/** * More info about this file: * https://v2.quasar.dev/quasar-cli-vite/developing-ssr/ssr-webserver * * Runs in Node context. */ /** * Make sure to yarn add / npm install (in your project root) * anything you import here (except for express and compression). */ import dotenv from 'dotenv'; import express from 'express'; import compression from 'compression'; import session from 'express-session'; import { PrismaSessionStore } from '@quixo3/prisma-session-store'; import { PrismaClient } from '@prisma/client'; import { v4 as uuidv4 } from 'uuid'; import pinoHttp from 'pino-http'; import apiRoutes from './routes/api.js'; import authRoutes from './routes/auth.js'; import chatRoutes from './routes/chat.js'; import settingsRoutes from './routes/settings.js'; import userPreferencesRoutes from './routes/userPreferences.js'; import mantisRoutes from './routes/mantis.js'; import cron from 'node-cron'; import { generateAndStoreMantisSummary } from './services/mantisSummarizer.js'; import { requireAuth } from './middlewares/authMiddleware.js'; import { setup as setupMantisDownloader } from './services/mantisDownloader.js'; import { logger } from './utils/logging.js'; import SuperJSON from 'superjson'; dotenv.config(); const httpLogger = pinoHttp({ logger }); // Define Relying Party details (Update with your actual details) export const rpID = process.env.NODE_ENV === 'production' ? 'stylepoint.uk' : 'localhost'; export const rpName = 'StylePoint'; export const origin = process.env.NODE_ENV === 'production' ? `https://${rpID}` : `http://${rpID}:9000`; export const challengeStore = new Map(); const prisma = new PrismaClient(); const app = express(); app.use(httpLogger); if(!process.env.SESSION_SECRET) { logger.error('SESSION_SECRET environment variable is not set. Please set it to a strong secret key.'); process.exit(1); // Exit the process if the secret is not set } // Session middleware configuration app.use(session({ genid: (req) => uuidv4(), // Use UUIDs for session IDs secret: process.env.SESSION_SECRET, // Use an environment variable for the secret resave: false, saveUninitialized: false, // Changed to false as recommended for session stores store: new PrismaSessionStore( // Use PrismaSessionStore prisma, { checkPeriod: 2 * 60 * 1000, //ms dbRecordIdIsSessionId: true, dbRecordIdFunction: undefined, } ), cookie: { secure: process.env.NODE_ENV === 'production', // Use secure cookies in production httpOnly: true, maxAge: 1000 * 60 * 60 * 24 // 1 day } })); // Schedule the Mantis summary task // Run daily at 1:00 AM server time (adjust as needed) cron.schedule('0 1 * * *', async() => { try { await generateAndStoreMantisSummary(); logger.info('Scheduled Mantis summary task completed successfully.'); } catch (error) { logger.error({ error }, 'Error running scheduled Mantis summary task'); } }, { scheduled: true, timezone: 'Europe/London' // Example: Set to your server's timezone }); // attackers can use this header to detect apps running Express // and then launch specifically-targeted attacks app.disable('x-powered-by'); // Add JSON body parsing middleware app.use(express.json()); app.use((req, res, next) => { res.json = (data) => { if (res.headersSent) { return; } res.setHeader('Content-Type', 'application/json'); res.send(SuperJSON.stringify(data)); }; next(); }); // Add API routes app.use('/api/auth', authRoutes); app.use('/api/chat', requireAuth, chatRoutes); app.use('/api/user-preferences', requireAuth, userPreferencesRoutes); app.use('/api/settings', requireAuth, settingsRoutes); app.use('/api/mantis', requireAuth, mantisRoutes); app.use('/api', requireAuth, apiRoutes); if (process.env.PROD) { app.use(compression()); } app.use(express.static('public', { index: false })); app.listen(8000, () => { logger.info('Server is running on http://localhost:8000'); setupMantisDownloader(); });