-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
139 lines (122 loc) · 3.18 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
const express = require('express');
const path = require('path');
const redis = require('redis');
const favicon = require('serve-favicon');
const morgan = require('morgan');
const cookieParser = require('cookie-parser');
const bodyParser = require('body-parser');
const hbs = require('express-handlebars');
const passport = require('passport');
const helmet = require('helmet');
const flash = require('connect-flash');
const session = require('express-session');
const RedisStore = require('connect-redis')(session);
const logger = require('./lib/logger');
const authentication = require('./routes/authentication/index');
const indexRouter = require('./routes/index');
const digitalRouter = require('./routes/digital');
const helperpath = require('./views/helpers/index.js');
const app = express();
/**
* For Security Purpose using Helmet
*/
app.use(helmet());
app.use(helmet.noCache());
app.use(helmet.noSniff());
app.use(helmet.hidePoweredBy());
app.use(helmet.xssFilter());
/**
* The Strict-Transport-Security HTTP header tells browsers to stick with HTTPS and never visit.
* the insecure HTTP version.
*/
const sixtyDaysInSeconds = 5184000;
app.use(helmet.hsts({
maxAge: sixtyDaysInSeconds,
}));
/**
* view engine setup
*/
app.engine('hbs', hbs({
extname: 'hbs',
defaultLayout: 'main',
layoutsDir: path.join(__dirname, '/views/layouts/'),
partialsDir: path.join(__dirname, '/views/partials/'),
helpers: helperpath,
}));
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'hbs');
/**
*logger setup
*/
logger.init();
app.use(morgan('dev'));
/**
* Redis Configuration
*/
app.use(session({
secret: 'qwertyuiopasdfghjklzxcvbnm',
key: 'sid',
cookie: {
secure: false,
// maxAge: config.sessionTimeoutTime,
},
rolling: true,
resave: false,
saveUninitialized: false,
store: new RedisStore({
client: redis.createClient(process.env.REDIS_URL),
}),
}));
/**
* Configuring Passport
*/
app.use(flash());
app.use(passport.initialize());
app.use(passport.session());
app.use(favicon(path.join(__dirname, 'public/images', 'favicon.png')));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, '/public')));
app.use((req, res, next) => {
res.set('Cache-Control', 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0');
next();
});
app.use('/', indexRouter);
app.use('/authentication', authentication);
app.use('/digital',digitalRouter);
app.get('/*', (req, res) => {
res.redirect('/');
});
/**
* catch 404 and forwarding to error handler
*/
app.use((req, res, next) => {
const err = new Error('Not Found');
err.status = 404;
next(err);
});
/**
* error handlers
* development error handler,will print stacktrace
*/
if (app.get('env') === 'development') {
app.use((err, req, res) => {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: err,
});
});
}
/**
* production error handler,no stacktraces leaked to user
*/
app.use((err, req, res) => {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {},
});
});
module.exports = app;