v2.1.0 (#293)
* Fix wrapping when too many hosts are shown (#207) * Update npm packages, fixes CVE-2019-10757 * Revert some breaking packages * Major overhaul - Docker buildx support in CI - Cypress API Testing in CI - Restructured folder layout (insert clean face meme) - Added Swagger documentation and validate API against that (to be completed) - Use common base image for all supported archs, which includes updated nginx with ipv6 support - Updated certbot and changes required for it - Large amount of Hosts names will wrap in UI - Updated packages for frontend - Version bump 2.1.0 * Updated documentation * Fix JWT expire time going crazy. Now set to 1day * Backend JS formatting rules * Remove v1 importer, I doubt anyone is using v1 anymore * Added backend formatting rules and enforce them in Jenkins builds * Fix CI, doesn't need a tty * Thanks bcrypt. Why can't you just be normal. * Cleanup after syntax check Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com>
This commit is contained in:
jc21
GitHub
30
backend/lib/express/cors.js
Normal file
30
backend/lib/express/cors.js
Normal file
@ -0,0 +1,30 @@
|
||||
const validator = require('../validator');
|
||||
|
||||
module.exports = function (req, res, next) {
|
||||
|
||||
if (req.headers.origin) {
|
||||
|
||||
// very relaxed validation....
|
||||
validator({
|
||||
type: 'string',
|
||||
pattern: '^[a-z\\-]+:\\/\\/(?:[\\w\\-\\.]+(:[0-9]+)?/?)?$'
|
||||
}, req.headers.origin)
|
||||
.then(function () {
|
||||
res.set({
|
||||
'Access-Control-Allow-Origin': req.headers.origin,
|
||||
'Access-Control-Allow-Credentials': true,
|
||||
'Access-Control-Allow-Methods': 'OPTIONS, GET, POST',
|
||||
'Access-Control-Allow-Headers': 'Content-Type, Cache-Control, Pragma, Expires, Authorization, X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit',
|
||||
'Access-Control-Max-Age': 5 * 60,
|
||||
'Access-Control-Expose-Headers': 'X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit'
|
||||
});
|
||||
next();
|
||||
})
|
||||
.catch(next);
|
||||
|
||||
} else {
|
||||
// No origin
|
||||
next();
|
||||
}
|
||||
|
||||
};
|
||||
15
backend/lib/express/jwt-decode.js
Normal file
15
backend/lib/express/jwt-decode.js
Normal file
@ -0,0 +1,15 @@
|
||||
const Access = require('../access');
|
||||
|
||||
module.exports = () => {
|
||||
return function (req, res, next) {
|
||||
res.locals.access = null;
|
||||
let access = new Access(res.locals.token || null);
|
||||
access.load()
|
||||
.then(() => {
|
||||
res.locals.access = access;
|
||||
next();
|
||||
})
|
||||
.catch(next);
|
||||
};
|
||||
};
|
||||
|
||||
13
backend/lib/express/jwt.js
Normal file
13
backend/lib/express/jwt.js
Normal file
@ -0,0 +1,13 @@
|
||||
module.exports = function () {
|
||||
return function (req, res, next) {
|
||||
if (req.headers.authorization) {
|
||||
let parts = req.headers.authorization.split(' ');
|
||||
|
||||
if (parts && parts[0] === 'Bearer' && parts[1]) {
|
||||
res.locals.token = parts[1];
|
||||
}
|
||||
}
|
||||
|
||||
next();
|
||||
};
|
||||
};
|
||||
55
backend/lib/express/pagination.js
Normal file
55
backend/lib/express/pagination.js
Normal file
@ -0,0 +1,55 @@
|
||||
let _ = require('lodash');
|
||||
|
||||
module.exports = function (default_sort, default_offset, default_limit, max_limit) {
|
||||
|
||||
/**
|
||||
* This will setup the req query params with filtered data and defaults
|
||||
*
|
||||
* sort will be an array of fields and their direction
|
||||
* offset will be an int, defaulting to zero if no other default supplied
|
||||
* limit will be an int, defaulting to 50 if no other default supplied, and limited to the max if that was supplied
|
||||
*
|
||||
*/
|
||||
|
||||
return function (req, res, next) {
|
||||
|
||||
req.query.offset = typeof req.query.limit === 'undefined' ? default_offset || 0 : parseInt(req.query.offset, 10);
|
||||
req.query.limit = typeof req.query.limit === 'undefined' ? default_limit || 50 : parseInt(req.query.limit, 10);
|
||||
|
||||
if (max_limit && req.query.limit > max_limit) {
|
||||
req.query.limit = max_limit;
|
||||
}
|
||||
|
||||
// Sorting
|
||||
let sort = typeof req.query.sort === 'undefined' ? default_sort : req.query.sort;
|
||||
let myRegexp = /.*\.(asc|desc)$/ig;
|
||||
let sort_array = [];
|
||||
|
||||
sort = sort.split(',');
|
||||
_.map(sort, function (val) {
|
||||
let matches = myRegexp.exec(val);
|
||||
|
||||
if (matches !== null) {
|
||||
let dir = matches[1];
|
||||
sort_array.push({
|
||||
field: val.substr(0, val.length - (dir.length + 1)),
|
||||
dir: dir.toLowerCase()
|
||||
});
|
||||
} else {
|
||||
sort_array.push({
|
||||
field: val,
|
||||
dir: 'asc'
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
// Sort will now be in this format:
|
||||
// [
|
||||
// { field: 'field1', dir: 'asc' },
|
||||
// { field: 'field2', dir: 'desc' }
|
||||
// ]
|
||||
|
||||
req.query.sort = sort_array;
|
||||
next();
|
||||
};
|
||||
};
|
||||
9
backend/lib/express/user-id-from-me.js
Normal file
9
backend/lib/express/user-id-from-me.js
Normal file
@ -0,0 +1,9 @@
|
||||
module.exports = (req, res, next) => {
|
||||
if (req.params.user_id === 'me' && res.locals.access) {
|
||||
req.params.user_id = res.locals.access.token.get('attrs').id;
|
||||
} else {
|
||||
req.params.user_id = parseInt(req.params.user_id, 10);
|
||||
}
|
||||
|
||||
next();
|
||||
};
|
||||
Reference in New Issue
Block a user