npm - beech-api - Versions diffs - 3.7.23 → 3.8.0 - Mend

beech-api 3.7.23 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/README.md +490 -168
package/index.js +2 -2
package/package.json +8 -1
package/packages/cli/beech +2 -2
package/packages/cli/bin/beech-app.js +10 -8
package/packages/cli/bin/beech-service.js +1 -1
package/packages/cli/core/auth/Credentials.js +139 -89
package/packages/cli/core/auth/Passport.js +264 -164
package/packages/cli/core/auth/_Request.js +1 -1
package/packages/cli/core/configure/app.config-basic.js +2 -2
package/packages/cli/core/configure/app.config-sequelize.js +2 -2
package/packages/cli/core/configure/beech.config.js +1 -0
package/packages/cli/core/configure/passport.config.js +33 -13
package/packages/cli/core/databases/sequelize.js +3 -0
package/packages/cli/core/databases/test.js +5 -3
package/packages/cli/core/generator/_endpoints +5 -9
package/packages/cli/core/generator/_endpoints_basic +11 -8
package/packages/cli/core/generator/_help +1 -1
package/packages/cli/core/generator/_models +5 -4
package/packages/cli/core/generator/_models_basic +2 -2
package/packages/cli/core/generator/_package +5 -1
package/packages/cli/core/generator/{_add-on → _scheduler} +1 -1
package/packages/cli/core/generator/_spec +15 -10
package/packages/cli/core/generator/index.js +19 -44
package/packages/cli/core/helpers/2fa.js +85 -0
package/packages/cli/core/helpers/math.js +55 -7
package/packages/cli/core/helpers/poolEntity.js +29 -1
package/packages/cli/core/index.js +65 -34
package/packages/cli/core/middleware/express/duplicateRequest.js +12 -0
package/packages/cli/core/middleware/express/jwtCheckAllow.js +68 -0
package/packages/cli/core/middleware/express/rateLimit.js +17 -0
package/packages/cli/core/middleware/express/slowDown.js +2 -0
package/packages/cli/core/middleware/index.js +6 -0
package/packages/cli/core/middleware/origin/guard/advance.js +74 -0
package/packages/cli/core/{origin → middleware/origin}/whitelist/cors.js +15 -12
package/packages/cli/core/services/http.express.js +116 -72
package/packages/lib/index.js +3 -1
package/packages/lib/src/endpoint.js +523 -89
package/packages/lib/src/guard.js +61 -0
package/packages/lib/src/schema.js +57 -26
package/packages/lib/src/specificExpress.js +7 -0
package/packages/lib/src/user.js +94 -18
package/packages/cli/core/origin/index.js +0 -2

package/index.js CHANGED Viewed

@@ -1,2 +1,2 @@
-const { Base, Schema, Store, Update } = require("./packages/lib/index");
-module.exports = { Base, Schema, Store, Update };
+const { Schema, Guard, Store, Update, specificExpress } = require("./packages/lib/index");
+module.exports = { Schema, Guard, Store, Update, Express: specificExpress() };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "beech-api",
-  "version": "3.7.23",
+  "version": "3.8.0",
   "description": "Command line interface for rapid Beech API development",
   "keywords": [
     "api",
@@ -35,13 +35,19 @@
     "axios": "^0.26.1",
     "child-process-promise": "^2.2.1",
     "cli-clear": "^1.0.4",
+    "compression": "^1.7.5",
     "cookie-parser": "1.4.3",
     "cors": "^2.8.1",
+    "crypto-js": "^4.2.0",
     "cryptr": "^6.3.0",
     "express": "4.19.2",
+    "express-duplicate-request": "^1.0.3",
+    "express-rate-limit": "^7.4.0",
     "express-session": "^1.17.1",
+    "express-slow-down": "^2.0.3",
     "express-validator": "2.21.0",
     "fs": "0.0.1-security",
+    "helmet": "^8.1.0",
     "inquirer": "8.2.4",
     "jsonwebtoken": "^8.5.1",
     "log-update": "^4.0.0",
@@ -62,6 +68,7 @@
     "passport-oauth": "^1.0.0",
     "path": "^0.12.7",
     "sequelize": "^6.21.3",
+    "tedious": "^18.6.1",
     "walk": "^2.3.14"
   },
   "devDependencies": {

package/packages/cli/beech CHANGED Viewed

@@ -4,8 +4,8 @@
  * The beech api (cli) package generator and server (bash for developer and production build)
  *
  * @author bombkiml
- * @version 3.7
- * @built Apr 19, 2024 at 16:20:09
+ * @version 3.8
+ * @built Apr 30, 2024 at 16:53:09
  *
  */
 (process.argv[2]) ? require('./core/generator/index') : require('./core/index')

package/packages/cli/bin/beech-app.js CHANGED Viewed

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 const logUpdate = require("log-update");
 const clear = require("cli-clear");
 const inquirer = require('inquirer');
@@ -63,7 +63,7 @@ class Beech {
                   type: "checkbox",
                   name: "freature",
                   message: "[93mCheck the features needed for your project:[0m",
-                  choices: [ "Add-Ons", "Basic Helper", "Passport / JWT / Official Strategy Google, Facebook" ],
+                  choices: [ "Job Scheduler", "Basic Helper", "Passport / JWT / Official Strategy Google, Facebook" ],
                 } ]).then(resFreat => {
                   logUpdate(": Initialize...");
                   setTimeout(() => {
@@ -96,12 +96,12 @@ class Beech {
           }
         } else if (this.option == "update") {
           // upgrade the beech-api package
+          let isGlobalNpm = "npm install beech-api";
           let isGlobalYarn = "yarn add beech-api";
-          let isGlobalNpm = "npm update beech-api";
           let processUpdate = null;
           let lineStdout = "";
           if (this.argument == '-g' || this.argument == '--global') {
-            isGlobalNpm = "npm update beech-api -g";
+            isGlobalNpm = "npm install beech-api -g --force";
             isGlobalYarn = "yarn global add beech-api";
           }
           // prompt select
@@ -116,7 +116,9 @@ class Beech {
             setTimeout(() => {
               if(selectedPackage.package == "NPM") {
                 processUpdate = this.cmd.get(isGlobalNpm, (err) => {
-                  if (err) { throw err }
+                  if (err) {
+                    logUpdate("\n[101m OperationalError [0m The operation was rejected by your operating system. \n[91mEPERM:[0m operation not permitted CMD: '[93mnpm install beech-api -g --force[0m'");
+                  }
                 });
                 // npm install line shoutout
                 processUpdate.stdout.on('data', (npmData) => {
@@ -201,9 +203,9 @@ class Beech {
         let freatureLength = freatureArr.length;
         if (freatureLength) {
           freatureArr.map((f, key) => {
-            if (f.split(' ')[ 0 ] == "Add-Ons") {
-              (process.env.NODE_ENV == "development") ? this.cmd.get('cd ' + argument + ' && node cli/bin/beech-app.js add-on init') : this.cmd.get('cd ' + argument + ' && beech add-on init');
-              console.log("[" + (key + 1) + "/" + freatureLength + "] Installing Add-Ons");
+            if (f.split(' ')[ 0 ] == "Job") {
+              (process.env.NODE_ENV == "development") ? this.cmd.get('cd ' + argument + ' && node cli/bin/beech-app.js skd init') : this.cmd.get('cd ' + argument + ' && beech skd init');
+              console.log("[" + (key + 1) + "/" + freatureLength + "] Installing Job Scheduler");
             }
             if (f.split(' ')[ 0 ] == "Basic") {
               this.makeFolder(helperPath).then(this.copy.bind(this, tmpBasicHelperFile, pasteBasicHelperFile))

package/packages/cli/bin/beech-service.js CHANGED Viewed

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 const logUpdate = require("log-update");
 const notifier = require("node-notifier");
 const path = require("path");

package/packages/cli/core/auth/Credentials.js CHANGED Viewed

@@ -1,97 +1,147 @@
-const passport = require('passport');
-module.exports = {
-  credentials: (req, res, next) => {
-    return passport.authenticate("jwt", {
-      session: false
-    }, (err, user, info) => {
-      // error check
-      if (err) {
-        console.log(err, info);
-        return res.status(401).json({
-          code: 401,
-          error: "UNAUTHORIZED",
-          message: {
-            name: "WrongTokenError",
-            message: "token error."
-          },
-          /* dev: { err, info } */ // for dev info
-        });
-      }
-      // anything token check
-      if (!user) {
-        if(info) {
-          if (info.name == 'TokenExpiredError') {
-            return res.status(401).json({
-              code: 401,
-              status: 'TOKEN_EXPIRED',
-              message: info
-            });
-          }
-          if (info.name == 'Error') {
-            return res.status(401).json({
-              code: 401,
-              status: 'NO_AUTH_TOKEN',
-              message: {
-                name: 'NoTokenError',
-                message: 'No auth token'
-              }
-            });
-          }
-          if (info.name == 'SyntaxError') {
-            return res.status(401).json({
-              code: 401,
-              status: 'PAYLOAD_SYNTAX_ERROR',
-              message: {
-                name: 'SyntaxError',
-                message: 'Unexpected token < in JSON at position 0'
-              }
-            });
-          }
-        }
-        return res.status(401).json({
-          code: 401,
-          status: 'UNAUTHORIZED_USER',
-          message: info
-        });
-      }
-      // Check application key allow
-      const p1 = new Promise((resolve) => {
-        if (_passport_config_.app_key_allow) {
-          if (req.headers.app_key) {
-            if (_config_.main_config.app_key == req.headers.app_key) {
-              resolve(true);
-            } else {
-              res.status(401).json({
-                code: 401,
-                status: "BAD_REQUEST",
-                message: "Unauthorized with wrong key."
-              });
-            }
-          } else {
-            res.status(422).json({
-              code: 422,
-              status: "BAD_ENTIRY",
-              message: "Unprocessable Entity."
-            });
-          }
+const passport = require("passport");
+const fs = require("fs");
+const { checkRoleMiddleware } = require("../middleware/express/jwtCheckAllow");
+const passport_config_file = appRoot + "/passport.config.js";
+var passport_config;
+if (fs.existsSync(passport_config_file)) {
+  passport_config = require(passport_config_file);
+}
+const byPassCredentials = (options, _res = {}, _next = () => {}) => {
+  if(!options.length) {
+    if(passport_config.jwt_broken_role ? passport_config.jwt_broken_role.length > 0 : false) {
+      // CASE: jwt_broken_role DEFUALT is set
+      return [credentials, checkRoleMiddleware(passport_config.jwt_broken_role)(options, _res, _next)];
+    } else {
+      if(!Object.keys(options).length) {
+        return [credentials];
+      } else {
+        if("headers" in options) {
+          // CASE: Only Credentials
+          return [credentials(options, _res, _next)];
         } else {
-          resolve(true);
+          // CASE: jwt_broken_role DEFUALT is not set
+          return [credentials];
         }
+      }
+    }
+  } else {
+    // CASE: options Credentials is set
+    return [credentials, checkRoleMiddleware(options)];
+  }
+}
+const credentials = (req, res, next) => {
+  if (passport_config.jwt_allow === true) {
+    const auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
+    if(auth_endpoint.split("/")[1] == req.params.hash) {
+      return next();
+    }
+  }
+  return passport.authenticate("jwt", {
+    session: false,
+  }, (err, user, info) => {
+    // error check
+    if (err) {
+      console.log(err, info);
+      return res.status(401).json({
+        code: 401,
+        error: "UNAUTHORIZED",
+        message: {
+          name: "WrongTokenError",
+          message: "token error.",
+        },
+        /* dev: { err, info }, */ // for dev info
       });
-      Promise.all([p1]).then((passed) => {
-        if(passed) {
-          // Forward user information to the next middleware
-          req.user = user;
-          next();
-        } else {
-          // When wrong all case above.
-          res.status(401).json({
+    }
+    // anything token check
+    if (!user) {
+      if (info) {
+        if (info.name == "TokenExpiredError") {
+          return res.status(401).json({
             code: 401,
-            status: "ERR_UNAUTHORIZED_ENTIRY",
-            message: "Unauthorized with wrong key."
+            status: "TOKEN_EXPIRED",
+            message: info,
           });
         }
+        if (info.name == "Error") {
+          return res.status(401).json({
+            code: 401,
+            status: "NO_AUTH_TOKEN",
+            message: {
+              name: "NoTokenError",
+              message: "No auth token",
+            },
+          });
+        }
+        if (info.name == "SyntaxError") {
+          return res.status(401).json({
+            code: 401,
+            status: "PAYLOAD_SYNTAX_ERROR",
+            message: {
+              name: "SyntaxError",
+              message: "Unexpected token < in JSON at position 0",
+            },
+          });
+        }
+      }
+      return res.status(401).json({
+        code: 401,
+        status: "UNAUTHORIZED_USER",
+        message: info || {
+          name: "TokenError",
+          message: "Unauthorized token."
+        },
+      });
+    } else {
+      // Perfectly user jwt
+      return next();
+    }
+  })(req, res, next);
+}
+const credentialsGuard = (req, res, next) => {
+  checkAppKey(req, res, (checked) => {
+    if (checked) {
+      // Perfectly
+      next();
+    }
+  });
+}
+function checkAppKey(req, res, cb) {
+  if (_passport_config_.app_key_allow) {
+    if (req.headers.app_key) {
+      if (_config_.main_config.app_key == req.headers.app_key) {
+        return cb(true);
+      } else {
+        res.status(400).json({
+          code: 400,
+          status: 'BAD_REQUEST',
+          message: "Bad request.",
+          info: {
+            status: "BAD_VALUE",
+            message: "Bad with wrong key."
+          },
+        });
+        return cb(false);
+      }
+    } else {
+      res.status(400).json({
+        code: 400,
+        status: 'BAD_REQUEST',
+        message: "Bad request.",
+        info: {
+          status: "BAD_ENTITY",
+          message: "Bad with app entity key.",
+        },
       });
-    })(req, res, next);
+      return cb(false);
+    }
+  } else {
+    return cb(true);
   }
-}
+}
+module.exports = { byPassCredentials, credentials, credentialsGuard };