Merge branch 'fix/security' into 'dev'

Fix/security See merge request locker/web!10
lockerpm · Aug 7, 2023 · 10b722d · 10b722d
2 parents e53bf95 + 33787ac
commit 10b722d
Show file tree

Hide file tree

Showing 7 changed files with 2,906 additions and 2,705 deletions.
diff --git a/package.json b/package.json
@@ -23,10 +23,10 @@
   "author": "[email protected] <[email protected]>",
   "license": "MIT",
   "engines": {
-    "node": ">=12.13.0"
+    "node": ">=16"
   },
   "resolutions": {
-    "@types/node": "12.12.6"
+    "@types/node": "16"
   },
   "devDependencies": {
     "@fortawesome/fontawesome-free": "5.15.3",
@@ -57,7 +57,7 @@
   },
   "dependencies": {
     "@fortawesome/fontawesome-svg-core": "^6.2.0",
-    "@notionhq/client": "^1.0.4",
+    "@notionhq/client": "^2.2.10",
     "@nuxtjs/axios": "^5.13.6",
     "@nuxtjs/feed": "^2.0.0",
     "@nuxtjs/gtm": "^2.4.0",
@@ -86,7 +86,7 @@
     "nanoid": "^3.1.22",
     "node-forge": "^1.3.1",
     "numeral": "^2.0.6",
-    "nuxt": "2.15.8",
+    "nuxt": "2.17.1",
     "nuxt-client-init-module": "^0.3.0",
     "nuxt-i18n": "^6.26.0",
     "nuxt-user-agent": "^1.2.2",

diff --git a/src/renderer/nuxt.config.js b/src/renderer/nuxt.config.js
@@ -276,6 +276,7 @@ module.exports = {
     }
   ],
   serverMiddleware: [
+    // Notion - Whitepaper
     { path: '/api', handler: '~/server-middleware/rest.js' },
     { path: '/api/content', handler: '~/server-middleware/notion.js' },
     { path: '/api/top-banner', handler: '~/server-middleware/topBanner.js' },

diff --git a/src/renderer/pages/blog/_slug.vue b/src/renderer/pages/blog/_slug.vue
@@ -193,136 +193,141 @@ import Post from '~/components/landing/blog/Post'
 
 export default {
   components: { Post },
+
   layout: 'landing',
+
   scrollToTop: true,
+
   async asyncData ({ store, params, error }) {
-    const slug = encodeURIComponent(params.slug)
-    const language = store.state.i18n.locale
-    const { data } = await axios.get(
-      `${process.env.blogUrl}/posts?slug=${slug}&categories=8,13,18,54,25`
-    )
-    if (data.length === 0) {
-      error({ statusCode: 404 })
-      return
-    }
-    const categoriesId = data[0].categories
-    const categories = await Promise.all(
-      categoriesId.map(async id => {
-        const res = await axios.get(`${process.env.blogUrl}/categories/${id}`)
-        return res.data
-      })
-    )
-    const languageTag = await axios.get(
-      `${process.env.blogUrl}/tags?slug=${language}`
-    )
-    const relateResult = await axios.get(
-      `${process.env.blogUrl}/posts?exclude=${
-        data[0].id
-      }&categories=${categoriesId.toString()}&tags=${
-        languageTag.data[0].id
-      }&per_page=2`
-    )
-    const users = await axios.get(`${process.env.blogUrl}/users`)
-    const userArray = users.data
-    const relatedPosts = []
-    relateResult.data.forEach(async element => {
-      let featuredImage = ''
+    try {
+      const slug = encodeURIComponent(params.slug)
+      const language = store.state.i18n.locale
+
+      // Get post by slug + get users + language tag
+      const [postRes, usersRes, langRes] = await Promise.all([
+        axios.get(
+          `${process.env.blogUrl}/posts?slug=${slug}&categories=8,13,18,54,25`
+        ),
+        axios.get(`${process.env.blogUrl}/users`),
+        axios.get(
+          `${process.env.blogUrl}/tags?slug=${language}`
+        )
+      ])
+
+      const data = postRes.data
+      if (data.length === 0) {
+        error({ statusCode: 404 })
+        return
+      }
+
+      const userArray = usersRes.data
+      const languageTagId = langRes.data[0].id
+      const relatedPosts = []
+      const categoryIds = data[0].categories
+      let categories = []
+
       try {
-        featuredImage = element._embedded['wp:featuredmedia']['0'].source_url
-      } catch (error) {}
-      if (!featuredImage) {
-        const $ = cheerio.load(element.content.rendered)
-        const images = $('img').attr('src')
-        if (images) {
-          featuredImage = images.replace(/-[0-9]+x[0-9]+/g, '')
-        }
+        // Get categories + related posts
+        const [relateResult, ...categoriesRes] = await Promise.all([
+          axios.get(
+            `${process.env.blogUrl}/posts?exclude=${
+              data[0].id
+            }&categories=${categoryIds.toString()}&tags=${
+              languageTagId
+            }&per_page=2`
+          ),
+          ...categoryIds.map(async id => {
+            const res = await axios.get(`${process.env.blogUrl}/categories/${id}`)
+            return res.data
+          })
+        ])
+
+        categories = categoriesRes
+
+        // Process related results
+        relateResult.data.forEach(async element => {
+          let featuredImage = ''
+          try {
+            featuredImage = element._embedded['wp:featuredmedia']['0'].source_url
+          } catch (error) {}
+          if (!featuredImage) {
+            const $ = cheerio.load(element.content.rendered)
+            const images = $('img').attr('src')
+            if (images) {
+              featuredImage = images.replace(/-[0-9]+x[0-9]+/g, '')
+            }
+          }
+          const $_ = cheerio.load(element.excerpt.rendered)
+          const desc = $_('p').text()
+
+          relatedPosts.push({
+            ...element,
+            featured_image: featuredImage,
+            user: userArray.find(user => user.id === element.author),
+            desc
+          })
+        })
+      } catch (error) {
+        console.log(error)
       }
-      const $_ = cheerio.load(element.excerpt.rendered)
-      const desc = $_('p').text()
 
-      // const authorResult = await axios.get(`${process.env.blogUrl}/users/${element.author}`)
-      relatedPosts.push({
-        ...element,
-        // author: authorResult.data.name,
-        featured_image: featuredImage,
-        user: userArray.find(user => user.id === element.author),
-        desc
-      })
-    })
-    // const authorResult = await axios.get(`${process.env.blogUrl}/users/${data[0].author}`)
-    return {
-      post: data.map(post => {
-        const $ = cheerio.load(post.content.rendered)
-        let featuredImage = ''
-        try {
-          featuredImage = post._embedded['wp:featuredmedia']['0'].source_url
-        } catch (error) {}
-        if (!featuredImage) {
+      // Process post
+      return {
+        post: data.map(post => {
           const $ = cheerio.load(post.content.rendered)
-          const images = $('img').attr('src')
-          if (images) {
-            featuredImage = images.replace(/-[0-9]+x[0-9]+/g, '')
-          }
-        }
-        const $_ = cheerio.load(post.excerpt.rendered)
-        const desc = $_('p').text()
-        const tableOfContents = []
-        $('h2, h3').each(function (i, e) {
-          const title = $(e).text()
-          const slug = slugify(title, { locale: 'vi', lower: true })
-          tableOfContents[i] = {
-            text: $(e).text(),
-            link: slug,
-            heading: e.name
+          let featuredImage = ''
+          try {
+            featuredImage = post._embedded['wp:featuredmedia']['0'].source_url
+          } catch (error) {}
+          if (!featuredImage) {
+            const $ = cheerio.load(post.content.rendered)
+            const images = $('img').attr('src')
+            if (images) {
+              featuredImage = images.replace(/-[0-9]+x[0-9]+/g, '')
+            }
           }
-          $(this).attr('id', slug)
-        })
-        if (!tableOfContents.length) {
-          $('h1').each(function (i, e) {
+          const $_ = cheerio.load(post.excerpt.rendered)
+          const desc = $_('p').text()
+          const tableOfContents = []
+          $('h2, h3').each(function (i, e) {
             const title = $(e).text()
             const slug = slugify(title, { locale: 'vi', lower: true })
             tableOfContents[i] = {
-              text: title,
-              link: slug
+              text: $(e).text(),
+              link: slug,
+              heading: e.name
             }
             $(this).attr('id', slug)
           })
-        }
-        return {
-          ...post,
-          new_content_rendered: $.html(),
-          desc,
-          featured_image: featuredImage,
-          user: userArray.find(user => user.id === post.author),
-          table_of_contents: tableOfContents
-          // author: authorResult.data.name
-        }
-      })[0],
-      categories: categories.map(item => item.name),
-      relatedPosts
-      // relatedPosts: relateResult.data.map(post => {
-      //   let featuredImage = ''
-      //   try {
-      //     featuredImage = post._embedded['wp:featuredmedia']['0'].source_url
-      //   } catch (error) {
-      //   }
-      //   if (!featuredImage) {
-      //     const $ = cheerio.load(post.content.rendered)
-      //     const images = $('img').attr('src')
-      //     if (images) {
-      //       featuredImage = images.replace(/-[0-9]+x[0-9]+/g, '')
-      //     }
-      //   }
-      //   const $_ = cheerio.load(post.excerpt.rendered)
-      //   const desc = $_('p').text()
-      //   return {
-      //     ...post,
-      //     featured_image: featuredImage,
-      //     desc
-      //   }
-      // })
+          if (!tableOfContents.length) {
+            $('h1').each(function (i, e) {
+              const title = $(e).text()
+              const slug = slugify(title, { locale: 'vi', lower: true })
+              tableOfContents[i] = {
+                text: title,
+                link: slug
+              }
+              $(this).attr('id', slug)
+            })
+          }
+          return {
+            ...post,
+            new_content_rendered: $.html(),
+            desc,
+            featured_image: featuredImage,
+            user: userArray.find(user => user.id === post.author),
+            table_of_contents: tableOfContents
+          }
+        })[0],
+        categories: categories.map(item => item.name),
+        relatedPosts
+      }
+    } catch (error) {
+      console.log(error)
+      error({ statusCode: 404 })
     }
   },
+
   data () {
     return {
       form: {