module.exports = function (app, passport) {
// Compression middleware (should be placed before express.static)
/*
app.use(compression({
threshold: 512
}));
*/
// Static files middleware
app.use(compression());
console.log('config-root: ' + config.root);
app.use(serveStatic(config.root + '/public'));
//app.use(express.static(__dirname + '/public'));
// Use winston on production
var log;
if (env !== 'development') {
log = {
stream: {
write: function (message, encoding) {
winston.info(message);
}
}
};
} else {
log = { format: 'dev' };
}
// Don't log during tests
// Logging middleware
if (env !== 'test') app.use(morgan(log));
// Swig templating engine settings
if (env === 'development' || env === 'test') {
swig.setDefaults({
cache: false
});
}
// set views path, template engine and default layout
app.engine('html', swig.renderFile);
app.set('views', config.root + '/');
app.set('view engine', 'html');
// expose package.json to views
app.use(function (req, res, next) {
res.locals.pkg = pkg;
res.locals.env = env;
next();
});
// cookieParser should be above session
app.use(cookieParser());
// bodyParser should be above methodOverride
//app.use(bodyParser());
app.use(bodyParser.json({}));
app.use(methodOverride(function (req, res) {
if (req.body && typeof req.body === 'object' && '_method' in req.body) {
// look in urlencoded POST bodies and delete it
var method = req.body._method;
delete req.body._method;
return method;
}
}));
// express/mongo session storage
app.use(session({
secret: pkg.name,
store: new mongoStore({
url: config.db,
collection : 'sessions'
})
}));
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// connect flash for flash messages - should be declared after sessions
app.use(flash());
// should be declared after session and flash
app.use(helpers(pkg.name));
// adds CSRF support
/*
if (process.env.NODE_ENV !== 'test') {
app.use(csrf());
// This could be moved to view-helpers :-)
app.use(function(req, res, next){
res.locals.csrf_token = req.csrfToken();
next();
});
}
*/
};
module.exports = function(db) {
// Initialize express app
var app = express();
// Globbing model files
config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) {
require(path.resolve(modelPath));
});
// Setting application local variables
app.locals.title = config.app.title;
app.locals.description = config.app.description;
app.locals.keywords = config.app.keywords;
app.locals.facebookAppId = config.facebook.clientID;
app.locals.jsFiles = config.getJavaScriptAssets();
app.locals.cssFiles = config.getCSSAssets();
// Passing the request url to environment locals
app.use(function(req, res, next) {
res.locals.url = req.protocol + '://' + req.headers.host + req.url;
next();
});
// Should be placed before express.static
app.use(compression({
// only compress files for the following content types
filter: function(req, res) {
return (/json|text|javascript|css/).test(res.getHeader('Content-Type'));
},
// zlib option for compression level
level: 3
}));
// Showing stack errors
app.set('showStackError', true);
// Set swig as the template engine
//app.engine('server.view.html', consolidate[config.templateEngine]);
// Set views path and view engine
//app.set('view engine', 'server.view.html');
//app.set('views', './app/views');
app.engine('html', consolidate[config.templateEngine]);
// Set views path and view engine
app.set('view engine', 'html');
app.set('views', './ui/build');
// Enable logger (morgan)
app.use(morgan(logger.getLogFormat(), logger.getLogOptions()));
// Environment dependent middleware
if (process.env.NODE_ENV === 'development') {
// Disable views cache
app.set('view cache', false);
} else if (process.env.NODE_ENV === 'production') {
app.locals.cache = 'memory';
}
// Request body parsing middleware should be above methodOverride
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(bodyParser.json());
app.use(methodOverride());
// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');
// Setting the app router and static folder
app.use('/inflo',express.static(path.resolve('./ui/build')));
// CookieParser should be above session
app.use(cookieParser());
// Express MongoDB session storage
app.use(session({
saveUninitialized: true,
resave: true,
secret: config.sessionSecret,
store: new mongoStore({
db: db.connection.db,
collection: config.sessionCollection
}),
cookie: config.sessionCookie,
name: config.sessionName
}));
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// connect flash for flash messages
app.use(flash());
// Globbing routing files
config.getGlobbedFiles('./app/routes/**/*.js').forEach(function(routePath) {
require(path.resolve(routePath))(app);
});
// Assume 'not found' in the error msgs is a 404. this is somewhat silly, but valid, you can do whatever you like, set properties, use instanceof etc.
app.use(function(err, req, res, next) {
// If the error object doesn't exists
if (!err) return next();
// Log it
console.error(err.stack);
// Error page
res.status(500).render('500', {
error: err.stack
});
});
// Assume 404 since no middleware responded
app.use(function(req, res) {
res.status(404).render('404', {
url: req.originalUrl,
error: 'Not Found'
});
});
if (process.env.NODE_ENV === 'secure') {
// Load SSL key and certificate
var privateKey = fs.readFileSync('./config/sslcerts/key.pem', 'utf8');
var certificate = fs.readFileSync('./config/sslcerts/cert.pem', 'utf8');
// Create HTTPS Server
var httpsServer = https.createServer({
key: privateKey,
cert: certificate
}, app);
// Return HTTPS server instance
return httpsServer;
}
// Return Express server instance
return app;
};
module.exports = function (app, express, passport) {
var allowCrossDomain = function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Credentials', true)
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
};
// settings
app.set('env', env);
app.set('port', app.config.server.port || 3000);
app.set('hostIp', app.config.server.hostname || '127.0.0.1');
app.set('views', path.join(__dirname, '../../app/views'));
app.set('view engine', 'jade');
app.enable('trust proxy');
app.disable('x-powered-by');
// Express use middlewares
app.use(favicon(path.join(__dirname, '../../public/favicon.png')));
app.use(allowCrossDomain);
if (env === 'development') {
app.use(morgan('dev'))
} else {
app.use(morgan('combined', {
skip: function (req, res) { return res.statusCode < 400 },
stream: require('fs').createWriteStream( app.config.root + '/access.log', {flags: 'a'})
}))
};
app.use(bodyParser.urlencoded({extended: true}))
app.use(bodyParser.json())
app.use(multer())
app.use(expressValidator())
app.use(methodOverride())
app.use(cookieParser('abrac1212sdfsllqwzqwAAwerwrsdqxkk'));
app.use(session({
name: [pkg.name,'.sid'].join(),
resave: true,
saveUninitialized: true,
secret: pkg.name,
genid: function(req) {
return require('node-uuid').v4() // use UUIDs for session IDs
},
store: new MongoStore({
url: app.config.database.url,
collection : 'sessions'
})
}));
// use passport session
app.use(passport.initialize());
app.use(passport.session({
maxAge: new Date(Date.now() + 3600000)
}));
app.use(flash());
var csrfExclude = ['/api/trick/import'];
app.use(function(req, res, next) {
var path = req.path.split('/')[1];
if (/api/i.test(path)) {
return next();
} else {
if (_.contains(csrfExclude, req.path)) return next();
csrf(req, res, next);
}
});
app.use(views_helpers(pkg.name));
app.use(function (req, res, next) {
res.locals.pkg = pkg;
res.locals.NODE_ENV = env;
res.locals.moment = require('moment');
if(_.isObject(req.user)) {
res.locals.User = req.user
}
next()
});
app.use(express.static(path.normalize(__dirname + '/../../public')));
/** ROUTES Apps */
app.use(routes);
// will print stacktrace
if (app.get('env') === 'development') {
app.use(responseTime());
} else {
app.use(compression({
filter: function (req, res) { return /json|text|javascript|css/.test(res.getHeader('Content-Type')) },
level: 9
}))
}
app.use(function handleNotFound(req, res, next){
res.status(404);
if (req.accepts('html')) {
res.render('404', { url: req.url, error: '404 Not found' });
return;
}
if (req.accepts('json')) {
res.send({ error: 'Not found' });
return;
}
res.type('txt').send('Not found');
})
if (env === 'development') {
app.use(errorHandler());
} else {
app.use(function logErrors(err, req, res, next){
if (err.status === 404) {
return next(err)
}
console.error(err.stack)
next(err)
})
app.use(function respondError(err, req, res, next){
var status, message
status = err.status || 500;
res.status(status);
message = ((err.productionMessage && err.message) ||
err.customProductionMessage)
if (!message) {
if (status === 403) {
message = 'Not allowed'
} else {
message = 'Oops, there was a problem!'
}
}
if (req.accepts('json')) {
res.send({error: message})
return
} else {
res.type('txt').send(message + '\n')
return
}
})
}
}
(function () {
"use strict";
var express = require('express'),
morgan = require('morgan'),
bodyParser = require('body-parser'),
methodOverride = require('method-override'),
cookieParser = require('cookie-parser'),
expressLayout = require('express3-ejs-layout'),
compression = require('compression'),
app = express(),
route = require("./server/route"),
config = require("./server/config"),
kits = require("./server/kits"),
appPackage = require("./package.json"),
localsApp = {
title : config.title,
version: appPackage.version,
env : config.env,
baseUrl: config.baseUrl
};
app.use(compression());
app.use(bodyParser());
app.use(methodOverride());
app.use(cookieParser(config.cookieSecret));
app.set('views', __dirname + '/web/view');
app.use(express.static(__dirname + '/web/static'));// {maxAge: 31557600000}
app.set('view engine', 'html');
app.engine('html', require('ejs').renderFile);
app.use(expressLayout);
app.set('layout', 'layout');
app.set("env", config.env);
app.disable("x-powered-by");
//启用反向代理
app.enable('trust proxy');
morgan.token('data', function (req) {
return "params:" + JSON.stringify(req.params) + ",query:" + JSON.stringify(req.query) + ",body:" + JSON.stringify(req.body);
});
morgan.token('date', function () {
var now = new Date();
return now.getFullYear() + "-" + (now.getMonth() + 1) + "-" + now.getDate() + " " + now.getHours() + ":" + now.getMinutes() + ":" + now.getSeconds();
});
morgan.token('operationId', function (req) {
return req.context ? req.context.operationId : "null";
});
if ('development' === config.env) {
app.use(morgan({
format: ':method :url :status :remote-addr [:date][:response-time ms] [:operationId]',
stream: {
write: kits.logger.info
}
}));
localsApp.siteScripts = config.siteScripts;
} else {
app.use(morgan({
format: ':method :url :status :remote-addr [:date][:response-time ms] [:operationId]',
stream: {
write: kits.logger.info
}
}));
}
app.locals.app = localsApp;
//初始化路由
route(app);
//create server
app.listen(config.port, function () {
kits.logger.info('ng-nice server listening on port ' + config.port + " in env " + config.env);
});
if (config.env === 'production') {
process.on("uncaughtException", function (err) {
kits.logger.info("process uncaughtException:" + err);
});
}
})();
export const primus = (() => {
if(process.env.NO_START_GAME) return;
const ip = _(require('os').networkInterfaces())
.values()
.flatten()
.filter(val => val.family === 'IPv4' && val.internal === false)
.map('address')
.first();
if(ip) {
console.log(`Your IP is: ${ip}` + (process.env.QUIET ? ' (quiet mode. ssh...)' : ''));
}
const express = require('express');
const compression = require('compression');
const serve = express();
serve.use(compression(), express.static('assets'));
serve.get('/online', (req, res) => {
try {
res.set({
'Cache-Control': 'public, max-age=86400'
});
res.json({
players: GameState.getInstance().getPlayers().length,
sparks: primus.connected
});
} catch (e) {
res.send(e);
}
});
const finalhandler = require('finalhandler');
// load primus
const server = require('http').createServer((req, res) => {
res.setHeader('Access-Control-Allow-Origin', '*');
serve(req, res, finalhandler(req, res));
});
server.listen(process.env.PORT || 8080);
const primus = new Primus(server, { iknowhttpsisbetter: true, parser: 'JSON', transformer: 'websockets' });
// load socket functions
const normalizedPath = require('path').join(__dirname, '..');
const getAllSocketFunctions = (dir) => {
let results = [];
const list = fs.readdirSync(dir);
_.each(list, basefilename => {
const filename = `${dir}/${basefilename}`;
const stat = fs.statSync(filename);
if(stat && stat.isDirectory()) results = results.concat(getAllSocketFunctions(filename));
else if(_.includes(basefilename, '.socket')) results.push(filename);
});
return results;
};
const allSocketFunctions = getAllSocketFunctions(normalizedPath);
const allSocketRequires = _.map(allSocketFunctions, require);
primus.use('rooms', Rooms);
primus.use('emit', Emit);
primus.players = {};
primus.addPlayer = (playerName, spark) => {
if(!primus.players[playerName]) primus.players[playerName] = [];
primus.players[playerName].push(spark);
};
primus.delPlayer = (playerName, spark) => {
primus.players[playerName] = _.without(primus.players[playerName], spark);
};
primus.emitToPlayers = (players = [], data) => {
_.each(players, player => {
_.each(primus.players[player], spark => {
spark.write(data);
});
});
};
// primus.use('multiplex', Multiplex);
// force setting up the global connection
new (require('../shared/db-wrapper').DbWrapper)().connectionPromise();
primus.on('connection', spark => {
const respond = (data) => {
spark.write(data);
};
_.each(allSocketRequires, obj => obj.socket(spark, primus, (data) => {
data.event = obj.event;
respond(data);
// kill global sparks after 5 seconds
if(_.includes(obj.event, 'plugin:global')) {
setTimeout(() => {
spark.end();
}, 5000);
}
}));
spark.on('error', e => {
Logger.error('Spark', e);
});
setTimeout(() => {
if(spark.authToken || spark._registering) return;
spark.end();
}, 10000);
// spark.join('adventurelog');
});
if(process.env.NODE_ENV !== 'production') {
_.each(['Play', 'Global'], root => {
const path = require('path').join(__dirname, '..', '..', root);
fs.stat(path, e => {
if(e) return;
primus.save(`${path}/primus.gen.js`);
});
});
}
return primus;
})();
hostname: 'localhost',
port: 6379
};
var redisPASS;
if (process.env.REDISCLOUD_URL) {
redisURL = url.parse(process.env.REDISCLOUD_URL);
redisPASS = redisURL.auth.split(":")[1];
}
var router = require('./router.js');
var port = process.env.PORT || process.env.NODE_PORT || 3000;
var app = express();
app.use('/assets', express.static(path.resolve(__dirname+'/../client/')));
app.use(compression());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(session({
key: "sessionid",
store: new RedisStore({
host: redisURL.hostname,
port: redisURL.port,
pass: redisPASS
}),
secret: 'YouDJ',
resave: true,
saveUninitialized: true,
cookie: {
httpOnly: true
export default function(app) {
var env = app.get('env');
app.set('views', config.root + '/server/views');
app.engine('html', require('ejs').renderFile);
app.set('view engine', 'html');
app.use(compression());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(methodOverride());
app.use(cookieParser());
// Persist sessions with MongoStore / sequelizeStore
// We need to enable sessions for passport-twitter because it's an
// oauth 1.0 strategy, and Lusca depends on sessions
app.use(session({
secret: config.secrets.session,
saveUninitialized: true,
resave: false,
store: new MongoStore({
mongooseConnection: mongoose.connection,
db: 'myapp'
})
}));
/**
* Lusca - express server security
* https://github.com/krakenjs/lusca
*/
if (env !== 'test' && !process.env.SAUCE_USERNAME) {
app.use(lusca({
csrf: {
angular: true
},
xframe: 'SAMEORIGIN',
hsts: {
maxAge: 31536000, //1 year, in seconds
includeSubDomains: true,
preload: true
},
xssProtection: true
}));
}
app.set('appPath', path.join(config.root, 'client'));
if ('production' === env) {
app.use(favicon(path.join(config.root, 'client', 'favicon.ico')));
app.use(express.static(app.get('appPath')));
app.use(morgan('dev'));
}
if ('development' === env) {
app.use(require('connect-livereload')({
ignore: [
/^\/api\/(.*)/,
/\.js(\?.*)?$/, /\.css(\?.*)?$/, /\.svg(\?.*)?$/, /\.ico(\?.*)?$/, /\.woff(\?.*)?$/,
/\.png(\?.*)?$/, /\.jpg(\?.*)?$/, /\.jpeg(\?.*)?$/, /\.gif(\?.*)?$/, /\.pdf(\?.*)?$/
]
}));
}
if ('development' === env || 'test' === env) {
app.use(express.static(path.join(config.root, '.tmp')));
app.use(express.static(app.get('appPath')));
app.use(morgan('dev'));
app.use(errorHandler()); // Error handler - has to be last
}
}
module.exports = function (app, passport) {
// Compression middleware (should be placed before express.static)
app.use(compression({
threshold: 512
}));
// Static files middleware
app.use(express.static(config.root + '/public'));
// Use winston on production
let log = 'dev';
if (env !== 'development') {
log = {
stream: {
write: message => winston.info(message)
}
};
}
// Don't log during tests
// Logging middleware
if (env !== 'test') app.use(morgan(log));
// Swig template engine settings
if (env === 'development' || env === 'test') {
swig.setDefaults({
cache: false
});
}
// set views path, template engine and default layout
app.engine('html', swig.renderFile);
app.set('views', config.root + '/views');
app.set('view engine', 'html');
// expose package.json and environment to views (why ?!)
app.use(function (req, res, next) {
res.locals.pkg = pkg;
res.locals.env = env;
next();
});
// bodyParser should be above methodOverride
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(multer().array('image', 1));
app.use(methodOverride(function (req) {
if (req.body && typeof req.body === 'object' && '_method' in req.body) {
// look in urlencoded POST bodies and delete it
var method = req.body._method;
delete req.body._method;
return method;
}
}));
// CookieParser should be above session
app.use(cookieParser());
app.use(cookieSession({ secret: 'secret' }));
app.use(session({
resave: true,
saveUninitialized: true,
secret: pkg.name,
store: new mongoStore({
url: config.db,
collection : 'sessions'
})
}));
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// connect flash for flash messages - should be declared after sessions
app.use(flash());
// should be declared after session and flash
app.use(helpers(pkg.name));
if (env !== 'test') {
app.use(csrf());
// This could be moved to view-helpers :-)
app.use(function (req, res, next) {
res.locals.csrf_token = req.csrfToken();
next();
});
}
};
init.pageCompression = function () {
if (appconfig.settings().expressCompression) {
app.use(compress());
}
};
/**
* App config
*/
function Config(app) {
log("* config:store app related envs");
app.set('appEnv', appEnv);
log("* config:showStackError");
app.set('showStackError', true);
// must be placed before express.static
log("* config:compress");
var compress = require('compression')
app.use(compress({
filter: function(req, res) {
return /json|text|javascript|css/.test(res.getHeader('Content-Type'))
},
level: 9
}))
log('* config:port as %d', appEnv.PORT);
app.set('port', appEnv.PORT);
log('* config:view_engine as %s', 'ejs');
var expressLayouts = require('express3-ejs-layout');
app.set('views', paths.views);
app.set('view engine', 'ejs');
app.use(expressLayouts);
log('* config:express.static');
app.use(express.static(paths.public))
log('* config:cookie_parser');
var cookieParser = require('cookie-parser');
app.use(cookieParser());
log('* config:logger');
app.use(morgan('dev'));
log('* config:bodyParser:methodOverride');
var bodyParser = require('body-parser');
var methodOverride = require('method-override');
app.use(bodyParser());
app.use(methodOverride());
log('* config:session');
// sessions
var session = require('express-session');
var MongoStore = require('connect-mongo')(session);
app.set('sessionStore', new MongoStore({
url: appEnv.MONGODB_URI,
collection: 'sessions',
mongooseConnection: mongoose.connection
}));
app.use(session({
secret: appEnv.SESSION_SECRET,
store: app.get('sessionStore')
}));
log('* config:passport');
var passport = require('passport');
app.use(passport.initialize());
app.use(passport.session());
log('* config:flash_messages');
var flash = require('connect-flash');
app.use(flash());
log('* config:CSRF unless env == \'test\'');
if (appEnv.NODE_ENV !== 'test') {
var csrf = require('csurf');
app.use(csrf())
app.use(function(req, res, next){
res.locals.csrf_token = req.csrfToken();
next();
})
}
log('* config:error_handler if env == \'development\'');
if (appEnv.NODE_ENV === 'dev') {
var errorHandler = require('errorhandler')
app.use(
errorHandler({
dumpExceptions: true,
showStack: true
})
);
app.locals.pretty = true
}
return app;
}
module.exports = function(db) {
// Initialize express app
var app = express();
// Globbing model files
config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) {
require(path.resolve(modelPath));
});
// Setting application local variables from loaded config.js file, which has got variables from
// env/all.js
app.locals.title = config.app.title;
app.locals.description = config.app.description;
app.locals.keywords = config.app.keywords;
app.locals.facebookAppId = config.facebook.clientID;
app.locals.jsFiles = config.getJavaScriptAssets(); // get all public/lib/ public/modules/ js files
app.locals.cssFiles = config.getCSSAssets(); // get all public/lib/ public/modules/ css files
// Passing the request url to environment locals
app.use(function(req, res, next) {
res.locals.url = req.protocol + '://' + req.headers.host + req.url;
next();
});
// Should be placed before express.static
app.use(compress({
filter: function(req, res) {
return (/json|text|javascript|css/).test(res.getHeader('Content-Type'));
},
level: 9
}));
// Showing stack errors
// i think it should not be seen in case of production
app.set('showStackError', true);
// Set swig as the template engine
app.engine('server.view.html', consolidate[config.templateEngine]);
// Set views path and view engine
app.set('view engine', 'server.view.html');
app.set('views', './app/views');
// Environment dependent middleware
if (process.env.NODE_ENV === 'development') {
// Enable logger (morgan)
app.use(morgan('dev'));
// Disable views cache
app.set('view cache', false);
} else if (process.env.NODE_ENV === 'production') {
app.locals.cache = 'memory';
}
// Request body parsing middleware should be above methodOverride
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(bodyParser.json());
app.use(methodOverride());
// CookieParser should be above session
app.use(cookieParser());
// Express MongoDB session storage
app.use(session({
saveUninitialized: true,
resave: true,
secret: config.sessionSecret, // env/all.js contains sessionSecret
store: new mongoStore({
db: db.connection.db, // development.js/production.js/test.js has db field which gets in config.js
// i think db.connection.db value is not present, don't know how it will work
collection: config.sessionCollection
})
}));
// use passport session
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
// // use connect-flash for flash messages stored in session
app.use(flash());
// Use helmet to secure Express headers
app.use(helmet.xframe());
app.use(helmet.xssFilter());
app.use(helmet.nosniff());
app.use(helmet.ienoopen());
app.disable('x-powered-by');
// Setting the app router and static folder
app.use(express.static(path.resolve('./public')));
// Globbing routing files,
// here we are auto loading the server route files
// i think, these route files use controllers, which load views, views use models for data
config.getGlobbedFiles('./app/routes/**/*.js').forEach(function(routePath) {
require(path.resolve(routePath))(app);
});
// Assume 'not found' in the error msgs is a 404. this is somewhat silly, but valid, you can do whatever you like, set properties, use instanceof etc.
app.use(function(err, req, res, next) {
// If the error object doesn't exists
if (!err) return next();
// Log it
console.error(err.stack);
// Error page
res.status(500).render('500', {
// don't know why they haven't used full name 500.server.view.html, how using '500' only works
error: err.stack
});
});
// Assume 404 since no middleware responded
app.use(function(req, res) {
res.status(404).render('404', {
url: req.originalUrl,
error: 'Not Found'
});
});
return app;
};
module.exports = function(app, config) {
var env = process.env.NODE_ENV || 'development';
app.locals.ENV = env;
app.locals.ENV_DEVELOPMENT = env == 'development';
app.disable('x-powered-by');
app.set('views', config.root + '/app/views');
app.set('view engine', 'jade');
const sopts = {
secret: 'gdealisthebestdeal',
saveUninitialied: true,
resave: true,
key: 'sid',
cookie: {httpOnly: true, maxAge: 259200000},
store: new RedisStore({prefix: 'session:', ttl: 10800})
};
// app.use(favicon(config.root + '/public/img/favicon.ico'));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(compress());
app.use(express.static(config.root + '/public'));
app.use(methodOverride());
app.use(session(sopts));
app.use(passport.initialize());
app.use(passport.session());
app.use((req, res, next) => {
//TODO: this should probably be in middlewares instead.
if (!req.isAuthenticated) { return next(); }
res.locals.user = req.user;
res.locals.session = req.session;
next();
});
const controllers = glob.sync(config.root + '/app/controllers/*.js');
controllers.forEach(function (controller) {
require(controller)(app);
});
app.use((req, res, next) => {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
if (app.get('env') === 'development') {
app.use((err, req, res) => {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: err,
title: 'error'
});
});
}
app.use((err, req, res) => {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {},
title: 'error'
});
});
};
module.exports = function(app, passport) {
app.use(helmet());
app.use(requireHttps);
// Compression middleware (should be placed before express.static)
app.use(
compression({
threshold: 512
})
);
app.use(
cors({
origin: ['http://localhost:3000', 'https://reboil-demo.herokuapp.com'],
optionsSuccessStatus: 200, // some legacy browsers (IE11, various SmartTVs) choke on 204
credentials: true
})
);
// Static files middleware
app.use(express.static(config.root + '/public'));
// Use winston on production
let log = 'dev';
if (env !== 'development') {
log = {
stream: {
write: message => winston.info(message)
}
};
}
// Don't log during tests
// Logging middleware
if (env !== 'test') app.use(morgan(log));
// set views path, template engine and default layout
app.set('views', config.root + '/app/views');
app.set('view engine', 'pug');
// expose package.json to views
app.use(function(req, res, next) {
res.locals.pkg = pkg;
res.locals.env = env;
next();
});
// bodyParser should be above methodOverride
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(upload.single('image'));
app.use(
methodOverride(function(req) {
if (req.body && typeof req.body === 'object' && '_method' in req.body) {
// look in urlencoded POST bodies and delete it
var method = req.body._method;
delete req.body._method;
return method;
}
})
);
// CookieParser should be above session
app.use(cookieParser());
app.use(
session({
resave: false,
saveUninitialized: true,
secret: pkg.name,
store: new mongoStore({
url: config.db,
collection: 'sessions'
})
})
);
// use passport session
app.use(passport.initialize());
app.use(passport.session());
// connect flash for flash messages - should be declared after sessions
app.use(flash());
// should be declared after session and flash
app.use(helpers(pkg.name));
if (env !== 'test') {
app.use(csrf());
// This could be moved to view-helpers :-)
app.use(function(req, res, next) {
res.locals.csrf_token = req.csrfToken();
res.locals.paginate = ultimatePagination.getPaginationModel;
next();
});
}
if (env === 'development') {
app.locals.pretty = true;
}
};
bodyParser = require('body-parser'),
compress = require('compression'),
cors = require('cors'),
errorHandler = require('./services/errorHandler'),
favicon = require('static-favicon'),
fileServer = require('serve-static'),
http = require('http'),
isDev = app.get('env') === 'development',
logger = require('morgan'),
port = process.env['PORT'] || 7200,
routes = require('./services/routes');
var appDir = __dirname + '/../'; // Our NG code
app.use(bodyParser()); // body parser, json, and url encoding
app.use(compress()); // Compress response data with gzip
app.use(logger('dev')); // logger
app.use(fileServer(process.cwd())); // Support static file content
app.use(cors()); // enable ALL CORS requests
app.use(errorHandler.init);
app.use('/', express.static(appDir));
routes.init(app);
if(isDev){
app.get('/test', function(req, res, next) {
console.log(req.body);
res.send('ping');
});
}
express: app,
})
.addFilter('__', (...args) => i18n.__.apply(this, args))
.addFilter('__n', (...args) => i18n.__n.apply(this, args));
/////////////////////////////////////////////////////////////
// INIT MIDDLEWARES
/////////////////////////////////////////////////////////////
app.use(bodyParser.json()); // get the data from a POST
app.use(bodyParser.urlencoded({ extended: true })); // for parsing application/x-www-form-urlencoded
app.use(methodOverride('_method')); // Use HTTP verbs such as PUT or DELETE
app.use(helmet()); // Securing app with various HTTP headers
app.use(hpp()); // Middleware to protect against HTTP Parameter Pollution attacks
app.use(logger('dev')); // Morgan => dev | combined
app.use(compression()); // Gzip
app.use(slashes(false)); // Adding or removing trailing slashes from URL's end
/////////////////////////////////////////////////////////////
// i18n translation
/////////////////////////////////////////////////////////////
// https://www.reddit.com/r/node/comments/3m1f25/whats_the_best_practice_for_setting_up_routing/
i18n.configure({
// setup some locales - other locales default to en silently
locales: ['en', 'hu'],
// fall back from English to Hungarian
//fallbacks: { en: 'hu' },
fallbacks: { en: 'en' },
// you may alter a site wide default locale
defaultLocale: 'en',
/**
*
* Install:
* npm install browser-sync compression
*
* Run:
* node <yourfile.js>
*
* This example will proxy to your existing vhost
* and serve gzipped responses
*
*/
"use strict";
var browserSync = require("browser-sync").create();
var compression = require("compression");
browserSync.init({
files: ["app/css/*.css"],
proxy: {
target: "http://yourlocal.dev",
middleware: compression()
}
});
exports.serve = function() {
/**
* Module dependencies
*/
var express = require('express')
, bodyParser = require('body-parser')
, methodOverride = require('method-override')
, morgan = require('morgan')
, cookieParser = require('cookie-parser')
, session = require('express-session')
, compression = require('compression')
, MongoStore = require('connect-mongo')(session)
, passport = require('passport')
, TwitterStrategy = require('passport-twitter').Strategy
, moment = require('moment')
, routes = require('./routes')
, api = require('./routes/api')
, http = require('http')
, path = require('path')
, UserProvider = require('../lib/model').UserProvider
, settings = process.env.NODE_ENV === "production" ? require("../lib/production") : require("../lib/development")
;
var app = module.exports = express();
var env = process.env.NODE_ENV || 'development';
// development only
if (env === 'development') {
app.locals.pretty = true;
}
// production only
if (env === 'production') {
}
/**
* passport
*/
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(obj, done) {
done(null, obj);
});
passport.use(new TwitterStrategy({
consumerKey: settings.TW_CONSUMER_KEY,
consumerSecret: settings.TW_CONSUMER_SECRET,
callbackURL: settings.CALLBACK_URL
}, function(token, tokenSecret, profile, done) {
profile.twitter_token = token;
profile.twitter_token_secret = tokenSecret;
UserProvider.upsert({
profile: profile
}, function(err) {
if(err) console.log(err);
return done(null, profile);
});
}
));
var options = {
secret: settings.COOKIE_SECRET,
saveUninitialized: true,
resave: false,
store: new MongoStore({
url: process.env.MONGOHQ_URL || 'mongodb://127.0.0.1/1draw-ranking',
"collection": "sessions",
"clear_interval": 3600,
"auto_reconnect": true
})
};
var cacheOptions = {
dotfiles: 'ignore',
etag: false,
extensions: ['htm', 'html', 'css', 'js'],
index: false,
maxAge: 0,
redirect: false,
setHeaders: function (res, path, stat) {
res.set({
'x-timestamp': Date.now()
});
}
};
/**
* Configuration
*/
// all environments
app.disable('x-powered-by');
app.set('port', process.env.PORT || 9000);
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
app.use(morgan('dev'));
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(methodOverride());
app.use(session(options));
app.use(passport.initialize());
app.use(passport.session());
// gzip
app.use(compression())
app.use(express.static(path.join(__dirname, 'public'), cacheOptions));
/**
* Routes
*/
// Twitterの認証
app.get("/auth/twitter", passport.authenticate('twitter'));
// Twitterからのcallback
app.get("/auth/twitter/callback", passport.authenticate('twitter', {
successRedirect: '/',
failureRedirect: '/'
}));
app.get('/logout', routes.logout);
// serve index and view partials
app.get('/', routes.index);
app.get('/partials/:name', routes.partials);
// JSON API
app.get('/api/readAll/:name', api.readAll);
app.get('/api/readRanking/:name', api.readRanking);
app.get('/api/readRankingAll/:name/:skip', api.readRankingAll);
app.get('/api/readRankingAllCategory', api.readRankingAllCategory);
app.get('/api/readUserPosts/:twitterIdStr', api.readUserPosts);
app.get('/api/findUserDataByTwitterIdStr/:twitterIdStr', api.findUserDataByTwitterIdStr);
app.get('/api/isAuthenticated', api.isAuthenticated);
app.get('/api/getTweeterData/:twitterIdStr', api.getTweeterData);
app.get('/api/getTweeterTweet/:twitterIdStr/:nextCursorId', api.getTweeterTweet);
app.get('/api/findTagRegistered', api.findTagRegistered);
app.get('/api/findTagDefault', api.findTagDefault);
app.get('/api/findTagAll', api.findTagAll);
app.get('/api/findCategoriesDefault', api.findCategoriesDefault);
app.get('/api/findCategoriesAll', api.findCategoriesAll);
app.get('/api/readCount/:name', api.readCount);
app.post('/api/findUserById', api.findUserById);
app.post('/api/readOverallRanking', api.readOverallRanking);
app.post('/api/registerTag', api.registerTag);
app.post('/api/createFavorite', api.createFavorite);
app.post('/api/statusesRetweet', api.statusesRetweet);
app.post('/api/download', api.download);
app.post('/api/downloadZip', api.downloadZip);
// redirect all others to the index (HTML5 history)
app.get('*', routes.index);
/**
* Start Server
*/
http.createServer(app).listen(app.get('port'), function () {
console.log('Express server listening on port ' + app.get('port'));
});
}
const express = require('express');
const bodyParser = require('body-parser');
const compression = require('compression');
commander
.option('-c, --config <file>', 'configuration file path', './config/config-dist.js')
.parse(process.argv);
// eslint-disable-next-line
const config = require(commander.config);
if (config) {
const app = express();
app.use(bodyParser.json());
app.use(compression({
threshold: 512,
}));
// eslint-disable-next-line
let webRouter = require('./routes/web');
webRouter.setConfig(config);
// Routes
// * Add more routes here
app.use('/', webRouter);
// Start the server -------------------------------
const server = app.listen(config.app.port, () => {
const serverAddress = server.address();
const { address: host } = serverAddress;
const { port } = serverAddress;
defaultSrc: ["'self'"],
scriptSrc: ["'self'"],
styleSrc: ["'self'"],
imgSrc: ["'self'"],
connectSrc: ["'self'", 'ws:'],
fontSrc: ["'self'"],
objectSrc: ["'none'"],
mediaSrc: ["'none'"],
frameSrc: ["'none'"],
}));
server.use(helmet.xssFilter());
server.use(helmet.frameguard('deny'));
server.use(helmet.ieNoOpen());
server.use(helmet.noSniff());
server.use(cookieParser());
server.use(compression());
// Stub for assets, in case running in dev mode.
let assets;
// Webpack (for development)
if (isDeveloping) {
server.use(morgan('dev'));
const compiler = webpack(config);
const middleware = webpackMiddleware(compiler, {
publicPath: config.output.publicPath,
contentBase: 'src',
stats: {
colors: true,
hash: false,
timings: true,
module.exports = function(app) {
var env = app.get('env');
app.engine('html', require('ejs').renderFile);
app.set('view engine', 'html');
app.use(compression());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(methodOverride());
app.use(cookieParser());
// Add passport auth library
app.use(passport.initialize());
app.use(passport.session());
// Enable CORS
app.use(cors());
// Persist sessions with mongoStore / sequelizeStore
// We need to enable sessions for passport-twitter because it's an
// oauth 1.0 strategy, and Lusca depends on sessions
app.use(session({
secret: config.secrets.session,
saveUninitialized: true,
resave: false,
store: new mongoStore({
mongooseConnection: mongoose.connection,
//db: 'gestion-web2-end-point'
db: 'gestionweb2'
})
}));
/**
* Lusca - express server security
* https://github.com/krakenjs/lusca
*/
// if ('test' !== env) {
// app.use(lusca({
// csrf: {
// angular: true
// },
// xframe: 'SAMEORIGIN',
// hsts: {
// maxAge: 31536000, //1 year, in seconds
// includeSubDomains: true,
// preload: true
// },
// xssProtection: true
// }));
// }
// Disable csrf
if ('test' !== env) {
app.use(lusca({
csrf: false,
xframe: 'SAMEORIGIN',
xssProtection: true
}));
}
app.set('appPath', path.join(config.root, 'client'));
if ('production' === env) {
app.use(favicon(path.join(config.root, 'client', 'favicon.ico')));
app.use(express.static(app.get('appPath')));
app.use(morgan('dev'));
}
if ('development' === env) {
app.use(require('connect-livereload')());
}
if ('development' === env || 'test' === env) {
app.use(express.static(path.join(config.root, '.tmp')));
app.use(express.static(app.get('appPath')));
app.use(morgan('dev'));
app.use(errorHandler()); // Error handler - has to be last
}
};
import ResponseObject from '../server/Helpers/ResponseObject';
const app = express();
const debug = require('debug')('chatify-server:index');
if (envConfig.env === 'development') {
app.use(logger('dev'));
}
// parse body params and attache them to req.body
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// initializing passport
app.use(passport.initialize());
// enable CORS - Cross Origin Resource Sharing
// app.use(cors());
app.use(cors({
origin: true,
methods: 'GET, POST, OPTIONS, PUT, DELETE, PATCH',
allowedHeaders: 'Origin, Content-Type, Accept, Authorization, X-Request-With, Content-Range, Content-Disposition, Content-Description',
credentials: true,
.default('h', '0.0.0.0')
.alias('p', 'port')
.default('p', '8000')
.alias('r', 'root')
.string('r')
.default('r', './')
.argv
argv.root = path.join(__dirname, argv.root)
var server = express()
server.disable('x-powered-by')
// compress output
server.use(compression({
threshold: 512
}))
server.use(cookieParser())
server.use(serveStatic(argv.root))
//server.use(express.static(argv.root));
// on capture les erreurs eventuelles et on les passe handler suivant
server.use(function(req, res, next) {
var err = new Error('Not Found')
err.status = 404
next(err)
})
server.use(function(err, req, res, next) {