Skip to content

Commit 856a9d5

Browse files
committed
#375: processed feedback
1 parent e331c99 commit 856a9d5

File tree

10 files changed

+91
-24
lines changed

10 files changed

+91
-24
lines changed

docker/mongodb/init.js

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,14 @@
11

22
db = db.getSiblingDB('comify');
3-
db.tenant.insertOne({
4-
_id: 'localhost',
5-
origins: [
6-
'http://localhost:3000',
7-
'http://localhost:5173'
8-
]
9-
});
3+
db.tenant.updateOne(
4+
{ _id: 'localhost' },
5+
{
6+
$set: {
7+
origins: [
8+
'http://localhost:3000',
9+
'http://localhost:5173'
10+
]
11+
}
12+
},
13+
{ upsert: true }
14+
);

eslint.config.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,8 @@ export default tseslint.config(
1515
"**/dist/**/*",
1616
"**/node_modules/**/*",
1717
"**/coverage/**/*",
18-
"**/*config*"
18+
"**/*config*",
19+
"docker"
1920
]
2021
},
2122
{

src/domain/relation/getAggregated/getAggregated.ts

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@ import type { AggregatedData } from '../aggregate';
66
import aggregate from '../aggregate';
77
import get from '../get';
88

9-
109
export default async function getAggregated(requester: Requester, tenant: Tenant, followerId: string, followingId: string): Promise<AggregatedData>
1110
{
1211
const data = await get(followerId, followingId);
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
2+
import { ValidationError } from '^/integrations/runtime';
3+
4+
export default class InvalidOrigin extends ValidationError
5+
{
6+
7+
}

src/domain/tenant/getByOriginConverted/getByOriginConverted.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,12 @@
11

22
import getByOrigin from '../getByOrigin';
33
import type { Tenant } from '../types';
4+
import validateData from './validateData';
45

5-
export default async function getFormatted(origin: string): Promise<Tenant>
6+
export default async function getByOriginConverted(origin: string): Promise<Tenant>
67
{
8+
validateData({ origin });
9+
710
const tenant = await getByOrigin(origin);
811

912
return {
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
2+
import { type Tenant } from '../types';
3+
4+
export type ValidationModel = Pick<Tenant, 'origin'>;
Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
2+
import type { ValidationSchema } from '^/integrations/validation';
3+
import validator from '^/integrations/validation';
4+
5+
import InvalidOrigin from './InvalidOrigin';
6+
import { type ValidationModel } from './types';
7+
8+
const schema: ValidationSchema =
9+
{
10+
origin:
11+
{
12+
message: 'Invalid origin',
13+
URL:
14+
{
15+
required: true
16+
}
17+
}
18+
};
19+
20+
export default function validateData({ origin }: ValidationModel): void
21+
{
22+
const result = validator.validate({ origin }, schema);
23+
24+
if (result.invalid)
25+
{
26+
throw new InvalidOrigin(result.messages);
27+
}
28+
}

src/integrations/runtime/middlewares/OriginMiddleware.ts

Lines changed: 31 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,21 @@
22
import type { Middleware, NextHandler, Request } from 'jitar';
33
import { BadRequest, type Response } from 'jitar';
44

5+
import type { ValidationSchema } from '^/integrations/validation';
6+
import validator from '^/integrations/validation';
7+
58
const TENANT_COOKIE_NAME = 'x-tenant-origin';
9+
const schema: ValidationSchema =
10+
{
11+
origin:
12+
{
13+
message: 'Invalid origin',
14+
URL:
15+
{
16+
required: true
17+
}
18+
}
19+
};
620

721
export default class OriginMiddleware implements Middleware
822
{
@@ -19,18 +33,16 @@ export default class OriginMiddleware implements Middleware
1933
origin = this.#getOriginFromHeader(request);
2034
}
2135

22-
if (origin === undefined)
23-
{
24-
throw new BadRequest('Missing origin');
25-
}
36+
this.#validateOriginValue(origin);
2637

27-
request.setHeader('origin', origin);
38+
// The origin header is validated and set here for use in other middlewares
39+
request.setHeader('origin', origin as string);
2840

2941
const response = await next();
3042

3143
if (fromCookie === false)
3244
{
33-
this.#setOriginCookie(response, origin);
45+
this.#setOriginCookie(response, origin as string);
3446
}
3547

3648
return response;
@@ -50,17 +62,27 @@ export default class OriginMiddleware implements Middleware
5062
return;
5163
}
5264

53-
for (const cookie of header.split('; '))
65+
for (const cookie of header.split(';'))
5466
{
5567
const [key, value] = cookie.split('=');
5668

57-
if (key === TENANT_COOKIE_NAME)
69+
if (key.trim() === TENANT_COOKIE_NAME)
5870
{
59-
return value;
71+
return value?.trim();
6072
}
6173
}
6274
}
6375

76+
#validateOriginValue(value: string | undefined): void
77+
{
78+
const result = validator.validate({ url: value }, schema);
79+
80+
if (result.invalid)
81+
{
82+
throw new BadRequest('Invalid origin');
83+
}
84+
}
85+
6486
#setOriginCookie(response: Response, origin: string): void
6587
{
6688
response.setHeader('Set-Cookie', `${TENANT_COOKIE_NAME}=${origin}; Path=/; HttpOnly=true; SameSite=Strict; Secure`);

src/integrations/runtime/middlewares/TenantMiddleware.ts

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,13 +31,11 @@ export default class TenantMiddleware implements Middleware
3131

3232
const response = await next();
3333

34-
if (response.status >= 500)
34+
if (response.status < 500)
3535
{
36-
return response;
36+
this.#cache.set(origin, response);
3737
}
3838

39-
this.#cache.set(origin, response);
40-
4139
return response;
4240
}
4341

src/webui/components/common/TenantContainer.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ export default function Component({ children }: Props)
2323

2424
}, [tenant]);
2525

26-
if (tenant === undefined) return;
26+
if (tenant === undefined) return null;
2727

2828
return children;
2929
}

0 commit comments

Comments
 (0)