module.exports = function (app, passport) { // Compression middleware (should be placed before express.static) /* app.use(compression({ threshold: 512 })); */ // Static files middleware app.use(compression()); console.log('config-root: ' + config.root); app.use(serveStatic(config.root + '/public')); //app.use(express.static(__dirname + '/public')); // Use winston on production var log; if (env !== 'development') { log = { stream: { write: function (message, encoding) { winston.info(message); } } }; } else { log = { format: 'dev' }; } // Don't log during tests // Logging middleware if (env !== 'test') app.use(morgan(log)); // Swig templating engine settings if (env === 'development' || env === 'test') { swig.setDefaults({ cache: false }); } // set views path, template engine and default layout app.engine('html', swig.renderFile); app.set('views', config.root + '/'); app.set('view engine', 'html'); // expose package.json to views app.use(function (req, res, next) { res.locals.pkg = pkg; res.locals.env = env; next(); }); // cookieParser should be above session app.use(cookieParser()); // bodyParser should be above methodOverride //app.use(bodyParser()); app.use(bodyParser.json({})); app.use(methodOverride(function (req, res) { if (req.body && typeof req.body === 'object' && '_method' in req.body) { // look in urlencoded POST bodies and delete it var method = req.body._method; delete req.body._method; return method; } })); // express/mongo session storage app.use(session({ secret: pkg.name, store: new mongoStore({ url: config.db, collection : 'sessions' }) })); // use passport session app.use(passport.initialize()); app.use(passport.session()); // connect flash for flash messages - should be declared after sessions app.use(flash()); // should be declared after session and flash app.use(helpers(pkg.name)); // adds CSRF support /* if (process.env.NODE_ENV !== 'test') { app.use(csrf()); // This could be moved to view-helpers :-) app.use(function(req, res, next){ res.locals.csrf_token = req.csrfToken(); next(); }); } */ };
module.exports = function(db) { // Initialize express app var app = express(); // Globbing model files config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) { require(path.resolve(modelPath)); }); // Setting application local variables app.locals.title = config.app.title; app.locals.description = config.app.description; app.locals.keywords = config.app.keywords; app.locals.facebookAppId = config.facebook.clientID; app.locals.jsFiles = config.getJavaScriptAssets(); app.locals.cssFiles = config.getCSSAssets(); // Passing the request url to environment locals app.use(function(req, res, next) { res.locals.url = req.protocol + '://' + req.headers.host + req.url; next(); }); // Should be placed before express.static app.use(compression({ // only compress files for the following content types filter: function(req, res) { return (/json|text|javascript|css/).test(res.getHeader('Content-Type')); }, // zlib option for compression level level: 3 })); // Showing stack errors app.set('showStackError', true); // Set swig as the template engine //app.engine('server.view.html', consolidate[config.templateEngine]); // Set views path and view engine //app.set('view engine', 'server.view.html'); //app.set('views', './app/views'); app.engine('html', consolidate[config.templateEngine]); // Set views path and view engine app.set('view engine', 'html'); app.set('views', './ui/build'); // Enable logger (morgan) app.use(morgan(logger.getLogFormat(), logger.getLogOptions())); // Environment dependent middleware if (process.env.NODE_ENV === 'development') { // Disable views cache app.set('view cache', false); } else if (process.env.NODE_ENV === 'production') { app.locals.cache = 'memory'; } // Request body parsing middleware should be above methodOverride app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); app.use(methodOverride()); // Use helmet to secure Express headers app.use(helmet.xframe()); app.use(helmet.xssFilter()); app.use(helmet.nosniff()); app.use(helmet.ienoopen()); app.disable('x-powered-by'); // Setting the app router and static folder app.use('/inflo',express.static(path.resolve('./ui/build'))); // CookieParser should be above session app.use(cookieParser()); // Express MongoDB session storage app.use(session({ saveUninitialized: true, resave: true, secret: config.sessionSecret, store: new mongoStore({ db: db.connection.db, collection: config.sessionCollection }), cookie: config.sessionCookie, name: config.sessionName })); // use passport session app.use(passport.initialize()); app.use(passport.session()); // connect flash for flash messages app.use(flash()); // Globbing routing files config.getGlobbedFiles('./app/routes/**/*.js').forEach(function(routePath) { require(path.resolve(routePath))(app); }); // Assume 'not found' in the error msgs is a 404. this is somewhat silly, but valid, you can do whatever you like, set properties, use instanceof etc. app.use(function(err, req, res, next) { // If the error object doesn't exists if (!err) return next(); // Log it console.error(err.stack); // Error page res.status(500).render('500', { error: err.stack }); }); // Assume 404 since no middleware responded app.use(function(req, res) { res.status(404).render('404', { url: req.originalUrl, error: 'Not Found' }); }); if (process.env.NODE_ENV === 'secure') { // Load SSL key and certificate var privateKey = fs.readFileSync('./config/sslcerts/key.pem', 'utf8'); var certificate = fs.readFileSync('./config/sslcerts/cert.pem', 'utf8'); // Create HTTPS Server var httpsServer = https.createServer({ key: privateKey, cert: certificate }, app); // Return HTTPS server instance return httpsServer; } // Return Express server instance return app; };
module.exports = function (app, express, passport) { var allowCrossDomain = function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header('Access-Control-Allow-Credentials', true) res.header("Access-Control-Allow-Headers", "X-Requested-With"); next(); }; // settings app.set('env', env); app.set('port', app.config.server.port || 3000); app.set('hostIp', app.config.server.hostname || '127.0.0.1'); app.set('views', path.join(__dirname, '../../app/views')); app.set('view engine', 'jade'); app.enable('trust proxy'); app.disable('x-powered-by'); // Express use middlewares app.use(favicon(path.join(__dirname, '../../public/favicon.png'))); app.use(allowCrossDomain); if (env === 'development') { app.use(morgan('dev')) } else { app.use(morgan('combined', { skip: function (req, res) { return res.statusCode < 400 }, stream: require('fs').createWriteStream( app.config.root + '/access.log', {flags: 'a'}) })) }; app.use(bodyParser.urlencoded({extended: true})) app.use(bodyParser.json()) app.use(multer()) app.use(expressValidator()) app.use(methodOverride()) app.use(cookieParser('abrac1212sdfsllqwzqwAAwerwrsdqxkk')); app.use(session({ name: [pkg.name,'.sid'].join(), resave: true, saveUninitialized: true, secret: pkg.name, genid: function(req) { return require('node-uuid').v4() // use UUIDs for session IDs }, store: new MongoStore({ url: app.config.database.url, collection : 'sessions' }) })); // use passport session app.use(passport.initialize()); app.use(passport.session({ maxAge: new Date(Date.now() + 3600000) })); app.use(flash()); var csrfExclude = ['/api/trick/import']; app.use(function(req, res, next) { var path = req.path.split('/')[1]; if (/api/i.test(path)) { return next(); } else { if (_.contains(csrfExclude, req.path)) return next(); csrf(req, res, next); } }); app.use(views_helpers(pkg.name)); app.use(function (req, res, next) { res.locals.pkg = pkg; res.locals.NODE_ENV = env; res.locals.moment = require('moment'); if(_.isObject(req.user)) { res.locals.User = req.user } next() }); app.use(express.static(path.normalize(__dirname + '/../../public'))); /** ROUTES Apps */ app.use(routes); // will print stacktrace if (app.get('env') === 'development') { app.use(responseTime()); } else { app.use(compression({ filter: function (req, res) { return /json|text|javascript|css/.test(res.getHeader('Content-Type')) }, level: 9 })) } app.use(function handleNotFound(req, res, next){ res.status(404); if (req.accepts('html')) { res.render('404', { url: req.url, error: '404 Not found' }); return; } if (req.accepts('json')) { res.send({ error: 'Not found' }); return; } res.type('txt').send('Not found'); }) if (env === 'development') { app.use(errorHandler()); } else { app.use(function logErrors(err, req, res, next){ if (err.status === 404) { return next(err) } console.error(err.stack) next(err) }) app.use(function respondError(err, req, res, next){ var status, message status = err.status || 500; res.status(status); message = ((err.productionMessage && err.message) || err.customProductionMessage) if (!message) { if (status === 403) { message = 'Not allowed' } else { message = 'Oops, there was a problem!' } } if (req.accepts('json')) { res.send({error: message}) return } else { res.type('txt').send(message + '\n') return } }) } }
(function () { "use strict"; var express = require('express'), morgan = require('morgan'), bodyParser = require('body-parser'), methodOverride = require('method-override'), cookieParser = require('cookie-parser'), expressLayout = require('express3-ejs-layout'), compression = require('compression'), app = express(), route = require("./server/route"), config = require("./server/config"), kits = require("./server/kits"), appPackage = require("./package.json"), localsApp = { title : config.title, version: appPackage.version, env : config.env, baseUrl: config.baseUrl }; app.use(compression()); app.use(bodyParser()); app.use(methodOverride()); app.use(cookieParser(config.cookieSecret)); app.set('views', __dirname + '/web/view'); app.use(express.static(__dirname + '/web/static'));// {maxAge: 31557600000} app.set('view engine', 'html'); app.engine('html', require('ejs').renderFile); app.use(expressLayout); app.set('layout', 'layout'); app.set("env", config.env); app.disable("x-powered-by"); //启用反向代理 app.enable('trust proxy'); morgan.token('data', function (req) { return "params:" + JSON.stringify(req.params) + ",query:" + JSON.stringify(req.query) + ",body:" + JSON.stringify(req.body); }); morgan.token('date', function () { var now = new Date(); return now.getFullYear() + "-" + (now.getMonth() + 1) + "-" + now.getDate() + " " + now.getHours() + ":" + now.getMinutes() + ":" + now.getSeconds(); }); morgan.token('operationId', function (req) { return req.context ? req.context.operationId : "null"; }); if ('development' === config.env) { app.use(morgan({ format: ':method :url :status :remote-addr [:date][:response-time ms] [:operationId]', stream: { write: kits.logger.info } })); localsApp.siteScripts = config.siteScripts; } else { app.use(morgan({ format: ':method :url :status :remote-addr [:date][:response-time ms] [:operationId]', stream: { write: kits.logger.info } })); } app.locals.app = localsApp; //初始化路由 route(app); //create server app.listen(config.port, function () { kits.logger.info('ng-nice server listening on port ' + config.port + " in env " + config.env); }); if (config.env === 'production') { process.on("uncaughtException", function (err) { kits.logger.info("process uncaughtException:" + err); }); } })();
export const primus = (() => { if(process.env.NO_START_GAME) return; const ip = _(require('os').networkInterfaces()) .values() .flatten() .filter(val => val.family === 'IPv4' && val.internal === false) .map('address') .first(); if(ip) { console.log(`Your IP is: ${ip}` + (process.env.QUIET ? ' (quiet mode. ssh...)' : '')); } const express = require('express'); const compression = require('compression'); const serve = express(); serve.use(compression(), express.static('assets')); serve.get('/online', (req, res) => { try { res.set({ 'Cache-Control': 'public, max-age=86400' }); res.json({ players: GameState.getInstance().getPlayers().length, sparks: primus.connected }); } catch (e) { res.send(e); } }); const finalhandler = require('finalhandler'); // load primus const server = require('http').createServer((req, res) => { res.setHeader('Access-Control-Allow-Origin', '*'); serve(req, res, finalhandler(req, res)); }); server.listen(process.env.PORT || 8080); const primus = new Primus(server, { iknowhttpsisbetter: true, parser: 'JSON', transformer: 'websockets' }); // load socket functions const normalizedPath = require('path').join(__dirname, '..'); const getAllSocketFunctions = (dir) => { let results = []; const list = fs.readdirSync(dir); _.each(list, basefilename => { const filename = `${dir}/${basefilename}`; const stat = fs.statSync(filename); if(stat && stat.isDirectory()) results = results.concat(getAllSocketFunctions(filename)); else if(_.includes(basefilename, '.socket')) results.push(filename); }); return results; }; const allSocketFunctions = getAllSocketFunctions(normalizedPath); const allSocketRequires = _.map(allSocketFunctions, require); primus.use('rooms', Rooms); primus.use('emit', Emit); primus.players = {}; primus.addPlayer = (playerName, spark) => { if(!primus.players[playerName]) primus.players[playerName] = []; primus.players[playerName].push(spark); }; primus.delPlayer = (playerName, spark) => { primus.players[playerName] = _.without(primus.players[playerName], spark); }; primus.emitToPlayers = (players = [], data) => { _.each(players, player => { _.each(primus.players[player], spark => { spark.write(data); }); }); }; // primus.use('multiplex', Multiplex); // force setting up the global connection new (require('../shared/db-wrapper').DbWrapper)().connectionPromise(); primus.on('connection', spark => { const respond = (data) => { spark.write(data); }; _.each(allSocketRequires, obj => obj.socket(spark, primus, (data) => { data.event = obj.event; respond(data); // kill global sparks after 5 seconds if(_.includes(obj.event, 'plugin:global')) { setTimeout(() => { spark.end(); }, 5000); } })); spark.on('error', e => { Logger.error('Spark', e); }); setTimeout(() => { if(spark.authToken || spark._registering) return; spark.end(); }, 10000); // spark.join('adventurelog'); }); if(process.env.NODE_ENV !== 'production') { _.each(['Play', 'Global'], root => { const path = require('path').join(__dirname, '..', '..', root); fs.stat(path, e => { if(e) return; primus.save(`${path}/primus.gen.js`); }); }); } return primus; })();
hostname: 'localhost', port: 6379 }; var redisPASS; if (process.env.REDISCLOUD_URL) { redisURL = url.parse(process.env.REDISCLOUD_URL); redisPASS = redisURL.auth.split(":")[1]; } var router = require('./router.js'); var port = process.env.PORT || process.env.NODE_PORT || 3000; var app = express(); app.use('/assets', express.static(path.resolve(__dirname+'/../client/'))); app.use(compression()); app.use(bodyParser.urlencoded({ extended: true })); app.use(session({ key: "sessionid", store: new RedisStore({ host: redisURL.hostname, port: redisURL.port, pass: redisPASS }), secret: 'YouDJ', resave: true, saveUninitialized: true, cookie: { httpOnly: true
export default function(app) { var env = app.get('env'); app.set('views', config.root + '/server/views'); app.engine('html', require('ejs').renderFile); app.set('view engine', 'html'); app.use(compression()); app.use(bodyParser.urlencoded({ extended: false })); app.use(bodyParser.json()); app.use(methodOverride()); app.use(cookieParser()); // Persist sessions with MongoStore / sequelizeStore // We need to enable sessions for passport-twitter because it's an // oauth 1.0 strategy, and Lusca depends on sessions app.use(session({ secret: config.secrets.session, saveUninitialized: true, resave: false, store: new MongoStore({ mongooseConnection: mongoose.connection, db: 'myapp' }) })); /** * Lusca - express server security * https://github.com/krakenjs/lusca */ if (env !== 'test' && !process.env.SAUCE_USERNAME) { app.use(lusca({ csrf: { angular: true }, xframe: 'SAMEORIGIN', hsts: { maxAge: 31536000, //1 year, in seconds includeSubDomains: true, preload: true }, xssProtection: true })); } app.set('appPath', path.join(config.root, 'client')); if ('production' === env) { app.use(favicon(path.join(config.root, 'client', 'favicon.ico'))); app.use(express.static(app.get('appPath'))); app.use(morgan('dev')); } if ('development' === env) { app.use(require('connect-livereload')({ ignore: [ /^\/api\/(.*)/, /\.js(\?.*)?$/, /\.css(\?.*)?$/, /\.svg(\?.*)?$/, /\.ico(\?.*)?$/, /\.woff(\?.*)?$/, /\.png(\?.*)?$/, /\.jpg(\?.*)?$/, /\.jpeg(\?.*)?$/, /\.gif(\?.*)?$/, /\.pdf(\?.*)?$/ ] })); } if ('development' === env || 'test' === env) { app.use(express.static(path.join(config.root, '.tmp'))); app.use(express.static(app.get('appPath'))); app.use(morgan('dev')); app.use(errorHandler()); // Error handler - has to be last } }
module.exports = function (app, passport) { // Compression middleware (should be placed before express.static) app.use(compression({ threshold: 512 })); // Static files middleware app.use(express.static(config.root + '/public')); // Use winston on production let log = 'dev'; if (env !== 'development') { log = { stream: { write: message => winston.info(message) } }; } // Don't log during tests // Logging middleware if (env !== 'test') app.use(morgan(log)); // Swig template engine settings if (env === 'development' || env === 'test') { swig.setDefaults({ cache: false }); } // set views path, template engine and default layout app.engine('html', swig.renderFile); app.set('views', config.root + '/views'); app.set('view engine', 'html'); // expose package.json and environment to views (why ?!) app.use(function (req, res, next) { res.locals.pkg = pkg; res.locals.env = env; next(); }); // bodyParser should be above methodOverride app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(multer().array('image', 1)); app.use(methodOverride(function (req) { if (req.body && typeof req.body === 'object' && '_method' in req.body) { // look in urlencoded POST bodies and delete it var method = req.body._method; delete req.body._method; return method; } })); // CookieParser should be above session app.use(cookieParser()); app.use(cookieSession({ secret: 'secret' })); app.use(session({ resave: true, saveUninitialized: true, secret: pkg.name, store: new mongoStore({ url: config.db, collection : 'sessions' }) })); // use passport session app.use(passport.initialize()); app.use(passport.session()); // connect flash for flash messages - should be declared after sessions app.use(flash()); // should be declared after session and flash app.use(helpers(pkg.name)); if (env !== 'test') { app.use(csrf()); // This could be moved to view-helpers :-) app.use(function (req, res, next) { res.locals.csrf_token = req.csrfToken(); next(); }); } };
init.pageCompression = function () { if (appconfig.settings().expressCompression) { app.use(compress()); } };
/** * App config */ function Config(app) { log("* config:store app related envs"); app.set('appEnv', appEnv); log("* config:showStackError"); app.set('showStackError', true); // must be placed before express.static log("* config:compress"); var compress = require('compression') app.use(compress({ filter: function(req, res) { return /json|text|javascript|css/.test(res.getHeader('Content-Type')) }, level: 9 })) log('* config:port as %d', appEnv.PORT); app.set('port', appEnv.PORT); log('* config:view_engine as %s', 'ejs'); var expressLayouts = require('express3-ejs-layout'); app.set('views', paths.views); app.set('view engine', 'ejs'); app.use(expressLayouts); log('* config:express.static'); app.use(express.static(paths.public)) log('* config:cookie_parser'); var cookieParser = require('cookie-parser'); app.use(cookieParser()); log('* config:logger'); app.use(morgan('dev')); log('* config:bodyParser:methodOverride'); var bodyParser = require('body-parser'); var methodOverride = require('method-override'); app.use(bodyParser()); app.use(methodOverride()); log('* config:session'); // sessions var session = require('express-session'); var MongoStore = require('connect-mongo')(session); app.set('sessionStore', new MongoStore({ url: appEnv.MONGODB_URI, collection: 'sessions', mongooseConnection: mongoose.connection })); app.use(session({ secret: appEnv.SESSION_SECRET, store: app.get('sessionStore') })); log('* config:passport'); var passport = require('passport'); app.use(passport.initialize()); app.use(passport.session()); log('* config:flash_messages'); var flash = require('connect-flash'); app.use(flash()); log('* config:CSRF unless env == \'test\''); if (appEnv.NODE_ENV !== 'test') { var csrf = require('csurf'); app.use(csrf()) app.use(function(req, res, next){ res.locals.csrf_token = req.csrfToken(); next(); }) } log('* config:error_handler if env == \'development\''); if (appEnv.NODE_ENV === 'dev') { var errorHandler = require('errorhandler') app.use( errorHandler({ dumpExceptions: true, showStack: true }) ); app.locals.pretty = true } return app; }
module.exports = function(db) { // Initialize express app var app = express(); // Globbing model files config.getGlobbedFiles('./app/models/**/*.js').forEach(function(modelPath) { require(path.resolve(modelPath)); }); // Setting application local variables from loaded config.js file, which has got variables from // env/all.js app.locals.title = config.app.title; app.locals.description = config.app.description; app.locals.keywords = config.app.keywords; app.locals.facebookAppId = config.facebook.clientID; app.locals.jsFiles = config.getJavaScriptAssets(); // get all public/lib/ public/modules/ js files app.locals.cssFiles = config.getCSSAssets(); // get all public/lib/ public/modules/ css files // Passing the request url to environment locals app.use(function(req, res, next) { res.locals.url = req.protocol + '://' + req.headers.host + req.url; next(); }); // Should be placed before express.static app.use(compress({ filter: function(req, res) { return (/json|text|javascript|css/).test(res.getHeader('Content-Type')); }, level: 9 })); // Showing stack errors // i think it should not be seen in case of production app.set('showStackError', true); // Set swig as the template engine app.engine('server.view.html', consolidate[config.templateEngine]); // Set views path and view engine app.set('view engine', 'server.view.html'); app.set('views', './app/views'); // Environment dependent middleware if (process.env.NODE_ENV === 'development') { // Enable logger (morgan) app.use(morgan('dev')); // Disable views cache app.set('view cache', false); } else if (process.env.NODE_ENV === 'production') { app.locals.cache = 'memory'; } // Request body parsing middleware should be above methodOverride app.use(bodyParser.urlencoded({ extended: true })); app.use(bodyParser.json()); app.use(methodOverride()); // CookieParser should be above session app.use(cookieParser()); // Express MongoDB session storage app.use(session({ saveUninitialized: true, resave: true, secret: config.sessionSecret, // env/all.js contains sessionSecret store: new mongoStore({ db: db.connection.db, // development.js/production.js/test.js has db field which gets in config.js // i think db.connection.db value is not present, don't know how it will work collection: config.sessionCollection }) })); // use passport session app.use(passport.initialize()); app.use(passport.session()); // persistent login sessions // // use connect-flash for flash messages stored in session app.use(flash()); // Use helmet to secure Express headers app.use(helmet.xframe()); app.use(helmet.xssFilter()); app.use(helmet.nosniff()); app.use(helmet.ienoopen()); app.disable('x-powered-by'); // Setting the app router and static folder app.use(express.static(path.resolve('./public'))); // Globbing routing files, // here we are auto loading the server route files // i think, these route files use controllers, which load views, views use models for data config.getGlobbedFiles('./app/routes/**/*.js').forEach(function(routePath) { require(path.resolve(routePath))(app); }); // Assume 'not found' in the error msgs is a 404. this is somewhat silly, but valid, you can do whatever you like, set properties, use instanceof etc. app.use(function(err, req, res, next) { // If the error object doesn't exists if (!err) return next(); // Log it console.error(err.stack); // Error page res.status(500).render('500', { // don't know why they haven't used full name 500.server.view.html, how using '500' only works error: err.stack }); }); // Assume 404 since no middleware responded app.use(function(req, res) { res.status(404).render('404', { url: req.originalUrl, error: 'Not Found' }); }); return app; };
module.exports = function(app, config) { var env = process.env.NODE_ENV || 'development'; app.locals.ENV = env; app.locals.ENV_DEVELOPMENT = env == 'development'; app.disable('x-powered-by'); app.set('views', config.root + '/app/views'); app.set('view engine', 'jade'); const sopts = { secret: 'gdealisthebestdeal', saveUninitialied: true, resave: true, key: 'sid', cookie: {httpOnly: true, maxAge: 259200000}, store: new RedisStore({prefix: 'session:', ttl: 10800}) }; // app.use(favicon(config.root + '/public/img/favicon.ico')); app.use(logger('dev')); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(cookieParser()); app.use(compress()); app.use(express.static(config.root + '/public')); app.use(methodOverride()); app.use(session(sopts)); app.use(passport.initialize()); app.use(passport.session()); app.use((req, res, next) => { //TODO: this should probably be in middlewares instead. if (!req.isAuthenticated) { return next(); } res.locals.user = req.user; res.locals.session = req.session; next(); }); const controllers = glob.sync(config.root + '/app/controllers/*.js'); controllers.forEach(function (controller) { require(controller)(app); }); app.use((req, res, next) => { var err = new Error('Not Found'); err.status = 404; next(err); }); if (app.get('env') === 'development') { app.use((err, req, res) => { res.status(err.status || 500); res.render('error', { message: err.message, error: err, title: 'error' }); }); } app.use((err, req, res) => { res.status(err.status || 500); res.render('error', { message: err.message, error: {}, title: 'error' }); }); };
module.exports = function(app, passport) { app.use(helmet()); app.use(requireHttps); // Compression middleware (should be placed before express.static) app.use( compression({ threshold: 512 }) ); app.use( cors({ origin: ['http://localhost:3000', 'https://reboil-demo.herokuapp.com'], optionsSuccessStatus: 200, // some legacy browsers (IE11, various SmartTVs) choke on 204 credentials: true }) ); // Static files middleware app.use(express.static(config.root + '/public')); // Use winston on production let log = 'dev'; if (env !== 'development') { log = { stream: { write: message => winston.info(message) } }; } // Don't log during tests // Logging middleware if (env !== 'test') app.use(morgan(log)); // set views path, template engine and default layout app.set('views', config.root + '/app/views'); app.set('view engine', 'pug'); // expose package.json to views app.use(function(req, res, next) { res.locals.pkg = pkg; res.locals.env = env; next(); }); // bodyParser should be above methodOverride app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(upload.single('image')); app.use( methodOverride(function(req) { if (req.body && typeof req.body === 'object' && '_method' in req.body) { // look in urlencoded POST bodies and delete it var method = req.body._method; delete req.body._method; return method; } }) ); // CookieParser should be above session app.use(cookieParser()); app.use( session({ resave: false, saveUninitialized: true, secret: pkg.name, store: new mongoStore({ url: config.db, collection: 'sessions' }) }) ); // use passport session app.use(passport.initialize()); app.use(passport.session()); // connect flash for flash messages - should be declared after sessions app.use(flash()); // should be declared after session and flash app.use(helpers(pkg.name)); if (env !== 'test') { app.use(csrf()); // This could be moved to view-helpers :-) app.use(function(req, res, next) { res.locals.csrf_token = req.csrfToken(); res.locals.paginate = ultimatePagination.getPaginationModel; next(); }); } if (env === 'development') { app.locals.pretty = true; } };
bodyParser = require('body-parser'), compress = require('compression'), cors = require('cors'), errorHandler = require('./services/errorHandler'), favicon = require('static-favicon'), fileServer = require('serve-static'), http = require('http'), isDev = app.get('env') === 'development', logger = require('morgan'), port = process.env['PORT'] || 7200, routes = require('./services/routes'); var appDir = __dirname + '/../'; // Our NG code app.use(bodyParser()); // body parser, json, and url encoding app.use(compress()); // Compress response data with gzip app.use(logger('dev')); // logger app.use(fileServer(process.cwd())); // Support static file content app.use(cors()); // enable ALL CORS requests app.use(errorHandler.init); app.use('/', express.static(appDir)); routes.init(app); if(isDev){ app.get('/test', function(req, res, next) { console.log(req.body); res.send('ping'); }); }
express: app, }) .addFilter('__', (...args) => i18n.__.apply(this, args)) .addFilter('__n', (...args) => i18n.__n.apply(this, args)); ///////////////////////////////////////////////////////////// // INIT MIDDLEWARES ///////////////////////////////////////////////////////////// app.use(bodyParser.json()); // get the data from a POST app.use(bodyParser.urlencoded({ extended: true })); // for parsing application/x-www-form-urlencoded app.use(methodOverride('_method')); // Use HTTP verbs such as PUT or DELETE app.use(helmet()); // Securing app with various HTTP headers app.use(hpp()); // Middleware to protect against HTTP Parameter Pollution attacks app.use(logger('dev')); // Morgan => dev | combined app.use(compression()); // Gzip app.use(slashes(false)); // Adding or removing trailing slashes from URL's end ///////////////////////////////////////////////////////////// // i18n translation ///////////////////////////////////////////////////////////// // https://www.reddit.com/r/node/comments/3m1f25/whats_the_best_practice_for_setting_up_routing/ i18n.configure({ // setup some locales - other locales default to en silently locales: ['en', 'hu'], // fall back from English to Hungarian //fallbacks: { en: 'hu' }, fallbacks: { en: 'en' }, // you may alter a site wide default locale defaultLocale: 'en',
/** * * Install: * npm install browser-sync compression * * Run: * node <yourfile.js> * * This example will proxy to your existing vhost * and serve gzipped responses * */ "use strict"; var browserSync = require("browser-sync").create(); var compression = require("compression"); browserSync.init({ files: ["app/css/*.css"], proxy: { target: "http://yourlocal.dev", middleware: compression() } });
exports.serve = function() { /** * Module dependencies */ var express = require('express') , bodyParser = require('body-parser') , methodOverride = require('method-override') , morgan = require('morgan') , cookieParser = require('cookie-parser') , session = require('express-session') , compression = require('compression') , MongoStore = require('connect-mongo')(session) , passport = require('passport') , TwitterStrategy = require('passport-twitter').Strategy , moment = require('moment') , routes = require('./routes') , api = require('./routes/api') , http = require('http') , path = require('path') , UserProvider = require('../lib/model').UserProvider , settings = process.env.NODE_ENV === "production" ? require("../lib/production") : require("../lib/development") ; var app = module.exports = express(); var env = process.env.NODE_ENV || 'development'; // development only if (env === 'development') { app.locals.pretty = true; } // production only if (env === 'production') { } /** * passport */ passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(obj, done) { done(null, obj); }); passport.use(new TwitterStrategy({ consumerKey: settings.TW_CONSUMER_KEY, consumerSecret: settings.TW_CONSUMER_SECRET, callbackURL: settings.CALLBACK_URL }, function(token, tokenSecret, profile, done) { profile.twitter_token = token; profile.twitter_token_secret = tokenSecret; UserProvider.upsert({ profile: profile }, function(err) { if(err) console.log(err); return done(null, profile); }); } )); var options = { secret: settings.COOKIE_SECRET, saveUninitialized: true, resave: false, store: new MongoStore({ url: process.env.MONGOHQ_URL || 'mongodb://127.0.0.1/1draw-ranking', "collection": "sessions", "clear_interval": 3600, "auto_reconnect": true }) }; var cacheOptions = { dotfiles: 'ignore', etag: false, extensions: ['htm', 'html', 'css', 'js'], index: false, maxAge: 0, redirect: false, setHeaders: function (res, path, stat) { res.set({ 'x-timestamp': Date.now() }); } }; /** * Configuration */ // all environments app.disable('x-powered-by'); app.set('port', process.env.PORT || 9000); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.use(morgan('dev')); app.use(cookieParser()); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(methodOverride()); app.use(session(options)); app.use(passport.initialize()); app.use(passport.session()); // gzip app.use(compression()) app.use(express.static(path.join(__dirname, 'public'), cacheOptions)); /** * Routes */ // Twitterの認証 app.get("/auth/twitter", passport.authenticate('twitter')); // Twitterからのcallback app.get("/auth/twitter/callback", passport.authenticate('twitter', { successRedirect: '/', failureRedirect: '/' })); app.get('/logout', routes.logout); // serve index and view partials app.get('/', routes.index); app.get('/partials/:name', routes.partials); // JSON API app.get('/api/readAll/:name', api.readAll); app.get('/api/readRanking/:name', api.readRanking); app.get('/api/readRankingAll/:name/:skip', api.readRankingAll); app.get('/api/readRankingAllCategory', api.readRankingAllCategory); app.get('/api/readUserPosts/:twitterIdStr', api.readUserPosts); app.get('/api/findUserDataByTwitterIdStr/:twitterIdStr', api.findUserDataByTwitterIdStr); app.get('/api/isAuthenticated', api.isAuthenticated); app.get('/api/getTweeterData/:twitterIdStr', api.getTweeterData); app.get('/api/getTweeterTweet/:twitterIdStr/:nextCursorId', api.getTweeterTweet); app.get('/api/findTagRegistered', api.findTagRegistered); app.get('/api/findTagDefault', api.findTagDefault); app.get('/api/findTagAll', api.findTagAll); app.get('/api/findCategoriesDefault', api.findCategoriesDefault); app.get('/api/findCategoriesAll', api.findCategoriesAll); app.get('/api/readCount/:name', api.readCount); app.post('/api/findUserById', api.findUserById); app.post('/api/readOverallRanking', api.readOverallRanking); app.post('/api/registerTag', api.registerTag); app.post('/api/createFavorite', api.createFavorite); app.post('/api/statusesRetweet', api.statusesRetweet); app.post('/api/download', api.download); app.post('/api/downloadZip', api.downloadZip); // redirect all others to the index (HTML5 history) app.get('*', routes.index); /** * Start Server */ http.createServer(app).listen(app.get('port'), function () { console.log('Express server listening on port ' + app.get('port')); }); }
const express = require('express'); const bodyParser = require('body-parser'); const compression = require('compression'); commander .option('-c, --config <file>', 'configuration file path', './config/config-dist.js') .parse(process.argv); // eslint-disable-next-line const config = require(commander.config); if (config) { const app = express(); app.use(bodyParser.json()); app.use(compression({ threshold: 512, })); // eslint-disable-next-line let webRouter = require('./routes/web'); webRouter.setConfig(config); // Routes // * Add more routes here app.use('/', webRouter); // Start the server ------------------------------- const server = app.listen(config.app.port, () => { const serverAddress = server.address(); const { address: host } = serverAddress; const { port } = serverAddress;
defaultSrc: ["'self'"], scriptSrc: ["'self'"], styleSrc: ["'self'"], imgSrc: ["'self'"], connectSrc: ["'self'", 'ws:'], fontSrc: ["'self'"], objectSrc: ["'none'"], mediaSrc: ["'none'"], frameSrc: ["'none'"], })); server.use(helmet.xssFilter()); server.use(helmet.frameguard('deny')); server.use(helmet.ieNoOpen()); server.use(helmet.noSniff()); server.use(cookieParser()); server.use(compression()); // Stub for assets, in case running in dev mode. let assets; // Webpack (for development) if (isDeveloping) { server.use(morgan('dev')); const compiler = webpack(config); const middleware = webpackMiddleware(compiler, { publicPath: config.output.publicPath, contentBase: 'src', stats: { colors: true, hash: false, timings: true,
module.exports = function(app) { var env = app.get('env'); app.engine('html', require('ejs').renderFile); app.set('view engine', 'html'); app.use(compression()); app.use(bodyParser.urlencoded({ extended: false })); app.use(bodyParser.json()); app.use(methodOverride()); app.use(cookieParser()); // Add passport auth library app.use(passport.initialize()); app.use(passport.session()); // Enable CORS app.use(cors()); // Persist sessions with mongoStore / sequelizeStore // We need to enable sessions for passport-twitter because it's an // oauth 1.0 strategy, and Lusca depends on sessions app.use(session({ secret: config.secrets.session, saveUninitialized: true, resave: false, store: new mongoStore({ mongooseConnection: mongoose.connection, //db: 'gestion-web2-end-point' db: 'gestionweb2' }) })); /** * Lusca - express server security * https://github.com/krakenjs/lusca */ // if ('test' !== env) { // app.use(lusca({ // csrf: { // angular: true // }, // xframe: 'SAMEORIGIN', // hsts: { // maxAge: 31536000, //1 year, in seconds // includeSubDomains: true, // preload: true // }, // xssProtection: true // })); // } // Disable csrf if ('test' !== env) { app.use(lusca({ csrf: false, xframe: 'SAMEORIGIN', xssProtection: true })); } app.set('appPath', path.join(config.root, 'client')); if ('production' === env) { app.use(favicon(path.join(config.root, 'client', 'favicon.ico'))); app.use(express.static(app.get('appPath'))); app.use(morgan('dev')); } if ('development' === env) { app.use(require('connect-livereload')()); } if ('development' === env || 'test' === env) { app.use(express.static(path.join(config.root, '.tmp'))); app.use(express.static(app.get('appPath'))); app.use(morgan('dev')); app.use(errorHandler()); // Error handler - has to be last } };
import ResponseObject from '../server/Helpers/ResponseObject'; const app = express(); const debug = require('debug')('chatify-server:index'); if (envConfig.env === 'development') { app.use(logger('dev')); } // parse body params and attache them to req.body app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(cookieParser()); app.use(compress()); app.use(methodOverride()); // secure apps by setting various HTTP headers app.use(helmet()); // initializing passport app.use(passport.initialize()); // enable CORS - Cross Origin Resource Sharing // app.use(cors()); app.use(cors({ origin: true, methods: 'GET, POST, OPTIONS, PUT, DELETE, PATCH', allowedHeaders: 'Origin, Content-Type, Accept, Authorization, X-Request-With, Content-Range, Content-Disposition, Content-Description', credentials: true,
.default('h', '0.0.0.0') .alias('p', 'port') .default('p', '8000') .alias('r', 'root') .string('r') .default('r', './') .argv argv.root = path.join(__dirname, argv.root) var server = express() server.disable('x-powered-by') // compress output server.use(compression({ threshold: 512 })) server.use(cookieParser()) server.use(serveStatic(argv.root)) //server.use(express.static(argv.root)); // on capture les erreurs eventuelles et on les passe handler suivant server.use(function(req, res, next) { var err = new Error('Not Found') err.status = 404 next(err) }) server.use(function(err, req, res, next) {