wyseman - npm Package Compare versions

Comparing version 1.0.8 to 1.0.9

lib/dbclient.js

@@ -21,13 +21,4 @@ //Low level connection to PostgreSQL database
   constructor(conf, notifyCB, connectCB) {
-    if (conf && conf.logger) {
-      this.log = conf.logger				//Use a passed-in logger
-      delete conf.logger
-    } else {
-      let logger = require('util').debuglog('db')	//Or default to our own
-      this.log = {
-        trace: (...msg) => logger(msg.join(' ')),
-        debug: (...msg) => logger(msg.join(' ')),
-        error: (...msg) => console.error(...msg)
-      }
-    }
+    this.log = conf.log || require('./log')
+    delete conf.log
     this.config = conf
@@ -34,0 +25,0 @@ this.notifyCB = notifyCB

lib/wyseman.js

@@ -35,9 +35,9 @@ //Manage the connection between a User Interface and the backend database
   constructor(dbConf, wsConf, adminConf) {
-    let { port, credentials, actionHandler, expApp} = wsConf
-      , ctx = {db:null, control:null, actionHandler, expApp}
-      , log = this.log = dbConf.log || ctx.db.log || console.log
+    let { port, credentials, actions, dispatch, expApp} = wsConf
+      , log = this.log = dbConf.log || wsConf.log || adminConf.log || require('./log')
+      , ctx = {db:null, control:null, actions, dispatch, expApp, log}
       , server = credentials ? Https.createServer(credentials) : Http.createServer()
       , adminDB = new DbClient(adminConf)		//Admin access to the DB
 
-      , validateToken = (user, token, pub, cb) => {		//Validate user with one-time login token
+      , validateToken = (user, token, pub, listen, cb) => {		//Validate user with one-time login token
 log.trace("Request to validate:", user)
@@ -47,3 +47,3 @@ adminDB.query('select base.validate_token($1,$2,$3) as valid', [user, sign||token, pub], (err, res)=>{
           let valid = (!err && res && res.rows && res.rows.length >= 1) ? res.rows[0].valid : false
-          if (valid) dbConf.user = user				//Tell later db connect our username
+          if (valid) Object.assign(dbConf, {user,listen})		//Tell later db connect our username and db listen options
 log.debug("  valid result:", valid)
@@ -53,3 +53,3 @@ cb(valid)
       }
-      , validateSignature = (user, sign, message, cb) => {	//Validate a user with an existing key
+      , validateSignature = (user, sign, message, listen, cb) => {	//Validate a user with an existing key
 log.trace("Validate:", user, sign, message)
@@ -59,10 +59,14 @@ adminDB.query('select conn_pub from base.ent_v where username = $1', [user], (err, res)=>{
           let pubKey = (!err && res && res.rows && res.rows.length >= 1) ? res.rows[0].conn_pub : null
-            , rawKey = Buffer.from(pubKey, 'hex')
-            , rawSig = Buffer.from(sign, 'hex')
-            , key = PemHeader + Base64.fromByteArray(rawKey) + PemFooter
-            , verify = Crypto.createVerify('SHA256')
+            , valid = false
+log.trace("  public key:", pubKey, res.rows)
+          if (pubKey && sign) {
+            let rawKey = Buffer.from(pubKey, 'hex')
+              , rawSig = Buffer.from(sign, 'hex')
+              , key = PemHeader + Base64.fromByteArray(rawKey) + PemFooter
+              , verify = Crypto.createVerify('SHA256')
 log.trace("  user public:", user, key)
-          verify.update(message)
-          let valid = verify.verify(Object.assign({key}, VerifyTpt), rawSig)
-          if (valid) dbConf.user = user				//Tell later db connect our username
+            verify.update(message)
+            valid = verify.verify(Object.assign({key}, VerifyTpt), rawSig)
+            if (valid) Object.assign(dbConf, {user,listen})		//Tell later db connect our username and db listen options
+          }
 log.trace("  valid:", valid)
@@ -78,6 +82,7 @@ cb(valid)
             , query = Url.parse(req.url, true).query
-            , { user, sign, date, token, pub } = query
-log.trace("Checking client:", origin, "cb:", !!cb, "q:", query, "s:", secure, "IP:", req.connection.remoteAddress)
+            , { user, db, sign, date, token, pub } = query
+            , dbListen = db ? JSON.parse(Buffer(db,'hex').toString()) : null
+log.debug("Checking client:", origin, "cb:", !!cb, "q:", query, "s:", secure, "IP:", req.connection.remoteAddress, "db:", dbListen)
           if (user && token && pub)
-            validateToken(user, token, pub, (valid)=>{
+            validateToken(user, token, pub, dbListen, (valid)=>{
               cb(valid, 403, 'Invalid Login')		//Tell websocket whether or not to connect
@@ -89,4 +94,6 @@ })
               , msgDate = new Date(date)
-log.trace("Check dates:", now, msgDate, "Time delta:", now - msgDate)
-            validateSignature(user, sign, message, (valid)=>{
+log.debug("Check dates:", now, msgDate, wsConf, "Time delta:", now - msgDate)
+            if (wsConf.delta && Math.abs(now - msgDate) > wsConf.delta)
+              cb(false, 400, 'Invalid Date Stamp')
+            else validateSignature(user, sign, message, dbListen, (valid)=>{
               cb(valid, 403, 'Invalid Login')		//Tell websocket whether or not to connect
@@ -97,3 +104,3 @@ })
           } else
-            cb(false, 403, 'No login credentials')	//tell websocket not to connect
+            cb(false, 401, 'No login credentials')	//tell websocket not to connect
         },
@@ -105,3 +112,3 @@ })
       if (!dbConf.user) return				//Shouldn't be able to get here without a username
-log.trace("DB Connect::", dbConf.user, dbConf)
+log.debug("DB Connect::", dbConf.user, dbConf)
       ctx.db = new DbClient(dbConf, (channel, message, mine) => {
@@ -197,4 +204,4 @@ let data = JSON.parse(message)
       default:
-      if (!ctx.control && ctx.actionHandler) 
-        ctx.control = new ctx.actionHandler(ctx.expApp, ctx.db)		//Start a controller just in time
+      if (!ctx.control && ctx.dispatch) 
+        ctx.control = new ctx.dispatch(ctx.expApp, ctx.db, ctx.actions, ctx.log)	//Start a controller just in time
       if (ctx.control && ctx.control.handle && ctx.control.handle(msg, sender)) return
@@ -232,3 +239,3 @@ result.error = this.error('unknown action: ' + action, 'badAction')
     let { fields, table, argtypes, params, where, order} = spec
-this.log.trace("BuildSelect", fields, table, params, where, order)
+this.log.trace("BuildSelect", fields, table, argtypes, params, where, order)
     let wh = '', ord = ''
@@ -235,0 +242,0 @@ , whereText = this.buildWhere(where, res)

package.json

 {
   "name": "wyseman",
-  "version": "1.0.8",
+  "version": "1.0.9",
   "description": "PostgreSQL Schema Manager with Javascript, Ruby, TCL API",
@@ -8,2 +8,3 @@ "main": "lib/index.js",
     "tclpkg": "wmmkpkg wyseman 0.50 tcltk",
+    "preversion": "git add -A",
     "test": "mocha test/mocha/all.js"
@@ -10,0 +11,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

615545

increased by0.1%

Number of package files

69

increased by1.47%

Lines of code

599

increased by1.53%

No dependency changes