auth.rxbn.de/bin/web/module.js

/*
 * This file is part of the authRXBN single sign-on package.
 *
 * (c) Ruben Meyer <contact@rxbn.de>
 */

// init
var methods = {};

var cfg = require(global['__dirname']+'/bin/config');

/**
 * start web server
 * @author Ruben Meyer
 * @return {Void}
 */
methods.start = () => {
	// init express framework
	let express = require('express');
	let session_handler = require('express-session');
	let session_store = require('connect-mongo')(session_handler);

	// utilities
	let fs = require('fs');
	let path = require('path');
	let mime = require('mime-types');

	// app variable
	let app = express();
	app.set('view engine', 'pug'); // page engine
	app.set('views', global['__dirname']+'/bin/web/views');

	let bp = require('body-parser'); // POST Body parser
	let cp = require('cookie-parser'); // Cookie handler

	// Access Control Headers
	app.use( (req, res, next) => {
		res.set({
			'X-Powered-By': cfg.web.poweredBy
		});
		res.header("Access-Control-Allow-Origin", "*");
		res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
		next();
	});

	//static files
	app.use('/res', (req, res, next) => {

		let dir = global['__dirname'] + '/res/web';
		let joined_path = path.join(dir, /^[^?]+/.exec(req.url)[0]);

		fs.exists(joined_path, (exists) => {
			if(exists) {
				let contentType = mime.contentType(path.extname(joined_path));
				res.setHeader('Content-Type', contentType);

				fs.createReadStream(joined_path).pipe(res);
			} else {
				res.status(404).end();
				global['logs'].info("[web] (404) path not found: "+joined_path);
			}
		});
	});

	// BodyParser & CookieParser
	app.use(bp.json());
	app.use(bp.urlencoded({
		extended: true
	}));
	app.use(cp(cfg.web.cookieKey));

	// Pretty print
	if(app.get('env') === 'debug')
		app.locals.pretty = true;

	(async function() {
		// mongooseConnection
		let db = global['requireModule']('database');
		await db.connect();
		let con = db.getConnection();

		// Sessions
		session_options = {
			secret: cfg.web.sessionKey,
			resave: true,
			saveUninitialized: false,
			cookie: {
				maxAge: cfg.web.cookieMaxAge
			},
			store: new session_store({
				mongooseConnection: con,
				dbName: cfg.mongoose.db,
				ttl: cfg.web.cookieMaxAge,
				secret: (app.get('env') === 'production') ? true : false
			})
		};
		if(app.get('env') === 'production') {
			app.set('trust proxy', 1);
			session_options.cookie.secure = true;
		}
		app.use(session_handler(session_options));

		// web routes
		let mRoutes = require(global['__dirname']+'/bin/web/routes/static');
		let mainRoutes = await mRoutes.getRoutes();
		app.use('/', mainRoutes);
		let rAPI = require(global['__dirname']+'/bin/web/routes/api');
		let restAPI = await rAPI.getRoutes();
		app.use('/api', restAPI);

		// start server
		if(app.get('env') === 'production' && cfg.web.host && typeof cfg.web.host == "string")
			app.listen(cfg.web.port, cfg.web.host, () => {
				global['logs'].log("Server is listening on port: "+cfg.web.port);
			});
		else if(app.get('env') === 'debug' || !cfg.web.host || typeof cfg.web.host !== "string")
			app.listen(cfg.web.port, () => {
				global['logs'].log("Server is listening on port: "+cfg.web.port);
			});
	})();
};

module.exports = methods;