Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (coreUtils.file.exist(path.join(config.root, 'cert.pem'))) {
opts = {
key: fse.readFileSync(path.join(config.root, 'key.pem')),
cert: fse.readFileSync(path.join(config.root, 'cert.pem'))
}
}
var app = express(opts)
var server
// Instantiate Singleton Manager (which lists all blog files)
Manager.instance.init()
app.set('config', config.getConfigByWebsite())
app.use(flash())
app.use(cookieParser())
app.use(passport.initialize())
app.use(passport.session())
app.use(
bodyParser.urlencoded({limit: '1gb', extended: true, parameterLimit: 50000})
)
app.use(expressValidator())
app.use(csrf({cookie: {secure: config.cookie.secure}}))
app.use(function(req, res, next) {
if (req.url.indexOf('/abe/') > -1) {
res.locals._csrf = req.csrfToken()
}
next()
})
app.use(bodyParser.json({limit: '1gb'}))
apollo.applyMiddleware({ app });
// set
app.set('port', process.env.PORT || 4000);
app.set('env', process.env.NODE_ENV || 'development');
// get
app.get('/healthz', function(req, res) {
res.send('OK');
});
// use
app.use(compression());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
export default function initCore(app) {
if (process.env.NODE_ENV === 'development') {
app.use(morgan('dev'));
}
app.use((req, res, next) => {
res.set('Request-Id', nanoid());
next();
});
app.disable('etag');
app.set('json spaces', 2);
// Parse cookies via standard express tooling
app.use(cookieParser(config.get('token.secret')));
// Parse application/json
app.use(bodyParser.json({ type: 'application/json' }));
// parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: true }));
}
import winstonInstance from './winston';
import routes from '../server/routes/index.route';
import config from './config';
import APIError from '../server/helpers/APIError';
const app = express();
if (config.env === 'development') {
app.use(logger('dev'));
}
// parse body params and attache them to req.body
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// enable CORS - Cross Origin Resource Sharing
app.use(cors());
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
app.locals = Object.assign(app.locals, {
config: config,
apiPrefix: config.apiPrefix,
marked,
multiline,
signupValid: config.signupValid,
signinValid: config.signinValid,
githubSigninValid: config.github.signinValid
});
// uncomment after placing your favicon in /public
app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser(config.sessionSecret));
app.use(useragent.express());
app.use('/static', express.static(path.join(__dirname, 'public')));
app.use('/static', express.static(path.join(__dirname, 'upload')));
app.use(
connectBusboy({
limits: {
fileSize: bytes(config.fileLimit)
}
})
);
app.use(githubAuth());
app.use(authUser);
app.use(zone);
offlineMode = true;
}
const app = express();
// middleware
app.use( express.static('public') );
app.all('/favicon.*', (req, res) => {
res.status(404).end();
});
app.use(morgan('[:date[iso]] :method :url :status :response-time ms - :res[content-length]'));
app.use(helmet.noSniff());
app.use(helmet.ieNoOpen());
app.use(helmet.hidePoweredBy());
app.use(compression());
app.use(cookieParser());
app.use(handleErrorMiddleware);
// Send dummy JSON response if offline
if ( offlineMode ) {
app.all('/api/*', (req, res) => res.send({}));
}
// Proxy to API
app.all('/api/*', createProxy( process.env.API_URL ));
await setupWebpack(app);
await startServer(app);
}
to: function(context) {
return context.parsedUrl.pathname;
}
}
]
}));
/////////////////////////////////////////////////////////////////
// //
// Linkedin Authorization passport //
// //
/////////////////////////////////////////////////////////////////
app.use(passport.initialize());
app.use(cookieParser());
passport.use( new LinkedinStrategy({ // request fields from facebook
profileFields: ['summary','industry','positions','headline','picture-url','first-name','last-name','email-address','location','public-profile-url'],
consumerKey: '75wbm6jxhrsauj',
consumerSecret: 'qz9SGDHb53Hi6tnU',
callbackURL: '/linkedin'
//enableProof: false
},
(accessToken, refreshToken, profile, done) => {
setTimeout(() => {
return done(null, profile);
},0);
}
));
passport.serializeUser((user, done) => { // serialization is necessary for persistent sessions
done(null, user);
});
));
/*
In this example, only the user ID is serialized to the session,
keeping the amount of data stored within the session small. When
subsequent requests are received, this ID is used to find the user,
which will be restored to req.user.
*/
passport.serializeUser((user, cb) => {
cb(null, user.id);
});
passport.deserializeUser(async (id, cb) => {
const user = await User.getUser(id);
cb(null, user || null);
});
server.use(cookieParser('mysecret'));
server.use(session({
secret: 'mysecret',
resave: false,
rolling: true,
saveUninitialized: false,
cookie: { maxAge: 1000 * 60 * 60 * 24 * 7 }, // Requires https: secure: false
}));
server.use(passport.initialize());
server.use(bodyParser.urlencoded({ extended: false }));
server.use(passport.session());
server.post('/login', (req, res, next) => {
req.session.returnTo = req.body.goto;
next();
}, passport.authenticate(
'local',
import {setLocale} from './actions/intl'
const app = express()
//
// Tell any CSS tooling (such as Material UI) to use all vendor prefixes if the
// user agent is not known.
// -----------------------------------------------------------------------------
global.navigator = global.navigator || {}
global.navigator.userAgent = global.navigator.userAgent || 'all'
//
// Register Node.js middleware
// -----------------------------------------------------------------------------
app.use(express.static(path.join(__dirname, 'public')))
app.use(cookieParser())
app.use(requestLanguage({
languages: locales,
queryName: 'lang',
cookie: {
name: 'lang',
options: {
path: '/',
maxAge: 3650 * 24 * 3600 * 1000 // 10 years in miliseconds
},
url: '/lang/{language}'
}
}))
app.use(bodyParser.urlencoded({extended: true}))
app.use(bodyParser.json())
//
import cookieParser from 'cookie-parser';
import bodyParser from 'body-parser';
import cors from 'cors';
import {Schema} from "./data/schema";
import graphQLHTTP from "express-graphql";
const APP_PORT = process.env.PORT || 3000;
var app = express();
app.use(favicon(path.join(__dirname, 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(cors());
app.use('/', graphQLHTTP({
graphiql: true,
pretty: true,
schema: Schema,
}));
app.listen(APP_PORT, () => {
console.log(`App is now running on port: ${APP_PORT}`);
});