app.js
const express = require('express');
const path = require('path');
// const favicon = require('serve-favicon');
const logger = require('morgan');
const cookieParser = require('cookie-parser');
const bodyParser = require('body-parser');
const session = require('express-session');
const passport = require('passport');
const flash = require('connect-flash');
const Raven = require('raven');
const enforce = require('express-sslify');
const mongoose = require('mongoose');
require('dotenv').config();
require('./app_server/models/db');
require('./app_server/config/passport');
const Service = mongoose.model('Service');
const index = require('./app_server/routes/index');
const services = require('./app_server/routes/services');
const app = express();
if (process.env.NODE_ENV === 'production') {
app.use(enforce.HTTPS({ trustProtoHeader: true }));
}
// Must configure Raven before doing anything else with it
Raven.config(process.env.DSN).install();
// view engine setup
app.set('views', path.join(__dirname, 'app_server', 'views'));
app.set('view engine', 'pug');
// uncomment after placing your favicon in /public
// app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
if (process.env.NODE_ENV === 'production') {
app.use(session({
secret: process.env.secret,
resave: true,
saveUninitialized: false,
proxy: true, // Need to set this for heroku because it uses reverse proxies
cookie: {
secure: true, // TODO: set this to true once the website uses https
httpOnly: true,
maxAge: 3600000, // One hour
},
})); // SECRET SHOULD BE STORED IN ENVIRONMENT VARIABLES
} else {
app.use(session({
secret: 'randomsecret',
resave: true,
saveUninitialized: false,
cookie: {
secure: false, // TODO: set this to true once the website uses https
httpOnly: true,
maxAge: 3600000, // One hour
},
})); // SECRET SHOULD BE STORED IN ENVIRONMENT VARIABLES
}
app.use((req, res, next) => {
res.locals.session = req.session;
next();
});
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
app.use(flash());
/**
* Custom middleware
*
* Reference for middlware in express:
* http://expressjs.com/en/api.html#app.use
*/
/**
* Adds data to the views using res.locals
*
* Reference:
* http://expressjs.com/en/api.html#res
*/
app.use((req, res, next) => {
res.locals.messages = req.flash();
res.locals.user = req.user;
if (req.user && req.user.role === 'service_provider') {
Service.find({
_id: {
$in: req.user.service
}
}, (err, userServices) => {
if (err) console.log(err);
res.locals.services = userServices;
next();
});
} else if (req.user && req.user.role === 'admin') {
Service.find({}, (err, result) => {
if (err) console.log(err);
res.locals.services = result;
next();
});
} else {
next();
}
});
/** End custom middleware */
/**
* Use our routes defined in /routes/index.js
*
* Namespaced under '/'
*/
app.use('/', index);
app.use('/service', services);
// Send the errors to sentry
app.use(Raven.requestHandler());
app.use(Raven.errorHandler());
// catch 404 and forward to error handler
app.use((req, res, next) => {
const err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handler
app.use((err, req, res, next) => {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
next();
});
module.exports = app;