diff options
| author | bobzel <zzzman@gmail.com> | 2023-12-06 13:27:41 -0500 |
|---|---|---|
| committer | bobzel <zzzman@gmail.com> | 2023-12-06 13:27:41 -0500 |
| commit | e5c2c25f9d27e718eb34ec5f05c72c4cd1c22987 (patch) | |
| tree | ad963e54d1100841c677b248c88cacaa945ac2da /src | |
| parent | b80d27912cd6d8bc4fe039e52d16582bfbe72c74 (diff) | |
catch mongo errors. delete (some) sessions from mongo. more package updates. cleanup of express-validator.
Diffstat (limited to 'src')
| -rw-r--r-- | src/Utils.ts | 7 | ||||
| -rw-r--r-- | src/client/util/History.ts | 2 | ||||
| -rw-r--r-- | src/client/util/reportManager/ReportManager.tsx | 8 | ||||
| -rw-r--r-- | src/fields/Doc.ts | 1 | ||||
| -rw-r--r-- | src/server/ApiManagers/UploadManager.ts | 4 | ||||
| -rw-r--r-- | src/server/ApiManagers/UserManager.ts | 16 | ||||
| -rw-r--r-- | src/server/apis/google/GoogleApiServerUtils.ts | 71 | ||||
| -rw-r--r-- | src/server/authentication/AuthenticationManager.ts | 34 | ||||
| -rw-r--r-- | src/server/database.ts | 47 | ||||
| -rw-r--r-- | src/server/index.ts | 4 | ||||
| -rw-r--r-- | src/server/server_Initialization.ts | 6 | ||||
| -rw-r--r-- | src/typings/index.d.ts | 2 |
12 files changed, 105 insertions, 97 deletions
diff --git a/src/Utils.ts b/src/Utils.ts index 08ddfa817..0bda615d8 100644 --- a/src/Utils.ts +++ b/src/Utils.ts @@ -1,5 +1,4 @@ -import * as v4 from 'uuid/v4'; -import * as v5 from 'uuid/v5'; +import * as uuid from 'uuid'; import { ColorResult } from 'react-color'; //import { Socket } from '../node_modules/socket.io-client'; import { Socket } from '../node_modules/socket.io/dist/index'; @@ -49,11 +48,11 @@ export namespace Utils { } export function GenerateGuid(): string { - return v4(); + return uuid.v4(); } export function GenerateDeterministicGuid(seed: string): string { - return v5(seed, v5.URL); + return uuid.v5(seed, uuid.v5.URL); } export function GenerateMongoId(id: string): string { diff --git a/src/client/util/History.ts b/src/client/util/History.ts index 18aee6444..2f1a336cc 100644 --- a/src/client/util/History.ts +++ b/src/client/util/History.ts @@ -85,7 +85,7 @@ export namespace HistoryUtil { }; function addParser(type: string, requiredFields: Parser, optionalFields: Parser, customParser?: (pathname: string[], opts: qs.ParsedQuery, current: ParsedUrl) => ParsedUrl | null | undefined) { - function parse(parser: ParserValue, value: string | string[] | null | undefined) { + function parse(parser: ParserValue, value: string | (string | null)[] | null | undefined) { if (value === undefined || value === null) { return value; } diff --git a/src/client/util/reportManager/ReportManager.tsx b/src/client/util/reportManager/ReportManager.tsx index b25d51b41..738902a31 100644 --- a/src/client/util/reportManager/ReportManager.tsx +++ b/src/client/util/reportManager/ReportManager.tsx @@ -1,13 +1,11 @@ import * as React from 'react'; -import v4 = require('uuid/v4'); +import * as uuid from 'uuid'; import '.././SettingsManager.scss'; import './ReportManager.scss'; -import Dropzone from 'react-dropzone'; import ReactLoading from 'react-loading'; import { action, observable } from 'mobx'; import { BsX, BsArrowsAngleExpand, BsArrowsAngleContract } from 'react-icons/bs'; import { CgClose } from 'react-icons/cg'; -import { AiOutlineUpload } from 'react-icons/ai'; import { HiOutlineArrowLeft } from 'react-icons/hi'; import { Issue } from './reportManagerSchema'; import { observer } from 'mobx-react'; @@ -156,7 +154,7 @@ export class ReportManager extends React.Component<{}> { * @param files uploaded files */ private onDrop = (files: File[]) => { - this.setFormData({ ...this.formData, mediaFiles: [...this.formData.mediaFiles, ...files.map(file => ({ _id: v4(), file }))] }); + this.setFormData({ ...this.formData, mediaFiles: [...this.formData.mediaFiles, ...files.map(file => ({ _id: uuid.v4(), file }))] }); }; /** @@ -338,7 +336,7 @@ export class ReportManager extends React.Component<{}> { multiple onChange={e => { if (!e.target.files) return; - this.setFormData({ ...this.formData, mediaFiles: [...this.formData.mediaFiles, ...Array.from(e.target.files).map(file => ({ _id: v4(), file }))] }); + this.setFormData({ ...this.formData, mediaFiles: [...this.formData.mediaFiles, ...Array.from(e.target.files).map(file => ({ _id: uuid.v4(), file }))] }); }} /> {this.formData.mediaFiles.length > 0 && <ul className="file-list">{this.formData.mediaFiles.map(file => this.getMediaPreview(file))}</ul>} diff --git a/src/fields/Doc.ts b/src/fields/Doc.ts index d441dafec..6fb97d70c 100644 --- a/src/fields/Doc.ts +++ b/src/fields/Doc.ts @@ -816,6 +816,7 @@ export namespace Doc { } export function FindReferences(infield: Doc | List<any>, references: Set<Doc>, system: boolean | undefined) { + if (infield instanceof Promise) return; if (!(infield instanceof Doc)) { infield.forEach(val => (val instanceof Doc || val instanceof List) && FindReferences(val, references, system)); return; diff --git a/src/server/ApiManagers/UploadManager.ts b/src/server/ApiManagers/UploadManager.ts index 42b674ad1..c3b8643d3 100644 --- a/src/server/ApiManagers/UploadManager.ts +++ b/src/server/ApiManagers/UploadManager.ts @@ -11,7 +11,7 @@ import RouteSubscriber from '../RouteSubscriber'; import { AcceptableMedia, Upload } from '../SharedMediaTypes'; import ApiManager, { Registration } from './ApiManager'; import { SolrManager } from './SearchManager'; -import * as v4 from 'uuid/v4'; +import * as uuid from 'uuid'; import { DashVersion } from '../../fields/DocSymbols'; const AdmZip = require('adm-zip'); const imageDataUri = require('image-data-uri'); @@ -204,7 +204,7 @@ export default class UploadManager extends ApiManager { const getId = (id: string): string => { if (!remap || id.endsWith('Proto')) return id; if (id in ids) return ids[id]; - return (ids[id] = v4()); + return (ids[id] = uuid.v4()); }; const mapFn = (doc: any) => { if (doc.id) { diff --git a/src/server/ApiManagers/UserManager.ts b/src/server/ApiManagers/UserManager.ts index 0d36ee957..0431b9bcf 100644 --- a/src/server/ApiManagers/UserManager.ts +++ b/src/server/ApiManagers/UserManager.ts @@ -8,6 +8,7 @@ import { WebSocket } from '../websocket'; import { resolvedPorts } from '../server_Initialization'; import { DashVersion } from '../../fields/DocSymbols'; import { Utils } from '../../Utils'; +import { check, validationResult } from 'express-validator'; export const timeMap: { [id: string]: number } = {}; interface ActivityUnit { @@ -108,15 +109,18 @@ export default class UserManager extends ApiManager { return; } - req.assert('new_pass', 'Password must be at least 4 characters long').len({ min: 4 }); - req.assert('new_confirm', 'Passwords do not match').equals(new_pass); + check('new_pass', 'Password must be at least 4 characters long') + .run(req) + .then(chcekcres => console.log(chcekcres)); //.len({ min: 4 }); + check('new_confirm', 'Passwords do not match') + .run(req) + .then(theres => console.log(theres)); //.equals(new_pass); if (curr_pass === new_pass) { result.error = [{ msg: 'Current and new password are the same' }]; } - // was there error in validating new passwords? - if (req.validationErrors()) { - // was there error? - result.error = req.validationErrors(); + if (validationResult(req).array().length) { + // was there error in validating new passwords? + result.error = validationResult(req); } // will only change password if there are no errors. diff --git a/src/server/apis/google/GoogleApiServerUtils.ts b/src/server/apis/google/GoogleApiServerUtils.ts index 4453b83bf..fc4656bdd 100644 --- a/src/server/apis/google/GoogleApiServerUtils.ts +++ b/src/server/apis/google/GoogleApiServerUtils.ts @@ -1,11 +1,11 @@ -import { google } from "googleapis"; -import { OAuth2Client, Credentials, OAuth2ClientOptions } from "google-auth-library"; -import { Opt } from "../../../fields/Doc"; -import { GaxiosResponse } from "gaxios"; -import request = require('request-promise'); -import * as qs from "query-string"; -import { Database } from "../../database"; -import { GoogleCredentialsLoader } from "./CredentialsLoader"; +import { google } from 'googleapis'; +import { OAuth2Client, Credentials, OAuth2ClientOptions } from 'google-auth-library'; +import { Opt } from '../../../fields/Doc'; +import { GaxiosResponse } from 'gaxios'; +import request from 'request-promise'; +import * as qs from 'query-string'; +import { Database } from '../../database'; +import { GoogleCredentialsLoader } from './CredentialsLoader'; /** * Scopes give Google users fine granularity of control @@ -13,33 +13,23 @@ import { GoogleCredentialsLoader } from "./CredentialsLoader"; * This is the somewhat overkill list of what Dash requests * from the user. */ -const scope = [ - 'documents.readonly', - 'documents', - 'presentations', - 'presentations.readonly', - 'drive', - 'drive.file', - 'photoslibrary', - 'photoslibrary.appendonly', - 'photoslibrary.sharing', - 'userinfo.profile' -].map(relative => `https://www.googleapis.com/auth/${relative}`); +const scope = ['documents.readonly', 'documents', 'presentations', 'presentations.readonly', 'drive', 'drive.file', 'photoslibrary', 'photoslibrary.appendonly', 'photoslibrary.sharing', 'userinfo.profile'].map( + relative => `https://www.googleapis.com/auth/${relative}` +); /** * This namespace manages server side authentication for Google API queries, either * from the standard v1 APIs or the Google Photos REST API. */ export namespace GoogleApiServerUtils { - /** * As we expand out to more Google APIs that are accessible from * the 'googleapis' module imported above, this enum will record * the list and provide a unified string representation of each API. */ export enum Service { - Documents = "Documents", - Slides = "Slides", + Documents = 'Documents', + Slides = 'Slides', } /** @@ -51,7 +41,7 @@ export namespace GoogleApiServerUtils { let oAuthOptions: OAuth2ClientOptions; /** - * This is a global authorization client that is never + * This is a global authorization client that is never * passed around, and whose credentials are never set. * Its job is purely to generate new authentication urls * (users will follow to get to Google's permissions GUI) @@ -64,7 +54,7 @@ export namespace GoogleApiServerUtils { * This function is called once before the server is started, * reading in Dash's project-specific credentials (client secret * and client id) for later repeated access. It also sets up the - * global, intentionally unauthenticated worker OAuth2 client instance. + * global, intentionally unauthenticated worker OAuth2 client instance. */ export function processProjectCredentials(): void { const { client_secret, client_id, redirect_uris } = GoogleCredentialsLoader.ProjectCredentials; @@ -72,7 +62,7 @@ export namespace GoogleApiServerUtils { oAuthOptions = { clientId: client_id, clientSecret: client_secret, - redirectUri: redirect_uris[0] + redirectUri: redirect_uris[0], }; worker = generateClient(); } @@ -98,7 +88,7 @@ export namespace GoogleApiServerUtils { * A literal union type indicating the valid actions for these 'googleapis' * requestions */ - export type Action = "create" | "retrieve" | "update"; + export type Action = 'create' | 'retrieve' | 'update'; /** * An interface defining any entity on which one can invoke @@ -135,7 +125,7 @@ export namespace GoogleApiServerUtils { return resolve(); } let routed: Opt<Endpoint>; - const parameters: any = { auth, version: "v1" }; + const parameters: any = { auth, version: 'v1' }; switch (sector) { case Service.Documents: routed = google.docs(parameters).documents; @@ -165,7 +155,7 @@ export namespace GoogleApiServerUtils { } let client = authenticationClients.get(userId); if (!client) { - authenticationClients.set(userId, client = generateClient(credentials)); + authenticationClients.set(userId, (client = generateClient(credentials))); } else if (refreshed) { client.setCredentials(credentials); } @@ -206,11 +196,11 @@ export namespace GoogleApiServerUtils { * with a Dash user in the googleAuthentication table of the database. * @param authenticationCode the Google-provided authentication code that the user copied * from Google's permissions UI and pasted into the overlay. - * + * * EXAMPLE CODE: 4/sgF2A5uGg4xASHf7VQDnLtdqo3mUlfQqLSce_HYz5qf1nFtHj9YTeGs - * + * * @returns the information necessary to authenticate a client side google photos request - * and display basic user information in the overlay on successful authentication. + * and display basic user information in the overlay on successful authentication. * This can be expanded as needed by adding properties to the interface GoogleAuthenticationResult. */ export async function processNewUser(userId: string, authenticationCode: string): Promise<EnrichedCredentials> { @@ -231,7 +221,7 @@ export namespace GoogleApiServerUtils { /** * This type represents the union of the full set of OAuth2 credentials * and all of a Google user's publically available information. This is the strucure - * of the JSON object we ultimately store in the googleAuthentication table of the database. + * of the JSON object we ultimately store in the googleAuthentication table of the database. */ export type EnrichedCredentials = Credentials & { userInfo: UserInfo }; @@ -259,14 +249,14 @@ export namespace GoogleApiServerUtils { * It's pretty cool: the credentials id_token is split into thirds by periods. * The middle third contains a base64-encoded JSON string with all the * user info contained in the interface below. So, we isolate that middle third, - * base64 decode with atob and parse the JSON. + * base64 decode with atob and parse the JSON. * @param credentials the client credentials returned from OAuth after the user * has executed the authentication routine * @returns the full set of credentials in the structure in which they'll be stored * in the database. */ function injectUserInfo(credentials: Credentials): EnrichedCredentials { - const userInfo: UserInfo = JSON.parse(atob(credentials.id_token!.split(".")[1])); + const userInfo: UserInfo = JSON.parse(atob(credentials.id_token!.split('.')[1])); return { ...credentials, userInfo }; } @@ -279,7 +269,7 @@ export namespace GoogleApiServerUtils { * @returns the credentials, or undefined if the user has no stored associated credentials, * and a flag indicating whether or not they were refreshed during retrieval */ - export async function retrieveCredentials(userId: string): Promise<{ credentials: Opt<EnrichedCredentials>, refreshed: boolean }> { + export async function retrieveCredentials(userId: string): Promise<{ credentials: Opt<EnrichedCredentials>; refreshed: boolean }> { let credentials = await Database.Auxiliary.GoogleAccessToken.Fetch(userId); let refreshed = false; if (!credentials) { @@ -299,7 +289,7 @@ export namespace GoogleApiServerUtils { * the Dash user id passed in. In addition to returning the credentials, it * writes the diff to the database. * @param credentials the credentials - * @param userId the id of the Dash user implicitly requesting that + * @param userId the id of the Dash user implicitly requesting that * his/her credentials be refreshed * @returns the updated credentials */ @@ -310,19 +300,18 @@ export namespace GoogleApiServerUtils { refreshToken: credentials.refresh_token, client_id, client_secret, - grant_type: "refresh_token" + grant_type: 'refresh_token', })}`; const { access_token, expires_in } = await new Promise<any>(async resolve => { const response = await request.post(url, headerParameters); resolve(JSON.parse(response)); }); // expires_in is in seconds, but we're building the new expiry date in milliseconds - const expiry_date = new Date().getTime() + (expires_in * 1000); + const expiry_date = new Date().getTime() + expires_in * 1000; await Database.Auxiliary.GoogleAccessToken.Update(userId, access_token, expiry_date); // update the relevant properties credentials.access_token = access_token; credentials.expiry_date = expiry_date; return credentials; } - -}
\ No newline at end of file +} diff --git a/src/server/authentication/AuthenticationManager.ts b/src/server/authentication/AuthenticationManager.ts index 5bc6e96b4..b1b84c300 100644 --- a/src/server/authentication/AuthenticationManager.ts +++ b/src/server/authentication/AuthenticationManager.ts @@ -8,6 +8,7 @@ import * as nodemailer from 'nodemailer'; import * as c from 'crypto'; import { emptyFunction, Utils } from '../../Utils'; import { MailOptions } from 'nodemailer/lib/stream-transport'; +import { check, validationResult } from 'express-validator'; /** * GET /signup @@ -30,14 +31,14 @@ export let getSignup = (req: Request, res: Response) => { */ export let postSignup = (req: Request, res: Response, next: NextFunction) => { const email = req.body.email as String; - req.assert('email', 'Email is not valid').isEmail(); - req.assert('password', 'Password must be at least 4 characters long').len({ min: 4 }); - req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password); - req.sanitize('email').normalizeEmail({ gmail_remove_dots: false }); + check('email', 'Email is not valid').isEmail().run(req); + check('password', 'Password must be at least 4 characters long').isLength({ min: 4 }).run(req); + check('confirmPassword', 'Passwords do not match').equals(req.body.password).run(req); + check('email').normalizeEmail({ gmail_remove_dots: false }).run(req); - const errors = req.validationErrors(); + const errors = validationResult(req).array(); - if (errors) { + if (errors.length) { return res.redirect('/signup'); } @@ -108,12 +109,12 @@ export let postLogin = (req: Request, res: Response, next: NextFunction) => { req.body.email = 'guest'; req.body.password = 'guest'; } else { - req.assert('email', 'Email is not valid').isEmail(); - req.assert('password', 'Password cannot be blank').notEmpty(); - req.sanitize('email').normalizeEmail({ gmail_remove_dots: false }); + check('email', 'Email is not valid').isEmail().run(req); + check('password', 'Password cannot be blank').notEmpty().run(req); + check('email').normalizeEmail({ gmail_remove_dots: false }).run(req); } - if (req.validationErrors()) { + if (validationResult(req).array().length) { req.flash('errors', 'Unable to login at this time. Please try again.'); return res.redirect('/signup'); } @@ -143,9 +144,10 @@ export let postLogin = (req: Request, res: Response, next: NextFunction) => { * and destroys the user's current session. */ export let getLogout = (req: Request, res: Response) => { - req.logout(emptyFunction); - req.session?.destroy(err => err && console.log(err)); - res.redirect('/login'); + req.logout(err => { + if (err) console.log(err); + else res.redirect('/login'); + }); }; export let getForgot = function (req: Request, res: Response) { @@ -235,10 +237,10 @@ export let postReset = function (req: Request, res: Response) { .then(user => { if (!user) return res.redirect('back'); - req.assert('password', 'Password must be at least 4 characters long').len({ min: 4 }); - req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password); + check('password', 'Password must be at least 4 characters long').isLength({ min: 4 }).run(req); + check('confirmPassword', 'Passwords do not match').equals(req.body.password).run(req); - if (req.validationErrors()) return res.redirect('back'); + if (validationResult(req).array().length) return res.redirect('back'); user.password = req.body.password; user.passwordResetToken = undefined; diff --git a/src/server/database.ts b/src/server/database.ts index 0893bfd35..3a087ce38 100644 --- a/src/server/database.ts +++ b/src/server/database.ts @@ -83,13 +83,18 @@ export namespace Database { let newProm: Promise<void>; const run = (): Promise<void> => { return new Promise<void>(resolve => { - collection.updateOne({ _id: id }, value, { upsert }).then(res => { - if (this.currentWrites[id] === newProm) { - delete this.currentWrites[id]; - } - resolve(); - callback(undefined as any, res); - }); + collection + .updateOne({ _id: id }, value, { upsert }) + .then(res => { + if (this.currentWrites[id] === newProm) { + delete this.currentWrites[id]; + } + resolve(); + callback(undefined as any, res); + }) + .catch(error => { + console.log('MOngo UPDATE ONE ERROR:', error); + }); }); }; newProm = prom ? prom.then(run) : run(); @@ -185,12 +190,17 @@ export namespace Database { let newProm: Promise<void>; const run = (): Promise<void> => { return new Promise<void>(resolve => { - collection.insertOne(value).then(res => { - if (this.currentWrites[id] === newProm) { - delete this.currentWrites[id]; - } - resolve(); - }); + collection + .insertOne(value) + .then(res => { + if (this.currentWrites[id] === newProm) { + delete this.currentWrites[id]; + } + resolve(); + }) + .catch(err => { + console.log('Mongo INSERT ERROR: ', err); + }); }); }; newProm = prom ? prom.then(run) : run(); @@ -285,10 +295,19 @@ export namespace Database { .collection(collectionName) .updateMany(query, update) .then(result => res(result)) + .catch(error => { + console.log('Mongo INSERT MANY ERROR:', error); + }) ); } else { return new Promise<mongodb.UpdateResult>(res => { - this.onConnect.push(() => this.updateMany(query, update, collectionName).then(res)); + this.onConnect.push(() => + this.updateMany(query, update, collectionName) + .then(res) + .catch(error => { + console.log('Mongo UPDATAE MANY ERROR: ', error); + }) + ); }); } } diff --git a/src/server/index.ts b/src/server/index.ts index 8b2e18847..745653a19 100644 --- a/src/server/index.ts +++ b/src/server/index.ts @@ -1,4 +1,4 @@ -require('dotenv').config(); +import * as dotenv from 'dotenv'; import { yellow } from 'colors'; import * as mobileDetect from 'mobile-detect'; import * as path from 'path'; @@ -26,7 +26,7 @@ import { Logger } from './ProcessFactory'; import RouteManager, { Method, PublicHandler } from './RouteManager'; import RouteSubscriber from './RouteSubscriber'; import initializeServer, { resolvedPorts } from './server_Initialization'; - +dotenv.config(); export const AdminPriviliges: Map<string, boolean> = new Map(); export const onWindows = process.platform === 'win32'; export let sessionAgent: AppliedSessionAgent; diff --git a/src/server/server_Initialization.ts b/src/server/server_Initialization.ts index a4deaa744..2cfe2cf00 100644 --- a/src/server/server_Initialization.ts +++ b/src/server/server_Initialization.ts @@ -3,7 +3,6 @@ import { blue, yellow } from 'colors'; import * as cors from 'cors'; import * as express from 'express'; import * as session from 'express-session'; -import * as expressValidator from 'express-validator'; import { createServer } from 'https'; import * as passport from 'passport'; import * as request from 'request'; @@ -67,13 +66,13 @@ export default async function InitializeServer(routeSetter: RouteSetter) { const week = 7 * 24 * 60 * 60 * 1000; const secret = '64d6866242d3b5a5503c675b32c9605e4e90478e9b77bcf2bc'; -const store = process.env.DB === 'MEM' || true ? new session.MemoryStore() : MongoStoreConnect.create({ mongoUrl: Database.url }); +const store = process.env.DB === 'MEM' ? new session.MemoryStore() : MongoStoreConnect.create({ mongoUrl: Database.url }); function buildWithMiddleware(server: express.Express) { [ session({ secret, - resave: true, + resave: false, cookie: { maxAge: week }, saveUninitialized: true, store, @@ -82,7 +81,6 @@ function buildWithMiddleware(server: express.Express) { expressFlash(), bodyParser.json({ limit: '10mb' }), bodyParser.urlencoded({ extended: true }), - expressValidator(), // adds functions (e.g., assert()) to 'req' that help validate the request in the route handling methods passport.initialize(), passport.session(), (req: express.Request, res: express.Response, next: express.NextFunction) => { diff --git a/src/typings/index.d.ts b/src/typings/index.d.ts index 6a1afbb03..97d3954c9 100644 --- a/src/typings/index.d.ts +++ b/src/typings/index.d.ts @@ -14,8 +14,6 @@ declare module 'react-reveal'; declare module 'react-reveal/makeCarousel'; declare module 'react-resizable-rotatable-draggable'; declare module '@hig/flyout'; -declare module 'uuid/v4'; -declare module 'uuid/v5'; declare module 'express-flash'; declare module 'connect-flash'; declare module 'connect-mongo'; |