2013-10-26 07:18:36 -05:00
|
|
|
var crypto = require('crypto')
|
2014-09-10 12:55:26 -05:00
|
|
|
, Error = require('http-errors')
|
2013-10-26 07:18:36 -05:00
|
|
|
, utils = require('./utils')
|
|
|
|
, Logger = require('./logger')
|
2013-06-07 20:16:28 -05:00
|
|
|
|
|
|
|
module.exports.validate_name = function validate_name(req, res, next, value, name) {
|
2014-02-01 03:08:48 -05:00
|
|
|
if (value.charAt(0) === '-') {
|
|
|
|
// special case in couchdb usually
|
|
|
|
next('route')
|
|
|
|
} else if (utils.validate_name(value)) {
|
2013-10-26 07:18:36 -05:00
|
|
|
next()
|
2013-06-07 20:16:28 -05:00
|
|
|
} else {
|
2014-09-10 12:55:26 -05:00
|
|
|
next(Error[403]('invalid ' + name))
|
2013-06-07 20:16:28 -05:00
|
|
|
}
|
2013-10-26 07:18:36 -05:00
|
|
|
}
|
2013-06-07 20:16:28 -05:00
|
|
|
|
|
|
|
module.exports.media = function media(expect) {
|
|
|
|
return function(req, res, next) {
|
|
|
|
if (req.headers['content-type'] !== expect) {
|
2014-09-10 12:55:26 -05:00
|
|
|
next(Error[415]('wrong content-type, expect: ' + expect
|
|
|
|
+ ', got: '+req.headers['content-type']))
|
2013-06-07 20:16:28 -05:00
|
|
|
} else {
|
2013-10-26 07:18:36 -05:00
|
|
|
next()
|
2013-06-07 20:16:28 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
module.exports.expect_json = function expect_json(req, res, next) {
|
2013-10-22 02:29:57 -05:00
|
|
|
if (!utils.is_object(req.body)) {
|
2013-06-07 20:16:28 -05:00
|
|
|
return next({
|
|
|
|
status: 400,
|
2014-07-22 14:31:01 -05:00
|
|
|
message: 'can\'t parse incoming json',
|
2013-10-26 07:18:36 -05:00
|
|
|
})
|
2013-06-07 20:16:28 -05:00
|
|
|
}
|
2013-10-26 07:18:36 -05:00
|
|
|
next()
|
2013-06-07 20:16:28 -05:00
|
|
|
}
|
|
|
|
|
2013-12-08 22:59:31 -05:00
|
|
|
module.exports.anti_loop = function(config) {
|
|
|
|
return function(req, res, next) {
|
|
|
|
if (req.headers.via != null) {
|
|
|
|
var arr = req.headers.via.split(',')
|
|
|
|
for (var i=0; i<arr.length; i++) {
|
|
|
|
var m = arr[i].match(/\s*(\S+)\s+(\S+)/)
|
|
|
|
if (m && m[2] === config.server_id) {
|
2014-09-10 12:55:26 -05:00
|
|
|
return next(Error[508]('loop detected'))
|
2013-12-08 22:59:31 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
next()
|
|
|
|
}
|
|
|
|
}
|
2013-06-07 20:16:28 -05:00
|
|
|
|
2013-07-02 20:49:24 -05:00
|
|
|
// express doesn't do etags with requests <= 1024b
|
|
|
|
// we use md5 here, it works well on 1k+ bytes, but sucks with fewer data
|
|
|
|
// could improve performance using crc32 after benchmarks
|
|
|
|
function md5sum(data) {
|
2013-10-26 07:18:36 -05:00
|
|
|
return crypto.createHash('md5').update(data).digest('hex')
|
2013-07-02 20:49:24 -05:00
|
|
|
}
|
|
|
|
|
2013-10-11 00:32:59 -05:00
|
|
|
module.exports.log_and_etagify = function(req, res, next) {
|
|
|
|
// logger
|
2013-10-26 07:18:36 -05:00
|
|
|
req.log = Logger.logger.child({sub: 'in'})
|
2013-10-12 09:37:47 -05:00
|
|
|
|
|
|
|
var _auth = req.headers.authorization
|
|
|
|
if (_auth) req.headers.authorization = '<Classified>'
|
|
|
|
req.log.info({req: req, ip: req.ip}, '@{ip} requested \'@{req.method} @{req.url}\'')
|
|
|
|
if (_auth) req.headers.authorization = _auth
|
2013-10-11 00:32:59 -05:00
|
|
|
|
2013-10-26 07:18:36 -05:00
|
|
|
var bytesin = 0
|
2014-06-17 20:59:22 -05:00
|
|
|
req.on('data', function(chunk) {
|
|
|
|
bytesin += chunk.length
|
|
|
|
})
|
2013-10-11 00:32:59 -05:00
|
|
|
|
2013-10-26 07:18:36 -05:00
|
|
|
var _send = res.send
|
2013-07-02 20:49:24 -05:00
|
|
|
res.send = function(body) {
|
2014-03-07 13:20:41 -05:00
|
|
|
try {
|
|
|
|
if (typeof(body) === 'string' || typeof(body) === 'object') {
|
2014-05-06 16:34:48 -05:00
|
|
|
if (!res.getHeader('Content-type')) {
|
|
|
|
res.header('Content-type', 'application/json')
|
|
|
|
}
|
2014-03-07 13:20:41 -05:00
|
|
|
|
|
|
|
if (typeof(body) === 'object' && body != null) {
|
2014-06-22 09:06:16 -05:00
|
|
|
if (typeof(body.error) === 'string') {
|
2014-03-28 20:08:00 -05:00
|
|
|
res._sinopia_error = body.error
|
2014-03-07 13:20:41 -05:00
|
|
|
}
|
|
|
|
body = JSON.stringify(body, undefined, '\t') + '\n'
|
|
|
|
}
|
2013-07-02 20:49:24 -05:00
|
|
|
|
2014-03-07 13:20:41 -05:00
|
|
|
// don't send etags with errors
|
|
|
|
if (!res.statusCode || (res.statusCode >= 200 && res.statusCode < 300)) {
|
|
|
|
res.header('ETag', '"' + md5sum(body) + '"')
|
2013-10-11 00:32:59 -05:00
|
|
|
}
|
2014-03-07 13:20:41 -05:00
|
|
|
} else {
|
|
|
|
// send(null), send(204), etc.
|
2013-07-02 20:49:24 -05:00
|
|
|
}
|
2014-03-07 13:20:41 -05:00
|
|
|
} catch(err) {
|
|
|
|
// if sinopia sends headers first, and then calls res.send()
|
|
|
|
// as an error handler, we can't report error properly,
|
|
|
|
// and should just close socket
|
|
|
|
if (err.message.match(/set headers after they are sent/)) {
|
2014-07-21 10:06:44 -05:00
|
|
|
if (res.socket != null) res.socket.destroy()
|
|
|
|
return
|
2014-03-07 13:20:41 -05:00
|
|
|
} else {
|
|
|
|
throw err
|
2013-12-06 12:46:11 -05:00
|
|
|
}
|
2013-07-02 20:49:24 -05:00
|
|
|
}
|
2013-10-11 00:32:59 -05:00
|
|
|
|
2013-10-26 07:18:36 -05:00
|
|
|
res.send = _send
|
|
|
|
res.send(body)
|
2013-10-18 16:53:27 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
var bytesout = 0
|
2013-10-26 07:18:36 -05:00
|
|
|
, _write = res.write
|
2013-10-18 16:53:27 -05:00
|
|
|
res.write = function(buf) {
|
|
|
|
bytesout += buf.length
|
|
|
|
_write.apply(res, arguments)
|
|
|
|
}
|
|
|
|
|
2013-10-22 04:37:28 -05:00
|
|
|
function log() {
|
2014-07-22 14:31:01 -05:00
|
|
|
var message = '@{status}, user: @{user}, req: \'@{request.method} @{request.url}\''
|
2013-10-18 16:53:27 -05:00
|
|
|
if (res._sinopia_error) {
|
2014-07-22 14:31:01 -05:00
|
|
|
message += ', error: @{!error}'
|
2013-10-11 00:32:59 -05:00
|
|
|
} else {
|
2014-07-22 14:31:01 -05:00
|
|
|
message += ', bytes: @{bytes.in}/@{bytes.out}'
|
2013-10-11 00:32:59 -05:00
|
|
|
}
|
|
|
|
req.log.warn({
|
|
|
|
request: {method: req.method, url: req.url},
|
|
|
|
level: 35, // http
|
2014-09-01 18:09:08 -05:00
|
|
|
user: req.remote_user.name,
|
2013-10-11 00:32:59 -05:00
|
|
|
status: res.statusCode,
|
2013-10-18 16:53:27 -05:00
|
|
|
error: res._sinopia_error,
|
2013-10-11 00:32:59 -05:00
|
|
|
bytes: {
|
|
|
|
in: bytesin,
|
2013-10-18 16:53:27 -05:00
|
|
|
out: bytesout,
|
2013-10-11 00:32:59 -05:00
|
|
|
}
|
2014-07-22 14:31:01 -05:00
|
|
|
}, message)
|
2013-10-22 04:37:28 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
req.on('close', function() {
|
|
|
|
log(true)
|
|
|
|
})
|
|
|
|
|
2013-10-26 07:18:36 -05:00
|
|
|
var _end = res.end
|
2013-10-22 04:37:28 -05:00
|
|
|
res.end = function(buf) {
|
|
|
|
if (buf) bytesout += buf.length
|
|
|
|
_end.apply(res, arguments)
|
|
|
|
log()
|
|
|
|
}
|
|
|
|
next()
|
2013-07-02 20:49:24 -05:00
|
|
|
}
|
|
|
|
|