
+
import is_ip_private from 'private-ip';
|
|
4
5
|
// Function to generate a password hash using PBKDF2
|
|
5
6
|
function calcPasswordHash(password, salt, iterations = 100000, keyLength = 64, digest = 'sha512') {
|
|
6
7
|
return new Promise((resolve, reject) => {
|
|
@@ -42,14 +43,15 @@ class AdminForthAuth {
|
|
|
42
43
|
acc[key.toLowerCase()] = headers[key];
|
|
43
44
|
return acc;
|
|
44
45
|
}, {});
|
|
46
|
+
let ip = null;
|
|
45
47
|
if (clientIpHeader) {
|
|
46
|
-
|
|
48
|
+
ip = headersLower[clientIpHeader.toLowerCase()];
|
|
47
49
|
}
|
|
48
50
|
else {
|
|
49
51
|
// first try common headers which can't bee spoofed, in other words
|
|
50
52
|
// most common to nginx/traefik/apache
|
|
51
53
|
// then fallback to less secure headers
|
|
52
|
-
|
|
54
|
+
ip = ((_a = headersLower['x-forwarded-for']) === null || _a === void 0 ? void 0 : _a.split(',').shift().trim()) ||
|
|
53
55
|
headersLower['x-real-ip'] ||
|
|
54
56
|
headersLower['x-client-ip'] ||
|
|
55
57
|
headersLower['x-cluster-client-ip'] ||
|
|
@@ -61,6 +63,11 @@ class AdminForthAuth {
|
|
|
61
63
|
headersLower['x-host'] ||
|
|
62
64
|
null;
|
|
63
65
|
}
|
|
66
|
+
const isIpPrivate = is_ip_private(ip);
|
|
67
|
+
if (isIpPrivate) {
|
|
68
|
+
return null;
|
|
69
|
+
}
|
|
70
|
+
return ip;
|
|
64
71
|
}
|
|
65
72
|
removeAuthCookie(response) {
|
|
66
73
|
const brandSlug = this.adminforth.config.customization.brandNameSlug;
|
package/dist/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAG5B,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../auth.ts"],"names":[],"mappings":"AACA,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAG5B,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,aAAa,MAAM,YAAY,CAAA;AAEtC,oDAAoD;AACpD,SAAS,gBAAgB,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,GAAG,MAAM,EAAE,SAAS,GAAG,EAAE,EAAE,MAAM,GAAG,QAAQ;IAC9F,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,GAAG,EAAE,UAAU,EAAE,EAAE;YAC/E,IAAI,GAAG;gBAAE,MAAM,CAAC,GAAG,CAAC,CAAC;YACrB,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,qCAAqC;AACrC,SAAS,YAAY,CAAC,MAAM,GAAG,EAAE;IAC/B,OAAO,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY;IACtC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,KAAK,CAAC;QACf,KAAK,GAAG;YACN,OAAO,KAAK,GAAG,EAAE,CAAC;QACpB,KAAK,GAAG;YACN,OAAO,KAAK,GAAG,EAAE,GAAG,EAAE,CAAC;QACzB,KAAK,GAAG;YACN,OAAO,KAAK,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC9B;YACE,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;AACH,CAAC;AAED,MAAM,cAAc;IAGlB,YAAY,UAAU;QACpB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAEH,WAAW,CAAC,OAAe;;QACvB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC;QAElE,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC5D,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;YACtC,OAAO,GAAG,CAAC;QACb,CAAC,EAAE,EAAE,CAAC,CAAC;QAEP,IAAI,EAAE,GAAkB,IAAI,CAAC;QAC7B,IAAI,cAAc,EAAE,CAAC;YACnB,EAAE,GAAG,YAAY,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC;QAClD,CAAC;aAAM,CAAC;YACN,mEAAmE;YACnE,sCAAsC;YACtC,uCAAuC;YACvC,EAAE,GAAG,CAAA,MAAA,YAAY,CAAC,iBAAiB,CAAC,0CAAE,KAAK,CAAC,GAAG,EAAE,KAAK,GAAG,IAAI,EAAE;gBAC9D,YAAY,CAAC,WAAW,CAAC;gBACzB,YAAY,CAAC,aAAa,CAAC;gBAC3B,YAAY,CAAC,qBAAqB,CAAC;gBACnC,YAAY,CAAC,WAAW,CAAC;gBACzB,YAAY,CAAC,aAAa,CAAC;gBAC3B,YAAY,CAAC,WAAW,CAAC;gBACzB,YAAY,CAAC,gBAAgB,CAAC;gBAC9B,YAAY,CAAC,QAAQ,CAAC;gBACtB,YAAY,CAAC,QAAQ,CAAC;gBACtB,IAAI,CAAC;QACR,CAAC;QACD,MAAM,WAAW,GAAG,aAAa,CAAC,EAAE,CAAC,CAAA;QACrC,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,gBAAgB,CAAC,QAAQ;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC;QACrE,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,SAAS,eAAe,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,GAAG,oEAAoE,CAAC,CAAC;IACpL,CAAC;IAED,aAAa,CAAC,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAKvD;QACC,MAAM,SAAS,GAAW,gBAAgB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,KAAK,CAAC,CAAC;QAC/F,2BAA2B;QAC3B,MAAM,YAAY,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAEnD,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAC,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;QACnE,MAAM,mBAAmB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QACrF,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC;QACrE,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,SAAS,QAAQ,KAAK,UAAU,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,GAAG,wCAAwC,mBAAmB,EAAE,CAAC,CAAC;IACrL,CAAC;IAED,kBAAkB,CAAC,EAAC,QAAQ,EAAE,IAAI,EAAC;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC;QACrE,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,SAAS,IAAI,IAAI,WAAW,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,GAAG,oEAAoE,CAAC,CAAC;IACxL,CAAC;IAED,eAAe,CAAC,EAAE,QAAQ,EAAE,OAAO,EAElC;QACC,MAAM,EAAC,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;QAEhE,IAAI,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,gBAAgB;QACpD,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAChC,QAAQ,GAAG,aAAa,GAAG,IAAI,CAAC;QAClC,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,iGAAiG,IAAI,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC;YACpI,QAAQ,GAAG,MAAM,CAAC;QACpB,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC;QACrE,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,SAAS,IAAI,IAAI,IAAI,KAAK,UAAU,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,GAAG,IACtH,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAC5B,6BAA6B,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,WAAW,EAAG,GAAG,CAAC,CAAC;IAClF,CAAC;IAED,eAAe,CAAC,EAAE,OAAO,EAAE,IAAI,EAE9B;;QACC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC;QACrE,OAAO,CAAA,MAAA,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,KAAK,cAAc,SAAS,IAAI,IAAI,EAAE,CAAC,0CAAE,KAAK,KAAI,IAAI,CAAC;IACnG,CAAC;IAED,QAAQ,CAAC,OAAe,EAAE,IAAY,EAAE,YAA6B,KAAK;QACxE,2DAA2D;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QAED,kBAAkB;QAClB,OAAO,GAAG,CAAC,IAAI,iCAAK,OAAO,KAAE,CAAC,EAAE,IAAI,KAAG,MAAM,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;IAChE,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,YAAoB,EAAE,aAAkC,IAAI;QACzF,2DAA2D;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,OAAO,CAAC;QACZ,IAAI,CAAC;YACH,mBAAmB;YACnB,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACrC,QAAQ,CAAC,KAAK,CAAC,kBAAkB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAClD,CAAC;iBAAO,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBAC7C,QAAQ,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAChD,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAC;YACvD,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC;QAC1B,IAAI,CAAC,KAAK,YAAY,EAAE,CAAC;YACvB,QAAQ,CAAC,KAAK,CAAC,2CAA2C,CAAC,aAAa,YAAY,EAAE,CAAC,CAAC;YACxF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YACrD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,QAAQ,CAAC,KAAK,CAAC,gBAAgB,EAAE,wBAAwB,CAAC,CAAC;gBAC3D,qCAAqC;gBACrC,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QAC1B,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,QAAQ;QACxC,MAAM,IAAI,GAAG,YAAY,EAAE,CAAC;QAC5B,MAAM,cAAc,GAAG,MAAM,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC9D,OAAO,GAAG,IAAI,IAAI,cAAc,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,QAAQ,EAAE,cAAc;QAClD,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACvD,OAAO,OAAO,KAAK,IAAI,CAAC;IAC1B,CAAC;CAGF;AAED,eAAe,cAAc,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "adminforth",
|
|
3
|
-
"version": "2.17.0-next.
|
|
3
|
+
"version": "2.17.0-next.34",
|
|
4
4
|
"description": "OpenSource Vue3 powered forth-generation admin panel",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.js",
|
|
@@ -84,6 +84,7 @@
|
|
|
84
84
|
"pg": "^8.11.5",
|
|
85
85
|
"pino": "^10.1.0",
|
|
86
86
|
"pino-pretty": "^13.1.3",
|
|
87
|
+
"private-ip": "^3.0.2",
|
|
87
88
|
"rate-limiter-flexible": "^8.1.0",
|
|
88
89
|
"recast": "^0.23.11",
|
|
89
90
|
"ws": "^8.18.0"
|