Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-04-01 02:42:23 -05:00
Code Issues Activity

refactor: improve logging (#2154)

Browse source 
* refactor: improve logging

* chore: update test

* chore: update local-storage.ts

* chore: update local-storage.ts
This commit is contained in:
Paola Morales 2021-03-31 23:22:32 +02:00 committed by GitHub
parent 5b6be2aa09
commit b0fc25a8c4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 338 additions and 683 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

148
src/api/endpoint/api/publish.ts
View file

@ -1,37 +1,23 @@
import Path from 'path';
import _ from 'lodash';
import buildDebug from 'debug';
import mime from 'mime';
import { Router } from 'express';
import { Config, Callback, MergeTags, Version, Package } from '@verdaccio/types';
import { API_MESSAGE, HEADERS, DIST_TAGS, API_ERROR, HTTP_STATUS } from '../../../lib/constants';
import {
validateMetadata,
isObject,
ErrorCode,
hasDiffOneKey,
isRelatedToDeprecation
} from '../../../lib/utils';
import { validateMetadata, isObject, ErrorCode, hasDiffOneKey, isRelatedToDeprecation } from '../../../lib/utils';
import { media, expectJson, allow } from '../../middleware';
import { notify } from '../../../lib/notify';
import {
IAuth,
$ResponseExtend,
$RequestExtend,
$NextFunctionVer,
IStorageHandler
} from '../../../../types';
import { IAuth, $ResponseExtend, $RequestExtend, $NextFunctionVer, IStorageHandler } from '../../../../types';
import { logger } from '../../../lib/logger';
import { isPublishablePackage } from '../../../lib/storage-utils';
import star from './star';
export default function publish(
router: Router,
auth: IAuth,
storage: IStorageHandler,
config: Config
): void {
const debug = buildDebug('verdaccio:publish');
export default function publish(router: Router, auth: IAuth, storage: IStorageHandler, config: Config): void {
const can = allow(auth);
/**
@ -93,13 +79,7 @@ export default function publish(
}
*
*/
router.put(
'/:package/:_rev?/:revision?',
can('publish'),
media(mime.getType('json')),
expectJson,
publishPackage(storage, config, auth)
);
router.put('/:package/:_rev?/:revision?', can('publish'), media(mime.getType('json')), expectJson, publishPackage(storage, config, auth));
/**
* Un-publishing an entire package.
@ -112,29 +92,13 @@ export default function publish(
router.delete('/:package/-rev/*', can('unpublish'), unPublishPackage(storage));
// removing a tarball
router.delete(
'/:package/-/:filename/-rev/:revision',
can('unpublish'),
can('publish'),
removeTarball(storage)
);
router.delete('/:package/-/:filename/-rev/:revision', can('unpublish'), can('publish'), removeTarball(storage));
// uploading package tarball
router.put(
'/:package/-/:filename/*',
can('publish'),
media(HEADERS.OCTET_STREAM),
uploadPackageTarball(storage)
);
router.put('/:package/-/:filename/*', can('publish'), media(HEADERS.OCTET_STREAM), uploadPackageTarball(storage));
// adding a version
router.put(
'/:package/:version/-tag/:tag',
can('publish'),
media(mime.getType('json')),
expectJson,
addVersion(storage)
);
router.put('/:package/:version/-tag/:tag', can('publish'), media(mime.getType('json')), expectJson, addVersion(storage));
}
/**
@ -144,9 +108,7 @@ export function publishPackage(storage: IStorageHandler, config: Config, auth: I
const starApi = star(storage);
return function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
const packageName = req.params.package;
logger.debug({ packageName }, `publishing or updating a new version for @{packageName}`);
debug('publishing or updating a new version for %o', packageName);
/**
* Write tarball of stream data from package clients.
*/
@ -192,18 +154,14 @@ export function publishPackage(storage: IStorageHandler, config: Config, auth: I
res.status(HTTP_STATUS.CREATED);
return next({
ok: okMessage,
success: true
success: true,
});
}
// npm-registry-client 0.3+ embeds tarball into the json upload
// https://github.com/isaacs/npm-registry-client/commit/e9fbeb8b67f249394f735c74ef11fe4720d46ca0
// issue https://github.com/rlidwka/sinopia/issues/31, dealing with it here:
const isInvalidBodyFormat =
isObject(_attachments) === false ||
hasDiffOneKey(_attachments) ||
isObject(versions) === false ||
hasDiffOneKey(versions);
const isInvalidBodyFormat = isObject(_attachments) === false || hasDiffOneKey(_attachments) || isObject(versions) === false || hasDiffOneKey(versions);
if (isInvalidBodyFormat) {
// npm is doing something strange again
@ -219,49 +177,37 @@ export function publishPackage(storage: IStorageHandler, config: Config, auth: I
// at this point document is either created or existed before
const [firstAttachmentKey] = Object.keys(_attachments);
createTarball(
Path.basename(firstAttachmentKey),
_attachments[firstAttachmentKey],
function (error) {
createTarball(Path.basename(firstAttachmentKey), _attachments[firstAttachmentKey], function (error) {
if (error) {
return next(error);
}
const versionToPublish = Object.keys(versions)[0];
const versionMetadataToPublish = versions[versionToPublish];
versionMetadataToPublish.readme = _.isNil(versionMetadataToPublish.readme) === false ? String(versionMetadataToPublish.readme) : '';
createVersion(versionToPublish, versionMetadataToPublish, function (error) {
if (error) {
return next(error);
}
const versionToPublish = Object.keys(versions)[0];
const versionMetadataToPublish = versions[versionToPublish];
versionMetadataToPublish.readme =
_.isNil(versionMetadataToPublish.readme) === false
? String(versionMetadataToPublish.readme)
: '';
createVersion(versionToPublish, versionMetadataToPublish, function (error) {
addTags(metadataCopy[DIST_TAGS], async function (error) {
if (error) {
return next(error);
}
addTags(metadataCopy[DIST_TAGS], async function (error) {
if (error) {
return next(error);
}
try {
await notify(metadataCopy, config, req.remote_user, `${metadataCopy.name}@${versionToPublish}`);
} catch (error) {
logger.error({ error }, 'notify batch service has failed: @{error}');
}
try {
await notify(
metadataCopy,
config,
req.remote_user,
`${metadataCopy.name}@${versionToPublish}`
);
} catch (error) {
logger.error({ error }, 'notify batch service has failed: @{error}');
}
res.status(HTTP_STATUS.CREATED);
return next({ ok: okMessage, success: true });
});
res.status(HTTP_STATUS.CREATED);
return next({ ok: okMessage, success: true });
});
}
);
});
});
};
if (isPublishablePackage(req.body) === false && isObject(req.body.users)) {
@ -272,21 +218,20 @@ export function publishPackage(storage: IStorageHandler, config: Config, auth: I
const metadata = validateMetadata(req.body, packageName);
// treating deprecation as updating a package
if (req.params._rev || isRelatedToDeprecation(req.body)) {
logger.debug({ packageName }, `updating a new version for @{packageName}`);
debug('updating a new version for %o', packageName);
// we check unpublish permissions, an update is basically remove versions
const remote = req.remote_user;
auth.allow_unpublish({ packageName }, remote, (error) => {
if (error) {
logger.debug({ packageName }, `not allowed to unpublish a version for @{packageName}`);
logger.error({ packageName }, `not allowed to unpublish a version for @{packageName}`);
return next(error);
}
storage.changePackage(packageName, metadata, req.params.revision, function (error) {
afterChange(error, API_MESSAGE.PKG_CHANGED, metadata);
});
});
} else {
logger.debug({ packageName }, `adding a new version for @{packageName}`);
debug('adding a new version for %o', packageName);
storage.addPackage(packageName, metadata, function (error) {
afterChange(error, API_MESSAGE.PKG_CREATED, metadata);
});
@ -304,8 +249,7 @@ export function publishPackage(storage: IStorageHandler, config: Config, auth: I
export function unPublishPackage(storage: IStorageHandler) {
return function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
const packageName = req.params.package;
logger.debug({ packageName }, `unpublishing @{packageName}`);
debug('unpublishing %o', packageName);
storage.removePackage(packageName, function (err) {
if (err) {
return next(err);
@ -323,21 +267,13 @@ export function removeTarball(storage: IStorageHandler) {
return function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
const packageName = req.params.package;
const { filename, revision } = req.params;
logger.debug(
{ packageName, filename, revision },
`removing a tarball for @{packageName}-@{tarballName}-@{revision}`
);
debug('removing a tarball for %o-%o-%o', packageName, filename, revision);
storage.removeTarball(packageName, filename, revision, function (err) {
if (err) {
return next(err);
}
res.status(HTTP_STATUS.CREATED);
logger.debug(
{ packageName, filename, revision },
`success remove tarball for @{packageName}-@{tarballName}-@{revision}`
);
debug('success remove tarball for %o-%o-%o', packageName, filename, revision);
return next({ ok: API_MESSAGE.TARBALL_REMOVED });
});
};
@ -357,7 +293,7 @@ export function addVersion(storage: IStorageHandler) {
res.status(HTTP_STATUS.CREATED);
return next({
ok: API_MESSAGE.PKG_PUBLISHED
ok: API_MESSAGE.PKG_PUBLISHED,
});
});
};
@ -392,7 +328,7 @@ export function uploadPackageTarball(storage: IStorageHandler) {
stream.on('success', function () {
res.status(HTTP_STATUS.CREATED);
return next({
ok: API_MESSAGE.TARBALL_UPLOADED
ok: API_MESSAGE.TARBALL_UPLOADED,
});
});
};

19
src/api/endpoint/api/star.ts
View file

@ -2,13 +2,13 @@
import { Response } from 'express';
import _ from 'lodash';
import buildDebug from 'debug';
import { USERS, HTTP_STATUS } from '../../../lib/constants';
import { $RequestExtend, $NextFunctionVer, IStorageHandler } from '../../../../types';
import { logger } from '../../../lib/logger';
export default function (
storage: IStorageHandler
): (req: $RequestExtend, res: Response, next: $NextFunctionVer) => void {
const debug = buildDebug('verdaccio:star');
export default function (storage: IStorageHandler): (req: $RequestExtend, res: Response, next: $NextFunctionVer) => void {
const validateInputs = (newUsers, localUsers, username, isStar): boolean => {
const isExistlocalUsers = _.isNil(localUsers[username]) === false;
if (isStar && isExistlocalUsers && localUsers[username]) {
@ -23,14 +23,14 @@ export default function (
return (req: $RequestExtend, res: Response, next: $NextFunctionVer): void => {
const name = req.params.package;
logger.debug({ name }, 'starring a package for @{name}');
debug('starring a package for %o', name);
const afterChangePackage = function (err?: Error) {
if (err) {
return next(err);
}
res.status(HTTP_STATUS.OK);
next({
success: true
success: true,
});
};
@ -46,16 +46,13 @@ export default function (
const localStarUsers = info[USERS];
// Check is star or unstar
const isStar = Object.keys(newStarUser).includes(remoteUsername);
if (
_.isNil(localStarUsers) === false &&
validateInputs(newStarUser, localStarUsers, remoteUsername, isStar)
) {
if (_.isNil(localStarUsers) === false && validateInputs(newStarUser, localStarUsers, remoteUsername, isStar)) {
return afterChangePackage();
}
const users = isStar
? {
...localStarUsers,
[remoteUsername]: true
[remoteUsername]: true,
}
: _.reduce(
localStarUsers,
@ -70,7 +67,7 @@ export default function (
storage.changePackage(name, { ...info, users }, req.body._rev, function (err) {
afterChangePackage(err);
});
}
},
});
};
}

153
src/api/endpoint/api/user.ts
View file

@ -5,116 +5,85 @@ import { Config, RemoteUser } from '@verdaccio/types';
import { Response, Router } from 'express';
import { ErrorCode } from '../../../lib/utils';
import { API_ERROR, API_MESSAGE, HTTP_STATUS } from '../../../lib/constants';
import {
createRemoteUser,
createSessionToken,
getApiToken,
getAuthenticatedMessage,
validatePassword
} from '../../../lib/auth-utils';
import { createRemoteUser, createSessionToken, getApiToken, getAuthenticatedMessage, validatePassword } from '../../../lib/auth-utils';
import { logger } from '../../../lib/logger';
import { $RequestExtend, $ResponseExtend, $NextFunctionVer, IAuth } from '../../../../types';
export default function (route: Router, auth: IAuth, config: Config): void {
route.get(
'/-/user/:org_couchdb_user',
function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
res.status(HTTP_STATUS.OK);
next({
ok: getAuthenticatedMessage(req.remote_user.name)
});
}
);
route.get('/-/user/:org_couchdb_user', function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
res.status(HTTP_STATUS.OK);
next({
ok: getAuthenticatedMessage(req.remote_user.name),
});
});
route.put(
'/-/user/:org_couchdb_user/:_rev?/:revision?',
function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
const { name, password } = req.body;
const remoteName = req.remote_user.name;
route.put('/-/user/:org_couchdb_user/:_rev?/:revision?', function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
const { name, password } = req.body;
const remoteName = req.remote_user.name;
if (_.isNil(remoteName) === false && _.isNil(name) === false && remoteName === name) {
auth.authenticate(
name,
password,
async function callbackAuthenticate(err, user): Promise<void> {
if (err) {
logger.trace(
{ name, err },
'authenticating for user @{username} failed. Error: @{err.message}'
);
return next(
ErrorCode.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.BAD_USERNAME_PASSWORD)
);
}
const restoredRemoteUser: RemoteUser = createRemoteUser(name, user.groups || []);
const token = await getApiToken(auth, config, restoredRemoteUser, password);
res.status(HTTP_STATUS.CREATED);
return next({
ok: getAuthenticatedMessage(req.remote_user.name),
token
});
}
);
} else {
if (validatePassword(password) === false) {
// eslint-disable-next-line new-cap
return next(ErrorCode.getCode(HTTP_STATUS.BAD_REQUEST, API_ERROR.PASSWORD_SHORT()));
if (_.isNil(remoteName) === false && _.isNil(name) === false && remoteName === name) {
auth.authenticate(name, password, async function callbackAuthenticate(err, user): Promise<void> {
if (err) {
logger.error({ name, err }, 'authenticating for user @{username} failed. Error: @{err.message}');
return next(ErrorCode.getCode(HTTP_STATUS.UNAUTHORIZED, API_ERROR.BAD_USERNAME_PASSWORD));
}
auth.add_user(name, password, async function (err, user): Promise<void> {
if (err) {
if (err.status >= HTTP_STATUS.BAD_REQUEST && err.status < HTTP_STATUS.INTERNAL_ERROR) {
// With npm registering is the same as logging in,
// and npm accepts only an 409 error.
// So, changing status code here.
return next(
ErrorCode.getCode(err.status, err.message) || ErrorCode.getConflict(err.message)
);
}
return next(err);
}
const restoredRemoteUser: RemoteUser = createRemoteUser(name, user.groups || []);
const token = await getApiToken(auth, config, restoredRemoteUser, password);
const token =
name && password ? await getApiToken(auth, config, user, password) : undefined;
res.status(HTTP_STATUS.CREATED);
req.remote_user = user;
res.status(HTTP_STATUS.CREATED);
return next({
ok: `user '${req.body.name}' created`,
token
});
return next({
ok: getAuthenticatedMessage(req.remote_user.name),
token,
});
});
} else {
if (validatePassword(password) === false) {
// eslint-disable-next-line new-cap
return next(ErrorCode.getCode(HTTP_STATUS.BAD_REQUEST, API_ERROR.PASSWORD_SHORT()));
}
}
);
route.delete(
'/-/user/token/*',
function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
res.status(HTTP_STATUS.OK);
next({
ok: API_MESSAGE.LOGGED_OUT
auth.add_user(name, password, async function (err, user): Promise<void> {
if (err) {
if (err.status >= HTTP_STATUS.BAD_REQUEST && err.status < HTTP_STATUS.INTERNAL_ERROR) {
// With npm registering is the same as logging in,
// and npm accepts only an 409 error.
// So, changing status code here.
return next(ErrorCode.getCode(err.status, err.message) || ErrorCode.getConflict(err.message));
}
return next(err);
}
const token = name && password ? await getApiToken(auth, config, user, password) : undefined;
req.remote_user = user;
res.status(HTTP_STATUS.CREATED);
return next({
ok: `user '${req.body.name}' created`,
token,
});
});
}
);
});
route.delete('/-/user/token/*', function (req: $RequestExtend, res: Response, next: $NextFunctionVer): void {
res.status(HTTP_STATUS.OK);
next({
ok: API_MESSAGE.LOGGED_OUT,
});
});
// placeholder 'cause npm require to be authenticated to publish
// we do not do any real authentication yet
route.post(
'/_session',
Cookies.express(),
function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
res.cookies.set('AuthSession', String(Math.random()), createSessionToken());
route.post('/_session', Cookies.express(), function (req: $RequestExtend, res: $ResponseExtend, next: $NextFunctionVer): void {
res.cookies.set('AuthSession', String(Math.random()), createSessionToken());
next({
ok: true,
name: 'somebody',
roles: []
});
}
);
next({
ok: true,
name: 'somebody',
roles: [],
});
});
}

193
src/api/endpoint/api/v1/token.ts
View file

@ -1,4 +1,5 @@
import _ from 'lodash';
import buildDebug from 'debug';
import { Response, Router } from 'express';
import { Config, RemoteUser, Token } from '@verdaccio/types';
import { HTTP_STATUS, SUPPORT_ERRORS } from '../../../../lib/constants';
@ -9,6 +10,7 @@ import { logger } from '../../../../lib/logger';
import { $NextFunctionVer, $RequestExtend, IAuth, IStorageHandler } from '../../../../../types';
const debug = buildDebug('verdaccio:token');
export type NormalizeToken = Token & {
created: string;
};
@ -16,128 +18,111 @@ export type NormalizeToken = Token & {
function normalizeToken(token: Token): NormalizeToken {
return {
...token,
created: new Date(token.created).toISOString()
created: new Date(token.created).toISOString(),
};
}
// https://github.com/npm/npm-profile/blob/latest/lib/index.js
export default function (
route: Router,
auth: IAuth,
storage: IStorageHandler,
config: Config
): void {
route.get(
'/-/npm/v1/tokens',
async function (req: $RequestExtend, res: Response, next: $NextFunctionVer) {
const { name } = req.remote_user;
export default function (route: Router, auth: IAuth, storage: IStorageHandler, config: Config): void {
route.get('/-/npm/v1/tokens', async function (req: $RequestExtend, res: Response, next: $NextFunctionVer) {
const { name } = req.remote_user;
if (_.isNil(name) === false) {
try {
const tokens = await storage.readTokens({ user: name });
const totalTokens = tokens.length;
logger.debug({ totalTokens }, 'token list retrieved: @{totalTokens}');
res.status(HTTP_STATUS.OK);
return next({
objects: tokens.map(normalizeToken),
urls: {
next: '' // TODO: pagination?
}
});
} catch (error) {
logger.error({ error: error.msg }, 'token list has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
if (_.isNil(name) === false) {
try {
const tokens = await storage.readTokens({ user: name });
const totalTokens = tokens.length;
debug('token list retrieved: %o', totalTokens);
res.status(HTTP_STATUS.OK);
return next({
objects: tokens.map(normalizeToken),
urls: {
next: '', // TODO: pagination?
},
});
} catch (error) {
logger.error({ error: error.msg }, 'token list has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
return next(ErrorCode.getUnauthorized());
}
);
return next(ErrorCode.getUnauthorized());
});
route.post(
'/-/npm/v1/tokens',
function (req: $RequestExtend, res: Response, next: $NextFunctionVer) {
const { password, readonly, cidr_whitelist } = req.body;
const { name } = req.remote_user;
route.post('/-/npm/v1/tokens', function (req: $RequestExtend, res: Response, next: $NextFunctionVer) {
const { password, readonly, cidr_whitelist } = req.body;
const { name } = req.remote_user;
if (!_.isBoolean(readonly) || !_.isArray(cidr_whitelist)) {
return next(ErrorCode.getCode(HTTP_STATUS.BAD_DATA, SUPPORT_ERRORS.PARAMETERS_NOT_VALID));
if (!_.isBoolean(readonly) || !_.isArray(cidr_whitelist)) {
return next(ErrorCode.getCode(HTTP_STATUS.BAD_DATA, SUPPORT_ERRORS.PARAMETERS_NOT_VALID));
}
auth.authenticate(name, password, async (err, user: RemoteUser) => {
if (err) {
const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
return next(ErrorCode.getCode(errorCode, err.message));
}
auth.authenticate(name, password, async (err, user: RemoteUser) => {
if (err) {
const errorCode = err.message ? HTTP_STATUS.UNAUTHORIZED : HTTP_STATUS.INTERNAL_ERROR;
return next(ErrorCode.getCode(errorCode, err.message));
}
req.remote_user = user;
req.remote_user = user;
if (!_.isFunction(storage.saveToken)) {
return next(ErrorCode.getCode(HTTP_STATUS.NOT_IMPLEMENTED, SUPPORT_ERRORS.STORAGE_NOT_IMPLEMENT));
}
if (!_.isFunction(storage.saveToken)) {
return next(
ErrorCode.getCode(HTTP_STATUS.NOT_IMPLEMENTED, SUPPORT_ERRORS.STORAGE_NOT_IMPLEMENT)
);
}
try {
const token = await getApiToken(auth, config, user, password);
const key = stringToMD5(token);
// TODO: use a utility here
const maskedToken = mask(token, 5);
const created = new Date().getTime();
try {
const token = await getApiToken(auth, config, user, password);
const key = stringToMD5(token);
// TODO: use a utility here
const maskedToken = mask(token, 5);
const created = new Date().getTime();
/**
* cidr_whitelist: is not being used, we pass it through
* token: we do not store the real token (it is generated once and retrieved to the user), just a mask of it.
*/
const saveToken: Token = {
user: name,
token: maskedToken,
key,
cidr: cidr_whitelist,
readonly,
created,
};
/**
* cidr_whitelist: is not being used, we pass it through
* token: we do not store the real token (it is generated once and retrieved to the user), just a mask of it.
*/
const saveToken: Token = {
await storage.saveToken(saveToken);
debug('token %o was created for user %o', key, name);
return next(
normalizeToken({
token,
user: name,
token: maskedToken,
key,
key: saveToken.key,
cidr: cidr_whitelist,
readonly,
created
};
await storage.saveToken(saveToken);
logger.debug({ key, name }, 'token @{key} was created for user @{name}');
return next(
normalizeToken({
token,
user: name,
key: saveToken.key,
cidr: cidr_whitelist,
readonly,
created: saveToken.created
})
);
} catch (error) {
logger.error({ error: error.msg }, 'token creation has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
});
}
);
route.delete(
'/-/npm/v1/tokens/token/:tokenKey',
async (req: $RequestExtend, res: Response, next: $NextFunctionVer) => {
const {
params: { tokenKey }
} = req;
const { name } = req.remote_user;
if (_.isNil(name) === false) {
logger.debug({ name }, '@{name} has requested remove a token');
try {
await storage.deleteToken(name, tokenKey);
logger.info({ tokenKey, name }, 'token id @{tokenKey} was revoked for user @{name}');
return next({});
} catch (error) {
logger.error({ error: error.msg }, 'token creation has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
created: saveToken.created,
})
);
} catch (error) {
logger.error({ error: error.msg }, 'token creation has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
});
});
route.delete('/-/npm/v1/tokens/token/:tokenKey', async (req: $RequestExtend, res: Response, next: $NextFunctionVer) => {
const {
params: { tokenKey },
} = req;
const { name } = req.remote_user;
if (_.isNil(name) === false) {
debug('%o has requested remove a token', name);
try {
await storage.deleteToken(name, tokenKey);
logger.info({ tokenKey, name }, 'token id @{tokenKey} was revoked for user @{name}');
return next({});
} catch (error) {
logger.error({ error: error.msg }, 'token creation has failed: @{error}');
return next(ErrorCode.getCode(HTTP_STATUS.INTERNAL_ERROR, error.message));
}
return next(ErrorCode.getUnauthorized());
}
);
return next(ErrorCode.getUnauthorized());
});
}

3
src/api/middleware.ts
View file

@ -155,8 +155,7 @@ export function allow(auth: IAuth): Function {
const packageName = req.params.scope ? `@${req.params.scope}/${req.params.package}` : req.params.package;
const packageVersion = req.params.filename ? getVersionFromTarball(req.params.filename) : undefined;
const remote: RemoteUser = req.remote_user;
logger.trace({ action, user: remote.name }, `[middleware/allow][@{action}] allow for @{user}`);
debug('[middleware/allow][%o] allow for %o', action, remote?.name);
auth['allow_' + action]({ packageName, packageVersion }, remote, function (error, allowed): void {
req.resume();
if (error) {

113
src/lib/auth-utils.ts
View file

@ -1,35 +1,14 @@
import _ from 'lodash';
import {
RemoteUser,
Package,
Callback,
Config,
Security,
APITokenOptions,
JWTOptions,
IPluginAuth
} from '@verdaccio/types';
import {
CookieSessionToken,
IAuthWebUI,
AuthMiddlewarePayload,
AuthTokenHeader,
BasicPayload
} from '../../types';
import buildDebug from 'debug';
import { RemoteUser, Package, Callback, Config, Security, APITokenOptions, JWTOptions, IPluginAuth } from '@verdaccio/types';
import { CookieSessionToken, IAuthWebUI, AuthMiddlewarePayload, AuthTokenHeader, BasicPayload } from '../../types';
import { logger } from '../lib/logger';
import { convertPayloadToBase64, ErrorCode } from './utils';
import {
API_ERROR,
HTTP_STATUS,
ROLES,
TIME_EXPIRATION_7D,
TOKEN_BASIC,
TOKEN_BEARER,
DEFAULT_MIN_LIMIT_PASSWORD
} from './constants';
import { API_ERROR, HTTP_STATUS, ROLES, TIME_EXPIRATION_7D, TOKEN_BASIC, TOKEN_BEARER, DEFAULT_MIN_LIMIT_PASSWORD } from './constants';
import { aesDecrypt, verifyPayload } from './crypto-utils';
const debug = buildDebug('verdaccio');
export function validatePassword(
password: string, // pragma: allowlist secret
minLength: number = DEFAULT_MIN_LIMIT_PASSWORD
@ -43,18 +22,12 @@ export function validatePassword(
*/
export function createRemoteUser(name: string, pluginGroups: string[]): RemoteUser {
const isGroupValid: boolean = Array.isArray(pluginGroups);
const groups = (isGroupValid ? pluginGroups : []).concat([
ROLES.$ALL,
ROLES.$AUTH,
ROLES.DEPRECATED_ALL,
ROLES.DEPRECATED_AUTH,
ROLES.ALL
]);
const groups = (isGroupValid ? pluginGroups : []).concat([ROLES.$ALL, ROLES.$AUTH, ROLES.DEPRECATED_ALL, ROLES.DEPRECATED_AUTH, ROLES.ALL]);
return {
name,
groups,
real_groups: pluginGroups
real_groups: pluginGroups,
};
}
@ -67,34 +40,27 @@ export function createAnonymousRemoteUser(): RemoteUser {
name: undefined,
// groups without '$' are going to be deprecated eventually
groups: [ROLES.$ALL, ROLES.$ANONYMOUS, ROLES.DEPRECATED_ALL, ROLES.DEPRECATED_ANONYMOUS],
real_groups: []
real_groups: [],
};
}
export function allow_action(action: string): Function {
return function (user: RemoteUser, pkg: Package, callback: Callback): void {
logger.trace({ remote: user.name }, `[auth/allow_action]: user: @{user.name}`);
debug('[auth/allow_action]: user: %o', user?.name);
const { name, groups } = user;
const groupAccess = pkg[action];
const hasPermission = groupAccess.some((group) => name === group || groups.includes(group));
logger.trace(
{ pkgName: pkg.name, hasPermission, remote: user.name, groupAccess },
`[auth/allow_action]: hasPermission? @{hasPermission} for user: @{user}`
);
debug('[auth/allow_action]: hasPermission? %o} for user: %o', hasPermission, user?.name);
if (hasPermission) {
logger.trace({ remote: user.name }, `auth/allow_action: access granted to: @{user}`);
logger.info({ remote: user.name }, `auth/allow_action: access granted to: @{user}`);
return callback(null, true);
}
if (name) {
callback(
ErrorCode.getForbidden(`user ${name} is not allowed to ${action} package ${pkg.name}`)
);
callback(ErrorCode.getForbidden(`user ${name} is not allowed to ${action} package ${pkg.name}`));
} else {
callback(
ErrorCode.getUnauthorized(`authorization required to ${action} package ${pkg.name}`)
);
callback(ErrorCode.getUnauthorized(`authorization required to ${action} package ${pkg.name}`));
}
};
}
@ -108,30 +74,24 @@ export function handleSpecialUnpublish(): any {
// verify whether the unpublish prop has been defined
const isUnpublishMissing: boolean = _.isNil(pkg[action]);
const hasGroups: boolean = isUnpublishMissing ? false : pkg[action].length > 0;
logger.trace(
{ user: user.name, name: pkg.name, hasGroups },
`fallback unpublish for @{name} has groups: @{hasGroups} for @{user}`
);
debug('fallback unpublish for @{name} has groups: %o for %o', hasGroups, user?.name);
if (isUnpublishMissing || hasGroups === false) {
return callback(null, undefined);
}
logger.trace(
{ user: user.name, name: pkg.name, action, hasGroups },
`allow_action for @{action} for @{name} has groups: @{hasGroups} for @{user}`
);
debug('allow_action for %o for %o has groups: %o for %o', action, user?.name, hasGroups, user);
return allow_action(action)(user, pkg, callback);
};
}
export function getDefaultPlugins(logger: any): IPluginAuth<Config> {
return {
authenticate(_user: string, _password: string, cb: Callback): void { // pragma: allowlist secret
authenticate(_user: string, _password: string, cb: Callback): void {
// pragma: allowlist secret
cb(ErrorCode.getForbidden(API_ERROR.BAD_USERNAME_PASSWORD));
},
add_user(_user: string, _password: string, cb: Callback): void { // pragma: allowlist secret
add_user(_user: string, _password: string, cb: Callback): void {
// pragma: allowlist secret
return cb(ErrorCode.getConflict(API_ERROR.BAD_USERNAME_PASSWORD));
},
@ -140,7 +100,7 @@ export function getDefaultPlugins(logger: any): IPluginAuth<Config> {
allow_access: allow_action('access', logger),
// @ts-ignore
allow_publish: allow_action('publish', logger),
allow_unpublish: handleSpecialUnpublish()
allow_unpublish: handleSpecialUnpublish(),
};
}
@ -149,25 +109,25 @@ export function createSessionToken(): CookieSessionToken {
return {
// npmjs.org sets 10h expire
expires: new Date(Date.now() + tenHoursTime)
expires: new Date(Date.now() + tenHoursTime),
};
}
const defaultWebTokenOptions: JWTOptions = {
sign: {
// The expiration token for the website is 7 days
expiresIn: TIME_EXPIRATION_7D
expiresIn: TIME_EXPIRATION_7D,
},
verify: {}
verify: {},
};
const defaultApiTokenConf: APITokenOptions = {
legacy: true
legacy: true,
};
export const defaultSecurity: Security = {
web: defaultWebTokenOptions,
api: defaultApiTokenConf
api: defaultApiTokenConf,
};
export function getSecurity(config: Config): Security {
@ -192,20 +152,13 @@ export function isAESLegacy(security: Security): boolean {
return _.isNil(legacy) === false && _.isNil(jwt) && legacy === true;
}
export async function getApiToken(
auth: IAuthWebUI,
config: Config,
remoteUser: RemoteUser,
aesPassword: string
): Promise<string> {
export async function getApiToken(auth: IAuthWebUI, config: Config, remoteUser: RemoteUser, aesPassword: string): Promise<string> {
const security: Security = getSecurity(config);
if (isAESLegacy(security)) {
// fallback all goes to AES encryption
return await new Promise((resolve): void => {
resolve(
auth.aesEncrypt(buildUserBuffer(remoteUser.name as string, aesPassword)).toString('base64')
);
resolve(auth.aesEncrypt(buildUserBuffer(remoteUser.name as string, aesPassword)).toString('base64'));
});
}
// i am wiling to use here _.isNil but flow does not like it yet.
@ -215,9 +168,7 @@ export async function getApiToken(
return await auth.jwtEncrypt(remoteUser, jwt.sign);
}
return await new Promise((resolve): void => {
resolve(
auth.aesEncrypt(buildUserBuffer(remoteUser.name as string, aesPassword)).toString('base64')
);
resolve(auth.aesEncrypt(buildUserBuffer(remoteUser.name as string, aesPassword)).toString('base64'));
});
}
@ -279,11 +230,7 @@ export function isAuthHeaderValid(authorization: string): boolean {
return authorization.split(' ').length === 2;
}
export function getMiddlewareCredentials(
security: Security,
secret: string,
authorizationHeader: string
): AuthMiddlewarePayload {
export function getMiddlewareCredentials(security: Security, secret: string, authorizationHeader: string): AuthMiddlewarePayload {
if (isAESLegacy(security)) {
const credentials = parseAESCredentials(authorizationHeader, secret);
if (!credentials) {

180
src/lib/auth.ts
View file

@ -1,18 +1,7 @@
import _ from 'lodash';
import { VerdaccioError } from '@verdaccio/commons-api';
import {
Config,
Logger,
Callback,
IPluginAuth,
RemoteUser,
JWTSignOptions,
Security,
AuthPluginPackage,
AllowAccess,
PackageAccess
} from '@verdaccio/types';
import buildDebug from 'debug';
import { Config, Logger, Callback, IPluginAuth, RemoteUser, JWTSignOptions, Security, AuthPluginPackage, AllowAccess, PackageAccess } from '@verdaccio/types';
import { NextFunction } from 'express';
import loadPlugin from '../lib/plugin-loader';
import { $RequestExtend, $ResponseExtend, IAuth, AESPayload } from '../../types';
@ -29,11 +18,13 @@ import {
isAESLegacy,
parseAuthTokenHeader,
parseBasicPayload,
createRemoteUser
createRemoteUser,
} from './auth-utils';
import { convertPayloadToBase64, ErrorCode } from './utils';
import { getMatchedPackagesSpec } from './config-utils';
const debug = buildDebug('verdaccio:auth');
class Auth implements IAuth {
public config: Config;
public logger: Logger;
@ -51,20 +42,14 @@ class Auth implements IAuth {
private _loadPlugin(config: Config): IPluginAuth<Config>[] {
const pluginOptions = {
config,
logger: this.logger
logger: this.logger,
};
return loadPlugin<IPluginAuth<Config>>(
config,
config.auth,
pluginOptions,
(plugin: IPluginAuth<Config>): boolean => {
const { authenticate, allow_access, allow_publish } = plugin;
// @ts-ignore
return authenticate || allow_access || allow_publish;
}
);
return loadPlugin<IPluginAuth<Config>>(config, config.auth, pluginOptions, (plugin: IPluginAuth<Config>): boolean => {
const { authenticate, allow_access, allow_publish } = plugin;
// @ts-ignore
return authenticate || allow_access || allow_publish;
});
}
private _applyDefaultPlugins(): void {
@ -85,10 +70,10 @@ class Auth implements IAuth {
for (const plugin of validPlugins) {
if (_.isNil(plugin) || _.isFunction(plugin.changePassword) === false) {
this.logger.trace('auth plugin does not implement changePassword, trying next one');
debug('auth plugin does not implement changePassword, trying next one');
continue;
} else {
this.logger.trace({ username }, 'updating password for @{username}');
debug('updating password for %o', username);
plugin.changePassword!(username, password, newPassword, (err, profile): void => {
if (err) {
this.logger.error(
@ -98,8 +83,7 @@ class Auth implements IAuth {
);
return cb(err);
}
this.logger.trace({ username }, 'updated password for @{username} was successful');
this.logger.info({ username }, 'updated password for @{username} was successful');
return cb(null, profile);
});
}
@ -111,18 +95,13 @@ class Auth implements IAuth {
const self = this;
(function next(): void {
const plugin = plugins.shift() as IPluginAuth<Config>;
if (_.isFunction(plugin.authenticate) === false) {
return next();
}
self.logger.trace({ username }, 'authenticating @{username}');
debug('authenticating %o', username);
plugin.authenticate(username, password, function (err, groups): void {
if (err) {
self.logger.trace(
{ username, err },
'authenticating for user @{username} failed. Error: @{err.message}'
);
self.logger.error({ username, err }, 'authenticating for user @{username} failed. Error: @{err.message}');
return cb(err);
}
@ -142,11 +121,7 @@ class Auth implements IAuth {
if (!isGroupValid) {
throw new TypeError(API_ERROR.BAD_FORMAT_USER_GROUP);
}
self.logger.trace(
{ username, groups },
'authentication for user @{username} was successfully. Groups: @{groups}'
);
debug('authentication for user %o was successfully. Groups: %o', username, groups);
return cb(err, createRemoteUser(username, groups));
}
next();
@ -157,16 +132,13 @@ class Auth implements IAuth {
public add_user(user: string, password: string, cb: Callback): void {
const self = this;
const plugins = this.plugins.slice(0);
this.logger.trace({ user }, 'add user @{user}');
debug('add user %o', user);
(function next(): void {
const plugin = plugins.shift() as IPluginAuth<Config>;
let method = 'adduser';
if (_.isFunction(plugin[method]) === false) {
method = 'add_user';
self.logger.warn(
'the plugin method add_user in the auth plugin is deprecated and will be removed in next major release, notify to the plugin author'
);
self.logger.warn('the plugin method add_user in the auth plugin is deprecated and will be removed in next major release, notify to the plugin author');
}
if (_.isFunction(plugin[method]) === false) {
@ -175,14 +147,11 @@ class Auth implements IAuth {
// p.add_user() execution
plugin[method](user, password, function (err, ok): void {
if (err) {
self.logger.trace(
{ user, err: err.message },
'the user @{user} could not being added. Error: @{err}'
);
self.logger.error({ user, err: err.message }, 'the user @{user} could not being added. Error: @{err}');
return cb(err);
}
if (ok) {
self.logger.trace({ user }, 'the user @{user} has been added');
self.logger.info({ user }, 'the user @{user} has been added');
return self.authenticate(user, password, cb);
}
next();
@ -194,20 +163,12 @@ class Auth implements IAuth {
/**
* Allow user to access a package.
*/
public allow_access(
{ packageName, packageVersion }: AuthPluginPackage,
user: RemoteUser,
callback: Callback
): void {
public allow_access({ packageName, packageVersion }: AuthPluginPackage, user: RemoteUser, callback: Callback): void {
const plugins = this.plugins.slice(0);
const pkgAllowAcces: AllowAccess = { name: packageName, version: packageVersion };
const pkg = Object.assign(
{},
pkgAllowAcces,
getMatchedPackagesSpec(packageName, this.config.packages)
) as AllowAccess & PackageAccess;
const self = this;
this.logger.trace({ packageName }, 'allow access for @{packageName}');
const pkgAllowAcces: AllowAccess = { name: packageName, version: packageVersion };
const pkg = Object.assign({}, pkgAllowAcces, getMatchedPackagesSpec(packageName, this.config.packages)) as AllowAccess & PackageAccess;
debug('allow access for %o', packageName);
(function next(): void {
const plugin: IPluginAuth<Config> = plugins.shift() as IPluginAuth<Config>;
@ -218,15 +179,12 @@ class Auth implements IAuth {
plugin.allow_access!(user, pkg, function (err, ok: boolean): void {
if (err) {
self.logger.trace(
{ packageName, err },
'forbidden access for @{packageName}. Error: @{err.message}'
);
self.logger.error({ packageName, err }, 'forbidden access for @{packageName}. Error: @{err.message}');
return callback(err);
}
if (ok) {
self.logger.trace({ packageName }, 'allowed access for @{packageName}');
self.logger.info({ packageName }, 'allowed access for @{packageName}');
return callback(null, ok);
}
@ -235,46 +193,29 @@ class Auth implements IAuth {
})();
}
public allow_unpublish(
{ packageName, packageVersion }: AuthPluginPackage,
user: RemoteUser,
callback: Callback
): void {
const pkg = Object.assign(
{ name: packageName, version: packageVersion },
getMatchedPackagesSpec(packageName, this.config.packages)
);
this.logger.trace({ packageName }, 'allow unpublish for @{packageName}');
public allow_unpublish({ packageName, packageVersion }: AuthPluginPackage, user: RemoteUser, callback: Callback): void {
const pkg = Object.assign({ name: packageName, version: packageVersion }, getMatchedPackagesSpec(packageName, this.config.packages));
debug('allow unpublish for %o', packageName);
for (const plugin of this.plugins) {
if (_.isNil(plugin) || _.isFunction(plugin.allow_unpublish) === false) {
this.logger.trace(
{ packageName },
'allow unpublish for @{packageName} plugin does not implement allow_unpublish'
);
debug('allow unpublish for %o plugin does not implement allow_unpublish', packageName);
continue;
} else {
plugin.allow_unpublish!(user, pkg, (err, ok: boolean): void => {
if (err) {
this.logger.trace(
{ packageName },
'forbidden publish for @{packageName}, it will fallback on unpublish permissions'
);
this.logger.error({ packageName }, 'forbidden publish for @{packageName}, it will fallback on unpublish permissions');
return callback(err);
}
if (_.isNil(ok) === true) {
this.logger.trace(
{ packageName },
'we bypass unpublish for @{packageName}, publish will handle the access'
);
debug('we bypass unpublish for %o, publish will handle the access', packageName);
// @ts-ignore
// eslint-disable-next-line
return this.allow_publish(...arguments);
}
if (ok) {
this.logger.trace({ packageName }, 'allowed unpublish for @{packageName}');
this.logger.info({ packageName }, 'allowed unpublish for @{packageName}');
return callback(null, ok);
}
});
@ -285,46 +226,31 @@ class Auth implements IAuth {
/**
* Allow user to publish a package.
*/
public allow_publish(
{ packageName, packageVersion }: AuthPluginPackage,
user: RemoteUser,
callback: Callback
): void {
public allow_publish({ packageName, packageVersion }: AuthPluginPackage, user: RemoteUser, callback: Callback): void {
const plugins = this.plugins.slice(0);
const self = this;
const pkg = Object.assign(
{ name: packageName, version: packageVersion },
getMatchedPackagesSpec(packageName, this.config.packages)
);
this.logger.trace(
{ packageName, plugins: this.plugins.length },
'allow publish for @{packageName} init | plugins: @{plugins}'
);
const pkg = Object.assign({ name: packageName, version: packageVersion }, getMatchedPackagesSpec(packageName, this.config.packages));
debug('allow publish for %o init | plugins: %o', packageName, plugins);
(function next(): void {
const plugin = plugins.shift();
if (_.isNil(plugin) || _.isFunction(plugin.allow_publish) === false) {
self.logger.trace(
{ packageName },
'allow publish for @{packageName} plugin does not implement allow_publish'
);
debug('allow publish for %o plugin does not implement allow_publish', packageName);
return next();
}
// @ts-ignore
plugin.allow_publish(user, pkg, (err: VerdaccioError, ok: boolean): void => {
if (_.isNil(err) === false && _.isError(err)) {
self.logger.trace({ packageName }, 'forbidden publish for @{packageName}');
self.logger.error({ packageName }, 'forbidden publish for @{packageName}');
return callback(err);
}
if (ok) {
self.logger.trace({ packageName }, 'allowed publish for @{packageName}');
self.logger.info({ packageName }, 'allowed publish for @{packageName}');
return callback(null, ok);
}
self.logger.trace({ packageName }, 'allow publish skip validation for @{packageName}');
debug('allow publish skip validation for %o', packageName);
next(); // cb(null, false) causes next plugin to roll
});
})();
@ -367,7 +293,7 @@ class Auth implements IAuth {
}
if (!isAuthHeaderValid(authorization)) {
this.logger.trace('api middleware auth heather is not valid');
debug('api middleware auth heather is not valid');
return next(ErrorCode.getBadRequest(API_ERROR.BAD_AUTH_HEADER));
}
@ -375,22 +301,16 @@ class Auth implements IAuth {
const { secret } = this.config;
if (isAESLegacy(security)) {
this.logger.trace('api middleware using legacy auth token');
debug('api middleware using legacy auth token');
this._handleAESMiddleware(req, security, secret, authorization, next);
} else {
this.logger.trace('api middleware using JWT auth token');
debug('api middleware using JWT auth token');
this._handleJWTAPIMiddleware(req, security, secret, authorization, next);
}
};
}
private _handleJWTAPIMiddleware(
req: $RequestExtend,
security: Security,
secret: string,
authorization: string,
next: Function
): void {
private _handleJWTAPIMiddleware(req: $RequestExtend, security: Security, secret: string, authorization: string, next: Function): void {
const { scheme, token } = parseAuthTokenHeader(authorization);
if (scheme.toUpperCase() === TOKEN_BASIC.toUpperCase()) {
// this should happen when client tries to login with an existing user
@ -419,13 +339,7 @@ class Auth implements IAuth {
}
}
private _handleAESMiddleware(
req: $RequestExtend,
security: Security,
secret: string,
authorization: string,
next: Function
): void {
private _handleAESMiddleware(req: $RequestExtend, security: Security, secret: string, authorization: string, next: Function): void {
const credentials: any = getMiddlewareCredentials(security, secret, authorization);
if (credentials) {
const { user, password } = credentials;
@ -508,7 +422,7 @@ class Auth implements IAuth {
const payload: RemoteUser = {
real_groups: realGroupsValidated,
name,
groups: groupedGroups
groups: groupedGroups,
};
const token: string = await signPayload(payload, this.secret, signOptions);

113
src/lib/local-storage.ts
View file

@ -1,5 +1,6 @@
import assert from 'assert';
import UrlNode from 'url';
import builDebug from 'debug';
import _ from 'lodash';
import LocalDatabase from '@verdaccio/local-storage';
import { UploadTarball, ReadTarball } from '@verdaccio/streams';
@ -21,24 +22,18 @@ import {
CallbackAction,
onSearchPackage,
onEndSearchPackage,
StorageUpdateCallback
StorageUpdateCallback,
} from '@verdaccio/types';
import { VerdaccioError } from '@verdaccio/commons-api';
import loadPlugin from '../lib/plugin-loader';
import { IStorage, StringValue } from '../../types';
import { ErrorCode, isObject, getLatestVersion, tagVersion, validateName } from './utils';
import {
generatePackageTemplate,
normalizePackage,
generateRevision,
getLatestReadme,
cleanUpReadme,
normalizeContributors
} from './storage-utils';
import { generatePackageTemplate, normalizePackage, generateRevision, getLatestReadme, cleanUpReadme, normalizeContributors } from './storage-utils';
import { API_ERROR, DIST_TAGS, HTTP_STATUS, STORAGE, SUPPORT_ERRORS, USERS } from './constants';
import { createTarballHash } from './crypto-utils';
import { prepareSearchPackage } from './storage-utils';
const debug = builDebug('verdaccio:local-storage');
/**
* Implements Storage interface (same for storage.js, local-storage.js, up-storage.js).
*/
@ -63,10 +58,7 @@ class LocalStorage implements IStorage {
storage.createPackage(name, generatePackageTemplate(name), (err) => {
// FIXME: it will be fixed here https://github.com/verdaccio/verdaccio/pull/1360
// @ts-ignore
if (
_.isNull(err) === false &&
(err.code === STORAGE.FILE_EXIST_ERROR || err.code === HTTP_STATUS.CONFLICT)
) {
if (_.isNull(err) === false && (err.code === STORAGE.FILE_EXIST_ERROR || err.code === HTTP_STATUS.CONFLICT)) {
return callback(ErrorCode.getConflict());
}
@ -87,8 +79,7 @@ class LocalStorage implements IStorage {
*/
public removePackage(name: string, callback: Callback): void {
const storage: any = this._getLocalStorage(name);
this.logger.debug({ name }, `[storage] removing package @{name}`);
debug('[storage] removing package %o', name);
if (_.isNil(storage)) {
return callback(ErrorCode.getNotFound());
}
@ -106,11 +97,7 @@ class LocalStorage implements IStorage {
this.storagePlugin.remove(name, (removeFailed: Error): void => {
if (removeFailed) {
// This will happen when database is locked
this.logger.debug(
{ name },
`[storage/removePackage] the database is locked, removed has failed for @{name}`
);
this.logger.error({ name }, `[storage/removePackage] the database is locked, removed has failed for @{name}`);
return callback(ErrorCode.getBadData(removeFailed.message));
}
@ -164,7 +151,7 @@ class LocalStorage implements IStorage {
if (_.isNil(packageLocalJson._distfiles[filename])) {
const hash: DistFile = (packageLocalJson._distfiles[filename] = {
url: version.dist.tarball,
sha: version.dist.shasum
sha: version.dist.shasum,
});
/* eslint spaced-comment: 0 */
// $FlowFixMe
@ -179,10 +166,7 @@ class LocalStorage implements IStorage {
}
for (const tag in packageInfo[DIST_TAGS]) {
if (
!packageLocalJson[DIST_TAGS][tag] ||
packageLocalJson[DIST_TAGS][tag] !== packageInfo[DIST_TAGS][tag]
) {
if (!packageLocalJson[DIST_TAGS][tag] || packageLocalJson[DIST_TAGS][tag] !== packageInfo[DIST_TAGS][tag]) {
change = true;
packageLocalJson[DIST_TAGS][tag] = packageInfo[DIST_TAGS][tag];
}
@ -208,7 +192,7 @@ class LocalStorage implements IStorage {
}
if (change) {
this.logger.debug({ name }, 'updating package @{name} info');
debug('updating package %o info', name);
this._writePackage(name, packageLocalJson, function (err): void {
callback(err, packageLocalJson);
});
@ -226,13 +210,7 @@ class LocalStorage implements IStorage {
* @param {*} tag
* @param {*} callback
*/
public addVersion(
name: string,
version: string,
metadata: Version,
tag: StringValue,
callback: CallbackAction
): void {
public addVersion(name: string, version: string, metadata: Version, tag: StringValue, callback: CallbackAction): void {
this._updatePackage(
name,
(data, cb: Callback): void => {
@ -253,10 +231,7 @@ class LocalStorage implements IStorage {
const tarball = metadata.dist.tarball.replace(/.*\//, '');
if (isObject(data._attachments[tarball])) {
if (
_.isNil(data._attachments[tarball].shasum) === false &&
_.isNil(metadata.dist.shasum) === false
) {
if (_.isNil(data._attachments[tarball].shasum) === false && _.isNil(metadata.dist.shasum) === false) {
if (data._attachments[tarball].shasum != metadata.dist.shasum) {
const errorMessage = `shasum error, ${data._attachments[tarball].shasum} != ${metadata.dist.shasum}`;
return cb(ErrorCode.getBadRequest(errorMessage));
@ -353,18 +328,12 @@ class LocalStorage implements IStorage {
* @param {*} callback
* @return {Function}
*/
public changePackage(
name: string,
incomingPkg: Package,
revision: string | void,
callback: Callback
): void {
public changePackage(name: string, incomingPkg: Package, revision: string | void, callback: Callback): void {
if (!isObject(incomingPkg.versions) || !isObject(incomingPkg[DIST_TAGS])) {
this.logger.debug({ name }, `changePackage bad data for @{name}`);
this.logger.error({ name }, `changePackage bad data for @{name}`);
return callback(ErrorCode.getBadData());
}
this.logger.debug({ name }, `changePackage udapting package for @{name}`);
debug('changePackage udapting package for %o', name);
this._updatePackage(
name,
(localData: Package, cb: CallbackAction): void => {
@ -386,16 +355,10 @@ class LocalStorage implements IStorage {
const incomingDeprecated = incomingVersion.deprecated;
if (incomingDeprecated != localData.versions[version].deprecated) {
if (!incomingDeprecated) {
this.logger.info(
{ name: name, version: version },
'undeprecating @{name}@@{version}'
);
this.logger.info({ name: name, version: version }, 'undeprecating @{name}@@{version}');
delete localData.versions[version].deprecated;
} else {
this.logger.info(
{ name: name, version: version },
'deprecating @{name}@@{version}'
);
this.logger.info({ name: name, version: version }, 'deprecating @{name}@@{version}');
localData.versions[version].deprecated = incomingDeprecated;
}
localData.time!.modified = new Date().toISOString();
@ -422,12 +385,7 @@ class LocalStorage implements IStorage {
* @param {*} revision
* @param {*} callback
*/
public removeTarball(
name: string,
filename: string,
revision: string,
callback: CallbackAction
): void {
public removeTarball(name: string, filename: string, revision: string, callback: CallbackAction): void {
assert(validateName(filename));
this._updatePackage(
@ -527,7 +485,7 @@ class LocalStorage implements IStorage {
name,
function updater(data, cb): void {
data._attachments[filename] = {
shasum: shaOneHash.digest('hex')
shasum: shaOneHash.digest('hex'),
};
cb(null);
},
@ -780,24 +738,14 @@ class LocalStorage implements IStorage {
* @param {*} callback callback that gets invoked after it's all updated
* @return {Function}
*/
private _updatePackage(
name: string,
updateHandler: StorageUpdateCallback,
callback: CallbackAction
): void {
private _updatePackage(name: string, updateHandler: StorageUpdateCallback, callback: CallbackAction): void {
const storage: IPackageStorage = this._getLocalStorage(name);
if (!storage) {
return callback(ErrorCode.getNotFound());
}
storage.updatePackage(
name,
updateHandler,
this._writePackage.bind(this),
normalizePackage,
callback
);
storage.updatePackage(name, updateHandler, this._writePackage.bind(this), normalizePackage, callback);
}
/**
@ -830,10 +778,7 @@ class LocalStorage implements IStorage {
}
private _deleteAttachments(storage: any, attachments: string[], callback: Callback): void {
this.logger.debug(
{ l: attachments.length },
`[storage/_deleteAttachments] delete attachments total: @{l}`
);
debug('[storage/_deleteAttachments] delete attachments total: %o', attachments?.length);
const unlinkNext = function (cb): void {
if (_.isEmpty(attachments)) {
return cb();
@ -893,7 +838,7 @@ class LocalStorage implements IStorage {
private _loadStorePlugin(): IPluginStorage<Config> | void {
const plugin_params = {
config: this.config,
logger: this.logger
logger: this.logger,
};
// eslint-disable-next-line max-len
@ -911,9 +856,7 @@ class LocalStorage implements IStorage {
public saveToken(token: Token): Promise<any> {
if (_.isFunction(this.storagePlugin.saveToken) === false) {
return Promise.reject(
ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE)
);
return Promise.reject(ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE));
}
return this.storagePlugin.saveToken(token);
@ -921,9 +864,7 @@ class LocalStorage implements IStorage {
public deleteToken(user: string, tokenKey: string): Promise<any> {
if (_.isFunction(this.storagePlugin.deleteToken) === false) {
return Promise.reject(
ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE)
);
return Promise.reject(ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE));
}
return this.storagePlugin.deleteToken(user, tokenKey);
@ -931,9 +872,7 @@ class LocalStorage implements IStorage {
public readTokens(filter: TokenFilter): Promise<Token[]> {
if (_.isFunction(this.storagePlugin.readTokens) === false) {
return Promise.reject(
ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE)
);
return Promise.reject(ErrorCode.getCode(HTTP_STATUS.SERVICE_UNAVAILABLE, SUPPORT_ERRORS.PLUGIN_MISSING_INTERFACE));
}
return this.storagePlugin.readTokens(filter);

2
src/lib/notify/notify-request.ts
View file

@ -1,8 +1,10 @@
import isNil from 'lodash/isNil';
import buildDebug from 'debug';
import request, { RequiredUriUrl } from 'request';
import { logger } from '../logger';
import { HTTP_STATUS } from '../constants';
const debug = buildDebug('verdaccio:notify-request');
export function notifyRequest(options: RequiredUriUrl, content): Promise<any | Error> {
return new Promise((resolve, reject): void => {
request(options, function (err, response, body): void {

97
src/lib/up-storage.ts
View file

@ -1,24 +1,18 @@
import zlib from 'zlib';
import Stream, { Readable } from 'stream';
import Stream from 'stream';
import URL, { UrlWithStringQuery } from 'url';
import JSONStream from 'JSONStream';
import buildDebug from 'debug';
import _ from 'lodash';
import request from 'request';
import { ReadTarball } from '@verdaccio/streams';
import { Config, Callback, Headers, Logger, Package } from '@verdaccio/types';
import { IProxy, UpLinkConfLocal } from '../../types';
import { parseInterval, isObject, ErrorCode, buildToken } from './utils';
import { logger} from './logger';
import {
ERROR_CODE,
TOKEN_BASIC,
TOKEN_BEARER,
HEADERS,
HTTP_STATUS,
API_ERROR,
HEADER_TYPE,
CHARACTER_ENCODING
} from './constants';
import { logger } from './logger';
import { ERROR_CODE, TOKEN_BASIC, TOKEN_BEARER, HEADERS, HTTP_STATUS, API_ERROR, HEADER_TYPE, CHARACTER_ENCODING } from './constants';
const debug = buildDebug('verdaccio:up-storage');
const encode = function (thing): string {
return encodeURIComponent(thing).replace(/^%40/, '@');
@ -86,7 +80,7 @@ class ProxyStorage implements IProxy {
'Too big timeout value: ' + this.config.timeout,
'We changed time format to nginx-like one',
'(see http://nginx.org/en/docs/syntax.html)',
'so please update your config accordingly'
'so please update your config accordingly',
].join('\n')
);
}
@ -100,7 +94,7 @@ class ProxyStorage implements IProxy {
this.agent_options = setConfig(this.config, 'agent_options', {
keepAlive: true,
maxSockets: 40,
maxFreeSockets: 10
maxFreeSockets: 10,
});
}
@ -142,7 +136,7 @@ class ProxyStorage implements IProxy {
{
method: method,
headers: headers,
uri: uri
uri: uri,
},
"making request: '@{method} @{uri}'"
);
@ -202,8 +196,8 @@ class ProxyStorage implements IProxy {
error: error,
bytes: {
in: json ? json.length : 0,
out: responseLength || 0
}
out: responseLength || 0,
},
},
message
);
@ -221,12 +215,12 @@ class ProxyStorage implements IProxy {
gzip: true,
timeout: this.timeout,
strictSSL: this.strict_ssl,
agentOptions: this.agent_options
agentOptions: this.agent_options,
};
if (this.ca) {
requestOptions = Object.assign({}, requestOptions, {
ca: this.ca
ca: this.ca,
});
}
@ -248,9 +242,9 @@ class ProxyStorage implements IProxy {
{
request: {
method: method,
url: uri
url: uri,
},
status: _.isNull(res) === false ? res.statusCode : 'ERR'
status: _.isNull(res) === false ? res.statusCode : 'ERR',
},
message
);
@ -406,11 +400,8 @@ class ProxyStorage implements IProxy {
public isUplinkValid(url: string): boolean {
// $FlowFixMe
const urlParsed: UrlWithStringQuery = URL.parse(url);
const isHTTPS = (urlDomainParsed: URL): boolean =>
urlDomainParsed.protocol === 'https:' &&
(urlParsed.port === null || urlParsed.port === '443');
const getHost = (urlDomainParsed): boolean =>
isHTTPS(urlDomainParsed) ? urlDomainParsed.hostname : urlDomainParsed.host;
const isHTTPS = (urlDomainParsed: URL): boolean => urlDomainParsed.protocol === 'https:' && (urlParsed.port === null || urlParsed.port === '443');
const getHost = (urlDomainParsed): boolean => (isHTTPS(urlDomainParsed) ? urlDomainParsed.hostname : urlDomainParsed.host);
const isMatchProtocol: boolean = urlParsed.protocol === this.url.protocol;
const isMatchHost: boolean = getHost(urlParsed) === getHost(this.url);
// @ts-ignore
@ -437,7 +428,7 @@ class ProxyStorage implements IProxy {
uri: `/${encode(name)}`,
json: true,
headers: headers,
req: options.req
req: options.req,
},
(err, res, body): void => {
if (err) {
@ -447,9 +438,7 @@ class ProxyStorage implements IProxy {
return callback(ErrorCode.getNotFound(API_ERROR.NOT_PACKAGE_UPLINK));
}
if (!(res.statusCode >= HTTP_STATUS.OK && res.statusCode < HTTP_STATUS.MULTIPLE_CHOICES)) {
const error = ErrorCode.getInternalError(
`${API_ERROR.BAD_STATUS_CODE}: ${res.statusCode}`
);
const error = ErrorCode.getInternalError(`${API_ERROR.BAD_STATUS_CODE}: ${res.statusCode}`);
// $FlowFixMe
error.remoteStatus = res.statusCode;
return callback(error);
@ -474,8 +463,8 @@ class ProxyStorage implements IProxy {
uri_full: url,
encoding: null,
headers: {
Accept: contentTypeAccept
}
Accept: contentTypeAccept,
},
});
readStream.on('response', function (res: any) {
@ -483,10 +472,7 @@ class ProxyStorage implements IProxy {
return stream.emit('error', ErrorCode.getNotFound(API_ERROR.NOT_FILE_UPLINK));
}
if (!(res.statusCode >= HTTP_STATUS.OK && res.statusCode < HTTP_STATUS.MULTIPLE_CHOICES)) {
return stream.emit(
'error',
ErrorCode.getInternalError(`bad uplink status code: ${res.statusCode}`)
);
return stream.emit('error', ErrorCode.getInternalError(`bad uplink status code: ${res.statusCode}`));
}
if (res.headers[HEADER_TYPE.CONTENT_LENGTH]) {
expected_length = res.headers[HEADER_TYPE.CONTENT_LENGTH];
@ -524,8 +510,8 @@ class ProxyStorage implements IProxy {
uri: options.req.url,
req: options.req,
headers: {
referer: options.req.headers.referer
}
referer: options.req.headers.referer,
},
});
const parsePackage = (pkg: Package): void => {
@ -536,10 +522,7 @@ class ProxyStorage implements IProxy {
requestStream.on('response', (res): void => {
if (!String(res.statusCode).match(/^2\d\d$/)) {
return transformStream.emit(
'error',
ErrorCode.getInternalError(`bad status code ${res.statusCode} from uplink`)
);
return transformStream.emit('error', ErrorCode.getInternalError(`bad status code ${res.statusCode} from uplink`));
}
// See https://github.com/request/request#requestoptions-callback
@ -588,9 +571,7 @@ class ProxyStorage implements IProxy {
// FIXME: proxy logic is odd, something is wrong here.
// @ts-ignore
if (!this.proxy) {
headers['X-Forwarded-For'] =
(req.headers['x-forwarded-for'] ? req.headers['x-forwarded-for'] + ', ' : '') +
req.connection.remoteAddress;
headers['X-Forwarded-For'] = (req.headers['x-forwarded-for'] ? req.headers['x-forwarded-for'] + ', ' : '') + req.connection.remoteAddress;
}
}
@ -613,7 +594,7 @@ class ProxyStorage implements IProxy {
if (this.failed_requests >= this.max_fails) {
this.logger.warn(
{
host: this.url.host
host: this.url.host,
},
'host @{host} is back online'
);
@ -624,7 +605,7 @@ class ProxyStorage implements IProxy {
if (this.failed_requests === this.max_fails) {
this.logger.warn(
{
host: this.url.host
host: this.url.host,
},
'host @{host} is now offline'
);
@ -640,10 +621,7 @@ class ProxyStorage implements IProxy {
* @private
*/
private _ifRequestFailure(): boolean {
return (
this.failed_requests >= this.max_fails &&
Math.abs(Date.now() - (this.last_request_time as number)) < this.fail_timeout
);
return this.failed_requests >= this.max_fails && Math.abs(Date.now() - (this.last_request_time as number)) < this.fail_timeout;
}
/**
@ -653,12 +631,7 @@ class ProxyStorage implements IProxy {
* @param {*} mainconfig
* @param {*} isHTTPS
*/
private _setupProxy(
hostname: string,
config: UpLinkConfLocal,
mainconfig: Config,
isHTTPS: boolean
): void {
private _setupProxy(hostname: string, config: UpLinkConfLocal, mainconfig: Config, isHTTPS: boolean): void {
let noProxyList;
const proxy_key: string = isHTTPS ? 'https_proxy' : 'http_proxy';
@ -693,10 +666,7 @@ class ProxyStorage implements IProxy {
}
if (hostname.lastIndexOf(noProxyItem) === hostname.length - noProxyItem.length) {
if (this.proxy) {
this.logger.debug(
{ url: this.url.href, rule: noProxyItem },
'not using proxy for @{url}, excluded by @{rule} rule'
);
debug('not using proxy for %o, excluded by %o rule', this.url.href, noProxyItem);
// @ts-ignore
this.proxy = false;
}
@ -709,10 +679,7 @@ class ProxyStorage implements IProxy {
if (_.isString(this.proxy) === false) {
delete this.proxy;
} else {
this.logger.debug(
{ url: this.url.href, proxy: this.proxy },
'using proxy @{proxy} for @{url}'
);
debug('using proxy %o for %o', this.url.href, this.proxy);
}
}
}