Fixing an issue with cookie auth.

2024-06-13 16:05:06 +12:00 · 2022-04-27 16:56:30 +01:00 · 2022-04-27 16:56:30 +01:00 · 00c67289b0
parent 056d9defe4
commit 00c67289b0
3 changed files with 44 additions and 48 deletions
--- a/packages/backend-core/src/db/pouch.js
+++ b/packages/backend-core/src/db/pouch.js
@ -1,35 +1,36 @@
 const PouchDB = require("pouchdb")
 const env = require("../environment")

-exports.getCouchUrl = () => {
-  if (!env.COUCH_DB_URL) return
-
-  // username and password already exist in URL
-  if (env.COUCH_DB_URL.includes("@")) {
-    return env.COUCH_DB_URL
+exports.getCouchInfo = () => {
+  let url = "http://localhost:4005"
+  if (env.COUCH_DB_URL && env.COUCH_DB_URL.includes("@")) {
+    url = env.COUCH_DB_URL
+  } else if (env.COUCH_DB_URL) {
+    const [protocol, ...rest] = env.COUCH_DB_URL.split("://")
+    url = `${protocol}://${env.COUCH_DB_USERNAME}:${env.COUCH_DB_PASSWORD}@${rest}`
+    if (!env.COUCH_DB_USERNAME || !env.COUCH_DB_PASSWORD) {
+      throw new Error(
+        "CouchDB configuration invalid. You must provide a fully qualified CouchDB url, or the COUCH_DB_USER and COUCH_DB_PASSWORD environment variables."
+      )
+    }
  }
-
-  const [protocol, ...rest] = env.COUCH_DB_URL.split("://")
-
-  if (!env.COUCH_DB_USERNAME || !env.COUCH_DB_PASSWORD) {
-    throw new Error(
-      "CouchDB configuration invalid. You must provide a fully qualified CouchDB url, or the COUCH_DB_USER and COUCH_DB_PASSWORD environment variables."
-    )
-  }
-
-  return `${protocol}://${env.COUCH_DB_USERNAME}:${env.COUCH_DB_PASSWORD}@${rest}`
-}
-
-exports.splitCouchUrl = url => {
  const [protocol, rest] = url.split("://")
  const [auth, host] = rest.split("@")
-  const [username, password] = auth.split(":")
+  let [username, password] = auth.split(":")
+  if (!username && env.COUCH_DB_USERNAME) {
+    username = env.COUCH_DB_USERNAME
+  }
+  if (!password && env.COUCH_DB_PASSWORD) {
+    password = env.COUCH_DB_PASSWORD
+  }
+  const authCookie = Buffer.from(`${username}:${password}`).toString("base64")
  return {
    url: `${protocol}://${host}`,
    auth: {
-      username,
-      password,
+      username: username,
+      password: password,
    },
+    cookie: `Basic ${authCookie}`,
  }
 }

@ -39,26 +40,12 @@ exports.splitCouchUrl = url => {
 * Exposed for exceptional cases such as in-memory views.
 */
 exports.getPouch = (opts = {}) => {
-  let auth = {
-    username: env.COUCH_DB_USERNAME,
-    password: env.COUCH_DB_PASSWORD,
-  }
-  let url = exports.getCouchUrl() || "http://localhost:4005"
-  // need to update security settings
-  if (!auth.username || !auth.password || url.includes("@")) {
-    const split = exports.splitCouchUrl(url)
-    url = split.url
-    auth = split.auth
-  }
-
-  const authCookie = Buffer.from(`${auth.username}:${auth.password}`).toString(
-    "base64"
-  )
+  let { url, cookie } = exports.getCouchInfo()
  let POUCH_DB_DEFAULTS = {
    prefix: url,
    fetch: (url, opts) => {
      // use a specific authorization cookie - be very explicit about how we authenticate
-      opts.headers.set("Authorization", `Basic ${authCookie}`)
+      opts.headers.set("Authorization", cookie)
      return PouchDB.fetch(url, opts)
    },
  }
--- a/packages/backend-core/src/db/utils.js
+++ b/packages/backend-core/src/db/utils.js
@ -12,7 +12,7 @@ const {
 const { getTenantId, getGlobalDBName } = require("../tenancy")
 const fetch = require("node-fetch")
 const { doWithDB, allDbs } = require("./index")
-const { getCouchUrl } = require("./pouch")
+const { getCouchInfo } = require("./pouch")
 const { getAppMetadata } = require("../cache/appMetadata")
 const { checkSlashesInUrl } = require("../helpers")
 const {
@ -169,8 +169,14 @@ exports.getAllDbs = async (opts = { efficient: false }) => {
    return allDbs()
  }
  let dbs = []
-  async function addDbs(url) {
-    const response = await fetch(checkSlashesInUrl(encodeURI(url)))
+  let { url, cookie } = getCouchInfo()
+  async function addDbs(couchUrl) {
+    const response = await fetch(checkSlashesInUrl(encodeURI(couchUrl)), {
+      method: "GET",
+      headers: {
+        Authorization: cookie,
+      },
+    })
    if (response.status === 200) {
      let json = await response.json()
      dbs = dbs.concat(json)
@ -178,7 +184,7 @@ exports.getAllDbs = async (opts = { efficient: false }) => {
      throw "Cannot connect to CouchDB instance"
    }
  }
-  let couchUrl = `${getCouchUrl()}/_all_dbs`
+  let couchUrl = `${url}/_all_dbs`
  let tenantId = getTenantId()
  if (!env.MULTI_TENANCY || (!efficient && tenantId === DEFAULT_TENANT_ID)) {
    // just get all DBs when:
--- a/packages/server/src/api/controllers/row/internalSearch.js
+++ b/packages/server/src/api/controllers/row/internalSearch.js
@ -1,6 +1,6 @@
 const { SearchIndexes } = require("../../../db/utils")
 const fetch = require("node-fetch")
-const { getCouchUrl } = require("@budibase/backend-core/db")
+const { getCouchInfo } = require("@budibase/backend-core/db")
 const { getAppId } = require("@budibase/backend-core/context")

 /**
@ -242,11 +242,10 @@ class QueryBuilder {

  async run() {
    const appId = getAppId()
-    const url = `${getCouchUrl()}/${appId}/_design/database/_search/${
-      SearchIndexes.ROWS
-    }`
+    const { url, cookie } = getCouchInfo()
+    const fullPath = `${url}/${appId}/_design/database/_search/${SearchIndexes.ROWS}`
    const body = this.buildSearchBody()
-    return await runQuery(url, body)
+    return await runQuery(fullPath, body, cookie)
  }
 }

@ -254,12 +253,16 @@ class QueryBuilder {
 * Executes a lucene search query.
 * @param url The query URL
 * @param body The request body defining search criteria
+ * @param cookie The auth cookie for CouchDB
 * @returns {Promise<{rows: []}>}
 */
-const runQuery = async (url, body) => {
+const runQuery = async (url, body, cookie) => {
  const response = await fetch(url, {
    body: JSON.stringify(body),
    method: "POST",
+    headers: {
+      Authorization: cookie,
+    },
  })
  const json = await response.json()