-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
126 lines (101 loc) · 3.43 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
var express = require('express');
var bodyParser = require('body-parser');
var multer = require('multer');
var findRemoveSync = require('find-remove');
var cfenv = require('cfenv');
var auth = require('basic-auth');
var session = require('client-sessions');
var https=require('https');
// Require logging module
var logger = require('./lib/logger.js');
// Load select login functions
var login = require('./lib/functions.js').login;
var dash_login = require('./lib/functions.js').dash_login;
// Where all uploaded files will be stored
var uploadDir = "./uploads/";
// Create express server object, add parsing middleware
var app = express();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
// Add websocket server to the application
var expressWs = require('express-ws')(app);
// Get the app environment from Cloud Foundry
var appEnv = cfenv.getAppEnv();
////////////////////////////////////////////////////
// Use client-side session middleware. Secret is an encryption key
app.use(session({
cookieName: 'session',
secret: 'JFuqTUOPdRNtYHc0c4YxXQNZ9CHGoP',
duration: 24 * 60 * 60 * 1000,
activeDuration: 5 * 60 * 1000
}));
// Load the router, pass it the websocket server instance, apply to app /api
var router = require('./lib/router.js');
router.setWsInstance(expressWs.getWss());
app.use('/api/', router);
// Enforce HTTPS when running in the cloud
app.enable('trust proxy');
if(!process.env.TEST && process.env.VCAP_SERVICES){
logger.info("Forcing HTTPS");
app.use (function (req, res, next) {
if (req.secure) {
// request was via https, so do no special handling
//logger.info("Request for " + req.url);
next();
} else {
// request was via http, so redirect to https
var x = 'https://' + req.headers.host + req.url;
logger.info("Redirecting to " + x);
res.redirect('https://' + req.headers.host + req.url);
}
});
}
// Login details should be posted, not a get
app.get('/login', function(req, res){
res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
res.status(400).send("Please login by POSTing username and password.\n");
});
// Post command for command-line interface (pi)
app.post('/login', login);
// Ensure that the dashboard restricts access
app.use('/dashboard/app', function(req, res, next){
if(req.session.user){
next();
} else if (auth(res)){
dash_login(req, res)
} else{
res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
res.status(401).send("Please provide username and password.\n");
}
});
app.get('/logs/*', function(req, res, next){
if(!req.session.user){
res.status(404).send();
} else {
next();
}
});
// Logout functionality
app.get('/logout', function(req, res){
req.session.reset();
res.header("Access-Control-Allow-Credentials", true);
res.status(200).send();
});
// Serve the files out of ./public as static files
app.use(express.static(__dirname + '/public'));
// Clean up uploads
function cleanUploads(){
try {
findRemoveSync(__dirname + '/' + uploadDir, {age: {seconds: 30}});
} catch (e){}
}
setInterval(function() {
logger.info("Checking "+ __dirname + '/' + uploadDir);
cleanUploads();
}, 120000);
module.exports = app;
// Start server on the specified port and binding host
var port = process.env.VCAP_APP_PORT || 8080;
app.listen(port, function() {
logger.info("server starting on " + appEnv.url + " port " + port);
});