fix: expose middleware methods #3915 (#3934)

* fix: expose middleware methods #3915 * remove body-parser dep * fix 404 issue
2025-02-17 23:45:29 -05:00 · 2023-07-15 20:38:43 +02:00 · 2023-07-15 20:38:43 +02:00 · ae93e039da
commit ae93e039da
parent 80b1038a76
11 changed files with 45 additions and 20 deletions
--- a/.changeset/eight-clouds-look.md
+++ b/.changeset/eight-clouds-look.md
@ -0,0 +1,7 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/middleware': minor
+'@verdaccio/server': minor
+---
+
+fix: expose middleware methods
--- a/packages/api/src/index.ts
+++ b/packages/api/src/index.ts
@ -1,4 +1,3 @@
-import bodyParser from 'body-parser';
 import express, { Router } from 'express';

 import { Auth } from '@verdaccio/auth';
@ -43,7 +42,7 @@ export default function (config: Config, auth: Auth, storage: Storage): Router {
  app.param('_rev', match(/^-rev$/));
  app.param('org_couchdb_user', match(/^org\.couchdb\.user:/));
  app.use(auth.apiJWTmiddleware());
-  app.use(bodyParser.json({ strict: false, limit: config.max_body_size || '10mb' }));
+  app.use(express.json({ strict: false, limit: config.max_body_size || '10mb' }));
  // @ts-ignore
  app.use(antiLoop(config));
  // encode / in a scoped package name to be matched as a single parameter in routes
@ -51,14 +50,12 @@ export default function (config: Config, auth: Auth, storage: Storage): Router {
  // for "npm whoami"
  whoami(app);
  profile(app, auth, config);
-  // @deprecated endpoint, 404 by default
  search(app);
  user(app, auth, config);
  distTags(app, auth, storage);
  publish(app, auth, storage);
  ping(app);
  stars(app, storage);
-  // @ts-ignore
  v1Search(app, auth, storage);
  token(app, auth, storage, config);
  pkg(app, auth, storage);
--- a/packages/middleware/src/index.ts
+++ b/packages/middleware/src/index.ts
@ -9,7 +9,7 @@ export { final } from './middlewares/final';
 export { allow } from './middlewares/allow';
 export { rateLimit } from './middlewares/rate-limit';
 export { userAgent } from './middlewares/user-agent';
-export { webMiddleware } from './middlewares/web';
+export { webMiddleware, renderWebMiddleware } from './middlewares/web';
 export { errorReportingMiddleware, handleError } from './middlewares/error';
 export {
  log,
--- a/packages/middleware/src/middlewares/validation.ts
+++ b/packages/middleware/src/middlewares/validation.ts
@ -1,6 +1,14 @@
+import { NextFunction, Request, Response } from 'express';
+
 import { errorUtils, validationUtils } from '@verdaccio/core';

-export function validateName(_req, _res, next, value: string, name: string) {
+export function validateName(
+  _req: Request,
+  _res: Response,
+  next: NextFunction,
+  value: string,
+  name: string
+) {
  if (validationUtils.validateName(value)) {
    next();
  } else {
@ -8,7 +16,13 @@ export function validateName(_req, _res, next, value: string, name: string) {
  }
 }

-export function validatePackage(_req, _res, next, value: string, name: string) {
+export function validatePackage(
+  _req: Request,
+  _res,
+  next: NextFunction,
+  value: string,
+  name: string
+) {
  if (validationUtils.validatePackage(value)) {
    next();
  } else {
--- a/packages/middleware/src/middlewares/web/index.ts
+++ b/packages/middleware/src/middlewares/web/index.ts
@ -1 +1,4 @@
 export { default as webMiddleware } from './web-middleware';
+export { webAPIMiddleware } from './web-api';
+export { setSecurityWebHeaders } from './security';
+export { renderWebMiddleware } from './render-web';
--- a/packages/middleware/src/middlewares/web/web-api.ts
+++ b/packages/middleware/src/middlewares/web/web-api.ts
@ -1,10 +1,13 @@
 import express from 'express';
-import { Router } from 'express';
+import { RequestHandler, Router } from 'express';

 import { validateName, validatePackage } from '../validation';
 import { setSecurityWebHeaders } from './security';

-export function webMiddleware(tokenMiddleware, webEndpointsApi) {
+export function webAPIMiddleware(
+  tokenMiddleware: RequestHandler,
+  webEndpointsApi: RequestHandler
+): Router {
  // eslint-disable-next-line new-cap
  const route = Router();
  // validate all of these params as a package name
@ -13,15 +16,15 @@ export function webMiddleware(tokenMiddleware, webEndpointsApi) {
  route.param('filename', validateName);
  route.param('version', validateName);
  route.use(express.urlencoded({ extended: false }));
+  route.use(setSecurityWebHeaders);

  if (typeof tokenMiddleware === 'function') {
    route.use(tokenMiddleware);
  }

-  route.use(setSecurityWebHeaders);
-
-  if (webEndpointsApi) {
+  if (typeof webEndpointsApi === 'function') {
    route.use(webEndpointsApi);
  }
+
  return route;
 }
--- a/packages/middleware/src/middlewares/web/web-middleware.ts
+++ b/packages/middleware/src/middlewares/web/web-middleware.ts
@ -1,7 +1,7 @@
 import express from 'express';

 import { renderWebMiddleware } from './render-web';
-import { webMiddleware } from './web-api';
+import { webAPIMiddleware } from './web-api';

 export default (config, middlewares, pluginOptions): any => {
  // eslint-disable-next-line new-cap
@ -10,6 +10,6 @@ export default (config, middlewares, pluginOptions): any => {
  // render web
  router.use('/', renderWebMiddleware(config, tokenMiddleware, pluginOptions));
  // web endpoints, search, packages, etc
-  router.use('/-/verdaccio/', webMiddleware(tokenMiddleware, webEndpointsApi));
+  router.use('/-/verdaccio/', webAPIMiddleware(tokenMiddleware, webEndpointsApi));
  return router;
 };
--- a/packages/middleware/test/final.spec.ts
+++ b/packages/middleware/test/final.spec.ts
@ -1,4 +1,3 @@
-import bodyParser from 'body-parser';
 import express from 'express';
 import request from 'supertest';

@ -6,6 +5,8 @@ import { HEADERS, HTTP_STATUS } from '@verdaccio/core';

 import { final } from '../src';

+const bodyParser = express;
+
 test('handle error as object', async () => {
  const app = express();
  app.use(bodyParser.json({ strict: false, limit: '10mb' }));
--- a/packages/middleware/test/json.spec.ts
+++ b/packages/middleware/test/json.spec.ts
@ -1,4 +1,4 @@
-import bodyParser from 'body-parser';
+import express from 'express';
 import request from 'supertest';

 import { HEADERS, HTTP_STATUS } from '@verdaccio/core';
@ -8,7 +8,7 @@ import { getApp } from './helper';

 test('body is json', async () => {
  const app = getApp([]);
-  app.use(bodyParser.json({ strict: false, limit: '10mb' }));
+  app.use(express.json({ strict: false, limit: '10mb' }));
  // @ts-ignore
  app.put('/json', expectJson, (req, res) => {
    res.status(HTTP_STATUS.OK).json({});
--- a/packages/server/express/src/server.ts
+++ b/packages/server/express/src/server.ts
@ -89,7 +89,8 @@ const defineAPI = async function (config: IConfig, storage: Storage): Promise<an
      res.locals.app_version = version ?? '';
      next();
    });
-    app.use(await webMiddleware(config, auth, storage));
+    const middleware = await webMiddleware(config, auth, storage);
+    app.use(middleware);
  } else {
    app.get('/', function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer) {
      next(errorUtils.getNotFound(API_ERROR.WEB_DISABLED));
--- a/packages/tools/helpers/src/initializeServer.ts
+++ b/packages/tools/helpers/src/initializeServer.ts
@ -1,4 +1,3 @@
-import bodyParser from 'body-parser';
 import buildDebug from 'debug';
 import express, { Application } from 'express';
 import os from 'os';
@ -30,7 +29,7 @@ export async function initializeServer(
  const auth: Auth = new Auth(config);
  await auth.init();
  // TODO: this might not be need it, used in apiEndpoints
-  app.use(bodyParser.json({ strict: false, limit: '10mb' }));
+  app.use(express.json({ strict: false, limit: '10mb' }));
  // @ts-ignore
  app.use(errorReportingMiddleware(logger));
  for (let route of routesMiddleware) {