This repository has been archived by the owner on Apr 7, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapp.js
executable file
·94 lines (77 loc) · 2.77 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
// import environment variables.
require("dotenv").config();
const globalError = require("http-errors");
// import node modules.
const express = require("express"),
cookieParser = require("cookie-parser"),
compression = require("compression"),
helmet = require("helmet"),
sassMiddleware = require("node-sass-middleware"),
path = require("path"),
cookieSession = require("cookie-session"),
cookieSessionConfig = require("./config/cookieSession.config"),
{ hasData, checkPublic, checkLangQuery } = require("./utils");
// initialize application.
var app = express();
// view engine setup
app.set("views", path.join(__dirname, "./views"));
app.set("view engine", "pug");
// general app configuration.
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser(process.env.app_session_secret));
app.use(require("./config/i18n.config").init);
// in production: use redis for sessions
// but this works for now
app.use(cookieSession(cookieSessionConfig));
// in production: precompile CSS
app.use(
sassMiddleware({
src: path.join(__dirname, "public"),
dest: path.join(__dirname, "public"),
debug: false,
indentedSyntax: false, // look for .scss files, not .sass files
sourceMap: true,
outputStyle: "compressed"
})
);
// public assets go here (css, js, etc)
app.use(express.static(path.join(__dirname, "public")));
// dnsPrefetchControl controls browser DNS prefetching
// frameguard to prevent clickjacking
// hidePoweredBy to remove the X-Powered-By header
// hsts for HTTP Strict Transport Security
// ieNoOpen sets X-Download-Options for IE8+
// noSniff to keep clients from sniffing the MIME type
// xssFilter adds some small XSS protections
app.use(helmet());
// gzip response body compression.
app.use(compression());
app.use(checkPublic);
app.use(checkLangQuery);
// Adding values/functions to app.locals means we can access them in our templates
app.locals.GITHUB_SHA = process.env.GITHUB_SHA || null;
app.locals.hasData = hasData;
// configure routes
require("./routes/start/start.controller")(app);
require("./routes/login/login.controller")(app);
require("./routes/personal/personal.controller")(app);
require("./routes/confirmation/confirmation.controller")(app);
require("./routes/offramp/offramp.controller")(app);
require("./routes/remind/remind.controller")(app);
// clear session
app.get("/clear", (req, res) => {
req.session = null;
res.redirect(302, "/");
});
app.use(function(req, res, next) {
next(globalError(404));
});
// handle global errors.
app.use(function(err, req, res) {
res.locals.message = err.message;
res.locals.error = req.app.get("env") === "development" ? err : {};
console.log(err.message);
res.status(err.status || 500).json({ message: "Internal service error." });
});
module.exports = app;