module.exports = function (app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet());
app.use(helmet.frameguard({
action: 'allow-from',
domain: 'https://watson-experience.mybluemix.net/'
}));
// 3. rate limiting
var limiter = rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 20,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
}),
});
app.use('/api/', limiter);
};
module.exports = function(app) {
app.enable('trust proxy');
// 1. helmet with defaults
app.use(helmet({
cacheControl: false
}));
// Allow from a specific host:
app.use(helmet.frameguard({
action: 'allow-from',
domain: 'https://watson-experience.mybluemix.net/'
}));
// 2. rate-limit to /api/
app.use('/api/', rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 10
}));
// 3. csrf
var csrfProtection = csrf({
cookie: true
});
app.get('/*', csrfProtection, function(req, res, next) {
res.locals = {
ga: process.env.GOOGLE_ANALYTICS,
ct: req.csrfToken()
};
next();
});
};
module.exports = function (app) {
app.enable('trust proxy');
// 1. helmet with defaults
app.use(helmet({ cacheControl: false }));
// 2. rate limiting
app.use('/api/', rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 6,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
}),
}));
// 3. setup cookies
var secret = Math.random().toString(36).substring(7);
app.use(cookieParser(secret));
// 4. csrf
var csrfProtection = csrf({ cookie: true });
app.get('/', csrfProtection, function(req, res, next) {
console.log(req.csrfToken());
req._csrfToken = req.csrfToken();
next();
});
};
module.exports = function (app) {
// 1. helmet with defaults
app.use(helmet());
// 2. allow iframes
app.use(helmet.frameguard('allow-from', 'https://example-app-name.mybluemix.net'));
// 3. rate limiting
var limiter = rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 3,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
}),
});
// 4. csrf
var csrfProtection = csrf({ cookie: true });
app.get('/*', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
// 5. captcha
var captchaKeys = {
site: process.env.CAPTCHA_SITE || '<captcha-site>',
secret: process.env.CAPTCHA_SECRET || '<captcha-secret>',
};
var checkCaptcha = function(req, res, next) {
if (req.body && req.body.recaptcha) {
request({
url: 'https://www.google.com/recaptcha/api/siteverify',
method: 'POST',
form: {
secret: captchaKeys.secret,
response: req.body.recaptcha,
remoteip: req.ip
},
json: true
}, function(error, response, body) {
if (body.success) {
limiter.resetIp(req.ip);
next();
} else {
next({
code: 'EBADCSRFTOKEN',
error: 'Wrong captcha'
});
}
});
} else {
next();
}
};
app.use('/api/', csrfProtection, checkCaptcha, limiter);
};
module.exports = function (app) {
app.enable('trust proxy');
// 1. helmet with defaults
app.use(helmet({ cacheControl: false }));
app.use(helmet.frameguard('sameorigin'));
// 2. rate-limit to /api/
app.use('/api/', rateLimit({
windowMs: 60 * 1000, // seconds
delayMs: 0,
max: 10
}));
// 3. setup cookies
var secret = Math.random().toString(36).substring(7);
app.use(cookieParser(secret));
// 4. csrf
var csrfProtection = csrf({ cookie: true });
app.get('/*', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
};
module.exports = function(app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet());
// 3. setup cookies
var secret = Math.random().toString(36).substring(7);
app.use(cookieParser(secret));
// 4. csrf
// part 1: generate a csrf token for homepage views
var csrfProtection = csrf({cookie: true});
app.get('/', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
// part 2: require token on /api/* requests
app.use('/api/', csrfProtection);
// 5. rate limiting.
app.use('/api/', rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 3,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
})
}));
};
app.get('/api/baselayers/:layer', function(req, res, next) {
// Limit full/simple geom requests in production environmentes only
if ('production' === app.get('env')) {
switch (req.query.geom) {
case 'simple':
case 'full':
return baseLayerFullGeomLimiter(req, res, next);
}
}
next();
}, function(req, res) {
module.exports = function (app) {
app.use(secure());
app.use(helmet());
app.use('/api/', rateLimit({
windowMs: 60 * 1000, // seconds
delayMs: 0,
max: 10,
message: JSON.stringify({
error: 'Too many requests, please try again in 30 seconds.',
code: 429,
}),
}));
};
module.exports = function (app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet({ cacheControl: false }));
// 3. rate-limit to /api/
app.use('/api/', rateLimit({
windowMs: 60 * 1000, // seconds
delayMs: 0,
max: 15
}));
};
module.exports = function (app) {
app.use(secure());
app.use(helmet({
frameguard: false,
noCache: false
}));
const limiter = rateLimit({
windowMs: 60 * 1000, // seconds
delayMs: 0,
max: 10,
message: JSON.stringify({
error: 'Too many requests, please try again in 30 seconds.',
code: 429
})
});
app.use('/api/', limiter);
};
module.exports = function(app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet());
// 5. rate limiting.
app.use('/api/', rateLimit({
windowMs: 30 * 1000, // 30 seconds
delayMs: 0,
max: 3,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
})
}));
};
module.exports = function (app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet({ cacheControl: false }));
// 3. rate-limit to /api/
app.use('/api/', rateLimit({
windowMs: 60 * 1000, // seconds
delayMs: 0,
max: 15
}));
// 4. csrf
var csrfProtection = csrf({ cookie: true });
app.get('/', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
console.log(req.csrfToken());
next();
});
app.get('/test', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
app.get('/train', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
app.get('/use', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
};
module.exports = function (app) {
app.enable('trust proxy');
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet());
// Allow from a specific host:
app.use(helmet.frameguard({
action: 'allow-from',
domain: 'https://watson-experience.mybluemix.net/'
}));
// 3. rate-limit to /api/
app.use('/api/', rateLimit({
windowMs: 20 * 1000, // seconds
delayMs: 0,
max: 3
}));
};
var serviceClient = serviceSDK({ discoveryServers: DISCOVERY_SERVICE_URLS });
var app = express();
app.enable('trust proxy');
app.use(responseTime(function(req, res, time){
console.log('LOG: ' + req.method + ',' + req.url + ',' + res.statusCode + ',' + time);
}));
app.use(function(req, res, next){
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, DELETE, PUT');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
});
app.use(rateLimit({
windowMs: 60000,
delayMs: REQUEST_THROTTLE_MS,
max: MAX_REQUEST_PER_MINUTE,
global: true
}));
app.use(bodyParser.json());
var catalogItems = [];
var contractItems = [];
var catalogServiceBreaker = new CircuitBreaker({
timeoutDuration: 1000,
volumeThreshold: 1,
errorThreshold: 50
});
retryReplicate();
request = require('request'),
bodyParser = require('body-parser'),
compression = require('compression'),
RateLimit = require('express-rate-limit'),
hatchet = require("hatchet");
Habitat.load();
var app = express(),
env = new Habitat();
app.enable('trust proxy');
var limiter = RateLimit({
windowMs: 60 * 1000,
delayMs: 1000,
max: 5,
global: false
});
app.configure(function() {
app.use(compression());
app.use(express.static(__dirname + '/public', {maxAge: 3600000}));
app.use(bodyParser.json());
app.use(function(err, req, res, next) {
res.send(err);
});
});
app.post('/add-session', limiter, function (req, res) {
var sessionName = req.body.sessionName;
var firstName = req.body.firstName;
});
});
router.route('/karma')
.get(function(req, res) {
Post.where('user').equals(req.query.user).select('ups downs').exec(function(err, posts) {
if (err) res.send(err);
var karma = 0;
for (var i = 0; i < posts.length; i++) {
karma = karma + posts[i].ups - posts[i].downs;
}
res.json({ karma: karma });
});
});
// REGISTER ROUTES
// #############################################################################
app.use('/', router);
// Set rate limiter on token requests (deprecated)
app.get('/token', rateLimit(config.limiter), function(req, res) {
res.json({ token: 'foo' });
});
// START SERVER
// #############################################################################
app.listen(config.port);
console.log('Listening on port', config.port);
* limitations under the License.
*/
'use strict';
var express = require('express'),
app = express(),
extend = require('extend'),
watson = require('watson-developer-cloud'),
RateLimit = require('express-rate-limit');
app.enable('trust proxy');
var translateLimiter = RateLimit({
windowMs: 60 * 1000,
delayMs: 1,
max: 10,
global: false
});
var identifyLimiter = RateLimit({
windowMs: 60 * 1000,
delayMs: 1,
max: 10,
global: false
});
// Bootstrap application settings
require('./config/express')(app);
var language_translation = watson.language_translation({
url: 'https://gateway.watsonplatform.net/language-translation/api',
} from './env';
const app = express();
const server = http.Server(app);
const io = socket(server);
app.set('socket', io);
if (NODE_ENV === 'production') Raven.config(SENTRY_DSN).install();
/**
* @name middleware-functions
*/
app.use(helmet());
app.use(cors());
app.use(rateLimit({ max: Number(RATE_LIMIT), windowMs: 15 * 60 * 1000 }));
app.use(compression());
app.use(morgan('tiny'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(session({
store: new (connectRedis(session))({ client: redis }),
name: 'sid',
resave: true,
saveUninitialized: true,
secret: SECRET,
}));
app.use(passport.initialize());
app.use(passport.session());
io.origins(['*:*']);
module.exports = function (app) {
app.enable('trust proxy');
// 0. setup the logger
var logStream = fs.createWriteStream(__dirname + '/../access.log', {flags: 'a'});
app.use('/api/', morgan('combined', {stream: logStream}));
// 1. redirects http to https
app.use(secure());
// 2. helmet with defaults
app.use(helmet());
// 3. setup cookies
var secret = Math.random().toString(36).substring(7);
app.use(cookieParser(secret));
// 4. csrf
var csrfProtection = csrf({ cookie: true });
app.get('/', csrfProtection, function(req, res, next) {
req._csrfToken = req.csrfToken();
next();
});
// 5. rate limiting
var limiter = rateLimit({
windowMs: 30 * 1000, // seconds
delayMs: 0,
max: 6,
message: JSON.stringify({
error:'Too many requests, please try again in 30 seconds.',
code: 429
}),
});
// 6. captcha
var captchaKeys = {
site: process.env.CAPTCHA_SITE || '<captcha-site>',
secret: process.env.CAPTCHA_SECRET || '<captcha-secret>',
};
var checkCaptcha = function(req, res, next) {
if (req.body && req.body.recaptcha) {
request({
url: 'https://www.google.com/recaptcha/api/siteverify',
method: 'POST',
form: {
secret: captchaKeys.secret,
response: req.body.recaptcha,
remoteip: req.ip
},
json: true
}, function(error, response, body) {
if (body.success) {
limiter.resetIp(req.ip);
next();
} else {
next({
code: 'EBADCSRFTOKEN',
error: 'Wrong captcha'
});
}
});
} else {
next();
}
};
app.use('/api/', csrfProtection, checkCaptcha, limiter);
};