2019-02-19 15:52:24 +01:00
|
|
|
require('dotenv').config();
|
|
|
|
|
2018-09-16 05:55:30 +02:00
|
|
|
const express = require('express');
|
|
|
|
const helmet = require('helmet');
|
|
|
|
const cors = require('cors');
|
|
|
|
const RateLimit = require('express-rate-limit');
|
|
|
|
const bodyParser = require('body-parser');
|
|
|
|
const jetpack = require('fs-jetpack');
|
|
|
|
const path = require('path');
|
2020-07-08 02:15:27 +02:00
|
|
|
const morgan = require('morgan');
|
|
|
|
const log = require('../utils/Log');
|
|
|
|
const ThumbUtil = require('../utils/ThumbUtil');
|
2018-09-16 05:55:30 +02:00
|
|
|
|
2020-07-08 03:00:12 +02:00
|
|
|
// eslint-disable-next-line no-unused-vars
|
2018-09-16 05:55:30 +02:00
|
|
|
const rateLimiter = new RateLimit({
|
2019-03-01 18:08:11 +01:00
|
|
|
windowMs: parseInt(process.env.RATE_LIMIT_WINDOW, 10),
|
|
|
|
max: parseInt(process.env.RATE_LIMIT_MAX, 10),
|
2020-12-24 09:40:50 +01:00
|
|
|
delayMs: 0
|
2018-09-16 05:55:30 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
class Server {
|
|
|
|
constructor() {
|
2019-03-01 18:08:11 +01:00
|
|
|
this.port = parseInt(process.env.SERVER_PORT, 10);
|
2018-09-16 05:55:30 +02:00
|
|
|
this.server = express();
|
|
|
|
this.server.set('trust proxy', 1);
|
|
|
|
this.server.use(helmet());
|
|
|
|
this.server.use(cors({ allowedHeaders: ['Accept', 'Authorization', 'Cache-Control', 'X-Requested-With', 'Content-Type', 'albumId'] }));
|
|
|
|
this.server.use((req, res, next) => {
|
2020-05-09 12:21:20 +02:00
|
|
|
// This bypasses the headers.accept for album download, since it's accesed directly through the browser.
|
2019-09-30 09:06:22 +02:00
|
|
|
if ((req.url.includes('/api/album/') || req.url.includes('/zip')) && req.method === 'GET') return next();
|
2020-05-09 12:21:20 +02:00
|
|
|
// This bypasses the headers.accept if we are accessing the frontend
|
|
|
|
if (!req.url.includes('/api/') && req.method === 'GET') return next();
|
2019-04-16 04:56:49 +02:00
|
|
|
if (req.headers.accept && req.headers.accept.includes('application/vnd.lolisafe.json')) return next();
|
2018-09-16 05:55:30 +02:00
|
|
|
return res.status(405).json({ message: 'Incorrect `Accept` header provided' });
|
|
|
|
});
|
|
|
|
this.server.use(bodyParser.urlencoded({ extended: true }));
|
|
|
|
this.server.use(bodyParser.json());
|
2020-07-08 02:15:27 +02:00
|
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
|
|
this.server.use(morgan('combined', {
|
|
|
|
skip(req) {
|
|
|
|
let ext = req.path.split('.').pop();
|
|
|
|
if (ext) { ext = `.${ext.toLowerCase()}`; }
|
|
|
|
|
|
|
|
if (
|
|
|
|
ThumbUtil.imageExtensions.indexOf(ext) > -1
|
|
|
|
|| ThumbUtil.videoExtensions.indexOf(ext) > -1
|
|
|
|
|| req.path.indexOf('_nuxt') > -1
|
|
|
|
|| req.path.indexOf('favicon.ico') > -1
|
|
|
|
) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
},
|
|
|
|
'stream': {
|
2020-12-24 09:40:50 +01:00
|
|
|
write(str) { log.debug(str); }
|
|
|
|
}
|
2020-07-08 02:15:27 +02:00
|
|
|
}));
|
|
|
|
}
|
2018-09-16 05:55:30 +02:00
|
|
|
// this.server.use(rateLimiter);
|
2020-05-09 12:21:20 +02:00
|
|
|
|
2020-05-10 13:02:48 +02:00
|
|
|
// Serve the uploads
|
2020-07-08 02:15:27 +02:00
|
|
|
this.server.use(express.static(path.join(__dirname, '../../../uploads')));
|
|
|
|
this.routesFolder = path.join(__dirname, '../routes');
|
2018-09-16 05:55:30 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
registerAllTheRoutes() {
|
2020-07-08 02:15:27 +02:00
|
|
|
jetpack.find(this.routesFolder, { matching: '*.js' }).forEach((routeFile) => {
|
|
|
|
// eslint-disable-next-line import/no-dynamic-require, global-require
|
|
|
|
const RouteClass = require(path.join('../../../', routeFile));
|
2018-09-16 05:55:30 +02:00
|
|
|
let routes = [RouteClass];
|
|
|
|
if (Array.isArray(RouteClass)) routes = RouteClass;
|
|
|
|
for (const File of routes) {
|
2020-07-20 20:29:06 +02:00
|
|
|
try {
|
|
|
|
const route = new File();
|
|
|
|
this.server[route.method](process.env.ROUTE_PREFIX + route.path, route.authorize.bind(route));
|
|
|
|
log.info(`Found route ${route.method.toUpperCase()} ${process.env.ROUTE_PREFIX}${route.path}`);
|
|
|
|
} catch (e) {
|
|
|
|
log.error(`Failed loading route from file ${routeFile} with error: ${e.message}`);
|
|
|
|
}
|
2018-09-16 05:55:30 +02:00
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2020-06-24 19:06:11 +02:00
|
|
|
serveNuxt() {
|
|
|
|
// Serve the frontend if we are in production mode
|
|
|
|
if (process.env.NODE_ENV === 'production') {
|
2020-07-08 02:15:27 +02:00
|
|
|
this.server.use(express.static(path.join(__dirname, '../../../dist')));
|
2020-06-24 19:06:11 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
For vue router to work with express we need this fallback.
|
|
|
|
After all the routes are loaded and the static files handled and if the
|
|
|
|
user is trying to access a non-mapped route we serve the website instead
|
|
|
|
since it has routes of it's own that don't work if accessed directly
|
|
|
|
*/
|
|
|
|
this.server.all('*', (_req, res) => {
|
|
|
|
try {
|
2020-07-08 02:15:27 +02:00
|
|
|
res.sendFile(path.join(__dirname, '../../../dist/index.html'));
|
2020-06-24 19:06:11 +02:00
|
|
|
} catch (error) {
|
|
|
|
res.json({ success: false, message: 'Something went wrong' });
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2018-09-16 05:55:30 +02:00
|
|
|
start() {
|
|
|
|
jetpack.dir('uploads/chunks');
|
|
|
|
jetpack.dir('uploads/thumbs/square');
|
|
|
|
this.registerAllTheRoutes();
|
2020-06-24 19:06:11 +02:00
|
|
|
this.serveNuxt();
|
2020-07-17 19:21:31 +02:00
|
|
|
const server = this.server.listen(this.port, () => {
|
2018-09-16 05:55:30 +02:00
|
|
|
log.success(`Backend ready and listening on port ${this.port}`);
|
|
|
|
});
|
2020-07-17 19:21:31 +02:00
|
|
|
server.setTimeout(600000);
|
2018-09-16 05:55:30 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-02-18 16:06:38 +01:00
|
|
|
new Server().start();
|