/* eslint prefer-rest-params: "off" */ 'use strict'; const crypto = require('crypto'); const Error = require('http-errors'); const utils = require('./utils'); const Logger = require('./logger'); module.exports.match = function match(regexp) { return function(req, res, next, value, name) { if (regexp.exec(value)) { next(); } else { next('route'); } }; }; module.exports.validate_name = function validate_name(req, res, next, value, name) { if (value.charAt(0) === '-') { // special case in couchdb usually next('route'); } else if (utils.validate_name(value)) { next(); } else { next( Error[403]('invalid ' + name) ); } }; module.exports.validate_package = function validate_package(req, res, next, value, name) { if (value.charAt(0) === '-') { // special case in couchdb usually next('route'); } else if (utils.validate_package(value)) { next(); } else { next( Error[403]('invalid ' + name) ); } }; module.exports.media = function media(expect) { return function(req, res, next) { if (req.headers['content-type'] !== expect) { next( Error[415]('wrong content-type, expect: ' + expect + ', got: '+req.headers['content-type']) ); } else { next(); } }; }; module.exports.expect_json = function expect_json(req, res, next) { if (!utils.is_object(req.body)) { return next( Error[400]('can\'t parse incoming json') ); } next(); }; module.exports.anti_loop = function(config) { return function(req, res, next) { if (req.headers.via != null) { let arr = req.headers.via.split(','); for (let i=0; i= 200 && res.statusCode < 300)) { res.header('ETag', '"' + md5sum(body) + '"'); } } else { // send(null), send(204), etc. } } catch(err) { // if verdaccio sends headers first, and then calls res.send() // as an error handler, we can't report error properly, // and should just close socket if (err.message.match(/set headers after they are sent/)) { if (res.socket != null) res.socket.destroy(); return; } else { throw err; } } res.send(body); }; module.exports.log = function(req, res, next) { // logger req.log = Logger.logger.child({sub: 'in'}); let _auth = req.headers.authorization; if (_auth != null) req.headers.authorization = ''; let _cookie = req.headers.cookie; if (_cookie != null) req.headers.cookie = ''; req.url = req.originalUrl; req.log.info( {req: req, ip: req.ip} , '@{ip} requested \'@{req.method} @{req.url}\'' ); req.originalUrl = req.url; if (_auth != null) req.headers.authorization = _auth; if (_cookie != null) req.headers.cookie = _cookie; let bytesin = 0; req.on('data', function(chunk) { bytesin += chunk.length; }); let bytesout = 0; let _write = res.write; res.write = function(buf) { bytesout += buf.length; _write.apply(res, arguments); }; const log = function() { let forwardedFor = req.headers['x-forwarded-for']; let remoteAddress = req.connection.remoteAddress; let remoteIP = forwardedFor ? `${forwardedFor} via ${remoteAddress}` : remoteAddress; let message = '@{status}, user: @{user}(@{remoteIP}), req: \'@{request.method} @{request.url}\''; if (res._verdaccio_error) { message += ', error: @{!error}'; } else { message += ', bytes: @{bytes.in}/@{bytes.out}'; } req.url = req.originalUrl; req.log.warn({ request: {method: req.method, url: req.url}, level: 35, // http user: req.remote_user && req.remote_user.name, remoteIP, status: res.statusCode, error: res._verdaccio_error, bytes: { in: bytesin, out: bytesout, }, }, message); req.originalUrl = req.url; }; req.on('close', function() { log(true); }); let _end = res.end; res.end = function(buf) { if (buf) bytesout += buf.length; _end.apply(res, arguments); log(); }; next(); };