Home Explore Help
Sign In
SMusatov
/
wiki-js
mirror of https://github.com/requarks/wiki.git
1
0
Fork 0
Files Wiki
Tree: d9523fe393
Branches Tags
wiki-js
/
server
/
helpers
/
security.mjs

security.mjs 1014 B
History Raw

1234567891011121314151617181920212223242526272829303132333435363738 
  1. import util from 'node:util'
    2. 

  2. import crypto from 'node:crypto'
    3. 

  3. import passportJWT from 'passport-jwt'
    4. 

  4. 

  5. const randomBytes = util.promisify(crypto.randomBytes)
    6. 

  6. 

  7. export function sanitizeCommitUser (user) {
    8. 

  8.   // let wlist = new RegExp('[^a-zA-Z0-9-_.\',& ' + appdata.regex.cjk + appdata.regex.arabic + ']', 'g')
    9. 

  9.   // return {
    10. 

  10.   //   name: _.chain(user.name).replace(wlist, '').trim().value(),
    11. 

  11.   //   email: appconfig.git.showUserEmail ? user.email : appconfig.git.serverEmail
    12. 

  12.   // }
    13. 

  13. }
    14. 

  14. 

  15. /**
    16. 

  16.  * Generate a random token
    17. 

  17.  *
    18. 

  18.  * @param {any} length
    19. 

  19.  * @returns
    20. 

  20.  */
    21. 

  21. export async function generateToken (length) {
    22. 

  22.   return (await randomBytes(length)).toString('hex')
    23. 

  23. }
    24. 

  24. 

  25. export const extractJWT = passportJWT.ExtractJwt.fromExtractors([
    26. 

  26.   passportJWT.ExtractJwt.fromAuthHeaderAsBearerToken(),
    27. 

  27.   (req) => {
    28. 

  28.     let token = null
    29. 

  29.     if (req && req.cookies) {
    30. 

  30.       token = req.cookies['jwt']
    31. 

  31.     }
    32. 

  32.     // Force uploads to use Auth headers
    33. 

  33.     if (req.path.toLowerCase() === '/u') {
    34. 

  34.       return null
    35. 

  35.     }
    36. 

  36.     return token
    37. 

  37.   }
    38. 

  38. ])
    39.