Format the code with prettier

Author: YasharF

.github/workflows/node.js.yml

@@ -2,9 +2,9 @@ name: Node.js CI
 
 on:
   push:
-    branches: [ "master" ]
+    branches: ['master']
   pull_request:
-    branches: [ "master" ]
+    branches: ['master']
 
 permissions:
   contents: read
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [ 22.x ]
+        node-version: [22.x]
     steps:
       - uses: actions/checkout@v4
       - name: Use Node.js ${{ matrix.node-version }}
@@ -25,5 +25,5 @@ jobs:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
       - run: npm install
-      - run: npm run lint
+      - run: npm run lint-check
       - run: npm run test

.husky/pre-commit

@@ -1,2 +1,2 @@
 npm test
-npm run lint
+npm run lint

.prettierignore

@@ -0,0 +1,3 @@
+# Ignore artifacts:
+build
+coverage

.prettierrc

@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "printWidth": 300
+}

CHANGELOG.md

@@ -10,14 +10,16 @@ Use this section to tell people about which versions of your project are current
 | master  | :white_check_mark: |
 | other   | :x:                |
 
-
 ## Reporting a Vulnerability
+
 PRIOR TO SUBMITTING SECURITY CONCERNS/REPORTS:
+
 1. Research Wikipedia and other sources about hackathons to get more familiar with the potential uses of this project, the intended settings, and usage environments.
-2. Read README.MD entirely, including the intro paragraph and steps for Obtaining API Keys which includes replacing the .env values.  The provided values in the .env file are placeholders, not a batch of keys exposed thru GitHub.
-3. Read prod-checklist.md.  Hackathon projects are not production projects, and this checklist is to help users with their next steps to move from a prototype state to a production state.
+2. Read README.MD entirely, including the intro paragraph and steps for Obtaining API Keys which includes replacing the .env values. The provided values in the .env file are placeholders, not a batch of keys exposed thru GitHub.
+3. Read prod-checklist.md. Hackathon projects are not production projects, and this checklist is to help users with their next steps to move from a prototype state to a production state.
 
 SUBMITTING SECURITY CONCERNS/REPORTS:
+
 1. Complete the above steps 1 to 3.
 2. If you still believe you have identified an issue, please submit it as a GitHub Issue at https://github.com/sahat/hackathon-starter/issues with the relevant information for discussion and clarification.
-Submissions requiring registration with 3rd party websites will be marked/reported as spam.
+   Submissions requiring registration with 3rd party websites will be marked/reported as spam.

README.md

@@ -23,7 +23,7 @@ dotenv.config({ path: '.env.example' });
 /**
  * Set config values
  */
-const secureTransfer = (process.env.BASE_URL.startsWith('https'));
+const secureTransfer = process.env.BASE_URL.startsWith('https');
 
 // Consider adding a proxy such as cloudflare for production.
 const limiter = rateLimit({
@@ -37,7 +37,8 @@ const limiter = rateLimit({
 // behind cloudflare, etc. You may need to change it for more complex network settings.
 // See readme.md for more info.
 let numberOfProxies;
-if (secureTransfer) numberOfProxies = 1; else numberOfProxies = 0;
+if (secureTransfer) numberOfProxies = 1;
+else numberOfProxies = 0;
 
 /**
  * Controllers (route handlers).
@@ -64,7 +65,7 @@ console.log('Run this app using "npm start" to include sass/scss/css builds.\n')
 mongoose.connect(process.env.MONGODB_URI);
 mongoose.connection.on('error', (err) => {
   console.error(err);
-  console.log('%s MongoDB connection error. Please make sure MongoDB is running.');
+  console.log('MongoDB connection error. Please make sure MongoDB is running.');
   process.exit(1);
 });
 
@@ -81,17 +82,19 @@ app.use(logger('dev'));
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 app.use(limiter);
-app.use(session({
-  resave: true, // Only save session if modified
-  saveUninitialized: false, // Do not save sessions until we have something to store
-  secret: process.env.SESSION_SECRET,
-  name: 'startercookie', // change the cookie name for additional security in production
-  cookie: {
-    maxAge: 1209600000, // Two weeks in milliseconds
-    secure: secureTransfer
-  },
-  store: MongoStore.create({ mongoUrl: process.env.MONGODB_URI })
-}));
+app.use(
+  session({
+    resave: true, // Only save session if modified
+    saveUninitialized: false, // Do not save sessions until we have something to store
+    secret: process.env.SESSION_SECRET,
+    name: 'startercookie', // change the cookie name for additional security in production
+    cookie: {
+      maxAge: 1209600000, // Two weeks in milliseconds
+      secure: secureTransfer,
+    },
+    store: MongoStore.create({ mongoUrl: process.env.MONGODB_URI }),
+  }),
+);
 app.use(passport.initialize());
 app.use(passport.session());
 app.use(flash());
@@ -115,19 +118,14 @@ app.use((req, res, next) => {
   const isSafeRedirect = (url) => /^\/[a-zA-Z0-9/]*$/.test(url);
 
   // After successful login, redirect back to the intended page
-  if (!req.user
-    && req.path !== '/login'
-    && req.path !== '/signup'
-    && !req.path.match(/^\/auth/)
-    && !req.path.match(/\./)) {
+  if (!req.user && req.path !== '/login' && req.path !== '/signup' && !req.path.match(/^\/auth/) && !req.path.match(/\./)) {
     const returnTo = req.originalUrl;
     if (isSafeRedirect(returnTo)) {
       req.session.returnTo = returnTo;
     } else {
       req.session.returnTo = '/';
     }
-  } else if (req.user
-    && (req.path === '/account' || req.path.match(/^\/api/))) {
+  } else if (req.user && (req.path === '/account' || req.path.match(/^\/api/))) {
     const returnTo = req.originalUrl;
     if (isSafeRedirect(returnTo)) {
       req.session.returnTo = returnTo;
@@ -276,7 +274,9 @@ app.listen(app.get('port'), () => {
   const port = parseInt(BASE_URL.slice(colonIndex + 1), 10);
 
   if (!BASE_URL.startsWith('http://localhost')) {
-    console.log(`The BASE_URL env variable is set to ${BASE_URL}. If you directly test the application through http://localhost:${app.get('port')} instead of the BASE_URL, it may cause a CSRF mismatch or an Oauth authentication failure. To avoid the issues, change the BASE_URL or configure your proxy to match it.\n`);
+    console.log(
+      `The BASE_URL env variable is set to ${BASE_URL}. If you directly test the application through http://localhost:${app.get('port')} instead of the BASE_URL, it may cause a CSRF mismatch or an Oauth authentication failure. To avoid the issues, change the BASE_URL or configure your proxy to match it.\n`,
+    );
   } else if (app.get('port') !== port) {
     console.warn(`WARNING: The BASE_URL environment variable and the App have a port mismatch. If you plan to view the app in your browser using the localhost address, you may need to adjust one of the ports to make them match. BASE_URL: ${BASE_URL}\n`);
   }

SECURITY.md

@@ -10,13 +10,14 @@ exports.sendMail = (settings) => {
     secure: true,
     auth: {
       user: process.env.SMTP_USER,
-      pass: process.env.SMTP_PASSWORD
-    }
+      pass: process.env.SMTP_PASSWORD,
+    },
   };
 
   let transporter = nodemailer.createTransport(transportConfig);
 
-  return transporter.sendMail(settings.mailOptions)
+  return transporter
+    .sendMail(settings.mailOptions)
     .then(() => {
       settings.req.flash(settings.successfulType, { msg: settings.successfulMsg });
     })
@@ -26,7 +27,8 @@ exports.sendMail = (settings) => {
         transportConfig.tls = transportConfig.tls || {};
         transportConfig.tls.rejectUnauthorized = false;
         transporter = nodemailer.createTransport(transportConfig);
-        return transporter.sendMail(settings.mailOptions)
+        return transporter
+          .sendMail(settings.mailOptions)
           .then(() => {
             settings.req.flash(settings.successfulType, { msg: settings.successfulMsg });
           })