beech-api 3.7.23 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/README.md +490 -168
  2. package/index.js +2 -2
  3. package/package.json +8 -1
  4. package/packages/cli/beech +2 -2
  5. package/packages/cli/bin/beech-app.js +10 -8
  6. package/packages/cli/bin/beech-service.js +1 -1
  7. package/packages/cli/core/auth/Credentials.js +139 -89
  8. package/packages/cli/core/auth/Passport.js +264 -164
  9. package/packages/cli/core/auth/_Request.js +1 -1
  10. package/packages/cli/core/configure/app.config-basic.js +2 -2
  11. package/packages/cli/core/configure/app.config-sequelize.js +2 -2
  12. package/packages/cli/core/configure/beech.config.js +1 -0
  13. package/packages/cli/core/configure/passport.config.js +33 -13
  14. package/packages/cli/core/databases/sequelize.js +3 -0
  15. package/packages/cli/core/databases/test.js +5 -3
  16. package/packages/cli/core/generator/_endpoints +5 -9
  17. package/packages/cli/core/generator/_endpoints_basic +11 -8
  18. package/packages/cli/core/generator/_help +1 -1
  19. package/packages/cli/core/generator/_models +5 -4
  20. package/packages/cli/core/generator/_models_basic +2 -2
  21. package/packages/cli/core/generator/_package +5 -1
  22. package/packages/cli/core/generator/{_add-on → _scheduler} +1 -1
  23. package/packages/cli/core/generator/_spec +15 -10
  24. package/packages/cli/core/generator/index.js +19 -44
  25. package/packages/cli/core/helpers/2fa.js +85 -0
  26. package/packages/cli/core/helpers/math.js +55 -7
  27. package/packages/cli/core/helpers/poolEntity.js +29 -1
  28. package/packages/cli/core/index.js +65 -34
  29. package/packages/cli/core/middleware/express/duplicateRequest.js +12 -0
  30. package/packages/cli/core/middleware/express/jwtCheckAllow.js +68 -0
  31. package/packages/cli/core/middleware/express/rateLimit.js +17 -0
  32. package/packages/cli/core/middleware/express/slowDown.js +2 -0
  33. package/packages/cli/core/middleware/index.js +6 -0
  34. package/packages/cli/core/middleware/origin/guard/advance.js +74 -0
  35. package/packages/cli/core/{origin → middleware/origin}/whitelist/cors.js +15 -12
  36. package/packages/cli/core/services/http.express.js +116 -72
  37. package/packages/lib/index.js +3 -1
  38. package/packages/lib/src/endpoint.js +523 -89
  39. package/packages/lib/src/guard.js +61 -0
  40. package/packages/lib/src/schema.js +57 -26
  41. package/packages/lib/src/specificExpress.js +7 -0
  42. package/packages/lib/src/user.js +94 -18
  43. package/packages/cli/core/origin/index.js +0 -2
package/packages/cli/core/services/http.express.js CHANGED
@@ -1,8 +1,10 @@
1
- const appRoot = require("app-root-path");
2
1
  const package = require(appRoot + '/package.json');
3
2
  const fs = require("fs");
4
3
  const passport_config_file = "/passport.config.js";
5
4
  const auth = require("../auth/Credentials");
5
+ const { TwoFactor } = require("../helpers/2fa");
6
+ const { avgDeHashIt } = require(__dirname + "/../helpers/math");
7
+ const moment = require("moment");
6
8
 
7
9
  module.exports = {
8
10
  expressStart() {
@@ -14,7 +16,11 @@ module.exports = {
14
16
  await console.log('- Local: http://' + _config_.main_config.app_host + ':' + ExpressServer.address().port + '');
15
17
  await console.log('- Network: ' + _config_.main_config.client_host + '');
16
18
  await new Promise((resolve) => resolve(this.authentication()));
17
- await new Promise((resolve) => resolve(this.addOn()));
19
+ await new Promise((resolve) => {
20
+ if(this.scheduler()) {
21
+ resolve(true);
22
+ }
23
+ });
18
24
  await new Promise((resolve) => resolve(this.badRequest()));
19
25
  await resolve(ExpressServer);
20
26
  });
@@ -28,7 +34,7 @@ module.exports = {
28
34
  return new Promise((resolve, reject) => {
29
35
  try {
30
36
  // base get request
31
- _app_.get('/', (req, res) => {
37
+ endpoint.get('/', (req, res) => {
32
38
  res.status(200).json({
33
39
  code: 200,
34
40
  status: "SUCCESS",
@@ -36,7 +42,7 @@ module.exports = {
36
42
  });
37
43
  });
38
44
  // request 404 not found
39
- _app_.use((req, res, next) => {
45
+ endpoint.use((req, res, next) => {
40
46
  res.status(404).json({
41
47
  code: 404,
42
48
  status: "404_NOT_FOUND",
@@ -51,23 +57,23 @@ module.exports = {
51
57
  }
52
58
  });
53
59
  },
54
- addOn() {
60
+ scheduler() {
55
61
  return new Promise((resolve, reject) => {
56
62
  try {
57
- // check add-on file exists ?
58
- if (_config_.addOn) {
59
- if (fs.existsSync(appRoot + "/src/Add-on.js")) {
60
- console.log("- Add-On: ON");
61
- let add_on = require(appRoot + "/src/Add-on.js");
62
- if(add_on.init()) {
63
+ // check Scheduler file exists ?
64
+ if (_config_.scheduler) {
65
+ if (fs.existsSync(appRoot + "/src/Scheduler.js")) {
66
+ console.log("- Job Skd: ON");
67
+ let skd = require(appRoot + "/src/Scheduler.js");
68
+ if(skd.init()) {
63
69
  resolve(true);
64
70
  }
65
71
  } else {
66
- console.log("- Add-On: OFF");
72
+ console.log("- Job Skd: OFF");
67
73
  resolve(true);
68
74
  }
69
75
  } else {
70
- console.log("- Add-On: OFF");
76
+ console.log("- Job Skd: OFF");
71
77
  resolve(true);
72
78
  }
73
79
  } catch (error) {
@@ -135,37 +141,38 @@ module.exports = {
135
141
  checkPassport.then(passportChecked => {
136
142
  if(passportChecked) {
137
143
  if (passport_config_file_exists && jwt_allow && jwt_db_allow) {
138
- // declare authentication endpoint name
139
- const auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
144
+ // declare authentication endpoint name with publicPath
145
+ let auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
140
146
  // authentication endpoints
141
- _app_.post(auth_endpoint, (req, res, next) => {
147
+ endpoint.post(auth_endpoint, auth.credentialsGuard, (req, res, next) => {
142
148
  passport.authenticate('local', { session: false }, (err, user, opt) => {
143
149
  if (err) {
144
- res.status(502).json({
145
- code: 502,
146
- status: 'BAD_GATEWAY',
147
- message: err
148
- });
150
+ res.status(502).json({ code: 502, status: "BAD_GATEWAY", message: String(err) });
151
+ return;
149
152
  }
150
153
  if (user) {
151
154
  const accessToken = jwt.sign(user, passport_config.secret, {
152
155
  expiresIn: passport_config.token_expired
153
156
  });
154
- if (passport_config.app_key_allow) {
155
- if (req.headers.app_key) {
156
- if (_config_.main_config.app_key == req.headers.app_key) {
157
- res.status(200).json({
158
- code: 200,
159
- status: "AUTHORIZED",
160
- user,
161
- accessToken
162
- });
157
+ // check guard fields
158
+ if(passport_config.model.guard.guard_field.length) {
159
+ TwoFactor(user, req.body, passport_config.model.guard.guard_field, (err, twoFaUserRes) => {
160
+ if(err) {
161
+ res.status(twoFaUserRes.code).json(twoFaUserRes);
162
+ return;
163
163
  } else {
164
- res.status(401).json({ code: 401, message: "Unauthorized with wrong key." });
164
+ if(twoFaUserRes.length) {
165
+ res.status(200).json({
166
+ code: 200,
167
+ status: "AUTHORIZED",
168
+ user: twoFaUserRes[0],
169
+ accessToken
170
+ });
171
+ } else {
172
+ res.status(401).json({ code: 401, status: "UNAUTHORIZED", message: "Unauthorized guard." });
173
+ }
165
174
  }
166
- } else {
167
- res.status(422).json({ code: 422, message: "Unprocessable Entity." });
168
- }
175
+ });
169
176
  } else {
170
177
  res.status(200).json({
171
178
  code: 200,
@@ -175,24 +182,53 @@ module.exports = {
175
182
  });
176
183
  }
177
184
  } else if (opt) {
178
- res.status(422).json({ code: 422, message: "Unprocessable Entity." });
185
+ res.status(400).json({
186
+ code: 400,
187
+ status: 'BAD_REQUEST',
188
+ message: "Bad request.",
189
+ info: {
190
+ status: "BAD_ENTITY",
191
+ message: "Bad options Entity."
192
+ },
193
+ });
179
194
  } else {
180
- res.status(401).json({ code: 401, message: "Unauthorized." });
195
+ res.status(401).json({ code: 401, status: "UNAUTHORIZED", message: "Unauthorized user." });
181
196
  }
182
197
  })(req, res, next);
183
198
  });
184
199
  // create auth data endpoints
185
- _app_.post(auth_endpoint + '/create', (req, res) => {
200
+ endpoint.post(auth_endpoint + '/create', auth.credentialsGuard, (req, res) => {
186
201
  const promise = new Promise((resolve) => {
187
- if (passport_config.app_key_allow) {
202
+ /**
203
+ *
204
+ * [Disabled IF Condition AUTO pass to ELSE] add 0 (zero) in IF condition for closed app_key in headers for create new auth.
205
+ *
206
+ */
207
+ if (0 && passport_config.app_key_allow) {
188
208
  if (req.headers.app_key) {
189
209
  if (_config_.main_config.app_key == req.headers.app_key) {
190
210
  resolve(true);
191
211
  } else {
192
- res.status(401).json({ code: 401, message: "Unauthorized with wrong key." });
212
+ res.status(400).json({
213
+ code: 400,
214
+ status: 'BAD_REQUEST',
215
+ message: "Bad request.",
216
+ info: {
217
+ status: "BAD_VALUE",
218
+ message: "Bad with wrong key."
219
+ },
220
+ });
193
221
  }
194
222
  } else {
195
- res.status(422).json({ code: 422, message: "Unprocessable Entity." });
223
+ res.status(400).json({
224
+ code: 400,
225
+ status: 'BAD_REQUEST',
226
+ message: "Bad request.",
227
+ info: {
228
+ status: "BAD_ENTITY",
229
+ message: "Bad application key Entity."
230
+ },
231
+ });
196
232
  }
197
233
  } else {
198
234
  resolve(true);
@@ -200,18 +236,14 @@ module.exports = {
200
236
  });
201
237
  // store data
202
238
  Promise.all([promise])
203
- .then((secret) => {
204
- if(secret) {
205
- User.Store(req.body, (err, result) => {
206
- if (err) {
207
- res.status(501).json({ code: 501, status: "CREATE_FAILED", error: err });
208
- } else {
209
- res.status(201).json({ code: 201, status: "CREATE_SUCCESS", result });
210
- }
211
- });
212
- } else {
213
- res.status(501).json({ code: 501, status: "NOT_IMPLIMENTED" });
214
- }
239
+ .then(() => {
240
+ User.Store(req.body, (err, result) => {
241
+ if (err) {
242
+ res.status(501).json({ code: 501, status: "CREATE_FAILED", error: err });
243
+ } else {
244
+ res.status(201).json({ code: 201, status: "CREATE_SUCCESS", result });
245
+ }
246
+ });
215
247
  })
216
248
  .catch(err => {
217
249
  res.status(501).json({ code: 501, status: "NOT_IMPLIMENTED", error: err
@@ -219,17 +251,33 @@ module.exports = {
219
251
  });
220
252
  });
221
253
  // patch auth data endpoints
222
- _app_.patch(auth_endpoint + '/update/:id', auth.credentials, (req, res) => {
254
+ endpoint.patch(auth_endpoint + '/update/:id', auth.credentials, (req, res) => {
223
255
  const promise = new Promise((resolve) => {
224
256
  if (passport_config.app_key_allow) {
225
257
  if (req.headers.app_key) {
226
258
  if (_config_.main_config.app_key == req.headers.app_key) {
227
259
  resolve(true);
228
260
  } else {
229
- res.status(401).json({ code: 401, message: "Unauthorized with wrong key." });
261
+ res.status(400).json({
262
+ code: 400,
263
+ status: 'BAD_REQUEST',
264
+ message: "Bad request.",
265
+ info: {
266
+ status: "BAD_VALUE",
267
+ message: "Bad with wrong key."
268
+ },
269
+ });
230
270
  }
231
271
  } else {
232
- res.status(422).json({ code: 422, message: "Unprocessable Entity." });
272
+ res.status(400).json({
273
+ code: 400,
274
+ status: 'BAD_REQUEST',
275
+ message: "Bad request.",
276
+ info: {
277
+ status: "BAD_ENTITY",
278
+ message: "Bad application key Entity."
279
+ },
280
+ });
233
281
  }
234
282
  } else {
235
283
  resolve(true);
@@ -237,19 +285,15 @@ module.exports = {
237
285
  });
238
286
  // update data
239
287
  Promise.all([promise])
240
- .then((secret) => {
241
- if(secret) {
242
- // require some fields with body params
243
- User.Update(req.body, req.params.id, (err, result) => {
244
- if (err) {
245
- res.status(501).json({ code: 501, status: "UPDATE_FAILED", error: err });
246
- } else {
247
- res.status(200).json({ code: 200, status: "UPDATE_SUCCESS", result });
248
- }
249
- });
250
- } else {
251
- res.status(501).json({ code: 501, status: "NOT_IMPLIMENTED" });
252
- }
288
+ .then(() => {
289
+ // require some fields with body params
290
+ User.Update(req.body, req.params.id, (err, result) => {
291
+ if (err) {
292
+ res.status(501).json({ code: 501, status: "UPDATE_FAILED", error: err });
293
+ } else {
294
+ res.status(200).json({ code: 200, status: "UPDATE_SUCCESS", result });
295
+ }
296
+ });
253
297
  })
254
298
  .catch(err => {
255
299
  res.status(501).json({ code: 501, status: "NOT_IMPLIMENTED", error: err
@@ -261,7 +305,7 @@ module.exports = {
261
305
  *
262
306
  */
263
307
  if (passport_config.strategy.google.allow) {
264
- _app_.get(auth_endpoint + '/google', passport.authenticate('google', {
308
+ endpoint.get(auth_endpoint + '/google', passport.authenticate('google', {
265
309
  scope: [
266
310
  'https://www.googleapis.com/auth/userinfo.email',
267
311
  'https://www.googleapis.com/auth/plus.login'
@@ -269,7 +313,7 @@ module.exports = {
269
313
  }));
270
314
  // google auth callback
271
315
  const googleCallback = (passport_config.strategy.google.callbackURL) ? (passport_config.strategy.google.callbackURL[ 0 ] === "/" ? passport_config.strategy.google.callbackURL : "/" + passport_config.strategy.google.callbackURL) : "/google/callback";
272
- _app_.get(auth_endpoint + googleCallback, passport.authenticate('google', { failureRedirect: passport_config.strategy.google.failureRedirect, failureMessage: true }), (req, res) => {
316
+ endpoint.get(auth_endpoint + googleCallback, passport.authenticate('google', { failureRedirect: passport_config.strategy.google.failureRedirect, failureMessage: true }), (req, res) => {
273
317
  if (typeof req.user.user !== 'undefined') {
274
318
  // declare user for sign JWT
275
319
  let user = JSON.parse(JSON.stringify(req.user.user));
@@ -318,10 +362,10 @@ module.exports = {
318
362
  *
319
363
  */
320
364
  if (passport_config.strategy.facebook.allow) {
321
- _app_.get(auth_endpoint + '/facebook', passport.authenticate('facebook', { scope: [ 'email', 'public_profile' ] }));
365
+ endpoint.get(auth_endpoint + '/facebook', passport.authenticate('facebook', { scope: [ 'email', 'public_profile' ] }));
322
366
  // facebook callback
323
367
  const facebookCallback = (passport_config.strategy.facebook.callbackURL) ? (passport_config.strategy.facebook.callbackURL[ 0 ] === "/" ? passport_config.strategy.facebook.callbackURL : "/" + passport_config.strategy.facebook.callbackURL) : "/facebook/callback";
324
- _app_.get(auth_endpoint + facebookCallback, passport.authenticate('facebook', { failureRedirect: passport_config.strategy.facebook.failureRedirect, failureMessage: true }), (req, res) => {
368
+ endpoint.get(auth_endpoint + facebookCallback, passport.authenticate('facebook', { failureRedirect: passport_config.strategy.facebook.failureRedirect, failureMessage: true }), (req, res) => {
325
369
  if (typeof req.user.user !== 'undefined') {
326
370
  // declare user for sign JWT
327
371
  let user = JSON.parse(JSON.stringify(req.user.user));
package/packages/lib/index.js CHANGED
@@ -1,4 +1,6 @@
1
1
  const { Base } = require("./src/endpoint");
2
2
  const { Schema } = require("./src/schema");
3
3
  const { Store, Update } = require("./src/user");
4
- module.exports = { Base, Schema, Store, Update };
4
+ const { Guard } = require("./src/guard");
5
+ const { specificExpress } = require("./src/specificExpress");
6
+ module.exports = { Base, Schema, Store, Update, Guard, specificExpress };