specter/CyTube
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Replace own static and log functions with serve-static and morgan

Browse source
This commit is contained in:
calzoneman 2014-08-19 00:21:32 -05:00
parent 5f7adc98ba
commit 020e2326b5
4 changed files with 13 additions and 109 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
lib/web/account.js
View file

@ -5,7 +5,6 @@
*/
var webserver = require("./webserver");
var logRequest = webserver.logRequest;
var sendJade = require("./jade").sendJade;
var Logger = require("../logger");
var db = require("../database");
@ -21,7 +20,6 @@ function handleAccountEditPage(req, res) {
return;
}
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -45,7 +43,6 @@ function handleAccountEditPage(req, res) {
* Handles a POST request to edit a user"s account
*/
function handleAccountEdit(req, res) {
logRequest(req);
var action = req.body.action;
switch(action) {
case "change_password":
@ -187,7 +184,6 @@ function handleAccountChannelPage(req, res) {
return;
}
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -221,7 +217,6 @@ function handleAccountChannelPage(req, res) {
* Handles a POST request to modify a user"s channels
*/
function handleAccountChannel(req, res) {
logRequest(req);
var action = req.body.action;
switch(action) {
case "new_channel":
@ -240,7 +235,6 @@ function handleAccountChannel(req, res) {
* Handles a request to register a new channel
*/
function handleNewChannel(req, res) {
logRequest(req);
var name = req.body.name;
if (typeof name !== "string") {
@ -338,8 +332,6 @@ function handleNewChannel(req, res) {
* Handles a request to delete a new channel
*/
function handleDeleteChannel(req, res) {
logRequest(req);
var name = req.body.name;
if (typeof name !== "string") {
res.send(400);
@ -429,8 +421,6 @@ function handleAccountProfilePage(req, res) {
return;
}
logRequest(req);
var loginName = false;
if (!req.cookies.auth) {
return sendJade(res, "account-profile", {
@ -475,8 +465,6 @@ function handleAccountProfilePage(req, res) {
* Handles a POST request to edit a profile
*/
function handleAccountProfile(req, res) {
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -535,8 +523,6 @@ function handlePasswordResetPage(req, res) {
return;
}
logRequest(req);
sendJade(res, "account-passwordreset", {
reset: false,
resetEmail: "",
@ -548,8 +534,6 @@ function handlePasswordResetPage(req, res) {
* Handles a POST request to reset a user's password
*/
function handlePasswordReset(req, res) {
logRequest(req);
var name = req.body.name,
email = req.body.email;
@ -668,8 +652,6 @@ function handlePasswordReset(req, res) {
* Handles a request for /account/passwordrecover/<hash>
*/
function handlePasswordRecover(req, res) {
logRequest(req);
var hash = req.params.hash;
if (typeof hash !== "string") {
res.send(400);

1
lib/web/acp.js
View file

@ -8,7 +8,6 @@ var Config = require("../config");
function checkAdmin(cb) {
return function (req, res) {
webserver.logRequest(req);
var auth = req.cookies.auth;
if (!auth) {
res.send(403);

101
lib/web/webserver.js
View file

@ -11,26 +11,8 @@ var Config = require("../config");
var db = require("../database");
var bodyParser = require("body-parser");
var cookieParser = require("cookie-parser");
var httplog = new Logger.Logger(path.join(__dirname, "..", "..", "http.log"));
var suspiciousPath = (/admin|adm|\.\.|\/etc\/passwd|\\x5c|%5c|0x5c|setup|install|php|pma|blog|sql|scripts|aspx?|database/ig);
/**
* Determines whether a request is suspected of being illegitimate
*/
function isSuspicious(req) {
// ZmEu is a penetration script
if (req.header("user-agent") &&
req.header("user-agent").toLowerCase() === "zmeu") {
return true;
}
if (req.path.match(suspiciousPath)) {
return true;
}
return false;
}
var static = require("serve-static");
var morgan = require("morgan");
/**
* Extracts an IP address from a request. Uses X-Forwarded-For if the IP is localhost
@ -55,22 +37,6 @@ function ipForRequest(req) {
return ip;
}
/**
* Logs an HTTP request
*/
function logRequest(req, status) {
if (status === undefined) {
status = 200;
}
httplog.log([
ipForRequest(req),
req.method,
req.path,
req.header("user-agent")
].join(" "));
}
/**
* Redirects a request to HTTPS if the server supports it
*/
@ -104,14 +70,11 @@ function handleChannel(req, res) {
}
if (!$util.isValidChannelName(req.params.channel)) {
logRequest(req, 404);
res.status(404);
res.send("Invalid channel name '" + req.params.channel + "'");
return;
}
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -140,8 +103,6 @@ function handleChannel(req, res) {
* Handles a request for the index page
*/
function handleIndex(req, res) {
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -167,8 +128,6 @@ function handleIndex(req, res) {
* Handles a request for the socket.io information
*/
function handleSocketConfig(req, res) {
logRequest(req);
res.type("application/javascript");
var sioconfig = Config.get("sioconfig");
@ -190,8 +149,6 @@ function handleSocketConfig(req, res) {
}
function handleUserAgreement(req, res) {
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -205,8 +162,6 @@ function handleUserAgreement(req, res) {
}
function handleContactPage(req, res) {
logRequest(req);
var loginName = false;
if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0];
@ -241,40 +196,6 @@ function handleContactPage(req, res) {
});
}
function static(dir) {
dir = path.join(__dirname, dir);
return function (req, res) {
try {
if (isSuspicious(req)) {
logRequest(req, 403);
res.status(403);
if (typeof req.header("user-agent") === "string" &&
req.header("user-agent").toLowerCase() === "zmeu") {
res.send("This server disallows requests from ZmEu.");
} else {
res.send("The request " + req.method.toUpperCase() + " " +
req.path + " looks pretty fishy to me. Double check that " +
"you typed it correctly.");
}
return;
}
res.sendFile(req.path.replace(/^\//, ""), {
maxAge: Config.get("http.cache-ttl") * 1000,
root: dir
}, function (err) {
logRequest(req);
if (err) {
res.status(err.status).end();
}
});
} catch (e) {
Logger.errlog.log(e);
Logger.errlog.log(e.trace);
}
};
}
module.exports = {
/**
* Initializes webserver callbacks
@ -282,6 +203,13 @@ module.exports = {
init: function (app) {
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(morgan("combined", {
stream: require("fs").createWriteStream(path.join(__dirname, "..", "..",
"http.log"), {
flags: "a",
encoding: "utf-8"
})
}));
if (Config.get("http.minify")) {
var cache = path.join(__dirname, "..", "..", "www", "cache")
@ -293,12 +221,7 @@ module.exports = {
}));
Logger.syslog.log("Enabled express-minify for CSS and JS");
}
/* Order here is important
* Since I placed /r/:channel above *, the function will
* not apply to the /r/:channel route. This prevents
* duplicate logging, since /r/:channel"s callback does
* its own logging
*/
app.get("/r/:channel", handleChannel);
app.get("/", handleIndex);
app.get("/sioconfig", handleSocketConfig);
@ -307,7 +230,7 @@ module.exports = {
require("./auth").init(app);
require("./account").init(app);
require("./acp").init(app);
app.use(static(path.join("..", "..", "www")));
app.use(static(path.join(__dirname, "..", "..", "www")));
app.use(function (err, req, res, next) {
if (err) {
if (err.message && err.message.match(/failed to decode param/i)) {
@ -321,8 +244,6 @@ module.exports = {
});
},
logRequest: logRequest,
ipForRequest: ipForRequest,
redirectHttps: redirectHttps,

2
package.json
View file

@ -15,10 +15,12 @@
"express-minify": "0.0.11",
"jade": "~1.1.5",
"json-typecheck": "^0.1.0",
"morgan": "^1.2.3",
"mysql": "~2.0.1",
"nodemailer": "~0.6.0",
"oauth": "^0.9.11",
"q": "^1.0.0",
"serve-static": "^1.5.3",
"socket.io": "~0.9.16",
"yamljs": "~0.1.4"
}