-
Notifications
You must be signed in to change notification settings - Fork 9
/
app.js
156 lines (130 loc) · 4.2 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
const express = require("express");
const path = require("path");
// Var favicon = require('serve-favicon');
const logger = require("morgan");
const cookieParser = require("cookie-parser");
const bodyParser = require("body-parser");
const session = require("express-session");
const SequelizeStore = require("connect-session-sequelize")(session.Store);
const partials = require("express-partials");
const flash = require("express-flash");
const methodOverride = require("method-override");
const dotenv = require("dotenv");
const i18n = require("i18n-express");
const cors = require("cors");
const compression = require("compression");
// Const helmet = require('helmet');
dotenv.config();
const api = require("./routes/api");
const index = require("./routes/index"),
app = express();// View engine setup
// To compress all routes
app.use(compression());
// Security headers, commented because it fails with CSP
// TODO, study options and configure accordingly
// App.use(helmet());
app.set("views", path.join(__dirname, "views"));
app.set("view engine", "ejs");
if (app.get("env") === "production" && !process.env.HEROKU) {
app.use((req, res, next) => {
if (req.secure) {
next();
} else {
res.redirect(`https://${req.get("Host")}${req.url}`);
}
});
}
app.use(cors());
app.use(logger("dev"));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({"extended": true}));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, "public")));
app.use(i18n({
"translationsPath": path.join(__dirname, "i18n"),
"siteLangs": ["en", "es"],
"locales": ["en", "es"],
"cookieLangName": "locale",
"defaultLang": "en",
"textsVarName": "i18n"
}));
app.use(function (req, res, next) {
res.locals.i18n = req.app.locals.i18n;
next();
});
app.use("/api", api);
app.get("/", function (req, res, next) {
if (req.query.clang) {
res.cookie("locale", req.query.clang);
res.redirect(req.headers.referer);
} else {
next();
}
});
// Configuracion de la session para almacenarla en BBDD usando Sequelize.
const sequelize = require("./models");
const sessionStore = new SequelizeStore({
"db": sequelize,
"table": "session",
"checkExpirationInterval": 15 * 60 * 1000,
"expiration": 3 * 60 * 60 * 1000
});
const sessionMiddleware = session({
"secret": process.env.SECRET || "Escape Room",
"store": sessionStore,
"resave": false,
"cookie": {
"path": "/",
"httpOnly": true,
"secure": app.get("env") === "production" && !process.env.HEROKU,
"maxAge": null
},
"saveUninitialized": false
});
app.sessionMiddleware = sessionMiddleware;
app.use(sessionMiddleware);
app.use(methodOverride("_method", {
"methods": [
"POST",
"GET"
]
}));
app.use(partials());
require("./helpers/locals")(app);
app.use(flash());
// Dynamic Helper:
app.use((req, res, next) => {
// To use req.session in the views
res.locals.session = req.session;
res.locals.url = req.url;
next();
});
app.use("/", index);
// Catch 404 and forward to error handler
app.use((req, res, next) => {
const err = new Error("Not found");
err.status = 404;
err.message = "NOT_FOUND";
res.locals.message = "Not found";
res.locals.error = app.get("env") === "production" ? {"status": 404} : err;
next(err);
});
// Error handler. It needs to have all 4 arguments, or else express will not recognize it as an erorr handler
// eslint-disable-next-line no-unused-vars
app.use((err, req, res, next) => {
// eslint-disable-next-line eqeqeq
const devStatusCode = res.statusCode == 200 ? 500 : res.statusCode;
const status = err.status || (app.get("env") === "production" ? 404 : devStatusCode);
res.status(status);
if (req.session && req.session.flash) {
// Set locals, only providing error in development
res.locals.message = err.message;
err.status = err.status || res.statusCode;
res.locals.error = app.get("env") === "production" ? {"status": err.status || 404} : err;
// Render the error page
res.render("error");
} else {
res.json({"code": "ERROR", "msg": err.message});
}
});
module.exports = app;