Skip to content

emartech/boar-server

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Boar Server

Example usage for app

put these lines in your server.js

  var koa = require('koa');
  var path = require('path');
  var koaApp = module.exports = koa();
  var config = require('./config');
  var App = require('boar-server').app;

  var app = new App(koaApp);
  app.connectToMongoose(config.mongooseUri);
  app.addDynamicViewMiddleware(path.join(config.root, '/views'), config.env === 'development');
  app.addStaticContentMiddleware(path.join(config.root, '/assets'));
  app.addHookMiddleware();
  app.loadControllers(path.join(config.root, 'controllers'));
  app.loadModels(path.join(config.root, 'models'));

  if (!module.parent) { app.listen(config.port); }

Add middleware for your app

  var cors = require('koa-cors');
  var app = new App(koaApp);
  app.addMiddleware(cors());

Graceful shutdown

You can stop the server from recieving new connections with app.close(). It returns a Promise that resolves when all existing connections are ended.

  var app = new App(koaApp);
  app.listen(config.port);
  process.on('SIGTERM', () => {
    app.close().then(() => {
      // additional cleaning (e.g. closing db connection)
      process.exit(0);
    })
  })

HTTPS support

To enable HTTPS support, simple create SERVE_HTTPS environment variable with value true. The port for https will be the port of the application increased with 10000 (10k).

If you want to serve the requests with your own SSL certification, create HTTPS_KEY and HTTPS_CERT environment variables with path of the files as values.

Example

export SERVE_HTTPS=true
export HTTPS_KEY="path/to/cert.key"
export HTTPS_CERT="path/to/cert.crt"

node server.js

Build-in Middlewares

Cors Support (koa-cors)

  app.addCorsSupportMiddleware();

Static Content (koa-static)

Param Type Description
path String Path to the static content's folder
  app.addStaticContentMiddleware(path);

Dynamic View

This middleware is a wrapper for koa-pug.

Param Type Description
path String Path to the pug files
  app.addDynamicViewMiddleware(path);

Method Override (koa-methodoverwrite)

  app.addMethodOverrideMiddleware();

Error Handler

Param Type Description
path String Path to error page pug template
  app.addErrorHandlerMiddleware(path);

Body Parse (koa-bodyparser)

Param Type Description
options Object More info.
  app.addBodyParseMiddleware(options);

Request Id (koa-requestid)

Param Type Description
options Object optional
↳header String The name of the header to read the id on the request, false to disable.
↳query String The name of the header to read the id on the query string, false to disable.
↳expose String The name of the header to expose the id on the response, false to disable.
  app.addRequestIdmiddleware(options);

Enforce SSL (koa-ssl)

Param Type Description
options Object More info.
  app.addEnforceSSLMiddleware();

If your application is running behind reverse proxy (like Heroku) you should set the trustProxy configuration option to true in order to process the x-forwarded-proto header.

  var app = new App(koaApp);
  app.addEnforceSSLMiddleware({ trustProxy: true });

Note: if you use this middleware EnforceSSL middleware should be the first you add.

Hook

  app.addHookMiddleware();

Security

Provides middlewares for setting up various security related HTTP headers.

Param Type Description
options Object
↳csp Object More info. Learn more: CSP quick reference
↳hsts Object More info. Learn more: OWASP HSTS page
↳useXssFilter Boolean If true, x-xss-protection middleware will be included. Default: true
↳useNoSniff Boolean If true, dont-sniff-mimetype middleware will be included. Default: true
  app.addSecurityMiddlewares(options);

Default configuration

  {
    csp: {
      directives: {
        defaultSrc: ["'self'"],
        scriptSrc: ["'self'"],
        styleSrc: ["'self'"],
        imgSrc: ["'self'"],
        frameAncestors: ["'self'"],
        reportUri: 'about:blank'
      },
      reportOnly: true
    },
    hsts: {
      maxAge: 30,
      includeSubdomains: true,
      preload: false
    },
    useXssFilter: true,
    useNoSniff: true
  }

Libraries

Mask email address

  var maskEmailAddress = require('boar-server').lib.maskEmailAddress;
  maskEmailAddress('[email protected]');

Real ip address (in heroku)

  var realIpAddress = require('boar-server').lib.realIpAddress;
  realIpAddress(request);

ControllerFactory

  var ControllerFactory = require('boar-server').lib.controllerFactory;

  module.exports = ControllerFactory.create(function(router) {
    router.get('/', ControllerFactory.load('main/actions/get'));
    router.get('/healthcheck', ControllerFactory.load('main/actions/healthcheck/get'));
    router.get('/list', ControllerFactory.loadByAcceptType('main/actions/list/get'));
  });

ClearCollections

deprecated aliased to dropCollections

Use the more descriptively named dropCollections instead.

DropCollections

  var dropCollections = require('boar-server').lib.dropCollections(mongoose);
  
  dropCollections(); // returns a promise

This will drop all your collections.

TruncateCollections

  var truncateCollections = require('boar-server').lib.truncateCollections(mongoose);

  truncateCollections(); // returns a promise

This will truncate all your collections.

ClearGridfs

Database

Wrapper for mongoose connection.

ExceptionHandler