propro-utils 1.5.24 → 1.5.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/src/server/index.js
CHANGED
|
@@ -104,7 +104,7 @@ class AuthMiddleware {
|
|
|
104
104
|
try {
|
|
105
105
|
const response = await this.proxyToAuthServer(
|
|
106
106
|
req,
|
|
107
|
-
|
|
107
|
+
`/api/v1/auth/send-magic-link?clientId=${this.options.clientId}&redirectUri=${this.options.redirectUri}`
|
|
108
108
|
);
|
|
109
109
|
res.status(response.status).json(response.data);
|
|
110
110
|
} catch (error) {
|
|
@@ -5,6 +5,55 @@
|
|
|
5
5
|
|
|
6
6
|
const { URL } = require('url');
|
|
7
7
|
|
|
8
|
+
/**
|
|
9
|
+
* Safely stringify an object, handling circular references
|
|
10
|
+
* @param {Object} obj - The object to stringify
|
|
11
|
+
* @return {string} A JSON string representation of the object
|
|
12
|
+
*/
|
|
13
|
+
const safeStringify = obj => {
|
|
14
|
+
const seen = new WeakSet();
|
|
15
|
+
return JSON.stringify(obj, (key, value) => {
|
|
16
|
+
if (typeof value === 'object' && value !== null) {
|
|
17
|
+
if (seen.has(value)) {
|
|
18
|
+
return '[Circular]';
|
|
19
|
+
}
|
|
20
|
+
seen.add(value);
|
|
21
|
+
}
|
|
22
|
+
return value;
|
|
23
|
+
});
|
|
24
|
+
};
|
|
25
|
+
|
|
26
|
+
/**
|
|
27
|
+
* Sanitize user object by removing sensitive and unnecessary information
|
|
28
|
+
* @param {Object} user - The user object to sanitize
|
|
29
|
+
* @return {Object} A sanitized version of the user object
|
|
30
|
+
*/
|
|
31
|
+
const sanitizeUser = user => {
|
|
32
|
+
const sanitized = { ...user };
|
|
33
|
+
|
|
34
|
+
delete sanitized.password;
|
|
35
|
+
delete sanitized.passwordHistory;
|
|
36
|
+
delete sanitized.loginAttempts;
|
|
37
|
+
|
|
38
|
+
// Remove Mongoose-specific fields
|
|
39
|
+
delete sanitized.$__;
|
|
40
|
+
delete sanitized.$isNew;
|
|
41
|
+
|
|
42
|
+
if (sanitized._doc) {
|
|
43
|
+
sanitized.id = sanitized._doc.id;
|
|
44
|
+
sanitized.accountId = sanitized._doc.accountId;
|
|
45
|
+
sanitized.createdAt = sanitized._doc.createdAt;
|
|
46
|
+
sanitized.updatedAt = sanitized._doc.updatedAt;
|
|
47
|
+
|
|
48
|
+
delete sanitized._doc.mapList;
|
|
49
|
+
delete sanitized._doc.folderList;
|
|
50
|
+
|
|
51
|
+
delete sanitized._doc;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
return sanitized;
|
|
55
|
+
};
|
|
56
|
+
|
|
8
57
|
/**
|
|
9
58
|
* Sets the authentication cookies in the response object.
|
|
10
59
|
*
|
|
@@ -31,7 +80,6 @@ const setAuthCookies = (res, tokens, account, user, appUrl) => {
|
|
|
31
80
|
const accessMaxAge =
|
|
32
81
|
new Date(tokens.access.expires).getTime() - currentDateTime.getTime();
|
|
33
82
|
|
|
34
|
-
// Determine the domain
|
|
35
83
|
let domain;
|
|
36
84
|
try {
|
|
37
85
|
domain = appUrl ? new URL(appUrl).hostname : undefined;
|
|
@@ -43,7 +91,6 @@ const setAuthCookies = (res, tokens, account, user, appUrl) => {
|
|
|
43
91
|
domain = undefined;
|
|
44
92
|
}
|
|
45
93
|
|
|
46
|
-
// Define common cookie attributes
|
|
47
94
|
const commonAttributes = {
|
|
48
95
|
secure: process.env.NODE_ENV === 'production',
|
|
49
96
|
sameSite: process.env.NODE_ENV === 'production' ? 'None' : 'Lax',
|
|
@@ -54,54 +101,44 @@ const setAuthCookies = (res, tokens, account, user, appUrl) => {
|
|
|
54
101
|
commonAttributes.secure = true;
|
|
55
102
|
}
|
|
56
103
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
{
|
|
64
|
-
name: 'x-access-token',
|
|
65
|
-
value: tokens.access.token,
|
|
66
|
-
maxAge: accessMaxAge,
|
|
67
|
-
},
|
|
68
|
-
];
|
|
104
|
+
// Set httpOnly cookies
|
|
105
|
+
res.cookie('x-refresh-token', tokens.refresh.token, {
|
|
106
|
+
...commonAttributes,
|
|
107
|
+
httpOnly: true,
|
|
108
|
+
maxAge: refreshMaxAge,
|
|
109
|
+
});
|
|
69
110
|
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
maxAge: cookie.maxAge,
|
|
75
|
-
});
|
|
111
|
+
res.cookie('x-access-token', tokens.access.token, {
|
|
112
|
+
...commonAttributes,
|
|
113
|
+
httpOnly: true,
|
|
114
|
+
maxAge: accessMaxAge,
|
|
76
115
|
});
|
|
77
116
|
|
|
78
|
-
|
|
79
|
-
|
|
117
|
+
// Set non-httpOnly cookies
|
|
118
|
+
const sanitizedUser = sanitizeUser(user);
|
|
119
|
+
const sanitizedAccount = { ...account };
|
|
120
|
+
delete sanitizedAccount.passwordHistory;
|
|
80
121
|
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
maxAge: refreshMaxAge,
|
|
86
|
-
},
|
|
87
|
-
{ name: 'account', value: JSON.stringify(account), maxAge: refreshMaxAge },
|
|
88
|
-
{
|
|
89
|
-
name: 'has_account_token',
|
|
90
|
-
value: JSON.stringify({ value: 'true', expires: accessMaxAge }),
|
|
91
|
-
maxAge: accessMaxAge,
|
|
92
|
-
},
|
|
93
|
-
];
|
|
122
|
+
res.cookie('user', safeStringify(sanitizedUser), {
|
|
123
|
+
...commonAttributes,
|
|
124
|
+
maxAge: refreshMaxAge,
|
|
125
|
+
});
|
|
94
126
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
maxAge: cookie.maxAge,
|
|
99
|
-
});
|
|
127
|
+
res.cookie('account', safeStringify(sanitizedAccount), {
|
|
128
|
+
...commonAttributes,
|
|
129
|
+
maxAge: refreshMaxAge,
|
|
100
130
|
});
|
|
101
131
|
|
|
132
|
+
res.cookie(
|
|
133
|
+
'has_account_token',
|
|
134
|
+
JSON.stringify({ value: 'true', expires: accessMaxAge }),
|
|
135
|
+
{
|
|
136
|
+
...commonAttributes,
|
|
137
|
+
maxAge: accessMaxAge,
|
|
138
|
+
}
|
|
139
|
+
);
|
|
140
|
+
|
|
102
141
|
console.log('Setting auth cookies');
|
|
103
|
-
console.log('tokens', tokens);
|
|
104
|
-
console.log('account', account);
|
|
105
142
|
console.log('sanitizedUser', sanitizedUser);
|
|
106
143
|
};
|
|
107
144
|
|