ros/automaker
1
0
Fork 0
mirror of https://github.com/AutoMaker-Org/automaker.git synced 2026-01-31 06:42:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: update project management and API integration

Browse Source 
- Added new scripts for server development and full application startup in package.json.
- Enhanced project management by checking for existing projects to avoid duplicates.
- Improved API integration with better error handling and connection checks in the Electron API.
- Updated UI components to reflect changes in project and session management.
- Refactored authentication status display to include more detailed information on methods used.
This commit is contained in:
SuperComboGamer
2025-12-12 00:23:43 -05:00
parent 02a1af3314
commit 4b9bd2641f
44 changed files with 8287 additions and 703 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
apps/server/src/lib/security.ts Normal file
View File

@@ -0,0 +1,72 @@
/**
* Security utilities for path validation
*/
import path from "path";
// Allowed project directories - loaded from environment
const allowedPaths = new Set<string>();
/**
* Initialize allowed paths from environment variable
*/
export function initAllowedPaths(): void {
const dirs = process.env.ALLOWED_PROJECT_DIRS;
if (dirs) {
for (const dir of dirs.split(",")) {
const trimmed = dir.trim();
if (trimmed) {
allowedPaths.add(path.resolve(trimmed));
}
}
}
// Always allow the data directory
const dataDir = process.env.DATA_DIR;
if (dataDir) {
allowedPaths.add(path.resolve(dataDir));
}
}
/**
* Add a path to the allowed list
*/
export function addAllowedPath(filePath: string): void {
allowedPaths.add(path.resolve(filePath));
}
/**
* Check if a path is allowed
*/
export function isPathAllowed(filePath: string): boolean {
const resolved = path.resolve(filePath);
// Check if the path is under any allowed directory
for (const allowed of allowedPaths) {
if (resolved.startsWith(allowed + path.sep) || resolved === allowed) {
return true;
}
}
return false;
}
/**
* Validate a path and throw if not allowed
*/
export function validatePath(filePath: string): string {
const resolved = path.resolve(filePath);
if (!isPathAllowed(resolved)) {
throw new Error(`Access denied: ${filePath} is not in an allowed directory`);
}
return resolved;
}
/**
* Get list of allowed paths (for debugging)
*/
export function getAllowedPaths(): string[] {
return Array.from(allowedPaths);
}