beech-api 3.9.0-beta.9-rc → 3.9.80

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +1717 -1649
  3. package/index.js +2 -2
  4. package/package.json +92 -84
  5. package/packages/cli/beech +9 -10
  6. package/packages/cli/bin/beech-app.js +390 -390
  7. package/packages/cli/bin/beech-service.js +263 -170
  8. package/packages/cli/core/auth/Credentials.js +174 -174
  9. package/packages/cli/core/auth/Passport.js +664 -664
  10. package/packages/cli/core/auth/_Request.js +12 -12
  11. package/packages/cli/core/configure/_gitignore +16 -15
  12. package/packages/cli/core/configure/_sequelizerc +9 -9
  13. package/packages/cli/core/configure/app.config-basic.js +55 -55
  14. package/packages/cli/core/configure/app.config-sequelize.js +88 -88
  15. package/packages/cli/core/configure/beech.config.js +9 -9
  16. package/packages/cli/core/configure/global.config-basic.js +8 -8
  17. package/packages/cli/core/configure/global.config-sequelize.js +8 -8
  18. package/packages/cli/core/configure/jest.config.js +6 -6
  19. package/packages/cli/core/configure/jsconfig.json +8 -7
  20. package/packages/cli/core/configure/passport.config.js +97 -97
  21. package/packages/cli/core/databases/mysql.js +94 -95
  22. package/packages/cli/core/databases/sequelize.js +187 -188
  23. package/packages/cli/core/databases/test.js +250 -255
  24. package/packages/cli/core/file-walk/file-walk.js +35 -35
  25. package/packages/cli/core/generator/_endpoints +15 -15
  26. package/packages/cli/core/generator/_endpoints_basic +42 -42
  27. package/packages/cli/core/generator/_help +29 -19
  28. package/packages/cli/core/generator/_help_create +10 -10
  29. package/packages/cli/core/generator/_help_service +10 -10
  30. package/packages/cli/core/generator/_helpers +9 -9
  31. package/packages/cli/core/generator/_helpers_basic +166 -22
  32. package/packages/cli/core/generator/_models +6 -6
  33. package/packages/cli/core/generator/_models_basic +13 -13
  34. package/packages/cli/core/generator/_package +23 -19
  35. package/packages/cli/core/generator/_scheduler +32 -32
  36. package/packages/cli/core/generator/_spec +29 -29
  37. package/packages/cli/core/generator/index.js +1229 -992
  38. package/packages/cli/core/helpers/2fa.js +106 -106
  39. package/packages/cli/core/helpers/math.js +115 -115
  40. package/packages/cli/core/helpers/poolEntity.js +103 -103
  41. package/packages/cli/core/index.js +264 -266
  42. package/packages/cli/core/middleware/express/duplicateRequest.js +16 -16
  43. package/packages/cli/core/middleware/express/jwtCheckAllow.js +85 -85
  44. package/packages/cli/core/middleware/express/rateLimit.js +29 -29
  45. package/packages/cli/core/middleware/express/slowDown.js +2 -2
  46. package/packages/cli/core/middleware/index.js +6 -6
  47. package/packages/cli/core/middleware/origin/guard/advance.js +75 -75
  48. package/packages/cli/core/middleware/origin/whitelist/cors.js +94 -94
  49. package/packages/cli/core/services/http.express.js +481 -481
  50. package/packages/cli/core/test/check-node.js +21 -21
  51. package/packages/cli/core/test/utils.js +7 -7
  52. package/packages/cli/entry +10 -0
  53. package/packages/lib/index.js +6 -6
  54. package/packages/lib/src/endpoint.js +947 -885
  55. package/packages/lib/src/guard.js +60 -60
  56. package/packages/lib/src/salt.js +3 -3
  57. package/packages/lib/src/schema.js +96 -96
  58. package/packages/lib/src/specificExpress.js +7 -7
  59. package/packages/lib/src/user.js +271 -271
@@ -1,86 +1,86 @@
1
- const passport = require("passport");
2
-
3
- const checkRoleMiddleware = (options) => {
4
- return (req, res, next) => {
5
- if(!Array.isArray(options)) {
6
- // Perfectly with options is not type Array
7
- return next();
8
- } else {
9
- passport.authenticate("jwt", {
10
- session: false,
11
- }, (err, user, info) => {
12
- // error check
13
- if (err) {
14
- //console.log(err, info);
15
- return res.status(403).json({
16
- code: 403,
17
- status: "FORBIDDEN",
18
- message: "Forbidden: Insufficient role",
19
- info: {
20
- error: err,
21
- },
22
- });
23
- } else {
24
- if(!options.length) {
25
- // Perfectly with no options
26
- return next();
27
- } else {
28
- const allowed = options.some(rule => {
29
- return Object.entries(rule).every(([key, condition]) => {
30
- //console.log('----matchCondition(user?.[key], condition, user)-->>', matchCondition(user?.[key], condition, user));
31
- return matchCondition(user?.[key], condition, user);
32
- });
33
- });
34
- if (allowed) {
35
- return next();
36
- } else {
37
- res.status(403).json({
38
- code: 403,
39
- status: "FORBIDDEN",
40
- message: "Forbidden: Insufficient role",
41
- info: {
42
- status: "ROLE_NOT_ALLOWED",
43
- error: "Insufficient role or User token does not have sufficient role.",
44
- },
45
- });
46
- }
47
- }
48
- }
49
- })(req, res, next);
50
- }
51
- }
52
- }
53
-
54
- const operators = {
55
- $eq: (userValue, expected) => userValue === expected,
56
- $ne: (userValue, expected) => userValue !== expected,
57
- $in: (userValue, expected) => Array.isArray(expected) && expected.includes(userValue),
58
- $not: (userValue, expected) => Array.isArray(expected) && !expected.includes(userValue),
59
- $regex: (userValue, expected) =>
60
- typeof userValue === 'string' && expected instanceof RegExp
61
- ? expected.test(userValue)
62
- : false,
63
- $fn: (userValue, fn, user) => typeof fn === 'function' && fn(userValue, user),
64
- };
65
-
66
- const matchCondition = (userValue, condition, user) => {
67
- if (typeof condition !== 'object' || condition instanceof RegExp || Array.isArray(condition)) {
68
- return Array.isArray(condition)
69
- ? operators.$in(userValue, condition)
70
- : operators.$eq(userValue, condition);
71
- }
72
- // operator object
73
- return Object.entries(condition).every(([op, expected]) => {
74
- const handler = operators[op];
75
- if (!handler) return false;
76
- return handler(userValue, expected, user);
77
- });
78
- };
79
-
80
- const checkRoleMiddlewareWithDefaultProject = (options) => {
81
- return function (req, res, next) {
82
- return checkRoleMiddleware(options)(req, res, next);
83
- }
84
- }
85
-
1
+ const passport = require("passport");
2
+
3
+ const checkRoleMiddleware = (options) => {
4
+ return (req, res, next) => {
5
+ if(!Array.isArray(options)) {
6
+ // Perfectly with options is not type Array
7
+ return next();
8
+ } else {
9
+ passport.authenticate("jwt", {
10
+ session: false,
11
+ }, (err, user, info) => {
12
+ // error check
13
+ if (err) {
14
+ //console.log(err, info);
15
+ return res.status(403).json({
16
+ code: 403,
17
+ status: "FORBIDDEN",
18
+ message: "Forbidden: Insufficient role",
19
+ info: {
20
+ error: err,
21
+ },
22
+ });
23
+ } else {
24
+ if(!options.length) {
25
+ // Perfectly with no options
26
+ return next();
27
+ } else {
28
+ const allowed = options.some(rule => {
29
+ return Object.entries(rule).every(([key, condition]) => {
30
+ //console.log('----matchCondition(user?.[key], condition, user)-->>', matchCondition(user?.[key], condition, user));
31
+ return matchCondition(user?.[key], condition, user);
32
+ });
33
+ });
34
+ if (allowed) {
35
+ return next();
36
+ } else {
37
+ res.status(403).json({
38
+ code: 403,
39
+ status: "FORBIDDEN",
40
+ message: "Forbidden: Insufficient role",
41
+ info: {
42
+ status: "ROLE_NOT_ALLOWED",
43
+ error: "Insufficient role or User token does not have sufficient role.",
44
+ },
45
+ });
46
+ }
47
+ }
48
+ }
49
+ })(req, res, next);
50
+ }
51
+ }
52
+ }
53
+
54
+ const operators = {
55
+ $eq: (userValue, expected) => userValue === expected,
56
+ $ne: (userValue, expected) => userValue !== expected,
57
+ $in: (userValue, expected) => Array.isArray(expected) && expected.includes(userValue),
58
+ $not: (userValue, expected) => Array.isArray(expected) && !expected.includes(userValue),
59
+ $regex: (userValue, expected) =>
60
+ typeof userValue === 'string' && expected instanceof RegExp
61
+ ? expected.test(userValue)
62
+ : false,
63
+ $fn: (userValue, fn, user) => typeof fn === 'function' && fn(userValue, user),
64
+ };
65
+
66
+ const matchCondition = (userValue, condition, user) => {
67
+ if (typeof condition !== 'object' || condition instanceof RegExp || Array.isArray(condition)) {
68
+ return Array.isArray(condition)
69
+ ? operators.$in(userValue, condition)
70
+ : operators.$eq(userValue, condition);
71
+ }
72
+ // operator object
73
+ return Object.entries(condition).every(([op, expected]) => {
74
+ const handler = operators[op];
75
+ if (!handler) return false;
76
+ return handler(userValue, expected, user);
77
+ });
78
+ };
79
+
80
+ const checkRoleMiddlewareWithDefaultProject = (options) => {
81
+ return function (req, res, next) {
82
+ return checkRoleMiddleware(options)(req, res, next);
83
+ }
84
+ }
85
+
86
86
  module.exports = { checkRoleMiddleware, checkRoleMiddlewareWithDefaultProject };
@@ -1,29 +1,29 @@
1
- const _beech_ = require(appRoot + "/beech.config.js");
2
- const rateLimit = require("express-rate-limit");
3
- const tooManyMsg = {
4
- code: 429,
5
- status: "TOO_MANY_REQUEST",
6
- message: "Too Many Requests.",
7
- };
8
- let configure = {
9
- windowMs: (_beech_.defineConfig.server.rateLimit) ? _beech_.defineConfig.server.rateLimit.windowMs : 0,
10
- standardHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.standardHeaders || "draft-7") : "draft-7",
11
- legacyHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.legacyHeaders || false) : false,
12
- message: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.message || tooManyMsg) : tooManyMsg,
13
- };
14
- configure = {
15
- ..._beech_.defineConfig.server.rateLimit, // Override default configure with user configure.
16
- ...configure,
17
- keyGenerator: (req) => `${req.ip}:${req.params.hash}${req.params['0']}`,
18
- };
19
- const Limiter = (more_configure = {}) => {
20
- const middleware = rateLimit({
21
- ...configure,
22
- ...more_configure,
23
- });
24
- return (req, res, next) => {
25
- middleware(req, res, next);
26
- };
27
- };
28
-
29
- module.exports = { Limiter, rateLimit };
1
+ const _beech_ = require(appRoot + "/beech.config.js");
2
+ const rateLimit = require("express-rate-limit");
3
+ const tooManyMsg = {
4
+ code: 429,
5
+ status: "TOO_MANY_REQUEST",
6
+ message: "Too Many Requests.",
7
+ };
8
+ let configure = {
9
+ windowMs: (_beech_.defineConfig.server.rateLimit) ? _beech_.defineConfig.server.rateLimit.windowMs : 0,
10
+ standardHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.standardHeaders || "draft-7") : "draft-7",
11
+ legacyHeaders: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.legacyHeaders || false) : false,
12
+ message: (_beech_.defineConfig.server.rateLimit) ? (_beech_.defineConfig.server.rateLimit.message || tooManyMsg) : tooManyMsg,
13
+ };
14
+ configure = {
15
+ ..._beech_.defineConfig.server.rateLimit, // Override default configure with user configure.
16
+ ...configure,
17
+ keyGenerator: (req) => `${req.ip}:${req.params.hash}${req.params['0']}`,
18
+ };
19
+ const Limiter = (more_configure = {}) => {
20
+ const middleware = rateLimit({
21
+ ...configure,
22
+ ...more_configure,
23
+ });
24
+ return (req, res, next) => {
25
+ middleware(req, res, next);
26
+ };
27
+ };
28
+
29
+ module.exports = { Limiter, rateLimit };
@@ -1,2 +1,2 @@
1
- const { slowDown } = require("express-slow-down");
2
- module.exports = { slowDown };
1
+ const { slowDown } = require("express-slow-down");
2
+ module.exports = { slowDown };
@@ -1,6 +1,6 @@
1
- const { whitelist, sign } = require("./origin/whitelist/cors");
2
- const { avg } = require("./origin/guard/advance");
3
- const { Limiter } = require("./express/rateLimit");
4
- const { Duplicater } = require("./express/duplicateRequest");
5
-
6
- module.exports = { whitelist, sign, Limiter, Duplicater, avg };
1
+ const { whitelist, sign } = require("./origin/whitelist/cors");
2
+ const { avg } = require("./origin/guard/advance");
3
+ const { Limiter } = require("./express/rateLimit");
4
+ const { Duplicater } = require("./express/duplicateRequest");
5
+
6
+ module.exports = { whitelist, sign, Limiter, Duplicater, avg };
@@ -1,75 +1,75 @@
1
- const fs = require("fs");
2
- const passport_config_file = "/passport.config.js";
3
- const { avgDeHashIt } = require(__dirname + "/../../../helpers/math");
4
- const moment = require("moment");
5
-
6
- function avg(req, res, next) {
7
- // check passport file ?
8
- const checkPassport = new Promise((resolve) => {
9
- if (fs.existsSync(appRoot + "/passport.config.js")) {
10
- resolve([true, require(appRoot + passport_config_file)]);
11
- } else {
12
- resolve([false, null]);
13
- }
14
- });
15
- // promise all
16
- Promise.all([checkPassport]).then((final) => {
17
- /**
18
- * item[0] : Boolean = passport file found.
19
- * item[1] : Object = passport object. (for check on/off)
20
- */
21
- let item = final[0];
22
- let passport_config = item[1];
23
- // check passport file exists ?, when not exists go to next
24
- if(item[0]) {
25
- if ((passport_config.model.guard.advanced_guard) ? passport_config.model.guard.advanced_guard.allow : false) {
26
- let advanced_guard_entity = req.headers[passport_config.model.guard.advanced_guard.entity || "timing"];
27
- if (advanced_guard_entity) {
28
- if(advanced_guard_entity.length > 60) {
29
- //logic check advanced guard
30
- avgDeHashIt(advanced_guard_entity, (err, unixTime) => {
31
- if (err) {
32
- res.status(502).json({ code: 502, status: "BAD_GATEWAY", message: String(err) });
33
- return;
34
- }
35
- // prepare date & check it.
36
- let unixTimeNow = moment(new Date()).unix();
37
- let unixTiming = moment(new Date(unixTime * 1000)).add((passport_config.model.guard.advanced_guard.time_expired.minutes || 0), "minutes").add((passport_config.model.guard.advanced_guard.time_expired.seconds || 0), "seconds").unix();
38
- if((String(unixTimeNow).length == String(unixTiming).length) && unixTimeNow < unixTiming) {
39
- next();
40
- } else {
41
- res.status(408).json({ code: 408 , status: "REQUEST_TIMEOUT", message: "Request Timeout." });
42
- }
43
- });
44
- } else {
45
- res.status(400).json({
46
- code: 400,
47
- status: 'BAD_REQUEST',
48
- message: "Bad request.",
49
- info: {
50
- status: "BAD_VALUE",
51
- message: "Bad with wrong Advance guard key."
52
- },
53
- });
54
- }
55
- } else {
56
- res.status(400).json({
57
- code: 400,
58
- status: 'BAD_REQUEST',
59
- message: "Bad request.",
60
- info: {
61
- status: "BAD_ENTITY",
62
- message: "Bad Advanced guard Entity."
63
- },
64
- });
65
- }
66
- } else {
67
- next();
68
- }
69
- } else {
70
- next();
71
- }
72
- });
73
- }
74
-
75
- module.exports = { avg };
1
+ const fs = require("fs");
2
+ const passport_config_file = "/passport.config.js";
3
+ const { avgDeHashIt } = require(__dirname + "/../../../helpers/math");
4
+ const moment = require("moment");
5
+
6
+ function avg(req, res, next) {
7
+ // check passport file ?
8
+ const checkPassport = new Promise((resolve) => {
9
+ if (fs.existsSync(appRoot + "/passport.config.js")) {
10
+ resolve([true, require(appRoot + passport_config_file)]);
11
+ } else {
12
+ resolve([false, null]);
13
+ }
14
+ });
15
+ // promise all
16
+ Promise.all([checkPassport]).then((final) => {
17
+ /**
18
+ * item[0] : Boolean = passport file found.
19
+ * item[1] : Object = passport object. (for check on/off)
20
+ */
21
+ let item = final[0];
22
+ let passport_config = item[1];
23
+ // check passport file exists ?, when not exists go to next
24
+ if(item[0]) {
25
+ if ((passport_config.model.guard.advanced_guard) ? passport_config.model.guard.advanced_guard.allow : false) {
26
+ let advanced_guard_entity = req.headers[passport_config.model.guard.advanced_guard.entity || "timing"];
27
+ if (advanced_guard_entity) {
28
+ if(advanced_guard_entity.length > 60) {
29
+ //logic check advanced guard
30
+ avgDeHashIt(advanced_guard_entity, (err, unixTime) => {
31
+ if (err) {
32
+ res.status(502).json({ code: 502, status: "BAD_GATEWAY", message: String(err) });
33
+ return;
34
+ }
35
+ // prepare date & check it.
36
+ let unixTimeNow = moment(new Date()).unix();
37
+ let unixTiming = moment(new Date(unixTime * 1000)).add((passport_config.model.guard.advanced_guard.time_expired.minutes || 0), "minutes").add((passport_config.model.guard.advanced_guard.time_expired.seconds || 0), "seconds").unix();
38
+ if((String(unixTimeNow).length == String(unixTiming).length) && unixTimeNow < unixTiming) {
39
+ next();
40
+ } else {
41
+ res.status(408).json({ code: 408 , status: "REQUEST_TIMEOUT", message: "Request Timeout." });
42
+ }
43
+ });
44
+ } else {
45
+ res.status(400).json({
46
+ code: 400,
47
+ status: 'BAD_REQUEST',
48
+ message: "Bad request.",
49
+ info: {
50
+ status: "BAD_VALUE",
51
+ message: "Bad with wrong Advance guard key."
52
+ },
53
+ });
54
+ }
55
+ } else {
56
+ res.status(400).json({
57
+ code: 400,
58
+ status: 'BAD_REQUEST',
59
+ message: "Bad request.",
60
+ info: {
61
+ status: "BAD_ENTITY",
62
+ message: "Bad Advanced guard Entity."
63
+ },
64
+ });
65
+ }
66
+ } else {
67
+ next();
68
+ }
69
+ } else {
70
+ next();
71
+ }
72
+ });
73
+ }
74
+
75
+ module.exports = { avg };
@@ -1,94 +1,94 @@
1
- const fs = require("fs");
2
-
3
- function whitelist(cb) {
4
- var whitelists = [];
5
- const getWhitelists = new Promise((resolve) => {
6
- if (fs.existsSync(appRoot + "/beech.config.js")) {
7
- fs.readFile(appRoot + "/beech.config.js", "utf8", (err, e) => {
8
- if (!err) {
9
- let defineConfig = eval(e).defineConfig;
10
- let origin = defineConfig.server.origin;
11
- let originSensitive = defineConfig.server.originSensitive;
12
- let allAllow = origin.filter((allow) => {
13
- return allow == "*";
14
- });
15
- if (allAllow.length) {
16
- resolve([whitelists, originSensitive]);
17
- } else {
18
- resolve([origin, originSensitive]);
19
- }
20
- } else {
21
- // error resolve default whitelist
22
- resolve([whitelists, originSensitive]);
23
- }
24
- });
25
- } else {
26
- resolve([whitelists, originSensitive]);
27
- }
28
- });
29
- // promise all
30
- Promise.all([getWhitelists]).then((final) => {
31
- cb(final[0][0], final[0][1]);
32
- });
33
- }
34
-
35
- function sign(req, res, whitelist, originSensitive, cb) {
36
- try {
37
- const origin = req.headers.origin;
38
- let doYouSignSomeOrigin = false;
39
- //var host = req.get("host");
40
- console.log(`[${_requestTime_}] : From origin: ${origin || 'http://localhost'}`);
41
- // check whitelist length ?
42
- if (whitelist.length > 0) {
43
- whitelist.forEach((val, k) => {
44
- if (origin) {
45
- if (origin.indexOf(val) > -1) {
46
- doYouSignSomeOrigin = true;
47
- if (originSensitive) {
48
- res.setHeader("Access-Control-Allow-Origin", val);
49
- } else {
50
- res.setHeader("Access-Control-Allow-Origin", origin);
51
- }
52
- }
53
- }
54
- if (whitelist.length == k + 1) {
55
- if (!doYouSignSomeOrigin) {
56
- setLocalHeader(res);
57
- }
58
- }
59
- });
60
- } else {
61
- if(origin) {
62
- res.setHeader("Access-Control-Allow-Origin", origin); // add origin when not sign origin: []|["*"]
63
- } else {
64
- setLocalHeader(res);
65
- }
66
- }
67
- // Request methods you wish to allow
68
- res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, PATCH, DELETE");
69
- // Request headers you wish to allow
70
- res.setHeader(
71
- "Access-Control-Allow-Headers",
72
- "X-Requested-With",
73
- "Content-Type",
74
- "Accept",
75
- "Authorization",
76
- "Origin",
77
- "application/json; charset=utf-8"
78
- );
79
- // Set to true if you need the website to include cookies in the requests sent
80
- // to the API (e.g. in case you use sessions)
81
- res.setHeader("Access-Control-Allow-Credentials", true);
82
- // callback
83
- cb(null);
84
- } catch (error) {
85
- cb(error);
86
- }
87
- }
88
-
89
- function setLocalHeader(res) {
90
- res.setHeader("Access-Control-Allow-Origin", "http://localhost:" + _config_.main_config.app_port);
91
- res.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:" + _config_.main_config.app_port);
92
- }
93
-
94
- module.exports = { whitelist, sign };
1
+ const fs = require("fs");
2
+
3
+ function whitelist(cb) {
4
+ var whitelists = [];
5
+ const getWhitelists = new Promise((resolve) => {
6
+ if (fs.existsSync(appRoot + "/beech.config.js")) {
7
+ fs.readFile(appRoot + "/beech.config.js", "utf8", (err, e) => {
8
+ if (!err) {
9
+ let defineConfig = eval(e).defineConfig;
10
+ let origin = defineConfig.server.origin;
11
+ let originSensitive = defineConfig.server.originSensitive;
12
+ let allAllow = origin.filter((allow) => {
13
+ return allow == "*";
14
+ });
15
+ if (allAllow.length) {
16
+ resolve([whitelists, originSensitive]);
17
+ } else {
18
+ resolve([origin, originSensitive]);
19
+ }
20
+ } else {
21
+ // error resolve default whitelist
22
+ resolve([whitelists, originSensitive]);
23
+ }
24
+ });
25
+ } else {
26
+ resolve([whitelists, originSensitive]);
27
+ }
28
+ });
29
+ // promise all
30
+ Promise.all([getWhitelists]).then((final) => {
31
+ cb(final[0][0], final[0][1]);
32
+ });
33
+ }
34
+
35
+ function sign(req, res, whitelist, originSensitive, cb) {
36
+ try {
37
+ const origin = req.headers.origin;
38
+ let doYouSignSomeOrigin = false;
39
+ //var host = req.get("host");
40
+ console.log(`[${_requestTime_}] : From origin: ${origin || 'http://localhost'}`);
41
+ // check whitelist length ?
42
+ if (whitelist.length > 0) {
43
+ whitelist.forEach((val, k) => {
44
+ if (origin) {
45
+ if (origin.indexOf(val) > -1) {
46
+ doYouSignSomeOrigin = true;
47
+ if (originSensitive) {
48
+ res.setHeader("Access-Control-Allow-Origin", val);
49
+ } else {
50
+ res.setHeader("Access-Control-Allow-Origin", origin);
51
+ }
52
+ }
53
+ }
54
+ if (whitelist.length == k + 1) {
55
+ if (!doYouSignSomeOrigin) {
56
+ setLocalHeader(res);
57
+ }
58
+ }
59
+ });
60
+ } else {
61
+ if(origin) {
62
+ res.setHeader("Access-Control-Allow-Origin", origin); // add origin when not sign origin: []|["*"]
63
+ } else {
64
+ setLocalHeader(res);
65
+ }
66
+ }
67
+ // Request methods you wish to allow
68
+ res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, PATCH, DELETE");
69
+ // Request headers you wish to allow
70
+ res.setHeader(
71
+ "Access-Control-Allow-Headers",
72
+ "X-Requested-With",
73
+ "Content-Type",
74
+ "Accept",
75
+ "Authorization",
76
+ "Origin",
77
+ "application/json; charset=utf-8"
78
+ );
79
+ // Set to true if you need the website to include cookies in the requests sent
80
+ // to the API (e.g. in case you use sessions)
81
+ res.setHeader("Access-Control-Allow-Credentials", true);
82
+ // callback
83
+ cb(null);
84
+ } catch (error) {
85
+ cb(error);
86
+ }
87
+ }
88
+
89
+ function setLocalHeader(res) {
90
+ res.setHeader("Access-Control-Allow-Origin", "http://localhost:" + _config_.main_config.app_port);
91
+ res.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:" + _config_.main_config.app_port);
92
+ }
93
+
94
+ module.exports = { whitelist, sign };