Thream/api
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

fix: dependencies security vulnerabilities

Browse Source
This commit is contained in:
Divlo
2022-11-08 11:16:24 +00:00
parent e1543becc5
commit 6926132a1b
35 changed files with 1311 additions and 1537 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/application.ts
View File

@ -2,15 +2,17 @@ import dotenv from 'dotenv'
import fastify from 'fastify'
import fastifyCors from '@fastify/cors'
import fastifySwagger from '@fastify/swagger'
import fastifySwaggerUI from '@fastify/swagger-ui'
import fastifyHelmet from '@fastify/helmet'
import fastifyRateLimit from '@fastify/rate-limit'
import fastifySensible from '@fastify/sensible'
import { readPackage } from 'read-pkg'
import { services } from './services/index.js'
import { swaggerOptions } from './tools/configurations/swaggerOptions.js'
import fastifySocketIo from './tools/plugins/socket-io.js'
dotenv.config()
const packageJSON = await readPackage()
export const application = fastify({
logger: process.env.NODE_ENV === 'development',
ajv: {
@ -39,5 +41,35 @@ await application.register(fastifyRateLimit, {
max: 200,
timeWindow: '1 minute'
})
await application.register(fastifySwagger, swaggerOptions)
await application.register(fastifySwagger, {
openapi: {
info: {
title: packageJSON.name,
description: packageJSON.description,
version: packageJSON.version
},
tags: [
{ name: 'users' },
{ name: 'oauth2' },
{ name: 'guilds' },
{ name: 'channels' },
{ name: 'messages' },
{ name: 'members' }
],
components: {
securitySchemes: {
bearerAuth: {
type: 'http',
scheme: 'bearer',
bearerFormat: 'JWT'
}
}
}
},
hideUntagged: true
})
await application.register(fastifySwaggerUI, {
routePrefix: '/documentation',
staticCSP: true
})
await application.register(services)

2
src/index.ts
View File

@ -1,5 +1,5 @@
import { application } from './application.js'
import { HOST, PORT } from './tools/configurations/index.js'
import { HOST, PORT } from './tools/configurations.js'
const address = await application.listen({
port: PORT,

2
src/services/users/current/put.ts
View File

@ -9,7 +9,7 @@ import { fastifyErrors } from '../../../models/utils.js'
import authenticateUser from '../../../tools/plugins/authenticateUser.js'
import { userCurrentSchema, userSchema } from '../../../models/User.js'
import { sendEmail } from '../../../tools/email/sendEmail.js'
import { API_URL } from '../../../tools/configurations/index.js'
import { API_URL } from '../../../tools/configurations.js'
import type { Language, Theme } from '../../../models/UserSettings.js'
import { parseStringNullish } from '../../../tools/utils/parseStringNullish.js'

2
src/services/users/oauth2/discord/add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { DISCORD_BASE_URL, DISCORD_CLIENT_ID } from '../__utils__/utils.js'
import authenticateUser from '../../../../../tools/plugins/authenticateUser.js'

2
src/services/users/oauth2/discord/callback-add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { discordStrategy, getDiscordUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/discord/callback/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { discordStrategy, getDiscordUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/discord/signin/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { DISCORD_BASE_URL, DISCORD_CLIENT_ID } from '../__utils__/utils.js'

2
src/services/users/oauth2/github/add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { GITHUB_BASE_URL, GITHUB_CLIENT_ID } from '../__utils__/utils.js'
import authenticateUser from '../../../../../tools/plugins/authenticateUser.js'

2
src/services/users/oauth2/github/callback-add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { githubStrategy, getGitHubUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/github/callback/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { githubStrategy, getGitHubUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/github/signin/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { GITHUB_BASE_URL, GITHUB_CLIENT_ID } from '../__utils__/utils.js'

2
src/services/users/oauth2/google/add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { GOOGLE_BASE_URL, GOOGLE_CLIENT_ID } from '../__utils__/utils.js'
import authenticateUser from '../../../../../tools/plugins/authenticateUser.js'

2
src/services/users/oauth2/google/callback-add-strategy/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { googleStrategy, getGoogleUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/google/callback/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { googleStrategy, getGoogleUserData } from '../__utils__/utils.js'
import { buildQueryURL } from '../../../../../tools/utils/buildQueryURL.js'

2
src/services/users/oauth2/google/signin/get.ts
View File

@ -2,7 +2,7 @@ import type { Static } from '@sinclair/typebox'
import { Type } from '@sinclair/typebox'
import type { FastifyPluginAsync, FastifySchema } from 'fastify'
import { API_URL } from '../../../../../tools/configurations/index.js'
import { API_URL } from '../../../../../tools/configurations.js'
import { fastifyErrors } from '../../../../../models/utils.js'
import { GOOGLE_BASE_URL, GOOGLE_CLIENT_ID } from '../__utils__/utils.js'

2
src/services/users/refresh-token/post.ts
View File

@ -11,7 +11,7 @@ import {
expiresIn
} from '../../../tools/utils/jwtToken.js'
import type { UserRefreshJWT } from '../../../models/User.js'
import { JWT_REFRESH_SECRET } from '../../../tools/configurations/index.js'
import { JWT_REFRESH_SECRET } from '../../../tools/configurations.js'
const bodyPostRefreshTokenSchema = Type.Object({
refreshToken: jwtSchema.refreshToken

2
src/services/users/signout/post.ts
View File

@ -5,7 +5,7 @@ import jwt from 'jsonwebtoken'
import prisma from '../../../tools/database/prisma.js'
import { fastifyErrors } from '../../../models/utils.js'
import { JWT_REFRESH_SECRET } from '../../../tools/configurations/index.js'
import { JWT_REFRESH_SECRET } from '../../../tools/configurations.js'
import type { UserRefreshJWT } from '../../../models/User.js'
import { jwtSchema } from '../../../tools/utils/jwtToken.js'

2
src/services/users/signup/post.ts
View File

@ -10,7 +10,7 @@ import { fastifyErrors } from '../../../models/utils.js'
import type { BodyUserSchemaType } from '../../../models/User.js'
import { bodyUserSchema, userPublicSchema } from '../../../models/User.js'
import { sendEmail } from '../../../tools/email/sendEmail.js'
import { API_URL } from '../../../tools/configurations/index.js'
import { API_URL } from '../../../tools/configurations.js'
const queryPostSignupSchema = Type.Object({
redirectURI: Type.Optional(Type.String({ format: 'uri-reference' }))

2
src/tools/configurations/index.ts → src/tools/configurations.ts
View File

@ -18,7 +18,7 @@ export const JWT_REFRESH_SECRET =
export const JWT_ACCESS_EXPIRES_IN =
process.env.JWT_ACCESS_EXPIRES_IN ?? '15 minutes'
export const SRC_URL = new URL('../../', import.meta.url)
export const SRC_URL = new URL('../', import.meta.url)
export const ROOT_URL = new URL('../', SRC_URL)
export const EMAIL_URL = new URL('./email/', ROOT_URL)
export const EMAIL_TEMPLATE_URL = new URL('./email-template.ejs', EMAIL_URL)

38
src/tools/configurations/swaggerOptions.ts
View File

@ -1,38 +0,0 @@
import dotenv from 'dotenv'
import { readPackage } from 'read-pkg'
import type { FastifyDynamicSwaggerOptions } from '@fastify/swagger'
dotenv.config()
const packageJSON = await readPackage()
export const swaggerOptions: FastifyDynamicSwaggerOptions = {
routePrefix: '/documentation',
openapi: {
info: {
title: packageJSON.name,
description: packageJSON.description,
version: packageJSON.version
},
tags: [
{ name: 'users' },
{ name: 'oauth2' },
{ name: 'guilds' },
{ name: 'channels' },
{ name: 'messages' },
{ name: 'members' }
],
components: {
securitySchemes: {
bearerAuth: {
type: 'http',
scheme: 'bearer',
bearerFormat: 'JWT'
}
}
}
},
exposeRoute: true,
staticCSP: true,
hideUntagged: true
}

5
src/tools/email/sendEmail.ts
View File

@ -4,10 +4,7 @@ import { URL, fileURLToPath } from 'node:url'
import ejs from 'ejs'
import type { Language, Theme } from '../../models/UserSettings.js'
import {
EMAIL_LOCALES_URL,
EMAIL_TEMPLATE_URL
} from '../configurations/index.js'
import { EMAIL_LOCALES_URL, EMAIL_TEMPLATE_URL } from '../configurations.js'
import { emailTransporter, EMAIL_INFO } from './emailTransporter.js'
interface EmailTranslation {

2
src/tools/plugins/authenticateUser.ts
View File

@ -4,7 +4,7 @@ import jwt from 'jsonwebtoken'
import prisma from '../database/prisma.js'
import type { UserJWT, UserRequest } from '../../models/User.js'
import { JWT_ACCESS_SECRET } from '../configurations/index.js'
import { JWT_ACCESS_SECRET } from '../configurations.js'
const { Unauthorized, Forbidden, BadRequest } = httpErrors

2
src/tools/plugins/socket-io.ts
View File

@ -4,7 +4,7 @@ import { Server as SocketIoServer } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
import prisma from '../database/prisma.js'
import { JWT_ACCESS_SECRET } from '../configurations/index.js'
import { JWT_ACCESS_SECRET } from '../configurations.js'
interface EmitEventOptions {
event: string

2
src/tools/utils/jwtToken.ts
View File

@ -10,7 +10,7 @@ import {
JWT_ACCESS_EXPIRES_IN,
JWT_ACCESS_SECRET,
JWT_REFRESH_SECRET
} from '../configurations/index.js'
} from '../configurations.js'
export interface ResponseJWT {
accessToken: string

2
src/tools/utils/uploadFile.ts
View File

@ -8,7 +8,7 @@ import type { SavedMultipartFile } from '@fastify/multipart'
import {
FILE_UPLOADS_API_KEY,
FILE_UPLOADS_API_URL
} from '../configurations/index.js'
} from '../configurations.js'
export const fileUploadAPI = axios.create({
baseURL: FILE_UPLOADS_API_URL,