Updates
This commit is contained in:
parent
0880526f44
commit
1aa66be3ba
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@moduletrace/datasquirel",
|
"name": "@moduletrace/datasquirel",
|
||||||
"version": "3.1.3",
|
"version": "3.1.4",
|
||||||
"description": "Cloud-based SQL data management tool",
|
"description": "Cloud-based SQL data management tool",
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"bin": {
|
"bin": {
|
||||||
|
@ -52,13 +52,15 @@ function userAuth({
|
|||||||
csrfHeaderName,
|
csrfHeaderName,
|
||||||
}) {
|
}) {
|
||||||
try {
|
try {
|
||||||
|
const finalRequest = req || request;
|
||||||
|
|
||||||
const finalEncryptionKey =
|
const finalEncryptionKey =
|
||||||
encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
|
encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD;
|
||||||
const finalEncryptionSalt =
|
const finalEncryptionSalt =
|
||||||
encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
|
encryptionSalt || process.env.DSQL_ENCRYPTION_SALT;
|
||||||
|
|
||||||
const cookies = parseCookies({
|
const cookies = parseCookies({
|
||||||
request: request || req,
|
request: finalRequest,
|
||||||
cookieString,
|
cookieString,
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -129,14 +131,10 @@ function userAuth({
|
|||||||
*
|
*
|
||||||
* @description Grab the payload
|
* @description Grab the payload
|
||||||
*/
|
*/
|
||||||
|
if (level?.match(/deep/i) && finalRequest) {
|
||||||
if (
|
if (
|
||||||
level?.match(/deep/i) &&
|
csrfHeaderName &&
|
||||||
((csrfHeaderName &&
|
finalRequest.headers[csrfHeaderName] !== userObject.csrf_k
|
||||||
req?.headers[csrfHeaderName] !== userObject.csrf_k &&
|
|
||||||
request?.headers[csrfHeaderName] !== userObject.csrf_k) ||
|
|
||||||
(csrfHeaderIsValue &&
|
|
||||||
!req?.headers[userObject.csrf_k] &&
|
|
||||||
!request?.headers[userObject.csrf_k]))
|
|
||||||
) {
|
) {
|
||||||
return {
|
return {
|
||||||
success: false,
|
success: false,
|
||||||
@ -145,6 +143,19 @@ function userAuth({
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const targetCsrfHeaderKey = Object.keys(finalRequest.headers)
|
||||||
|
.filter((k) => k.replace(/[^a-zA-Z0-9\-]/g, ""))
|
||||||
|
.find((k) => k == userObject.csrf_k);
|
||||||
|
|
||||||
|
if (csrfHeaderIsValue && !targetCsrfHeaderKey) {
|
||||||
|
return {
|
||||||
|
success: false,
|
||||||
|
payload: null,
|
||||||
|
msg: "CSRF_K Header Key mismatch",
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const payloadCreationDate = Number(userObject.date);
|
const payloadCreationDate = Number(userObject.date);
|
||||||
|
|
||||||
if (
|
if (
|
||||||
|
Loading…
Reference in New Issue
Block a user