Merge pull request #1 from EnsembleLab/dev

Dev

Author: iolufemi

.travis.yml

@@ -1,8 +1,21 @@
+sudo: false
 language: node_js
+services: 
+  - mongodb
+  - redis-server
+env:
+  - MONGOLAB_URL=mongodb://127.0.0.1/snipe RATE_LIMIT=10 REDIS_URL=redis://127.0.0.1/1 SECURE_MODE=true
+addons:
+  apt:
+    sources:
+    - mongodb-3.0-precise
+    packages:
+    - mongodb-org-server
 node_js:
   - '7'
   - '6'
 before_script:
+  - sleep 15
   - npm install -g gulp mocha gulp-cli codecov istanbul
 install:
   - npm install

README.md

@@ -5,3 +5,9 @@
 
 
 API Development Template
+
+
+## ToDo
+
+- Implement Helmet for security
+- Implement Express Limiter for limiting requests

app.js

@@ -23,21 +23,28 @@ if (cluster.isMaster && config.env === 'production') {
 } else {
 	var express = require('express');
 	var app = express();
-	// var router = require('./routes');
-
-	if(config.trustProxy === 'yes'){
-		app.enable('trust proxy');
-	}
-
-	// app.use('/',router);
-	
-	if(config.env === 'production'){
-		log.info('Worker %d running!', cluster.worker.id);
-	}
-	
-
-	app.listen(config.port, function () {
-		log.info('listening on port '+config.port+'!');
-	});
+	var router = require('./routes');
+    var express_enforces_ssl = require('express-enforces-ssl');
+
+    if(config.trustProxy === 'yes'){
+      app.enable('trust proxy');
+  }
+
+  if(config.enforceSSL === 'yes'){
+    app.use(express_enforces_ssl());
+}
+
+app.use('/',router);
+
+if(config.env === 'production'){
+  log.info('Worker %d running!', cluster.worker.id);
+}
+
+
+var server = app.listen(config.port, function () {
+    var host = server.address().address;
+    var port = server.address().port;
+    log.info('listening on host '+host+', port '+port+'!');
+});
 
 }

config/development.js

@@ -6,5 +6,13 @@ module.exports = {
 	bugsnagKey: process.env.BUGSNAG_KEY || false,
 	secureMode: process.env.SECURE_MODE || false,
 	secret: process.env.SECRET || 'lakikihdgdfdjjjdgd67264664vdjhjdyncmxuei8336%%^#%gdvdhj????jjhdghduue',
-	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe'
-};
+	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe',
+    noFrontendCaching: process.env.NO_CACHE || 'yes',
+    rateLimit: process.env.RATE_LIMIT || '1800',
+    rateLimitExpiry: process.env.RATE_LIMIT_EXPIRY || '3600000',
+    redisURL: process.env.REDIS_URL || 'redis://192.168.99.100:6379/1',
+    letsencryptSSLVerificationURL: process.env.LETSENCRYPT_VERIFICATION_URL || '/.well-known/acme-challenge/xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8',
+    letsencryptSSLVerificationBody: process.env.LETSENCRYPT_VERIFICATION_BODY || 'xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8._v6aFbaRYWeOmSebtlD-X4Ixf5tPsyULMsXM8HjsK-Q',
+    maxContentLength: process.env.MAX_CONTENT_LENGTH || '9999',
+    enforceSSL: process.env.ENFORCE_SSL || 'no'
+};

config/index.js

@@ -8,4 +8,4 @@ if(process.env.NODE_ENV === 'development'){
 	module.exports = production;
 }else{
 	module.exports = development;
-}
+}

config/production.js

@@ -2,9 +2,17 @@
 module.exports = {
 	env: process.env.NODE_ENV || 'production',
 	port: process.env.PORT || 80,
-	trustProxy: process.env.TRUST_PROXY || 'no',
+	trustProxy: process.env.TRUST_PROXY || 'yes',
 	bugsnagKey: process.env.BUGSNAG_KEY || false,
 	secureMode: process.env.SECURE_MODE || true,
 	secret: process.env.SECRET || 'lakikihdgdfdjjjdgd67264660okjnbgtrdxswerfgytg373745ei8336%%^#%gdvdhj????jjhdghduue',
-	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe'
-};
+	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe',
+    noFrontendCaching: process.env.NO_CACHE || 'no',
+    rateLimit: process.env.RATE_LIMIT || '1800',
+    rateLimitExpiry: process.env.RATE_LIMIT_EXPIRY || '3600000',
+    redisURL: process.env.REDIS_URL || 'redis://192.168.99.100:6379/1',
+    letsencryptSSLVerificationURL: process.env.LETSENCRYPT_VERIFICATION_URL || '/.well-known/acme-challenge/xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8',
+    letsencryptSSLVerificationBody: process.env.LETSENCRYPT_VERIFICATION_BODY || 'xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8._v6aFbaRYWeOmSebtlD-X4Ixf5tPsyULMsXM8HjsK-Q',
+    maxContentLength: process.env.MAX_CONTENT_LENGTH || '9999',
+    enforceSSL: process.env.ENFORCE_SSL || 'no'
+};

controllers/Initialize.js

@@ -0,0 +1,16 @@
+"use strict";
+var encryption = require('../services/encryption');
+var config = require('../config');
+var debug = require('debug')('initialize');
+
+module.exports = {
+    init: function(req, res, next){
+        encryption.generateKey()
+        .then(function(resp){
+            res.ok({'x-tag': resp});
+        })
+        .catch(function(err){
+            next(err);
+        });
+    }
+};

controllers/Users.js

@@ -0,0 +1,47 @@
+"use strict";
+
+var Users = require('../models/Users');
+
+var UsersController = {};
+
+UsersController.find = function(query,projection,options){
+    return Users.find(query,projection,options);
+};
+
+UsersController.findOne = function(id,projection,options){
+    return Users.findById(id,projection,options);
+};
+
+UsersController.search = function(string){
+    return Users.search(string);
+};
+
+UsersController.create = function(data){
+    return Users.create(data);
+};
+
+UsersController.update = function(query, data){
+    return Users.update(query,data);
+};
+
+UsersController.updateOne = function(id, data){
+    return Users.findByIdAndUpdate(id,data);
+};
+
+UsersController.delete = function(query){
+    return Users.deleteMany(query);
+};
+
+UsersController.deleteOne = function(id){
+    return Users.findByIdAndRemove(id);
+};
+
+UsersController.count = function(query){
+    return Users.count(query);
+};
+
+UsersController.restore = function(query){
+    return Users.count(query);
+};
+
+module.exports = UsersController;

favicon.ico

@@ -5,31 +5,38 @@ var stylish = require('jshint-stylish');
 var nodemon = require('gulp-nodemon');
 var debug = require('debug')('gulp');
 var mocha = require('gulp-mocha');
- 
+
 gulp.task('lint', function() {
   return gulp.src(['./*.js','./**/*.js','!./node_modules/**','!./node_modules/*.js'])
-    .pipe(jshint())
-    .pipe(jshint.reporter(stylish));
+  .pipe(jshint())
+  .pipe(jshint.reporter(stylish));
 });
 
 gulp.task('default', function(){
     var stream = nodemon({ script: 'app.js' , env: { 'NODE_ENV': 'development', 'DEBUG':'gulp' }, tasks: ['lint','test'] });
- 
+
     stream
-      .on('restart', function () {
+    .on('restart', function () {
         debug('restarted!');
-      })
-      .on('crash', function() {
+    })
+    .on('crash', function() {
         debug('Application has crashed!\n');
          stream.emit('restart', 10);  // restart the server in 10 seconds 
-      });
+     });
 });
- 
+
 gulp.task('test', function() {
-        gulp.src('./test/*.js', {read: false})
+    // Override RATE LIMIT HERE FOR UNIT TEST
+    process.env.RATE_LIMIT = 10;
+    process.env.SECURE_MODE = true;
+    gulp.src('./test', {read: false})
         // `gulp-mocha` needs filepaths so you can't have any plugins before it 
         .pipe(mocha({reporter: 'spec'}));
     }
-);
+    );
+
+gulp.task('create', function(){
+
+});
 
-gulp.task('sanity',['lint','test']);
+gulp.task('sanity',['lint','test']);