Boar Server

Example usage for app

put these lines in your server.js

  var koa = require('koa');
  var path = require('path');
  var koaApp = module.exports = koa();
  var config = require('./config');
  var App = require('boar-server').app;

  var app = new App(koaApp);
  app.connectToMongoose(config.mongooseUri);
  app.addDynamicViewMiddleware(path.join(config.root, '/views'), config.env === 'development');
  app.addStaticContentMiddleware(path.join(config.root, '/assets'));
  app.addHookMiddleware();
  app.loadControllers(path.join(config.root, 'controllers'));
  app.loadModels(path.join(config.root, 'models'));

  if (!module.parent) { app.listen(config.port); }

Add middleware for your app

  var cors = require('koa-cors');
  var app = new App(koaApp);
  app.addMiddleware(cors());

Graceful shutdown

You can stop the server from recieving new connections with app.close(). It returns a Promise that resolves when all existing connections are ended.

  var app = new App(koaApp);
  app.listen(config.port);
  process.on('SIGTERM', () => {
    app.close().then(() => {
      // additional cleaning (e.g. closing db connection)
      process.exit(0);
    })
  })

HTTPS support

To enable HTTPS support, simple create SERVE_HTTPS environment variable with value true. The port for https will be the port of the application increased with 10000 (10k).

If you want to serve the requests with your own SSL certification, create HTTPS_KEY and HTTPS_CERT environment variables with path of the files as values.

Example

export SERVE_HTTPS=true
export HTTPS_KEY="path/to/cert.key"
export HTTPS_CERT="path/to/cert.crt"

node server.js

Build-in Middlewares

Cors Support (koa-cors)

  app.addCorsSupportMiddleware();

Static Content (koa-static)

Param	Type	Description
path	`String`	Path to the static content's folder

  app.addStaticContentMiddleware(path);

Dynamic View

This middleware is a wrapper for koa-pug.

Param	Type	Description
path	`String`	Path to the pug files

  app.addDynamicViewMiddleware(path);

Method Override (koa-methodoverwrite)

  app.addMethodOverrideMiddleware();

Error Handler

Param	Type	Description
path	`String`	Path to error page pug template

  app.addErrorHandlerMiddleware(path);

Body Parse (koa-bodyparser)

Param	Type	Description
options	`Object`	More info.

  app.addBodyParseMiddleware(options);

Request Id (koa-requestid)

Param	Type	Description
options	`Object`	optional
↳header	`String`	The name of the header to read the id on the request, `false` to disable.
↳query	`String`	The name of the header to read the id on the query string, `false` to disable.
↳expose	`String`	The name of the header to expose the id on the response, `false` to disable.

  app.addRequestIdmiddleware(options);

Enforce SSL (koa-ssl)

Param	Type	Description
options	`Object`	More info.

  app.addEnforceSSLMiddleware();

If your application is running behind reverse proxy (like Heroku) you should set the trustProxy configuration option to true in order to process the x-forwarded-proto header.

  var app = new App(koaApp);
  app.addEnforceSSLMiddleware({ trustProxy: true });

Note: if you use this middleware EnforceSSL middleware should be the first you add.

Hook

  app.addHookMiddleware();

Security

Provides middlewares for setting up various security related HTTP headers.

Param	Type	Description
options	`Object`
↳csp	`Object`	More info. Learn more: CSP quick reference
↳hsts	`Object`	More info. Learn more: OWASP HSTS page
↳useXssFilter	`Boolean`	If `true`, x-xss-protection middleware will be included. Default: `true`
↳useNoSniff	`Boolean`	If `true`, dont-sniff-mimetype middleware will be included. Default: `true`

  app.addSecurityMiddlewares(options);

Default configuration

  {
    csp: {
      directives: {
        defaultSrc: ["'self'"],
        scriptSrc: ["'self'"],
        styleSrc: ["'self'"],
        imgSrc: ["'self'"],
        frameAncestors: ["'self'"],
        reportUri: 'about:blank'
      },
      reportOnly: true
    },
    hsts: {
      maxAge: 30,
      includeSubdomains: true,
      preload: false
    },
    useXssFilter: true,
    useNoSniff: true
  }

Libraries

Mask email address

  var maskEmailAddress = require('boar-server').lib.maskEmailAddress;
  maskEmailAddress('[email protected]');

Real ip address (in heroku)

  var realIpAddress = require('boar-server').lib.realIpAddress;
  realIpAddress(request);

ControllerFactory

  var ControllerFactory = require('boar-server').lib.controllerFactory;

  module.exports = ControllerFactory.create(function(router) {
    router.get('/', ControllerFactory.load('main/actions/get'));
    router.get('/healthcheck', ControllerFactory.load('main/actions/healthcheck/get'));
    router.get('/list', ControllerFactory.loadByAcceptType('main/actions/list/get'));
  });

ClearCollections

deprecated aliased to dropCollections

Use the more descriptively named dropCollections instead.

DropCollections

  var dropCollections = require('boar-server').lib.dropCollections(mongoose);
  
  dropCollections(); // returns a promise

This will drop all your collections.

TruncateCollections

  var truncateCollections = require('boar-server').lib.truncateCollections(mongoose);

  truncateCollections(); // returns a promise

arnaudbuchholz-sap / boar-server Goto Github PK

boar-server's Introduction