-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
111 lines (98 loc) · 2.58 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
const path = require('path');
const bodyParser = require('body-parser');
const routes = require('./routes/index');
const express = require('express');
const session = require('express-session');
const expressValidator = require('express-validator');
const errorHandlers = require('./handlers/errorHandlers');
const lusca = require('lusca');
const dotenv = require('dotenv');
const sass = require('node-sass-middleware');
const passport = require('passport');
const flash = require('express-flash');
const MongoStore = require('connect-mongo')(session);
/**
* API keys and Passport configuration.
*/
const passportConfig = require('./config/passport');
/**
* Create our Express app
*/
const app = express();
/**
* View engine setup
*/
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'pug');
/**
* Import environmental variables from our variables.env file
*/
require('dotenv').config({ path: '.env' });
/**
* Import models
*/
require('./models/Listing');
/**
* SASS Configuration
*/
app.use(sass({
src: path.join(__dirname, 'public'),
dest: path.join(__dirname, 'public'),
debug: true
}));
/**
* Express configuration.
*/
app.use(flash());
app.use(express.static(path.join(__dirname, 'public')));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({
resave: true,
saveUninitialized: true,
secret: process.env.SESSION_SECRET,
store: new MongoStore({
url: process.env.DATABASE_DEV || process.env.DATABASE_PROD,
autoReconnect: true,
clear_interval: 3600
})
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(lusca.xframe('SAMEORIGIN'));
app.use(lusca.xssProtection(true));
app.use((req, res, next) => {
res.locals.user = req.user;
next();
});
app.use((req, res, next) => {
res.locals.path = req.path;
// After successful login, redirect back to the intended page
if (!req.user &&
req.path !== '/login' &&
req.path !== '/signup' &&
!req.path.match(/^\/auth/) &&
!req.path.match(/\./)) {
req.session.returnTo = req.path;
} else if (req.user &&
req.path == '/account') {
req.session.returnTo = req.path;
}
next();
});
/**
* Exposes a bunch of methods for validating data.
* Used heavily on userController.validateRegister
*/
app.use(expressValidator());
/**
* Own routes + error handling
*/
app.use('/', routes);
app.use(errorHandlers.notFound);
app.use(errorHandlers.flashValidationErrors);
if (app.get('env') === 'development') {
app.use(errorHandlers.developmentErrors);
}
app.use(errorHandlers.productionErrors);
module.exports = app;