npm - beech-api - Versions diffs - 3.7.23 → 3.8.0 - Mend

beech-api 3.7.23 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/README.md +490 -168
package/index.js +2 -2
package/package.json +8 -1
package/packages/cli/beech +2 -2
package/packages/cli/bin/beech-app.js +10 -8
package/packages/cli/bin/beech-service.js +1 -1
package/packages/cli/core/auth/Credentials.js +139 -89
package/packages/cli/core/auth/Passport.js +264 -164
package/packages/cli/core/auth/_Request.js +1 -1
package/packages/cli/core/configure/app.config-basic.js +2 -2
package/packages/cli/core/configure/app.config-sequelize.js +2 -2
package/packages/cli/core/configure/beech.config.js +1 -0
package/packages/cli/core/configure/passport.config.js +33 -13
package/packages/cli/core/databases/sequelize.js +3 -0
package/packages/cli/core/databases/test.js +5 -3
package/packages/cli/core/generator/_endpoints +5 -9
package/packages/cli/core/generator/_endpoints_basic +11 -8
package/packages/cli/core/generator/_help +1 -1
package/packages/cli/core/generator/_models +5 -4
package/packages/cli/core/generator/_models_basic +2 -2
package/packages/cli/core/generator/_package +5 -1
package/packages/cli/core/generator/{_add-on → _scheduler} +1 -1
package/packages/cli/core/generator/_spec +15 -10
package/packages/cli/core/generator/index.js +19 -44
package/packages/cli/core/helpers/2fa.js +85 -0
package/packages/cli/core/helpers/math.js +55 -7
package/packages/cli/core/helpers/poolEntity.js +29 -1
package/packages/cli/core/index.js +65 -34
package/packages/cli/core/middleware/express/duplicateRequest.js +12 -0
package/packages/cli/core/middleware/express/jwtCheckAllow.js +68 -0
package/packages/cli/core/middleware/express/rateLimit.js +17 -0
package/packages/cli/core/middleware/express/slowDown.js +2 -0
package/packages/cli/core/middleware/index.js +6 -0
package/packages/cli/core/middleware/origin/guard/advance.js +74 -0
package/packages/cli/core/{origin → middleware/origin}/whitelist/cors.js +15 -12
package/packages/cli/core/services/http.express.js +116 -72
package/packages/lib/index.js +3 -1
package/packages/lib/src/endpoint.js +523 -89
package/packages/lib/src/guard.js +61 -0
package/packages/lib/src/schema.js +57 -26
package/packages/lib/src/specificExpress.js +7 -0
package/packages/lib/src/user.js +94 -18
package/packages/cli/core/origin/index.js +0 -2

package/packages/lib/src/schema.js CHANGED Viewed

@@ -1,33 +1,64 @@
+const { Transaction } = require("sequelize");
+let isolationLevel = { isolationLevel: Transaction.ISOLATION_LEVELS.SERIALIZABLE };
 function Schema(Sequelize) {
   return {
-    define: (table, schemaProps = {}) => {
-      let Project = Sequelize.define(table, schemaProps);
-      return Object.assign(Project, {
-        query: (
-          rawSql,
-          props = {
-            model: Project,
-            mapToModel: false,
-          }
-        ) => {
-          return new Promise((resolve) => {
-            if (props.mapToModel) {
-              let data = Sequelize.query(rawSql, props);
-              let results = [];
-              mapDataToModel(data, props.model, results, (err, r) => {
-                if (err) {
-                  resolve([]);
-                } else {
-                  resolve(r);
-                }
-              });
+    define: (table, schemaProps = {}, elementProps = {}) => {
+      try {
+        let Project = Sequelize.define(table, schemaProps, elementProps);
+        return Object.assign(Project, {
+          query: (
+            rawSql,
+            props = {
+              model: Project,
+              mapToModel: false,
+            }
+          ) => {
+            return new Promise((resolve) => {
+              if (props.mapToModel) {
+                let data = Sequelize.query(rawSql, props);
+                let results = [];
+                mapDataToModel(data, props.model, results, (err, r) => {
+                  if (err) {
+                    resolve([]);
+                  } else {
+                    resolve(r);
+                  }
+                });
+              } else {
+                resolve(Sequelize.query(rawSql, props));
+              }
+            });
+          },
+          Sequelize,
+          /**
+           * Transaction
+           *
+           * @param object DEFAULT isolationLevel SERIALIZABLE
+           * @param cb Object
+           *
+           * @returns Object
+           */
+          transaction: async (object, cb = null) => {
+            if(typeof object == "function") {
+              const t = await Sequelize.transaction(isolationLevel);
+              object(t);
+            } else if(cb) {
+              const t = await Sequelize.transaction(object = isolationLevel);
+              cb(t);
             } else {
-              resolve(Sequelize.query(rawSql, props));
+              return await Sequelize.transaction(object = isolationLevel);
             }
-          });
-        },
-        Sequelize,
-      });
+          },
+        });
+      } catch (error) {
+        let errTurnOffDbDefine = JSON.stringify(error.toString()).match(/'define'/);
+        let errTurnOffDbOption = JSON.stringify(error.toString()).match(/'options'/);
+        if(errTurnOffDbDefine || errTurnOffDbOption) {
+          console.log(`\n[101m Failed [0m Database connection name is CLOSED.\n`, error);
+        } else {
+          console.log("\n[101m Failed [0m", error);
+        }
+      }
     },
   };
 }

package/packages/lib/src/specificExpress.js ADDED Viewed

@@ -0,0 +1,7 @@
+const { rateLimit } = require("../../cli/core/middleware/express/rateLimit");
+const { slowDown } = require("../../cli/core/middleware/express/slowDown");
+const { duplicateRequest } = require("../../cli/core/middleware/express/duplicateRequest");
+let specificExpress = () => {
+  return { rateLimit, slowDown, duplicateRequest };
+};
+module.exports = { specificExpress };

package/packages/lib/src/user.js CHANGED Viewed

@@ -1,4 +1,3 @@
-const appRoot = require("app-root-path");
 const md5 = require("md5");
 const secret = require("./salt").salt;
 const { findPassportPk } = require("../../cli/core/helpers/poolEntity");
@@ -7,7 +6,7 @@ async function FindOne(fields, fieldCondArr, cb) {
   try {
     const passport_config = require(appRoot + "/passport.config.js");
     let stm = '';
-    let cond = '1';
+    let cond = '1=1';
     let passportTable = await [passport_config.model.table || "users"];
     const pool = await eval("sql." + passport_config.model.name);
     let expectFields = await (fields[0]) ? fields : (passport_config.model.fields.length) ? passport_config.model.fields : [];
@@ -15,15 +14,17 @@ async function FindOne(fields, fieldCondArr, cb) {
       if(err) {
         cb(err, null);
       } else {
+        let dynReplacement = [];
         // Generate condition
-        await Object.keys(fieldCondArr).forEach(key => {
-          cond += ' AND ' + key + '=' + fieldCondArr[key]
+        Object.keys(fieldCondArr).forEach(key => {
+          cond += ` AND ${key} = ?`;
+          dynReplacement.push(fieldCondArr[key]);
         });
         // check base pool
         if (pool_base == "basic") {
           // pool base is MySQL
-          stm += 'SELECT ?? FROM ?? WHERE ' + cond;
-          await pool.query(stm, [passportFields, passportTable], (err, row) => {
+          stm += 'SELECT ?? FROM ?? WHERE ' + cond + ' LIMIT 1;';
+          await pool.query(stm, [passportFields, passportTable, ...dynReplacement], (err, row) => {
             if(err) {
               cb(err, null);
             } else {
@@ -35,11 +36,26 @@ async function FindOne(fields, fieldCondArr, cb) {
           try {
             stm += `SELECT ${passportFields} FROM ${passportTable} WHERE ` + cond;
             let result = await pool.query(stm, {
+              replacements: [...dynReplacement],
               type: QueryTypes.SELECT
             });
             return cb(null, result);
           } catch (error) {
-            return cb(error.errors[0], null);
+            if(error.sql) {
+              delete error.sql;
+              if(error.parent) {
+                delete error.parent;
+              }
+              if(error.original) {
+                delete error.original.sql;
+              }
+              if(error.parameters) {
+                delete error.parameters;
+              }
+              return cb(error, null);
+            } else {
+              return cb(String(error), null);
+            }
           }
         } else {
           return cb({ error: "The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'" }, null);
@@ -71,14 +87,14 @@ async function Store(fields, cb) {
       }
       if(key == passwordField) {
         haveUsernameAndPassword += 1;
+        // asign pwd hash
+        fields[passwordField] = md5(fields[passwordField] + secret);
       }
       keys.push(key);
       values.push(fields[key]);
       escaped.push('?');
     });
     if(haveUsernameAndPassword > 1) {
-      // asign password hash
-      fields[passwordField] = md5(fields[passwordField] + secret);
       // check base pool
       if (pool_base == "basic") {
         // pool base is MySQL
@@ -108,7 +124,25 @@ async function Store(fields, cb) {
             affectedRows: result[1]
           });
         } catch (error) {
-          return cb(error.errors[0], null);
+          if(pool.options.logging) {
+            return cb(error, null);
+          } else {
+            if(error.sql) {
+              delete error.sql;
+              if(error.parent) {
+                delete error.parent;
+              }
+              if(error.original) {
+                delete error.original.sql;
+              }
+              if(error.parameters) {
+                delete error.parameters;
+              }
+              return cb(error, null);
+            } else {
+              return cb(String(error), null);
+            }
+          }
         }
       } else {
         return cb({ error: "The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'" }, null);
@@ -155,7 +189,7 @@ async function Update(someFields, id, cb) {
               cb(error, null);
             } else {
               cb(null, {
-                updateId: parseInt(id),
+                updateId: (result.changedRows) ? parseInt(id) : null,
                 affectedRows: result.changedRows
               });
             }
@@ -173,17 +207,59 @@ async function Update(someFields, id, cb) {
             type: QueryTypes.UPDATE
           }).then((result) => {
             return cb(null, {
-              updateId: parseInt(id),
-              affectedRows: result[1]
+              updateId: (result[1]) ? parseInt(id) : null,
+              affectedRows: result[1],
             });
-          }).catch((err) => {
-            return cb(err.errors[0], null);
+          }).catch((error) => {
+            if(pool.options.logging) {
+              return cb(error, null);
+            } else {
+              if(error.sql) {
+                delete error.sql;
+                if(error.errors) {
+                  delete error.errors;
+                }
+                if(error.parent) {
+                  delete error.parent;
+                }
+                if(error.original) {
+                  delete error.original.sql;
+                }
+                if(error.parameters) {
+                  delete error.parameters;
+                }
+                return cb(error, null);
+              } else {
+                return cb(String(error), null);
+              }
+            }
           });
-        }).catch((err) => {
-          return cb(err, null);
+        }).catch((error) => {
+          if(pool.options.logging) {
+            return cb(error, null);
+          } else {
+            if(error.sql) {
+              delete error.sql;
+              if(error.errors) {
+                delete error.errors;
+              }
+              if(error.parent) {
+                delete error.parent;
+              }
+              if(error.original) {
+                delete error.original.sql;
+              }
+              if(error.parameters) {
+                delete error.parameters;
+              }
+              return cb(error, null);
+            } else {
+              return cb(String(error), null);
+            }
+          }
         });
       } catch (error) {
-        return cb(error.errors[0], null);
+        return cb(error, null);
       }
     } else {
       return cb({ error: "The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'" }, null);

package/packages/cli/core/origin/index.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- const { whitelist, sign } = require("./whitelist/cors");
2	- module.exports = { whitelist, sign };