Implement cookie-session support.

Sessions will be required to solve admin-auth. I also refactored a few middlewares into seperate files to make the code easier to read. closes #262
2024-12-22 19:07:54 +01:00 · 2017-11-16 15:41:33 +01:00 · 2017-11-16 15:41:33 +01:00 · 37f9ed9570
commit 37f9ed9570
parent 5711c46cbf
8 changed files with 65 additions and 51 deletions
--- a/lib/app.js
+++ b/lib/app.js
@ -4,20 +4,18 @@ const express = require('express');
 const favicon = require('serve-favicon');
 const bodyParser = require('body-parser');
 const cookieParser = require('cookie-parser');
-const validator = require('express-validator');
-const responseTime = require('response-time');
-const logger = require('./logger')('app.js');
 const routes = require('./routes');
 const path = require('path');
 const errorHandler = require('errorhandler');
-
-const { REQUEST_TIME } = require('./events');
+const unleashSession = require('./middleware/session');
+const responseTime = require('./middleware/response-time');
+const requestLogger = require('./middleware/request-logger');
+const validator = require('./middleware/validator');

 module.exports = function(config) {
    const app = express();

    const baseUriPath = config.baseUriPath || '';
-    const publicFolder = config.publicFolder;

    app.set('trust proxy');
    app.disable('x-powered-by');
@ -29,42 +27,15 @@ module.exports = function(config) {
    }

    app.use(cookieParser());
-
-    if (publicFolder) {
-        app.use(favicon(path.join(publicFolder, 'favicon.ico')));
-    }
-
-    app.use(
-        responseTime((req, res, time) => {
-            const timingInfo = {
-                path: req.baseUrl,
-                method: req.method,
-                statusCode: res.statusCode,
-                time,
-            };
-            config.eventBus.emit(REQUEST_TIME, timingInfo);
-        })
-    );
-
-    app.use(
-        validator({
-            customValidators: {
-                isUrlFirendlyName: input => encodeURIComponent(input) === input,
-            },
-        })
-    );
-
-    if (publicFolder) {
-        app.use(baseUriPath, express.static(publicFolder));
-    }
-
    app.use(bodyParser.json({ strict: false }));
+    app.use(unleashSession(config));
+    app.use(responseTime(config));
+    app.use(requestLogger(config));
+    app.use(validator(config));

-    if (config.enableRequestLogger) {
-        app.use((req, res, next) => {
-            next();
-            logger.info(`${res.statusCode} ${req.method} ${req.baseUrl}`);
-        });
+    if (config.publicFolder) {
+        app.use(favicon(path.join(config.publicFolder, 'favicon.ico')));
+        app.use(baseUriPath, express.static(config.publicFolder));
    }

    if (typeof config.preRouterHook === 'function') {
--- a/lib/middleware/request-logger.js
+++ b/lib/middleware/request-logger.js
@ -0,0 +1,12 @@
+'use strict';
+
+const logger = require('../logger')('HTTP');
+
+module.exports = function(config) {
+    return (req, res, next) => {
+        next();
+        if (config.enableRequestLogger) {
+            logger.info(`${res.statusCode} ${req.method} ${req.baseUrl}`);
+        }
+    };
+};
--- a/lib/middleware/response-time.js
+++ b/lib/middleware/response-time.js
@ -0,0 +1,16 @@
+'use strict';
+
+const responseTime = require('response-time');
+const { REQUEST_TIME } = require('../events');
+
+module.exports = function(config) {
+    return responseTime((req, res, time) => {
+        const timingInfo = {
+            path: req.baseUrl,
+            method: req.method,
+            statusCode: res.statusCode,
+            time,
+        };
+        config.eventBus.emit(REQUEST_TIME, timingInfo);
+    });
+};
--- a/lib/middleware/session-middleware.js
+++ b/lib/middleware/session-middleware.js
@ -1,8 +0,0 @@
-'use strict';
-
-const cookieSession = require('cookie-session');
-
-module.exports = config => {
-    config.a = 1;
-    return cookieSession(config.field);
-};
--- a/lib/middleware/session.js
+++ b/lib/middleware/session.js
@ -0,0 +1,11 @@
+'use strict';
+
+const cookieSession = require('cookie-session');
+
+module.exports = function(config) {
+    return cookieSession({
+        name: 'unleash-session',
+        keys: [config.secret],
+        maxAge: config.sessionAge,
+    });
+};
--- a/lib/middleware/validator.js
+++ b/lib/middleware/validator.js
@ -0,0 +1,11 @@
+'use strict';
+
+const validator = require('express-validator');
+
+module.exports = function() {
+    return validator({
+        customValidators: {
+            isUrlFirendlyName: input => encodeURIComponent(input) === input,
+        },
+    });
+};
--- a/lib/options.js
+++ b/lib/options.js
@ -3,6 +3,7 @@
 const { publicFolder } = require('unleash-frontend');

 const isDev = () => process.env.NODE_ENV === 'development';
+const THIRTY_DAYS = 30 * 24 * 60 * 60 * 1000;

 const DEFAULT_OPTIONS = {
    databaseUrl: process.env.DATABASE_URL,
@ -12,6 +13,8 @@ const DEFAULT_OPTIONS = {
    enableLegacyRoutes: true,
    publicFolder,
    enableRequestLogger: isDev(),
+    secret: 'UNLEASH-SECRET',
+    sessionAge: THIRTY_DAYS,
 };

 module.exports = {
--- a/lib/routes/admin-api/index.js
+++ b/lib/routes/admin-api/index.js
@ -24,9 +24,7 @@ exports.apiDef = apiDef;
 exports.router = config => {
    const router = Router();

-    router.get('/', (req, res) => {
-        res.json(apiDef);
-    });
+    router.get('/', (req, res) => res.json(apiDef));

    router.use('/features', features.router(config));
    router.use('/archive', featureArchive.router(config));