NodeBB/src/middleware/index.js

"use strict";

var meta = require('../meta'),
	db = require('../database'),
	file = require('../file'),
	auth = require('../routes/authentication'),

	path = require('path'),
	nconf = require('nconf'),
	flash = require('connect-flash'),
	templates = require('templates.js'),
	bodyParser = require('body-parser'),
	cookieParser = require('cookie-parser'),
	compression = require('compression'),
	favicon = require('serve-favicon'),
	session = require('express-session'),
	useragent = require('express-useragent');


var middleware = {};

function setupFavicon(app) {
	var faviconPath = path.join(__dirname, '../../', 'public', meta.config['brand:favicon'] ? meta.config['brand:favicon'] : 'favicon.ico');
	if (file.existsSync(faviconPath)) {
		app.use(nconf.get('relative_path'), favicon(faviconPath));
	}
}

module.exports = function(app) {
	var relativePath = nconf.get('relative_path');

	middleware = require('./middleware')(app);

	app.engine('tpl', templates.__express);
	app.set('view engine', 'tpl');
	app.set('views', nconf.get('views_dir'));
	app.set('json spaces', process.env.NODE_ENV === 'development' ? 4 : 0);
	app.use(flash());

	app.enable('view cache');

	app.use(compression());

	setupFavicon(app);

	app.use(relativePath + '/apple-touch-icon', middleware.routeTouchIcon);

	app.use(bodyParser.urlencoded({extended: true}));
	app.use(bodyParser.json());
	app.use(cookieParser());
	app.use(useragent.express());

	var cookie = {
		maxAge: 1000 * 60 * 60 * 24 * (parseInt(meta.config.loginDays, 10) || 14)
	};

	if (meta.config.cookieDomain) {
		cookie.domain = meta.config.cookieDomain;
	}

	if (nconf.get('secure')) {
		cookie.secure = true;
	}

	if (relativePath !== '') {
		cookie.path = relativePath;
	}

	app.use(session({
		store: db.sessionStore,
		secret: nconf.get('secret'),
		key: 'express.sid',
		cookie: cookie,
		resave: true,
		saveUninitialized: true
	}));

	app.use(middleware.addHeaders);
	app.use(middleware.processRender);
	auth.initialize(app, middleware);

	return middleware;
};
random jshinting expedition 2014-03-02 14:45:57 -05:00			`"use strict";`

cleanup 2014-11-19 17:48:43 -05:00			`var meta = require('../meta'),`
only use multipart on upload routes, delete temp files if there is an error in admin, admin/mods should see topic reply 2014-10-22 18:25:57 -04:00			`db = require('../database'),`
closes #3663 2015-09-29 18:22:41 -04:00			`file = require('../file'),`
only use multipart on upload routes, delete temp files if there is an error in admin, admin/mods should see topic reply 2014-10-22 18:25:57 -04:00			`auth = require('../routes/authentication'),`
added emitter class; express.listen only after background tasks complete; closes #1227 2014-03-17 12:53:31 -04:00
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00			`path = require('path'),`
			`nconf = require('nconf'),`
added connect-flash package. npm also alphabetically re-ordered the deps... thanks npm? 2014-06-18 10:17:50 -04:00			`flash = require('connect-flash'),`
use templates.js module instead 2014-06-25 18:55:22 -04:00			`templates = require('templates.js'),`
first commit 2014-07-02 14:07:08 -04:00			`bodyParser = require('body-parser'),`
			`cookieParser = require('cookie-parser'),`
			`compression = require('compression'),`
			`favicon = require('serve-favicon'),`
closes #3989 Squashed commit of the following: commit 23de0708708ed190eafbcd6ea93d43333cb87aa3 Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 10:48:16 2015 -0500 wired up session revocation, #3989 commit 45a3f18321b74a9b6893d404b6c870f1ec4d95cd Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 09:49:27 2015 -0500 session deletion via session uuid commit 2bf87338cf9bfa2df0b299639421d8da7553c69a Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 13:53:35 2015 -0500 WIP #3989 commit 623f45c3fa8b96f8b6eec0613eb7f9463348ab93 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:22:24 2015 -0500 saving more metadata and displaying sessions in UCP #3989 commit d0567ed7cc33a1aea66e921b657f782038f32191 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:21:38 2015 -0500 updated fontawesome to v4.5.0 commit 7131c97fe8ab42838eb2915a04e74f80f3d9a133 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:39:16 2015 -0500 saving user-agent metadata into user session #3989 commit 661b7e6dba774b80b5dc6d04f89a79f809ff791e Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:23:24 2015 -0500 New user auth methods to add/revoke sessions, #3989 2015-12-23 10:48:45 -05:00			`session = require('express-session'),`
			`useragent = require('express-useragent');`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00

avoid doing nconf.get over and over again on the same key 2014-04-15 02:16:03 -04:00			`var middleware = {};`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 2014-03-05 17:06:24 -05:00
#2278 2014-10-17 19:38:49 -04:00			`function setupFavicon(app) {`
closes #2278 2014-10-17 19:37:09 -04:00			`var faviconPath = path.join(__dirname, '../../', 'public', meta.config['brand:favicon'] ? meta.config['brand:favicon'] : 'favicon.ico');`
closes #3663 2015-09-29 18:22:41 -04:00			`if (file.existsSync(faviconPath)) {`
Closes #3302 - Fixes issue where the served path for the favicon was incorrect (included relative path when one was not needed) - Also fixes issue where favicons were just plain not served for subfolder installations - Fixed unsemantic HTML in ACP/General regarding Site Logo and Favicon fieldsets 2015-08-17 11:31:31 -04:00			`app.use(nconf.get('relative_path'), favicon(faviconPath));`
closes #2278 2014-10-17 19:37:09 -04:00			`}`
			`}`

cluster socket.io fixes close proxy server on loader.stop changed handles to object 2014-11-27 15:36:05 -05:00			`module.exports = function(app) {`
			`var relativePath = nconf.get('relative_path');`
cleanup 2014-11-19 17:48:43 -05:00
moved middleware out of webserver.js and into middleware.js 2014-03-02 14:16:16 -05:00			`middleware = require('./middleware')(app);`

first commit 2014-07-02 14:07:08 -04:00			`app.engine('tpl', templates.__express);`
			`app.set('view engine', 'tpl');`
added recompilation of templates to NodeBB Reloading - #2010 2014-08-26 14:48:05 -04:00			`app.set('views', nconf.get('views_dir'));`
uploads 2014-07-02 14:59:48 -04:00			`app.set('json spaces', process.env.NODE_ENV === 'development' ? 4 : 0);`
first commit 2014-07-02 14:07:08 -04:00			`app.use(flash());`
enabling view cache, since we require server restart on theme changes it doesn't hurt 2014-05-05 16:56:01 -04:00
first commit 2014-07-02 14:07:08 -04:00			`app.enable('view cache');`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00
first commit 2014-07-02 14:07:08 -04:00			`app.use(compression());`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00
#2278 2014-10-17 19:38:49 -04:00			`setupFavicon(app);`
only use multipart on upload routes, delete temp files if there is an error in admin, admin/mods should see topic reply 2014-10-22 18:25:57 -04:00
first commit 2014-07-02 14:07:08 -04:00			`app.use(relativePath + '/apple-touch-icon', middleware.routeTouchIcon);`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00
uploads 2014-07-02 14:59:48 -04:00			`app.use(bodyParser.urlencoded({extended: true}));`
			`app.use(bodyParser.json());`
first commit 2014-07-02 14:07:08 -04:00			`app.use(cookieParser());`
closes #3989 Squashed commit of the following: commit 23de0708708ed190eafbcd6ea93d43333cb87aa3 Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 10:48:16 2015 -0500 wired up session revocation, #3989 commit 45a3f18321b74a9b6893d404b6c870f1ec4d95cd Author: Julian Lam <julian@designcreateplay.com> Date: Wed Dec 23 09:49:27 2015 -0500 session deletion via session uuid commit 2bf87338cf9bfa2df0b299639421d8da7553c69a Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 13:53:35 2015 -0500 WIP #3989 commit 623f45c3fa8b96f8b6eec0613eb7f9463348ab93 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:22:24 2015 -0500 saving more metadata and displaying sessions in UCP #3989 commit d0567ed7cc33a1aea66e921b657f782038f32191 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 10:21:38 2015 -0500 updated fontawesome to v4.5.0 commit 7131c97fe8ab42838eb2915a04e74f80f3d9a133 Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:39:16 2015 -0500 saving user-agent metadata into user session #3989 commit 661b7e6dba774b80b5dc6d04f89a79f809ff791e Author: Julian Lam <julian@designcreateplay.com> Date: Tue Dec 22 09:23:24 2015 -0500 New user auth methods to add/revoke sessions, #3989 2015-12-23 10:48:45 -05:00			`app.use(useragent.express());`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00
Allow session cookie domain customization 2014-07-24 22:26:19 +02:00			`var cookie = {`
closes #3893 2015-11-23 11:59:00 -05:00			`maxAge: 1000 * 60 * 60 * 24 * (parseInt(meta.config.loginDays, 10) \|\| 14)`
Allow session cookie domain customization 2014-07-24 22:26:19 +02:00			`};`
cleanup 2014-11-19 17:48:43 -05:00
cluster socket.io fixes close proxy server on loader.stop changed handles to object 2014-11-27 15:36:05 -05:00			`if (meta.config.cookieDomain) {`
Allow cookie domain customization from meta config 2014-07-25 00:43:15 +02:00			`cookie.domain = meta.config.cookieDomain;`
Allow session cookie domain customization 2014-07-24 22:26:19 +02:00			`}`
fixed #1988 2014-08-13 16:03:33 -04:00
closes #3435 2015-08-17 14:53:37 -04:00			`if (nconf.get('secure')) {`
			`cookie.secure = true;`
			`}`
rm cls because it's not ready yet 2016-06-24 16:57:58 -04:00
Made the session cookie aware of the possible relative path (#4663) 2016-05-18 18:43:46 +02:00			`if (relativePath !== '') {`
			`cookie.path = relativePath;`
			`}`
closes #3435 2015-08-17 14:53:37 -04:00
first commit 2014-07-02 14:07:08 -04:00			`app.use(session({`
			`store: db.sessionStore,`
			`secret: nconf.get('secret'),`
			`key: 'express.sid',`
Allow session cookie domain customization 2014-07-24 22:26:19 +02:00			`cookie: cookie,`
uploads 2014-07-02 14:59:48 -04:00			`resave: true,`
			`saveUninitialized: true`
first commit 2014-07-02 14:07:08 -04:00			`}));`
moved all app.configure() code into middleware/index.js + organization/cleanup 2014-03-01 17:26:26 -05:00
closes #3899 2016-01-04 16:22:58 -05:00			`app.use(middleware.addHeaders);`
first commit 2014-07-02 14:07:08 -04:00			`app.use(middleware.processRender);`
refactored plugin and auth init a bit, and fixed issue where successive reloads caused old login strategies to be inadvertently preserved 2014-09-21 14:29:27 -04:00			`auth.initialize(app, middleware);`
moved middleware out of webserver.js and into middleware.js 2014-03-02 14:16:16 -05:00
			`return middleware;`
Add missing new lines at end of files. 2014-04-10 20:31:57 +01:00			`};`