backend/app.js

// OwlBoard - © Fred Boniface 2022-2023 - Licensed under GPLv3 (or later)
// Please see the included LICENSE file

const mode = process.env.NODE_ENV || "development";

// Logging
const logger = require("./src/utils/logger.utils");
logger.logger.info("Logger Initialised");

// External Requires
const express = require("express");
const app = express();

// Middleware
const rateLimit = require("express-rate-limit");
const cors = require("cors");
const authenticate = require("./src/middlewares/auth.middlewares");

// Internal Requires
const version = require("./src/configs/version.configs");
const pis2Rtr = require("./src/routes/pis.routes"); // API Version 2 Routes
const ref2Rtr = require("./src/routes/ref.routes"); // API Version 2 Routes
const live2Rtr = require("./src/routes/live.routes"); // API Version 2 Routes
const tt2Rtr = require("./src/routes/timetable.routes"); // API Version 2
const user2Rtr = require("./src/routes/user.routes"); // API Version 2 Routes
const miscRtr = require("./src/routes/misc.routes"); // Non-Public API Routes

// Set Server Configurations
const srvListen = process.env.OWL_SRV_LISTEN || "0.0.0.0";
const srvPort = process.env.OWL_SRV_PORT || 8460;

const limiter = rateLimit({
  windowMs: 15 * (60 * 1000), // 15 minutes
  max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
  standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
  legacyHeaders: false, // Disable the `X-RateLimit-*` headers
});

// Print version number:
logger.logger.info(`Starting version ${version.app} in ${mode} mode`);

// Remove X-Powered-By header:
app.disable("x-powered-by");

// Express Error Handling:
app.use((err, req, res, next) => {
  const statusCode = err.statuscode || 500;
  logger.logger.error(err, "Express Error");
  res.status(statusCode).json({ message: err.message });
  return;
});

// Pre Middleware:
app.use(
  cors({
    origin: "*", //[/\.owlboard\.info$/, 'localhost:5173', 'localhost:4173']
  })
);
app.use(express.json()); //JSON Parsing for POST Requests
//app.use(limiter);
app.use(authenticate);

// 2023 Rationalisation Routes (/api/v2, /misc)
app.use("/api/v2/pis", pis2Rtr); // API Version 2
app.use("/api/v2/live", live2Rtr); // API Version 2
app.use("/api/v2/ref", ref2Rtr); // API Version 2
app.use("/api/v2/timetable", tt2Rtr); // API Version 2
app.use("/api/v2/user", user2Rtr); // API Version 2
app.use("/misc", miscRtr); // Non public-api endpoints (Stats, Issue, etc.)

app.use("/api/v1/auth/test", authenticate, (req, res) =>
  res.status(200).json({
    status: "ok",
    message: "Authentication successful",
  })
); // Returns 401 if auth failed, 200 if successful.

// Number of proxies:
app.set("trust proxy", 4);
mode === "development"
  ? app.get("/api/v1/ip", (req, res) => res.send(req.ip))
  : null;

// Disable etags
app.set('etag', false)

// Start Express
app.listen(srvPort, srvListen, (error) => {
  if (!error) {
    logger.logger.info(`Listening on http://${srvListen}:${srvPort}`);
  } else {
    logger.logger.error(error, `Error starting server`);
  }
});
Remove unneccasaty comments Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:50:19 +01:00			`// OwlBoard - © Fred Boniface 2022-2023 - Licensed under GPLv3 (or later)`
			`// Please see the included LICENSE file`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`const mode = process.env.NODE_ENV \|\| "development";`
Removed unneccesary vars and added notes for tidyup in preparation for testing additional info Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-16 10:39:19 +00:00
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			`// Logging`
			`const logger = require("./src/utils/logger.utils");`
			`logger.logger.info("Logger Initialised");`

Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`// External Requires`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`const express = require("express");`
			`const app = express();`
pis (#12) Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/12 2023-05-06 21:54:49 +01:00
			`// Middleware`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`const rateLimit = require("express-rate-limit");`
			`const cors = require("cors");`
			`const authenticate = require("./src/middlewares/auth.middlewares");`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
			`// Internal Requires`
TimetableAPI-Upgrade (#64) Partial implementation of: https://git.fjla.uk/OwlBoard/backend/issues/47 The 2022.2.1 release currently live is based off of the TimetableAPI-Upgrade branch. Partial PIS code matching is now implemented in cases where x number of stops need skipping at the start of a route. Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/64 2024-02-11 15:53:12 +00:00			`const version = require("./src/configs/version.configs");`
			`const pis2Rtr = require("./src/routes/pis.routes"); // API Version 2 Routes`
			`const ref2Rtr = require("./src/routes/ref.routes"); // API Version 2 Routes`
			`const live2Rtr = require("./src/routes/live.routes"); // API Version 2 Routes`
			`const tt2Rtr = require("./src/routes/timetable.routes"); // API Version 2`
			`const user2Rtr = require("./src/routes/user.routes"); // API Version 2 Routes`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`const miscRtr = require("./src/routes/misc.routes"); // Non-Public API Routes`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
			`// Set Server Configurations`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`const srvListen = process.env.OWL_SRV_LISTEN \|\| "0.0.0.0";`
			`const srvPort = process.env.OWL_SRV_PORT \|\| 8460;`
pis (#12) Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/12 2023-05-06 21:54:49 +01:00
			`const limiter = rateLimit({`
			`windowMs: 15 * (60 * 1000), // 15 minutes`
			max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
			standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			legacyHeaders: false, // Disable the `X-RateLimit-*` headers
pis (#12) Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/12 2023-05-06 21:54:49 +01:00			`});`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
			`// Print version number:`
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			logger.logger.info(`Starting version ${version.app} in ${mode} mode`);

			`// Remove X-Powered-By header:`
			`app.disable("x-powered-by");`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
			`// Express Error Handling:`
Add support for deploying from TS source Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-07-28 20:51:43 +01:00			`app.use((err, req, res, next) => {`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`const statusCode = err.statuscode \|\| 500;`
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			`logger.logger.error(err, "Express Error");`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`res.status(statusCode).json({ message: err.message });`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`return;`
			`});`

Remove compression from Express, add CacheHeaders middleware. Signed-off-by: Fred Boniface <fred@fjla.uk> 2024-04-23 20:47:47 +01:00			`// Pre Middleware:`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`app.use(`
			`cors({`
			`origin: "*", //[/\.owlboard\.info$/, 'localhost:5173', 'localhost:4173']`
			`})`
			`);`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`app.use(express.json()); //JSON Parsing for POST Requests`
Remove limiter, fix find TrainUID by date Signed-off-by: Fred Boniface <fred@fjla.uk> 2024-02-22 12:02:13 +00:00			`//app.use(limiter);`
Return unauthorised at the controller level rather than at middleware level Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-07-08 18:39:24 +01:00			`app.use(authenticate);`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
/api/v2/pis Ready to go Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-06-17 22:14:58 +01:00			`// 2023 Rationalisation Routes (/api/v2, /misc)`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`app.use("/api/v2/pis", pis2Rtr); // API Version 2`
			`app.use("/api/v2/live", live2Rtr); // API Version 2`
			`app.use("/api/v2/ref", ref2Rtr); // API Version 2`
			`app.use("/api/v2/timetable", tt2Rtr); // API Version 2`
			`app.use("/api/v2/user", user2Rtr); // API Version 2`
			`app.use("/misc", miscRtr); // Non public-api endpoints (Stats, Issue, etc.)`
/api/v2/pis Ready to go Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-06-17 22:14:58 +01:00
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`app.use("/api/v1/auth/test", authenticate, (req, res) =>`
			`res.status(200).json({`
			`status: "ok",`
			`message: "Authentication successful",`
			`})`
			`); // Returns 401 if auth failed, 200 if successful.`
pis (#12) Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/12 2023-05-06 21:54:49 +01:00
			`// Number of proxies:`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`app.set("trust proxy", 4);`
			`mode === "development"`
			`? app.get("/api/v1/ip", (req, res) => res.send(req.ip))`
pis (#12) Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/12 2023-05-06 21:54:49 +01:00			`: null;`
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00
Set Cache-Control headers in route controllers Signed-off-by: Fred Boniface <fred@fjla.uk> 2024-04-24 20:07:24 +01:00			`// Disable etags`
			`app.set('etag', false)`

Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`// Start Express`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`app.listen(srvPort, srvListen, (error) => {`
			`if (!error) {`
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			logger.logger.info(`Listening on http://${srvListen}:${srvPort}`);
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`} else {`
newStaffLDB-API (#48) Merge newStaffLDB-API into main. Ready to deploy Reviewed-on: https://git.fjla.uk/OwlBoard/backend/pulls/48 2023-10-03 21:35:00 +01:00			logger.logger.error(error, `Error starting server`);
Initial Push (v0.0.2) Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-02-09 20:34:53 +00:00			`}`
Run prettier Signed-off-by: Fred Boniface <fred@fjla.uk> 2023-08-26 00:38:26 +01:00			`});`