server: Configure TrustProxy via config files

Author: t-ho

server/config/config.default.js

@@ -91,6 +91,11 @@ let defaultConfig = {
     publicUrl:
       'This will be overriden by environment variable SERVER_PUBLIC_URL',
   },
+  trustProxy: {
+    enabled: false,
+    // see https://expressjs.com/en/guide/behind-proxies.html
+    value: 0,
+  },
 };
 
 module.exports = defaultConfig;

server/config/config.prod.js

@@ -62,6 +62,11 @@ let prodConfig = {
       },
     ],
   },
+  trustProxy: {
+    enabled: true,
+    // see https://expressjs.com/en/guide/behind-proxies.html
+    value: 1,
+  },
 };
 
 prodConfig = _.merge({}, defaultConfig, prodConfig);

server/config/config.test.js

@@ -221,6 +221,11 @@ let testConfig = {
       },
     ],
   },
+  trustProxy: {
+    enabled: false,
+    // see https://expressjs.com/en/guide/behind-proxies.html
+    value: 0,
+  },
 };
 
 testConfig = _.merge({}, defaultConfig, testConfig);

server/core/express.js

@@ -14,10 +14,8 @@ const constants = require('./constants');
 // App Setup
 const app = express();
 
-if (config.rateLimit.enabled) {
-  // As we are behind a nginx-proxy
-  // see https://expressjs.com/en/guide/behind-proxies.html
-  app.set('trust proxy', 1);
+if (config.trustProxy.enabled) {
+  app.set('trust proxy', config.trustProxy.value);
 }
 
 // Logger

server/index.js

@@ -49,6 +49,7 @@ const displayConfigurationStatus = () => {
   console.log(chalk.gray(`[*] Helmet: ${config.helmet.enabled}`));
   console.log(chalk.gray(`[*] Morgan: ${config.morgan.enabled}`));
   console.log(chalk.gray(`[*] RateLimit: ${config.rateLimit.enabled}`));
+  console.log(chalk.gray(`[*] TrustProxy: ${config.trustProxy.enabled}`));
 };
 
 displayConfigurationStatus();