lupine.api 1.1.45 → 1.1.47

package/admin/admin-release.tsx

@@ -10,13 +10,6 @@ import {
   downloadStream,
 } from 'lupine.components';
 
-interface DirProps {
-  name: string;
-  time: string;
-  size: number;
-  dir: boolean;
-  items?: DirProps[];
-}
 interface ReleaseListProps {
   result: any;
   onUpdate: () => void;
@@ -101,7 +94,7 @@ const ReleaseList = (props: ReleaseListProps) => {
               </label>
             </div>
           ))}
-          <label class='label mr-m release-label'>(Only update index.js file)</label>
+          <label class='label mr-m release-label'>(Skip *.js.map files)</label>
         </div>
       </div>
       <LogList logs={props.result.logs} onLogClick={props.onLogClick} />
@@ -123,12 +116,13 @@ const LogList = (props: {
       <div class='row-box mt-m'>
         <label class='label mr-m release-label'>Logs:</label>
         <div type='text'>
-          {props.logs && props.logs.map((log: { name: string; size: number; time: string }) => (
-            <div>
-              <label class='release-log' onClick={() => props.onLogClick(log.name)}>{`${log.name}`}</label> ({log.time};{' '}
-              {formatBytes(log.size)}){' '}
-            </div>
-          ))}
+          {props.logs &&
+            props.logs.map((log: { name: string; size: number; time: string }) => (
+              <div>
+                <label class='release-log' onClick={() => props.onLogClick(log.name)}>{`${log.name}`}</label> (
+                {log.time}; {formatBytes(log.size)}){' '}
+              </div>
+            ))}
         </div>
       </div>
     </div>
@@ -138,7 +132,7 @@ const LogList = (props: {
 export const AdminReleasePage = () => {
   const fetchData = async (options: { targetUrl: string; accessToken: string; log?: boolean }) => {
     const data = await getRenderPageProps().renderPageFunctions.fetchData('/api/admin/release/check', options);
-    console.log('AdminRelease', data);
+    console.log('release/check', data);
     return data.json;
   };
   const css: CssProps = {
@@ -153,11 +147,18 @@ export const AdminReleasePage = () => {
   const domLog = new HtmlVar('');
   const domUpdate = new HtmlVar('');
   const getDomData = () => {
-    const dataOld = JSON.parse(localStorage.getItem('admin-release') || '{}');
+    const domFromList = ref.$('.from-list');
+    let fromValue = '';
+    if (!domFromList) {
+      const dataOld = JSON.parse(localStorage.getItem('admin-release') || '{}');
+      fromValue = dataOld.fromList;
+    } else {
+      fromValue = domFromList.value;
+    }
     const data = {
-      targetUrl: DomUtils.getValue('.target-url'),
-      accessToken: DomUtils.getValue('.access-token'),
-      fromList: DomUtils.getValue('.from-list') || dataOld.fromList,
+      targetUrl: ref.$('.target-url').value,
+      accessToken: ref.$('.access-token').value,
+      fromList: fromValue,
     };
     localStorage.setItem('admin-release', JSON.stringify(data));
     return data;
@@ -170,18 +171,23 @@ export const AdminReleasePage = () => {
       return;
     }
 
-    const fromList = DomUtils.getValue('.from-list');
-    const toList = DomUtils.getValue('.to-list');
-    const chkServer = DomUtils.getChecked('.chk-server');
-    const chkApi = DomUtils.getChecked('.chk-api');
-    const chkWeb = DomUtils.getChecked('.chk-web');
-    const webSub = DomUtils.getValue('.input-web-sub');
-    const webSubs = document.querySelectorAll<HTMLInputElement>('.chk-web-sub');
+    const fromList = ref.$('.from-list').value;
+    const toList = ref.$('.to-list').value;
+    const chkServer = ref.$('.chk-server').checked;
+    const chkApi = ref.$('.chk-api').checked;
+    const chkWeb = ref.$('.chk-web').checked;
+    // const webSub = ref.$('.input-web-sub').value;
+    const webSubs = ref.$all('.chk-web-sub') as HTMLInputElement[];
     const webSubsChecked = Array.from(webSubs)
       .filter((input) => input.checked)
       .map((input) => input.value);
-    const chkEnv = DomUtils.getChecked('.chk-env');
-    const chkBackup = DomUtils.getChecked('.chk-backup');
+    const wrongWebSubs = webSubsChecked.filter((s) => !s.startsWith(fromList + '_web/'));
+    if (wrongWebSubs.length > 0) {
+      NotificationMessage.sendMessage(`Some web sub folder is not under ${fromList}`, NotificationColor.Error);
+      return;
+    }
+    const chkEnv = ref.$('.chk-env').checked;
+    const chkBackup = ref.$('.chk-backup').checked;
     if (!chkServer && !chkApi && !chkWeb && !chkEnv) {
       NotificationMessage.sendMessage('Please select the release options', NotificationColor.Error);
       return;
@@ -202,16 +208,19 @@ export const AdminReleasePage = () => {
       chkServer,
       chkApi,
       chkWeb,
-      webSub, // will be deprecated
+      // webSub, // will be deprecated
       webSubs: webSubsChecked,
       chkEnv,
       chkBackup,
     });
     const dataResponse = await response.json;
-    console.log('AdminRelease', dataResponse);
+    console.log('release/update', dataResponse);
     releaseUpdateBtn.disabled = false;
     if (!dataResponse || dataResponse.status !== 'ok') {
-      NotificationMessage.sendMessage(dataResponse.message || 'Failed to update release', NotificationColor.Error);
+      NotificationMessage.sendMessage(
+        dataResponse.message || 'Failed to update release (timeout, possibly backend is runing, please wait!)',
+        NotificationColor.Error
+      );
       return;
     }
     NotificationMessage.sendMessage('Release updated successfully', NotificationColor.Success);

package/admin/admin-table-list.tsx

@@ -1,5 +1,4 @@
 import {
-  DomUtils,
   NotificationColor,
   NotificationMessage,
   CssProps,
@@ -8,8 +7,8 @@ import {
   mountInnerComponent,
   downloadLink,
 } from 'lupine.components';
-import { adminFrameProps } from './admin-frame-props';
 import { TableDataPage } from './admin-table-data';
+import { adminFrameHelper } from './admin-frame-helper';
 
 const fetchTableList = async () => {
   const data = await getRenderPageProps().renderPageFunctions.fetchData('/api/admin/db/tables/list');
@@ -29,10 +28,10 @@ const fetchTableTruncateAll = async () => {
 };
 
 export const TableListPage = () => {
-  const refUpdate = adminFrameProps.tabsHook;
+  const refUpdate = adminFrameHelper.getTabsHook();
 
   const openTablePanel = async (tableName: string) => {
-    if (refUpdate?.getCount && refUpdate.getCount() > adminFrameProps.maxTabsCount) {
+    if (refUpdate?.getCount && refUpdate.getCount() > adminFrameHelper.getMaxTabsCount()) {
       alert('You are opening too many pages');
       return;
     }

package/admin/index.ts

@@ -1,6 +1,9 @@
 export * from './admin-css';
+export * from './admin-db';
+export * from './admin-frame';
+export * from './admin-frame-helper';
 export * from './admin-index';
 export * from './admin-login';
-// export * from './admin-users';
-export * from './admin-frame';
-export * from './admin-db';
+export * from './admin-release';
+export * from './admin-tokens';
+export * from './admin-performance';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lupine.api",
-  "version": "1.1.45",
+  "version": "1.1.47",
   "license": "MIT",
   "author": "uuware.com",
   "homepage": "https://github.com/uuware/lupine.js",

package/src/admin-api/admin-api-helper.ts

@@ -0,0 +1,205 @@
+import { ServerResponse } from 'http';
+import { ApiHelper } from '../api';
+import { CryptoUtils, Logger } from '../lib';
+import { ServerRequest } from '../models';
+
+/*
+dev-admin uses different authentication method from frontend.
+dev-admin only provides fixed username and password authentication, no user maintenance.
+saved cookie name: _token_dev
+*/
+
+// DEFAULT_ADMIN_PASS is DEFAULT_ADMIN_NAME + ':' + login password hash.
+// Use below command to generate hash:
+// node -e "console.log(require('crypto').createHash('md5').update('admin:F4AZ5O@2fPUjw%f$LmhZpJTQ^DoXnWPkH#hqE', 'utf8').digest('hex'))"
+export type DevAdminSessionProps = {
+  u: string; // username
+  t: string; // type: admin, user
+  ip: string;
+  h: string; // md5 of name+pass
+};
+
+/*
+dev admin has more permissions than app admin, and the dashboard also supports for app admin only users.
+app admin is supposed to manage the application, not the site, and may have different fields in cookie.
+This is a sample how to set login process for app admin.
+
+export const appAdminHookSetCookie: AppAdminHookSetCookieProps = async (
+  req: ServerRequest,
+  res: ServerResponse,
+  username: string
+) => {
+  const cryptoKey = process.env['CRYPTO_KEY'];
+  const u = process.env['ADMIN_USER'];
+  const p = process.env['ADMIN_PASS'];
+  if (!cryptoKey || !u || !p) {
+    return {};
+  }
+
+  const specialToken = CryptoUtils.hash((u + ':' + p) as string);
+  const loginJson: LoginJsonProps = {
+    ip: '',
+    id: 0,
+    u: u,
+    t: 'admin',
+    h: specialToken,
+  };
+
+  const token = JSON.stringify(loginJson);
+  const tokenCookie = CryptoUtils.encrypt(token, cryptoKey);
+  const response = {
+    status: 'ok',
+    message: langHelper.getLang('shared:login_success'),
+    result: tokenCookie,
+    user: {
+      u: loginJson.u,
+      t: loginJson.t,
+    },
+  };
+
+  // sameSite: 'none' needs secure=true
+  req.locals.setCookie('_token', tokenCookie, {
+    expireDays: 360,
+    path: '/',
+    httpOnly: false,
+    secure: true,
+    sameSite: 'none',
+  });
+  return response;
+};
+
+export const appAdminHookCheckLogin: AppAdminHookCheckLoginProps = async (
+  req: ServerRequest,
+  res: ServerResponse,
+  username: string,
+  password: string
+) => {
+  if (process.env['ADMIN_PASS'] && username === process.env['ADMIN_USER'] && password === process.env['ADMIN_PASS']) {
+    const appAdminResponse = await appAdminHookSetCookie(req, res, username);
+    ApiHelper.sendJson(req, res, appAdminResponse);
+    return true;
+  }
+  return false;
+};
+
+adminHelper.setAppAdminHookSetCookie(appAdminHookSetCookie);
+adminHelper.setAppAdminHookCheckLogin(appAdminHookCheckLogin);
+*/
+export type AppAdminHookSetCookieProps = (req: ServerRequest, res: ServerResponse, username: string) => Promise<any>;
+export type AppAdminHookCheckLoginProps = (req: ServerRequest, res: ServerResponse, username: string, password: string) => Promise<boolean>;
+export type AppAdminHookLogoutProps = (req: ServerRequest, res: ServerResponse) => Promise<void>;
+
+export const DEV_ADMIN_TYPE = 'dev-admin';
+export const DEV_ADMIN_CRYPTO_KEY_NAME = 'DEV_CRYPTO_KEY';
+export const DEV_ADMIN_SESSION_NAME = '_token_dev';
+export class AdminApiHelper {
+  private static instance: AdminApiHelper;
+  private logger = new Logger('admin-api');
+
+  private constructor() {}
+
+  public static getInstance(): AdminApiHelper {
+    if (!AdminApiHelper.instance) {
+      AdminApiHelper.instance = new AdminApiHelper();
+    }
+    return AdminApiHelper.instance;
+  }
+
+  private AppAdminHookSetCookie?: AppAdminHookSetCookieProps;
+  setAppAdminHookSetCookie(hook: AppAdminHookSetCookieProps) {
+    this.AppAdminHookSetCookie = hook;
+  }
+  getAppAdminHookSetCookie() {
+    return this.AppAdminHookSetCookie;
+  }
+
+  private AppAdminHookCheckLogin?: AppAdminHookCheckLoginProps;
+  setAppAdminHookCheckLogin(hook: AppAdminHookCheckLoginProps) {
+    this.AppAdminHookCheckLogin = hook;
+  }
+  getAppAdminHookCheckLogin() {
+    return this.AppAdminHookCheckLogin;
+  }
+
+  private AppAdminHookLogout?: AppAdminHookLogoutProps;
+  setAppAdminHookLogout(hook: AppAdminHookLogoutProps) {
+    this.AppAdminHookLogout = hook;
+  }
+  getAppAdminHookLogout() {
+    return this.AppAdminHookLogout;
+  }
+
+  decryptJson(text: string) {
+    const cryptoKey = process.env[DEV_ADMIN_CRYPTO_KEY_NAME];
+    if (cryptoKey && text) {
+      try {
+        const deCrypto = CryptoUtils.decrypt(text, cryptoKey);
+        const json = JSON.parse(deCrypto);
+        return json;
+      } catch (error: any) {
+        this.logger.error(error.message);
+      }
+    }
+    return false;
+  }
+
+  encryptJson(jsonOrText: string | object) {
+    const cryptoKey = process.env[DEV_ADMIN_CRYPTO_KEY_NAME];
+    if (cryptoKey && jsonOrText) {
+      try {
+        const text = typeof jsonOrText === 'string' ? jsonOrText : JSON.stringify(jsonOrText);
+        const encryptText = CryptoUtils.encrypt(text, cryptoKey);
+        return encryptText;
+      } catch (error: any) {
+        this.logger.error(error.message);
+      }
+    }
+    return false;
+  }
+
+  async getDevAdminFromCookie(
+    req: ServerRequest,
+    res: ServerResponse,
+    sendResponseWhenError = true
+  ): Promise<DevAdminSessionProps | false> {
+    try {
+      const cookies = req.locals.cookies();
+      const token = cookies.get(DEV_ADMIN_SESSION_NAME, '');
+      if (token) {
+        const json = this.decryptJson(token) as DevAdminSessionProps;
+        if (!json || json.t !== DEV_ADMIN_TYPE) {
+          if (sendResponseWhenError) {
+            const response = {
+              status: 'error',
+              message: 'Wrong session data, contact site admin please.',
+            };
+            ApiHelper.sendJson(req, res, response);
+          }
+          return false;
+        }
+
+        // if it's special admin
+        if (json.h && json.u === process.env['DEV_ADMIN_USER']) {
+          const hash = CryptoUtils.hash(process.env['DEV_ADMIN_USER'] + ':' + process.env['DEV_ADMIN_PASS']);
+          if (json.h === hash) {
+            return json;
+          }
+        }
+        return false;
+      }
+    } catch (error: any) {
+      this.logger.error(error.message);
+    }
+    if (sendResponseWhenError) {
+      const response = {
+        status: 'error',
+        message: 'Please login to use this system.',
+      };
+      ApiHelper.sendJson(req, res, response);
+    }
+    return false;
+  }
+}
+
+// add comment for tree shaking
+export const adminApiHelper = /* @__PURE__ */ AdminApiHelper.getInstance();

package/src/admin-api/admin-api.ts

@@ -2,7 +2,7 @@ import { ServerResponse } from 'http';
 // import { AdminUser } from './admin-user';
 import { AdminDb } from './admin-db';
 import { AdminMenu } from './admin-menu';
-import { devAdminAuth, needDevAdminSession } from './admin-auth';
+import { devAdminAuth, devAdminLogout, needDevAdminSession } from './admin-auth';
 import { AdminPerformance } from './admin-performance';
 import { AdminRelease } from './admin-release';
 import { AdminResources } from './admin-resources';
@@ -10,7 +10,7 @@ import { AdminTokens } from './admin-tokens';
 import { AdminConfig } from './admin-config';
 import { Logger } from '../lib';
 import { IApiBase, ServerRequest } from '../models';
-import {ApiRouter } from '../api';
+import { ApiRouter } from '../api';
 
 const logger = new Logger('admin-api');
 
@@ -55,5 +55,8 @@ export class AdminApi implements IApiBase {
     this.router.use('/auth', async (req: ServerRequest, res: ServerResponse) => {
       return devAdminAuth(req, res);
     });
+    this.router.use('/logout', async (req: ServerRequest, res: ServerResponse) => {
+      return devAdminLogout(req, res);
+    });
   }
 }

package/src/admin-api/admin-auth.ts

@@ -1,12 +1,13 @@
 import { ServerResponse } from 'http';
 import { Logger, ServerRequest, ApiHelper } from 'lupine.api';
 import { CryptoUtils } from '../lib/utils/crypto';
-import { adminHelper, DEV_ADMIN_CRYPTO_KEY_NAME, DEV_ADMIN_TYPE, DevAdminSessionProps } from './admin-helper';
+import { adminApiHelper, DEV_ADMIN_CRYPTO_KEY_NAME, DEV_ADMIN_TYPE, DevAdminSessionProps } from './admin-api-helper';
 import { langHelper } from '../lang';
 
 const logger = new Logger('admin-auth');
+
 export const needDevAdminSession = async (req: ServerRequest, res: ServerResponse) => {
-  const devAdminSession = await adminHelper.getDevAdminFromCookie(req, res, true);
+  const devAdminSession = await adminApiHelper.getDevAdminFromCookie(req, res, true);
   if (!devAdminSession) {
     // return true to skip the rest of the middleware
     return true;
@@ -18,8 +19,8 @@ export const needDevAdminSession = async (req: ServerRequest, res: ServerRespons
 export const devAdminAuth = async (req: ServerRequest, res: ServerResponse) => {
   const cryptoKey = process.env[DEV_ADMIN_CRYPTO_KEY_NAME];
   if (!cryptoKey) {
-    const msg = langHelper.getLang('shared:crypto_key_not_set', {
-      cryptoKey: DEV_ADMIN_CRYPTO_KEY_NAME,
+    const msg = langHelper.getLang('shared:name_not_set', {
+      name: 'ENV ' + DEV_ADMIN_CRYPTO_KEY_NAME,
     });
     logger.error(msg);
     const response = {
@@ -31,7 +32,7 @@ export const devAdminAuth = async (req: ServerRequest, res: ServerResponse) => {
   }
   if (!process.env['DEV_ADMIN_PASS']) {
     const msg = langHelper.getLang('shared:name_not_set', {
-      name: 'DEV_ADMIN_PASS',
+      name: 'ENV DEV_ADMIN_PASS',
     });
     logger.error(msg);
     const response = {
@@ -46,14 +47,34 @@ export const devAdminAuth = async (req: ServerRequest, res: ServerResponse) => {
   const data = req.locals.json();
   if (!data || Array.isArray(data) || !data.u || !data.p) {
     // if session already exists, use session data login
-    const devAdminSession = await adminHelper.getDevAdminFromCookie(req, res, true);
+    const devAdminSession = await adminApiHelper.getDevAdminFromCookie(req, res, false);
     if (!devAdminSession) {
+      // check is app admin
+      const appAdminHookCheckLogin = adminApiHelper.getAppAdminHookCheckLogin();
+      if (appAdminHookCheckLogin) {
+        if (await appAdminHookCheckLogin(req, res, '', '')) {
+          return true;
+        }
+      }
+
+      const response = {
+        status: 'error',
+        message: 'Please login to use this system.',
+      };
+      ApiHelper.sendJson(req, res, response);
       return true;
     }
+    // if it's dev admin, then set app admin cookie as well
+    let addLoginResponse = {};
+    const appAdminHookSetCookie = adminApiHelper.getAppAdminHookSetCookie();
+    if (appAdminHookSetCookie) {
+      addLoginResponse = await appAdminHookSetCookie(req, res, devAdminSession.u);
+    }
     const response = {
+      ...addLoginResponse,
       status: 'ok',
       message: langHelper.getLang('shared:login_success'),
-      result: CryptoUtils.encrypt(JSON.stringify(devAdminSession), cryptoKey),
+      devLogin: CryptoUtils.encrypt(JSON.stringify(devAdminSession), cryptoKey),
     };
     ApiHelper.sendJson(req, res, response);
     return true;
@@ -68,15 +89,40 @@ export const devAdminAuth = async (req: ServerRequest, res: ServerResponse) => {
       h: CryptoUtils.hash(data.u + ':' + data.p),
     };
     const token = JSON.stringify(devSession);
+    const tokenCookie = CryptoUtils.encrypt(token, cryptoKey);
+
+    // if it's dev admin, then set app admin cookie as well
+    let addLoginResponse = {};
+    const appAdminHookSetCookie = adminApiHelper.getAppAdminHookSetCookie();
+    if (appAdminHookSetCookie) {
+      addLoginResponse = await appAdminHookSetCookie(req, res, data.u);
+    }
+
     const response = {
+      ...addLoginResponse,
       status: 'ok',
       message: langHelper.getLang('shared:login_success'),
-      result: CryptoUtils.encrypt(token, cryptoKey),
+      devLogin: tokenCookie,
     };
+    req.locals.setCookie('_token', tokenCookie, {
+      expireDays: 360,
+      path: '/',
+      httpOnly: false,
+      secure: true,
+      sameSite: 'none',
+    });
     ApiHelper.sendJson(req, res, response);
     return true;
   }
 
+  // check is app admin
+  const appAdminHookCheckLogin = adminApiHelper.getAppAdminHookCheckLogin();
+  if (appAdminHookCheckLogin) {
+    if (await appAdminHookCheckLogin(req, res, data.u as string, data.p as string)) {
+      return true;
+    }
+  }
+
   logger.info(`dev admin login failed: ${((data.u as string) || '').substring(0, 30)}`);
   const response = {
     status: 'error',
@@ -85,3 +131,10 @@ export const devAdminAuth = async (req: ServerRequest, res: ServerResponse) => {
   ApiHelper.sendJson(req, res, response);
   return true;
 };
+
+export const devAdminLogout = async (req: ServerRequest, res: ServerResponse) => {
+  req.locals.setCookie('_token_dev', '', { expireDays: 360, path: '/', httpOnly: false, secure: true, sameSite: 'none' });
+  await adminApiHelper.getAppAdminHookLogout()?.(req, res);
+  ApiHelper.sendJson(req, res, { status: 'ok', message: langHelper.getLang('shared:process_completed') });
+  return true;
+};

package/src/admin-api/admin-config.ts

@@ -1,18 +1,7 @@
 import { ServerResponse } from 'http';
 import * as fs from 'fs/promises';
-import {
-  IApiBase,
-  Logger,
-  apiCache,
-  ServerRequest,
-  ApiRouter,
-  ApiHelper,
-  langHelper,
-  FsUtils,
-  adminHelper,
-} from 'lupine.api';
+import { IApiBase, Logger, apiCache, ServerRequest, ApiRouter, ApiHelper, langHelper, FsUtils } from 'lupine.api';
 import path from 'path';
-import { needDevAdminSession } from './admin-auth';
 
 export class AdminConfig implements IApiBase {
   private logger = new Logger('config-api');

package/src/admin-api/admin-performance.ts

@@ -16,7 +16,7 @@ import {
   AppCacheGlobal,
   getAppCache,
 } from 'lupine.api';
-import { adminHelper } from './admin-helper';
+import { adminApiHelper } from './admin-api-helper';
 import { needDevAdminSession } from './admin-auth';
 
 // #https://github.com/sebhildebrandt/systeminformation
@@ -38,7 +38,7 @@ export class AdminPerformance implements IApiBase {
   }
 
   async performanceData(req: ServerRequest, res: ServerResponse) {
-    const json = adminHelper.getDevAdminFromCookie(req, res, true);
+    const json = adminApiHelper.getDevAdminFromCookie(req, res, true);
     if (!json) {
       return false;
     }