Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

nodecaf

Package Overview
Dependencies
Maintainers
1
Versions
80
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

nodecaf - npm Package Compare versions

Comparing version 0.10.0-rc2 to 0.10.0-rc3

9

lib/handle.js

@@ -36,3 +36,3 @@

log.error({ err: original }, 'route error');
log.error({ type: 'route error', err: original });
}

@@ -66,2 +66,6 @@

function handleCookies(app, req, res){
return forMiddleware(app._cookies, req, res);
}
module.exports = {

@@ -82,2 +86,3 @@

handleError,
handleCookies,

@@ -91,3 +96,3 @@ async prepareHandling(app, req, res){

await forMiddleware(app._compress, req, res);
await forMiddleware(app._cookies, req, res);
await handleCookies(app, req, res);

@@ -94,0 +99,0 @@ if(app.conf.cors)

7

lib/logger.js

@@ -92,10 +92,11 @@ const util = require('util');

Object.assign(data, parseErr(data.err));
if(data.res)
Object.assign(data, parseRes(data.res));
if(data.ws)
Object.assign(data, parseWs(data.ws));
if(data.res)
Object.assign(data, parseRes(data.res));
if(data.req)
Object.assign(data, parseReq(data.req));
return { level, type, msg, ...data, pid, time };
msg = msg || data.msg;
return { level, type, ...data, msg, pid, time };
}

@@ -102,0 +103,0 @@

7

lib/main.js

@@ -9,3 +9,4 @@ const

cookieParser = require('cookie-parser'),
Confort = require('confort');
Confort = require('confort'),
{ METHODS } = require('http');

@@ -15,3 +16,2 @@ const Logger = require('./logger');

const WSRouter = require('./ws');
const { METHODS } = require('http');

@@ -87,3 +87,3 @@ const noop = function(){};

this._cors = cors(this.conf.cors);
this._cookies = cookieParser(this.conf.cookieSecret);
this._cookies = cookieParser(this.conf.cookie && this.conf.cookie.secret);
this._compress = compression();

@@ -199,2 +199,3 @@

- remove programmatic name and version
- Added WS cookies
*/

42

lib/response.js

@@ -1,2 +0,3 @@

const { sign } = require('cookie-signature');
const cookie = require('cookie');
const { format } = require('util');

@@ -28,2 +29,6 @@ const { handleError } = require('./handle');

get(k){
return this.getHeader(k);
},
set(k, v){

@@ -34,2 +39,10 @@ this.setHeader(k, v);

append(k, v){
let prev = this.get(k);
prev && (v = Array.isArray(prev)
? prev.concat(v)
: [ prev, v ]);
return this.set(k, v);
},
status(s){

@@ -71,2 +84,29 @@ this.statusCode = s;

return getHTTPError(status, message);
},
clearCookie(name, opts) {
opts = { path: '/', ...opts, expires: new Date(1) };
delete opts.maxAge;
return this.cookie(name, '', opts);
},
cookie(name, value, opts = {}) {
opts.path = opts.path || '/';
if(opts.signed && !this.req.secret)
throw new Error('Trying to sign cookies when secret is not defined');
value = String(value);
if(opts.signed)
value = 's:' + sign(value, this.req.secret);
if('maxAge' in opts) {
opts.expires = new Date(Date.now() + opts.maxAge);
opts.maxAge /= 1000;
}
this.append('Set-Cookie', cookie.serialize(name, value, opts));
return this;
}

@@ -73,0 +113,0 @@

6

lib/router.js

@@ -72,3 +72,3 @@ const querystring = require('querystring');

this.app.log.debug({ req });
//this.app.log.debug({ req });
res.on('finish', () => this.app.log.debug({ res }));

@@ -102,5 +102,5 @@

if(!handler)
res.status(404).end();
return res.status(404).end();
await prepareHandling(this.app, req, res);
await prepareHandling(this.app, req, res);

@@ -107,0 +107,0 @@ execHandler(this.app, handler, req, res);

11

lib/ws.js

@@ -5,2 +5,4 @@ const WebSocket = require('ws');

const { handleCookies } = require('./handle');
/* istanbul ignore next */

@@ -24,4 +26,4 @@ function checkClientsHealth(){

let args = {
...app._global, req, query: req.query, flash: req.flash,
conf: app.conf, log: app.log, headers: req.headers, ws
...app.global, req, query: req.query, flash: req.flash, log: app.log,
clients: this._wss.clients, conf: app.conf, headers: req.headers, ws
};

@@ -62,6 +64,7 @@

this._app._server.prependListener('upgrade', (req, ws/*, head*/) => {
handleCookies(this._app, req, {});
ws.addr = req.connection.remoteAddress;
req.pathname = url.parse(req.url, true).pathname
if(! (req.pathname in this._routes) ){
this._app.log.debug({ ws, req }, 'Dropped connection to unkown path');
this._app.log.debug({ ws, req }, 'Dropped connection to unkown path %s', req.url);
ws.destroy();

@@ -71,2 +74,4 @@ }

this._app.websockets = this._wss.clients;
this._wss.on('connection', onConnect.bind(this));

@@ -73,0 +78,0 @@

4

package.json
{
"name": "nodecaf",
"version": "0.10.0-rc2",
"version": "0.10.0-rc3",
"description": "Nodecaf is a framework on top of Express for building RESTful services in a quick and convenient manner.",

@@ -40,3 +40,5 @@ "main": "lib/main.js",

"content-type": "^1.0.4",
"cookie": "^0.4.1",
"cookie-parser": "^1.4.4",
"cookie-signature": "^1.1.0",
"cors": "^2.8.5",

@@ -43,0 +45,0 @@ "path-to-regexp": "^6.1.0",

79

test/spec.js

@@ -292,2 +292,81 @@ const assert = require('assert');

it('Should set multiple cookies properly', async function(){
let app = new Nodecaf({
api({ get }){
get('/foo', function({ res }){
res.cookie('test', 'foo');
res.cookie('testa', 'bar');
res.cookie('testa', 'baz');
res.end();
});
}
});
await app.start();
let { headers } = await base.get('foo');
assert.strictEqual(headers['set-cookie'][1], 'testa=bar; Path=/');
await app.stop();
});
it('Should set encrypted (signed) cookies', async function(){
let app = new Nodecaf({
conf: { cookie: { secret: 'OH YEAH' } },
api({ get }){
get('/foo', function({ res }){
res.cookie('test', 'foo', { signed: true, maxAge: 5000 });
res.cookie('testa', 'bar');
res.end();
});
get('/bar', function({ req, res }){
res.badRequest(req.cookies.testa !== 'bar');
res.badRequest(req.signedCookies.test !== 'foo');
res.end();
});
}
});
await app.start();
let { cookies } = await base.get('foo');
let { status } = await base.get('bar', { cookies });
assert.strictEqual(status, 200);
await app.stop();
});
it('Should fail when tring to sign cookies without a secret', async function(){
let app = new Nodecaf({
api({ get }){
get('/foo', function({ res }){
res.cookie('test', 'foo', { signed: true });
});
}
});
await app.start();
let { assert } = await base.get('foo');
assert.status.is(500);
await app.stop();
});
it('Should clear cookies', async function(){
let app = new Nodecaf({
api({ get }){
get('/foo', function({ res }){
res.cookie('testa', 'bar');
res.end();
});
get('/bar', function({ res }){
res.clearCookie('testa');
res.end();
});
}
});
await app.start();
let { cookies } = await base.get('foo');
let { headers } = await base.get('bar', { cookies });
assert(headers['set-cookie'][0].indexOf('Expire') > -1);
await app.stop();
});
});

@@ -294,0 +373,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc