npm - beech-api - Versions diffs - 3.8.0 → 3.9.0-beta.8-rc - Mend

beech-api 3.8.0 → 3.9.0-beta.8-rc

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/README.md +498 -130
package/package.json +12 -12
package/packages/cli/bin/beech-app.js +3 -3
package/packages/cli/bin/beech-service.js +61 -25
package/packages/cli/core/auth/Credentials.js +92 -87
package/packages/cli/core/auth/Passport.js +111 -39
package/packages/cli/core/configure/passport.config.js +1 -1
package/packages/cli/core/databases/mysql.js +1 -1
package/packages/cli/core/databases/sequelize.js +15 -6
package/packages/cli/core/databases/test.js +124 -38
package/packages/cli/core/generator/_models +3 -26
package/packages/cli/core/generator/_models_basic +0 -9
package/packages/cli/core/generator/_package +2 -2
package/packages/cli/core/generator/index.js +197 -23
package/packages/cli/core/helpers/2fa.js +22 -1
package/packages/cli/core/helpers/math.js +14 -2
package/packages/cli/core/helpers/poolEntity.js +70 -26
package/packages/cli/core/index.js +8 -3
package/packages/cli/core/middleware/express/jwtCheckAllow.js +52 -34
package/packages/cli/core/middleware/origin/guard/advance.js +5 -4
package/packages/cli/core/services/http.express.js +0 -2
package/packages/lib/src/endpoint.js +306 -103
package/packages/lib/src/schema.js +4 -1

package/packages/cli/core/helpers/2fa.js CHANGED Viewed

@@ -1,5 +1,9 @@
+const fs = require("fs");
 const { FindOne } = require("../../../lib/src/user");
 const { findPassportPk } = require("./poolEntity");
+const passport_config_file = appRoot + "/passport.config.js";
+const md5 = require("md5");
+const secret = require("../../../lib/src/salt").salt;
 function TwoFactor(user, reqBody, guard_field, cb) {
   try {
@@ -8,6 +12,22 @@ function TwoFactor(user, reqBody, guard_field, cb) {
         cb(true, err);
       } else {
         if(userId.length) {
+          if (fs.existsSync(passport_config_file)) {
+            passport_config = require(passport_config_file);
+          } else {
+            cb(true, {
+              code: 500,
+              status: "INTERNAL_SERVER_ERR",
+              error: {
+                code: 404,
+                status: "ERROR_FILE_NOT_EXISTS",
+                message: "The file passport.config.js not exists!",
+              }
+            });
+            return;
+          }
+          let usrField = passport_config.model.username_field || "username";
+          let pwdField = passport_config.model.password_field || "password"
           // filter without base user, pass
           let without_base = Object.keys(reqBody).map((k) => {
             return guard_field.filter((e) => e == k)[0];
@@ -19,7 +39,8 @@ function TwoFactor(user, reqBody, guard_field, cb) {
           // check length match ?
           if(x.length == guard_field.length) {
             let z = {};
-            z[userId[0]] = user.id;
+            z[usrField] = reqBody[usrField];
+            z[pwdField] = md5(reqBody[pwdField] + secret);
             x.map((guard) => {
               z[guard] = reqBody[guard];
             });

package/packages/cli/core/helpers/math.js CHANGED Viewed

@@ -34,7 +34,19 @@ function getAppKey(cb) {
 function HashIt(txt, app_key, iteration = 10000, len = 10, cb) {
   const crypIt = new Cryptr(secret.toString().concat(app_key.toString()), { encoding: "base64url", pbkdf2Iterations: iteration, saltLength: len, });
-  cb(crypIt.encrypt(txt.concat(md5(secret).toString().slice(0,len+1))));
+  let result = "";
+  let loop = 0;
+  const maxLoop = 10;
+  do {
+    const payload = txt.concat(md5(secret).toString().slice(0, len + 1));
+    result = crypIt.encrypt(payload);
+    loop++;
+    if (loop >= maxLoop) {
+      console.log("\n[101m FAIL [0m Hash loop limit exceeded, Try again.");
+      return;
+    }
+  } while (/[+-]/.test(result)); // reject -, +
+  cb(result);
 }
 function DeHashIt(txtHashed, iteration = 10000, len = 10, cb) {
@@ -43,7 +55,7 @@ function DeHashIt(txtHashed, iteration = 10000, len = 10, cb) {
       if(err) {
         cb(err, null);
       } else {
-        const crypIt = new Cryptr(secret.toString().concat(app_key.toString()), { encoding: "base64url", pbkdf2Iterations: iteration, saltLength: len, });
+        const crypIt = new Cryptr(secret.toString().concat(app_key.toString()), { encoding: "base64", pbkdf2Iterations: iteration, saltLength: len, });
         let decryped = crypIt.decrypt(txtHashed);
         cb(false, decryped.concat(md5(secret).toString()));
       }

package/packages/cli/core/helpers/poolEntity.js CHANGED Viewed

@@ -1,34 +1,60 @@
-function findPassportPk(pool_base, pool, passportTable, passportConfigField, cb) {
+async function findPassportPk(pool_base, pool, passportTable, passportConfigField, cb) {
   try {
-    if(passportConfigField.length) {
-      cb(null, passportConfigField);
-    } else {
-      if(pool_base == "basic") {
-        // pool base is Basic
-        pool.query("SHOW KEYS FROM " + passportTable + " WHERE Key_name = 'PRIMARY'", (err, pk) => {
-          if(err) {
-            throw "Authentication table: " + err;
+    let finalPassportField = [];
+    // Push and Replace it
+    const pushOrReplace = (arr, value) => {
+      arr = arr.filter(v => !value.includes(v));
+      arr = [...value, ...arr];
+      return arr;
+    }
+    // Check pool engine
+    if(pool_base == "basic") {
+      // pool base is Basic
+      pool.query("SHOW KEYS FROM " + passportTable + " WHERE Key_name = 'PRIMARY'", (err, pk) => {
+        if(err) {
+          throw "Authentication table: " + err;
+        } else {
+          if(passportConfigField.length) {
+            finalPassportField = pushOrReplace(passportConfigField, [pk[0].Column_name]);
+            cb(null, finalPassportField);
           } else {
             cb(null, [pk[0].Column_name]);
           }
-        });
-      } else if (pool_base == "sequelize") {
-        // pool base is Sequelize
-        pool.query("SHOW KEYS FROM " + passportTable + " WHERE Key_name = 'PRIMARY'", { type: QueryTypes.SELECT }).then((pk) => {
-          cb(null, [pk[0].Column_name]);
-        }).catch((err) => {
-          throw "Authentication table: " + err;
-        });
-      } else {
-        throw "The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'";
+        }
+      });
+    } else if (pool_base == "sequelize") {
+      // pool base is Sequelize
+      // Find table primaryKey
+      try {
+        const tableInfo = await pool.getQueryInterface().describeTable(String(passportTable));
+        const primaryKeys = Object.entries(tableInfo).filter(([columnName, columnInfo]) => columnInfo.primaryKey).map(([columnName]) => columnName);
+        if(primaryKeys.length) {
+          if(passportConfigField.length) {
+            finalPassportField = pushOrReplace(passportConfigField, primaryKeys);
+            cb(null, finalPassportField);
+          } else {
+            cb(null, primaryKeys);
+          }
+        } else {
+          if(passportConfigField.length) {
+            finalPassportField = pushOrReplace(passportConfigField, [Object.keys(tableInfo)[0]]);
+            cb(null, finalPassportField);
+          } else {
+            cb(null, [Object.keys(tableInfo)[0]]);
+          }
+        }
+      } catch (error) {
+        throw `Query Interface ${error}`;
       }
+    } else {
+      throw "The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'";
     }
   } catch (error) {
     cb(error, null);
   }
 }
-function checkAuthFields(pool_base, pool, passportTable, passportConfigField, cb) {
+async function checkAuthFields(pool_base, pool, passportTable, passportConfigField, cb) {
   try {
     if(passportConfigField.length) {
       if(pool_base == "basic") {
@@ -42,18 +68,36 @@ function checkAuthFields(pool_base, pool, passportTable, passportConfigField, cb
         });
       } else if (pool_base == "sequelize") {
         // pool base is Sequelize
-        pool.query("SELECT "+ passportConfigField.join(",") +" FROM " + passportTable + " LIMIT 1", { type: QueryTypes.SELECT }).then((result) => {
-          cb(null, [result]);
-        }).catch((err) => {
-          cb(`Authentication table: '${passportTable}' ${err}`, null);
-        });
+        // Check assing fields exists
+        const checkColumnsExist = async (tableName, fields = []) => {
+          const queryInterface = pool.getQueryInterface();
+          try {
+            const tableDescription = await queryInterface.describeTable(tableName);
+            const result = {};
+            for (const column of fields) {
+              result[column] = tableDescription.hasOwnProperty(column);
+            }
+            return result;
+          } catch (error) {
+            throw `Query Interface ${error}`;
+          }
+        }
+        const openFields = await checkColumnsExist(passportTable, passportConfigField);
+        const assignFieldsIsWhitelist = Object.values(openFields).includes(false) ? false : true;
+        if(assignFieldsIsWhitelist) {
+          cb(null, openFields);
+        } else {
+          cb(`Authentication table fields error: '${passportTable}' => [${passportConfigField}]`, null);
+        }
       } else {
         cb("The Base pool error. UNKNOWN pool_base = '"+ pool_base +"'", null);
       }
+    } else {
+      cb(null, []);
     }
   } catch (error) {
     cb(error, null);
   }
 }
-module.exports = { findPassportPk, checkAuthFields }
+module.exports = { findPassportPk, checkAuthFields };

package/packages/cli/core/index.js CHANGED Viewed

@@ -164,9 +164,11 @@ init = async (jsfiles) => {
     Promise.all([testConnectToDB]).then(async (x) => {
       if (x[0]) {
         await (pool_base == "basic" ? new Promise((resolve) => resolve(mySqlDbConnect.connect())) : new Promise((resolve) => resolve(SequelizeDbConnect.connect())));
-          await authPassport.init().then(async (x) => {
-            if (x[0]) {
-              throw x[0];
+          await authPassport.init().then(async (p) => {
+            if (p[0]) {
+              console.log("\n[101m Init failed [0m", p[0]);
+              return;
+              //throw p[0];
             } else {
               await new Promise((resolve) => resolve(fileWalk.fileWalk(jsfiles)));
               await (pool_base == "basic" ? new Promise((resolve) => resolve()) : new Promise((resolve) => resolve(Base())));
@@ -176,6 +178,9 @@ init = async (jsfiles) => {
                 });
               });
             }
+          }).catch((err) => {
+            console.log("[101m Catch init failed [0m", err);
+            throw err;
           });
       }
     });

package/packages/cli/core/middleware/express/jwtCheckAllow.js CHANGED Viewed

@@ -1,8 +1,9 @@
 const passport = require("passport");
 const checkRoleMiddleware = (options) => {
-  return function (req, res, next) {
+  return (req, res, next) => {
     if(!Array.isArray(options)) {
+      // Perfectly with options is not type Array
       return next();
     } else {
       passport.authenticate("jwt", {
@@ -10,7 +11,7 @@ const checkRoleMiddleware = (options) => {
       }, (err, user, info) => {
         // error check
         if (err) {
-          console.log(err, info);
+          //console.log(err, info);
           return res.status(403).json({
             code: 403,
             status: "FORBIDDEN",
@@ -20,49 +21,66 @@ const checkRoleMiddleware = (options) => {
             },
           });
         } else {
-          let isPerfectly = true;
-          options.forEach((element, key) => {
-            let checkVal = Object.values(element).flat();
-            let checkKey = Object.keys(element);
-            if(user && user[checkKey]) {
-              if(checkVal.includes(user[checkKey])) {
-                if(options.length -1 === key) {
-                  if(isPerfectly) {
-                    // Perfectly
-                    return next();
-                  }
-                }
-              } else {
-                if(isPerfectly) {
-                  res.status(403).json({
-                    code: 403,
-                    status: "FORBIDDEN",
-                    message: "Forbidden: Insufficient role",
-                  });
-                }
-                isPerfectly = false;
-              }
+          if(!options.length) {
+            // Perfectly with no options
+            return next();
+          } else {
+            const allowed = options.some(rule => {
+              Object.entries(rule).every(([key, condition]) => {
+                return matchCondition(user?.[key], condition, user);
+              })
+            });
+            if (allowed) {
+              return next();
             } else {
-              if(isPerfectly) {
-                res.status(403).json({
-                  code: 403,
-                  status: "FORBIDDEN",
-                  message: `No ${checkKey} assigned to token.`,
-                });
-              }
-              isPerfectly = false;
+              res.status(403).json({
+                code: 403,
+                status: "FORBIDDEN",
+                message: "Forbidden: Insufficient role",
+                info: {
+                  status: "ROLE_NOT_ALLOWED",
+                  error: "Insufficient role or User token does not have sufficient role.",
+                },
+              });
             }
-          });
+          }
         }
       })(req, res, next);
     }
   }
 }
+const operators = {
+  $eq: (userValue, expected) => userValue === expected,
+  $ne: (userValue, expected) => userValue !== expected,
+  $in: (userValue, expected) => Array.isArray(expected) && expected.includes(userValue),
+  $not: (userValue, expected) => Array.isArray(expected) && !expected.includes(userValue),
+  $regex: (userValue, expected) =>
+    typeof userValue === 'string' && expected instanceof RegExp
+      ? expected.test(userValue)
+      : false,
+  $fn: (userValue, fn, user) => typeof fn === 'function' && fn(userValue, user),
+};
+const matchCondition = (userValue, condition, user) => {
+  // primitive -> eq
+  if (typeof condition !== 'object' || condition instanceof RegExp || Array.isArray(condition)) {
+    return Array.isArray(condition)
+      ? operators.$in(userValue, condition)
+      : operators.$eq(userValue, condition);
+  }
+  // operator object
+  return Object.entries(condition).every(([op, expected]) => {
+    const handler = operators[op];
+    if (!handler) return false;
+    return handler(userValue, expected, user);
+  });
+};
 const checkRoleMiddlewareWithDefaultProject = (options) => {
   return function (req, res, next) {
     return checkRoleMiddleware(options)(req, res, next);
   }
 }
-module.exports = { checkRoleMiddleware, checkRoleMiddlewareWithDefaultProject }
+module.exports = { checkRoleMiddleware, checkRoleMiddlewareWithDefaultProject };

package/packages/cli/core/middleware/origin/guard/advance.js CHANGED Viewed

@@ -14,12 +14,13 @@ function avg(req, res, next) {
   });
   // promise all
   Promise.all([checkPassport]).then((final) => {
-    let item = final[0];
-    let passport_config = item[1];
     /**
      * item[0] : Boolean = passport file found.
-     * item[1] : Object  = passport object.
+     * item[1] : Object  = passport object. (for check on/off)
      */
+    let item = final[0];
+    let passport_config = item[1];
+    // check passport file exists ?, when not exists go to next
     if(item[0]) {
       if ((passport_config.model.guard.advanced_guard) ? passport_config.model.guard.advanced_guard.allow : false) {
         let advanced_guard_entity = req.headers[passport_config.model.guard.advanced_guard.entity || "timing"];
@@ -47,7 +48,7 @@ function avg(req, res, next) {
               message: "Bad request.",
               info: {
                 status: "BAD_VALUE",
-                message: "Bad with wrong Advance guard."
+                message: "Bad with wrong Advance guard key."
               },
             });
           }

package/packages/cli/core/services/http.express.js CHANGED Viewed

@@ -3,8 +3,6 @@ const fs = require("fs");
 const passport_config_file = "/passport.config.js";
 const auth = require("../auth/Credentials");
 const { TwoFactor } = require("../helpers/2fa");
-const { avgDeHashIt } = require(__dirname + "/../helpers/math");
-const moment = require("moment");
 module.exports = {
   expressStart() {