-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
158 lines (137 loc) · 4.71 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
const session = require('express-session');
const MongoStore = require('connect-mongo');
const mongoose = require('./config/database');
var passport = require('passport');
var rateLimit = require('express-rate-limit');
var favicon = require('serve-favicon');
const flash = require('connect-flash');
const cors = require('cors');
require('dotenv').config();
// NOTE! You must create a .env file with:
// VORTEX_COMMUNITY_API_KEY=...
// SESSION_SECRET=...
// MONGO_URI=mongodb://0.0.0.0:27017/vortexcommunity
var app = express();
require('./config/passport')(passport);
const allowedOrigins = ['https://lightshow.lol', 'https://vortex.community', 'http://localhost:3000'];
app.use(cors({
origin: function (origin, callback) {
if (!origin || allowedOrigins.includes(origin)) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));
}
},
methods: ['GET', 'POST', 'OPTIONS'],
credentials: true, // Allow credentials if needed
}));
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());
// Serve static files from the public directory with CORS for /firmwares
app.use(
'/firmwares',
(req, res, next) => {
const origin = req.headers.origin;
if (origin === 'https://lightshow.lol') {
res.setHeader('Access-Control-Allow-Origin', origin);
res.setHeader('Access-Control-Allow-Methods', 'GET');
res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
}
next();
},
express.static(path.join(__dirname, 'public/firmwares'))
);
// Serve other static files from the public directory
app.use(express.static(path.join(__dirname, 'public')));
// Use the setPageStyles middleware to inject css
app.use(require('./middleware/setPageStyles'));
// Session configuration
app.use(session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: 'mongodb://0.0.0.0:27017/vortexcommunity',
mongooseConnection: mongoose.connection
})
}));
// Passport initialization
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
// Middleware to handle flash messages and assign user
app.use((req, res, next) => {
res.locals.success_msg = req.flash('success');
res.locals.error_msg = req.flash('error');
res.locals.user = req.user || null;
next();
});
// icon
app.use(favicon(path.join(__dirname, 'public', 'images', 'vortex-transparent.png')));
// Rate limiter for uploads
const uploadLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 25,
message: 'Too many uploads created from this IP, please try again after 15 minutes'
});
app.use('/upload', uploadLimiter);
// Routes
var indexRouter = require('./routes/index');
var userUploadRouter = require('./routes/upload');
var firmwareUploadRouter = require('./routes/firmware-upload');
var userRouter = require('./routes/user');
var patsRouter = require('./routes/pats');
var patRouter = require('./routes/pat');
var modesRouter = require('./routes/modes');
var modeRouter = require('./routes/mode');
var downloadsRouter = require('./routes/downloads');
var registerRouter = require('./routes/register');
var verifyRouter = require('./routes/verify');
var loginRouter = require('./routes/login');
var logoutRouter = require('./routes/logout');
var adminRouter = require('./routes/admin');
var privacyRouter = require('./routes/privacy');
var termsRouter = require('./routes/terms');
app.use('/', indexRouter);
app.use('/upload', userUploadRouter);
app.use('/firmware', firmwareUploadRouter);
app.use('/user', userRouter);
app.use('/pats', patsRouter);
app.use('/pat', patRouter);
app.use('/modes', modesRouter);
app.use('/mode', modeRouter);
app.use('/downloads', cors({
origin: 'https://lightshow.lol',
methods: ['GET'],
credentials: true
}), downloadsRouter);
app.use('/register', registerRouter);
app.use('/verify', verifyRouter);
app.use('/login', loginRouter);
app.use('/logout', logoutRouter);
app.use('/privacy', privacyRouter);
app.use('/terms', termsRouter);
app.use('/control', adminRouter);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});
// error handler
app.use((err, req, res, next) => {
console.error(err.stack);
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
res.status(err.status || 500);
res.render('error');
});
module.exports = app;