Merge pull request #42 from alexa-js/v2

v2 fixes #35
alexa-js · Jan 15, 2022 · f881f5c · f881f5c
2 parents 71cbef5 + 306ce48
commit f881f5c
Show file tree

Hide file tree

Showing 9 changed files with 7,832 additions and 2,196 deletions.
diff --git a/.npmrc b/.npmrc
@@ -0,0 +1,2 @@
+engine-strict=true
+
diff --git a/.travis.yml b/.travis.yml
@@ -1,13 +1,11 @@
-sudo: false
-
+dist: xenial
+os: linux
 language: node_js
 
 node_js:
-- '8'
-- '9'
-- '10'
 - '12'
 - '14'
+- '16'
 
 cache:
   directories:
@@ -18,4 +16,4 @@ notifications:
 
 matrix:
   include:
-  - node_js: 8
+  - node_js: 12
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,5 @@
+# 2.0.0
+* BREAKING: publish as a pure ES module
+* BREAKING: only support node >= 12.17
+* BREAKING: switch to es6 everywhere
+* update all dependencies
diff --git a/README.md b/README.md
@@ -3,26 +3,29 @@
 [![NPM](https://nodei.co/npm/alexa-verifier-middleware.png)](https://www.npmjs.com/package/alexa-verifier-middleware/)
 
 ![NPM Version](https://img.shields.io/npm/v/alexa-verifier-middleware.svg)
-[![Build Status](https://travis-ci.org/alexa-js/alexa-verifier-middleware.svg?branch=master)](https://travis-ci.org/alexa-js/alexa-verifier-middleware)
+
+![example workflow](https://github.com/alexa-js/alexa-verifier-middleware/actions/workflows/main.yml/badge.svg)
+
 [![dependencies Status](https://david-dm.org/alexa-js/alexa-verifier-middleware/status.svg)](https://david-dm.org/tejashah88/alexa-verifier-middleware)
 
 An [express](https://www.npmjs.com/package/express) middleware that verifies HTTP requests sent to an Alexa skill are sent from Amazon.
 
 
-This module should work on node v4 and up, though we don't test on those platforms anymore. We guarantee support node v8 and up.
+Version 2.x is now a pure es module, and requires node 12.17 or higher. If you want to run this via an older version of node, use [email protected] 
 
 
 ### Usage
 
 It is recommended that you attach all Alexa routes to an express Router.
 ```javascript
-var express  = require('express');
-var verifier = require('alexa-verifier-middleware');
+import express  from 'express';
+import verifier from 'alexa-verifier-middleware';
+
 
-var app = express();
+const app = express();
 
 // create a router and attach to express before doing anything else
-var alexaRouter = express.Router();
+const alexaRouter = express.Router();
 app.use('/alexa', alexaRouter);
 
 // attach the verifier middleware first because it needs the entire
@@ -32,7 +35,7 @@ alexaRouter.use(verifier);
 // Routes that handle alexa traffic are now attached here.
 // Since this is attached to a router mounted at /alexa,
 // this endpoint will be accessible at /alexa/weather_info
-alexaRouter.get('/weather_info', function(req, res) { ... });
+alexaRouter.get('/weather_info', function (req, res) { ... });
 
 app.listen(3000);
 ```
@@ -44,7 +47,7 @@ app.listen(3000);
 
 Before:
 ```javascript
-var alexaRouter = express.Router();
+const alexaRouter = express.Router();
 app.use('/alexa', alexaRouter);
 
 // INCORRECT
@@ -54,7 +57,7 @@ alexaRouter.use(verifier);
 
 After:
 ```javascript
-var alexaRouter = express.Router();
+const alexaRouter = express.Router();
 app.use('/alexa', alexaRouter);
 
 // CORRECT
@@ -63,4 +66,4 @@ alexaRouter.use(bodyParser.json());
 ```
 
 ### Mentions
-* [mreinstein](https://github.com/mreinstein) for his [alexa-verifier](https://github.com/mreinstein/alexa-verifier) module, which allows you to verify any Amazon requests from any web service
+* [mreinstein](https://github.com/mreinstein) for his [alexa-verifier](https://github.com/mreinstein/alexa-verifier) module, which allows you to verify any Amazon requests from any web service
diff --git a/index.js b/index.js
@@ -1,14 +1,15 @@
-var verifier = require('alexa-verifier')
+import verifier from 'alexa-verifier'
+
 
 // the alexa API calls specify an HTTPS certificate that must be validated.
 // the validation uses the request's raw POST body which isn't available from
 // the body parser module. so we look for any requests that include a
 // signaturecertchainurl HTTP request header, parse out the entire body as a
 // text string, and set a flag on the request object so other body parser
 // middlewares don't try to parse the body again
-module.exports = function alexaVerifierMiddleware(req, res, next) {
+export default function alexaVerifierMiddleware (req, res, next) {
   if (req._body) {
-    var er = 'The raw request body has already been parsed.'
+    const er = 'The raw request body has already been parsed.'
     return res.status(400).json({ status: 'failure', reason: er })
   }
 
@@ -18,29 +19,28 @@ module.exports = function alexaVerifierMiddleware(req, res, next) {
   // other body parser middlewares
   req._body = true
   req.rawBody = ''
-  req.on('data', function(data) {
+  req.on('data', function (data) {
     return req.rawBody += data
   })
 
-  req.on('end', function() {
-    var certUrl, er, error, signature
+  req.on('end', function () {
+    let certUrl, er, error, signature
 
     try {
       req.body = JSON.parse(req.rawBody)
     } catch (error) {
       er = error
-      req.body = {}
+      req.body = { }
     }
 
     certUrl = req.headers.signaturecertchainurl
     signature = req.headers.signature
 
-    verifier(certUrl, signature, req.rawBody, function(er) {
-      if (er) {
+    verifier(certUrl, signature, req.rawBody, function (er) {
+      if (er)
         res.status(400).json({ status: 'failure', reason: er })
-      } else {
+      else
         next()
-      }
     })
   })
 }