Replace own static and log functions with serve-static and morgan

This commit is contained in:
calzoneman 2014-08-19 00:21:32 -05:00
parent 5f7adc98ba
commit 020e2326b5
4 changed files with 13 additions and 109 deletions

View file

@ -5,7 +5,6 @@
*/ */
var webserver = require("./webserver"); var webserver = require("./webserver");
var logRequest = webserver.logRequest;
var sendJade = require("./jade").sendJade; var sendJade = require("./jade").sendJade;
var Logger = require("../logger"); var Logger = require("../logger");
var db = require("../database"); var db = require("../database");
@ -21,7 +20,6 @@ function handleAccountEditPage(req, res) {
return; return;
} }
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -45,7 +43,6 @@ function handleAccountEditPage(req, res) {
* Handles a POST request to edit a user"s account * Handles a POST request to edit a user"s account
*/ */
function handleAccountEdit(req, res) { function handleAccountEdit(req, res) {
logRequest(req);
var action = req.body.action; var action = req.body.action;
switch(action) { switch(action) {
case "change_password": case "change_password":
@ -187,7 +184,6 @@ function handleAccountChannelPage(req, res) {
return; return;
} }
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -221,7 +217,6 @@ function handleAccountChannelPage(req, res) {
* Handles a POST request to modify a user"s channels * Handles a POST request to modify a user"s channels
*/ */
function handleAccountChannel(req, res) { function handleAccountChannel(req, res) {
logRequest(req);
var action = req.body.action; var action = req.body.action;
switch(action) { switch(action) {
case "new_channel": case "new_channel":
@ -240,7 +235,6 @@ function handleAccountChannel(req, res) {
* Handles a request to register a new channel * Handles a request to register a new channel
*/ */
function handleNewChannel(req, res) { function handleNewChannel(req, res) {
logRequest(req);
var name = req.body.name; var name = req.body.name;
if (typeof name !== "string") { if (typeof name !== "string") {
@ -338,8 +332,6 @@ function handleNewChannel(req, res) {
* Handles a request to delete a new channel * Handles a request to delete a new channel
*/ */
function handleDeleteChannel(req, res) { function handleDeleteChannel(req, res) {
logRequest(req);
var name = req.body.name; var name = req.body.name;
if (typeof name !== "string") { if (typeof name !== "string") {
res.send(400); res.send(400);
@ -429,8 +421,6 @@ function handleAccountProfilePage(req, res) {
return; return;
} }
logRequest(req);
var loginName = false; var loginName = false;
if (!req.cookies.auth) { if (!req.cookies.auth) {
return sendJade(res, "account-profile", { return sendJade(res, "account-profile", {
@ -475,8 +465,6 @@ function handleAccountProfilePage(req, res) {
* Handles a POST request to edit a profile * Handles a POST request to edit a profile
*/ */
function handleAccountProfile(req, res) { function handleAccountProfile(req, res) {
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -535,8 +523,6 @@ function handlePasswordResetPage(req, res) {
return; return;
} }
logRequest(req);
sendJade(res, "account-passwordreset", { sendJade(res, "account-passwordreset", {
reset: false, reset: false,
resetEmail: "", resetEmail: "",
@ -548,8 +534,6 @@ function handlePasswordResetPage(req, res) {
* Handles a POST request to reset a user's password * Handles a POST request to reset a user's password
*/ */
function handlePasswordReset(req, res) { function handlePasswordReset(req, res) {
logRequest(req);
var name = req.body.name, var name = req.body.name,
email = req.body.email; email = req.body.email;
@ -668,8 +652,6 @@ function handlePasswordReset(req, res) {
* Handles a request for /account/passwordrecover/<hash> * Handles a request for /account/passwordrecover/<hash>
*/ */
function handlePasswordRecover(req, res) { function handlePasswordRecover(req, res) {
logRequest(req);
var hash = req.params.hash; var hash = req.params.hash;
if (typeof hash !== "string") { if (typeof hash !== "string") {
res.send(400); res.send(400);

View file

@ -8,7 +8,6 @@ var Config = require("../config");
function checkAdmin(cb) { function checkAdmin(cb) {
return function (req, res) { return function (req, res) {
webserver.logRequest(req);
var auth = req.cookies.auth; var auth = req.cookies.auth;
if (!auth) { if (!auth) {
res.send(403); res.send(403);

View file

@ -11,26 +11,8 @@ var Config = require("../config");
var db = require("../database"); var db = require("../database");
var bodyParser = require("body-parser"); var bodyParser = require("body-parser");
var cookieParser = require("cookie-parser"); var cookieParser = require("cookie-parser");
var static = require("serve-static");
var httplog = new Logger.Logger(path.join(__dirname, "..", "..", "http.log")); var morgan = require("morgan");
var suspiciousPath = (/admin|adm|\.\.|\/etc\/passwd|\\x5c|%5c|0x5c|setup|install|php|pma|blog|sql|scripts|aspx?|database/ig);
/**
* Determines whether a request is suspected of being illegitimate
*/
function isSuspicious(req) {
// ZmEu is a penetration script
if (req.header("user-agent") &&
req.header("user-agent").toLowerCase() === "zmeu") {
return true;
}
if (req.path.match(suspiciousPath)) {
return true;
}
return false;
}
/** /**
* Extracts an IP address from a request. Uses X-Forwarded-For if the IP is localhost * Extracts an IP address from a request. Uses X-Forwarded-For if the IP is localhost
@ -55,22 +37,6 @@ function ipForRequest(req) {
return ip; return ip;
} }
/**
* Logs an HTTP request
*/
function logRequest(req, status) {
if (status === undefined) {
status = 200;
}
httplog.log([
ipForRequest(req),
req.method,
req.path,
req.header("user-agent")
].join(" "));
}
/** /**
* Redirects a request to HTTPS if the server supports it * Redirects a request to HTTPS if the server supports it
*/ */
@ -104,14 +70,11 @@ function handleChannel(req, res) {
} }
if (!$util.isValidChannelName(req.params.channel)) { if (!$util.isValidChannelName(req.params.channel)) {
logRequest(req, 404);
res.status(404); res.status(404);
res.send("Invalid channel name '" + req.params.channel + "'"); res.send("Invalid channel name '" + req.params.channel + "'");
return; return;
} }
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -140,8 +103,6 @@ function handleChannel(req, res) {
* Handles a request for the index page * Handles a request for the index page
*/ */
function handleIndex(req, res) { function handleIndex(req, res) {
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -167,8 +128,6 @@ function handleIndex(req, res) {
* Handles a request for the socket.io information * Handles a request for the socket.io information
*/ */
function handleSocketConfig(req, res) { function handleSocketConfig(req, res) {
logRequest(req);
res.type("application/javascript"); res.type("application/javascript");
var sioconfig = Config.get("sioconfig"); var sioconfig = Config.get("sioconfig");
@ -190,8 +149,6 @@ function handleSocketConfig(req, res) {
} }
function handleUserAgreement(req, res) { function handleUserAgreement(req, res) {
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -205,8 +162,6 @@ function handleUserAgreement(req, res) {
} }
function handleContactPage(req, res) { function handleContactPage(req, res) {
logRequest(req);
var loginName = false; var loginName = false;
if (req.cookies.auth) { if (req.cookies.auth) {
loginName = req.cookies.auth.split(":")[0]; loginName = req.cookies.auth.split(":")[0];
@ -241,40 +196,6 @@ function handleContactPage(req, res) {
}); });
} }
function static(dir) {
dir = path.join(__dirname, dir);
return function (req, res) {
try {
if (isSuspicious(req)) {
logRequest(req, 403);
res.status(403);
if (typeof req.header("user-agent") === "string" &&
req.header("user-agent").toLowerCase() === "zmeu") {
res.send("This server disallows requests from ZmEu.");
} else {
res.send("The request " + req.method.toUpperCase() + " " +
req.path + " looks pretty fishy to me. Double check that " +
"you typed it correctly.");
}
return;
}
res.sendFile(req.path.replace(/^\//, ""), {
maxAge: Config.get("http.cache-ttl") * 1000,
root: dir
}, function (err) {
logRequest(req);
if (err) {
res.status(err.status).end();
}
});
} catch (e) {
Logger.errlog.log(e);
Logger.errlog.log(e.trace);
}
};
}
module.exports = { module.exports = {
/** /**
* Initializes webserver callbacks * Initializes webserver callbacks
@ -282,6 +203,13 @@ module.exports = {
init: function (app) { init: function (app) {
app.use(bodyParser.urlencoded({ extended: false })); app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser()); app.use(cookieParser());
app.use(morgan("combined", {
stream: require("fs").createWriteStream(path.join(__dirname, "..", "..",
"http.log"), {
flags: "a",
encoding: "utf-8"
})
}));
if (Config.get("http.minify")) { if (Config.get("http.minify")) {
var cache = path.join(__dirname, "..", "..", "www", "cache") var cache = path.join(__dirname, "..", "..", "www", "cache")
@ -293,12 +221,7 @@ module.exports = {
})); }));
Logger.syslog.log("Enabled express-minify for CSS and JS"); Logger.syslog.log("Enabled express-minify for CSS and JS");
} }
/* Order here is important
* Since I placed /r/:channel above *, the function will
* not apply to the /r/:channel route. This prevents
* duplicate logging, since /r/:channel"s callback does
* its own logging
*/
app.get("/r/:channel", handleChannel); app.get("/r/:channel", handleChannel);
app.get("/", handleIndex); app.get("/", handleIndex);
app.get("/sioconfig", handleSocketConfig); app.get("/sioconfig", handleSocketConfig);
@ -307,7 +230,7 @@ module.exports = {
require("./auth").init(app); require("./auth").init(app);
require("./account").init(app); require("./account").init(app);
require("./acp").init(app); require("./acp").init(app);
app.use(static(path.join("..", "..", "www"))); app.use(static(path.join(__dirname, "..", "..", "www")));
app.use(function (err, req, res, next) { app.use(function (err, req, res, next) {
if (err) { if (err) {
if (err.message && err.message.match(/failed to decode param/i)) { if (err.message && err.message.match(/failed to decode param/i)) {
@ -321,8 +244,6 @@ module.exports = {
}); });
}, },
logRequest: logRequest,
ipForRequest: ipForRequest, ipForRequest: ipForRequest,
redirectHttps: redirectHttps, redirectHttps: redirectHttps,

View file

@ -15,10 +15,12 @@
"express-minify": "0.0.11", "express-minify": "0.0.11",
"jade": "~1.1.5", "jade": "~1.1.5",
"json-typecheck": "^0.1.0", "json-typecheck": "^0.1.0",
"morgan": "^1.2.3",
"mysql": "~2.0.1", "mysql": "~2.0.1",
"nodemailer": "~0.6.0", "nodemailer": "~0.6.0",
"oauth": "^0.9.11", "oauth": "^0.9.11",
"q": "^1.0.0", "q": "^1.0.0",
"serve-static": "^1.5.3",
"socket.io": "~0.9.16", "socket.io": "~0.9.16",
"yamljs": "~0.1.4" "yamljs": "~0.1.4"
} }