Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/usr/bin/env node
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
const
fs = require('fs'),
path = require('path'),
url = require('url'),
http = require('http');
urlparse = require('urlparse'),
express = require('express');
const
wsapi = require('../lib/wsapi.js'),
config = require('../lib/configuration.js'),
heartbeat = require('../lib/heartbeat.js'),
logger = require('../lib/logging.js').logger,
forward = require('../lib/http_forward').forward,
shutdown = require('../lib/shutdown');
var app = undefined;
app = express.createServer();
logger.info("router server starting up");
// verify that we have a keysigner configured
if (!config.get('keysigner_url')) {
logger.error('missing required configuration - url for the keysigner (KEYSIGNER_URL in env)');
process.exit(1);
}
// verify that we have a dbwriter configured
if (!config.get('dbwriter_url')) {
logger.error('missing required configuration - url for the dbwriter (DBWRITER_URL in env)');
process.exit(1);
}
// verify that we have a browserid configured
if (!config.get('browserid_url')) {
logger.error('missing required configuration - url for browserid (BROWSERID_URL in env)');
process.exit(1);
}
// NOTE: ordering of middleware registration is important in this file, it is the
// order in which middleware will be invoked as requests are processed.
// #1 - Setup health check / heartbeat middleware.
// This is in front of logging on purpose. see issue #537
heartbeat.setup(app);
// #2 - logging! all requests other than __heartbeat__ are logged
app.use(express.logger({
format: config.get('express_log_format'),
stream: {
write: function(x) {
logger.info(typeof x === 'string' ? x.trim() : x);
}
}
}));
// limit all content bodies to 10kb, at which point we'll forcefully
// close down the connection.
app.use(express.limit("10kb"));
var statsd_config = config.get('statsd');
if (statsd_config && statsd_config.enabled) {
logger_statsd = require("connect-logger-statsd");
app.use(logger_statsd({
host: statsd_config.hostname || "localhost",
port: statsd_config.port || 8125,
prefix: statsd_config.prefix || "browserid.router."
}));
}
// Add Strict-Transport-Security headers if we're serving over SSL
if (config.get('scheme') == 'https') {
Lloyd Hilaiel
committed
app.use(function(req, res, next) {
// expires in 30 days, include subdomains like www
Lloyd Hilaiel
committed
res.setHeader("Strict-Transport-Security", "max-age=2592000; includeSubdomains");
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
next();
});
}
// redirect requests to the "verifier" processes
if (config.get('verifier_url')) {
var verifier_url = urlparse(config.get('verifier_url')).validate().normalize();
app.use(function(req, res, next) {
if (/^\/verify$/.test(req.url)) {
forward(
verifier_url, req, res,
function(err) {
if (err) {
logger.error("error forwarding request:", err);
}
});
} else {
return next();
}
});
}
// handle /wsapi writes
wsapi.setup({
router_mode: true,
forward_writes: urlparse(config.get('dbwriter_url')).validate().normalize().originOnly()
}, app);
// Forward all leftover requests to browserid
var browserid_url = urlparse(config.get('browserid_url')).validate().normalize().originOnly();
app.use(function(req, res, next) {
forward(
browserid_url+req.url, req, res,
function(err) {
if (err) {
logger.error("error forwarding request:", err);
}
});
});
var bindTo = config.get('bind_to');
app.listen(bindTo.port, bindTo.host, function(conn) {
logger.info("running on http://" + app.address().address + ":" + app.address().port);
});