forked from FieldDB/AuthenticationWebService
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth_service.js
More file actions
executable file
·127 lines (118 loc) · 4.33 KB
/
auth_service.js
File metadata and controls
executable file
·127 lines (118 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/usr/local/bin/node
const bodyParser = require('body-parser');
const bunyan = require('express-bunyan-logger');
/**
* You can control aspects of the deployment by using Environment Variables
*
* Examples:
* $ NODE_ENV=production # uses config/production.js
* $ NODE_ENV=test # uses config/test.js
* $ NODE_ENV=development # uses config/development.js
* $ NODE_ENV=local # uses config/local.js
* $ NODE_ENV=yoursecretconfig # uses config/yoursecretconfig.js
*/
const config = require('config');
const crossOriginResourceSharing = require('cors');
const debug = require('debug')('auth:service');
const express = require('express');
const favicon = require('serve-favicon');
const path = require('path');
/* Load modules provided by this codebase */
const authWebServiceRoutes = require('./routes/routes');
const { errorHandler } = require('./middleware/error-handler');
const deprecatedRoutes = require('./routes/deprecated');
const apiVersion = 'v1'; // 'v' + parseInt(require('./package.json').version, 10);
const corsOptions = {
credentials: true,
maxAge: 86400,
methods: 'HEAD, POST, GET, PUT, PATCH, DELETE',
allowedHeaders: 'Access-Control-Allow-Origin, access-control-request-headers, accept, accept-charset, accept-encoding, accept-language, authorization, content-length, content-type, host, origin, proxy-connection, referer, user-agent, x-requested-with',
origin: function isOriginWhiteListed(origin, callback) {
let originIsWhitelisted = false;
if (/* permit curl */ origin === undefined || /* permit android */ origin === 'null' || origin === null || !origin) {
originIsWhitelisted = true;
} else if (origin.search(/^https?:\/\/.*\.lingsync.org$/) > -1
|| origin.search(/^https?:\/\/.*\.phophlo.ca$/) > -1
|| origin.search(/^https?:\/\/(localhost|127.0.0.1):[0-9]*$/) > -1
|| origin.search(/^chrome-extension:\/\/[^/]*$/) > -1
|| origin.search(/^https?:\/\/.*\.jrwdunham.com$/) > -1) {
originIsWhitelisted = true;
}
debug(`${new Date()} Responding with CORS options for ${origin} accept as whitelisted is: ${originIsWhitelisted}`);
callback(null, originIsWhitelisted);
},
};
/**
* Use Express to create the authWebService see http://expressjs.com/ for more details
*/
const authWebService = express();
authWebService.use(crossOriginResourceSharing(corsOptions));
// Accept versions
// authWebService.use(function versionMiddleware(req, res, next) {
// if (req.url.indexOf('/' + apiVersion) === 0) {
// req.url = req.url.replace('/' + apiVersion, '');
// }
// next();
// });
debug(`Accepting api version ${apiVersion}`);
/**
* Middleware
*/
authWebService.use(favicon(path.join(__dirname, '/public/favicon.ico')));
authWebService.use(bunyan({
name: 'fielddb-auth',
streams: [{
level: process.env.BUNYAN_LOG_LEVEL || 'warn',
stream: process.stdout,
}],
}));
authWebService.use((req, res, next) => {
if (req.headers && req.headers['x-request-id']) {
req.id = req.headers['x-request-id'];
}
next();
});
// authWebService.use(session({
// resave: true,
// saveUninitialized: true,
// secret: config.sessionKey
// }));
authWebService.use(bodyParser.json());
authWebService.use(bodyParser.urlencoded({
extended: true,
}));
// authWebService.use(methodOverride());
// authWebService.use(authWebService.router);
/*
* Although this is mostly a webservice used by machines (not a websserver used by humans)
* we are still serving a user interface for the api sandbox in the public folder
*/
authWebService.use(express.static(path.join(__dirname, 'public')));
authWebService.options('*', (req, res) => {
if (req.method === 'OPTIONS') {
debug('responding to OPTIONS request');
res.send(204);
}
});
/**
* Set up all the available URL authWebServiceRoutes see routes/routes.js for more details
*/
authWebServiceRoutes.setup(authWebService);
/**
* Set up all the old routes until all client apps have migrated to the v2+ api
*/
deprecatedRoutes.addDeprecatedRoutes(authWebService, config);
/**
* Not found
*/
authWebService.use((req, res, next) => {
// if (apiRegex.test(req.path) || req.method !== 'GET') {
const err = new Error('Not Found');
debug(`${req.url} was not found/handled`);
err.status = 404;
// return next(err, req, res, next);
// }
next(err);
});
authWebService.use(errorHandler);
module.exports = authWebService;