npm - yaml-admin-api - Versions diffs - 0.0.3 → 0.0.7 - Mend

yaml-admin-api 0.0.3 → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/package.json +11 -1
package/src/common/util.js +58 -0
package/src/crud/entity-api-generator.js +437 -0
package/src/login/auth.js +24 -5
package/src/upload/localUpload.js +44 -0
package/src/upload/s3Upload.js +47 -0
package/src/upload/upload-api-generator.js +248 -0
package/src/yml-admin-api.js +25 -7
package/src/crud/api-generator.js +0 -118

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "yaml-admin-api",
-  "version": "0.0.3",
+  "version": "0.0.7",
   "description": "YAML Admin API package",
   "type": "commonjs",
   "main": "src/index.js",
@@ -8,11 +8,21 @@
     "src"
   ],
   "license": "MIT",
+  "scripts": {
+    "publish": "npm publish -w yaml-admin-api --access public"
+  },
   "dependencies": {
+    "@aws-sdk/client-s3": "^3.596.0",
+    "@aws-sdk/client-ses": "^3.855.0",
+    "@aws-sdk/s3-presigned-post": "^3.596.0",
+    "@aws-sdk/s3-request-presigner": "^3.596.0",
     "bcryptjs": "^3.0.2",
     "jsonwebtoken": "^9.0.2",
+    "moment": "^2.30.1",
     "mongodb": "^6.18.0",
     "request": "^2.88.2",
+    "uuid": "^11.1.0",
+    "xlsx": "^0.18.5",
     "yaml": "^2.8.1"
   }
 }

package/src/common/util.js ADDED Viewed

@@ -0,0 +1,58 @@
+const genEntityId = async function(db){
+    let ret = await db.collection('counters').findOneAndUpdate(
+        { _id: 'seq' },
+        {$inc:{seq:1}},
+        {
+            new :true,
+            upsert:true,
+            returnNewDocument:true
+        }
+    );
+    if(!ret?.seq){
+        ret = await db.collection('counters').findOneAndUpdate(
+            { _id: 'seq' },
+            {$inc:{seq:1}},
+            {
+                new :true,
+                upsert:true,
+                returnNewDocument:true
+            }
+        );
+    }
+    return ret.seq
+}
+const genEntityIdWithKey = async function(db, key){
+    let ret = await db.collection('counters').findOneAndUpdate(
+        { _id: key },
+        {$inc:{seq:1}},
+        {
+            new :true,
+            upsert:true,
+            returnNewDocument:true
+        }
+    );
+    if(!ret?.seq){
+        ret = await db.collection('counters').findOneAndUpdate(
+            { _id: key },
+            {$inc:{seq:1}},
+            {
+                new :true,
+                upsert:true,
+                returnNewDocument:true
+            }
+        );
+    }
+    return ret.seq
+}
+module.exports = {
+    genEntityId,
+    genEntityIdWithKey
+};

package/src/crud/entity-api-generator.js ADDED Viewed

@@ -0,0 +1,437 @@
+const { withConfig } = require('../login/auth.js');
+const { genEntityIdWithKey } = require('../common/util.js');
+const { v4: uuidv4 } = require('uuid');
+const { ObjectId } = require('mongodb');
+const crypto = require('crypto');
+const XLSX = require('xlsx');
+const moment = require('moment');
+const { withConfigLocal } = require('../upload/localUpload.js');
+const { withConfigS3 } = require('../upload/s3Upload.js');
+const generateCrud = async ({ app, db, entity_name, yml_entity, yml, options }) => {
+    const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
+    const api_host = yml["api-host"].uri;
+    let isS3 = yml.upload.s3
+    let host_image = isS3 ? yml.upload.s3.base_url : yml.upload.local.base_url
+    const uploader = yml.upload.s3 ? withConfigS3({
+        access_key_id: yml.upload.s3.access_key_id,
+        secret_access_key: yml.upload.s3.secret_access_key,
+        bucket: yml.upload.s3.bucket,
+        bucket_private: yml.upload.s3.bucket_private,
+        base_url: yml.upload.s3.base_url,
+    }) : withConfigLocal({
+        path: yml.upload.local.path,
+        path_private: yml.upload.local.path_private,
+        base_url: yml.upload.local.base_url,
+        api_host,
+    })
+    let key_field = yml_entity.fields?.find(field => field.key)
+    if (!key_field) {
+        key_field = {
+            name: '_id',
+            type: 'objectId',
+            key: true,
+            autogenerate: true
+        }
+    }
+    const generateKey = async () => {
+        if (key_field.type == 'integer')
+            return await genEntityIdWithKey(db, key_field.name)
+        else if (key_field.type == 'string')
+            return uuidv4()
+        return null
+    }
+    const getKeyFromEntity = (entity) => {
+        const keyValue = entity[key_field.name]
+        if (key_field.type == 'objectId' && keyValue)
+            return keyValue.toString()
+        return keyValue
+    }
+    const parseKey = (key) => {
+        if (key_field.type == 'integer')
+            return parseInt(key)
+        else if (key_field.type == 'string')
+            return key
+        else if (key_field.type == 'objectId')
+            return ObjectId.isValid(key) ? new ObjectId(key) : key
+        return key
+    }
+    const parseValueByType = (value, field) => {
+        const { type, reference_entity, reference_field } = field
+        if (type == 'reference') {
+            const referenceEntity = yml.entity[reference_entity]
+            const referenceField = referenceEntity.fields.find(f => f.name == reference_field)
+            console.log('referenceField', referenceField)
+            return parseValueByTypeCore(value, referenceField)
+        } else {
+            return parseValueByTypeCore(value, field)
+        }
+    }
+    const parseValueByTypeCore = (value, field) => {
+        const { type } = field
+        if (type == 'integer')
+            return parseInt(value)
+        else if (type == 'string')
+            return value
+        else if (type == 'objectId')
+            return ObjectId.isValid(value) ? new ObjectId(value) : value
+        return value
+    }
+    const passwordEncrypt = (value) => {
+        if (options?.password?.encrypt) {
+            return options.password.encrypt(value)
+        } else {
+            return crypto.createHash('sha512').update(value).digest('hex')
+        }
+    }
+    const addInfo = async (db, list) => {
+        let passwordFields = yml_entity.fields.filter(f => f.type == 'password').map(f => f.name)
+        list.forEach(m => {
+            passwordFields.forEach(f => {
+                delete m[f]
+            })
+        })
+        let mediaFields = yml_entity.fields.filter(f => ['image', 'mp4', 'file'].includes(f.type))
+        for(let m of list) {
+            for(let field of mediaFields) {
+                m[field.name] = await mediaToFront(m[field.name], field.private)
+            }
+        }
+    }
+    const mediaKeyToFullUrl = async (key, private) => {
+        let url = key
+        if(url && !url.startsWith('http'))
+            url= host_image + '/' + url
+        if(private) {
+            url = await uploader.getUrlSecure(key, auth);
+        }
+        return url
+    }
+    const mediaToFront = async (media, private) => {
+        if (media && typeof media == 'string') {
+            media= { src: url }
+            media.image_preview = await mediaKeyToFullUrl(url, private)
+        } else if (media && typeof media == 'object') {
+            let { image, video, src } = media
+            let url = image || src
+            media.image_preview = await mediaKeyToFullUrl(url, private)
+            if (video) {
+                media.video_preview = await mediaKeyToFullUrl(video, private)
+            }
+        }
+        return media
+    }
+    //list
+    app.get(`/${entity_name}`, auth.isAuthenticated, async (req, res) => {
+        var s = {};
+        var _sort = req.query._sort;
+        var _order = req.query._order;
+        if (_sort != null)
+            s[_sort] = (_order == 'ASC' ? 1 : -1);
+        var _end = req.query._end;
+        var _start = req.query._start;
+        var l = _end - _start;
+        //검색 파라미터
+        const f = {};
+        yml_entity.fields?.forEach(field => {
+            const q = req.query[field.name];
+            if (q) {
+                const search = yml_entity.crud?.list?.search?.find(m => m.name == field.name)
+                if (Array.isArray(q)) {
+                    f[field.name] = { $in: q.map(v => parseValueByType(v, field)) };
+                } else {
+                    if (search?.exact != false || field.type == 'integer')
+                        f[field.name] = parseValueByType(q, field)
+                    else
+                        f[field.name] = { $regex: ".*" + q + ".*" };
+                }
+            }
+        })
+        console.log('f', f, req.query)
+        var name = req.query.name;
+        if (name == null && req.query.q)
+            name = req.query.q;
+        if (name != null)
+            f['name'] = { $regex: ".*" + name + ".*" };
+        f.remove = { $ne: true }
+        //Custom f list Start
+        //Custom f list End
+        const projection = (key_field.name == '_id' ? {} : { _id: false })
+        var count = await db.collection(entity_name).find(f).project(projection).sort(s).count();
+        let list = await db.collection(entity_name).find(f).project(projection).sort(s).skip(parseInt(_start)).limit(l).toArray()
+        list.map(m => {
+            m.id = getKeyFromEntity(m)
+        })
+        //Custom list Start
+        //Custom list End
+        await addInfo(db, list)
+        res.header('X-Total-Count', count);
+        res.json(list);
+    });
+    const constructEntity = async (req, entityId) => {
+        var entity = {};
+        if (entityId)
+            entity[key_field.name] = entityId
+        yml_entity.fields.forEach(field => {
+            if (!field.key)
+                entity[field.name] = req.body[field.name]
+        })
+        entity['update_date'] = new Date()
+        let passwordFields = yml_entity.fields.filter(f => f.type == 'password').map(f => f.name)
+        passwordFields.forEach(f => {
+            entity[f] = passwordEncrypt(req.body[f])
+        })
+        //Custom ConstructEntity Start
+        //Custom ConstructEntity End
+        return entity;
+    };
+    //create
+    app.post(`/${entity_name}`, auth.isAuthenticated, async (req, res) => {
+        let entityId
+        if (key_field.autogenerate)
+            entityId = await generateKey()
+        else
+            entityId = parseKey(req.body[key_field.name])
+        if (entityId) {
+            let f = {}
+            f[key_field.name] = entityId
+            let already = await db.collection(entity_name).findOne(f)
+            if (already)
+                return res.status(400).json({ status: 400, statusText: 'error', message: "duplicate key [" + entityId + "]" });
+        }
+        const entity = await constructEntity(req, entityId);
+        entity['update_date'] = entity['create_date'] = new Date()
+        entity['create_admin_id'] = req.user.id
+        //Custom Create Start
+        //Custom Create End
+        var r = await db.collection(entity_name).insertOne(entity);
+        //Custom Create Tail Start
+        //Custom Create Tail End
+        const generatedId = entityId || r.insertedId
+        entity.id = (key_field.type == 'objectId') ? generatedId?.toString() : generatedId;
+        res.json(entity);
+    });
+    //edit
+    app.put(`/${entity_name}/:id`, auth.isAuthenticated, async (req, res) => {
+        let entityId = parseKey(req.params.id)
+        const entity = await constructEntity(req, entityId);
+        entity['update_date'] = new Date()
+        // Do not attempt to set the key field during update (immutable `_id` etc.)
+        if (entity[key_field.name] !== undefined)
+            delete entity[key_field.name]
+        //Custom Create Start
+        //Custom Create End
+        let f = {}
+        f[key_field.name] = entityId
+        for(let field of yml_entity.fields) {
+            if(['mp4', 'image', 'file'].includes(field.type)) {
+                let a = entity[field.name]
+                delete a.image_preview
+                delete a.video_preview
+            }
+        }
+        await db.collection(entity_name).updateOne(f, { $set: entity });
+        //Custom Create Tail Start
+        //Custom Create Tail End
+        // Ensure React-Admin receives an `id` in the response
+        entity.id = (key_field.type == 'objectId') ? entityId?.toString() : entityId
+        res.json(entity);
+    });
+    //view
+    app.get(`/${entity_name}/:id`, auth.isAuthenticated, async (req, res) => {
+        let f = {}
+        f[key_field.name] = parseKey(req.params.id)
+        const m = await db.collection(entity_name).findOne(f);
+        if (!m)
+            return res.status(404).send('Not found');
+        m.id = getKeyFromEntity(m)
+        await addInfo(db, [m])
+        res.json(m);
+    })
+    //delete
+    app.delete(`/${entity_name}/:id`, auth.isAuthenticated, async function (req, res) {
+        let f = {}
+        f[key_field.name] = parseKey(req.params.id)
+        const entity = await db.collection(entity_name).findOne(f);
+        if (!entity)
+            return res.status(404).send('Not found');
+        entity.id = getKeyFromEntity(entity)
+        let customDelete = false
+        let softDelete = false
+        //Custom Delete Api Start
+        //Custom Delete Api End
+        if (customDelete)
+            ;
+        else if (softDelete)
+            await db.collection(entity_name).updateOne(f, { $set: { remove: true } });
+        else
+            await db.collection(entity_name).deleteOne(f);
+        res.json(entity);
+    });
+    if (yml_entity.crud?.list?.export) {
+        app.post(`/excel/${entity_name}/export`, auth.isAuthenticated, async (req, res) => {
+            const filename = `${entity_name}_`
+            const fields = yml_entity.crud.list.export.fields.map(field => ({
+                label: field.name,
+                value: field.name,
+            }))
+            //{ label: '상품', value: row => row.product_list?.map(m=>m.total_name).join(',') },
+            let f = req.body.filter || {}
+            const list = await db.collection(entity_name).find(f).project({
+                _id: false,
+            }).toArray();
+            if (list.length == 0)
+                return res.json({ r: false, msg: 'No Data' });
+            await addInfo(db, list)
+            const data = list.map(row => {
+                let obj = {};
+                fields.forEach(field => {
+                    obj[field.label] = typeof field.value === 'function' ? field.value(row) : row[field.value];
+                });
+                return obj;
+            });
+            const worksheet = XLSX.utils.json_to_sheet(data);
+            const workbook = XLSX.utils.book_new();
+            XLSX.utils.book_append_sheet(workbook, worksheet, 'Sheet1');
+            const excelBuffer = XLSX.write(workbook, { bookType: 'xlsx', type: 'buffer' });
+            const currentTime = moment().format('YYYYMMDD_HHmmss');
+            const key = `${filename}${currentTime}.xlsx`;
+            await uploader.uploadSecure(key, excelBuffer);
+            let url = await uploader.getUrlSecure(key, auth);
+            return res.json({ r: true, url });
+        })
+    }
+    if (yml_entity.crud?.list?.import) {
+        app.post(`/excel/${entity_name}/import`, auth.isAuthenticated, async (req, res) => {
+            const { base64 } = req.body
+            const buf = Buffer.from(base64, 'base64');
+            const workbook = XLSX.read(buf, { type: 'buffer' });
+            const sheet = workbook.Sheets[workbook.SheetNames[0]];
+            let list = XLSX.utils.sheet_to_json(sheet, { header: 1 });
+            //엑셀 첫번째 행 타이틀 데이터 제거
+            let header = list[0]
+            list.shift();
+            let upsert = yml_entity.crud.list.import.upsert || true
+            const fields = yml_entity.crud.list.import.fields.map(m => m)
+            fields.map(field => {
+                let original = yml_entity.fields.find(f => f.name == field.name)
+                field.type = original.type
+            })
+            let key_field = yml_entity.fields.find(f => f.key)
+            let bulk = []
+            list.map(m => {
+                let f = {}
+                let m_obj = {}
+                header.map((h, index) => {
+                    m_obj[h] = m[index]
+                })
+                f[key_field.name] = getKeyFromEntity(m_obj)
+                if (!f[key_field.name])
+                    return
+                let entity = {}
+                fields.forEach(field => {
+                    if (field.type == 'integer')
+                        entity[field.name] = parseInt(m_obj[field.name])
+                    else if (field.type == 'password')
+                        entity[field.name] = passwordEncrypt(m_obj[field.name] + '')
+                    else
+                        entity[field.name] = m_obj[field.name] + ''
+                })
+                bulk.push({
+                    updateOne: {
+                        filter: f,
+                        update: { $set: entity },
+                        upsert: upsert
+                    }
+                })
+            })
+            let result = await db.collection('delivery').bulkWrite(bulk);
+            res.json({ r: true, msg: 'Import success - ' + result.upsertedCount + ' rows effected' });
+        })
+    }
+}
+const generateEntityApi = async ({ app, db, entity_name, entity, yml, options }) => {
+    await generateCrud({ app, db, entity_name, yml_entity: entity, yml, options })
+}
+module.exports = {
+    generateEntityApi
+}

package/src/login/auth.js CHANGED Viewed

@@ -12,7 +12,25 @@ const withConfig = (config) => {
     });
   };
-  const authenticateSuccess = function (req, res, user, next) {
+  const genenrateShortToken = () => {
+    return new Promise((resolve, reject) => {
+      jwt.sign(
+        {},
+        jwt_secret,
+        {
+          expiresIn: '5m',
+          subject: 'shortToken'
+        }, (err, token) => {
+          if (err)
+            reject(err);
+          else
+            resolve(token);
+        }
+      );
+    })
+  }
+  const authenticateSuccess = (req, res, user, next) => {
     jwt.sign(
       user,
       jwt_secret,
@@ -30,15 +48,15 @@ const withConfig = (config) => {
     );
   };
-  const isAuthenticated = function (req, res, next) {
-    const token = req.headers['x-access-token'] || req.query.token || req.cookies.token;
+  const isAuthenticated = (req, res, next) => {
+    const token = req.headers['x-access-token'] || req.query.token || req.cookies.token;
     if (token == null)
-      res.json({ r: false, err: { code: 666 }, msg: '로그인 필요' });
+      res.json({ r: false, err: { code: 666 }, msg: 'No authentication' });
     else
       jwt.verify(token, jwt_secret, (err, decoded) => {
         if (err) {
-          res.json({ r: false, err: { code: 666 }, msg: '로그인 필요' });
+          res.json({ r: false, err: { code: 666 }, msg: 'No authentication' });
           return;
         }
         req.user = decoded;
@@ -78,6 +96,7 @@ const withConfig = (config) => {
   return {
     isAuthenticated,
     authenticate,
+    genenrateShortToken,
   }
 }

package/src/upload/localUpload.js ADDED Viewed

@@ -0,0 +1,44 @@
+const moment = require('moment')
+const fs = require('fs')
+const getUrl = async (Key) => {
+    //console.log('getSignedUrl')
+    let r = await s3.getSignedUrl('getObject', {
+        Bucket:aws_bucket_private,
+        Key,
+    })
+    //console.log(r)
+    return r
+}
+const withConfigLocal = ({path, path_private, base_url, api_host}) => {
+    const upload = async (key, stream) => {
+        return await fs.writeFileSync(path + '/' + key, stream)
+    }
+    const uploadSecure = async (key, stream) => {
+        return await fs.writeFileSync(path_private + '/' + key, stream)
+    }
+    const getUrlSecure = async (Key, auth) => {
+        let r = `${api_host}/local-secure-download?key=${Key}`
+        let shortToken = await auth.genenrateShortToken()
+        r += `&token=${shortToken}`
+        return r
+    }
+    return {
+        upload,
+        uploadSecure,
+        getUrl: async (key) => {
+            return await getUrl(key)
+        },
+        getUrlSecure,
+    }
+}
+module.exports = {
+    withConfigLocal
+};

package/src/upload/s3Upload.js ADDED Viewed

@@ -0,0 +1,47 @@
+const moment = require('moment')
+const { S3Client, PutObjectCommand, GetObjectCommand, DeleteObjectCommand } = require('@aws-sdk/client-s3')
+const { getSignedUrl } = require('@aws-sdk/s3-request-presigner')
+const upload = async (key, stream) => {
+    if(!key){
+        throw new Error('필수값이 없습니다')
+    }
+    //console.log('uploadExcel')
+    return await s3.upload({
+        Bucket: aws_bucket_private,
+        Key: key,
+        Body: stream,
+        ACL: 'private',
+        Expires: moment().add(10, 'minute').toISOString(),
+        ContentType: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+    }).promise()
+}
+const getUrl = async (Key) => {
+    //console.log('getSignedUrl')
+    let r = await s3.getSignedUrl('getObject', {
+        Bucket:aws_bucket_private,
+        Key,
+    })
+    //console.log(r)
+    return r
+}
+const getSecureUrl = async (Key) => {
+    //console.log('getSignedUrl')
+    let r = await s3.getSignedUrl('getObject', {
+        Bucket:aws_bucket_private,
+        Key,
+    })
+    //console.log(r)
+    return r
+}
+module.exports = {
+    upload,
+    getUrl,
+    getSecureUrl,
+};

package/src/upload/upload-api-generator.js ADDED Viewed

@@ -0,0 +1,248 @@
+const { withConfig } = require('../login/auth.js');
+const { PutObjectCommand, CreateMultipartUploadCommand, UploadPartCommand, CompleteMultipartUploadCommand, AbortMultipartUploadCommand } = require('@aws-sdk/client-s3')
+const { getSignedUrl } = require('@aws-sdk/s3-request-presigner')
+const { genEntityIdWithKey } = require('../common/util.js');
+const { S3Client } = require('@aws-sdk/client-s3')
+const fs = require('fs')
+const getContentType = (ext) => {
+    let contentType = 'image/jpeg'
+    if(ext == 'mp4')
+        contentType = 'video/mp4'
+    else if(ext == 'mov')
+        contentType = 'video/quicktime'
+    else if(ext == 'png')
+        contentType = 'image/png'
+    return contentType
+}
+const generateS3UploadApi = async ({ app, db, yml, options }) => {
+    const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
+    const { region, access_key_id, secret_access_key, bucket, bucket_private } = yml.upload.s3;
+    const getS3 = () => {
+        let s3 = new S3Client({
+            region: region,
+            credentials: {
+                accessKeyId: access_key_id,
+                secretAccessKey: secret_access_key
+            }
+        })
+        return s3
+    }
+    app.get('/api/media/url/put/:ext', auth.isAuthenticated, async function(req, res){
+        let s3 = getS3()
+        let {member_no} = req.user;
+        let fileName = await genEntityIdWithKey(db, 'file');
+        let ext = req.params.ext;
+        let contentType = getContentType(ext)
+        let key = `media/${member_no}/${fileName}.${ext}`
+        const uploadUrl = await getSignedUrl(s3, new PutObjectCommand({Bucket: aws_bucket_image,
+            ContentType: contentType,
+            Key: key}), { expiresIn: 300 });
+        let r = {upload_url:uploadUrl, key, fileName:`${fileName}.${ext}`, member_no, contentType}
+        console.log(r)
+        res.json(r);
+    });
+    app.get('/api/media/url/secure/put/:ext', auth.isAuthenticated, async function(req, res){
+        let s3 = getS3()
+        let {member_no} = req.user;
+        let fileName = await genEntityIdWithKey(db, 'file');
+        let ext = req.params.ext;
+        let contentType = getContentType(ext)
+        let key = `media/${member_no}/${fileName}.${ext}`
+        const uploadUrl = await getSignedUrl(s3, new PutObjectCommand({Bucket: aws_bucket_private,
+            ContentType: contentType,
+            Key: key}), { expiresIn: 300 });
+        let r = {upload_url:uploadUrl, key, fileName:`${fileName}.${ext}`, member_no, contentType}
+        res.json(r);
+    });
+    // request uploadId
+    app.get('/api/media/url/secure/init/:ext', auth.isAuthenticated, async function (req, res) {
+        let s3 = getS3();
+        let member_no = req.user.member_no || req.user.id;
+        let fileName = await genEntityIdWithKey(db, 'file');
+        let ext = req.params.ext;
+        let key = `media/${member_no}/${fileName}.${ext}`;
+        let contentType = getContentType(ext);
+        const createMultipartUpload = await s3.send(new CreateMultipartUploadCommand({
+            Bucket: aws_bucket_private,
+            Key: key,
+            ContentType: contentType
+        }));
+        res.json({ uploadId: createMultipartUpload.UploadId, key, contentType });
+    });
+    // request presigned url
+    app.post('/api/media/url/secure/part', auth.isAuthenticated, async function (req, res) {
+        let s3 = getS3();
+        let { key, uploadId, partNumber } = req.body;
+        const command = new UploadPartCommand({
+            Bucket: aws_bucket_private,
+            Key: key,
+            UploadId: uploadId,
+            PartNumber: partNumber
+        });
+        const uploadUrl = await getSignedUrl(s3, command, { expiresIn: 300*10 });
+        res.json({ uploadUrl });
+    });
+    // merge file
+    app.post('/api/media/url/secure/complete', auth.isAuthenticated, async function (req, res) {
+        let s3 = getS3();
+        let { key, uploadId, parts } = req.body;
+        parts.sort((a, b) => a.PartNumber - b.PartNumber);
+        await s3.send(new CompleteMultipartUploadCommand({
+            Bucket: aws_bucket_private,
+            Key: key,
+            UploadId: uploadId,
+            MultipartUpload: { Parts: parts }
+        }));
+        res.json({ key });
+    });
+    // 청크파일 삭제
+    app.post('/api/media/url/secure/abort', auth.isAuthenticated, async (req, res) => {
+        try {
+            const { key, uploadId } = req.body;
+            const s3 = getS3();
+            await s3.send(new AbortMultipartUploadCommand({
+                Bucket: aws_bucket_private,
+                Key: key,
+                UploadId: uploadId
+            }));
+            res.json({ r: true });
+        } catch (error) {
+            console.log(error);
+            res.status(500).json({ r: false });
+        }
+    });
+    app.post('/api/media/url/put', auth.isAuthenticated, async function(req, res) {
+        let s3 = getS3()
+        let {member_no} = req.user
+        const {ext_list} = req.body
+        let r = {list:[], r:true}
+        for(let ext of ext_list) {
+            let fileName = await genEntityIdWithKey(db, 'file')
+            let key = `media/${member_no}/${fileName}.${ext}`
+            let contentType = getContentType(ext)
+            const upload_url = await getSignedUrl(s3, new PutObjectCommand({Bucket: aws_bucket_image,
+                ContentType: contentType,
+                Key: key}), { expiresIn: 300 });
+            r.list.push({upload_url, key, fileName:`${fileName}.${ext}`, member_no, contentType})
+        }
+        res.json(r);
+    })
+    app.post('/api/media/url/secure/put', auth.isAuthenticated, async function(req, res) {
+        let s3 = getS3()
+        let {member_no} = req.user
+        const {ext_list} = req.body
+        let r = {list:[], r:true}
+        for(let ext of ext_list) {
+            let fileName = await genEntityIdWithKey(db, 'file')
+            let key = `media/${member_no}/${fileName}.${ext}`
+            let contentType = getContentType(ext)
+            const upload_url = await getSignedUrl(s3, new PutObjectCommand({Bucket: aws_bucket_private,
+                ContentType: contentType,
+                Key: key}), { expiresIn: 300 });
+            r.list.push({upload_url, key, fileName:`${fileName}.${ext}`, member_no, contentType})
+        }
+        res.json(r);
+    })
+}
+const generateLocalUploadApi = async ({ app, db, yml, options }) => {
+    const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
+    const { path, path_private } = yml.upload.local;
+    // Accept raw binary for local upload and stream to disk
+    app.put('/api/local/media/upload', auth.isAuthenticated, async function(req, res) {
+        let member_no = req.user.member_no || req.user.id;
+        let {ext, name} = req.query
+        let fileName = await genEntityIdWithKey(db, 'file')
+        let key = `media/${member_no}/${fileName}.${ext}`
+        // Ensure directory exists
+        const fullPath = `${path}/${key}`;
+        fs.mkdirSync(require('path').dirname(fullPath), { recursive: true });
+        const writeStream = fs.createWriteStream(fullPath);
+        req.pipe(writeStream);
+        writeStream.on('finish', () => {
+            res.json({ r: true, key })
+        });
+        writeStream.on('error', (err) => {
+            console.error(err);
+            res.status(500).json({ r: false, msg:err.message })
+        });
+    })
+    app.put('/api/local/media/upload/secure', auth.isAuthenticated, async function(req, res) {
+        let member_no = req.user.member_no || req.user.id;
+        let {ext, name} = req.query
+        let fileName = await genEntityIdWithKey(db, 'file')
+        let key = `media/${member_no}/${fileName}.${ext}`
+        try {
+            // Ensure directory exists
+            const fullPath = `${path_private}/${key}`;
+            fs.mkdirSync(require('path').dirname(fullPath), { recursive: true });
+            const writeStream = fs.createWriteStream(fullPath);
+            req.pipe(writeStream);
+            writeStream.on('finish', () => {
+                res.json({ r: true, key })
+            });
+            writeStream.on('error', (err) => {
+                console.error(err);
+                res.status(500).json({ r: false, msg:err.message })
+            });
+        } catch (e) {
+            console.error(e)
+            res.status(500).json({ r:false })
+        }
+    })
+}
+const generateUploadApi = async ({ app, db, yml, options }) => {
+    if(yml.upload.s3) {
+        await generateS3UploadApi({ app, db, yml, options })
+    }
+    if(yml.upload.local) {
+        await generateLocalUploadApi({ app, db, yml, options })
+    }
+}
+module.exports = {
+    generateUploadApi
+}

package/src/yml-admin-api.js CHANGED Viewed

@@ -1,8 +1,10 @@
 const { MongoClient } = require('mongodb');
 const fs = require('fs').promises;
 const yaml = require('yaml');
-const { generateEntityApi } = require('./crud/api-generator');
+const { generateEntityApi } = require('./crud/entity-api-generator');
 const { generateLoginApi } = require('./crud/login-api-generator');
+const { withConfig } = require('./login/auth.js');
+const { generateUploadApi } = require('./upload/upload-api-generator');
 async function registerRoutes(app, options = {}) {
   const { yamlPath, yamlString } = options;
@@ -31,18 +33,34 @@ async function registerRoutes(app, options = {}) {
       console.log('db connected')
     }
   }
-  const jwt_secret = yml.login["jwt-secret"]
-  app.set('jwt-secret', jwt_secret);
   await generateLoginApi(app, db, yml)
-  entity && Object.keys(entity).forEach(async (entityName) => {
+  entity && Object.keys(entity).forEach(async (entity_name) => {
     await generateEntityApi({
       app, db,
-      name:entityName,
-      entity:entity[entityName],
-      jwt_secret
+      entity_name,
+      entity:entity[entity_name],
+      yml,
+      options,
     })
   })
+  await generateUploadApi({
+    app, db,
+    yml,
+    options,
+  })
+  //local secure download api
+  const auth = withConfig({ db, jwt_secret: yml.login["jwt-secret"] });
+  app.get('/local-secure-download', auth.isAuthenticated, async (req, res) => {
+    const {key} = req.query;
+    const a = `${yml.upload.local.path_private}/${key}`
+    const file = await fs.readFile(a)
+    res.setHeader('Content-Disposition', `attachment; filename=${key}`);
+    res.setHeader('Content-Type', 'application/octet-stream');
+    res.send(file);
+  })
 }
 async function readYml(path) {

package/src/crud/api-generator.js DELETED Viewed

@@ -1,118 +0,0 @@
-const isAuthenticated = (jwt_secret) => {
-    return async (req, res, next) => {
-        const token = req.headers['x-access-token'] || req.query.token || req.cookies.token;
-        if (token == null)
-            res.json({ r: false, err: { code: 666 }, msg: '로그인 필요' });
-        else {
-            jwt.verify(token, jwt_secret, (err, decoded) => {
-                if (err) {
-                    res.json({ r: false, err: { code: 666 }, msg: '로그인 필요' });
-                    return;
-                }
-                req.user = decoded;
-                delete req.user.password;
-                next();
-            })
-        }
-    }
-}
-const generateList = async ({app, db, name, entity, jwt_secret}) => {
-    //list
-    app.get(`/${name}`, isAuthenticated(jwt_secret), async function (req, res) {
-        var s = {};
-        var _sort = req.query._sort;
-        var _order = req.query._order;
-        if (_sort != null)
-            s[_sort] = (_order == 'ASC' ? 1 : -1);
-        var _end = req.query._end;
-        var _start = req.query._start;
-        var l = _end - _start;
-        //검색 파라미터
-        var f = {};
-        var id = req.query.id;
-        if (id) {
-            if (Array.isArray(id))
-                f['id'] = { $in: id.map(m => parseInt(m)) };
-            else
-                f['id'] = parseInt(id);
-        }
-        // ${
-        //     entity.property.filter(f=>f.search && f.type != 'divider').map(m=>{
-        //         if(m.type == 'bool') {
-        //             return `
-        //             if (req.query.${m.name})
-        //                 f['${m.name}'] = req.query.${m.name} == 'true'
-        //             `
-        //         } else if(m.type == 'text') {
-        //             return `
-        //             if (req.query.${m.name})
-        //                 f['${m.name}'] = { $regex: ".*" + req.query.${m.name} + ".*" }
-        //             `
-        //         } else if(m.type == 'reference') {
-        //             //reference의 키는 integer인지 string인지 모른다. 그리고 member_no같이 string으로 취급되어야할 integer도 있다
-        //             return `
-        //             if (req.query.${m.name})
-        //                 f['${m.name}'] = isNaN(Number(req.query.${m.name}))|| parseInt(req.query.${m.name}) > 1569340492095?req.query.${m.name}:parseInt(req.query.${m.name})
-        //             `
-        //         } else if(m.type == 'date') {
-        //             return `
-        //             if (req.query.date) {
-        //                 if(req.query.date.replace(/-/g, '').length == 8) {
-        //                     //해당 날짜의 시작Date와 끝Date로 검색
-        //                     f['date'] = {
-        //                         $gte: moment(req.query.date).startOf('day').toDate(),
-        //                         $lte: moment(req.query.date).endOf('day').toDate()
-        //                     }
-        //                 }
-        //             }
-        //             `
-        //         } else {
-        //             return `
-        //             if (req.query.${m.name})
-        //                 f['${m.name}'] = req.query.${m.name}
-        //             `
-        //         }
-        //     }).join('\n')
-        // }
-        var name = req.query.name;
-        if (name == null && req.query.q)
-            name = req.query.q;
-        if (name != null)
-            f['name'] = { $regex: ".*" + name + ".*" };
-        f.remove = { $ne: true }
-        //Custom f list Start
-        //Custom f list End
-        var count = await db.collection('${name}').find(f).project({ _id: false }).sort(s).count();
-        let list = await db.collection('${name}').find(f).project({ _id: false }).sort(s).skip(parseInt(_start)).limit(l).toArray()
-        console.log('entity', entity)
-        list.map(m => {
-            m.id = entity.key
-        })
-        //Custom list Start
-        //Custom list End
-        await addInfo(db, list)
-        res.header('X-Total-Count', count);
-        res.json(list);
-    });
-}
-const generateEntityApi = async ({app, db, name, entity, jwt_secret}) => {
-    const { fields } = entity;
-    console.log('generateEntityApi', name)
-    await generateList({app, db, name, entity, jwt_secret})
-}
-module.exports = {
-    generateEntityApi
-}