underpost 2.8.87 → 2.8.88

package/src/server/runtime.js

@@ -1,26 +1,24 @@
 import fs from 'fs-extra';
 import express from 'express';
-import cors from 'cors';
 import dotenv from 'dotenv';
 import fileUpload from 'express-fileupload';
 import swaggerUi from 'swagger-ui-express';
 import * as promClient from 'prom-client';
 import compression from 'compression';
 
-import { createServer } from 'http';
-import { getRootDirectory } from './process.js';
 import UnderpostStartUp from './start.js';
+import { createServer } from 'http';
 import { loggerFactory, loggerMiddleware } from './logger.js';
 import { getCapVariableName, newInstance } from '../client/components/core/CommonJs.js';
-import { Xampp } from '../runtime/xampp/Xampp.js';
 import { MailerProvider } from '../mailer/MailerProvider.js';
 import { DataBaseProvider } from '../db/DataBaseProvider.js';
-// import { createProxyMiddleware } from 'http-proxy-middleware';
 import { createPeerServer } from './peer.js';
 import { Lampp } from '../runtime/lampp/Lampp.js';
-import { JSONweb, ssrFactory } from './client-formatted.js';
-import Underpost from '../index.js';
+import { Xampp } from '../runtime/xampp/Xampp.js';
 import { createValkeyConnection } from './valkey.js';
+import { applySecurity, authMiddlewareFactory } from './auth.js';
+import { getInstanceContext } from './conf.js';
+import { ssrMiddlewareFactory } from './ssr.js';
 
 dotenv.config();
 
@@ -38,8 +36,6 @@ const buildRuntime = async () => {
     labelNames: ['instance', 'method', 'status_code'],
   };
 
-  // logger.info('promCounterOption', promCounterOption);
-
   const requestCounter = new promClient.Counter(promCounterOption);
   const initPort = parseInt(process.env.PORT) + 1;
   let currentPort = initPort;
@@ -47,9 +43,8 @@ const buildRuntime = async () => {
   const confSSR = JSON.parse(fs.readFileSync(`./conf/conf.ssr.json`, 'utf8'));
   const singleReplicaHosts = [];
   for (const host of Object.keys(confServer)) {
-    if (singleReplicaHosts.length > 0 && !singleReplicaHosts.includes(host)) {
+    if (singleReplicaHosts.length > 0)
       currentPort += singleReplicaHosts.reduce((accumulator, currentValue) => accumulator + currentValue.replicas, 0);
-    }
     const rootHostPath = `/public/${host}`;
     for (const path of Object.keys(confServer[host])) {
       confServer[host][path].port = newInstance(currentPort);
@@ -68,9 +63,17 @@ const buildRuntime = async () => {
         singleReplica,
         replicas,
         valkey,
+        apiBaseHost,
       } = confServer[host][path];
 
-      if (singleReplica && replicas && replicas.length > 0 && !singleReplicaHosts.includes(host)) {
+      const { redirectTarget, singleReplicaHost } = await getInstanceContext({
+        redirect,
+        singleReplicaHosts,
+        singleReplica,
+        replicas,
+      });
+
+      if (singleReplicaHost) {
         singleReplicaHosts.push({
           host,
           replicas: replicas.length,
@@ -87,161 +90,7 @@ const buildRuntime = async () => {
         apis,
       };
 
-      const redirectTarget = redirect
-        ? redirect[redirect.length - 1] === '/'
-          ? redirect.slice(0, -1)
-          : redirect
-        : undefined;
-
-      // if (redirect) logger.info('redirect', new URL(redirect));
-
       switch (runtime) {
-        case 'lampp':
-          if (!Lampp.enabled()) continue;
-          if (!Lampp.ports.includes(port)) Lampp.ports.push(port);
-          if (currentPort === initPort) Lampp.removeRouter();
-          Lampp.appendRouter(`
-            
-        Listen ${port}
-
-        <VirtualHost *:${port}>    
-            DocumentRoot "${directory ? directory : `${getRootDirectory()}${rootHostPath}`}"
-            ServerName ${host}:${port}
-
-            <Directory "${directory ? directory : `${getRootDirectory()}${rootHostPath}`}">
-              Options Indexes FollowSymLinks MultiViews
-              AllowOverride All
-              Require all granted
-            </Directory>
-
-              ${
-                redirect
-                  ? `
-                  RewriteEngine on
-                  
-                  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
-                  RewriteRule ^(.*)$ ${redirectTarget}%{REQUEST_URI} [R=302,L]
-              `
-                  : ''
-              }
-
-            ErrorDocument 400 ${path === '/' ? '' : path}/400.html
-            ErrorDocument 404 ${path === '/' ? '' : path}/400.html
-            ErrorDocument 500 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 502 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 503 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 504 ${path === '/' ? '' : path}/500.html
-
-          </VirtualHost>
-            
-                          `);
-          // ERR too many redirects:
-          // Check: SELECT * FROM database.wp_options where option_name = 'siteurl' or option_name = 'home';
-          // Check: wp-config.php
-          // if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
-          //   $_SERVER['HTTPS'] = 'on';
-          // }
-          // For plugins:
-          // define( 'FS_METHOD', 'direct' );
-
-          // ErrorDocument 404 /custom_404.html
-          // ErrorDocument 500 /custom_50x.html
-          // ErrorDocument 502 /custom_50x.html
-          // ErrorDocument 503 /custom_50x.html
-          // ErrorDocument 504 /custom_50x.html
-
-          // Respond When Error Pages are Directly Requested
-
-          // <Files "custom_404.html">
-          //     <If "-z %{ENV:REDIRECT_STATUS}">
-          //         RedirectMatch 404 ^/custom_404.html$
-          //     </If>
-          // </Files>
-
-          // <Files "custom_50x.html">
-          //     <If "-z %{ENV:REDIRECT_STATUS}">
-          //         RedirectMatch 404 ^/custom_50x.html$
-          //     </If>
-          // </Files>
-
-          // Add www or https with htaccess rewrite
-
-          // Options +FollowSymLinks
-          // RewriteEngine On
-          // RewriteCond %{HTTP_HOST} ^ejemplo.com [NC]
-          // RewriteRule ^(.*)$ http://ejemplo.com/$1 [R=301,L]
-
-          // Redirect http to https with htaccess rewrite
-
-          // RewriteEngine On
-          // RewriteCond %{SERVER_PORT} 80
-          // RewriteRule ^(.*)$ https://www.ejemplo.com/$1 [R,L]
-
-          // Redirect to HTTPS with www subdomain
-
-          // RewriteEngine On
-          // RewriteCond %{HTTPS} off [OR]
-          // RewriteCond %{HTTP_HOST} ^www\. [NC]
-          // RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
-          // RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
-
-          await UnderpostStartUp.API.listenPortController(
-            UnderpostStartUp.API.listenServerFactory(),
-            port,
-            runningData,
-          );
-          break;
-        case 'xampp':
-          if (!Xampp.enabled()) continue;
-          if (!Xampp.ports.includes(port)) Xampp.ports.push(port);
-          if (currentPort === initPort) Xampp.removeRouter();
-          Xampp.appendRouter(`
-            
-        Listen ${port}
-
-        <VirtualHost *:${port}>    
-            DocumentRoot "${directory ? directory : `${getRootDirectory()}${rootHostPath}`}"
-            ServerName ${host}:${port}
-
-            <Directory "${directory ? directory : `${getRootDirectory()}${rootHostPath}`}">
-              Options Indexes FollowSymLinks MultiViews
-              AllowOverride All
-              Require all granted
-            </Directory>
-
-            ${
-              redirect
-                ? `
-                RewriteEngine on
-                
-                RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
-                RewriteRule ^(.*)$ ${redirectTarget}%{REQUEST_URI} [R=302,L]
-            `
-                : ''
-            }
-
-            ErrorDocument 400 ${path === '/' ? '' : path}/400.html
-            ErrorDocument 404 ${path === '/' ? '' : path}/400.html
-            ErrorDocument 500 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 502 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 503 ${path === '/' ? '' : path}/500.html
-            ErrorDocument 504 ${path === '/' ? '' : path}/500.html
-
-          </VirtualHost>
-            
-                          `);
-          // ERR too many redirects:
-          // Check: SELECT * FROM database.wp_options where option_name = 'siteurl' or option_name = 'home';
-          // Check: wp-config.php
-          // if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
-          //   $_SERVER['HTTPS'] = 'on';
-          // }
-          await UnderpostStartUp.API.listenPortController(
-            UnderpostStartUp.API.listenServerFactory(),
-            port,
-            runningData,
-          );
-          break;
         case 'nodejs':
           const app = express();
 
@@ -268,9 +117,6 @@ const buildRuntime = async () => {
           // set logger
           app.use(loggerMiddleware(import.meta));
 
-          // instance public static
-          app.use('/', express.static(directory ? directory : `.${rootHostPath}`));
-
           // js src compression
           app.use(compression({ filter: shouldCompress }));
           function shouldCompress(req, res) {
@@ -315,14 +161,15 @@ const buildRuntime = async () => {
             return next();
           });
 
-          // cors
-          const originPayload = {
+          // instance public static
+          app.use('/', express.static(directory ? directory : `.${rootHostPath}`));
+
+          // security
+          applySecurity(app, {
             origin: origins.concat(
               apis && process.env.NODE_ENV === 'development' ? [`http://localhost:${currentPort + 2}`] : [],
             ),
-          };
-          // logger.info('originPayload', originPayload);
-          app.use(cors(originPayload));
+          });
 
           if (redirect) {
             app.use(function (req = express.Request, res = express.Response, next = express.NextFunction) {
@@ -342,145 +189,147 @@ const buildRuntime = async () => {
             await UnderpostStartUp.API.listenPortController(app, port, runningData);
             break;
           }
+          // instance server
+          const server = createServer({}, app);
+          if (peer) currentPort++;
 
-          const swaggerJsonPath = `./public/${host}${path === '/' ? path : `${path}/`}swagger-output.json`;
-          if (fs.existsSync(swaggerJsonPath)) {
-            // logger.info('Build swagger serve', swaggerJsonPath);
-
-            const swaggerInstance =
-              (swaggerDoc) =>
-              (...args) =>
-                swaggerUi.setup(swaggerDoc)(...args);
+          if (!apiBaseHost) {
+            const swaggerJsonPath = `./public/${host}${path === '/' ? path : `${path}/`}swagger-output.json`;
+            if (fs.existsSync(swaggerJsonPath)) {
+              // logger.info('Build swagger serve', swaggerJsonPath);
 
-            const swaggerDoc = JSON.parse(fs.readFileSync(swaggerJsonPath, 'utf8'));
+              const swaggerInstance =
+                (swaggerDoc) =>
+                (...args) =>
+                  swaggerUi.setup(swaggerDoc)(...args);
 
-            app.use(`${path === '/' ? `/api-docs` : `${path}/api-docs`}`, swaggerUi.serve, swaggerInstance(swaggerDoc));
-          }
+              const swaggerDoc = JSON.parse(fs.readFileSync(swaggerJsonPath, 'utf8'));
 
-          if (db && apis) await DataBaseProvider.load({ apis, host, path, db });
+              app.use(
+                `${path === '/' ? `/api-docs` : `${path}/api-docs`}`,
+                swaggerUi.serve,
+                swaggerInstance(swaggerDoc),
+              );
+            }
 
-          // valkey server
-          if (valkey) await createValkeyConnection({ host, path }, valkey);
+            if (db && apis) await DataBaseProvider.load({ apis, host, path, db });
 
-          if (mailer) {
-            const mailerSsrConf = confSSR[getCapVariableName(client)];
-            await MailerProvider.load({
-              id: `${host}${path}`,
-              meta: `mailer-${host}${path}`,
-              host,
-              path,
-              ...mailer,
-              templates: mailerSsrConf ? mailerSsrConf.mailer : {},
-            });
-          }
-          if (apis) {
-            const apiPath = `${path === '/' ? '' : path}/${process.env.BASE_API}`;
-            for (const api of apis)
-              await (async () => {
-                const { ApiRouter } = await import(`../api/${api}/${api}.router.js`);
-                const router = ApiRouter({ host, path, apiPath, mailer, db });
-                // router.use(cors({ origin: origins }));
-                // logger.info('Load api router', { host, path: apiPath, api });
-                app.use(`${apiPath}/${api}`, router);
-              })();
-          }
+            // valkey server
+            if (valkey) await createValkeyConnection({ host, path }, valkey);
 
-          const Render = await ssrFactory();
-          const ssrPath = path === '/' ? path : `${path}/`;
-
-          const defaultHtmlSrc404 = Render({
-            title: '404 Not Found',
-            ssrPath,
-            ssrHeadComponents: '',
-            ssrBodyComponents: (await ssrFactory(`./src/client/ssr/body/404.js`))(),
-            renderPayload: {
-              apiBasePath: process.env.BASE_API,
-              version: Underpost.version,
-            },
-            renderApi: {
-              JSONweb,
-            },
-          });
-          const path404 = `${directory ? directory : `${getRootDirectory()}${rootHostPath}`}/404/index.html`;
-          const page404 = fs.existsSync(path404) ? `${path === '/' ? '' : path}/404` : undefined;
-          app.use(function (req, res, next) {
-            if (page404) return res.status(404).redirect(page404);
-            else {
-              res.set('Content-Type', 'text/html');
-              return res.status(404).send(defaultHtmlSrc404);
+            if (mailer) {
+              const mailerSsrConf = confSSR[getCapVariableName(client)];
+              await MailerProvider.load({
+                id: `${host}${path}`,
+                meta: `mailer-${host}${path}`,
+                host,
+                path,
+                ...mailer,
+                templates: mailerSsrConf ? mailerSsrConf.mailer : {},
+              });
             }
-          });
-
-          const defaultHtmlSrc500 = Render({
-            title: '500 Server Error',
-            ssrPath,
-            ssrHeadComponents: '',
-            ssrBodyComponents: (await ssrFactory(`./src/client/ssr/body/500.js`))(),
-            renderPayload: {
-              apiBasePath: process.env.BASE_API,
-              version: Underpost.version,
-            },
-            renderApi: {
-              JSONweb,
-            },
-          });
-          const path500 = `${directory ? directory : `${getRootDirectory()}${rootHostPath}`}/500/index.html`;
-          const page500 = fs.existsSync(path500) ? `${path === '/' ? '' : path}/500` : undefined;
-          app.use(function (err, req, res, next) {
-            logger.error(err, err.stack);
-            if (page500) return res.status(500).redirect(page500);
-            else {
-              res.set('Content-Type', 'text/html');
-              return res.status(500).send(defaultHtmlSrc500);
+            if (apis) {
+              const authMiddleware = authMiddlewareFactory({ host, path });
+
+              const apiPath = `${path === '/' ? '' : path}/${process.env.BASE_API}`;
+              for (const api of apis)
+                await (async () => {
+                  const { ApiRouter } = await import(`../api/${api}/${api}.router.js`);
+                  const router = ApiRouter({ host, path, apiPath, mailer, db, authMiddleware, origins });
+                  // router.use(cors({ origin: origins }));
+                  // logger.info('Load api router', { host, path: apiPath, api });
+                  app.use(`${apiPath}/${api}`, router);
+                })();
             }
-          });
 
-          // instance server
-          const server = createServer({}, app);
+            if (ws)
+              await (async () => {
+                const { createIoServer } = await import(`../ws/${ws}/${ws}.ws.server.js`);
+                // logger.info('Load socket.io ws router', { host, ws });
+                // start socket.io
+                const { options, meta } = await createIoServer(server, {
+                  host,
+                  path,
+                  db,
+                  port,
+                  origins,
+                });
+                await UnderpostStartUp.API.listenPortController(UnderpostStartUp.API.listenServerFactory(), port, {
+                  runtime: 'nodejs',
+                  client: null,
+                  host,
+                  path: options.path,
+                  meta,
+                });
+              })();
 
-          if (ws)
-            await (async () => {
-              const { createIoServer } = await import(`../ws/${ws}/${ws}.ws.server.js`);
-              // logger.info('Load socket.io ws router', { host, ws });
-              // start socket.io
-              const { options, meta } = await createIoServer(server, {
+            if (peer) {
+              const peerPort = newInstance(currentPort);
+              const { options, meta, peerServer } = await createPeerServer({
+                port: peerPort,
+                devPort: port,
+                origins,
                 host,
                 path,
-                db,
-                port,
-                origins,
               });
-              await UnderpostStartUp.API.listenPortController(UnderpostStartUp.API.listenServerFactory(), port, {
+
+              await UnderpostStartUp.API.listenPortController(peerServer, peerPort, {
                 runtime: 'nodejs',
                 client: null,
                 host,
                 path: options.path,
                 meta,
               });
-            })();
+            }
+          }
 
-          if (peer) {
-            currentPort++;
-            const peerPort = newInstance(currentPort);
-            const { options, meta, peerServer } = await createPeerServer({
-              port: peerPort,
-              devPort: port,
-              origins,
+          // load ssr
+          const ssr = await ssrMiddlewareFactory({ app, directory, rootHostPath, path });
+          for (const [_, ssrMiddleware] of Object.entries(ssr)) app.use(ssrMiddleware);
+
+          await UnderpostStartUp.API.listenPortController(server, port, runningData);
+
+          break;
+
+        case 'lampp':
+          {
+            const { disabled } = await Lampp.createApp({
+              port,
               host,
               path,
+              directory,
+              rootHostPath,
+              redirect,
+              redirectTarget,
+              resetRouter: currentPort === initPort,
             });
-
-            await UnderpostStartUp.API.listenPortController(peerServer, peerPort, {
-              runtime: 'nodejs',
-              client: null,
+            if (disabled) continue;
+            await UnderpostStartUp.API.listenPortController(
+              UnderpostStartUp.API.listenServerFactory(),
+              port,
+              runningData,
+            );
+          }
+          break;
+        case 'xampp':
+          {
+            const { disabled } = await Xampp.createApp({
+              port,
               host,
-              path: options.path,
-              meta,
+              path,
+              directory,
+              rootHostPath,
+              redirect,
+              redirectTarget,
+              resetRouter: currentPort === initPort,
             });
+            if (disabled) continue;
+            await UnderpostStartUp.API.listenPortController(
+              UnderpostStartUp.API.listenServerFactory(),
+              port,
+              runningData,
+            );
           }
-
-          await UnderpostStartUp.API.listenPortController(server, port, runningData);
-
           break;
         default:
           break;

package/src/server/ssl.js

@@ -50,8 +50,7 @@ const buildSSL = async (host) => {
 
           fs.writeFileSync(`./engine-private/ssl/${host}/_ca_bundle.crt`, ca, 'utf8');
           fs.writeFileSync(`./engine-private/ssl/${host}/_ca_full_bundle.crt`, caFull, 'utf8');
-          // TODO: no repeat folderHost match
-          // fs.removeSync(`${sslPath}/${folderHost}`);
+
           return true;
         }
       }

package/src/server/ssr.js

@@ -0,0 +1,85 @@
+import fs from 'fs-extra';
+import dotenv from 'dotenv';
+import Underpost from '../index.js';
+
+import { ssrFactory, JSONweb } from './client-formatted.js';
+import { loggerFactory } from './logger.js';
+import { getRootDirectory } from './process.js';
+
+dotenv.config();
+
+const logger = loggerFactory(import.meta);
+
+const ssrMiddlewareFactory = async ({ app, directory, rootHostPath, path }) => {
+  const Render = await ssrFactory();
+  const ssrPath = path === '/' ? path : `${path}/`;
+
+  // Build default html src for 404 and 500
+
+  const defaultHtmlSrc404 = Render({
+    title: '404 Not Found',
+    ssrPath,
+    ssrHeadComponents: '',
+    ssrBodyComponents: (await ssrFactory(`./src/client/ssr/body/404.js`))(),
+    renderPayload: {
+      apiBasePath: process.env.BASE_API,
+      version: Underpost.version,
+    },
+    renderApi: {
+      JSONweb,
+    },
+  });
+  const path404 = `${directory ? directory : `${getRootDirectory()}${rootHostPath}`}/404/index.html`;
+  const page404 = fs.existsSync(path404) ? `${path === '/' ? '' : path}/404` : undefined;
+
+  const defaultHtmlSrc500 = Render({
+    title: '500 Server Error',
+    ssrPath,
+    ssrHeadComponents: '',
+    ssrBodyComponents: (await ssrFactory(`./src/client/ssr/body/500.js`))(),
+    renderPayload: {
+      apiBasePath: process.env.BASE_API,
+      version: Underpost.version,
+    },
+    renderApi: {
+      JSONweb,
+    },
+  });
+  const path500 = `${directory ? directory : `${getRootDirectory()}${rootHostPath}`}/500/index.html`;
+  const page500 = fs.existsSync(path500) ? `${path === '/' ? '' : path}/500` : undefined;
+
+  const sanitizeHtml = (res, req, html) => {
+    const nonce = res.locals.nonce;
+
+    return html
+      .replace(/<script(?=\s|>)/gi, `<script nonce="${nonce}"`)
+      .replace(/<style(?=\s|>)/gi, `<style nonce="${nonce}"`);
+  };
+
+  return {
+    error500: function (err, req, res, next) {
+      logger.error(err, err.stack);
+      if (page500) return res.status(500).redirect(page500);
+      else {
+        res.set('Content-Type', 'text/html');
+        return res.status(500).send(sanitizeHtml(res, req, defaultHtmlSrc500));
+      }
+    },
+    error400: function (req, res, next) {
+      // if /<path>/home redirect to /<path>
+      const homeRedirectPath = `${path === '/' ? '' : path}/home`;
+      if (req.url.startsWith(homeRedirectPath)) {
+        const redirectUrl = req.url.replace('/home', '');
+        return res.redirect(redirectUrl.startsWith('/') ? redirectUrl : `/${redirectUrl}`);
+      }
+
+      if (page404) return res.status(404).redirect(page404);
+      else {
+        res.set('Content-Type', 'text/html');
+        return res.status(404).send(sanitizeHtml(res, req, defaultHtmlSrc404));
+      }
+    },
+  };
+};
+
+export { ssrMiddlewareFactory };

package/src/server/start.js

@@ -86,9 +86,9 @@ class UnderpostStartUp {
     async build(deployId = 'dd-default', env = 'development') {
       const buildBasePath = `/home/dd`;
       const repoName = `engine-${deployId.split('-')[1]}`;
-      shellExec(`cd ${buildBasePath} && underpost clone underpostnet/${repoName}`);
+      shellExec(`cd ${buildBasePath} && underpost clone ${process.env.GITHUB_USERNAME}/${repoName}`);
       shellExec(`cd ${buildBasePath} && sudo mv ./${repoName} ./engine`);
-      shellExec(`cd ${buildBasePath}/engine && underpost clone underpostnet/${repoName}-private`);
+      shellExec(`cd ${buildBasePath}/engine && underpost clone ${process.env.GITHUB_USERNAME}/${repoName}-private`);
       shellExec(`cd ${buildBasePath}/engine && sudo mv ./${repoName}-private ./engine-private`);
       shellCd(`${buildBasePath}/engine`);
       shellExec(`npm install`);

package/src/server/valkey.js

@@ -148,7 +148,7 @@ const updateValkeyObject = async (options = { host: '', path: '' }, key = '', pa
   return await setValkeyObject(options, key, { ...base, ...payload });
 };
 
-const valkeyObjectFactory = async (options = { host: 'localhost', object: {} }, model = '') => {
+const valkeyObjectFactory = async (options = { host: 'localhost', path: '', object: {} }, model = '') => {
   const idoDate = new Date().toISOString();
   options.object = options.object || {};
   const { object } = options;
@@ -173,6 +173,7 @@ const valkeyObjectFactory = async (options = { host: 'localhost', object: {} },
         emailConfirmed: false,
         recoverTimeOut: null,
         lastLoginDate: null,
+        activeSessions: [],
       };
     }
     default: