IcyNet.eu/server/server.js

import connectSession from 'connect-redis'
import session from 'express-session'
import favicon from 'serve-favicon'
import bodyParser from 'body-parser'
import express from 'express'
import crypto from 'crypto'
import path from 'path'

import routes from './routes'
import flash from '../scripts/flash'
import config from '../scripts/load-config'
import email from './api/emailer'

let app = express()
let SessionStore = connectSession(session)

app.enable('trust proxy', 1)

app.use(bodyParser.urlencoded({ extended: false }))
app.use(bodyParser.json())

app.use(flash())

app.disable('x-powered-by')

app.use(session({
  key: config.server.session_key,
  secret: config.server.session_secret,
  store: new SessionStore(config.redis),
  resave: false,
  saveUninitialized: true,
  cookie: {
    secure: process.env.NODE_ENV !== 'development',
    maxAge: 2678400000 // 1 month
  }
}))

app.use((req, res, next) => {
  // Inject a cleaner version of the user's IP Address into the request
  let ipAddr = req.headers['x-forwarded-for'] || req.connection.remoteAddress

  if (ipAddr.indexOf('::ffff:') !== -1) {
    ipAddr = ipAddr.replace('::ffff:', '')
  }

  req.realIP = ipAddr

  // Make sure CSRF token is present in the session
  if (!req.session.csrf) {
    req.session.csrf = crypto.randomBytes(12).toString('hex')
  }

  // Add user and csrf token into rendering information
  res.locals = Object.assign(res.locals, {
    user: req.session.user || null,
    csrf: req.session.csrf
  })

  // Add Piwik tracker if configured
  if (config.matomo && config.matomo.site_id) {
    res.locals.matomo = config.matomo
  }

  next()
})

app.use(favicon(path.join(__dirname, '..', 'static', 'image', 'icynet.ico')))

module.exports = (args) => {
  app.set('view options', {layout: false})
  app.set('view engine', 'pug')
  app.set('views', path.join(__dirname, '../views'))

  if (args.dev) {
    console.warn('Worker is in development mode')

    // Dev logger
    const morgan = require('morgan')
    app.use(morgan('dev'))
  }

  let staticAge = args.dev ? 1000 : 7 * 24 * 60 * 60 * 1000 // 1 week of cache in production

  // Static content directories, cache these requests.
  // It is also a good idea to use nginx to serve these directories in order to save on computing power
  app.use('/style', express.static(path.join(__dirname, '../build/style'), { maxAge: staticAge }))
  app.use('/script', express.static(path.join(__dirname, '../build/script'), { maxAge: staticAge }))
  app.use('/static', express.static(path.join(__dirname, '../static'), { maxAge: staticAge }))
  app.use('/usercontent', express.static(path.join(__dirname, '../usercontent'), { maxAge: staticAge }))

  app.use(routes)

  app.listen(args.port, () => {
    console.log('Listening on 0.0.0.0:' + args.port)

    // Initialize the email transporter (if configured)
    email.init()
  })
}
some icons 2017-09-07 18:30:52 +00:00			`import connectSession from 'connect-redis'`
initial webserver setup 2017-08-02 21:24:01 +00:00			`import session from 'express-session'`
some icons 2017-09-07 18:30:52 +00:00			`import favicon from 'serve-favicon'`
initial webserver setup 2017-08-02 21:24:01 +00:00			`import bodyParser from 'body-parser'`
some icons 2017-09-07 18:30:52 +00:00			`import express from 'express'`
initial webserver setup 2017-08-02 21:24:01 +00:00			`import crypto from 'crypto'`
some icons 2017-09-07 18:30:52 +00:00			`import path from 'path'`
initial webserver setup 2017-08-02 21:24:01 +00:00
			`import routes from './routes'`
			`import flash from '../scripts/flash'`
			`import config from '../scripts/load-config'`
emailer 2017-08-24 13:42:57 +00:00			`import email from './api/emailer'`
initial webserver setup 2017-08-02 21:24:01 +00:00
			`let app = express()`
			`let SessionStore = connectSession(session)`

			`app.enable('trust proxy', 1)`

			`app.use(bodyParser.urlencoded({ extended: false }))`
			`app.use(bodyParser.json())`

			`app.use(flash())`

			`app.disable('x-powered-by')`

			`app.use(session({`
			`key: config.server.session_key,`
			`secret: config.server.session_secret,`
			`store: new SessionStore(config.redis),`
			`resave: false,`
Fix session cookie, hopefully 2019-02-12 20:04:16 +00:00			`saveUninitialized: true,`
extend session expiry time, remove unused socials 2019-03-10 11:24:30 +00:00			`cookie: {`
			`secure: process.env.NODE_ENV !== 'development',`
it's in milliseconds.. 2019-03-10 11:25:09 +00:00			`maxAge: 2678400000 // 1 month`
extend session expiry time, remove unused socials 2019-03-10 11:24:30 +00:00			`}`
initial webserver setup 2017-08-02 21:24:01 +00:00			`}))`

			`app.use((req, res, next) => {`
more comments 2017-08-27 11:48:47 +00:00			`// Inject a cleaner version of the user's IP Address into the request`
initial webserver setup 2017-08-02 21:24:01 +00:00			`let ipAddr = req.headers['x-forwarded-for'] \|\| req.connection.remoteAddress`

			`if (ipAddr.indexOf('::ffff:') !== -1) {`
			`ipAddr = ipAddr.replace('::ffff:', '')`
			`}`

more comments 2017-08-27 11:48:47 +00:00			`req.realIP = ipAddr`

			`// Make sure CSRF token is present in the session`
initial webserver setup 2017-08-02 21:24:01 +00:00			`if (!req.session.csrf) {`
			`req.session.csrf = crypto.randomBytes(12).toString('hex')`
			`}`

more comments 2017-08-27 11:48:47 +00:00			`// Add user and csrf token into rendering information`
initial webserver setup 2017-08-02 21:24:01 +00:00			`res.locals = Object.assign(res.locals, {`
			`user: req.session.user \|\| null,`
			`csrf: req.session.csrf`
			`})`

piwik tracker config option 2017-08-31 12:32:00 +00:00			`// Add Piwik tracker if configured`
Slight style changes, piwik is now matomo 2018-01-27 10:19:06 +00:00			`if (config.matomo && config.matomo.site_id) {`
			`res.locals.matomo = config.matomo`
piwik tracker config option 2017-08-31 12:32:00 +00:00			`}`

initial webserver setup 2017-08-02 21:24:01 +00:00			`next()`
			`})`

some icons 2017-09-07 18:30:52 +00:00			`app.use(favicon(path.join(__dirname, '..', 'static', 'image', 'icynet.ico')))`

initial webserver setup 2017-08-02 21:24:01 +00:00			`module.exports = (args) => {`
			`app.set('view options', {layout: false})`
			`app.set('view engine', 'pug')`
			`app.set('views', path.join(__dirname, '../views'))`

add logger to dev mode 2017-11-07 16:52:12 +00:00			`if (args.dev) {`
even more minor changes and reorganizing 2017-12-01 11:35:47 +00:00			`console.warn('Worker is in development mode')`
add logger to dev mode 2017-11-07 16:52:12 +00:00
			`// Dev logger`
			`const morgan = require('morgan')`
			`app.use(morgan('dev'))`
			`}`

more comments 2017-08-27 11:48:47 +00:00			`let staticAge = args.dev ? 1000 : 7 * 24 * 60 * 60 * 1000 // 1 week of cache in production`
initial webserver setup 2017-08-02 21:24:01 +00:00
more comments 2017-08-27 11:48:47 +00:00			`// Static content directories, cache these requests.`
			`// It is also a good idea to use nginx to serve these directories in order to save on computing power`
initial webserver setup 2017-08-02 21:24:01 +00:00			`app.use('/style', express.static(path.join(__dirname, '../build/style'), { maxAge: staticAge }))`
			`app.use('/script', express.static(path.join(__dirname, '../build/script'), { maxAge: staticAge }))`
			`app.use('/static', express.static(path.join(__dirname, '../static'), { maxAge: staticAge }))`
avatars and some fixes 2017-08-25 16:42:30 +00:00			`app.use('/usercontent', express.static(path.join(__dirname, '../usercontent'), { maxAge: staticAge }))`
initial webserver setup 2017-08-02 21:24:01 +00:00
			`app.use(routes)`

			`app.listen(args.port, () => {`
			`console.log('Listening on 0.0.0.0:' + args.port)`
more comments 2017-08-27 11:48:47 +00:00
			`// Initialize the email transporter (if configured)`
emailer 2017-08-24 13:42:57 +00:00			`email.init()`
initial webserver setup 2017-08-02 21:24:01 +00:00			`})`
			`}`