hopfma
/
om
Watch 4
Star 1
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Ohm-Management - Projektarbeit B-ME
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23 Commits
2 Branches
Tree: 97c82b5d92
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97c82b5d92'
${ noResults }
om/server.js

server.js 4.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174 
  1. /**

  2.  * Express based http & https server

  3.  *

  4.  * Requires express >= 4

  5.  */

  6. 

  7. /*

  8. var   common    = require ('./server/common'),

  9.       authorize = require ('./server/authorization'),

  10.       dbs       = require ('./server/dbs'),

  11.       files     = require ('./server/files');

  12. */

  13. 

  14. const fs      = require ('fs'),

  15.       http    = require ('http'),

  16.       https   = require ('https'),

  17.       express = require ('express'),

  18.       session = require ('express-session'), // session management

  19.       morgan  = require ('morgan'),		// logger

  20.       //serveFavicon = require ('serve-favicon'),

  21.       bodyParser = require ('body-parser');

  22.       //MongoStore = require ('connect-mongo')(session); // uss mongodb as session storage

  23. 

  24. var app = express();

  25. 

  26. var http_port=8888;

  27. 	https_port=8889;

  28. 

  29. /*

  30.  * Init

  31.  */

  32. /*ll

  33. common   .init ();

  34. authorize.init (common);

  35. dbs      .init (common);

  36. files    .init (common);

  37. */

  38. 

  39. // Security

  40. app.disable ('x-powered-by'); // TODO: Disable Header information: Powerd by Express -> Information disclosure

  41. 

  42. 

  43. /*

  44.  * Route Control

  45.  */

  46. 

  47. // Logger

  48. app.use (morgan ('dev'));

  49. //app.use(express.logger ( { format: 'default', stream: output_stream } ));

  50. 

  51. // Fastpaths

  52. //app.use (serveFavicon (__dirname + '/public/favicon.ico'));

  53. 

  54. // Session Management

  55. app.use (session({

  56.     secret: 'adluhohks',

  57.     resave: false,

  58.     saveUninitialized: false,

  59.     cookie: {

  60.         maxAge: 30*24*3600*1000,    // TODO: ttl for session as well (Store)

  61.         secure: false,              // true for https only

  62.     },

  63.     name: 'om.sid',

  64.     //store: new MongoStore ({mongooseConnection: dbs.mongoose.connection, ttl: 30*24*3600}),   // mongoose + connect-mongo

  65.     //store: new MemoryStore ({checkPeriod: 24*3600*1000}),   // memorystore

  66. }));

  67. 

  68. // Args

  69. app.use (bodyParser.json());

  70. app.use (bodyParser.urlencoded({extended: true}));

  71. 

  72. // API

  73. //var api_routes = express.Router(); // express app-object routing

  74. //app.use ('/api', api_routes);

  75. 

  76. // Static Files

  77. app.use (express.static(__dirname + '/public'));	// Allow server access to 'public' folder

  78. 

  79. // Other stuff is NOT authorized unless logged in

  80. //app.use (authorize.genCheckAuthorized ('user'));

  81. 

  82. // Uploaded files

  83. //app.use ('/uploads', express.static(__dirname + '/uploads'));

  84. 

  85. // Errors

  86. // No error so far? Then it's a 404!

  87. //app.use (function (req, res, next) { next (common.genError (404, req.url)); });

  88. //app.use (routes.errorHandler (true)); /* true: show stack traces */ // TODO: Error Handler

  89. 

  90. 

  91. /*

  92.  * API

  93.  */

  94. /*

  95. // API allowed for all

  96. api_routes.post ('/login', authorize.login); // /api/login

  97. 

  98. // Validate all other API calls

  99. api_routes.use (authorize.genCheckAuthorized ('user'));

  100. api_routes.post ('/logout', authorize.logout);

  101. 

  102. function addRoutes (r) {

  103.     for (var e in r.routes) {

  104.         var params = r.routes[e].params ? "/" + r.routes[e].params : "";

  105.         console.log ("Adding routes for /" + e + params + ":" +

  106.                      (r.routes[e].get ? " get":" ") + (r.routes[e].post ? " post":" ") +

  107.                      (r.routes[e].put ? " put":" ") + (r.routes[e].delete ? " delete":" "));

  108.         if (r.routes[e].get)

  109.             api_routes.get ('/' + e + params, r.routes[e].get);

  110.         if (r.routes[e].post)

  111.             api_routes.post ('/' + e + params, r.routes[e].post);

  112.         if (r.routes[e].put)

  113.             api_routes.put  ('/' + e + params, r.routes[e].put);

  114.         if (r.routes[e].delete)

  115.             api_routes.delete ('/' + e + params, r.routes[e].delete);

  116.     }

  117. }

  118. 

  119. addRoutes (dbs);

  120. addRoutes (files);

  121. */

  122. 

  123. /*

  124.  * Servers

  125.  */

  126. 

  127. http.createServer (app) .listen (http_port, function () {

  128.     console.log ("Express http server listening on port " + http_port);

  129. });

  130. 

  131. /*

  132.  * SSL certificates

  133.  *

  134.  * Keys + Certificate in current dir (not servable!)

  135.  * to create (self-signed) SSL certs:

  136.  *

  137.  * openssl genrsa -out privatekey.pem 1024

  138.  * openssl req -new -key privatekey.pem -out certrequest.csr

  139.  * openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem

  140.  * rm certrequest.csr

  141.  */

  142. 

  143. var options;

  144. try {

  145.     try {

  146. 	// In case it's a real certificate: add CA chain cersts (TODO: use array if required)

  147. 	/* Uncomment if real certificate is required and available

  148.     var ca = fs.readFileSync ('keys/ca_cert.pem');

  149.     } catch (e) {

  150. 	ca = undefined;

  151. 	console.log ("Note: Can't read CA bundle: "+e);

  152.     }

  153.     */

  154.     options = {

  155. 	key: fs.readFileSync  ('keys/omkey.pem'),

  156. 	cert: fs.readFileSync ('keys/certificate.pem'),

  157. 	ca: ca

  158.     };

  159.     https.createServer (options, app) .listen (https_port, function () {

  160. 	console.log ("Express https server listening on port " + https_port);

  161.     });

  162. } catch (e) {

  163.     console.log ("Note: Can't read SSL keys/certs: "+e+"\nDisabling https server");

  164. }

  165. 

  166. 

  167. /*

  168.  * Uncaught Exceptions

  169.  */

  170. 

  171. process.on ("uncaughtException", function (err) {

  172.     console.error ("*** Uncaught Exception:");

  173.     console.error (err.stack);

  174. });