Compare commits
No commits in common. "f7e79ab35b7ebc1e3c98b0a314523954c4535db1" and "1a7fe35f7dbfd5539c86edd842c7b5d1aba04431" have entirely different histories.
f7e79ab35b
...
1a7fe35f7d
|
@ -97,18 +97,6 @@ export default class UtapiRequest {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Set request pathname
|
|
||||||
*
|
|
||||||
* @param {string} pathname - pathname from url.parse
|
|
||||||
* of request.url (pathname minus query)
|
|
||||||
* @return {UtapiRequest} itself
|
|
||||||
*/
|
|
||||||
setRequestPathname(pathname) {
|
|
||||||
this._requestPathname = pathname;
|
|
||||||
return this;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get http request object
|
* Get http request object
|
||||||
*
|
*
|
||||||
|
@ -145,15 +133,6 @@ export default class UtapiRequest {
|
||||||
return this._requestPath;
|
return this._requestPath;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get request pathname
|
|
||||||
*
|
|
||||||
* @return {string} request pathname
|
|
||||||
*/
|
|
||||||
getRequestPathname() {
|
|
||||||
return this._requestPathname;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get requester ip address
|
* Get requester ip address
|
||||||
*
|
*
|
||||||
|
|
|
@ -34,52 +34,17 @@ class UtapiServer {
|
||||||
routes.forEach(item => this.router.addRoute(new Route(item)));
|
routes.forEach(item => this.router.addRoute(new Route(item)));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Function to validate a URI component
|
|
||||||
*
|
|
||||||
* @param {string|object} component - path from url.parse of request.url
|
|
||||||
* (pathname plus query) or query from request
|
|
||||||
* @return {string|undefined} If `decodeURIComponent` throws an error,
|
|
||||||
* return the invalid `decodeURIComponent` string, otherwise return
|
|
||||||
* `undefined`
|
|
||||||
*/
|
|
||||||
_checkURIComponent(component) {
|
|
||||||
if (typeof component === 'string') {
|
|
||||||
try {
|
|
||||||
decodeURIComponent(component);
|
|
||||||
} catch (err) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
return Object.keys(component).find(x => {
|
|
||||||
try {
|
|
||||||
decodeURIComponent(x);
|
|
||||||
decodeURIComponent(component[x]);
|
|
||||||
} catch (err) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
return undefined;
|
|
||||||
}
|
|
||||||
|
|
||||||
requestListener(req, res, router) {
|
requestListener(req, res, router) {
|
||||||
// disable nagle algorithm
|
// disable nagle algorithm
|
||||||
req.socket.setNoDelay();
|
req.socket.setNoDelay();
|
||||||
const { query, path, pathname } = url.parse(req.url, true);
|
const { query, path } = url.parse(req.url, true);
|
||||||
const utapiRequest = new UtapiRequest()
|
const utapiRequest = new UtapiRequest()
|
||||||
.setRequest(req)
|
.setRequest(req)
|
||||||
.setLog(this.logger.newRequestLogger())
|
.setLog(this.logger.newRequestLogger())
|
||||||
.setResponse(res)
|
.setResponse(res)
|
||||||
.setDatastore(this.datastore);
|
.setDatastore(this.datastore)
|
||||||
// Sanity check for valid URI component
|
.setRequestQuery(query)
|
||||||
if (this._checkURIComponent(query) || this._checkURIComponent(path)) {
|
.setRequestPath(path);
|
||||||
return this.errorResponse(utapiRequest, errors.InvalidURI);
|
|
||||||
}
|
|
||||||
utapiRequest.setRequestQuery(query);
|
|
||||||
utapiRequest.setRequestPath(path);
|
|
||||||
utapiRequest.setRequestPathname(pathname);
|
|
||||||
// temp hack: healthcheck route
|
// temp hack: healthcheck route
|
||||||
if (path === '/_/healthcheck' && (req.method === 'GET'
|
if (path === '/_/healthcheck' && (req.method === 'GET'
|
||||||
|| req.method === 'POST')) {
|
|| req.method === 'POST')) {
|
||||||
|
|
|
@ -217,10 +217,9 @@ class Router {
|
||||||
utapiRequest.getAction(), 'utapi')
|
utapiRequest.getAction(), 'utapi')
|
||||||
);
|
);
|
||||||
auth.setHandler(this._vault);
|
auth.setHandler(this._vault);
|
||||||
const request = utapiRequest.getRequest();
|
const requestPlusPath = utapiRequest.getRequest();
|
||||||
request.path = utapiRequest.getRequestPathname();
|
requestPlusPath.path = utapiRequest.getRequestPath();
|
||||||
request.query = utapiRequest.getRequestQuery();
|
return auth.server.doAuth(requestPlusPath, log, (err, authResults) => {
|
||||||
return auth.server.doAuth(request, log, (err, authResults) => {
|
|
||||||
if (err) {
|
if (err) {
|
||||||
return cb(err);
|
return cb(err);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue