module.exports = function middleware(app) { app.use(logger('dev')); app.use('/api/getLocations', ipfilter(ips, { mode: 'allow' })); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); };
exports.init = function(_player, callback) { player = _player; config = _player.config; if(!player.app) { callback('module must be initialized after expressjs module!'); } else { // TODO: separate config file for plugins? var checkIP = filter(config.filterStreamIPs, {mode: config.filterAction, log: config.log, cidr: true}); player.app.use('/song', checkIP); callback(); } };
var express = require('express'); var ipfilter = require('express-ipfilter'); var fs = require('fs'); var app = express(); //restrict /sermonarchive to only local ip addresses. This uses a CIDR address var ips = [['::1', '127.0.0.1', '192.168.*.*']]; app.use(ipfilter(ips, {mode:'allow', excluding:['/sermonsite2']})); app.use ('/sermonarchive', function(req, res, next) { var data=''; req.setEncoding('utf8'); req.on('data', function(chunk) { data += chunk; }); req.on('end', function() { req.body = data; next(); }); }); app.use('/sermonadmin', express.static('sermonadmin')); app.use('/sermonsite2', express.static('sermonsite2')); app.use('/node_modules', express.static('node_modules')); app.post('/sermonarchive', function (req, res) { fs.writeFileSync('sermonsite2/sermonarchive.json', req.body); var now = new Date(); fs.writeFileSync('sermonsite2/archivebackups/sermonarchive-' + now.getMonth() + '-' + now.getDate() + '-' + now.getFullYear() + '.json', req.body); res.sendStatus(200);
app.use(bodyParser.urlencoded({ extended: false })); app.all('*', function (req, res, next) { if (!req.get('Origin')) return next(); res.set('Access-Control-Allow-Origin', '*'); res.set('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE'); res.set('Access-Control-Allow-Headers', 'U-ApiKey, Content-Type'); //res.set('Access-Control-Allow-Max-Age', 3600); if ('OPTIONS' == req.method) return res.status(200).end(); next(); }); if (config.systemConfig.whiteList[0] != '0.0.0.0/0') { var ipfilter = require('express-ipfilter'); var setting = { mode: 'allow', log: false, errorCode: 403, errorMessage: '' }; app.use(ipfilter(config.systemConfig.whiteList, setting)); } if (config.redisConfig.isEnable) { var rds = require('./rds.js'); app.use('/rds', rds); } //var mgs = require('./mg.js'); //app.use('/ac', mgs); var user = require("./router/user.js"); app.use("/ac",user); //var fsio = require('./fsio.js'); //app.use("/fs", fsio);
var app = express() var proxy = require('express-http-proxy') var helmet = require('helmet') var compression = require('compression') var serveStatic = require('serve-static') var mime = require('mime-types') var main = express() // compress all requests app.use(compression()) if (process.env.BLOCKED_IPS) { console.log('BLOCKING IPS: ' + process.env.BLOCKED_IPS) var ipfilter = require('express-ipfilter') app.use(ipfilter(process.env.BLOCKED_IPS.split(','), { log: false })) } //some security app.use(helmet()) //TODO: RESTRICT TO SAME SERVER? const proxyHandler = { filter: req => req.xhr, //only proxy xhr requests forwardPath: req => require('url').parse(req.url).path, intercept: (rsp, data, req, res, callback) => { res.header('Access-Control-Allow-Origin', '*'); res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE'); res.header('Access-Control-Allow-Headers', 'X-Requested-With, Accept, Origin, Referer, User-Agent, Content-Type, Authorization, X-Mindflash-SessionID'); res.set('Set-Cookie', 'ilove=kiva; Path=/; HttpOnly'); //don't pass back kiva's cookies. // intercept OPTIONS method
var express = require("express"), path = require('path'), fs = require('fs'), multer = require('multer'), favicon = require('express-favicon'), ipfilter = require('express-ipfilter'), Ddos = require('ddos'), app = express(), bodyParser = require("body-parser"), methodOverride = require("method-override"), Datastore = require('nedb'); //IP bloqueadas var uploads_contador = 0; var ips = []; app.use(ipfilter(ips)); //Prevenir ataques DDoS var ddos = new Ddos; app.use(ddos.express) //Subir archivos var storage = multer.diskStorage({ destination: function (req, file, callback) { //Cada usuario tiene su propia carpeta para subir ficheros var carpeta = './emulatedStorage/'+req.connection.remoteAddress; if(!fs.existsSync(carpeta)){ fs.mkdirSync(carpeta); } callback(null, carpeta); }, filename: function (req, file, callback) {
app.configure(function() { // Log config settigs load log( 'common settings' ); /** * Save config in app */ app.set('config', config); /** * Basic HTTP-Auth restriction middleware * for production access only. */ if (config.auth.basic && config.auth.basic.username && config.auth.basic.password) { var basic = auth({ authRealm: 'Authentication required', authList : [config.auth.basic.username+':'+config.auth.basic.password] }); app.use(function(req, res, next) { basic.apply(req, res, function(username) { return next(); }); }); } /** * Set `public-assets` default path */ app.use(express.static(resolve('public'))); app.use(express.urlencoded()); app.use(express.json()); /** * Cross Origin Resource Sharing */ var domains = config.corsDomains; if (domains && domains.length) { var options; if (domains.length == 1 && domains[0] == '*') { options = null; } else { options = { origin: function(origin, callback){ var originIsWhitelisted = domains.indexOf(origin) !== -1; callback(null, originIsWhitelisted); } , credentials: true }; } app.use(cors(options)); } var blacklistIps = config.blacklistIps; if (blacklistIps && blacklistIps.length) { app.use(ipfilter(blacklistIps)); } /** * Use `passport` setup & helpers middleware */ app.use(passport.initialize()); /** * Configure native `express` cookie parser */ app.use(cookieParser(config.jwtSecret)); /** * JSON Web Tokens */ app.use(jwt.middlewares.user()); /** * Fetch user locale */ app.use(l10n.middleware); /** * Set template local variables */ app.use(function(req, res, next) { // Set user as local var if authenticated if(req.isAuthenticated() && req.user) res.locals.user = req.user; res.locals.t = t; // Call next middleware next(); }); /** * Ensure SSL redirection if necessary */ sslRedirect(app, { protocol: config.protocol, https: config.https }); /** * Use `twitter-card` and 'facebook-card' middlewares */ app.use(require('lib/twitter-card/middleware')); app.use(require('lib/facebook-card/middleware')); });