Fix some nunjucks globals not properly set and make getCSRFToken dynamic
This commit is contained in:
parent
47e0756930
commit
87aae6bb33
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "wms-core",
|
"name": "wms-core",
|
||||||
"version": "0.22.0-rc.17",
|
"version": "0.22.0-rc.18",
|
||||||
"description": "Node web application framework and toolbelt.",
|
"description": "Node web application framework and toolbelt.",
|
||||||
"repository": "https://gitlab.com/ArisuOngaku/wms-core",
|
"repository": "https://gitlab.com/ArisuOngaku/wms-core",
|
||||||
"author": "Alice Gaudon <alice@gaudon.pro>",
|
"author": "Alice Gaudon <alice@gaudon.pro>",
|
||||||
|
@ -6,6 +6,13 @@ import {BadRequestError} from "../HttpError";
|
|||||||
export default class CsrfProtectionComponent extends ApplicationComponent<void> {
|
export default class CsrfProtectionComponent extends ApplicationComponent<void> {
|
||||||
private static readonly excluders: ((req: Request) => boolean)[] = [];
|
private static readonly excluders: ((req: Request) => boolean)[] = [];
|
||||||
|
|
||||||
|
public static getCSRFToken(session: Express.Session): string {
|
||||||
|
if (typeof session.csrf !== 'string') {
|
||||||
|
session.csrf = crypto.randomBytes(64).toString('base64');
|
||||||
|
}
|
||||||
|
return session.csrf;
|
||||||
|
}
|
||||||
|
|
||||||
public static addExcluder(excluder: (req: Request) => boolean) {
|
public static addExcluder(excluder: (req: Request) => boolean) {
|
||||||
this.excluders.push(excluder);
|
this.excluders.push(excluder);
|
||||||
}
|
}
|
||||||
@ -21,10 +28,7 @@ export default class CsrfProtectionComponent extends ApplicationComponent<void>
|
|||||||
}
|
}
|
||||||
|
|
||||||
res.locals.getCSRFToken = () => {
|
res.locals.getCSRFToken = () => {
|
||||||
if (typeof req.session!.csrf !== 'string') {
|
return CsrfProtectionComponent.getCSRFToken(req.session!);
|
||||||
req.session!.csrf = crypto.randomBytes(64).toString('base64');
|
|
||||||
}
|
|
||||||
return req.session!.csrf;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
if (!['GET', 'HEAD', 'OPTIONS'].find(s => s === req.method)) {
|
if (!['GET', 'HEAD', 'OPTIONS'].find(s => s === req.method)) {
|
||||||
|
@ -12,7 +12,7 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
|||||||
private readonly viewsPath: string;
|
private readonly viewsPath: string;
|
||||||
private env?: Environment;
|
private env?: Environment;
|
||||||
|
|
||||||
constructor(viewsPath: string = 'views') {
|
public constructor(viewsPath: string = 'views') {
|
||||||
super();
|
super();
|
||||||
this.viewsPath = viewsPath;
|
this.viewsPath = viewsPath;
|
||||||
}
|
}
|
||||||
@ -46,6 +46,8 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
|||||||
.addGlobal('app_version', this.app!.getVersion())
|
.addGlobal('app_version', this.app!.getVersion())
|
||||||
.addGlobal('core_version', coreVersion)
|
.addGlobal('core_version', coreVersion)
|
||||||
.addGlobal('querystring', querystring)
|
.addGlobal('querystring', querystring)
|
||||||
|
.addGlobal('app', config.get('app'))
|
||||||
|
|
||||||
.addFilter('dump', (val) => {
|
.addFilter('dump', (val) => {
|
||||||
return util.inspect(val);
|
return util.inspect(val);
|
||||||
})
|
})
|
||||||
@ -63,10 +65,11 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
|||||||
res.locals.query = req.query;
|
res.locals.query = req.query;
|
||||||
res.locals.body = req.body;
|
res.locals.body = req.body;
|
||||||
|
|
||||||
res.locals.app = config.get('app');
|
|
||||||
res.locals.websocketUrl = config.get('public_websocket_url');
|
|
||||||
|
|
||||||
next();
|
next();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public getEnv(): Environment | undefined {
|
||||||
|
return this.env;
|
||||||
|
}
|
||||||
}
|
}
|
@ -9,19 +9,18 @@ import ExpressAppComponent from "./ExpressAppComponent";
|
|||||||
import Application from "../Application";
|
import Application from "../Application";
|
||||||
import RedisComponent from "./RedisComponent";
|
import RedisComponent from "./RedisComponent";
|
||||||
import WebSocketListener from "../WebSocketListener";
|
import WebSocketListener from "../WebSocketListener";
|
||||||
|
import NunjucksComponent from "./NunjucksComponent";
|
||||||
|
|
||||||
export default class WebSocketServerComponent extends ApplicationComponent<void> {
|
export default class WebSocketServerComponent extends ApplicationComponent<void> {
|
||||||
private readonly application: Application;
|
|
||||||
private readonly expressAppComponent: ExpressAppComponent;
|
|
||||||
private readonly storeComponent: RedisComponent;
|
|
||||||
|
|
||||||
private wss?: WebSocket.Server;
|
private wss?: WebSocket.Server;
|
||||||
|
|
||||||
constructor(application: Application, expressAppComponent: ExpressAppComponent, storeComponent: RedisComponent) {
|
constructor(
|
||||||
|
private readonly application: Application,
|
||||||
|
private readonly expressAppComponent: ExpressAppComponent,
|
||||||
|
private readonly storeComponent: RedisComponent,
|
||||||
|
private readonly nunjucksComponent?: NunjucksComponent,
|
||||||
|
) {
|
||||||
super();
|
super();
|
||||||
this.expressAppComponent = expressAppComponent;
|
|
||||||
this.application = application;
|
|
||||||
this.storeComponent = storeComponent;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public async start(app: Express): Promise<void> {
|
public async start(app: Express): Promise<void> {
|
||||||
@ -71,6 +70,11 @@ export default class WebSocketServerComponent extends ApplicationComponent<void>
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const env = this.nunjucksComponent?.getEnv();
|
||||||
|
if (env) {
|
||||||
|
env.addGlobal('websocketUrl', config.get('public_websocket_url'));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public async stop(): Promise<void> {
|
public async stop(): Promise<void> {
|
||||||
|
Loading…
Reference in New Issue
Block a user