forked from citizenos/citizenos-api
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.js
More file actions
277 lines (239 loc) · 10.1 KB
/
app.js
File metadata and controls
277 lines (239 loc) · 10.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
'use strict';
var config = require('config');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var cors = require('cors');
var log4js = require('log4js');
var models = require('./db/models');
var QueryStream = require('pg-query-stream');
var morgan = require('morgan');
var lodash = require('lodash');
var Promise = require('bluebird');
var moment = require('moment');
var mu = require('mu2');
var fs = require('fs');
var querystring = require('querystring');
var stream = require('stream');
var fsExtra = require('fs-extra');
var sanitizeFilename = require('sanitize-filename');
var nodeForge = require('node-forge');
var uuid = require('uuid');
var jwt = require('jsonwebtoken');
var objectEncrypter = require('object-encrypter');
var fastCsv = require('fast-csv');
var Bdoc = require('./libs/bdoc');
var cosHtmlToDocx = require('./libs/cosHtmlToDocx');
var superagent = require('superagent');
var CachemanMemory = require('cacheman-memory');
var Cacheman = require('cacheman');
var Entities = require('html-entities').AllHtmlEntities;
var striptags = require('striptags');
var device = require('express-device');
var SevenZip = require('node-7z');
var swaggerUi = require('swagger-ui-express');
var swaggerDocument = require('./swagger.json');
var Busboy = require('busboy');
var StreamUpload = require('stream_upload');
var app = express();
// Express settings
// TODO: Would be nice if conf had express.settings.* and all from there would be set
if (app.get('env') === 'production' || app.get('env') === 'test') {
app.set('trust proxy', true); // http://expressjs.com/guide/behind-proxies.html
}
app.use('/documentation', swaggerUi.serve, swaggerUi.setup(swaggerDocument));
var prerender = require('prerender-node');
prerender.set('prerenderServiceUrl', config.services.prerender.serviceUrl).set('prerenderToken', config.services.prerender.apiKey);
app.use(prerender);
app.set('x-powered-by', false);
// App settings
var APP_ROOT = __dirname;
var PUBLIC_ROOT = path.join(APP_ROOT, 'public');
var FILE_ROOT = path.join(APP_ROOT, 'files');
var TEMPLATE_ROOT = path.join(APP_ROOT, 'views');
var EMAIL_TEMPLATE_ROOT = path.join(APP_ROOT, 'views/emails');
var EMAIL_TEMPLATE_ROOT_LOCAL = path.join(APP_ROOT, 'config/emails');
app.set('APP_ROOT', APP_ROOT);
app.set('PUBLIC_ROOT', PUBLIC_ROOT);
app.set('FILE_ROOT', FILE_ROOT);
app.set('EMAIL_TEMPLATE_ROOT', EMAIL_TEMPLATE_ROOT);
app.set('EMAIL_TEMPLATE_ROOT_LOCAL', EMAIL_TEMPLATE_ROOT_LOCAL);
//Set app view engine
app.use(device.capture());
// Init "services"
if (typeof config.logging === 'string') {
config.logging = JSON.parse(config.logging); // Support JSON string from ENV
}
log4js.configure(config.logging.log4js);
var logger = log4js.getLogger(app.settings.env);
app.set('logger', logger);
app.set('config', config);
var reqLogger = morgan(config.logging.morgan.format, { // HTTP request logger - https://github.com/expressjs/morgan
stream: {
write: function (str) {
logger.info(str);
}
}
});
app.use(reqLogger);
var etherpadClient = require('etherpad-lite-client').connect(config.services.etherpad);
var twitter = require('twit')(config.services.twitter);
var options = {
ttl: '-1',
engine: new CachemanMemory({count: 50})
};
var hashtagCache = new Cacheman('hashtagCache', options);
// Promisifications
Promise.promisifyAll(fs);
Promise.promisifyAll(fsExtra);
Promise.promisifyAll(mu);
Promise.promisifyAll(etherpadClient);
Promise.promisifyAll(twitter);
// Check Etherpad availability, warn if Etherpad is not running, but continue.
etherpadClient.checkTokenAsync()
.then(function () {
logger.info('Connected to Etherpad', etherpadClient.options.host, etherpadClient.options.port);
})
.catch(function (err) {
logger.error('Failed to connect to Etherpad. Error was: ' + err.message + '. Etherpad configuration is ' + JSON.stringify(etherpadClient.options));
});
app.set('url', require('url'));
app.set('lodash', lodash);
app.set('async', require('async'));
app.set('validator', require('validator'));
app.set('Promise', Promise);
app.set('fs', fs);
app.set('crypto', require('crypto'));
app.set('querystring', querystring);
app.set('stream', stream);
app.set('fsExtra', fsExtra);
app.set('sanitizeFilename', sanitizeFilename);
app.set('nodeForge', nodeForge);
app.set('uuid', uuid);
app.set('jwt', jwt);
app.set('objectEncrypter', objectEncrypter);
app.set('fastCsv', fastCsv);
app.set('Bdoc', Bdoc);
app.set('cosHtmlToDocx', cosHtmlToDocx);
app.set('etherpadClient', etherpadClient);
app.set('superagent', superagent);
app.set('moment', moment);
app.set('twitter', twitter);
app.set('hashtagCache', hashtagCache);
app.set('encoder', new Entities());
app.set('striptags', striptags);
app.set('SevenZip', SevenZip);
app.set('busboy', Busboy);
app.set('stream_upload', StreamUpload);
mu.root = TEMPLATE_ROOT;
app.set('mu', mu);
app.set('models', models);
app.set('QueryStream', QueryStream);
app.set('cosActivities', require('./libs/cosActivities')(app));
app.set('urlLib', require('./libs/url')(config));
app.set('util', require('./libs/util'));
app.set('ddsClient', require('./libs/ddsClient'));
app.set('cosBdoc', require('./libs/cosBdoc')(app));
app.set('cosEtherpad', require('./libs/cosEtherpad')(app));
//Config smartId
var smartId = require('./libs/cosSmartId')(app);
smartId.init({
hostname: config.services.smartId.hostname,
apiPath: config.services.smartId.apiPath,
authPath: config.services.smartId.authPath,
authorizeToken: config.services.smartId.authorizeToken,
relyingPartyUUID: config.services.smartId.relyingPartyUUID,
replyingPartyName: config.services.smartId.replyingPartyName,
statusPath: config.services.smartId.statusPath
});
app.set('smartId', smartId);
if (typeof config.email === 'string') {
config.email = JSON.parse(config.email); // Support JSON string from ENV
}
config.email.layout = config.email.layout || path.join(EMAIL_TEMPLATE_ROOT, 'layouts/default.mu');
app.set('emailClient', require('./libs/campaign/emailClient')(config.email));
app.set('email', require('./libs/email')(app));
app.set('cryptoLib', require('./libs/crypto'));
// Authentication with Passport - http://passportjs.org/guide/
var passport = require('passport');
app.set('passport', passport);
require('./libs/passport/index')(app).init();
// Configure middleware
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
// CORS
var corsOptions = config.api.cors;
var corsPaths = lodash.cloneDeep(config.api.cors.paths);
delete corsOptions.paths; // Remove the paths just in case it will conflict with CORS MW options now or in the future
corsOptions.origin.forEach(function (pattern, i) {
corsOptions.origin[i] = new RegExp(pattern, 'i');
});
var corsMiddleware = cors(corsOptions);
app.use(corsPaths, corsMiddleware); // CORS
app.options(corsPaths, corsMiddleware); // Enable CORS preflight - https://github.com/expressjs/cors#enabling-cors-pre-flight
// Static
app.use(express.static(PUBLIC_ROOT));
app.use('/static', express.static(PUBLIC_ROOT)); // If you move static below session definition, static will also generate a session
// Response handler
app.use(require('./libs/middleware/response'));
// Load public and private key to config. Keys are used for signing JWT tokens
var sessionPrivateKey = config.session.privateKey;
if (!sessionPrivateKey || sessionPrivateKey.indexOf('PRIVATE KEY') < 0) {
throw new Error('Invalid configuration! Invalid value for "session.privateKey". Was: "' + sessionPrivateKey + '"');
}
var sessionPublicKey = config.session.publicKey;
if (!sessionPublicKey || sessionPublicKey.indexOf('PUBLIC KEY') < 0) {
throw new Error('Invalid configuration! Invalid value for "session.publicKey". Was: "' + sessionPublicKey + '"');
}
var cookieSecret = config.session.secret;
if (!cookieSecret) {
throw new Error('Invalid configuration! Invalid value for "session.secret". Was: "' + cookieSecret + '". See https://github.com/expressjs/session#secret');
}
var cosApiKey = config.api.key;
if (!cosApiKey) {
throw new Error('Invalid configuration! Invalid value for "api.key". Was: "' + cosApiKey + '". Must be something unique. This value is used for authenticating to webhooks ("/routes/api/internal") and originally used by Etherpad');
}
// Cache control for API requests, fixes IE not re-validating eTags - https://trello.com/c/t45AGz4y/372-bug-mobiil-id-login-and-signing-does-not-work-on-ie11-due-to-caching-issues
app.use(/^\/api\/.*/, function (req, res, next) {
res.set('Expires', -1);
res.set('Cache-Control', 'must-revalidate, private');
next();
});
// Enable sessions for API path
app.use(/^\/api\/.*/, require('./libs/middleware/authTokenParser'));
app.use(/^\/api\/auth\/.*/, passport.initialize());
app.set('middleware.loginCheck', require('./libs/middleware/loginCheck'));
app.set('middleware.authApiKey', require('./libs/middleware/authApiKey'));
app.set('middleware.partnerParser', require('./libs/middleware/partnerParser')(app));
app.set('middleware.uuidValidator', require('./libs/middleware/uuidValidator')(app));
// Bot header logger
app.use(require('./libs/middleware/botHeaderLogger'));
// Load all API routes
var routesApi = './routes/api/';
fs.readdirSync(routesApi).forEach(function (file) {
if (!file.match(/\.js$/)) { // Exclude folders
return;
}
require(routesApi + file)(app);
});
// Load all internal API routes
var routesApiInternal = './routes/api/internal/';
fs.readdirSync(routesApiInternal).forEach(function (file) {
if (!file.match(/\.js$/)) { // Exclude folders
return;
}
require(routesApiInternal + file)(app);
});
app.get('/favicon.ico', function (req, res) {
res.sendFile(path.join(PUBLIC_ROOT, 'imgs/favicon.ico'));
});
// Allow direct linking in the FE
app.get('/', function (req, res) {
res.sendFile(path.join(PUBLIC_ROOT, 'index.html'));
});
// Error handling middleware. Must be the last in the chain
app.use(require('./libs/sequelize/middleware/error')); // Map Sequelize errors to user friendly responses.
app.use(require('./libs/middleware/error'));
module.exports = app;