npm - huxy-server - Versions diffs - 1.0.1 → 1.0.3 - Mend

huxy-server 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -52,8 +52,6 @@ startApp(config, (huxyConfig, app, httpServer) => {
 });
 ```
-`authToken` 默认值 '1234'，如不需要鉴权可以设置环境变量 `AUTH_TOKEN=false` 或设置 `config = {authToken: false}`。
 ### 直接使用 `appProxy`
 也可直接使用 `appProxy`，只需传入你的服务 `app` 和代理 `config` 即可。
@@ -65,6 +63,35 @@ appProxy(app, config);
 ```
+### API 鉴权配置
+包含 2 种鉴权方式：
+- apiKey：在请求头中 `x-api-key`或`x-huxy-auth` 里设置 `authToken` 值。
+- jwt：在请求头中 `authorization` 里设置 `Bearer ${token}` 进行用户验证。
+默认不需要鉴权 `authToken: false` ，设置环境变量 `AUTH_TOKEN=false` 或 `config = {authToken: false}` 即可。如需鉴权选择上述 2 种方式中的一种即可，优先进行 `authToken` 认证。
+可配置免认证路由，如：`whitePathList: ['/health', '/status']` 。
+也可配置免认证 `authKeys` ：如：`whiteAuthKeys: ['1234', '2234']` 。
+配置示例：
+```javascript
+const config = {
+  // apiKey
+  authToken: '1234',
+  // jwt
+  secret: 'your-secret-key',
+  expiresIn: '30d',
+  issuer: 'your-app',
+  // white list
+  whiteAuthKeys: ['1234', '2234'],
+  whitePathList: ['/health', '/status'],
+};
+```
 ### 环境变量
 项目支持以下环境变量：

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "huxy-server",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "一个精炼、高性能的 Express.js 服务器模板，为现代 Node.js 应用程序设计，提供灵活的功能和最佳实践。",
   "type": "module",
   "module": "./src/index.js",
@@ -36,7 +36,7 @@
   },
   "dependencies": {
     "http-proxy-middleware": "^3.0.5",
-    "huxy-node-server": "^1.0.0",
+    "huxy-node-server": "^1.0.1",
     "jsonwebtoken": "^9.0.3"
   },
   "engines": {

package/src/index.js CHANGED Viewed

@@ -1,144 +1,147 @@
 import {
-  startServer as O,
-  startStatic as W,
-  logger as Z,
-  createLogger as q,
-  dateTime as ee,
-  localIPs as te,
-  nodeArgs as re,
-  getEnvConfig as se,
-  checkPort as oe,
-  getDirName as ae,
-  resolvePath as ne,
+  startServer as W,
+  startStatic as L,
+  logger as q,
+  createLogger as ee,
+  dateTime as te,
+  localIPs as re,
+  nodeArgs as se,
+  getEnvConfig as oe,
+  checkPort as ae,
+  getDirName as ne,
+  resolvePath as ie,
 } from 'huxy-node-server';
-import {createProxyMiddleware as E} from 'http-proxy-middleware';
-import {dateTime as I} from 'huxy-node-server';
+import {createProxyMiddleware as I} from 'http-proxy-middleware';
+import {dateTime as $} from 'huxy-node-server';
 import T from 'jsonwebtoken';
-var m = (r, e = {secret, ...opt}) => T.verify(r, secret, opt);
-var f =
+var f = (r, e = {secret, ...opt}) => T.verify(r, secret, opt);
+var x =
   (r = {}) =>
   (e, t, s) => {
-    let n = e.headers.authorization;
-    if (!n) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'}));
-    if (!n.startsWith('Bearer '))
+    let o = e.headers.authorization;
+    if (!o) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'}));
+    if (!o.startsWith('Bearer '))
       return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u672A\u63D0\u4F9B\u6709\u6548\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u672A\u63D0\u4F9B\u6709\u6548\u8BA4\u8BC1\u4FE1\u606F'}));
-    let a = n.split(' ')[1];
-    if (!a) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'), t.status(401).json({message: '\u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'}));
+    let n = o.split(' ')[1];
+    if (!n) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'), t.status(401).json({message: '\u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'}));
     try {
-      let o = m(a, r);
-      (e.log.info(o, '\u8BA4\u8BC1\u6210\u529F'), (e.user = o), s());
-    } catch (o) {
-      return o.name === 'TokenExpiredError'
+      let a = f(n, r);
+      (e.log.info(a, '\u8BA4\u8BC1\u6210\u529F'), (e.user = a), s());
+    } catch (a) {
+      return a.name === 'TokenExpiredError'
         ? (e.log.warn({ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u4EE4\u724C\u5DF2\u8FC7\u671F'), t.status(401).json({message: '\u4EE4\u724C\u5DF2\u8FC7\u671F'}))
-        : o.name === 'JsonWebTokenError'
+        : a.name === 'JsonWebTokenError'
           ? (e.log.warn({ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u65E0\u6548\u7684\u4EE4\u724C'), t.status(403).json({message: '\u65E0\u6548\u7684\u4EE4\u724C'}))
-          : o instanceof AuthorizationError
-            ? (e.log.warn({ip: e.ip}, `\u8BA4\u8BC1\u5931\u8D25: ${o.message}`), t.status(o.status).json({message: o.message}))
-            : (e.log.warn({err: o, ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'), t.status(500).json({message: '\u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'}));
+          : a instanceof AuthorizationError
+            ? (e.log.warn({ip: e.ip}, `\u8BA4\u8BC1\u5931\u8D25: ${a.message}`), t.status(a.status).json({message: a.message}))
+            : (e.log.warn({err: a, ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'), t.status(500).json({message: '\u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'}));
     }
   };
-var j =
+var v =
     ({whiteAuthKeys: r = [], whiteAuthPaths: e = [], config: t = {}}) =>
-    (s, n, a) => {
-      if (s.method === 'OPTIONS' || e.includes(s.path)) return a();
-      let {authToken: o} = t;
-      if (o === !1 || o === 'false') return a();
-      let p = s.headers['x-huxy-auth'] || s.headers['x-api-key'];
-      if (p === o || r.includes(p)) return a();
-      let {secret: c, expiresIn: u, algorithm: i, issuer: h} = t;
-      f({secret: c, expiresIn: u, algorithm: i, issuer: h})(s, n, a);
+    (s, o, n) => {
+      if (s.method === 'OPTIONS' || e.includes(s.path)) return n();
+      let {authToken: a} = t;
+      if (a === !1 || a === 'false') return n();
+      let i = s.headers['x-huxy-auth'] || s.headers['x-api-key'];
+      if ((i && i === a) || r.includes(i)) return n();
+      let {secret: c, expiresIn: l, algorithm: p, issuer: h} = t;
+      x({secret: c, expiresIn: l, algorithm: p, issuer: h})(s, o, n);
     },
-  x = j;
-var v = ['x-powered-by', 'server'],
-  y = (r, e) => {
+  y = v;
+var H = ['x-powered-by', 'server'],
+  w = (r, e) => {
     let t = new Headers(r);
     return (headersToRemove.forEach(s => t.delete(s)), t.set('Host', e), t.set('User-Agent', 'IHUXY-API/1.0'), t);
   },
-  w = r => {
+  g = r => {
     let e = new Headers(r);
     return (
-      v.forEach(t => e.delete(t)),
+      H.forEach(t => e.delete(t)),
       e.set('Access-Control-Allow-Origin', '*'),
       e.set('X-Content-Type-Options', 'nosniff'),
       e.get('content-type')?.includes('text/event-stream') && ((e['Cache-Control'] = 'no-cache, no-transform'), (e.Connection = 'keep-alive'), (e['X-Accel-Buffering'] = 'no')),
       e
     );
   };
-var H = r => Object.prototype.toString.call(r).slice(8, -1).toLowerCase(),
-  R = r => (H(r) === 'object' ? [r] : Array.isArray(r) ? r : []),
-  g = (r, e) => R(r).map(t => ((t.prefix = `${e}${t.prefix ?? `/${t.name}`}`.replace('//', '/')), t)),
-  P = (r, e) => ['/', '/health', e, ...r].map(t => `${e}${t}`.replace('//', '/'));
-var $ = ({target: r = 'http://localhost:11434', prefix: e = '/api', ...t} = {}, s = !1) => ({
+var R = r => Object.prototype.toString.call(r).slice(8, -1).toLowerCase(),
+  E = r => (R(r) === 'object' ? [r] : Array.isArray(r) ? r : []),
+  A = (r, e) => E(r).map(t => ((t.prefix = `${e}${t.prefix ?? `/${t.name}`}`.replace('//', '/')), t)),
+  u = r => (Array.isArray(r) ? r : []).filter(Boolean),
+  P = (r, e) => ['/', '/health', e, ...u(r)].map(t => `${e}${t}`.replace('//', '/'));
+var S = ({target: r = 'http://localhost:11434', prefix: e = '/api', ...t} = {}, s = !1) => ({
     target: r,
     pathRewrite: {[`^${e}`]: ''},
     changeOrigin: !0,
     selfHandleResponse: !1,
-    onProxyReq: (n, a, o) => {
-      !s && y(n.headers, r);
+    onProxyReq: (o, n, a) => {
+      !s && w(o.headers, r);
     },
-    onProxyRes: (n, a, o) => {
-      !s && w(n.headers);
+    onProxyRes: (o, n, a) => {
+      !s && g(o.headers);
     },
-    onError: (n, a, o) => {
-      (a.log.error({err: n}, '\u4EE3\u7406\u9519\u8BEF'), o.headersSent || o.status(502).json({error: '\u7F51\u5173\u9519\u8BEF'}));
+    onError: (o, n, a) => {
+      (n.log.error({err: o}, '\u4EE3\u7406\u9519\u8BEF'), a.headersSent || a.status(502).json({error: '\u7F51\u5173\u9519\u8BEF'}));
     },
     ...t,
   }),
-  S = (r, e) => {
-    let t = {status: 'OK', message: `API \u670D\u52A1\u5668\u8FD0\u884C\u4E2D -> ${e}`, timestamp: I(), uptime: process.uptime(), memoryUsage: process.memoryUsage()};
-    r.get(`${e}/health`.replace('//', '/'), (s, n) => {
-      n.status(200).json(t);
-    });
+  k = (r, e) => {
+    let t = {status: 'OK', message: `API \u670D\u52A1\u5668\u8FD0\u884C\u4E2D \u{1F449} ${e}`, timestamp: $(), uptime: process.uptime(), memoryUsage: process.memoryUsage()};
+    (r.get(e, (s, o) => {
+      o.status(200).json(t);
+    }),
+      r.get(`${e}/health`.replace('//', '/'), (s, o) => {
+        o.status(200).json(t);
+      }));
   },
-  k = (r, e = {}, t) => {
-    let {apiPrefix: s, proxys: n = [], whiteAuthKeys: a = [], whitePathList: o = [], preserve: p = !1} = e,
-      c = g(n, s);
+  C = (r, e = {}, t) => {
+    let {apiPrefix: s, proxys: o = [], whiteAuthKeys: n = [], whitePathList: a = [], preserve: i = !1} = e,
+      c = A(o, s);
     if (!c.length) return;
-    (t.info(`\u{1F4DD} API \u63A5\u53E3\u5730\u5740: http://${e.host}:${e.port}${s}`), S(r, s));
-    let u = x({whiteAuthKeys: a, whitePathList: P(o, s), config: e});
-    c.map(({prefix: i, target: h}) => {
-      let A = $({prefix: i, target: h}, p);
-      (r.use(i, u, E(A)), t.info(`\u2705 \u4EE3\u7406\u4E2D ${i} -> ${h}`));
+    (t.info(`\u{1F4DD} API \u63A5\u53E3\u5730\u5740: http://${e.host}:${e.port}${s}`), k(r, s));
+    let l = y({whiteAuthKeys: u(n), whitePathList: P(a, s), config: e});
+    c.map(({prefix: p, target: h}) => {
+      let j = S({prefix: p, target: h}, i);
+      (r.use(p, l, I(j)), t.info(`\u2705 \u4EE3\u7406\u4E2D ${p} \u{1F449} ${h}`));
     });
   },
-  l = k;
-var C = {
+  d = C;
+var O = {
     port: parseInt(process.env.PORT || '8080', 10),
     host: process.env.HOST || 'localhost',
     apiPrefix: process.env.API_PREFIX || '/api',
-    authToken: '1234',
+    authToken: !1,
     proxys: [],
-    whiteAuthKeys: ['ihuxy'],
     whitePathList: ['/health'],
     algorithm: 'HS256',
     secret: process.env.JWT_SECRET || 'ah.yiru@gmail.com',
     expiresIn: process.env.JWT_EXPIRES_IN || '30d',
     issuer: process.env.JWT_ISSUER || 'huxyApp',
   },
-  d = C;
-var L = (r, e) =>
-    O({...d, ...r}, async (t, s, n, a) => {
-      (await e?.(t, s, n, a), l(s, t, a));
+  m = O;
+var M = (r, e) =>
+    W({...m, ...r}, async (t, s, o, n) => {
+      (await e?.(t, s, o, n), d(s, t, n));
     }),
-  ce = L,
-  he = (r, e) =>
-    W({...d, ...r}, async (t, s, n, a) => {
-      (await e?.(t, s, n, a), l(s, t, a));
+  he = M,
+  le = (r, e) =>
+    L({...m, ...r}, async (t, s, o, n) => {
+      (await e?.(t, s, o, n), d(s, t, n));
     });
 export {
-  l as appProxy,
-  oe as checkPort,
-  q as createLogger,
-  ee as dateTime,
-  ce as default,
-  ae as getDirName,
-  se as getEnvConfig,
-  te as localIPs,
-  Z as logger,
-  re as nodeArgs,
-  ne as resolvePath,
-  L as startApp,
-  O as startServer,
-  W as startStatic,
-  he as startStaticApp,
+  d as appProxy,
+  ae as checkPort,
+  ee as createLogger,
+  te as dateTime,
+  he as default,
+  ne as getDirName,
+  oe as getEnvConfig,
+  re as localIPs,
+  q as logger,
+  se as nodeArgs,
+  ie as resolvePath,
+  M as startApp,
+  W as startServer,
+  L as startStatic,
+  le as startStaticApp,
 };