1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-11-01 19:07:38 +01:00
unleash.unleash/src/lib/app.ts

186 lines
6.0 KiB
TypeScript
Raw Normal View History

import express, { Application, RequestHandler } from 'express';
import compression from 'compression';
import favicon from 'serve-favicon';
import cookieParser from 'cookie-parser';
import path from 'path';
import errorHandler from 'errorhandler';
import { responseTimeMetrics } from './middleware/response-time-metrics';
import { corsOriginMiddleware } from './middleware/cors-origin-middleware';
import rbacMiddleware from './middleware/rbac-middleware';
2021-03-29 19:58:11 +02:00
import apiTokenMiddleware from './middleware/api-token-middleware';
import { IUnleashServices } from './types/services';
import { IAuthType, IUnleashConfig } from './types/option';
import { IUnleashStores } from './types/stores';
import IndexRouter from './routes';
import requestLogger from './middleware/request-logger';
2021-04-22 10:53:47 +02:00
import demoAuthentication from './middleware/demo-authentication';
import ossAuthentication from './middleware/oss-authentication';
import noAuthentication from './middleware/no-authentication';
import secureHeaders from './middleware/secure-headers';
import { loadIndexHTML } from './util/load-index-html';
import { findPublicFolder } from './util/findPublicFolder';
import { conditionalMiddleware } from './middleware/conditional-middleware';
import patMiddleware from './middleware/pat-middleware';
import { Knex } from 'knex';
2022-12-19 08:01:04 +01:00
import maintenanceMiddleware from './middleware/maintenance-middleware';
export default async function getApp(
config: IUnleashConfig,
stores: IUnleashStores,
services: IUnleashServices,
unleashSession?: RequestHandler,
db?: Knex,
): Promise<Application> {
2016-06-18 21:53:18 +02:00
const app = express();
const baseUriPath = config.server.baseUriPath || '';
const publicFolder = findPublicFolder();
let indexHTML = await loadIndexHTML(config, publicFolder);
2020-10-02 16:40:42 +02:00
app.set('trust proxy', true);
2017-06-29 11:12:44 +02:00
app.disable('x-powered-by');
app.set('port', config.server.port);
2016-05-01 18:20:10 +02:00
app.locals.baseUriPath = baseUriPath;
2021-12-09 21:02:58 +01:00
if (config.server.serverMetrics && config.eventBus) {
app.use(
responseTimeMetrics(
config.eventBus,
config.flagResolver,
services.instanceStatsService,
),
);
}
app.use(requestLogger(config));
2016-12-28 21:04:26 +01:00
if (typeof config.preHook === 'function') {
config.preHook(app, config, services, db);
2016-12-28 21:04:26 +01:00
}
2018-08-22 17:39:09 +02:00
app.use(compression());
2016-05-01 22:59:43 +02:00
app.use(cookieParser());
app.use(express.json({ strict: false }));
if (unleashSession) {
app.use(unleashSession);
}
2020-10-01 21:47:40 +02:00
app.use(secureHeaders(config));
app.use(express.urlencoded({ extended: true }));
app.use(favicon(path.join(publicFolder, 'favicon.ico')));
app.use(baseUriPath, favicon(path.join(publicFolder, 'favicon.ico')));
app.use(baseUriPath, express.static(publicFolder, { index: false }));
2015-03-10 16:30:56 +01:00
if (config.enableOAS) {
app.use(`${baseUriPath}/oas`, express.static('docs/api/oas'));
}
if (config.enableOAS && services.openApiService) {
services.openApiService.useDocs(app);
}
// Support CORS preflight requests for the frontend endpoints.
// Preflight requests should not have Authorization headers,
// so this must be handled before the API token middleware.
app.options(
`${baseUriPath}/api/frontend*`,
conditionalMiddleware(
() => config.flagResolver.isEnabled('embedProxy'),
corsOriginMiddleware(services, config),
),
);
app.use(baseUriPath, patMiddleware(config, services));
switch (config.authentication.type) {
case IAuthType.OPEN_SOURCE: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
ossAuthentication(app, config.server.baseUriPath);
break;
}
case IAuthType.ENTERPRISE: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
config.authentication.customAuthHandler(app, config, services);
break;
}
2021-04-26 21:31:08 +02:00
case IAuthType.HOSTED: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
config.authentication.customAuthHandler(app, config, services);
break;
}
case IAuthType.DEMO: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
demoAuthentication(
app,
config.server.baseUriPath,
services,
config,
);
break;
}
case IAuthType.CUSTOM: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
config.authentication.customAuthHandler(app, config, services);
break;
}
case IAuthType.NONE: {
noAuthentication(baseUriPath, app);
break;
}
default: {
app.use(baseUriPath, apiTokenMiddleware(config, services));
demoAuthentication(
app,
config.server.baseUriPath,
services,
config,
);
break;
}
2016-12-28 21:04:26 +01:00
}
app.use(
baseUriPath,
rbacMiddleware(config, stores, services.accessService),
);
2022-12-21 12:23:44 +01:00
app.use(
`${baseUriPath}/api/admin`,
conditionalMiddleware(
() => config.flagResolver.isEnabled('maintenance'),
maintenanceMiddleware(config, services.maintenanceService),
),
);
2022-12-19 08:01:04 +01:00
2021-03-29 19:58:11 +02:00
if (typeof config.preRouterHook === 'function') {
config.preRouterHook(app, config, services, stores, db);
2021-03-29 19:58:11 +02:00
}
// Setup API routes
2020-12-17 19:43:01 +01:00
app.use(`${baseUriPath}/`, new IndexRouter(config, services).router);
if (services.openApiService) {
services.openApiService.useErrorHandler(app);
}
2016-06-18 09:19:57 +02:00
if (process.env.NODE_ENV !== 'production') {
2016-11-13 15:31:28 +01:00
app.use(errorHandler());
2016-06-18 09:19:57 +02:00
}
app.get(`${baseUriPath}`, (req, res) => {
res.send(indexHTML);
});
app.get(`${baseUriPath}/*`, (req, res) => {
if (req.path.startsWith(`${baseUriPath}/api`)) {
res.status(404).send({ message: 'Not found' });
return;
}
res.send(indexHTML);
});
2016-05-01 18:20:10 +02:00
return app;
}