Moduletrace/datasquirel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Benjamin Toby 2025-05-04 18:49:34 +01:00
parent e4c6c995ef
commit 9ea903a401
5 changed files with 87 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dist/package-shared/actions/get-csrf-header-name.js vendored
View File

@ -2,5 +2,5 @@
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
exports.default = getCsrfHeaderName; exports.default = getCsrfHeaderName;
function getCsrfHeaderName() { function getCsrfHeaderName() {
return "x-csrf-key"; return "x-dsql-csrf-key";
} }

52
dist/package-shared/actions/users/user-auth.js vendored
View File

@ -10,6 +10,7 @@ const write_auth_files_1 = require("../../functions/backend/auth/write-auth-file
const parseCookies_1 = __importDefault(require("../../utils/backend/parseCookies")); const parseCookies_1 = __importDefault(require("../../utils/backend/parseCookies"));
const get_csrf_header_name_1 = __importDefault(require("../../actions/get-csrf-header-name")); const get_csrf_header_name_1 = __importDefault(require("../../actions/get-csrf-header-name"));
const grab_host_names_1 = __importDefault(require("../../utils/grab-host-names")); const grab_host_names_1 = __importDefault(require("../../utils/grab-host-names"));
const debug_log_1 = __importDefault(require("@/package-shared/utils/logging/debug-log"));
const minuteInMilliseconds = 60000; const minuteInMilliseconds = 60000;
const hourInMilliseconds = minuteInMilliseconds * 60; const hourInMilliseconds = minuteInMilliseconds * 60;
const dayInMilliseconds = hourInMilliseconds * 24; const dayInMilliseconds = hourInMilliseconds * 24;
@ -32,20 +33,32 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
cookieString, cookieString,
}); });
if (debug) { if (debug) {
console.log("userAuth:cookies:", cookies); (0, debug_log_1.default)({
log: cookies,
addTime: true,
label: "userAuth:cookies",
});
} }
const keyNames = (0, get_auth_cookie_names_1.default)({ const keyNames = (0, get_auth_cookie_names_1.default)({
userId: user_id, userId: user_id,
database: database || process.env.DSQL_DB_NAME, database: database || process.env.DSQL_DB_NAME,
}); });
if (debug) { if (debug) {
console.log("userAuth:keyNames:", keyNames); (0, debug_log_1.default)({
log: keyNames,
addTime: true,
label: "userAuth:keyNames",
});
} }
const key = encryptedUserString const key = encryptedUserString
? encryptedUserString ? encryptedUserString
: cookies[keyNames.keyCookieName]; : cookies[keyNames.keyCookieName];
if (debug) { if (debug) {
console.log("userAuth:key:", key); (0, debug_log_1.default)({
log: key,
addTime: true,
label: "userAuth:key",
});
} }
/** /**
* Grab the payload * Grab the payload
@ -58,7 +71,11 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
encryptionSalt, encryptionSalt,
}); });
if (debug) { if (debug) {
console.log("userAuth:userPayloadJSON:", userPayloadJSON); (0, debug_log_1.default)({
log: userPayloadJSON,
addTime: true,
label: "userAuth:userPayloadJSON",
});
} }
/** /**
* Grab the payload * Grab the payload
@ -73,15 +90,13 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
cookieNames: keyNames, cookieNames: keyNames,
}; };
} }
/**
* Grab the payload
*
* @description Grab the payload
*/
/** @type {import("../../types").DATASQUIREL_LoggedInUser} */
let userObject = JSON.parse(userPayloadJSON); let userObject = JSON.parse(userPayloadJSON);
if (debug) { if (debug) {
console.log("userAuth:userObject:", userObject); (0, debug_log_1.default)({
log: userObject,
addTime: true,
label: "userAuth:userObject",
});
} }
if (!userObject.csrf_k) { if (!userObject.csrf_k) {
return { return {
@ -107,6 +122,21 @@ function userAuth({ request, req, encryptionKey, encryptionSalt, level, database
if ((level === null || level === void 0 ? void 0 : level.match(/deep/i)) && finalRequest) { if ((level === null || level === void 0 ? void 0 : level.match(/deep/i)) && finalRequest) {
const finalCsrfHeaderName = csrfHeaderName || (0, get_csrf_header_name_1.default)(); const finalCsrfHeaderName = csrfHeaderName || (0, get_csrf_header_name_1.default)();
if (finalRequest.headers[finalCsrfHeaderName] !== userObject.csrf_k) { if (finalRequest.headers[finalCsrfHeaderName] !== userObject.csrf_k) {
(0, debug_log_1.default)({
log: finalCsrfHeaderName,
addTime: true,
label: "userAuth:finalCsrfHeaderName",
});
(0, debug_log_1.default)({
log: finalRequest.headers[finalCsrfHeaderName],
addTime: true,
label: "userAuth:finalRequest.headers[finalCsrfHeaderName]",
});
(0, debug_log_1.default)({
log: userObject,
addTime: true,
label: "userAuth:userObject",
});
return { return {
success: false, success: false,
payload: null, payload: null,

2
package-shared/actions/get-csrf-header-name.ts
View File

@ -1,3 +1,3 @@
export default function getCsrfHeaderName() { export default function getCsrfHeaderName() {
return "x-csrf-key"; return "x-dsql-csrf-key";
} }

55
package-shared/actions/users/user-auth.ts
View File

@ -6,6 +6,7 @@ import parseCookies from "../../utils/backend/parseCookies";
import { AuthenticatedUser } from "../../types"; import { AuthenticatedUser } from "../../types";
import getCsrfHeaderName from "../../actions/get-csrf-header-name"; import getCsrfHeaderName from "../../actions/get-csrf-header-name";
import grabHostNames from "../../utils/grab-host-names"; import grabHostNames from "../../utils/grab-host-names";
import debugLog from "@/package-shared/utils/logging/debug-log";
const minuteInMilliseconds = 60000; const minuteInMilliseconds = 60000;
const hourInMilliseconds = minuteInMilliseconds * 60; const hourInMilliseconds = minuteInMilliseconds * 60;
@ -60,7 +61,11 @@ export default function userAuth({
}); });
if (debug) { if (debug) {
console.log("userAuth:cookies:", cookies); debugLog({
log: cookies,
addTime: true,
label: "userAuth:cookies",
});
} }
const keyNames = getAuthCookieNames({ const keyNames = getAuthCookieNames({
@ -69,7 +74,11 @@ export default function userAuth({
}); });
if (debug) { if (debug) {
console.log("userAuth:keyNames:", keyNames); debugLog({
log: keyNames,
addTime: true,
label: "userAuth:keyNames",
});
} }
const key = encryptedUserString const key = encryptedUserString
@ -77,7 +86,11 @@ export default function userAuth({
: cookies[keyNames.keyCookieName]; : cookies[keyNames.keyCookieName];
if (debug) { if (debug) {
console.log("userAuth:key:", key); debugLog({
log: key,
addTime: true,
label: "userAuth:key",
});
} }
/** /**
@ -92,7 +105,11 @@ export default function userAuth({
}); });
if (debug) { if (debug) {
console.log("userAuth:userPayloadJSON:", userPayloadJSON); debugLog({
log: userPayloadJSON,
addTime: true,
label: "userAuth:userPayloadJSON",
});
} }
/** /**
@ -109,18 +126,15 @@ export default function userAuth({
}; };
} }
/**
* Grab the payload
*
* @description Grab the payload
*/
/** @type {import("../../types").DATASQUIREL_LoggedInUser} */
let userObject: import("../../types").DATASQUIREL_LoggedInUser = let userObject: import("../../types").DATASQUIREL_LoggedInUser =
JSON.parse(userPayloadJSON); JSON.parse(userPayloadJSON);
if (debug) { if (debug) {
console.log("userAuth:userObject:", userObject); debugLog({
log: userObject,
addTime: true,
label: "userAuth:userObject",
});
} }
if (!userObject.csrf_k) { if (!userObject.csrf_k) {
@ -148,9 +162,26 @@ export default function userAuth({
*/ */
if (level?.match(/deep/i) && finalRequest) { if (level?.match(/deep/i) && finalRequest) {
const finalCsrfHeaderName = csrfHeaderName || getCsrfHeaderName(); const finalCsrfHeaderName = csrfHeaderName || getCsrfHeaderName();
if ( if (
finalRequest.headers[finalCsrfHeaderName] !== userObject.csrf_k finalRequest.headers[finalCsrfHeaderName] !== userObject.csrf_k
) { ) {
debugLog({
log: finalCsrfHeaderName,
addTime: true,
label: "userAuth:finalCsrfHeaderName",
});
debugLog({
log: finalRequest.headers[finalCsrfHeaderName],
addTime: true,
label: "userAuth:finalRequest.headers[finalCsrfHeaderName]",
});
debugLog({
log: userObject,
addTime: true,
label: "userAuth:userObject",
});
return { return {
success: false, success: false,
payload: null, payload: null,

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "@moduletrace/datasquirel", "name": "@moduletrace/datasquirel",
"version": "4.5.0", "version": "4.5.1",
"description": "Cloud-based SQL data management tool", "description": "Cloud-based SQL data management tool",
"main": "dist/index.js", "main": "dist/index.js",
"bin": { "bin": {