beech-api 3.8.0 → 3.9.75
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -21
- package/README.md +1715 -1244
- package/index.js +2 -2
- package/package.json +92 -83
- package/packages/cli/beech +9 -10
- package/packages/cli/bin/beech-app.js +389 -389
- package/packages/cli/bin/beech-service.js +262 -132
- package/packages/cli/core/auth/Credentials.js +174 -147
- package/packages/cli/core/auth/Passport.js +664 -592
- package/packages/cli/core/auth/_Request.js +12 -12
- package/packages/cli/core/configure/_gitignore +16 -15
- package/packages/cli/core/configure/_sequelizerc +9 -9
- package/packages/cli/core/configure/app.config-basic.js +55 -55
- package/packages/cli/core/configure/app.config-sequelize.js +88 -88
- package/packages/cli/core/configure/beech.config.js +9 -9
- package/packages/cli/core/configure/global.config-basic.js +8 -8
- package/packages/cli/core/configure/global.config-sequelize.js +8 -8
- package/packages/cli/core/configure/jest.config.js +6 -6
- package/packages/cli/core/configure/jsconfig.json +8 -7
- package/packages/cli/core/configure/passport.config.js +97 -97
- package/packages/cli/core/databases/mysql.js +94 -95
- package/packages/cli/core/databases/sequelize.js +187 -179
- package/packages/cli/core/databases/test.js +251 -170
- package/packages/cli/core/file-walk/file-walk.js +35 -35
- package/packages/cli/core/generator/_endpoints +15 -15
- package/packages/cli/core/generator/_endpoints_basic +42 -42
- package/packages/cli/core/generator/_help +26 -18
- package/packages/cli/core/generator/_help_create +10 -10
- package/packages/cli/core/generator/_help_service +10 -10
- package/packages/cli/core/generator/_helpers +9 -9
- package/packages/cli/core/generator/_helpers_basic +22 -22
- package/packages/cli/core/generator/_models +6 -29
- package/packages/cli/core/generator/_models_basic +13 -22
- package/packages/cli/core/generator/_package +23 -20
- package/packages/cli/core/generator/_scheduler +32 -22
- package/packages/cli/core/generator/_spec +29 -29
- package/packages/cli/core/generator/index.js +1081 -738
- package/packages/cli/core/helpers/2fa.js +106 -85
- package/packages/cli/core/helpers/math.js +115 -103
- package/packages/cli/core/helpers/poolEntity.js +103 -59
- package/packages/cli/core/index.js +264 -188
- package/packages/cli/core/middleware/express/duplicateRequest.js +16 -12
- package/packages/cli/core/middleware/express/jwtCheckAllow.js +86 -68
- package/packages/cli/core/middleware/express/rateLimit.js +29 -17
- package/packages/cli/core/middleware/express/slowDown.js +2 -2
- package/packages/cli/core/middleware/index.js +6 -6
- package/packages/cli/core/middleware/origin/guard/advance.js +75 -74
- package/packages/cli/core/middleware/origin/whitelist/cors.js +94 -94
- package/packages/cli/core/services/http.express.js +481 -441
- package/packages/cli/core/test/check-node.js +21 -0
- package/packages/cli/core/test/utils.js +7 -7
- package/packages/cli/entry +10 -0
- package/packages/lib/index.js +6 -6
- package/packages/lib/src/endpoint.js +947 -532
- package/packages/lib/src/guard.js +60 -60
- package/packages/lib/src/salt.js +3 -3
- package/packages/lib/src/schema.js +96 -93
- package/packages/lib/src/specificExpress.js +7 -7
- package/packages/lib/src/user.js +271 -271
|
@@ -1,17 +1,29 @@
|
|
|
1
|
-
const _beech_ = require(appRoot + "/beech.config.js");
|
|
2
|
-
const rateLimit = require("express-rate-limit");
|
|
3
|
-
const tooManyMsg = {
|
|
4
|
-
code: 429,
|
|
5
|
-
status: "TOO_MANY_REQUEST",
|
|
6
|
-
message: "Too Many Requests.",
|
|
7
|
-
};
|
|
8
|
-
let configure = {
|
|
9
|
-
windowMs: (_beech_.defineConfig.server.rateLimit) ? _beech_.defineConfig.server.rateLimit.windowMs : 0,
|
|
10
|
-
standardHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.standardHeaders || "draft-7") : "draft-7",
|
|
11
|
-
legacyHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.legacyHeaders || false) : false,
|
|
12
|
-
message: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.message || tooManyMsg) : tooManyMsg,
|
|
13
|
-
};
|
|
14
|
-
configure = {
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
1
|
+
const _beech_ = require(appRoot + "/beech.config.js");
|
|
2
|
+
const rateLimit = require("express-rate-limit");
|
|
3
|
+
const tooManyMsg = {
|
|
4
|
+
code: 429,
|
|
5
|
+
status: "TOO_MANY_REQUEST",
|
|
6
|
+
message: "Too Many Requests.",
|
|
7
|
+
};
|
|
8
|
+
let configure = {
|
|
9
|
+
windowMs: (_beech_.defineConfig.server.rateLimit) ? _beech_.defineConfig.server.rateLimit.windowMs : 0,
|
|
10
|
+
standardHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.standardHeaders || "draft-7") : "draft-7",
|
|
11
|
+
legacyHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.legacyHeaders || false) : false,
|
|
12
|
+
message: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.message || tooManyMsg) : tooManyMsg,
|
|
13
|
+
};
|
|
14
|
+
configure = {
|
|
15
|
+
..._beech_.defineConfig.server.rateLimit, // Override default configure with user configure.
|
|
16
|
+
...configure,
|
|
17
|
+
keyGenerator: (req) => `${req.ip}:${req.params.hash}${req.params['0']}`,
|
|
18
|
+
};
|
|
19
|
+
const Limiter = (more_configure = {}) => {
|
|
20
|
+
const middleware = rateLimit({
|
|
21
|
+
...configure,
|
|
22
|
+
...more_configure,
|
|
23
|
+
});
|
|
24
|
+
return (req, res, next) => {
|
|
25
|
+
middleware(req, res, next);
|
|
26
|
+
};
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
module.exports = { Limiter, rateLimit };
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
const { slowDown } = require("express-slow-down");
|
|
2
|
-
module.exports = { slowDown };
|
|
1
|
+
const { slowDown } = require("express-slow-down");
|
|
2
|
+
module.exports = { slowDown };
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
const { whitelist, sign } = require("./origin/whitelist/cors");
|
|
2
|
-
const { avg } = require("./origin/guard/advance");
|
|
3
|
-
const { Limiter } = require("./express/rateLimit");
|
|
4
|
-
const { Duplicater } = require("./express/duplicateRequest");
|
|
5
|
-
|
|
6
|
-
module.exports = { whitelist, sign, Limiter, Duplicater, avg };
|
|
1
|
+
const { whitelist, sign } = require("./origin/whitelist/cors");
|
|
2
|
+
const { avg } = require("./origin/guard/advance");
|
|
3
|
+
const { Limiter } = require("./express/rateLimit");
|
|
4
|
+
const { Duplicater } = require("./express/duplicateRequest");
|
|
5
|
+
|
|
6
|
+
module.exports = { whitelist, sign, Limiter, Duplicater, avg };
|
|
@@ -1,74 +1,75 @@
|
|
|
1
|
-
const fs = require("fs");
|
|
2
|
-
const passport_config_file = "/passport.config.js";
|
|
3
|
-
const { avgDeHashIt } = require(__dirname + "/../../../helpers/math");
|
|
4
|
-
const moment = require("moment");
|
|
5
|
-
|
|
6
|
-
function avg(req, res, next) {
|
|
7
|
-
// check passport file ?
|
|
8
|
-
const checkPassport = new Promise((resolve) => {
|
|
9
|
-
if (fs.existsSync(appRoot + "/passport.config.js")) {
|
|
10
|
-
resolve([true, require(appRoot + passport_config_file)]);
|
|
11
|
-
} else {
|
|
12
|
-
resolve([false, null]);
|
|
13
|
-
}
|
|
14
|
-
});
|
|
15
|
-
// promise all
|
|
16
|
-
Promise.all([checkPassport]).then((final) => {
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
let
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
}
|
|
73
|
-
|
|
74
|
-
|
|
1
|
+
const fs = require("fs");
|
|
2
|
+
const passport_config_file = "/passport.config.js";
|
|
3
|
+
const { avgDeHashIt } = require(__dirname + "/../../../helpers/math");
|
|
4
|
+
const moment = require("moment");
|
|
5
|
+
|
|
6
|
+
function avg(req, res, next) {
|
|
7
|
+
// check passport file ?
|
|
8
|
+
const checkPassport = new Promise((resolve) => {
|
|
9
|
+
if (fs.existsSync(appRoot + "/passport.config.js")) {
|
|
10
|
+
resolve([true, require(appRoot + passport_config_file)]);
|
|
11
|
+
} else {
|
|
12
|
+
resolve([false, null]);
|
|
13
|
+
}
|
|
14
|
+
});
|
|
15
|
+
// promise all
|
|
16
|
+
Promise.all([checkPassport]).then((final) => {
|
|
17
|
+
/**
|
|
18
|
+
* item[0] : Boolean = passport file found.
|
|
19
|
+
* item[1] : Object = passport object. (for check on/off)
|
|
20
|
+
*/
|
|
21
|
+
let item = final[0];
|
|
22
|
+
let passport_config = item[1];
|
|
23
|
+
// check passport file exists ?, when not exists go to next
|
|
24
|
+
if(item[0]) {
|
|
25
|
+
if ((passport_config.model.guard.advanced_guard) ? passport_config.model.guard.advanced_guard.allow : false) {
|
|
26
|
+
let advanced_guard_entity = req.headers[passport_config.model.guard.advanced_guard.entity || "timing"];
|
|
27
|
+
if (advanced_guard_entity) {
|
|
28
|
+
if(advanced_guard_entity.length > 60) {
|
|
29
|
+
//logic check advanced guard
|
|
30
|
+
avgDeHashIt(advanced_guard_entity, (err, unixTime) => {
|
|
31
|
+
if (err) {
|
|
32
|
+
res.status(502).json({ code: 502, status: "BAD_GATEWAY", message: String(err) });
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
// prepare date & check it.
|
|
36
|
+
let unixTimeNow = moment(new Date()).unix();
|
|
37
|
+
let unixTiming = moment(new Date(unixTime * 1000)).add((passport_config.model.guard.advanced_guard.time_expired.minutes || 0), "minutes").add((passport_config.model.guard.advanced_guard.time_expired.seconds || 0), "seconds").unix();
|
|
38
|
+
if((String(unixTimeNow).length == String(unixTiming).length) && unixTimeNow < unixTiming) {
|
|
39
|
+
next();
|
|
40
|
+
} else {
|
|
41
|
+
res.status(408).json({ code: 408 , status: "REQUEST_TIMEOUT", message: "Request Timeout." });
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
} else {
|
|
45
|
+
res.status(400).json({
|
|
46
|
+
code: 400,
|
|
47
|
+
status: 'BAD_REQUEST',
|
|
48
|
+
message: "Bad request.",
|
|
49
|
+
info: {
|
|
50
|
+
status: "BAD_VALUE",
|
|
51
|
+
message: "Bad with wrong Advance guard key."
|
|
52
|
+
},
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
} else {
|
|
56
|
+
res.status(400).json({
|
|
57
|
+
code: 400,
|
|
58
|
+
status: 'BAD_REQUEST',
|
|
59
|
+
message: "Bad request.",
|
|
60
|
+
info: {
|
|
61
|
+
status: "BAD_ENTITY",
|
|
62
|
+
message: "Bad Advanced guard Entity."
|
|
63
|
+
},
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
} else {
|
|
67
|
+
next();
|
|
68
|
+
}
|
|
69
|
+
} else {
|
|
70
|
+
next();
|
|
71
|
+
}
|
|
72
|
+
});
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
module.exports = { avg };
|
|
@@ -1,94 +1,94 @@
|
|
|
1
|
-
const fs = require("fs");
|
|
2
|
-
|
|
3
|
-
function whitelist(cb) {
|
|
4
|
-
var whitelists = [];
|
|
5
|
-
const getWhitelists = new Promise((resolve) => {
|
|
6
|
-
if (fs.existsSync(appRoot + "/beech.config.js")) {
|
|
7
|
-
fs.readFile(appRoot + "/beech.config.js", "utf8", (err, e) => {
|
|
8
|
-
if (!err) {
|
|
9
|
-
let defineConfig = eval(e).defineConfig;
|
|
10
|
-
let origin = defineConfig.server.origin;
|
|
11
|
-
let originSensitive = defineConfig.server.originSensitive;
|
|
12
|
-
let allAllow = origin.filter((allow) => {
|
|
13
|
-
return allow == "*";
|
|
14
|
-
});
|
|
15
|
-
if (allAllow.length) {
|
|
16
|
-
resolve([whitelists, originSensitive]);
|
|
17
|
-
} else {
|
|
18
|
-
resolve([origin, originSensitive]);
|
|
19
|
-
}
|
|
20
|
-
} else {
|
|
21
|
-
// error resolve default whitelist
|
|
22
|
-
resolve([whitelists, originSensitive]);
|
|
23
|
-
}
|
|
24
|
-
});
|
|
25
|
-
} else {
|
|
26
|
-
resolve([whitelists, originSensitive]);
|
|
27
|
-
}
|
|
28
|
-
});
|
|
29
|
-
// promise all
|
|
30
|
-
Promise.all([getWhitelists]).then((final) => {
|
|
31
|
-
cb(final[0][0], final[0][1]);
|
|
32
|
-
});
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
function sign(req, res, whitelist, originSensitive, cb) {
|
|
36
|
-
try {
|
|
37
|
-
const origin = req.headers.origin;
|
|
38
|
-
let doYouSignSomeOrigin = false;
|
|
39
|
-
//var host = req.get("host");
|
|
40
|
-
console.log(`[${_requestTime_}] : From origin: ${origin || 'http://localhost'}`);
|
|
41
|
-
// check whitelist length ?
|
|
42
|
-
if (whitelist.length > 0) {
|
|
43
|
-
whitelist.forEach((val, k) => {
|
|
44
|
-
if (origin) {
|
|
45
|
-
if (origin.indexOf(val) > -1) {
|
|
46
|
-
doYouSignSomeOrigin = true;
|
|
47
|
-
if (originSensitive) {
|
|
48
|
-
res.setHeader("Access-Control-Allow-Origin", val);
|
|
49
|
-
} else {
|
|
50
|
-
res.setHeader("Access-Control-Allow-Origin", origin);
|
|
51
|
-
}
|
|
52
|
-
}
|
|
53
|
-
}
|
|
54
|
-
if (whitelist.length == k + 1) {
|
|
55
|
-
if (!doYouSignSomeOrigin) {
|
|
56
|
-
setLocalHeader(res);
|
|
57
|
-
}
|
|
58
|
-
}
|
|
59
|
-
});
|
|
60
|
-
} else {
|
|
61
|
-
if(origin) {
|
|
62
|
-
res.setHeader("Access-Control-Allow-Origin", origin); // add origin when not sign origin: []|["*"]
|
|
63
|
-
} else {
|
|
64
|
-
setLocalHeader(res);
|
|
65
|
-
}
|
|
66
|
-
}
|
|
67
|
-
// Request methods you wish to allow
|
|
68
|
-
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, PATCH, DELETE");
|
|
69
|
-
// Request headers you wish to allow
|
|
70
|
-
res.setHeader(
|
|
71
|
-
"Access-Control-Allow-Headers",
|
|
72
|
-
"X-Requested-With",
|
|
73
|
-
"Content-Type",
|
|
74
|
-
"Accept",
|
|
75
|
-
"Authorization",
|
|
76
|
-
"Origin",
|
|
77
|
-
"application/json; charset=utf-8"
|
|
78
|
-
);
|
|
79
|
-
// Set to true if you need the website to include cookies in the requests sent
|
|
80
|
-
// to the API (e.g. in case you use sessions)
|
|
81
|
-
res.setHeader("Access-Control-Allow-Credentials", true);
|
|
82
|
-
// callback
|
|
83
|
-
cb(null);
|
|
84
|
-
} catch (error) {
|
|
85
|
-
cb(error);
|
|
86
|
-
}
|
|
87
|
-
}
|
|
88
|
-
|
|
89
|
-
function setLocalHeader(res) {
|
|
90
|
-
res.setHeader("Access-Control-Allow-Origin", "http://localhost:" + _config_.main_config.app_port);
|
|
91
|
-
res.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:" + _config_.main_config.app_port);
|
|
92
|
-
}
|
|
93
|
-
|
|
94
|
-
module.exports = { whitelist, sign };
|
|
1
|
+
const fs = require("fs");
|
|
2
|
+
|
|
3
|
+
function whitelist(cb) {
|
|
4
|
+
var whitelists = [];
|
|
5
|
+
const getWhitelists = new Promise((resolve) => {
|
|
6
|
+
if (fs.existsSync(appRoot + "/beech.config.js")) {
|
|
7
|
+
fs.readFile(appRoot + "/beech.config.js", "utf8", (err, e) => {
|
|
8
|
+
if (!err) {
|
|
9
|
+
let defineConfig = eval(e).defineConfig;
|
|
10
|
+
let origin = defineConfig.server.origin;
|
|
11
|
+
let originSensitive = defineConfig.server.originSensitive;
|
|
12
|
+
let allAllow = origin.filter((allow) => {
|
|
13
|
+
return allow == "*";
|
|
14
|
+
});
|
|
15
|
+
if (allAllow.length) {
|
|
16
|
+
resolve([whitelists, originSensitive]);
|
|
17
|
+
} else {
|
|
18
|
+
resolve([origin, originSensitive]);
|
|
19
|
+
}
|
|
20
|
+
} else {
|
|
21
|
+
// error resolve default whitelist
|
|
22
|
+
resolve([whitelists, originSensitive]);
|
|
23
|
+
}
|
|
24
|
+
});
|
|
25
|
+
} else {
|
|
26
|
+
resolve([whitelists, originSensitive]);
|
|
27
|
+
}
|
|
28
|
+
});
|
|
29
|
+
// promise all
|
|
30
|
+
Promise.all([getWhitelists]).then((final) => {
|
|
31
|
+
cb(final[0][0], final[0][1]);
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
function sign(req, res, whitelist, originSensitive, cb) {
|
|
36
|
+
try {
|
|
37
|
+
const origin = req.headers.origin;
|
|
38
|
+
let doYouSignSomeOrigin = false;
|
|
39
|
+
//var host = req.get("host");
|
|
40
|
+
console.log(`[${_requestTime_}] : From origin: ${origin || 'http://localhost'}`);
|
|
41
|
+
// check whitelist length ?
|
|
42
|
+
if (whitelist.length > 0) {
|
|
43
|
+
whitelist.forEach((val, k) => {
|
|
44
|
+
if (origin) {
|
|
45
|
+
if (origin.indexOf(val) > -1) {
|
|
46
|
+
doYouSignSomeOrigin = true;
|
|
47
|
+
if (originSensitive) {
|
|
48
|
+
res.setHeader("Access-Control-Allow-Origin", val);
|
|
49
|
+
} else {
|
|
50
|
+
res.setHeader("Access-Control-Allow-Origin", origin);
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
if (whitelist.length == k + 1) {
|
|
55
|
+
if (!doYouSignSomeOrigin) {
|
|
56
|
+
setLocalHeader(res);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
});
|
|
60
|
+
} else {
|
|
61
|
+
if(origin) {
|
|
62
|
+
res.setHeader("Access-Control-Allow-Origin", origin); // add origin when not sign origin: []|["*"]
|
|
63
|
+
} else {
|
|
64
|
+
setLocalHeader(res);
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
// Request methods you wish to allow
|
|
68
|
+
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, PATCH, DELETE");
|
|
69
|
+
// Request headers you wish to allow
|
|
70
|
+
res.setHeader(
|
|
71
|
+
"Access-Control-Allow-Headers",
|
|
72
|
+
"X-Requested-With",
|
|
73
|
+
"Content-Type",
|
|
74
|
+
"Accept",
|
|
75
|
+
"Authorization",
|
|
76
|
+
"Origin",
|
|
77
|
+
"application/json; charset=utf-8"
|
|
78
|
+
);
|
|
79
|
+
// Set to true if you need the website to include cookies in the requests sent
|
|
80
|
+
// to the API (e.g. in case you use sessions)
|
|
81
|
+
res.setHeader("Access-Control-Allow-Credentials", true);
|
|
82
|
+
// callback
|
|
83
|
+
cb(null);
|
|
84
|
+
} catch (error) {
|
|
85
|
+
cb(error);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
function setLocalHeader(res) {
|
|
90
|
+
res.setHeader("Access-Control-Allow-Origin", "http://localhost:" + _config_.main_config.app_port);
|
|
91
|
+
res.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:" + _config_.main_config.app_port);
|
|
92
|
+
}
|
|
93
|
+
|
|
94
|
+
module.exports = { whitelist, sign };
|