"use strict"; process.env.TZ = "Etc/GMT"; if (process.env.LOG_LINE) { require("./monkey.js"); /* monkey patch console.log */ } console.log("Loading photos.ketr"); const express = require("express"), morgan = require("morgan"), bodyParser = require("body-parser"), config = require("config"), session = require('express-session'), SQLiteStore = require('connect-sqlite3')(session), scanner = require("./scanner"); require("./console-line.js"); /* Monkey-patch console.log with line numbers */ const picturesPath = config.get("picturesPath").replace(/\/$/, ""), serverConfig = config.get("server"); let basePath = config.get("basePath"); basePath = "/" + basePath.replace(/^\/+/, "").replace(/\/+$/, "") + "/"; if (basePath == "//") { basePath = "/"; } console.log("Loading pictures out of: " + picturesPath); console.log("Hosting server from: " + basePath); const app = express(); app.set("basePath", basePath); /* App is behind an nginx proxy which we trust, so use the remote address * set in the headers */ app.set("trust proxy", true); /* Handle static files first so excessive logging doesn't occur */ app.use(basePath, express.static("frontend", { index: false })); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); /* body-parser does not support text/*, so add support for that here */ app.use(function(req, res, next){ if (!req.is('text/*')) { return next(); } req.setEncoding('utf8'); let text = ''; req.on('data', function(chunk) { text += chunk; }); req.on('end', function() { req.text = text; next(); }); }); app.use(session({ store: new SQLiteStore({ db: config.get("sessions.db") }), secret: config.get("sessions.store-secret"), cookie: { maxAge: 7 * 24 * 60 * 60 * 1000 } // 1 week })); const index = require("./routes/index"); /* Allow loading of the app w/out being logged in */ app.use(basePath, index); app.use(basePath + "api/v1/users", require("./routes/users")); app.use(function(err, req, res, next) { res.status(err.status || 500).json({ message: err.message, error: {} }); }); /* Everything below here requires a successful authentication */ app.use(basePath, function(req, res, next) { if (!req.session || !req.session.user || !req.session.user.username) { return res.status(401).send("Unauthorized"); } if (config.has("restrictions")) { let allowed = config.get("restrictions"); if (!Array.isArray(allowed)) { allowed = [ allowed ]; } for (let i = 0; i < allowed.length; i++) { if (allowed[i] == req.session.user.username) { return next(); } } console.log("Unauthorized (logged in) access by user: " + req.session.user.username); return res.status(401).send("Unauthorized"); } return next(); }); app.use(basePath, express.static(picturesPath, { index: false })); app.use(morgan("common")); app.use(basePath + "api/v1/photos", require("./routes/photos")); app.use(basePath + "api/v1/days", require("./routes/days")); app.use(basePath + "api/v1/albums", require("./routes/albums")); /* Declare the "catch all" index route last; the final route is a 404 dynamic router */ app.use(basePath + "/*", index); /** * Create HTTP server and listen for new connections */ app.set("port", serverConfig.port); const server = require("http").createServer(app); require("./db/photos").then(function(photoDB) { console.log("DB connected. Opening server."); server.listen(serverConfig.port); return photoDB; }).then(function(photoDB) { console.log("Scanning."); return scanner.scan(photoDB); }).then(function() { console.log("Scanning completed."); }).catch(function(error) { console.error(error); process.exit(-1); }); server.on("error", function(error) { if (error.syscall !== "listen") { throw error; } // handle specific listen errors with friendly messages switch (error.code) { case "EACCES": console.error(serverConfig.port + " requires elevated privileges"); process.exit(1); break; case "EADDRINUSE": console.error(serverConfig.port + " is already in use"); process.exit(1); break; default: throw error; } }); server.on("listening", function() { console.log("Listening on " + serverConfig.port); });