not-node 5.1.44 → 6.0.0

package/src/identity/providers/token.js

@@ -0,0 +1,255 @@
+const { error, log } = require("not-log")(module, "Identity//Token");
+const { notRequestError } = require("not-error");
+const CONST = require("../../auth/const");
+const ROLES = require("../../auth/roles");
+const { objHas } = require("../../common");
+const phrase = require("not-locale").modulePhrase("not-node");
+
+const JWT = require("jsonwebtoken");
+
+module.exports = class IdentityProviderToken {
+    #tokenContent = null;
+    #token = null;
+
+    static #options = {};
+
+    static setOptions(options = {}) {
+        this.#options = options;
+    }
+
+    static #getOptions() {
+        return this.#options;
+    }
+
+    constructor(req) {
+        this.req = req;
+        return this;
+    }
+
+    static getTokenFromRequest(req) {
+        const auth = req.get("Authorization");
+        if (auth && auth.length) {
+            const [, token] = auth.split(" ");
+            return token;
+        }
+        return null;
+    }
+
+    #extractToken(req) {
+        const token = this.getTokenFromRequest(req);
+        if (token) {
+            this.#token = token;
+        }
+    }
+
+    #updateToken() {
+        this.#token = this.#encodeTokenContent();
+        return this.#token;
+    }
+
+    #decodeTokenContent() {
+        try {
+            if (this.#token) {
+                const secret = this.#getOptions().secret;
+                JWT.verify(this.#token, secret);
+                return JWT.decode(this.#token, secret);
+            }
+            return null;
+        } catch (e) {
+            error(e.message);
+            return null;
+        }
+    }
+
+    #encodeTokenContent() {
+        try {
+            if (this.#token) {
+                const secret = this.#getOptions().secret;
+                return JWT.sign(this.#tokenContent, secret);
+            }
+            return null;
+        } catch (e) {
+            error(e.message);
+            return null;
+        }
+    }
+
+    #extractTokenContent(req) {
+        this.#tokenContent = this.#decodeTokenContent(req);
+    }
+
+    get tokenContent() {
+        return this.#tokenContent;
+    }
+
+    get token() {
+        return this.#token;
+    }
+
+    static #validateSecretForToken({ secret, context }) {
+        if (
+            !secret ||
+            typeof secret === "undefined" ||
+            secret === null ||
+            secret === ""
+        ) {
+            throw new notRequestError(phrase("user_token_secret_not_valid"), {
+                ...context,
+                code: 500,
+            });
+        }
+    }
+
+    static #validateTTLForToken(tokenTTL) {
+        if (tokenTTL <= 0 || isNaN(tokenTTL)) {
+            log(phrase("user_token_ttl_not_set"));
+            tokenTTL = CONST.TOKEN_TTL;
+        }
+        return tokenTTL;
+    }
+
+    static #composeUserTokenPayload({ user, additionalFields = [] }) {
+        const addons = {};
+        if (Array.isArray(additionalFields)) {
+            additionalFields.forEach((fieldName) => {
+                if (objHas(user, fieldName)) {
+                    addons[fieldName] = user[fieldName];
+                }
+            });
+        }
+        return {
+            _id: user._id,
+            role: user.role,
+            active: user.active,
+            username: user.username,
+            ...addons,
+        };
+    }
+
+    static #composeGuestTokenPayload() {
+        return {
+            _id: false,
+            role: CONST.DEFAULT_USER_ROLE_FOR_GUEST,
+            active: true,
+            username: phrase("user_role_guest"),
+        };
+    }
+
+    static createToken({
+        ip,
+        user,
+        additionalFields = ["emailConfirmed", "telephoneConfirmed"],
+    }) {
+        const context = { ip };
+        const secret = this.#getOptions().secret;
+        this.#validateSecretForToken({ secret, context });
+        let payload = {};
+        if (user) {
+            payload = this.#composeUserTokenPayload({ user, additionalFields });
+        } else {
+            payload = this.#composeGuestTokenPayload();
+        }
+        this.#setTokenExpiration(payload);
+        return JWT.sign(payload, secret);
+    }
+
+    static #setTokenExpiration(payload) {
+        const tokenTTL = this.#validateTTLForToken(this.#getOptions().ttl);
+        if (!objHas(payload, "exp")) {
+            payload.exp = Date.now() / 1000 + tokenTTL;
+        }
+    }
+
+    /**
+     *	Checks if user is authenticated
+     *	@return {boolean}	true - authenticated, false - guest
+     **/
+    isUser() {
+        return !!this.tokenContent?._id;
+    }
+
+    /**
+     *	Returns user role from token object
+     *	@return user role
+     **/
+    getRole() {
+        return this.tokenContent?.role ?? CONST.DEFAULT_USER_ROLE_FOR_GUEST;
+    }
+
+    /**
+     *	Set user role for active session
+     *	@param	{Array<string>}	role 	array of roles
+     **/
+    setRole(role) {
+        if (this.tokenContent) {
+            this.#tokenContent.role = [...role];
+            this.#updateToken();
+        }
+        return this;
+    }
+
+    /**
+     *	Set user id for active session
+     *	@param	{string}	_id 	user id
+     **/
+    setUserId(_id) {
+        if (this.tokenContent) {
+            this.#tokenContent._id = _id;
+            this.#updateToken();
+        }
+        return this;
+    }
+
+    isRoot() {
+        return (
+            this.isUser() &&
+            ROLES.compareRoles(
+                this.getRole(),
+                CONST.DEFAULT_USER_ROLE_FOR_ADMIN
+            )
+        );
+    }
+
+    /**
+     *	Get user id for active session
+     **/
+    getUserId() {
+        return this.#tokenContent?._id;
+    }
+
+    /**
+     *	returns token
+     **/
+    getSessionId() {
+        return this.token;
+    }
+
+    /**
+     *	Set auth data in session, user id and role
+     *	@param	{string}	id 		user id
+     *	@param	{string}	role 	user role
+     **/
+    setAuth(id, role) {
+        this.setUserId(id);
+        this.setRole(role);
+    }
+
+    /**
+     *	Set auth data in token to Guest
+     **/
+    setGuest() {
+        this.setAuth(null, [CONST.DEFAULT_USER_ROLE_FOR_GUEST]);
+    }
+
+    /**
+     *	Reset session
+     *	@param	{object}	req 	Express Request
+     **/
+    cleanse() {
+        this.setGuest();
+    }
+
+    static test(req) {
+        return !!this.getTokenFromRequest(req);
+    }
+};

package/src/manifest/result.filter.js

@@ -0,0 +1,268 @@
+const notPath = require("not-path");
+const { objHas, copyObj } = require("../common");
+
+const PROP_NAME_RETURN_ROOT = "returnRoot"; //path to object to filter
+const PROP_NAME_RETURN_RULE = "return"; //filtering rule
+const PROP_NAME_RETURN_STRICT = "returnStrict"; //if filtering should be strict
+
+/**
+ * @const {boolean} DEFAULT_STRICT_MODE
+ * active only in complex rules presented as objects
+ * defines if filtering should exclude any not mentioned property and sub property in map object
+ * Example:
+ * target structure =
+ *  {
+ *      id,
+ *      user:{
+ *          id,
+ *          username,
+ *          aliases: [
+ *              {id, title, createdAt},
+ *              {id, title, createdAt, banned}
+ *          ],
+ *          createdAt
+ *      },
+ *      clean
+ *  }
+ * rule object =
+ *  {
+ *      id,
+ *      'user.aliases': ['id', 'title', 'banned']
+ *  }
+ * in strict==true
+ * filtered target structure =
+ *  {
+ *      id,
+ *      user:{
+ *          aliases: [
+ *              {id, title},
+ *              {id, title, banned}
+ *          ]
+ *      }
+ *  }
+ * in strict==false
+ * filtered target structure = {
+ *      id,
+ *      user:{
+ *          id,
+ *          username,
+ *          aliases: [
+ *              {id, title},
+ *              {id, title, banned}
+ *          ],
+ *          createdAt
+ *      }
+ *  }
+ */
+const DEFAULT_STRICT_MODE = false;
+
+module.exports = class notManifestRouteResultFilter {
+    /**
+     * Removes fields from result object acctoding to actionData.return array
+     * if presented
+     * @param {object} notRouteData request rules and preferencies
+     * @param {object} result result returned by main action processor
+     */
+    static filter(notRouteData, result) {
+        if (!(result && typeof result === "object")) return;
+        const filteringRule = this.getFilteringRule(notRouteData);
+        if (!filteringRule) return;
+        const filteringTarget = this.getFilteringTarget(result, notRouteData);
+        if (!filteringTarget) {
+            return;
+        }
+        this.filterByRule(
+            filteringTarget,
+            filteringRule,
+            this.getFilteringStrictMode(notRouteData)
+        );
+        return result;
+    }
+
+    /**
+     * modifies target according to rule
+     * @param {object}  target      object which properties should be filtered
+     * @param {array}   rule        filtering rule
+     * @param {boolean} strict      filtering mode
+     */
+
+    static filterByRule(target, rule, strict = DEFAULT_STRICT_MODE) {
+        if (!rule || !target) {
+            return;
+        }
+        if (Array.isArray(rule)) {
+            this.filterByArrayRule(target, rule); //flat map always strict==true
+        } else if (typeof rule === "object") {
+            this.filterByMapRule(target, rule, strict); //object map strict could vary
+        }
+    }
+
+    /**
+     * filters target by rule.
+     * Rule form: {pathToProperty: filteringRuleArray, pathToProperty: filteringRuleMap }
+     * pathToProperty should be in notPath notation except starting symbol (default: ':')
+     * if pathToProperty targets array in target, each item of array will be filtered by
+     * @param {object} target
+     * @param {object} rule         map of properties.
+     * @param {boolean} strict      filtering mode
+     * example:
+     * {
+     *      'user': ['username', 'id', 'email'], //filtering properties of object target.user
+     *      'posts': ['id', 'title'],            //filtering properties of array of objects target.posts
+     *      'friends.list': ['id', 'username']   //filtering props of array of objects target.friends.list by path.
+     *                                           //if strict==false: will not drop any from friends.*, only friends.list cotent will be processed
+     *                                           //if strict==true: will drop all properties of friends except list
+     *      'friends': {                         //this will clear friends sub-object from any properties except 'list' in any strict mode
+     *          'list': ['id', 'username']       //and filter 'list' items
+     *      },
+     *      'storage': {                         //filtering complex sub object by map
+     *          'files':{
+     *              'cloud': ['id','title'],
+     *              'local': ['id', 'title', 'size']
+     *          }
+     *      }
+     * }
+     */
+    static filterByMapRule(target, rule, strict = DEFAULT_STRICT_MODE) {
+        //to form ['id', 'user.username', 'files']
+        const filteringArray = Object.keys(rule);
+        //filtering direct chilren if in strict mode
+        if (strict) {
+            this.filterStrict(target, filteringArray);
+        }
+        //filter properties
+        for (let filteringTargetName of filteringArray) {
+            const subTarget = notPath.get(
+                `${notPath.PATH_START_OBJECT}${filteringTargetName}`,
+                target
+            );
+            //if sub target Array filtering each item individualy
+            if (Array.isArray(subTarget)) {
+                subTarget.forEach((subTargetItem) => {
+                    this.filterByRule(
+                        subTargetItem,
+                        rule[filteringTargetName],
+                        strict
+                    );
+                });
+            } else if (typeof subTarget == "object") {
+                this.filterByRule(subTarget, rule[filteringTargetName], strict);
+            }
+        }
+    }
+
+    static filterStrict(target, filteringArray) {
+        console.log(target, filteringArray);
+        //to form ['id', 'user', 'files']
+        const filteringArrayDirectChildren = filteringArray.map(
+            (propName) => propName.split(notPath.PATH_SPLIT)[0]
+        );
+        //filter strict direct children
+        this.filterByArrayRule(target, filteringArrayDirectChildren);
+        //filter strict each level in props paths in filteringArray
+        for (let path of filteringArray) {
+            let pathParts = path.split(notPath.PATH_SPLIT);
+            if (pathParts.length === 1) {
+                continue;
+            }
+            //property name in which we will clean content except pathParts[1]
+            const directPropName = pathParts.shift();
+            //
+            const subTarget = target[directPropName];
+            if (Array.isArray(subTarget)) continue;
+            const subFilteringArray = [pathParts.join(notPath.PATH_SPLIT)];
+            this.filterStrict(subTarget, subFilteringArray);
+        }
+    }
+
+    /**
+     * filters target properties by rule, all properties which names are not presented in rule
+     * array will be removed from target
+     * @param {object} target object to filter
+     * @param {Array} rule list of enabled properties. example: ['id', 'title', 'createdAt']
+     */
+    static filterByArrayRule(target, rule) {
+        const presented = Object.keys(target);
+        presented.forEach((fieldName) => {
+            if (!rule.includes(fieldName)) {
+                delete target[fieldName];
+            }
+        });
+    }
+
+    /**
+     * returns filtering rule object or undefined
+     * @param {object} notRouteData
+     * @returns {object|Array|undefined}  rule to filter result object properties
+     */
+    static getFilteringRule(notRouteData) {
+        if (objHas(notRouteData.rule, PROP_NAME_RETURN_RULE)) {
+            return copyObj(notRouteData.rule[PROP_NAME_RETURN_RULE]);
+        } else if (objHas(notRouteData.actionData, PROP_NAME_RETURN_RULE)) {
+            return copyObj(notRouteData.actionData[PROP_NAME_RETURN_RULE]);
+        } else {
+            return undefined;
+        }
+    }
+
+    /**
+     * Returns path to sub object which properties should be filtered
+     * @param {object} notRouteData
+     * @returns {string}  path of sub object in notPath notation
+     */
+    static getFilteringTargetPath(notRouteData) {
+        let path = notPath.PATH_START_OBJECT;
+        if (notRouteData) {
+            if (objHas(notRouteData.rule, PROP_NAME_RETURN_ROOT)) {
+                path += notRouteData.rule[PROP_NAME_RETURN_ROOT];
+            } else if (objHas(notRouteData.actionData, PROP_NAME_RETURN_ROOT)) {
+                path += notRouteData.actionData[PROP_NAME_RETURN_ROOT];
+            }
+        }
+        return path;
+    }
+
+    /**
+     * Returns object which properties should be filtered
+     * @param {object}  result  request result
+     * @param {object}  notRouteData  request route rules and prefs
+     * @returns {object} object to filter
+     */
+    static getFilteringTarget(result, notRouteData) {
+        if (result && typeof result == "object") {
+            const returnListRoot = this.getFilteringTargetPath(notRouteData);
+            return notPath.get(returnListRoot, result);
+        } else {
+            return result;
+        }
+    }
+
+    static getFilteringStrictMode(notRouteData) {
+        if (notRouteData) {
+            if (objHas(notRouteData.rule, PROP_NAME_RETURN_STRICT)) {
+                return !!notRouteData.rule[PROP_NAME_RETURN_STRICT];
+            } else if (
+                objHas(notRouteData.actionData, PROP_NAME_RETURN_STRICT)
+            ) {
+                return !!notRouteData.actionData[PROP_NAME_RETURN_STRICT];
+            }
+        }
+        return this.DEFAULT_STRICT_MODE;
+    }
+
+    static get PROP_NAME_RETURN_ROOT() {
+        return PROP_NAME_RETURN_ROOT;
+    }
+
+    static get PROP_NAME_RETURN_RULE() {
+        return PROP_NAME_RETURN_RULE;
+    }
+
+    static get PROP_NAME_RETURN_STRICT() {
+        return PROP_NAME_RETURN_STRICT;
+    }
+
+    static get DEFAULT_STRICT_MODE() {
+        return DEFAULT_STRICT_MODE;
+    }
+};

package/src/manifest/route.js

@@ -2,10 +2,13 @@ const CONST_BEFORE_ACTION = "before";
 const CONST_AFTER_ACTION = "after";
 
 const obsoleteWarning = require("../obsolete");
+
+const notAppIdentity = require("../identity");
 const Auth = require("../auth"),
     HttpError = require("../error").Http;
 
-const { objHas, copyObj, executeObjectFunction } = require("../common");
+const notManifestRouteResultFilter = require("./result.filter");
+const { copyObj, executeObjectFunction } = require("../common");
 
 /**
  *	Route representation
@@ -67,7 +70,7 @@ class notRoute {
      *	@return	{object}	rule or null
      */
     selectRule(req) {
-        const user = Auth.extractAuthData(req);
+        const user = notAppIdentity.extractAuthData(req);
         if (this.actionData) {
             return notRoute.actionAvailableByRule(this.actionData, user);
         }
@@ -171,39 +174,6 @@ class notRoute {
         );
     }
 
-    extractReturn(notRouteData) {
-        if (objHas(notRouteData.rule, "return")) {
-            return [...notRouteData.rule.return];
-        } else if (objHas(notRouteData.actionData, "return")) {
-            return [...notRouteData.actionData.return];
-        } else {
-            return undefined;
-        }
-    }
-
-    /**
-     * Removes fields from result object acctoding to actionData.return array
-     * if presented
-     * @param {ExpressRequest} req request object
-     * @param {object} result result returned by main action processor
-     */
-    filterResultByReturnRule(req, result) {
-        const returnList = this.extractReturn(req.notRouteData);
-        if (
-            result &&
-            typeof result === "object" &&
-            returnList &&
-            Array.isArray(returnList)
-        ) {
-            let presented = Object.keys(result);
-            presented.forEach((fieldName) => {
-                if (!returnList.includes(fieldName)) {
-                    delete result[fieldName];
-                }
-            });
-        }
-    }
-
     async executeRoute(modRoute, actionName, { req, res, next }) {
         try {
             //waiting preparation
@@ -220,7 +190,7 @@ class notRoute {
                 prepared,
             ]);
             //filter result IF actionData.return specified
-            this.filterResultByReturnRule(req, result);
+            notManifestRouteResultFilter.filter(req.notRouteData, result);
             //run after with results, continue without waiting when it finished
             return this.executeFunction(modRoute, CONST_AFTER_ACTION, [
                 req,

package/static2.js

@@ -0,0 +1,24 @@
+class Parent {
+    static getOptions() {
+        return this.#options;
+    }
+
+    static setOptions(opts) {
+        this.#options = opts;
+    }
+}
+
+class Child extends Parent {
+    static #options = {};
+    constructor() {
+        super();
+    }
+
+    run() {
+        Child.getOptions();
+    }
+}
+
+Parent.setOptions({ 1: "1" });
+
+console.log(new Child().run());

package/test/auth/routes.js

@@ -3,7 +3,7 @@ const {
     HttpExceptionForbidden,
 } = require("../../src/exceptions/http");
 
-module.exports = ({ Auth, HttpError, expect }) => {
+module.exports = ({ Auth, expect }) => {
     describe("Routes", () => {
         describe("getIP", () => {
             it("req.header[x-forwarded-for]", () => {