109 lines
No EOL
3.4 KiB
JavaScript
109 lines
No EOL
3.4 KiB
JavaScript
/**
|
|
* More info about this file:
|
|
* https://v2.quasar.dev/quasar-cli-vite/developing-ssr/ssr-webserver
|
|
*
|
|
* Runs in Node context.
|
|
*/
|
|
|
|
/**
|
|
* Make sure to yarn add / npm install (in your project root)
|
|
* anything you import here (except for express and compression).
|
|
*/
|
|
import dotenv from 'dotenv';
|
|
import express from 'express';
|
|
import compression from 'compression';
|
|
import session from 'express-session'; // Added for session management
|
|
import { PrismaSessionStore } from '@quixo3/prisma-session-store'; // Import Prisma session store
|
|
import { PrismaClient } from '@prisma/client'; // Import Prisma Client
|
|
import { v4 as uuidv4 } from 'uuid'; // Added for generating session IDs
|
|
import apiRoutes from './routes/api.js';
|
|
import authRoutes from './routes/auth.js'; // Added for WebAuthn routes
|
|
import chatRoutes from './routes/chat.js'; // Added for Chat routes
|
|
import cron from 'node-cron';
|
|
import { generateAndStoreMantisSummary } from './services/mantisSummarizer.js';
|
|
|
|
dotenv.config();
|
|
|
|
// Define Relying Party details (Update with your actual details)
|
|
export const rpID = process.env.NODE_ENV === 'production' ? 'your-production-domain.com' : 'localhost';
|
|
export const rpName = 'StylePoint';
|
|
export const origin = process.env.NODE_ENV === 'production' ? `https://${rpID}` : `http://${rpID}:9000`;
|
|
|
|
// In-memory store for challenges (Replace with a persistent store in production)
|
|
export const challengeStore = new Map();
|
|
|
|
const prisma = new PrismaClient(); // Instantiate Prisma Client
|
|
|
|
const app = express();
|
|
|
|
if(!process.env.SESSION_SECRET)
|
|
{
|
|
console.error('SESSION_SECRET environment variable is not set. Please set it to a strong secret key.');
|
|
process.exit(1); // Exit the process if the secret is not set
|
|
}
|
|
|
|
// Session middleware configuration
|
|
app.use(session({
|
|
genid: (req) => uuidv4(), // Use UUIDs for session IDs
|
|
secret: process.env.SESSION_SECRET, // Use an environment variable for the secret
|
|
resave: false,
|
|
saveUninitialized: false, // Changed to false as recommended for session stores
|
|
store: new PrismaSessionStore( // Use PrismaSessionStore
|
|
prisma,
|
|
{
|
|
checkPeriod: 2 * 60 * 1000, //ms
|
|
dbRecordIdIsSessionId: true,
|
|
dbRecordIdFunction: undefined,
|
|
}
|
|
),
|
|
cookie: {
|
|
secure: process.env.NODE_ENV === 'production', // Use secure cookies in production
|
|
httpOnly: true,
|
|
maxAge: 1000 * 60 * 60 * 24 // 1 day
|
|
}
|
|
}));
|
|
|
|
// Schedule the Mantis summary task
|
|
// Run daily at 1:00 AM server time (adjust as needed)
|
|
cron.schedule('0 1 * * *', async() =>
|
|
{
|
|
console.log('Running scheduled Mantis summary task...');
|
|
try
|
|
{
|
|
await generateAndStoreMantisSummary();
|
|
console.log('Scheduled Mantis summary task completed.');
|
|
}
|
|
catch (error)
|
|
{
|
|
console.error('Error running scheduled Mantis summary task:', error);
|
|
}
|
|
}, {
|
|
scheduled: true,
|
|
timezone: 'Europe/London' // Example: Set to your server's timezone
|
|
});
|
|
|
|
// attackers can use this header to detect apps running Express
|
|
// and then launch specifically-targeted attacks
|
|
app.disable('x-powered-by');
|
|
|
|
// Add JSON body parsing middleware
|
|
app.use(express.json());
|
|
|
|
// Add API routes
|
|
app.use('/api', apiRoutes);
|
|
app.use('/api/auth', authRoutes);
|
|
app.use('/api/chat', chatRoutes);
|
|
|
|
// place here any middlewares that
|
|
// absolutely need to run before anything else
|
|
if (process.env.PROD)
|
|
{
|
|
app.use(compression());
|
|
}
|
|
|
|
app.use(express.static('public', { index: false }));
|
|
|
|
app.listen(8000, () =>
|
|
{
|
|
console.log('Server is running on http://localhost:8000');
|
|
}); |