-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.js
171 lines (145 loc) · 4.37 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
var express = require("express");
var path = require("path");
var cookieParser = require("cookie-parser");
var bodyParser = require("body-parser");
var exphbs = require("express-handlebars");
var expressValidator = require("express-validator");
var flash = require("connect-flash");
var session = require("express-session");
var passport = require("passport");
var LocalStrategy = require("passport-local").Strategy;
var csurf = require('csurf');
var helmet = require('helmet');
var client = require('redis').createClient();
var https = require('https');
var fs = require('fs');
var morgan = require('morgan');
var rfs = require('rotating-file-stream');
var logDirectory = path.join(__dirname,'log');
//Ensure log directory exists
fs.existsSync(logDirectory) || fs.mkdirSync(logDirectory);
//Init Express
var app = express();
//Connect Flash
app.use(flash());
//Routes Variables
var routes = require('./routes/index');
var users = require('./routes/users');
//Proxy Variables
var proxy = require('http-proxy-middleware');
var opts = {
target: 'http://127.0.0.1:5601',
changeOrigin: true
};
//DB Variables
var mongo = require("mongodb");
var mongoose = require("mongoose");
mongoose.connect('mongodb://admin:MonG00s3$!@localhost/sso',{ useNewUrlParser: true });
var db = mongoose.connection;
//Hardening
app.use(helmet());
var limiter = require('express-limiter')(app,client);
limiter({
path: '/users/login',
method: 'post',
lookup: ['connection.remoteAddress'],
// 150 requests per hour
total: 150,
expire: 1000 * 60 * 60
});
//Proxying static files and APIs from Kibana
app.use('/bundles/**',proxy(opts));
app.use('/plugins/**',proxy(opts));
app.use('/api/**',proxy(opts));
app.use('/ui/**',proxy(opts));
app.use('/elasticsearch/**',proxy(opts));
//View Engine
app.set('views', path.join(__dirname,'views'));
app.engine('handlebars',exphbs({defaultLayout:'layout'}));
app.set('view engine','handlebars');
// BodyParser Middleware
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
//Public Folders
app.use(express.static(path.join(__dirname, 'public')));
//Logging - Create a rotating write stream
var accessLogStream = rfs('access.log', {
interval: '7d', // rotate weekly
path: logDirectory
});
morgan.token('date', function() {
var p = new Date().toString().replace(/[A-Z]{3}\+/,'+').split(/ /);
return( p[2]+'/'+p[1]+'/'+p[3]+':'+p[4]+' '+p[5] );
});
app.use(morgan(':date :remote-addr :method :url :status :response-time ms', {stream: accessLogStream }));
//Express Session
app.use(session({
name: 'session',
secret:'mapacheonlyauthorizeduser',
cookie: {
secure:true,
httpOnly:true,
maxAge: 7200000
},
saveUninitialized:true,
resave:true,
expires: 9600
}));
//Passport init
app.use(passport.initialize());
app.use(passport.session());
app.use(expressValidator({
errorFormatter: function(param,msg,value){
var namespace = param.split('.')
, root = namespace.shift()
, formParam = root;
while(namespace.length){
formParam += '[' +namespace.shift() + ']';
}
return {
param : formParam,
msg : msg,
value: value
};
}
}));
//Global Vars
app.use(function(req,res,next){
res.locals.success_msg = req.flash('success_msg');
res.locals.error_msg = req.flash('error_msg');
res.locals.error = req.flash('error');
res.locals.user = req.user || null;
next();
});
app.use('/',routes);
app.use('/users',users);
// Handle 404
app.use(function(req, res) {
res.send('404: Page not Found', 404);
});
//Hardening
var csrfProtection = csurf({ cookie: true })
app.use(csrfProtection);
app.use(function(req,res,next){
//res.setHeader("Pragma","no-cache");
//res.setHeader("Expires","0"); Older browsers
res.locals.csrftoken = req.csrfToken();
next();
});
//Set Port
//app.set('port', (process.env.PORT || 80));
https.createServer({
ca: fs.readFileSync('certs/netflow.ca-bundle'),
key: fs.readFileSync('certs/netflow.key'),
cert: fs.readFileSync('certs/netflow.crt')
}, app).listen(443,function(){
console.log('Server Started at port 443!');
});
//Redirect
var http = require('http');
http.createServer(function(req,res){
res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
console.log('Redirecting!');
res.end();
}).listen(80);