Skip to content

morzzz007/boar-koa-server

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits

app

app

 
 

lib

lib

 
 

.eslintrc

.eslintrc

 
 

.gitignore

.gitignore

 
 

.npmignore

.npmignore

 
 

.npmrc

.npmrc

 
 

.nsprc

.nsprc

 
 

LICENSE.txt

LICENSE.txt

 
 

README.md

README.md

 
 

index.js

index.js

 
 

package.json

package.json

 
 

Repository files navigation

Boar Koa Server

Example usage for app

put these lines in your server.js

  const Koa = require('koa');
  const path = require('path');
  const koaApp = module.exports = new Koa();
  const config = require('./config');
  const App = require('@emartech/boar-koa-server').app;

  const app = new App(koaApp);
  app.loadControllers(path.join(config.root, 'controllers'));

  if (!module.parent) { app.listen(config.port); }

Add middleware for your app

  const cors = require('koa-cors');
  const app = new App(koaApp);
  app.addMiddleware(cors());

Build-in Middlewares

Cors Support (koa-cors)

  app.addCorsSupportMiddleware();

Method Override (koa-methodoverwrite)

  app.addMethodOverrideMiddleware();

Body Parse (koa-bodyparser)

Param Type Description
options Object More info. 
  app.addBodyParseMiddleware(options);

Request Id (koa-requestid)

Param Type Description
options Object optional
↳header String The name of the header to read the id on the request, false to disable.
↳query String The name of the header to read the id on the query string, false to disable.
↳expose String The name of the header to expose the id on the response, false to disable. 
  app.addRequestIdmiddleware(options);

Enforce SSL (koa-ssl)

Param Type Description
options Object More info. 
  app.addEnforceSSLMiddleware();

If your application is running behind reverse proxy (like Heroku) you should set the trustProxy configuration option to true in order to process the x-forwarded-proto header.

  const app = new App(koaApp);
  app.addEnforceSSLMiddleware({ trustProxy: true });

Note: if you use this middleware EnforceSSL middleware should be the first you add.

Security

Provides middlewares for setting up various security related HTTP headers.

Param Type Description
options Object
↳csp Object More info. Learn more: CSP quick reference
↳hsts Object More info. Learn more: OWASP HSTS page
↳useXssFilter Boolean If true, x-xss-protection middleware will be included. Default: true
↳useNoSniff Boolean If true, dont-sniff-mimetype middleware will be included. Default: true
↳referrerPolicy Boolean,Object If{ policy: 'same-origin'}, referrer-policy middleware will be included. Default false 
  app.addSecurityMiddlewares(options);

Default configuration

  {
    csp: {
      directives: {
        defaultSrc: ["'self'"],
        scriptSrc: ["'self'"],
        styleSrc: ["'self'"],
        imgSrc: ["'self'"],
        frameAncestors: ["'self'"],
        reportUri: 'about:blank'
      },
      reportOnly: true
    },
    hsts: {
      maxAge: 30,
      includeSubDomains: true,
      preload: false
    },
    useXssFilter: true,
    useNoSniff: true,
    referrerPolicy: false
  }

Libraries

ControllerFactory

  var ControllerFactory = require('@emartech/boar-koa-server').lib.controllerFactory;

  module.exports = ControllerFactory.create(function(router) {
    router.get('/', ControllerFactory.load('main/actions/get'));
    router.get('/healthcheck', ControllerFactory.load('main/actions/healthcheck/get'));
    router.get('/list', ControllerFactory.loadByAcceptType('main/actions/list/get'));
  });

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published

Languages

  • JavaScript 100.0%