-
Notifications
You must be signed in to change notification settings - Fork 2
/
app.js
103 lines (89 loc) · 2.89 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
var express = require('express')
var path = require('path')
var favicon = require('serve-favicon')
var logger = require('morgan')
var cookieParser = require('cookie-parser')
var bodyParser = require('body-parser')
var session = require('express-session')
var compression = require('compression')
var fs = require('fs')
require('dotenv').config()
var index = require('./routes/index')
var app = express()
// view engine setup
app.set('views', path.join(__dirname, 'views'))
app.set('view engine', 'jade')
app.use(compression({threshold: 0}))
// // create a write stream (in append mode)
var accessLogStream = fs.createWriteStream(path.join(__dirname, 'server.log'), {flags: 'a'})
// // setup the logger
app.use(logger('tiny', {stream: accessLogStream}))
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(cookieParser())
app.use(express.static(path.join(__dirname, 'public'), { maxAge: 604800000 }))
app.use(session({
secret: process.env.SECRET,
saveUninitialized: true,
resave: false,
cookie: {maxAge: 604800000}
}))
app.use(function (req, res, next) {
var allowedOrigins = [
'http://localhost:8080',
'http://devpractical.com:5000',
'http://www.devpractical.com:5000',
'http://devpractical.com',
'http://www.devpractical.com',
'https://devpractical.com',
'https://www.devpractical.com'
]
var origin = req.headers.origin
if (allowedOrigins.indexOf(origin) > -1) {
res.setHeader('Access-Control-Allow-Origin', origin)
}
if (req.originalUrl.indexOf('api') === -1 && !res.getHeader('Cache-Control')) res.setHeader('Cache-Control', 'public, max-age=604800000')
if (req.originalUrl.indexOf('api') === -1 && !res.getHeader('Vary')) res.setHeader('Vary', 'Accept-Encoding')
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS')
res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization')
res.header('Access-Control-Allow-Credentials', true)
return next()
})
app.get('/readme', function (req, res) {
res.sendFile(path.join(__dirname, 'evaluation.pdf'))
})
app.get('/login', function (req, res) {
res.sendFile(path.join(__dirname, 'login.html'))
})
app.get('/test', function (req, res) {
res.sendFile(path.join(__dirname, 'testrepl.html'))
})
app.use(favicon(path.join(__dirname, 'favicon.ico')))
app.use('/', index)
// catch 404 and forward to error handler
app.use(function (req, res, next) {
var err = new Error('Not Found')
err.status = 404
next(err)
})
// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function (err, req, res, next) {
res.status(err.code || 500)
.json({
status: 'error',
message: err
})
})
}
// production error handler
// no stacktraces leaked to user
app.use(function (err, req, res, next) {
res.status(err.status || 500)
.json({
status: 'error',
message: err.message
})
})
module.exports = app