Home Reference Source

Function

Static Public Summary
public

LOGGEDIN(req: *, res: *, next: *): *

Express middleware for blocking non-logged in users

public

async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *)

public

async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *)

public

async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *)

public

async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *)

public

async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *)

public

audit(source: string, event: string, params: string)

Fill in method for audit logging

public

bootstrap(app: *, config: *): ExpressMiddleware

Out boilerplate to make things easier.

public

callback(fn: Function, args: *): Promise

Calls a callback caller that calls a callback call for async instead of using promises.

public
public

defer(fn: Function, args: *)

Call a function later.

public

error(res: Response, message: string | object, audit: string, extra: string)

Return error status and payload as response.

public

escape(content: string): string

Encodes unencoded bits of string.

public

failure(settings: object): ExpressMiddlewareFunction

Implementation of failure aware rate restriction.

public

generate(length: number): string

generate strong password

public

Helper method that generates a new user id.

public

parse(searchMetadata: SearchMetadata, query: Query): ParsedQuery

Validate and parse Request.query against what is acceptable from a SearchMetadata specification

public

recaptcha(settings: object): ExpressMiddlewareFunction

Implementation of reCAPTCHA rate restriction.

public

reject(res: Response, audit: string, extra: string): *

Returns a function that calls res.error

public

resolve(res: Response, promiseObj: Promise, message: string | object, audit: string, extra: string)

Monitors a Promise and returns success or error based on promise outcome.

public

setup(app: Express, config: Config)

Library entry point

public

success(res: Response, message: string | object, audit: string, extra: string)

Return success status and payload as response.

Static Public

public LOGGEDIN(req: *, res: *, next: *): * source

Express middleware for blocking non-logged in users

Params:

NameTypeAttributeDescription
req *
res *
next *

Return:

*

public async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *) source

Params:

NameTypeAttributeDescription
user *
field *
value *
fieldMeta *
loginUser *

public async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *) source

Params:

NameTypeAttributeDescription
user *
field *
value *
fieldMeta *
loginUser *
config *

public async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *) source

Params:

NameTypeAttributeDescription
user *
field *
value *
fieldMeta *
loginUser *
config *

public async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *, config: *) source

Params:

NameTypeAttributeDescription
user *
field *
value *
fieldMeta *
loginUser *
config *

public async assign(user: *, field: *, value: *, fieldMeta: *, loginUser: *) source

Params:

NameTypeAttributeDescription
user *
field *
value *
fieldMeta *
loginUser *

public audit(source: string, event: string, params: string) source

Fill in method for audit logging

Use as req.audit(...) or res.audit(...)

Params:

NameTypeAttributeDescription
source string

source of event. e.g. user or ip

event string

type of event. e.g. user or ip

params string

data associated with event

public bootstrap(app: *, config: *): ExpressMiddleware source

Out boilerplate to make things easier.

Params:

NameTypeAttributeDescription
app *
config *

Return:

ExpressMiddleware

a middleware that will attach a bunch of convenience properties and functions to req and res.

public callback(fn: Function, args: *): Promise source

Calls a callback caller that calls a callback call for async instead of using promises.

Params:

NameTypeAttributeDescription
fn Function

function to call

args *
  • optional

arguments to call function with

Return:

Promise

It returns a promise which resolves on callback call.

public checkStrongPassword(password: *): boolean source

Params:

NameTypeAttributeDescription
password *

Return:

boolean

public defer(fn: Function, args: *) source

Call a function later.

Params:

NameTypeAttributeDescription
fn Function

function to call

args *

Can also specify 0 or more arguments to call function with.

public error(res: Response, message: string | object, audit: string, extra: string) source

Return error status and payload as response.

Params:

NameTypeAttributeDescription
res Response

use as res.error(...)

message string | object
  • optional
  • default: 'Failure'

error message to return; if a strig is specified, it will be converted to an error object

audit string
  • optional
  • default: false

audit event type

extra string
  • optional
  • default: undefined

extra audit payload which may help debug event

public escape(content: string): string source

Encodes unencoded bits of string.

E.g. escape("&&") should return "&&"

Params:

NameTypeAttributeDescription
content string

content to encode

Return:

string

public failure(settings: object): ExpressMiddlewareFunction source

Implementation of failure aware rate restriction.

Will intercept monitor requests. After a certain number of failures, it will block for a duration.

Requires block-failed package.

Params:

NameTypeAttributeDescription
settings object
  • optional

settings for rate restriction, or null to disable

settings.blockAttemptMs number

duration to monitor failure for

settings.blockAttemptCount number

number of failures allowed in this duration

settings.blockDurationMs number

duration to block for

Return:

ExpressMiddlewareFunction

public generate(length: number): string source

generate strong password

Params:

NameTypeAttributeDescription
length number
  • optional
  • default: 10

length of password to generate

Return:

string

public generateId(): string source

Helper method that generates a new user id.

This method uses current timestamp and random number generator to come up with unique ids.

Return:

string

public parse(searchMetadata: SearchMetadata, query: Query): ParsedQuery source

Validate and parse Request.query against what is acceptable from a SearchMetadata specification

Params:

NameTypeAttributeDescription
searchMetadata SearchMetadata
query Query

Return:

ParsedQuery

will validated and parsed query filters

public recaptcha(settings: object): ExpressMiddlewareFunction source

Implementation of reCAPTCHA rate restriction.

Will validate recaptcha using req.body.recaptchaResponse value.

Requires node-recaptcha2 package.

Params:

NameTypeAttributeDescription
settings object
  • optional

settings for recaptcha, or null to disable

settings.privateKey string

also known as secret key

settings.publicKey string

also known as site key

Return:

ExpressMiddlewareFunction

public reject(res: Response, audit: string, extra: string): * source

Returns a function that calls res.error

Params:

NameTypeAttributeDescription
res Response

use as res.reject(...)

audit string
  • optional
  • default: false

audit event type

extra string
  • optional
  • default: undefined

extra audit payload which may help debug event

Return:

*

public resolve(res: Response, promiseObj: Promise, message: string | object, audit: string, extra: string) source

Monitors a Promise and returns success or error based on promise outcome.

Params:

NameTypeAttributeDescription
res Response

use as res.resolve(...)

promiseObj Promise

Promise objecy to monitor

message string | object
  • optional
  • default: undefined

success or error message to return; if this is not specified, result of promise is returned.

audit string
  • optional
  • default: false

audit event type. note that '_SUCCESS' or '_FAILURE' is attached to this type depenidng on outcome

extra string
  • optional
  • default: undefined

extra audit payload which may help debug event

public setup(app: Express, config: Config) source

Library entry point

Params:

NameTypeAttributeDescription
app Express

result of express()

config Config

configuration

public success(res: Response, message: string | object, audit: string, extra: string) source

Return success status and payload as response.

Params:

NameTypeAttributeDescription
res Response

use as res.success(...)

message string | object
  • optional
  • default: 'Success'

success message to return

audit string
  • optional
  • default: false

audit event type

extra string
  • optional
  • default: undefined

extra audit payload which may help debug event