beech-api 3.8.0 → 3.9.75

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +1715 -1244
  3. package/index.js +2 -2
  4. package/package.json +92 -83
  5. package/packages/cli/beech +9 -10
  6. package/packages/cli/bin/beech-app.js +389 -389
  7. package/packages/cli/bin/beech-service.js +262 -132
  8. package/packages/cli/core/auth/Credentials.js +174 -147
  9. package/packages/cli/core/auth/Passport.js +664 -592
  10. package/packages/cli/core/auth/_Request.js +12 -12
  11. package/packages/cli/core/configure/_gitignore +16 -15
  12. package/packages/cli/core/configure/_sequelizerc +9 -9
  13. package/packages/cli/core/configure/app.config-basic.js +55 -55
  14. package/packages/cli/core/configure/app.config-sequelize.js +88 -88
  15. package/packages/cli/core/configure/beech.config.js +9 -9
  16. package/packages/cli/core/configure/global.config-basic.js +8 -8
  17. package/packages/cli/core/configure/global.config-sequelize.js +8 -8
  18. package/packages/cli/core/configure/jest.config.js +6 -6
  19. package/packages/cli/core/configure/jsconfig.json +8 -7
  20. package/packages/cli/core/configure/passport.config.js +97 -97
  21. package/packages/cli/core/databases/mysql.js +94 -95
  22. package/packages/cli/core/databases/sequelize.js +187 -179
  23. package/packages/cli/core/databases/test.js +251 -170
  24. package/packages/cli/core/file-walk/file-walk.js +35 -35
  25. package/packages/cli/core/generator/_endpoints +15 -15
  26. package/packages/cli/core/generator/_endpoints_basic +42 -42
  27. package/packages/cli/core/generator/_help +26 -18
  28. package/packages/cli/core/generator/_help_create +10 -10
  29. package/packages/cli/core/generator/_help_service +10 -10
  30. package/packages/cli/core/generator/_helpers +9 -9
  31. package/packages/cli/core/generator/_helpers_basic +22 -22
  32. package/packages/cli/core/generator/_models +6 -29
  33. package/packages/cli/core/generator/_models_basic +13 -22
  34. package/packages/cli/core/generator/_package +23 -20
  35. package/packages/cli/core/generator/_scheduler +32 -22
  36. package/packages/cli/core/generator/_spec +29 -29
  37. package/packages/cli/core/generator/index.js +1081 -738
  38. package/packages/cli/core/helpers/2fa.js +106 -85
  39. package/packages/cli/core/helpers/math.js +115 -103
  40. package/packages/cli/core/helpers/poolEntity.js +103 -59
  41. package/packages/cli/core/index.js +264 -188
  42. package/packages/cli/core/middleware/express/duplicateRequest.js +16 -12
  43. package/packages/cli/core/middleware/express/jwtCheckAllow.js +86 -68
  44. package/packages/cli/core/middleware/express/rateLimit.js +29 -17
  45. package/packages/cli/core/middleware/express/slowDown.js +2 -2
  46. package/packages/cli/core/middleware/index.js +6 -6
  47. package/packages/cli/core/middleware/origin/guard/advance.js +75 -74
  48. package/packages/cli/core/middleware/origin/whitelist/cors.js +94 -94
  49. package/packages/cli/core/services/http.express.js +481 -441
  50. package/packages/cli/core/test/check-node.js +21 -0
  51. package/packages/cli/core/test/utils.js +7 -7
  52. package/packages/cli/entry +10 -0
  53. package/packages/lib/index.js +6 -6
  54. package/packages/lib/src/endpoint.js +947 -532
  55. package/packages/lib/src/guard.js +60 -60
  56. package/packages/lib/src/salt.js +3 -3
  57. package/packages/lib/src/schema.js +96 -93
  58. package/packages/lib/src/specificExpress.js +7 -7
  59. package/packages/lib/src/user.js +271 -271
@@ -1,147 +1,174 @@
1
- const passport = require("passport");
2
- const fs = require("fs");
3
- const { checkRoleMiddleware } = require("../middleware/express/jwtCheckAllow");
4
- const passport_config_file = appRoot + "/passport.config.js";
5
- var passport_config;
6
- if (fs.existsSync(passport_config_file)) {
7
- passport_config = require(passport_config_file);
8
- }
9
-
10
- const byPassCredentials = (options, _res = {}, _next = () => {}) => {
11
- if(!options.length) {
12
- if(passport_config.jwt_broken_role ? passport_config.jwt_broken_role.length > 0 : false) {
13
- // CASE: jwt_broken_role DEFUALT is set
14
- return [credentials, checkRoleMiddleware(passport_config.jwt_broken_role)(options, _res, _next)];
15
- } else {
16
- if(!Object.keys(options).length) {
17
- return [credentials];
18
- } else {
19
- if("headers" in options) {
20
- // CASE: Only Credentials
21
- return [credentials(options, _res, _next)];
22
- } else {
23
- // CASE: jwt_broken_role DEFUALT is not set
24
- return [credentials];
25
- }
26
- }
27
- }
28
- } else {
29
- // CASE: options Credentials is set
30
- return [credentials, checkRoleMiddleware(options)];
31
- }
32
- }
33
-
34
- const credentials = (req, res, next) => {
35
- if (passport_config.jwt_allow === true) {
36
- const auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
37
- if(auth_endpoint.split("/")[1] == req.params.hash) {
38
- return next();
39
- }
40
- }
41
-
42
- return passport.authenticate("jwt", {
43
- session: false,
44
- }, (err, user, info) => {
45
- // error check
46
- if (err) {
47
- console.log(err, info);
48
- return res.status(401).json({
49
- code: 401,
50
- error: "UNAUTHORIZED",
51
- message: {
52
- name: "WrongTokenError",
53
- message: "token error.",
54
- },
55
- /* dev: { err, info }, */ // for dev info
56
- });
57
- }
58
- // anything token check
59
- if (!user) {
60
- if (info) {
61
- if (info.name == "TokenExpiredError") {
62
- return res.status(401).json({
63
- code: 401,
64
- status: "TOKEN_EXPIRED",
65
- message: info,
66
- });
67
- }
68
- if (info.name == "Error") {
69
- return res.status(401).json({
70
- code: 401,
71
- status: "NO_AUTH_TOKEN",
72
- message: {
73
- name: "NoTokenError",
74
- message: "No auth token",
75
- },
76
- });
77
- }
78
- if (info.name == "SyntaxError") {
79
- return res.status(401).json({
80
- code: 401,
81
- status: "PAYLOAD_SYNTAX_ERROR",
82
- message: {
83
- name: "SyntaxError",
84
- message: "Unexpected token < in JSON at position 0",
85
- },
86
- });
87
- }
88
- }
89
- return res.status(401).json({
90
- code: 401,
91
- status: "UNAUTHORIZED_USER",
92
- message: info || {
93
- name: "TokenError",
94
- message: "Unauthorized token."
95
- },
96
- });
97
- } else {
98
- // Perfectly user jwt
99
- return next();
100
- }
101
- })(req, res, next);
102
- }
103
-
104
- const credentialsGuard = (req, res, next) => {
105
- checkAppKey(req, res, (checked) => {
106
- if (checked) {
107
- // Perfectly
108
- next();
109
- }
110
- });
111
- }
112
-
113
- function checkAppKey(req, res, cb) {
114
- if (_passport_config_.app_key_allow) {
115
- if (req.headers.app_key) {
116
- if (_config_.main_config.app_key == req.headers.app_key) {
117
- return cb(true);
118
- } else {
119
- res.status(400).json({
120
- code: 400,
121
- status: 'BAD_REQUEST',
122
- message: "Bad request.",
123
- info: {
124
- status: "BAD_VALUE",
125
- message: "Bad with wrong key."
126
- },
127
- });
128
- return cb(false);
129
- }
130
- } else {
131
- res.status(400).json({
132
- code: 400,
133
- status: 'BAD_REQUEST',
134
- message: "Bad request.",
135
- info: {
136
- status: "BAD_ENTITY",
137
- message: "Bad with app entity key.",
138
- },
139
- });
140
- return cb(false);
141
- }
142
- } else {
143
- return cb(true);
144
- }
145
- }
146
-
147
- module.exports = { byPassCredentials, credentials, credentialsGuard };
1
+ const passport = require("passport");
2
+ const fs = require("fs");
3
+ const { checkRoleMiddleware } = require("../middleware/express/jwtCheckAllow");
4
+ const passport_config_file = appRoot + "/passport.config.js";
5
+ var passport_config;
6
+ if (fs.existsSync(passport_config_file)) {
7
+ passport_config = require(passport_config_file);
8
+ }
9
+
10
+ const byPassCredentials = (options, _res = {}, _next = () => {}) => {
11
+ if(!options.length) {
12
+ if(passport_config.jwt_broken_role ? passport_config.jwt_broken_role.length > 0 : false) {
13
+ // CASE: jwt_broken_role DEFUALT is set
14
+ return credentials(options, _res, () => {
15
+ return checkRoleMiddleware(passport_config.jwt_broken_role)(options, _res, _next);
16
+ });
17
+ } else {
18
+ if(!Object.keys(options).length) {
19
+ return [credentials];
20
+ } else {
21
+ if("headers" in options) {
22
+ // CASE: Only Credentials
23
+ return [credentials(options, _res, _next)];
24
+ } else {
25
+ // CASE: jwt_broken_role DEFUALT is not set
26
+ return [credentials];
27
+ }
28
+ }
29
+ }
30
+ } else {
31
+ // CASE: options Credentials is set
32
+ return [credentials, checkRoleMiddleware(options)];
33
+ }
34
+ }
35
+
36
+ const credentials = (req, res, next) => {
37
+ if (passport_config.jwt_allow === true) {
38
+ const auth_endpoint = (passport_config.auth_endpoint) ? (passport_config.auth_endpoint[ 0 ] === "/" ? passport_config.auth_endpoint : "/" + passport_config.auth_endpoint) : "/authentication";
39
+ const slashOneIsHash = auth_endpoint.split("/")[1];
40
+ if(req.params === undefined) {
41
+ // Request is not valid
42
+ console.log("\n REQUEST|OPTION  Error: Request is not valid, missing params.");
43
+ return;
44
+ } else {
45
+ // Check first HASH equal Authentication
46
+ if(slashOneIsHash == req.params.hash) {
47
+ // Bypass authentication for auth endpoint
48
+ return next();
49
+ } else {
50
+ return passport.authenticate("jwt", {
51
+ session: false,
52
+ }, (err, user, info) => {
53
+ // error check
54
+ if (err) {
55
+ console.log(err, info);
56
+ return res.status(401).json({
57
+ code: 401,
58
+ error: "UNAUTHORIZED",
59
+ message: {
60
+ name: "WrongTokenError",
61
+ message: "token error.",
62
+ },
63
+ /* dev: { err, info }, */ // for dev info
64
+ });
65
+ } else {
66
+ // anything token check
67
+ if (!user) {
68
+ if (info) {
69
+ if (info.name == "TokenExpiredError") {
70
+ return res.status(401).json({
71
+ code: 401,
72
+ status: "TOKEN_EXPIRED",
73
+ message: info,
74
+ });
75
+ } else if (info.name == "Error") {
76
+ return res.status(401).json({
77
+ code: 401,
78
+ status: "NO_AUTH_TOKEN",
79
+ message: {
80
+ name: "NoTokenError",
81
+ message: "No auth token",
82
+ },
83
+ });
84
+ } else if (info.name == "SyntaxError") {
85
+ return res.status(401).json({
86
+ code: 401,
87
+ status: "PAYLOAD_SYNTAX_ERROR",
88
+ message: {
89
+ name: "SyntaxError",
90
+ message: "Unexpected token < in JSON at position 0",
91
+ },
92
+ });
93
+ } else if (info.name == "JsonWebTokenError") {
94
+ return res.status(401).json({
95
+ code: 401,
96
+ status: "INVALID_TOKEN",
97
+ message: {
98
+ name: "JsonWebTokenError",
99
+ message: "invalid token.",
100
+ },
101
+ });
102
+ } else {
103
+ return res.status(401).json({
104
+ code: 401,
105
+ status: "OTHER_TOKEN_ERR",
106
+ message: {
107
+ name: "OtherTokenError",
108
+ message: String(info),
109
+ },
110
+ });
111
+ }
112
+ } else {
113
+ return res.status(401).json({
114
+ code: 401,
115
+ status: "UNAUTHORIZED_USER",
116
+ message: info || {
117
+ name: "TokenError",
118
+ message: String(info),
119
+ },
120
+ });
121
+ }
122
+ } else {
123
+ // Perfectly user jwt
124
+ return next();
125
+ }
126
+ }
127
+ }
128
+ )(req, res, next);
129
+ }
130
+ }
131
+ } else {
132
+ // Bypass authentication
133
+ return next();
134
+ }
135
+ }
136
+
137
+ const credentialsGuard = (req, res, next) => {
138
+ checkAppKey(req, res, (err) => {
139
+ if (!err) {
140
+ // Perfectly
141
+ next();
142
+ } else {
143
+ // Bad Request
144
+ return res.status(400).json({
145
+ code: 400,
146
+ status: 'BAD_REQUEST',
147
+ message: "Bad request.",
148
+ info: err,
149
+ });
150
+ }
151
+ });
152
+ }
153
+
154
+ function checkAppKey(req, res, cb) {
155
+ if (_passport_config_.app_key_allow) {
156
+ if (req.headers.app_key) {
157
+ if (_config_.main_config.app_key == req.headers.app_key) {
158
+ // Perfectly
159
+ cb(null, true);
160
+ } else {
161
+ // Wrong App key
162
+ cb({ status: "BAD_VALUE", message: "Bad with wrong key." }, false);
163
+ }
164
+ } else {
165
+ // No App key
166
+ cb({ status: "BAD_ENTITY", message: "Bad with app entity key." }, false);
167
+ }
168
+ } else {
169
+ // App key not allow, bypass
170
+ cb(null, true);
171
+ }
172
+ }
173
+
174
+ module.exports = { byPassCredentials, credentials, credentialsGuard };