1st commit

2022-06-04 20:04:25 +02:00
commit 159683d7ba
17 changed files with 3540 additions and 0 deletions
--- a/server/lib/HelperXhr.js
+++ b/server/lib/HelperXhr.js
@ -0,0 +1,55 @@
+"use strict";
+const Libsecurity = require("Libsecurity");
+
+class HelperXhr {
+  /**
+   * Return req.xhr state to determine if request is xhr type
+   * @param {object} req - req Express var
+   * @return {boolean}
+   */
+  static isXhrRequest(req) {
+    if (req && req.headers && req.headers.accept) {
+      return req.headers.accept.indexOf("json") > -1;
+    }
+    return false;
+  }
+  /**
+   * Push received Data on object
+   * @return object
+   */
+  static setSettings(req) {
+    let obj = {};
+    console.log(req);
+    try {
+      if (req.method.match(/POST|PUT/i)) {
+        obj = Object.keys(req.body).length > 0 ? req.body : {};
+      } else if (req.method.match(/GET/i)) {
+        //no body with GET method !! use query.data
+        obj = req.query && req.query.data ? JSON.parse(req.query.data) : {};
+      } else {
+        throw new Error(
+          "HelperXhr::setSettings-req.method not supported-" + req.method
+        );
+      }
+      // // Parsing req.body API receive only json so string is JSON
+      // if (typeof obj === "string") {
+      //   obj = JSON.parse(obj);
+      // }
+      //check size
+      if (typeof obj === "object") {
+        Libsecurity.jsonSizeIsAcceptable(obj, req.app.get("JSONMAXSIZE"));
+      }
+      //url paramèters are also put in object
+      if (req.params && typeof req.params === "object") {
+        for (let param in req.params) {
+          obj[param] = req.params[param];
+        }
+      }
+      return obj;
+    } catch (error) {
+      //if called from controller to call express error handler
+      throw error;
+    }
+  }
+}
+module.exports = HelperXhr;
--- a/server/lib/Libsecurity.js
+++ b/server/lib/Libsecurity.js
@ -0,0 +1,36 @@
+"use strict";
+
+class Libsecurity {
+  /**
+   *
+   * @param {object} obj
+   * @param {number} maxsize
+   * @returns
+   */
+  static jsonSizeIsAcceptable(obj, maxsize) {
+    const size = JSON.stringify(obj).length;
+    if (typeof obj === "object" && size > maxsize)
+      throw new Error(
+        "Warning Date received exceed defined max size - Libsecurity",
+        "size received:",
+        obj.length,
+        "acceptable",
+        size
+      );
+    return true;
+  }
+
+  /**
+   *
+   * @param {string} str  - filename to sanitize
+   * @returns
+   */
+  static sanitizeFileName(str) {
+    return str
+      .replace(/(.*\/)|(\/.*)/g, "")
+      .replace(/\.\./g, "")
+      .replace(/;/g, "");
+  }
+}
+
+module.exports = Libsecurity;
--- a/server/lib/logger.js
+++ b/server/lib/logger.js
@ -0,0 +1,47 @@
+const { createLogger, format, transports, config } = require("winston");
+
+//exception log filename
+const exceptionlogfile = __dirname + "/../logs/exceptions.log";
+const rejectionslogfile = __dirname + "/../logs/rejections.log";
+const errorslogfile = __dirname + "/../logs/errors.log";
+const debugslogfile = __dirname + "/../logs/debug.log";
+
+/**
+ * Levels winston
+ * { 
+  error: 0, 
+  warn: 1, 
+  info: 2, 
+  http: 3,
+  verbose: 4, 
+  debug: 5, 
+  silly: 6 
+}
+ */
+const logger = createLogger({
+  transports: [
+    new transports.Console({
+      level: "info",
+      format: format.combine(
+        // format.colorize(),
+        format.timestamp(),
+        format.json()
+      ),
+    }),
+    new transports.File({
+      level: "error",
+      format: format.combine(format.timestamp(), format.json()),
+      filename: errorslogfile,
+    }),
+    new transports.File({
+      level: "debug",
+      format: format.combine(format.timestamp(), format.json()),
+      filename: debugslogfile,
+    }),
+  ],
+  exceptionHandlers: [new transports.File({ filename: exceptionlogfile })],
+  rejectionHandlers: [new transports.File({ filename: rejectionslogfile })],
+  //see winston documentation https://www.npmjs.com/package/winston#logging-levels
+  exitOnError: false,
+});
+module.exports = logger;