Fix some nunjucks globals not properly set and make getCSRFToken dynamic
This commit is contained in:
parent
47e0756930
commit
87aae6bb33
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "wms-core",
|
||||
"version": "0.22.0-rc.17",
|
||||
"version": "0.22.0-rc.18",
|
||||
"description": "Node web application framework and toolbelt.",
|
||||
"repository": "https://gitlab.com/ArisuOngaku/wms-core",
|
||||
"author": "Alice Gaudon <alice@gaudon.pro>",
|
||||
|
@ -6,6 +6,13 @@ import {BadRequestError} from "../HttpError";
|
||||
export default class CsrfProtectionComponent extends ApplicationComponent<void> {
|
||||
private static readonly excluders: ((req: Request) => boolean)[] = [];
|
||||
|
||||
public static getCSRFToken(session: Express.Session): string {
|
||||
if (typeof session.csrf !== 'string') {
|
||||
session.csrf = crypto.randomBytes(64).toString('base64');
|
||||
}
|
||||
return session.csrf;
|
||||
}
|
||||
|
||||
public static addExcluder(excluder: (req: Request) => boolean) {
|
||||
this.excluders.push(excluder);
|
||||
}
|
||||
@ -21,10 +28,7 @@ export default class CsrfProtectionComponent extends ApplicationComponent<void>
|
||||
}
|
||||
|
||||
res.locals.getCSRFToken = () => {
|
||||
if (typeof req.session!.csrf !== 'string') {
|
||||
req.session!.csrf = crypto.randomBytes(64).toString('base64');
|
||||
}
|
||||
return req.session!.csrf;
|
||||
return CsrfProtectionComponent.getCSRFToken(req.session!);
|
||||
};
|
||||
|
||||
if (!['GET', 'HEAD', 'OPTIONS'].find(s => s === req.method)) {
|
||||
|
@ -12,7 +12,7 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
||||
private readonly viewsPath: string;
|
||||
private env?: Environment;
|
||||
|
||||
constructor(viewsPath: string = 'views') {
|
||||
public constructor(viewsPath: string = 'views') {
|
||||
super();
|
||||
this.viewsPath = viewsPath;
|
||||
}
|
||||
@ -46,6 +46,8 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
||||
.addGlobal('app_version', this.app!.getVersion())
|
||||
.addGlobal('core_version', coreVersion)
|
||||
.addGlobal('querystring', querystring)
|
||||
.addGlobal('app', config.get('app'))
|
||||
|
||||
.addFilter('dump', (val) => {
|
||||
return util.inspect(val);
|
||||
})
|
||||
@ -63,10 +65,11 @@ export default class NunjucksComponent extends ApplicationComponent<void> {
|
||||
res.locals.query = req.query;
|
||||
res.locals.body = req.body;
|
||||
|
||||
res.locals.app = config.get('app');
|
||||
res.locals.websocketUrl = config.get('public_websocket_url');
|
||||
|
||||
next();
|
||||
});
|
||||
}
|
||||
|
||||
public getEnv(): Environment | undefined {
|
||||
return this.env;
|
||||
}
|
||||
}
|
@ -9,19 +9,18 @@ import ExpressAppComponent from "./ExpressAppComponent";
|
||||
import Application from "../Application";
|
||||
import RedisComponent from "./RedisComponent";
|
||||
import WebSocketListener from "../WebSocketListener";
|
||||
import NunjucksComponent from "./NunjucksComponent";
|
||||
|
||||
export default class WebSocketServerComponent extends ApplicationComponent<void> {
|
||||
private readonly application: Application;
|
||||
private readonly expressAppComponent: ExpressAppComponent;
|
||||
private readonly storeComponent: RedisComponent;
|
||||
|
||||
private wss?: WebSocket.Server;
|
||||
|
||||
constructor(application: Application, expressAppComponent: ExpressAppComponent, storeComponent: RedisComponent) {
|
||||
constructor(
|
||||
private readonly application: Application,
|
||||
private readonly expressAppComponent: ExpressAppComponent,
|
||||
private readonly storeComponent: RedisComponent,
|
||||
private readonly nunjucksComponent?: NunjucksComponent,
|
||||
) {
|
||||
super();
|
||||
this.expressAppComponent = expressAppComponent;
|
||||
this.application = application;
|
||||
this.storeComponent = storeComponent;
|
||||
}
|
||||
|
||||
public async start(app: Express): Promise<void> {
|
||||
@ -71,6 +70,11 @@ export default class WebSocketServerComponent extends ApplicationComponent<void>
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
const env = this.nunjucksComponent?.getEnv();
|
||||
if (env) {
|
||||
env.addGlobal('websocketUrl', config.get('public_websocket_url'));
|
||||
}
|
||||
}
|
||||
|
||||
public async stop(): Promise<void> {
|
||||
|
Loading…
Reference in New Issue
Block a user