feat: default add cookie for http parser (#540)

midwayjs · Jul 18, 2020 · 5799e96 · 5799e96
1 parent 274318b
commit 5799e96
Show file tree

Hide file tree

Showing 7 changed files with 137 additions and 1 deletion.
diff --git a/packages/faas-typings/typings/common.ts b/packages/faas-typings/typings/common.ts
@@ -1,6 +1,87 @@
+import { IncomingMessage, ServerResponse } from 'http';
 import { FC } from './fc';
 import { SCF } from './scf';
 
+interface CookieGetOption {
+  signed: boolean;
+}
+
+interface CookieSetOption {
+  /**
+   * a number representing the milliseconds from Date.now() for expiry
+   */
+  maxAge?: number;
+  /**
+   * a Date object indicating the cookie's expiration
+   * date (expires at the end of session by default).
+   */
+  expires?: Date;
+  /**
+   * a string indicating the path of the cookie (/ by default).
+   */
+  path?: string;
+  /**
+   * a string indicating the domain of the cookie (no default).
+   */
+  domain?: string;
+  /**
+   * a boolean indicating whether the cookie is only to be sent
+   * over HTTPS (false by default for HTTP, true by default for HTTPS).
+   */
+  secure?: boolean;
+  /**
+   * "secureProxy" option is deprecated; use "secure" option, provide "secure" to constructor if needed
+   */
+  secureProxy?: boolean;
+  /**
+   * a boolean indicating whether the cookie is only to be sent over HTTP(S),
+   * and not made available to client JavaScript (true by default).
+   */
+  httpOnly?: boolean;
+  /**
+   * a boolean or string indicating whether the cookie is a "same site" cookie (false by default).
+   * This can be set to 'strict', 'lax', or true (which maps to 'strict').
+   */
+  sameSite?: 'strict' | 'lax' | 'none' | boolean;
+  /**
+   * a boolean indicating whether the cookie is to be signed (false by default).
+   * If this is true, another cookie of the same name with the .sig suffix
+   * appended will also be sent, with a 27-byte url-safe base64 SHA1 value
+   * representing the hash of cookie-name=cookie-value against the first Keygrip key.
+   * This signature key is used to detect tampering the next time a cookie is received.
+   */
+  signed?: boolean;
+  /**
+   * a boolean indicating whether to overwrite previously set
+   * cookies of the same name (false by default). If this is true,
+   * all cookies set during the same request with the same
+   * name (regardless of path or domain) are filtered out of
+   * the Set-Cookie header when setting this cookie.
+   */
+  overwrite?: boolean;
+}
+
+interface Cookies {
+  secure: boolean;
+  request: IncomingMessage;
+  response: ServerResponse;
+
+  /**
+   * This extracts the cookie with the given name from the
+   * Cookie header in the request. If such a cookie exists,
+   * its value is returned. Otherwise, nothing is returned.
+   */
+  get(name: string, opts?: CookieGetOption): string | undefined;
+
+  /**
+   * This sets the given cookie in the response and returns
+   * the current context to allow chaining.If the value is omitted,
+   * an outbound header with an expired date is used to delete the cookie.
+   */
+  set(name: string, value: string, opts?: CookieSetOption): this;
+  set(name: string, opts?: CookieSetOption): this;
+}
+
 interface ContextDelegatedRequest {
   /**
    * Check if the given `type(s)` is acceptable, returning
@@ -342,6 +423,10 @@ export interface FaaSHTTPContext
    * FaaS original event object.
    */
   originEvent: any;
+  /**
+   * FaaS Cookies Object
+   */
+  cookies: Cookies;
 }
 
 export type FaaSOriginContext = FC.RequestContext | SCF.RequestContext;
diff --git a/packages/faas/src/starter.ts b/packages/faas/src/starter.ts
@@ -227,6 +227,9 @@ export class FaaSStarter implements IFaaSStarter {
       this.addConfiguration('./configuration', __dirname, MIDWAY_FAAS_KEY);
       this.prepareConfiguration();
 
+      // set app keys
+      this.webApplication['keys'] = this.webApplication.getConfig('keys') || '';
+
       this.loader.loadDirectory(opts);
       this.registerDecorator();
       await this.loader.refresh();

diff --git a/packages/serverless-http-parser/package.json b/packages/serverless-http-parser/package.json
@@ -7,6 +7,7 @@
     "@midwayjs/faas-typings": "^1.0.7",
     "accepts": "^1.3.7",
     "cache-content-type": "^1.0.1",
+    "cookies": "^0.8.0",
     "encodeurl": "^1.0.2",
     "escape-html": "^1.0.3",
     "koa-compose": "^4.1.0",

diff --git a/packages/serverless-http-parser/src/context.ts b/packages/serverless-http-parser/src/context.ts
@@ -1,5 +1,8 @@
 import { FaaSOriginContext } from '@midwayjs/faas-typings';
 import * as util from 'util';
+const Cookies = require('cookies');
+
+const COOKIES = Symbol('context#cookies');
 
 export const context = {
   app: null,
@@ -211,4 +214,26 @@ export const context = {
       socket: '<original node socket>',
     };
   },
+
+  get cookies() {
+    if (!this[COOKIES]) {
+      const resProxy = new Proxy(this.res, {
+        get(obj, prop) {
+          // 这里屏蔽 set 方法，是因为 cookies 模块中根据这个方法获取 setHeader 方法
+          if (prop !== 'set') {
+            return obj[prop];
+          }
+        },
+      });
+      this[COOKIES] = new Cookies(this.req, resProxy, {
+        keys: this.app.keys,
+        secure: this.request.secure,
+      });
+    }
+    return this[COOKIES];
+  },
+
+  set cookies(_cookies) {
+    this[COOKIES] = _cookies;
+  },
 };
diff --git a/packages/serverless-http-parser/src/request.ts b/packages/serverless-http-parser/src/request.ts
@@ -227,4 +227,24 @@ export const request = {
   toJSON() {
     return only(this, ['method', 'url', 'header']);
   },
+
+  get protocol() {
+    // TODO 现在函数没有透出协议
+    const proto = this.get('X-Forwarded-Proto');
+    return proto ? proto.split(/\s*,\s*/, 1)[0] : 'http';
+  },
+
+  /**
+   * Short-hand for:
+   *
+   *    this.protocol == 'https'
+   *
+   * @return {Boolean}
+   * @api public
+   */
+
+  get secure() {
+    // TODO 现在函数没有透出协议
+    return false;
+  },
 };
diff --git a/packages/serverless-http-parser/test/index.test.ts b/packages/serverless-http-parser/test/index.test.ts
@@ -160,6 +160,8 @@ describe('test http parser', () => {
 
     assert.deepStrictEqual(context.request.body, '{"a":"1"}');
 
+    assert(context.cookies.get('_ga') === 'GA1.2.690852134.1546410522');
+
     // get request header
     assert.deepStrictEqual(
       context.get('User-Agent'),

diff --git a/packages/serverless-http-parser/test/resource/fc_http.json b/packages/serverless-http-parser/test/resource/fc_http.json
@@ -13,7 +13,7 @@
     "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
     "accept-language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7",
     "cache-control": "max-age=0",
-    "cookie": "****",
+    "cookie": "_ga=GA1.2.690852134.1546410522;",
     "upgrade-insecure-requests": "1",
     "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
   }