Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: dev
Fetching contributors…

Cannot retrieve contributors at this time

executable file 160 lines (138 sloc) 5.354 kB
#!/usr/bin/env node
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
const
fs = require('fs'),
path = require('path'),
url = require('url'),
http = require('http'),
urlparse = require('urlparse'),
express = require('express');
const
i18n = require('../lib/i18n.js'),
wsapi = require('../lib/wsapi.js'),
httputils = require('../lib/httputils.js'),
db = require('../lib/db.js'),
config = require('../lib/configuration.js'),
heartbeat = require('../lib/heartbeat.js'),
logger = require('../lib/logging.js').logger,
shutdown = require('../lib/shutdown');
var app = undefined;
app = express.createServer();
logger.info("browserid server starting up");
// NOTE: ordering of middleware registration is important in this file, it is the
// order in which middleware will be invoked as requests are processed.
// #1 - Setup health check / heartbeat middleware.
// This is in front of logging on purpose. see issue #537
heartbeat.setup(app, function(cb) {
// ping the database to verify we're really healthy.
db.ping(function(e) {
if (e) logger.error("database ping error: " + e);
cb(!e);
});
});
// #2 - logging! all requests other than __heartbeat__ are logged
app.use(express.logger({
format: config.get('express_log_format'),
stream: {
write: function(x) {
logger.info(typeof x === 'string' ? x.trim() : x);
}
}
}));
// #2.1 - localization
app.use(i18n.abide({
supported_languages: config.get('supported_languages'),
default_lang: config.get('default_lang'),
debug_lang: config.get('debug_lang'),
translation_directory: config.get('translation_directory'),
disable_locale_check: config.get('disable_locale_check')
}));
var statsd_config = config.get('statsd');
if (statsd_config && statsd_config.enabled) {
var logger_statsd = require("connect-logger-statsd");
app.use(logger_statsd({
host: statsd_config.hostname || "localhost",
port: statsd_config.port || 8125,
prefix: statsd_config.prefix || "browserid.webhead."
}));
}
// #3 - Add Strict-Transport-Security headers if we're serving over SSL
if (config.get('scheme') == 'https') {
app.use(function(req, resp, next) {
// expires in 30 days, include subdomains like www
resp.setHeader("Strict-Transport-Security", "max-age=2592000; includeSubdomains");
next();
});
}
// #4 - prevent framing of everything. content underneath that needs to be
// framed must explicitly remove the x-frame-options
app.use(function(req, resp, next) {
resp.setHeader('x-frame-options', config.get('x_frame_options'));
next();
});
// #6 - verify all JSON responses are objects - prevents regression on issue #217
app.use(function(req, resp, next) {
var realRespJSON = resp.json;
resp.json = function(obj) {
if (!obj || typeof obj !== 'object') {
logger.error("INTERNAL ERROR! *all* json responses must be objects");
return httputils.serverError(resp, "broken internal API implementation");
}
realRespJSON.call(resp, obj);
};
return next();
});
// #7 - perform response substitution to support local/dev/beta environments
// (specifically, this replaces URLs in responses, e.g. https://login.persona.org
// with https://login.anosrep.org)
config.performSubstitution(app);
// #8 - handle /wsapi requests
wsapi.setup({
forward_writes: urlparse(config.get('dbwriter_url')).validate().normalize().originOnly()
}, app);
// #9 if the BROWSERID_FAKE_VERIFICATION env var is defined, we'll include
// fake_verification.js. This is used during testing only and should
// never be included in a production deployment
if (process.env['BROWSERID_FAKE_VERIFICATION']) {
require('../lib/browserid/fake_verification.js').addVerificationWSAPI(app);
}
// open the databse
db.open(config.get('database'), function (error) {
if (error) {
logger.error("can't open database: " + error);
// let async logging flush, then exit 1
return setTimeout(function() { process.exit(1); }, 0);
}
// shut down express gracefully on SIGINT
shutdown.handleTerminationSignals(app, function(readyForShutdownCB) {
require('../lib/bcrypt.js').shutdown();
db.close(readyForShutdownCB);
});
var bindTo = config.get('bind_to');
app.listen(bindTo.port, bindTo.host, function() {
logger.info("running on http://" + app.address().address + ":" + app.address().port);
// #13 if the CREATE_TEST_USERS env var is defined, we'll try to create
// some test users
if (process.env['CREATE_TEST_USERS']) {
logger.warn("creating test users... this can take a while...");
require('../lib/bcrypt').encrypt(
config.get('bcrypt_work_factor'), "THE PASSWORD", function(err, hash) {
if (err) {
logger.error("error creating test users - bcrypt encrypt pass: " + err);
process.exit(1);
}
var want = parseInt(process.env['CREATE_TEST_USERS'], 10);
var have = 0;
for (var i = 1; i <= want; i++) {
db.addTestUser(i + "@loadtest.domain", hash, function(err, email) {
if (++have == want) {
logger.warn("created " + want + " test users");
}
});
}
});
}
});
});
Jump to Line
Something went wrong with that request. Please try again.