diff --git a/api/package.json b/api/package.json index d10004a..e4c196e 100644 --- a/api/package.json +++ b/api/package.json @@ -15,10 +15,9 @@ "lint:fix": "npx prettier --write \"src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"", "lint": "npx prettier --check \"src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"", "package:lib": "npm run build && cp ./package.json build && cp README.md build && cd build && npm version \"5.0.0\" && npm pack", - "exe:prepare": "npm run build && cd build && npm run api && npm run public:copy && npm run web && pkg .", - "api": "npm run api:mkdir && npm run api:copy", - "api:mkdir": "mkdir tmp && mkdir tmp/files && mkdir tmp/logs && mkdir tmp/webouts && mkdir tmp/sessions", - "api:copy": "cp -r ../tmp/ ./tmp/", + "exe": "npm run exe:prepare && npm run exe:run", + "exe:prepare": "npm run build && cd build && npm run public:copy && npm run web && pkg .", + "exe:run": "cd build && ACCESS_TOKEN_SECRET=123 REFRESH_TOKEN_SECRET=456 AUTH_CODE_SECRET=789 DB_CONNECT=\"mongodb+srv://deved:69OFYcgJ1r3Z8ilN@cluster0.hj4h5.mongodb.net/sasjs_server?retryWrites=true&w=majority\" ./dist/api", "public:copy": "cp -r ../public/ ./public/", "web": "cd .. && npm run web:mkdir && npm run web:copy && cd build", "web:mkdir": "rimraf web && mkdir web && mkdir web/build", @@ -27,7 +26,6 @@ "bin": "src/server.js", "pkg": { "assets": [ - "tmp/files/**/*", "public/**/*", "../web/build/**/*" ], diff --git a/api/src/middlewares/authenticateToken.ts b/api/src/middlewares/authenticateToken.ts index 45e1d07..1cc8dd5 100644 --- a/api/src/middlewares/authenticateToken.ts +++ b/api/src/middlewares/authenticateToken.ts @@ -28,6 +28,9 @@ const authenticateToken = ( key: string, tokenType: 'accessToken' | 'refreshToken' = 'accessToken' ) => { + const { MODE } = process.env + if (MODE === 'desktop') return next() + const authHeader = req.headers['authorization'] const token = authHeader?.split(' ')[1] if (!token) return res.sendStatus(401) diff --git a/api/src/middlewares/desktopRestrict.ts b/api/src/middlewares/desktopRestrict.ts new file mode 100644 index 0000000..7c744b0 --- /dev/null +++ b/api/src/middlewares/desktopRestrict.ts @@ -0,0 +1,7 @@ +export const desktopRestrict = (req: any, res: any, next: any) => { + const { MODE } = process.env + if (MODE === 'desktop') + return res.status(403).send('Not Allowed while in Desktop Mode.') + + next() +} diff --git a/api/src/middlewares/index.ts b/api/src/middlewares/index.ts index e56d570..3c32d97 100644 --- a/api/src/middlewares/index.ts +++ b/api/src/middlewares/index.ts @@ -1,3 +1,4 @@ export * from './authenticateToken' +export * from './desktopRestrict' export * from './verifyAdmin' export * from './verifyAdminIfNeeded' diff --git a/api/src/middlewares/verifyAdmin.ts b/api/src/middlewares/verifyAdmin.ts index 619128d..69d5010 100644 --- a/api/src/middlewares/verifyAdmin.ts +++ b/api/src/middlewares/verifyAdmin.ts @@ -1,4 +1,7 @@ export const verifyAdmin = (req: any, res: any, next: any) => { + const { MODE } = process.env + if (MODE === 'desktop') return next() + const { user } = req if (!user?.isAdmin) return res.status(401).send('Admin account required') next() diff --git a/api/src/routes/api/auth.ts b/api/src/routes/api/auth.ts index c9fd789..42b0599 100644 --- a/api/src/routes/api/auth.ts +++ b/api/src/routes/api/auth.ts @@ -25,6 +25,12 @@ export const populateClients = async () => { } export const connectDB = () => { + const { MODE } = process.env + if (MODE === 'desktop') { + console.log('Running in Destop Mode, no DB to connect.') + return + } + // NOTE: when exporting app.js as agent for supertest // we should exlcude connecting to the real database if (process.env.NODE_ENV !== 'test') { diff --git a/api/src/routes/api/index.ts b/api/src/routes/api/index.ts index 2bce3d5..22cec0f 100644 --- a/api/src/routes/api/index.ts +++ b/api/src/routes/api/index.ts @@ -2,7 +2,11 @@ import express from 'express' import dotenv from 'dotenv' import swaggerUi from 'swagger-ui-express' -import { authenticateAccessToken, verifyAdmin } from '../../middlewares' +import { + authenticateAccessToken, + desktopRestrict, + verifyAdmin +} from '../../middlewares' import driveRouter from './drive' import stpRouter from './stp' @@ -16,12 +20,18 @@ connectDB() const router = express.Router() -router.use('/auth', authRouter) -router.use('/client', authenticateAccessToken, verifyAdmin, clientRouter) +router.use('/auth', desktopRestrict, authRouter) +router.use( + '/client', + desktopRestrict, + authenticateAccessToken, + verifyAdmin, + clientRouter +) router.use('/drive', authenticateAccessToken, driveRouter) -router.use('/group', groupRouter) +router.use('/group', desktopRestrict, groupRouter) router.use('/stp', authenticateAccessToken, stpRouter) -router.use('/user', userRouter) +router.use('/user', desktopRestrict, userRouter) router.use( '/', swaggerUi.serve, diff --git a/api/src/routes/web/web.ts b/api/src/routes/web/web.ts index d6e61c6..d247736 100644 --- a/api/src/routes/web/web.ts +++ b/api/src/routes/web/web.ts @@ -1,3 +1,4 @@ +import { readFile } from '@sasjs/utils' import express from 'express' import path from 'path' import { getWebBuildFolderPath } from '../../utils' @@ -5,7 +6,24 @@ import { getWebBuildFolderPath } from '../../utils' const webRouter = express.Router() webRouter.get('/', async (_, res) => { - res.sendFile(path.join(getWebBuildFolderPath(), 'index.html')) + const indexHtmlPath = path.join(getWebBuildFolderPath(), 'index.html') + + const { MODE } = process.env + if (MODE === 'desktop') { + const content = await readFile(indexHtmlPath) + + const codeToInject = ` + ` + const injectedContent = content.replace('', `${codeToInject}`) + + res.setHeader('Content-Type', 'text/html') + return res.send(injectedContent) + } + + res.sendFile(indexHtmlPath) }) export default webRouter diff --git a/api/src/utils/file.ts b/api/src/utils/file.ts index 3c62504..1b99740 100644 --- a/api/src/utils/file.ts +++ b/api/src/utils/file.ts @@ -5,7 +5,7 @@ export const getWebBuildFolderPath = () => getRealPath(path.join(__dirname, '..', '..', '..', 'web', 'build')) export const getTmpFolderPath = () => - getRealPath(path.join(__dirname, '..', '..', 'tmp')) + getRealPath(path.join(process.cwd(), 'tmp')) export const getTmpFilesFolderPath = () => path.join(getTmpFolderPath(), 'files')