From 674af3435516ae047f02a5a799b5afef935064c8 Mon Sep 17 00:00:00 2001 From: Benjamin Toby Date: Mon, 12 May 2025 10:47:47 +0100 Subject: [PATCH] Updates --- .../actions/users/reauth-user.js | 225 ++++++++-------- .../backend/html/sanitizeHtmlOptions.js | 5 +- dist/package-shared/types/index.d.ts | 6 + dist/package-shared/utils/slugify.js | 2 +- package-shared/actions/users/reauth-user.ts | 242 +++++++++--------- .../backend/html/sanitizeHtmlOptions.ts | 6 +- package-shared/types/index.ts | 9 + package-shared/utils/slugify.ts | 2 +- package.json | 2 +- 9 files changed, 268 insertions(+), 231 deletions(-) diff --git a/dist/package-shared/actions/users/reauth-user.js b/dist/package-shared/actions/users/reauth-user.js index 05d6723..dcdae5b 100644 --- a/dist/package-shared/actions/users/reauth-user.js +++ b/dist/package-shared/actions/users/reauth-user.js @@ -13,29 +13,23 @@ var __importDefault = (this && this.__importDefault) || function (mod) { }; Object.defineProperty(exports, "__esModule", { value: true }); exports.default = reauthUser; -const fs_1 = __importDefault(require("fs")); -const path_1 = __importDefault(require("path")); -const encrypt_1 = __importDefault(require("../../functions/dsql/encrypt")); const user_auth_1 = __importDefault(require("./user-auth")); const grab_host_names_1 = __importDefault(require("../../utils/grab-host-names")); -const api_reauth_user_1 = __importDefault(require("../../functions/api/users/api-reauth-user")); -const write_auth_files_1 = require("../../functions/backend/auth/write-auth-files"); -const get_auth_cookie_names_1 = __importDefault(require("../../functions/backend/cookies/get-auth-cookie-names")); -const grab_cookie_expirt_date_1 = __importDefault(require("../../utils/grab-cookie-expirt-date")); +const login_user_1 = __importDefault(require("./login-user")); /** * # Reauthorize User */ function reauthUser(_a) { return __awaiter(this, arguments, void 0, function* ({ key, database, response, request, level, encryptionKey, encryptionSalt, additionalFields, encryptedUserString, user_id, secureCookie, }) { - var _b, _c; + var _b; /** * Check Encryption Keys * * @description Check Encryption Keys */ const grabedHostNames = (0, grab_host_names_1.default)(); - const { host, port, scheme } = grabedHostNames; - const COOKIE_EXPIRY_DATE = (0, grab_cookie_expirt_date_1.default)(); + // const { host, port, scheme } = grabedHostNames; + // const COOKIE_EXPIRY_DATE = grabCookieExpiryDate(); const finalEncryptionKey = encryptionKey || process.env.DSQL_ENCRYPTION_PASSWORD; const finalEncryptionSalt = encryptionSalt || process.env.DSQL_ENCRYPTION_SALT; const existingUser = (0, user_auth_1.default)({ @@ -53,6 +47,19 @@ function reauthUser(_a) { msg: "Cookie Credentials Invalid", }; } + return yield (0, login_user_1.default)({ + database: database || "", + payload: { + email: existingUser.payload.email, + }, + additionalFields, + skipPassword: true, + response, + request, + user_id, + secureCookie, + key, + }); /** * Initialize HTTP response variable */ @@ -62,97 +69,111 @@ function reauthUser(_a) { * * @description Look for local db settings in `.env` file and by pass the http request if available */ - const { DSQL_DB_HOST, DSQL_DB_USERNAME, DSQL_DB_PASSWORD, DSQL_DB_NAME } = process.env; - if ((DSQL_DB_HOST === null || DSQL_DB_HOST === void 0 ? void 0 : DSQL_DB_HOST.match(/./)) && - (DSQL_DB_USERNAME === null || DSQL_DB_USERNAME === void 0 ? void 0 : DSQL_DB_USERNAME.match(/./)) && - (DSQL_DB_PASSWORD === null || DSQL_DB_PASSWORD === void 0 ? void 0 : DSQL_DB_PASSWORD.match(/./)) && - (DSQL_DB_NAME === null || DSQL_DB_NAME === void 0 ? void 0 : DSQL_DB_NAME.match(/./)) && - global.DSQL_USE_LOCAL) { - let dbSchema; - try { - const localDbSchemaPath = path_1.default.resolve(process.cwd(), "dsql.schema.json"); - dbSchema = JSON.parse(fs_1.default.readFileSync(localDbSchemaPath, "utf8")); - } - catch (error) { } - httpResponse = yield (0, api_reauth_user_1.default)({ - existingUser: existingUser.payload, - additionalFields, - }); - } - else { - /** - * Make https request - * - * @description make a request to datasquirel.com - */ - httpResponse = (yield new Promise((resolve, reject) => { - const reqPayload = JSON.stringify({ - existingUser: existingUser.payload, - database, - additionalFields, - }); - const httpsRequest = scheme.request({ - method: "POST", - headers: { - "Content-Type": "application/json", - "Content-Length": Buffer.from(reqPayload).length, - Authorization: key || - process.env.DSQL_FULL_ACCESS_API_KEY || - process.env.DSQL_API_KEY, - }, - port, - hostname: host, - path: `/api/user/${user_id || grabedHostNames.user_id}/reauth-user`, - }, - /** - * Callback Function - * - * @description https request callback - */ - (response) => { - var str = ""; - response.on("data", function (chunk) { - str += chunk; - }); - response.on("end", function () { - resolve(JSON.parse(str)); - }); - response.on("error", (err) => { - reject(err); - }); - }); - httpsRequest.write(reqPayload); - httpsRequest.end(); - })); - } - /** - * Make https request - * - * @description make a request to datasquirel.com - */ - if (httpResponse === null || httpResponse === void 0 ? void 0 : httpResponse.success) { - let encryptedPayload = (0, encrypt_1.default)({ - data: JSON.stringify(httpResponse.payload), - encryptionKey: finalEncryptionKey, - encryptionSalt: finalEncryptionSalt, - }); - const cookieNames = (0, get_auth_cookie_names_1.default)({ - database, - userId: user_id || grabedHostNames.user_id, - }); - httpResponse["cookieNames"] = cookieNames; - httpResponse["key"] = String(encryptedPayload); - const authKeyName = cookieNames.keyCookieName; - const csrfName = cookieNames.csrfCookieName; - response === null || response === void 0 ? void 0 : response.setHeader("Set-Cookie", [ - `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}${secureCookie ? ";Secure=true" : ""}`, - `${csrfName}=${(_c = httpResponse.payload) === null || _c === void 0 ? void 0 : _c.csrf_k};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}`, - ]); - if (httpResponse.csrf) { - (0, write_auth_files_1.deleteAuthFile)(String(existingUser.payload.csrf_k)); - (0, write_auth_files_1.writeAuthFile)(httpResponse.csrf, JSON.stringify(httpResponse.payload)); - } - } - return httpResponse; + // const { DSQL_DB_HOST, DSQL_DB_USERNAME, DSQL_DB_PASSWORD, DSQL_DB_NAME } = + // process.env; + // if ( + // DSQL_DB_HOST?.match(/./) && + // DSQL_DB_USERNAME?.match(/./) && + // DSQL_DB_PASSWORD?.match(/./) && + // DSQL_DB_NAME?.match(/./) && + // global.DSQL_USE_LOCAL + // ) { + // let dbSchema: import("../../types").DSQL_DatabaseSchemaType | undefined; + // try { + // const localDbSchemaPath = path.resolve( + // process.cwd(), + // "dsql.schema.json" + // ); + // dbSchema = JSON.parse(fs.readFileSync(localDbSchemaPath, "utf8")); + // } catch (error) {} + // httpResponse = await apiReauthUser({ + // existingUser: existingUser.payload, + // additionalFields, + // }); + // } else { + // /** + // * Make https request + // * + // * @description make a request to datasquirel.com + // */ + // httpResponse = (await new Promise((resolve, reject) => { + // const reqPayload = JSON.stringify({ + // existingUser: existingUser.payload, + // database, + // additionalFields, + // }); + // const httpsRequest = scheme.request( + // { + // method: "POST", + // headers: { + // "Content-Type": "application/json", + // "Content-Length": Buffer.from(reqPayload).length, + // Authorization: + // key || + // process.env.DSQL_FULL_ACCESS_API_KEY || + // process.env.DSQL_API_KEY, + // }, + // port, + // hostname: host, + // path: `/api/user/${ + // user_id || grabedHostNames.user_id + // }/reauth-user`, + // }, + // /** + // * Callback Function + // * + // * @description https request callback + // */ + // (response) => { + // var str = ""; + // response.on("data", function (chunk) { + // str += chunk; + // }); + // response.on("end", function () { + // resolve(JSON.parse(str)); + // }); + // response.on("error", (err) => { + // reject(err); + // }); + // } + // ); + // httpsRequest.write(reqPayload); + // httpsRequest.end(); + // })) as APILoginFunctionReturn; + // } + // /** + // * Make https request + // * + // * @description make a request to datasquirel.com + // */ + // if (httpResponse?.success) { + // let encryptedPayload = encrypt({ + // data: JSON.stringify(httpResponse.payload), + // encryptionKey: finalEncryptionKey, + // encryptionSalt: finalEncryptionSalt, + // }); + // const cookieNames = getAuthCookieNames({ + // database, + // userId: user_id || grabedHostNames.user_id, + // }); + // httpResponse["cookieNames"] = cookieNames; + // httpResponse["key"] = String(encryptedPayload); + // const authKeyName = cookieNames.keyCookieName; + // const csrfName = cookieNames.csrfCookieName; + // response?.setHeader("Set-Cookie", [ + // `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}${ + // secureCookie ? ";Secure=true" : "" + // }`, + // `${csrfName}=${httpResponse.payload?.csrf_k};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}`, + // ]); + // if (httpResponse.csrf) { + // deleteAuthFile(String(existingUser.payload.csrf_k)); + // writeAuthFile( + // httpResponse.csrf, + // JSON.stringify(httpResponse.payload) + // ); + // } + // } + // return httpResponse; }); } diff --git a/dist/package-shared/functions/backend/html/sanitizeHtmlOptions.js b/dist/package-shared/functions/backend/html/sanitizeHtmlOptions.js index 57494aa..7b2c3b9 100644 --- a/dist/package-shared/functions/backend/html/sanitizeHtmlOptions.js +++ b/dist/package-shared/functions/backend/html/sanitizeHtmlOptions.js @@ -1,5 +1,4 @@ "use strict"; -// @ts-check Object.defineProperty(exports, "__esModule", { value: true }); const sanitizeHtmlOptions = { allowedTags: [ @@ -27,9 +26,9 @@ const sanitizeHtmlOptions = { "br", ], allowedAttributes: { - a: ["href"], + a: ["href", "title", "class", "style"], img: ["src", "alt", "width", "height", "class", "style"], - "*": ["style", "class"], + "*": ["style", "class", "title"], }, }; exports.default = sanitizeHtmlOptions; diff --git a/dist/package-shared/types/index.d.ts b/dist/package-shared/types/index.d.ts index 8f26942..41ed914 100644 --- a/dist/package-shared/types/index.d.ts +++ b/dist/package-shared/types/index.d.ts @@ -949,6 +949,7 @@ export type ServerQueryParam = { selectFields?: string[]; + omitFields?: string[]; query?: ServerQueryQueryObject; limit?: number; page?: number; @@ -1003,6 +1004,11 @@ export type ServerQueryParamsJoin { - const reqPayload = JSON.stringify({ - existingUser: existingUser.payload, - database, - additionalFields, - }); + // httpResponse = await apiReauthUser({ + // existingUser: existingUser.payload, + // additionalFields, + // }); + // } else { + // /** + // * Make https request + // * + // * @description make a request to datasquirel.com + // */ + // httpResponse = (await new Promise((resolve, reject) => { + // const reqPayload = JSON.stringify({ + // existingUser: existingUser.payload, + // database, + // additionalFields, + // }); - const httpsRequest = scheme.request( - { - method: "POST", - headers: { - "Content-Type": "application/json", - "Content-Length": Buffer.from(reqPayload).length, - Authorization: - key || - process.env.DSQL_FULL_ACCESS_API_KEY || - process.env.DSQL_API_KEY, - }, - port, - hostname: host, - path: `/api/user/${ - user_id || grabedHostNames.user_id - }/reauth-user`, - }, + // const httpsRequest = scheme.request( + // { + // method: "POST", + // headers: { + // "Content-Type": "application/json", + // "Content-Length": Buffer.from(reqPayload).length, + // Authorization: + // key || + // process.env.DSQL_FULL_ACCESS_API_KEY || + // process.env.DSQL_API_KEY, + // }, + // port, + // hostname: host, + // path: `/api/user/${ + // user_id || grabedHostNames.user_id + // }/reauth-user`, + // }, - /** - * Callback Function - * - * @description https request callback - */ - (response) => { - var str = ""; + // /** + // * Callback Function + // * + // * @description https request callback + // */ + // (response) => { + // var str = ""; - response.on("data", function (chunk) { - str += chunk; - }); + // response.on("data", function (chunk) { + // str += chunk; + // }); - response.on("end", function () { - resolve(JSON.parse(str)); - }); + // response.on("end", function () { + // resolve(JSON.parse(str)); + // }); - response.on("error", (err) => { - reject(err); - }); - } - ); + // response.on("error", (err) => { + // reject(err); + // }); + // } + // ); - httpsRequest.write(reqPayload); - httpsRequest.end(); - })) as APILoginFunctionReturn; - } + // httpsRequest.write(reqPayload); + // httpsRequest.end(); + // })) as APILoginFunctionReturn; + // } - /** - * Make https request - * - * @description make a request to datasquirel.com - */ - if (httpResponse?.success) { - let encryptedPayload = encrypt({ - data: JSON.stringify(httpResponse.payload), - encryptionKey: finalEncryptionKey, - encryptionSalt: finalEncryptionSalt, - }); + // /** + // * Make https request + // * + // * @description make a request to datasquirel.com + // */ + // if (httpResponse?.success) { + // let encryptedPayload = encrypt({ + // data: JSON.stringify(httpResponse.payload), + // encryptionKey: finalEncryptionKey, + // encryptionSalt: finalEncryptionSalt, + // }); - const cookieNames = getAuthCookieNames({ - database, - userId: user_id || grabedHostNames.user_id, - }); + // const cookieNames = getAuthCookieNames({ + // database, + // userId: user_id || grabedHostNames.user_id, + // }); - httpResponse["cookieNames"] = cookieNames; - httpResponse["key"] = String(encryptedPayload); + // httpResponse["cookieNames"] = cookieNames; + // httpResponse["key"] = String(encryptedPayload); - const authKeyName = cookieNames.keyCookieName; - const csrfName = cookieNames.csrfCookieName; + // const authKeyName = cookieNames.keyCookieName; + // const csrfName = cookieNames.csrfCookieName; - response?.setHeader("Set-Cookie", [ - `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}${ - secureCookie ? ";Secure=true" : "" - }`, - `${csrfName}=${httpResponse.payload?.csrf_k};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}`, - ]); + // response?.setHeader("Set-Cookie", [ + // `${authKeyName}=${encryptedPayload};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}${ + // secureCookie ? ";Secure=true" : "" + // }`, + // `${csrfName}=${httpResponse.payload?.csrf_k};samesite=strict;path=/;HttpOnly=true;Expires=${COOKIE_EXPIRY_DATE}`, + // ]); - if (httpResponse.csrf) { - deleteAuthFile(String(existingUser.payload.csrf_k)); - writeAuthFile( - httpResponse.csrf, - JSON.stringify(httpResponse.payload) - ); - } - } + // if (httpResponse.csrf) { + // deleteAuthFile(String(existingUser.payload.csrf_k)); + // writeAuthFile( + // httpResponse.csrf, + // JSON.stringify(httpResponse.payload) + // ); + // } + // } - return httpResponse; + // return httpResponse; } diff --git a/package-shared/functions/backend/html/sanitizeHtmlOptions.ts b/package-shared/functions/backend/html/sanitizeHtmlOptions.ts index 347ae66..fdf7c4d 100644 --- a/package-shared/functions/backend/html/sanitizeHtmlOptions.ts +++ b/package-shared/functions/backend/html/sanitizeHtmlOptions.ts @@ -1,5 +1,3 @@ -// @ts-check - const sanitizeHtmlOptions = { allowedTags: [ "b", @@ -26,9 +24,9 @@ const sanitizeHtmlOptions = { "br", ], allowedAttributes: { - a: ["href"], + a: ["href", "title", "class", "style"], img: ["src", "alt", "width", "height", "class", "style"], - "*": ["style", "class"], + "*": ["style", "class", "title"], }, }; diff --git a/package-shared/types/index.ts b/package-shared/types/index.ts index 291ff5f..ff33c40 100644 --- a/package-shared/types/index.ts +++ b/package-shared/types/index.ts @@ -1098,6 +1098,7 @@ export type ServerQueryParam< T extends { [k: string]: any } = { [k: string]: any } > = { selectFields?: string[]; + omitFields?: string[]; query?: ServerQueryQueryObject; limit?: number; page?: number; @@ -1160,6 +1161,14 @@ export type ServerQueryParamsJoin< count?: boolean; } )[]; + omitFields?: ( + | keyof Field + | { + field: keyof Field; + alias?: string; + count?: boolean; + } + )[]; operator?: (typeof ServerQueryOperators)[number]; }; diff --git a/package-shared/utils/slugify.ts b/package-shared/utils/slugify.ts index a41c540..6b956a0 100644 --- a/package-shared/utils/slugify.ts +++ b/package-shared/utils/slugify.ts @@ -21,7 +21,7 @@ export default function slugify(str?: string): string { .replace(/-{2,}/g, "-") .replace(/^-/, "") .replace(/-$/, ""); - } catch (/** @type {any} */ error: any) { + } catch (error: any) { console.log(`Slugify ERROR: ${error.message}`); return ""; } diff --git a/package.json b/package.json index 405d8a8..a05f857 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@moduletrace/datasquirel", - "version": "4.5.7", + "version": "4.5.8", "description": "Cloud-based SQL data management tool", "main": "dist/index.js", "bin": {