serverpreconfigured 2.2.13 → 2.2.15

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "serverpreconfigured",
-  "version": "2.2.13",
+  "version": "2.2.15",
   "description": "\"Pre-configured server with authentication system and database integration\"",
   "main": "dist/server.js",
   "keywords": [
@@ -31,16 +31,18 @@
     "cors": "^2.8.5",
     "express": "^4.17.3",
     "express-session": "^1.17.2",
+    "install": "^0.13.0",
     "meta-sanitizer": "^2.1.4",
     "nodemon": "^2.0.15",
-    "pg": "^8.7.3",
+    "npm": "^10.9.0",
+    "pg": "^8.13.0",
     "pg-hstore": "^2.3.4",
     "sequelize": "^6.37.4",
-    "sequelize-cli": "^6.4.1",
     "sucrase": "^3.20.3",
     "typescript": "^4.6.2"
   },
   "devDependencies": {
-    "@types/node": "^17.0.21"
+    "@types/node": "^17.0.21",
+    "sequelize-cli": "^6.6.2"
   }
 }

package/spc_envfile.json

@@ -1,5 +1,8 @@
 {
     "DATABASE":{
-        "DATABASE":false
+        "DATABASE":"vini",
+        "USERNAME":"postgres",
+        "PASSWORD":"pass",
+        "PORT":5232
     }
 }

package/src/database/database.ts

@@ -1,5 +1,5 @@
-//@ts-ignore
 //@ts-nocheck
 import {Sequelize}  from "sequelize";
 import config from "./../settings/database/database";
-export const dataBase=new Sequelize(config);
+
+export const dataBase=new Sequelize(config);

package/src/logs/logs.ts

@@ -0,0 +1,127 @@
+import fs from 'fs';
+import path from 'path';
+import { Request } from 'express';
+import axios from 'axios';
+export const BASE_LOG_PATH='./logs';
+export enum LogSeverity{
+    danger='danger',
+    servere='severe',
+    moderate='moderate',
+    info='info',
+}
+export interface SaveLogOptions{
+    userId?:number;
+    data:string;
+    severity:LogSeverity;
+    addPath?:string;
+    filePrefix?:string;
+    penTestSuspcion?:boolean;
+    req?:Request;
+    ip?:string;
+    url?:string;
+}
+
+
+export function stringfyError(err:any):string{
+   const type=typeof(err);
+   if(type!=='object')
+      return err.toString();
+   let ret=stringfyObject(err,0);
+   return ret||"";
+   function stringfyObject(obj:any,level:number=0){
+        if(!obj)
+           return "";
+        if(typeof(obj)!=='object')
+          return obj.toString();
+        if(level==5)
+           return "Is Object level max 8";
+        let ret:any={};
+        for(let key of Object.keys(obj)){
+            let value=obj[key];
+            //@ts-ignore
+            ret[key]=typeof(value)=='object'?stringfyObject(value,level+1).replaceAll('\\',''):value?.toString();
+        }
+        return JSON.stringify(ret);
+   }
+
+}
+
+
+export function getIpFromRequest(req:Request){
+        //@
+        let ips = (
+            req.headers['cf-connecting-ip'] ||
+            req.headers['x-real-ip'] ||
+            req.headers['x-forwarded-for'] ||
+            req.ip || ''
+        );
+        if(typeof(ips)=='string'){
+            ips=ips.split(',');
+        }
+        return ips[0].trim();
+}
+export async function saveInternalErrorLog(req:Request,error:any,options?:{penTestSuspcion?:boolean,severity?:LogSeverity}){
+     try{
+         const ip=getIpFromRequest(req);
+         const url=req.originalUrl;
+         //@ts-ignore
+         const userId=req.user?.id;
+         let errorString=stringfyError(error);
+         saveLog({
+            ip:ip,
+            url:url,
+            userId:userId,
+            data:errorString,
+            severity:options?.severity||LogSeverity.info,
+            penTestSuspcion:options?.penTestSuspcion,
+         });
+     }catch(e){
+        console.log("Error ON Save Log",e);
+     }
+}
+export function saveLog(options:SaveLogOptions){
+    if(!fs.existsSync(BASE_LOG_PATH)){
+        fs.mkdirSync(BASE_LOG_PATH);
+    }
+    let basePath=BASE_LOG_PATH;
+    if(options.addPath){
+        basePath=path.join(basePath,options.addPath);
+        if(!fs.existsSync(basePath)){
+            fs.mkdirSync(basePath);
+        }
+    }
+    if(options.userId){
+         basePath=path.join(basePath,options.userId.toString());
+    }else{
+        basePath=path.join(basePath,"unlogged");
+    } 
+    if(!fs.existsSync(basePath)){
+        fs.mkdirSync(basePath);
+    }
+    let fileName=path.join(basePath,`${options.filePrefix?options.filePrefix+'_':""}${getDateString(new Date())}.csv`);
+    let data="";
+    if(fs.existsSync(fileName)){
+        data=fs.readFileSync(fileName).toString()+"\n";
+    }
+    if(!data){
+        data='Data;Severidade;Usuário;Dados;IP;URL;Supeita de Ataque\n';
+    }
+    data+=`${new Date()};${options.severity};${options.userId||"Deslogado"};${options.data};${options.ip||"Não Informado"};${options.url||"Não Informado"};${options.penTestSuspcion?"SIM":"NÃO"}`;
+    fs.writeFileSync(fileName,data);
+    return {
+        fileName,
+        basePath,
+    };
+}
+function getDateString(d:Date){
+  const year=d.getFullYear();
+  const month=zerof(d.getMonth()+1);
+  const day=zerof(d.getDate());
+  const hour=zerof(d.getHours());
+  return `${year}_${month}_${day}_${hour}`;
+  function zerof(n:number){
+       if(n>9)
+         return n.toString();
+       return `0${n}`; 
+  }
+}

package/dist/auth/auth.d.ts

@@ -1,3 +0,0 @@
-export declare function userIsLogged(req: any): boolean;
-export declare function setUserLogged(req: any, email: string): void;
-export declare function logoutUser(req: any): void;

package/dist/auth/auth.js

@@ -1,22 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.logoutUser = exports.setUserLogged = exports.userIsLogged = void 0;
-const secureget_1 = require("../sessions/secureget");
-const config_1 = require("./config");
-const server_1 = require("../server");
-const server_2 = require("../server");
-function userIsLogged(req) {
-    let user = (0, secureget_1.getSessionValue)(req, config_1.SESSION_LOGGED_DATA);
-    if (user)
-        return true;
-    return false;
-}
-exports.userIsLogged = userIsLogged;
-function setUserLogged(req, email) {
-    (0, server_1.setSessionValue)(req, config_1.SESSION_LOGGED_DATA, email);
-}
-exports.setUserLogged = setUserLogged;
-function logoutUser(req) {
-    (0, server_2.deleteSessionValue)(req, config_1.SESSION_LOGGED_DATA);
-}
-exports.logoutUser = logoutUser;

package/dist/auth/config.d.ts

@@ -1 +0,0 @@
-export declare const SESSION_LOGGED_DATA = "email";

package/dist/auth/config.js

@@ -1,4 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SESSION_LOGGED_DATA = void 0;
-exports.SESSION_LOGGED_DATA = 'email';

package/dist/database/database.d.ts

@@ -1,2 +0,0 @@
-import { Sequelize } from "sequelize";
-export declare const dataBase: Sequelize;

package/dist/database/database.js

@@ -1,11 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.dataBase = void 0;
-//@ts-ignore
-//@ts-nocheck
-const sequelize_1 = require("sequelize");
-const database_1 = __importDefault(require("./../settings/database/database"));
-exports.dataBase = new sequelize_1.Sequelize(database_1.default);

package/dist/database/models/User.d.ts

@@ -1,9 +0,0 @@
-import { Model } from "sequelize";
-export declare class User extends Model {
-    id: number;
-    email: string;
-    first_name?: string;
-    is_active: boolean;
-    password_hash: string;
-    last_action: Date;
-}

package/dist/database/models/User.js

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.User = void 0;
-const sequelize_1 = require("sequelize");
-const sequelize_2 = require("sequelize");
-const database_1 = require("../database");
-class User extends sequelize_1.Model {
-}
-exports.User = User;
-User.init({
-    first_name: sequelize_2.DataTypes.STRING,
-    email: sequelize_2.DataTypes.STRING,
-    is_active: sequelize_2.DataTypes.BOOLEAN,
-    password_hash: sequelize_2.DataTypes.STRING,
-    last_action: sequelize_2.DataTypes.DATE,
-}, {
-    sequelize: database_1.dataBase,
-    tableName: 'spc_users',
-});

package/dist/database/models/WSAuth.d.ts

@@ -1,6 +0,0 @@
-import { Model } from "sequelize";
-export declare class WebSocketAuth extends Model {
-    token: string;
-    expiration: Date;
-    auth_connection_token: string;
-}

package/dist/database/models/WSAuth.js

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.WebSocketAuth = void 0;
-const sequelize_1 = require("sequelize");
-const sequelize_2 = require("sequelize");
-const database_1 = require("../database");
-class WebSocketAuth extends sequelize_1.Model {
-}
-exports.WebSocketAuth = WebSocketAuth;
-WebSocketAuth.init({
-    token: sequelize_2.DataTypes.STRING,
-    expiration: sequelize_2.DataTypes.DATE,
-    user_id: sequelize_2.DataTypes.INTEGER,
-    is_active: sequelize_2.DataTypes.BOOLEAN,
-    auth_connection_token: sequelize_2.DataTypes.STRING,
-}, {
-    sequelize: database_1.dataBase,
-    tableName: 'spc_wsauth'
-});

package/dist/expressServer.d.ts

@@ -1,20 +0,0 @@
-/// <reference types="node" />
-import express from "express";
-import { Express } from "express";
-import { Server } from "http";
-export default class ExpressServer {
-    app: Express;
-    authUserBaseUrl: string;
-    registerUserBaseUrl: string;
-    usePort: number;
-    server?: Server;
-    wsAuthBaseUrl: string;
-    constructor();
-    listen(port?: any): void;
-    initModules(): void;
-    initUserAuthSystem(baseUrl?: string): void;
-    initUserRegisterSystem(baseUrl?: string): void;
-    initWSAuthSystem(wsBaseUrl?: string): void;
-    getApp(): express.Express;
-    getServer(): Server | undefined;
-}

package/dist/expressServer.js

@@ -1,52 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const express_1 = __importDefault(require("express"));
-const sessions_1 = require("./modules/sessions");
-const postreader_1 = require("./modules/postreader");
-const initcors_1 = require("./modules/initcors");
-const env_1 = __importDefault(require("./settings/env"));
-const userauth_1 = __importDefault(require("./routes/userauth"));
-const wsauth_1 = require("./routes/wsauth");
-const userresgister_1 = __importDefault(require("./routes/userresgister"));
-class ExpressServer {
-    constructor() {
-        this.authUserBaseUrl = "";
-        this.wsAuthBaseUrl = "";
-        this.registerUserBaseUrl = "";
-        this.usePort = env_1.default.PORT;
-        this.app = (0, express_1.default)();
-        this.initModules();
-    }
-    listen(port = null) {
-        if (port != null)
-            this.usePort = parseInt(port);
-        this.server = this.app.listen(this.usePort);
-    }
-    initModules() {
-        (0, sessions_1.initSessions)(this.app);
-        (0, postreader_1.initPostReader)(this.app);
-        (0, initcors_1.initCors)(this.app);
-    }
-    initUserAuthSystem(baseUrl = '/user') {
-        this.authUserBaseUrl = baseUrl;
-        this.app.use(this.authUserBaseUrl, userauth_1.default);
-    }
-    initUserRegisterSystem(baseUrl = '/userregister') {
-        this.registerUserBaseUrl = baseUrl;
-        this.app.use(this.registerUserBaseUrl, userresgister_1.default);
-    }
-    initWSAuthSystem(wsBaseUrl = '/ws') {
-        this.wsAuthBaseUrl = wsBaseUrl;
-        this.app.use(this.wsAuthBaseUrl, wsauth_1.router);
-    }
-    getApp() {
-        return this.app;
-    }
-    getServer() {
-        return this.server;
-    }
-}
-exports.default = ExpressServer;

package/dist/middlewares/auth.d.ts

@@ -1,6 +0,0 @@
-import { User } from "../server";
-import { Request } from "express";
-export interface RequestAuthenticated extends Request {
-    user: User;
-}
-export declare function setUserDataMiddleware(req: any, res: any, next: any): Promise<any>;

package/dist/middlewares/auth.js

@@ -1,35 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.setUserDataMiddleware = void 0;
-const server_1 = require("../server");
-const server_2 = require("../server");
-const server_3 = require("../server");
-const response_1 = require("../utils/response");
-function setUserDataMiddleware(req, res, next) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!(0, server_1.userIsLogged)(req))
-            return res.status(401).send((0, server_2.JSONResponse)({}, "User Must Be Logged"));
-        try {
-            const dealerEmail = (0, server_3.getUserSessionData)(req);
-            const user = yield server_1.User.findOne({ where: { email: dealerEmail, is_active: true } });
-            if (!user)
-                throw "Unknown user";
-            req.user = user;
-            yield (0, server_1.updateUserLastAction)(user);
-            next();
-        }
-        catch (e) {
-            return (0, response_1.sendIError)(req, res, e);
-        }
-    });
-}
-exports.setUserDataMiddleware = setUserDataMiddleware;

package/dist/middlewares/post.d.ts

@@ -1 +0,0 @@
-export declare function checkAndFilterPostParams(req: any, res: any, next: any): void;

package/dist/middlewares/post.js

@@ -1,6 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkAndFilterPostParams = void 0;
-function checkAndFilterPostParams(req, res, next) {
-}
-exports.checkAndFilterPostParams = checkAndFilterPostParams;

package/dist/middlewares/wsauth.d.ts

@@ -1 +0,0 @@
-export declare function checkWSAuth(ws: any, msg: any): Promise<boolean>;

package/dist/middlewares/wsauth.js

@@ -1,56 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkWSAuth = void 0;
-const random_1 = require("../utils/string/random");
-const wsauth_1 = require("../wsauth/wsauth");
-const response_1 = require("../utils/response");
-const server_1 = require("../server");
-const meta_sanitizer_1 = __importDefault(require("meta-sanitizer"));
-const DEBUG = true;
-function checkWSAuth(ws, msg) {
-    return __awaiter(this, void 0, void 0, function* () {
-        try {
-            if (ws.userId && ws.connectionToken) {
-                if ((yield (0, wsauth_1.checkConnectionAuth)(ws.userId, ws.connectionToken)))
-                    return true;
-            }
-            const message = JSON.parse(msg);
-            if (message.action === "Authenticate") {
-                const token = meta_sanitizer_1.default.justCharsAndNumbers(message.token, false);
-                const userId = parseInt(meta_sanitizer_1.default.justNumbers(message.userId, false));
-                const connectionToken = (0, random_1.randomString)(35);
-                if ((yield (0, server_1.authenticateWS)(userId, token, connectionToken))) {
-                    ws.userId = userId;
-                    ws.connectionToken = connectionToken;
-                    return true;
-                }
-                else {
-                    return sendError(false, "Invalid Token or UserID");
-                }
-            }
-            else {
-                return sendError(false, "Need auth", "'action'='Authenticate' and must have 'token' and 'userId'");
-            }
-        }
-        catch (e) {
-            return sendError(false, "Internal Error", "", e);
-        }
-        function sendError(isOk, message, errorMessage = "", data = {}) {
-            ws.send((0, response_1.WSResponse)(isOk, message, errorMessage, data));
-            return false;
-        }
-    });
-}
-exports.checkWSAuth = checkWSAuth;

package/dist/modules/initcors.d.ts

@@ -1 +0,0 @@
-export declare function initCors(app: any): void;

package/dist/modules/initcors.js

@@ -1,13 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.initCors = void 0;
-const cors_1 = __importDefault(require("cors"));
-const env_1 = __importDefault(require("../settings/env"));
-function initCors(app) {
-    if (env_1.default.ALLOW_CORS)
-        app.use((0, cors_1.default)());
-}
-exports.initCors = initCors;

package/dist/modules/postreader.d.ts

@@ -1 +0,0 @@
-export declare function initPostReader(app: any): void;

package/dist/modules/postreader.js

@@ -1,12 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.initPostReader = void 0;
-const express_1 = __importDefault(require("express"));
-function initPostReader(app) {
-    app.use(express_1.default.json());
-    app.use(express_1.default.urlencoded({ extended: true }));
-}
-exports.initPostReader = initPostReader;

package/dist/modules/sessions.d.ts

@@ -1 +0,0 @@
-export declare function initSessions(app: any): void;

package/dist/modules/sessions.js

@@ -1,20 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.initSessions = void 0;
-const express_session_1 = __importDefault(require("express-session"));
-const env_1 = __importDefault(require("../settings/env"));
-function initSessions(app) {
-    app.set('trust proxy', 1); // trust first proxy
-    app.use((0, express_session_1.default)({
-        secret: env_1.default.SESSION_SECRET,
-        resave: false,
-        saveUninitialized: true,
-        cookie: { secure: env_1.default.NODE_ENV == 'development' ? false : true,
-            httpOnly: true,
-        },
-    }));
-}
-exports.initSessions = initSessions;

package/dist/routes/auth.d.ts

@@ -1,2 +0,0 @@
-declare const router: import("express-serve-static-core").Router;
-export default router;

package/dist/routes/auth.js

@@ -1,56 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const express_1 = __importDefault(require("express"));
-const secureset_1 = require("../sessions/secureset");
-const config_1 = require("../auth/config");
-const response_1 = require("../utils/response");
-const auth_1 = require("../auth/auth");
-const meta_sanitizer_1 = __importDefault(require("meta-sanitizer"));
-const users_1 = require("../users/users");
-var LoginErrorCode;
-(function (LoginErrorCode) {
-    LoginErrorCode[LoginErrorCode["NoError"] = 0] = "NoError";
-    LoginErrorCode[LoginErrorCode["InvalidParams"] = 1] = "InvalidParams";
-    LoginErrorCode[LoginErrorCode["InvalidPassword"] = 2] = "InvalidPassword";
-})(LoginErrorCode || (LoginErrorCode = {}));
-const router = express_1.default.Router();
-router.post('/logout', (req, res) => {
-    let is_ok = false;
-    if (auth_1.userIsLogged(req)) {
-        secureset_1.deleteSessionValue(req, config_1.SESSION_LOGGED_DATA);
-        is_ok = true;
-    }
-    res.send(response_1.JSONResponse(is_ok, 0, is_ok ? "" : "User Must be logged", {}));
-});
-router.post('/login', (req, res) => __awaiter(void 0, void 0, void 0, function* () {
-    let email = "";
-    let password = "";
-    try {
-        email = meta_sanitizer_1.default.sanitizeEmail(req.body.email);
-        password = meta_sanitizer_1.default.queryProtector(req.body.password);
-    }
-    catch (e) {
-        return res.send(response_1.JSONResponse(false, LoginErrorCode.InvalidParams, "Must have 'email' and 'password' params"));
-    }
-    if (password == "" || email == "")
-        return res.send(response_1.JSONResponse(false, LoginErrorCode.InvalidParams, "Must have 'email' and 'password' params"));
-    const checkPass = yield users_1.checkUserPassword(email, password);
-    if (checkPass) {
-        secureset_1.setSessionValue(req, config_1.SESSION_LOGGED_DATA, email);
-        return res.send(response_1.JSONResponse(true, LoginErrorCode.NoError, "Login Ok"));
-    }
-    return res.send(response_1.JSONResponse(false, LoginErrorCode.InvalidPassword, "Invalid Password"));
-}));
-exports.default = router;

package/dist/routes/userauth.d.ts

@@ -1,2 +0,0 @@
-declare const router: import("express-serve-static-core").Router;
-export default router;