-
Notifications
You must be signed in to change notification settings - Fork 25
/
app.js
111 lines (90 loc) · 3.48 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
'use strict';
require('dotenv').config();
var app = require('express')();
var fs = require('fs');
var uploadDir = process.env.UPLOAD_DIRECTORY || './uploads/';
var hostname = process.env.API_HOSTNAME || 'localhost:3000';
var swaggerTools = require('swagger-tools');
var YAML = require('yamljs');
var auth = require('./api/helpers/auth');
var swaggerConfig = YAML.load('./api/swagger/swagger.yaml');
var bodyParser = require('body-parser');
var app_helper = require('./app_helper');
var api_default_port = 3000;
var express_server;
var defaultLog = app_helper.defaultLog;
// Increase postbody sizing
app.use(bodyParser.json({limit: '10mb', extended: true}));
app.use(bodyParser.urlencoded({limit: '10mb', extended: true}));
// disable powered by header
app.disable('x-powered-by');
// Enable CORS
app.use(function (req, res, next) {
defaultLog.info(req.method, req.url);
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,Authorization,responseType');
res.setHeader('Access-Control-Expose-Headers', 'x-total-count,x-pending-comment-count,x-next-comment-id');
res.setHeader('Access-Control-Allow-Credentials', true);
res.setHeader('Cache-Control', 'max-age=4');
// headers for zap scan issues
res.setHeader('X-XSS-Protection', '1');
res.setHeader('Strict-Transport-Security', 'max-age=63072000; includeSubDomains; preload');
next();
});
// Dynamically set the hostname based on what environment we're in.
swaggerConfig.host = hostname;
// Swagger UI needs to be told that we only serve https in Openshift
if (hostname !== 'localhost:3000') {
swaggerConfig.schemes = ['https'];
}
swaggerTools.initializeMiddleware(swaggerConfig, function(middleware) {
app.use(middleware.swaggerMetadata());
// TODO: Fix this
// app.use(middleware.swaggerValidator({ validateResponse: false}));
app.use(
middleware.swaggerSecurity({
Bearer: auth.verifyToken
})
);
var routerConfig = {
controllers: ['./api/controllers', './api/tasks'],
useStubs: false
};
app.use(middleware.swaggerRouter(routerConfig));
app.use(middleware.swaggerUi({apiDocs: '/api/docs', swaggerUi: '/api/docs'}));
// Make sure uploads directory exists
try {
if (!fs.existsSync(uploadDir)){
fs.mkdirSync(uploadDir);
}
} catch (e) {
// Fall through - uploads will continue to fail until this is resolved locally.
defaultLog.info('Couldn\'t create upload folder:', e);
}
app_helper.loadMongoose().then(() => {
express_server = app.listen(api_default_port, '0.0.0.0', function() {
defaultLog.info('Started server on port ' + api_default_port);
});
}).catch(function (err) {
defaultLog.info('err:', err);
});
// Counterintuitively, we crash because we don't want the pod hanging around. Let's just spin up
// a new pod incase the mongo topology was destroyed, among other things.
process.on('unhandledRejection', function(reason) {
console.log("Unhandled Rejection:", reason);
process.exit(1);
});
});
function shutdown() {
if (express_server) {
console.log('Shutting down gracefully');
express_server.close(() => {
console.log('Closed out remaining connections');
process.exit(0);
});
}
}
exports.shutdown = shutdown;
exports.api_default_port = api_default_port;
exports.dbConnection = app_helper.dbConnection;