2020-06-17 22:34:29 +01:00
|
|
|
var createError = require('http-errors');
|
|
|
|
|
var express = require('express');
|
|
|
|
|
var path = require('path');
|
|
|
|
|
var cookieParser = require('cookie-parser');
|
2020-06-22 22:48:48 +01:00
|
|
|
var mLogger = require('morgan');
|
|
|
|
|
var logger = require('./config/winston');
|
2020-07-01 12:10:30 +01:00
|
|
|
const helmet = require("helmet");
|
2020-06-17 22:34:29 +01:00
|
|
|
|
|
|
|
|
var indexRouter = require('./routes/index');
|
2020-06-22 20:36:41 +01:00
|
|
|
var aboutRouter = require('./routes/about');
|
2020-06-29 10:09:10 +01:00
|
|
|
var contactRouter = require('./routes/contact');
|
2020-06-17 22:34:29 +01:00
|
|
|
|
|
|
|
|
var app = express();
|
2020-06-22 20:53:08 +01:00
|
|
|
|
2021-02-15 01:45:26 +00:00
|
|
|
if (process.env.IS_DOCKER != 'true') app.set('trust proxy', 'loopback,uniquelocal');
|
2020-06-22 20:53:08 +01:00
|
|
|
app.disable('x-powered-by');
|
2020-06-17 22:34:29 +01:00
|
|
|
|
|
|
|
|
// view engine setup
|
|
|
|
|
app.set('views', path.join(__dirname, 'views'));
|
|
|
|
|
app.set('view engine', 'pug');
|
|
|
|
|
|
2020-06-22 21:07:05 +01:00
|
|
|
if (process.env.NODE_ENV === 'production') {
|
2020-06-22 22:48:48 +01:00
|
|
|
app.use(mLogger("common", { "stream": logger.stream }));
|
2020-06-22 20:53:08 +01:00
|
|
|
} else {
|
2020-06-22 22:48:48 +01:00
|
|
|
app.use(mLogger('dev'));
|
2020-06-22 20:53:08 +01:00
|
|
|
}
|
|
|
|
|
|
2020-12-23 11:53:42 +00:00
|
|
|
app.use(helmet());
|
2021-01-03 23:28:30 +00:00
|
|
|
app.use(
|
|
|
|
|
helmet.contentSecurityPolicy({
|
|
|
|
|
directives: {
|
|
|
|
|
defaultSrc: ["'self'"],
|
2021-01-03 23:33:59 +00:00
|
|
|
scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://hcaptcha.com", "https://*.hcaptcha.com", "https://cdn.ravenjs.com/"],
|
2021-01-03 23:28:30 +00:00
|
|
|
imgSrc: ["'self'", "https://blog.pastel.codes", "https://static.ghost.org", "https://secure.gravatar.com"],
|
|
|
|
|
styleSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com"],
|
|
|
|
|
fontSrc: ["'self'", "data:"],
|
|
|
|
|
frameSrc: ["https://hcaptcha.com", "https://*.hcaptcha.com"],
|
|
|
|
|
objectSrc: ["'none'"],
|
|
|
|
|
upgradeInsecureRequests: [],
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
|
2020-06-17 22:34:29 +01:00
|
|
|
app.use(express.json());
|
|
|
|
|
app.use(express.urlencoded({ extended: false }));
|
|
|
|
|
app.use(cookieParser());
|
|
|
|
|
app.use(express.static(path.join(__dirname, 'public')));
|
|
|
|
|
|
|
|
|
|
app.use('/', indexRouter);
|
2020-06-22 20:36:41 +01:00
|
|
|
app.use('/about', aboutRouter);
|
2020-06-29 10:09:10 +01:00
|
|
|
app.use('/contact', contactRouter);
|
2020-06-17 22:34:29 +01:00
|
|
|
|
|
|
|
|
// catch 404 and forward to error handler
|
|
|
|
|
app.use(function(req, res, next) {
|
2020-06-22 17:48:10 +01:00
|
|
|
next(createError(404));
|
2020-06-17 22:34:29 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// error handler
|
|
|
|
|
app.use(function(err, req, res, next) {
|
2020-06-18 22:56:03 +01:00
|
|
|
// set locals, only providing error in development
|
|
|
|
|
res.locals.message = err.message;
|
|
|
|
|
res.locals.error = req.app.get('env') === 'development' ? err : {};
|
2020-06-17 22:34:29 +01:00
|
|
|
|
2020-06-18 22:56:03 +01:00
|
|
|
// render the error page
|
|
|
|
|
res.status(err.status || 500);
|
2020-06-22 17:57:35 +01:00
|
|
|
res.render('error', { title: 'Error', description: "Error" });
|
2020-06-17 22:34:29 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
module.exports = app;
|
