forked from ButterDebugger/WonkChat
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
108 lines (89 loc) · 2.9 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
import express from "express";
import cookieParser from "cookie-parser";
import path from "node:path";
import http from "node:http";
import dotenv from "dotenv";
import helmet from "helmet";
import bodyParser from "body-parser";
import rateLimit from "express-rate-limit";
import { authRoute, authenticate } from "./api/auth.js";
import gateway from "./api/gateway.js";
import open from 'open';
import chalk from 'chalk';
dotenv.config();
const WINDOW_MS = 15 * 60 * 1000;
const port = process.env.PORT || 8080;
const enableLogging = process.argv.includes("-log");
const filterIcons = process.argv.includes("-icons");
const filterApp = process.argv.includes("-app");
if ((filterIcons || filterApp) && !enableLogging) {
console.error("You must run this with -log enabled!");
process.exit(1);
}
const app = express();
const server = http.createServer(app);
// Set security headers using Helmet middleware with relaxed options
// CSP break images
// https://media.discordapp.net/attachments/610384874280583178/1120691890023583817/image.png?width=1286&height=205
// https://media.discordapp.net/attachments/610384874280583178/1120693479157284984/image.png?width=1366&height=407
app.use(helmet({
contentSecurityPolicy: false,
dnsPrefetchControl: true,
frameguard: true,
hsts: true,
ieNoOpen: true,
noSniff: true,
xssFilter: true
}));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
if (enableLogging) {
const logMessage = filterIcons
? chalk.cyan("Icon logging is enabled")
: filterApp
? chalk.yellow("App logging is enabled")
: chalk.green("Logging is enabled");
console.log("***********************");
console.log(`** ${logMessage} **`);
console.log("***********************");
app.use((req, res, next) => {
const { url } = req;
if (
(!filterIcons && !filterApp) ||
(filterIcons && url.startsWith("/icons")) ||
(filterApp && url.startsWith("/app"))
) {
const date = new Date().toLocaleString();
const method = req.method;
const coloredMethod = method === "GET" ? chalk.green(method) : chalk.red(method);
const coloredUrl = method === "GET" ? chalk.yellow(url) : chalk.cyan(url);
console.log(`[${chalk.gray(date)}] ${coloredMethod} ${coloredUrl}`);
}
next();
});
}
app.get("/logout", (req, res) => {
res.clearCookie("token");
res.redirect("/login");
});
const authLimiter = rateLimit({
WINDOW_MS,
max: 10,
handler: (req, res) => {
res.status(429).json({ error: 'Too many requests' });
}
});
app.post("/api/auth", authLimiter, authRoute);
app.get("/", (req, res) => {
res.redirect("/app");
});
app.use("/app", authenticate);
app.use(express.static(path.join(process.cwd(), "public"), {
extensions: ['html', 'htm']
}));
gateway(app);
server.listen(port, () => {
open(`http://localhost:${port}`);
console.log(`Server is running on port ${port}`);
});