astro-sessionkit 0.1.13 → 0.1.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/config.d.ts +4 -2
- package/dist/core/config.d.ts.map +1 -1
- package/dist/core/config.js +20 -19
- package/dist/core/config.js.map +1 -1
- package/dist/core/guardMiddleware.d.ts.map +1 -1
- package/dist/core/guardMiddleware.js +25 -3
- package/dist/core/guardMiddleware.js.map +1 -1
- package/dist/core/matcher.d.ts.map +1 -1
- package/dist/core/matcher.js +15 -4
- package/dist/core/matcher.js.map +1 -1
- package/dist/core/sessionMiddleware.d.ts.map +1 -1
- package/dist/core/sessionMiddleware.js +6 -3
- package/dist/core/sessionMiddleware.js.map +1 -1
- package/dist/core/validation.d.ts.map +1 -1
- package/dist/core/validation.js +6 -10
- package/dist/core/validation.js.map +1 -1
- package/package.json +1 -1
package/dist/core/config.d.ts
CHANGED
|
@@ -2,8 +2,10 @@ import type { SessionKitConfig, AccessHooks, ProtectionRule, SessionContext } fr
|
|
|
2
2
|
export interface ResolvedConfig {
|
|
3
3
|
loginPath: string;
|
|
4
4
|
protect: ProtectionRule[];
|
|
5
|
-
access: Required<AccessHooks
|
|
6
|
-
|
|
5
|
+
access: Required<Omit<AccessHooks, "check">> & {
|
|
6
|
+
check?: AccessHooks["check"];
|
|
7
|
+
};
|
|
8
|
+
runWithContext?: <T>(context: SessionContext, fn: () => T) => T | Promise<T>;
|
|
7
9
|
getContextStore?: () => SessionContext | undefined;
|
|
8
10
|
setContextStore?: (context: SessionContext) => void;
|
|
9
11
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/core/config.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,gBAAgB,EAAE,WAAW,EAAE,cAAc,EAAW,cAAc,EAAC,MAAM,SAAS,CAAC;AAMpG,MAAM,WAAW,cAAc;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/core/config.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,gBAAgB,EAAE,WAAW,EAAE,cAAc,EAAW,cAAc,EAAC,MAAM,SAAS,CAAC;AAMpG,MAAM,WAAW,cAAc;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,GAAG;QAC3C,KAAK,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;KAChC,CAAC;IACF,cAAc,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7E,eAAe,CAAC,EAAE,MAAM,cAAc,GAAG,SAAS,CAAC;IACnD,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,IAAI,CAAC;CACvD;AAiBD,wBAAgB,SAAS,CAAC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CA2D5D;AAKD,wBAAgB,SAAS,IAAI,cAAc,CAE1C"}
|
package/dist/core/config.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { isValidRedirectPath, isValidPattern } from './validation.js';
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
const DEFAULT_CONFIG = {
|
|
4
4
|
loginPath: "/login",
|
|
5
5
|
protect: [],
|
|
6
6
|
access: {
|
|
@@ -8,14 +8,15 @@ let config = {
|
|
|
8
8
|
getPermissions: (session) => session?.permissions ?? [],
|
|
9
9
|
check: undefined,
|
|
10
10
|
},
|
|
11
|
-
runWithContext: undefined,
|
|
12
|
-
getContextStore: undefined,
|
|
13
|
-
setContextStore: undefined,
|
|
14
11
|
};
|
|
12
|
+
let config = { ...DEFAULT_CONFIG };
|
|
15
13
|
function setConfig(userConfig) {
|
|
16
|
-
const
|
|
17
|
-
if (
|
|
18
|
-
|
|
14
|
+
const newConfig = { ...DEFAULT_CONFIG };
|
|
15
|
+
if (userConfig.loginPath !== undefined) {
|
|
16
|
+
if (!isValidRedirectPath(userConfig.loginPath)) {
|
|
17
|
+
throw new Error(`[SessionKit] Invalid loginPath: "${userConfig.loginPath}". Must start with / and be less than 500 characters.`);
|
|
18
|
+
}
|
|
19
|
+
newConfig.loginPath = userConfig.loginPath;
|
|
19
20
|
}
|
|
20
21
|
if (userConfig.protect) {
|
|
21
22
|
for (const rule of userConfig.protect) {
|
|
@@ -28,22 +29,22 @@ function setConfig(userConfig) {
|
|
|
28
29
|
`Must start with / and be less than 500 characters.`);
|
|
29
30
|
}
|
|
30
31
|
}
|
|
32
|
+
newConfig.protect = [...userConfig.protect];
|
|
31
33
|
}
|
|
32
34
|
if ((userConfig.getContextStore && !userConfig.setContextStore) || (!userConfig.getContextStore && userConfig.setContextStore)) {
|
|
33
35
|
throw new Error('[SessionKit] Both getContextStore and setContextStore must be provided together if using custom context storage.');
|
|
34
36
|
}
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
};
|
|
37
|
+
if (userConfig.access) {
|
|
38
|
+
newConfig.access = {
|
|
39
|
+
getRole: userConfig.access.getRole ?? DEFAULT_CONFIG.access.getRole,
|
|
40
|
+
getPermissions: userConfig.access.getPermissions ?? DEFAULT_CONFIG.access.getPermissions,
|
|
41
|
+
check: userConfig.access.check,
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
newConfig.runWithContext = userConfig.runWithContext;
|
|
45
|
+
newConfig.getContextStore = userConfig.getContextStore;
|
|
46
|
+
newConfig.setContextStore = userConfig.setContextStore;
|
|
47
|
+
config = Object.freeze(newConfig);
|
|
47
48
|
}
|
|
48
49
|
function getConfig() {
|
|
49
50
|
return config;
|
package/dist/core/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sources":["../../src/core/config.ts"],"sourcesContent":[null],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"config.js","sources":["../../src/core/config.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAqBA,MAAM,cAAc,GAAmB;AACnC,IAAA,SAAS,EAAE,QAAQ;AACnB,IAAA,OAAO,EAAE,EAAE;AACX,IAAA,MAAM,EAAE;QACJ,OAAO,EAAE,CAAC,OAAuB,KAAK,OAAO,EAAE,IAAI,IAAI,IAAI;QAC3D,cAAc,EAAE,CAAC,OAAuB,KAAK,OAAO,EAAE,WAAW,IAAI,EAAE;AACvE,QAAA,KAAK,EAAE,SAAS;AACnB,KAAA;CACJ;AAED,IAAI,MAAM,GAAmB,EAAE,GAAG,cAAc,EAAE;AAK5C,SAAU,SAAS,CAAC,UAA4B,EAAA;AAElD,IAAA,MAAM,SAAS,GAAmB,EAAE,GAAG,cAAc,EAAE;AAGvD,IAAA,IAAI,UAAU,CAAC,SAAS,KAAK,SAAS,EAAE;QACpC,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YAC5C,MAAM,IAAI,KAAK,CACX,CAAA,iCAAA,EAAoC,UAAU,CAAC,SAAS,CAAA,qDAAA,CAAuD,CAClH;QACL;AACA,QAAA,SAAS,CAAC,SAAS,GAAG,UAAU,CAAC,SAAS;IAC9C;AAGA,IAAA,IAAI,UAAU,CAAC,OAAO,EAAE;AACpB,QAAA,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,OAAO,EAAE;YAEnC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;AAC/B,gBAAA,MAAM,IAAI,KAAK,CACX,kCAAkC,IAAI,CAAC,OAAO,CAAA,GAAA,CAAK;AACnD,oBAAA,CAAA,4DAAA,CAA8D,CACjE;YACL;AAGA,YAAA,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE;AAC1D,gBAAA,MAAM,IAAI,KAAK,CACX,qCAAqC,IAAI,CAAC,UAAU,CAAA,GAAA,CAAK;AACzD,oBAAA,CAAA,kDAAA,CAAoD,CACvD;YACL;QACJ;QACA,SAAS,CAAC,OAAO,GAAG,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC;IAC/C;IAGA,IAAI,CAAC,UAAU,CAAC,eAAe,IAAI,CAAC,UAAU,CAAC,eAAe,MAAM,CAAC,UAAU,CAAC,eAAe,IAAI,UAAU,CAAC,eAAe,CAAC,EAAE;AAC5H,QAAA,MAAM,IAAI,KAAK,CACX,kHAAkH,CACrH;IACL;AAGA,IAAA,IAAI,UAAU,CAAC,MAAM,EAAE;QACnB,SAAS,CAAC,MAAM,GAAG;YACf,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,OAAO;YACnE,cAAc,EAAE,UAAU,CAAC,MAAM,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,CAAC,cAAc;AACxF,YAAA,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,KAAK;SACjC;IACL;AAGA,IAAA,SAAS,CAAC,cAAc,GAAG,UAAU,CAAC,cAAc;AACpD,IAAA,SAAS,CAAC,eAAe,GAAG,UAAU,CAAC,eAAe;AACtD,IAAA,SAAS,CAAC,eAAe,GAAG,UAAU,CAAC,eAAe;AAGtD,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;AACrC;SAKgB,SAAS,GAAA;AACrB,IAAA,OAAO,MAAM;AACjB;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAa,iBAAiB,EAAC,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"guardMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/guardMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAa,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAwEzD,wBAAgB,qBAAqB,IAAI,iBAAiB,CAqCzD"}
|
|
@@ -5,10 +5,26 @@ import { matchesPattern } from './matcher.js';
|
|
|
5
5
|
async function checkRule(rule, session) {
|
|
6
6
|
const { access } = getConfig();
|
|
7
7
|
if (access.check) {
|
|
8
|
-
|
|
8
|
+
try {
|
|
9
|
+
return await access.check(rule, session);
|
|
10
|
+
}
|
|
11
|
+
catch (error) {
|
|
12
|
+
if (process.env.NODE_ENV !== 'production') {
|
|
13
|
+
console.error('[SessionKit] Error in custom access check hook:', error);
|
|
14
|
+
}
|
|
15
|
+
return false;
|
|
16
|
+
}
|
|
9
17
|
}
|
|
10
18
|
if ("allow" in rule) {
|
|
11
|
-
|
|
19
|
+
try {
|
|
20
|
+
return await rule.allow(session);
|
|
21
|
+
}
|
|
22
|
+
catch (error) {
|
|
23
|
+
if (process.env.NODE_ENV !== 'production') {
|
|
24
|
+
console.error('[SessionKit] Error in custom rule allow function:', error);
|
|
25
|
+
}
|
|
26
|
+
return false;
|
|
27
|
+
}
|
|
12
28
|
}
|
|
13
29
|
if (!session) {
|
|
14
30
|
return false;
|
|
@@ -37,7 +53,13 @@ function createGuardMiddleware() {
|
|
|
37
53
|
if (protect.length === 0) {
|
|
38
54
|
return next();
|
|
39
55
|
}
|
|
40
|
-
|
|
56
|
+
let pathname;
|
|
57
|
+
try {
|
|
58
|
+
pathname = new URL(context.request.url).pathname;
|
|
59
|
+
}
|
|
60
|
+
catch {
|
|
61
|
+
pathname = "/";
|
|
62
|
+
}
|
|
41
63
|
const sessionContext = getContextStore();
|
|
42
64
|
const session = sessionContext?.session ?? null;
|
|
43
65
|
const rule = protect.find((r) => matchesPattern(r.pattern, pathname));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAaA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,
|
|
1
|
+
{"version":3,"file":"guardMiddleware.js","sources":["../../src/core/guardMiddleware.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAaA,eAAe,SAAS,CAAC,IAAoB,EAAE,OAAuB,EAAA;AACpE,IAAA,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE;AAG9B,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE;AAChB,QAAA,IAAI;YACF,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,OAAO,CAAC;QAC1C;QAAE,OAAO,KAAK,EAAE;YACd,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;AACzC,gBAAA,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,KAAK,CAAC;YACzE;AACA,YAAA,OAAO,KAAK;QACd;IACF;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;AACnB,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QAClC;QAAE,OAAO,KAAK,EAAE;YACd,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;AACzC,gBAAA,OAAO,CAAC,KAAK,CAAC,mDAAmD,EAAE,KAAK,CAAC;YAC3E;AACA,YAAA,OAAO,KAAK;QACd;IACF;IAGA,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,KAAK;IACd;AAGA,IAAA,IAAI,MAAM,IAAI,IAAI,EAAE;QAClB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,CAAC,IAAI;IAC/B;AAGA,IAAA,IAAI,OAAO,IAAI,IAAI,EAAE;QACnB,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;AACxC,QAAA,OAAO,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAC3D;AAGA,IAAA,IAAI,YAAY,IAAI,IAAI,EAAE;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;QACtD,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;IAClD;AAGA,IAAA,IAAI,aAAa,IAAI,IAAI,EAAE;QACzB,MAAM,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC;AACtD,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnE;AAGA,IAAA,OAAO,IAAI;AACb;SAKgB,qBAAqB,GAAA;AACnC,IAAA,OAAO,OAAO,OAAoB,EAAE,IAAI,KAAI;QAC1C,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE;AAG1C,QAAA,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;YACxB,OAAO,IAAI,EAAE;QACf;AAEA,QAAA,IAAI,QAAgB;AACpB,QAAA,IAAI;AACF,YAAA,QAAQ,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ;QAClD;AAAE,QAAA,MAAM;YAEN,QAAQ,GAAG,GAAG;QAChB;AACA,QAAA,MAAM,cAAc,GAAG,eAAe,EAAE;AACxC,QAAA,MAAM,OAAO,GAAG,cAAc,EAAE,OAAO,IAAI,IAAI;QAG/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,cAAc,CAAC,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAGrE,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,EAAE;QACf;QAGA,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC;QAE9C,IAAI,CAAC,OAAO,EAAE;AACZ,YAAA,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,SAAS;AAC/C,YAAA,OAAO,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;QACrC;QAEA,OAAO,IAAI,EAAE;AACf,IAAA,CAAC;AACH;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"matcher.d.ts","sourceRoot":"","sources":["../../src/core/matcher.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"matcher.d.ts","sourceRoot":"","sources":["../../src/core/matcher.ts"],"names":[],"mappings":"AA0DA,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAErE"}
|
package/dist/core/matcher.js
CHANGED
|
@@ -10,10 +10,21 @@ function globToRegex(pattern) {
|
|
|
10
10
|
if (char === "*" && next === "*") {
|
|
11
11
|
const isAtEnd = i + 2 === pattern.length;
|
|
12
12
|
const prevIsSlash = i > 0 && pattern[i - 1] === "/";
|
|
13
|
-
if (
|
|
14
|
-
if (
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
if (prevIsSlash) {
|
|
14
|
+
if (isAtEnd) {
|
|
15
|
+
if (regex.endsWith("/"))
|
|
16
|
+
regex = regex.slice(0, -1);
|
|
17
|
+
regex += "(?:/.*)?";
|
|
18
|
+
}
|
|
19
|
+
else if (pattern[i + 2] === "/") {
|
|
20
|
+
if (regex.endsWith("/"))
|
|
21
|
+
regex = regex.slice(0, -1);
|
|
22
|
+
regex += "(?:/.*)?";
|
|
23
|
+
i += 1;
|
|
24
|
+
}
|
|
25
|
+
else {
|
|
26
|
+
regex += ".*";
|
|
27
|
+
}
|
|
17
28
|
}
|
|
18
29
|
else {
|
|
19
30
|
regex += ".*";
|
package/dist/core/matcher.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"matcher.js","sources":["../../src/core/matcher.ts"],"sourcesContent":[null],"names":[],"mappings":"AAIA,SAAS,WAAW,CAAC,GAAW,EAAA;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC;AACnD;AAEA,SAAS,WAAW,CAAC,OAAe,EAAA;IAClC,IAAI,KAAK,GAAG,EAAE;IACd,IAAI,CAAC,GAAG,CAAC;AAET,IAAA,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE;AACzB,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;QAG3B,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE;YAChC,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,MAAM;AACxC,YAAA,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG;
|
|
1
|
+
{"version":3,"file":"matcher.js","sources":["../../src/core/matcher.ts"],"sourcesContent":[null],"names":[],"mappings":"AAIA,SAAS,WAAW,CAAC,GAAW,EAAA;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC;AACnD;AAEA,SAAS,WAAW,CAAC,OAAe,EAAA;IAClC,IAAI,KAAK,GAAG,EAAE;IACd,IAAI,CAAC,GAAG,CAAC;AAET,IAAA,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE;AACzB,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC;QACvB,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;QAG3B,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE;YAChC,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,MAAM;AACxC,YAAA,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG;YAEnD,IAAI,WAAW,EAAE;gBAEf,IAAI,OAAO,EAAE;AAEX,oBAAA,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;wBAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;oBACnD,KAAK,IAAI,UAAU;gBACrB;qBAAO,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE;AAEjC,oBAAA,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;wBAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;oBACnD,KAAK,IAAI,UAAU;oBACnB,CAAC,IAAI,CAAC;gBACR;qBAAO;oBACL,KAAK,IAAI,IAAI;gBACf;YACF;iBAAO;gBACL,KAAK,IAAI,IAAI;YACf;YAEA,CAAC,IAAI,CAAC;YACN;QACF;AAGA,QAAA,IAAI,IAAI,KAAK,GAAG,EAAE;YAEhB,KAAK,IAAI,kBAAkB;YAC3B,CAAC,IAAI,CAAC;YACN;QACF;AAEA,QAAA,KAAK,IAAI,WAAW,CAAC,IAAc,CAAC;QACpC,CAAC,IAAI,CAAC;IACR;AAEA,IAAA,OAAO,IAAI,MAAM,CAAC,IAAI,KAAK,CAAA,CAAA,CAAG,CAAC;AACjC;AAEM,SAAU,cAAc,CAAC,OAAe,EAAE,IAAY,EAAA;IAC1D,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;AACxC;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sessionMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/sessionMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAiB7C,eAAO,MAAM,iBAAiB,EAAE,
|
|
1
|
+
{"version":3,"file":"sessionMiddleware.d.ts","sourceRoot":"","sources":["../../src/core/sessionMiddleware.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,iBAAiB,EAAC,MAAM,OAAO,CAAC;AAiB7C,eAAO,MAAM,iBAAiB,EAAE,iBA2C/B,CAAC"}
|
|
@@ -21,12 +21,15 @@ const sessionMiddleware = async (context, next) => {
|
|
|
21
21
|
const config = getConfig();
|
|
22
22
|
if (config.getContextStore && !config.runWithContext) {
|
|
23
23
|
const store = config.getContextStore();
|
|
24
|
-
if (store)
|
|
24
|
+
if (store) {
|
|
25
25
|
store.session = session;
|
|
26
|
-
|
|
26
|
+
}
|
|
27
|
+
else if (config.setContextStore) {
|
|
27
28
|
config.setContextStore({ session });
|
|
28
|
-
|
|
29
|
+
}
|
|
30
|
+
else if (process.env.NODE_ENV !== 'production') {
|
|
29
31
|
console.error('[SessionKit] getContextStore returned undefined, cannot set session');
|
|
32
|
+
}
|
|
30
33
|
return next();
|
|
31
34
|
}
|
|
32
35
|
const runner = config.runWithContext ?? runWithContext;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sessionMiddleware.js","sources":["../../src/core/sessionMiddleware.ts"],"sourcesContent":[null],"names":["defaultRunWithContext"],"mappings":";;;;AAaA,MAAM,WAAW,GAAG,aAAa;AAQ1B,MAAM,iBAAiB,GAAsB,OAAO,OAAO,EAAE,IAAI,KAAI;AAExE,IAAA,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,CAAU,WAAW,CAAC,IAAI,IAAI;IAGrE,IAAI,OAAO,GAAmB,IAAI;IAElC,IAAI,UAAU,EAAE;AACZ,QAAA,IAAI,uBAAuB,CAAC,UAAU,CAAC,EAAE;YACrC,OAAO,GAAG,UAAU;QACxB;aAAO;YAEH,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;gBACvC,OAAO,CAAC,IAAI,CACR,4EAA4E;AAC5E,oBAAA,2EAA2E,CAC9E;YACL;YACA,OAAO,GAAG,IAAI;QAClB;IACJ;AAGA,IAAA,MAAM,MAAM,GAAG,SAAS,EAAE;IAK1B,IAAI,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;AAElD,QAAA,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE;
|
|
1
|
+
{"version":3,"file":"sessionMiddleware.js","sources":["../../src/core/sessionMiddleware.ts"],"sourcesContent":[null],"names":["defaultRunWithContext"],"mappings":";;;;AAaA,MAAM,WAAW,GAAG,aAAa;AAQ1B,MAAM,iBAAiB,GAAsB,OAAO,OAAO,EAAE,IAAI,KAAI;AAExE,IAAA,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,CAAU,WAAW,CAAC,IAAI,IAAI;IAGrE,IAAI,OAAO,GAAmB,IAAI;IAElC,IAAI,UAAU,EAAE;AACZ,QAAA,IAAI,uBAAuB,CAAC,UAAU,CAAC,EAAE;YACrC,OAAO,GAAG,UAAU;QACxB;aAAO;YAEH,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;gBACvC,OAAO,CAAC,IAAI,CACR,4EAA4E;AAC5E,oBAAA,2EAA2E,CAC9E;YACL;YACA,OAAO,GAAG,IAAI;QAClB;IACJ;AAGA,IAAA,MAAM,MAAM,GAAG,SAAS,EAAE;IAK1B,IAAI,MAAM,CAAC,eAAe,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;AAElD,QAAA,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE;QACtC,IAAI,KAAK,EAAE;AACP,YAAA,KAAK,CAAC,OAAO,GAAG,OAAO;QAC3B;AAAO,aAAA,IAAI,MAAM,CAAC,eAAe,EAAE;AAC/B,YAAA,MAAM,CAAC,eAAe,CAAC,EAAC,OAAO,EAAC,CAAC;QACrC;aAAO,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE;AAC9C,YAAA,OAAO,CAAC,KAAK,CAAC,qEAAqE,CAAC;QACxF;QACA,OAAO,IAAI,EAAE;IACjB;AAEA,IAAA,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,IAAIA,cAAqB;AAC7D,IAAA,OAAO,MAAM,CAAC,EAAC,OAAO,EAAC,EAAE,MAAM,IAAI,EAAE,CAAC;AAC1C;;;;"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/core/validation.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,SAAS,CAAC;AAMrC,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,OAAO,CAoExE;AAKD,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAgCvD;AAKD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/core/validation.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,SAAS,CAAC;AAMrC,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,OAAO,CAoExE;AAKD,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAgCvD;AAKD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAgBzD"}
|
package/dist/core/validation.js
CHANGED
|
@@ -17,7 +17,7 @@ function isValidSessionStructure(input) {
|
|
|
17
17
|
return false;
|
|
18
18
|
}
|
|
19
19
|
}
|
|
20
|
-
if (session.role !== undefined) {
|
|
20
|
+
if (session.role !== undefined && session.role !== null) {
|
|
21
21
|
if (typeof session.role !== 'string') {
|
|
22
22
|
return false;
|
|
23
23
|
}
|
|
@@ -25,7 +25,7 @@ function isValidSessionStructure(input) {
|
|
|
25
25
|
return false;
|
|
26
26
|
}
|
|
27
27
|
}
|
|
28
|
-
if (session.roles !== undefined) {
|
|
28
|
+
if (session.roles !== undefined && session.roles !== null) {
|
|
29
29
|
if (!Array.isArray(session.roles)) {
|
|
30
30
|
return false;
|
|
31
31
|
}
|
|
@@ -36,7 +36,7 @@ function isValidSessionStructure(input) {
|
|
|
36
36
|
return false;
|
|
37
37
|
}
|
|
38
38
|
}
|
|
39
|
-
if (session.permissions !== undefined) {
|
|
39
|
+
if (session.permissions !== undefined && session.permissions !== null) {
|
|
40
40
|
if (!Array.isArray(session.permissions)) {
|
|
41
41
|
return false;
|
|
42
42
|
}
|
|
@@ -50,9 +50,7 @@ function isValidSessionStructure(input) {
|
|
|
50
50
|
return true;
|
|
51
51
|
}
|
|
52
52
|
function isValidPattern(pattern) {
|
|
53
|
-
if (typeof pattern !==
|
|
54
|
-
return false;
|
|
55
|
-
if (pattern.length === 0)
|
|
53
|
+
if (typeof pattern !== 'string' || pattern.length === 0)
|
|
56
54
|
return false;
|
|
57
55
|
if (pattern.length > 1000)
|
|
58
56
|
return false;
|
|
@@ -77,15 +75,13 @@ function isValidPattern(pattern) {
|
|
|
77
75
|
return true;
|
|
78
76
|
}
|
|
79
77
|
function isValidRedirectPath(path) {
|
|
80
|
-
if (typeof path !==
|
|
78
|
+
if (typeof path !== 'string')
|
|
81
79
|
return false;
|
|
82
80
|
if (path.length === 0 || path.length > 500)
|
|
83
81
|
return false;
|
|
84
82
|
if (!path.startsWith("/") || path.startsWith("//"))
|
|
85
83
|
return false;
|
|
86
|
-
|
|
87
|
-
return false;
|
|
88
|
-
return true;
|
|
84
|
+
return !/^[a-zA-Z][a-zA-Z0-9+.-]*:/.test(path);
|
|
89
85
|
}
|
|
90
86
|
|
|
91
87
|
export { isValidPattern, isValidRedirectPath, isValidSessionStructure };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.js","sources":["../../src/core/validation.ts"],"sourcesContent":[null],"names":[],"mappings":"AAUM,SAAU,uBAAuB,CAAC,KAAc,EAAA;IAElD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;AACrC,QAAA,OAAO,KAAK;IAChB;IAEA,MAAM,OAAO,GAAG,KAAY;AAG5B,IAAA,IAAI,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE;AAC9D,QAAA,OAAO,KAAK;IAChB;IAGA,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE;AAC7B,QAAA,OAAO,KAAK;IAChB;AAGA,IAAA,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE;AAC7B,QAAA,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE;AACnC,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE;AAC5B,YAAA,OAAO,KAAK;QAChB;IACJ;AAEA,IAAA,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE;
|
|
1
|
+
{"version":3,"file":"validation.js","sources":["../../src/core/validation.ts"],"sourcesContent":[null],"names":[],"mappings":"AAUM,SAAU,uBAAuB,CAAC,KAAc,EAAA;IAElD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;AACrC,QAAA,OAAO,KAAK;IAChB;IAEA,MAAM,OAAO,GAAG,KAAY;AAG5B,IAAA,IAAI,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE;AAC9D,QAAA,OAAO,KAAK;IAChB;IAGA,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE;AAC7B,QAAA,OAAO,KAAK;IAChB;AAGA,IAAA,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE;AAC7B,QAAA,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE;AACnC,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE;AAC5B,YAAA,OAAO,KAAK;QAChB;IACJ;AAEA,IAAA,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE;AACrD,QAAA,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE;AAClC,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE;AAC3B,YAAA,OAAO,KAAK;QAChB;IACJ;AAEA,IAAA,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,KAAK,IAAI,EAAE;QACvD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;AAC/B,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE;AAC5B,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAM,KAAK,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE;AAC5E,YAAA,OAAO,KAAK;QAChB;IACJ;AAEA,IAAA,IAAI,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI,EAAE;QACnE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;AACrC,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,OAAO,CAAC,WAAW,CAAC,MAAM,GAAG,GAAG,EAAE;AAClC,YAAA,OAAO,KAAK;QAChB;QAEA,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAM,KAAK,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE;AAClF,YAAA,OAAO,KAAK;QAChB;IACJ;AAEA,IAAA,OAAO,IAAI;AACf;AAKM,SAAU,cAAc,CAAC,OAAe,EAAA;IAE1C,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;AAAE,QAAA,OAAO,KAAK;AAGrE,IAAA,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI;AAAE,QAAA,OAAO,KAAK;AAGvC,IAAA,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;AAAE,QAAA,OAAO,KAAK;AAG1C,IAAA,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;AAAE,QAAA,OAAO,KAAK;AAGxC,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;AACrC,QAAA,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE;QAExB,IAAI,CAAC,GAAG,CAAC;QACT,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG;AAAE,YAAA,CAAC,EAAE;AAEpD,QAAA,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC;AACjB,QAAA,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;AAAE,YAAA,OAAO,KAAK;AAIpC,QAAA,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC;AACvB,QAAA,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,GAAG;AAAE,YAAA,OAAO,KAAK;AAEpD,QAAA,CAAC,GAAG,CAAC,GAAG,CAAC;IACb;AAEA,IAAA,OAAO,IAAI;AACf;AAKM,SAAU,mBAAmB,CAAC,IAAY,EAAA;IAE5C,IAAI,OAAO,IAAI,KAAK,QAAQ;AAAE,QAAA,OAAO,KAAK;IAG1C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,GAAG;AAAE,QAAA,OAAO,KAAK;AAIxD,IAAA,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;AAAE,QAAA,OAAO,KAAK;AAIhE,IAAA,OAAO,CAAC,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC;AAGlD;;;;"}
|