node package manager
Easy sharing. Manage teams and permissions with one click. Create a free org »

@emartech/boar-koa-server

Boar Koa Server

Example usage for app

put these lines in your server.js

  const Koa = require('koa');
  const path = require('path');
  const koaApp = module.exports = new Koa();
  const config = require('./config');
  const App = require('@emartech/boar-koa-server').app;
 
  const app = new App(koaApp);
  app.loadControllers(path.join(config.root, 'controllers'));
 
  if (!module.parent) { app.listen(config.port); }

Add middleware for your app

  const cors = require('koa-cors');
  const app = new App(koaApp);
  app.addMiddleware(cors());

Build-in Middlewares

Cors Support (koa-cors)

  app.addCorsSupportMiddleware();

Method Override (koa-methodoverwrite)

  app.addMethodOverrideMiddleware();

Body Parse (koa-bodyparser)

Param Type Description
options Object More info.
  app.addBodyParseMiddleware(options);

Request Id (koa-requestid)

Param Type Description
options Object optional
↳header String The name of the header to read the id on the request, false to disable.
↳query String The name of the header to read the id on the query string, false to disable.
↳expose String The name of the header to expose the id on the response, false to disable.
  app.addRequestIdmiddleware(options);

Enforce SSL (koa-ssl)

Param Type Description
options Object More info.
  app.addEnforceSSLMiddleware();

If your application is running behind reverse proxy (like Heroku) you should set the trustProxy configuration option to true in order to process the x-forwarded-proto header.

  const app = new App(koaApp);
  app.addEnforceSSLMiddleware({ trustProxy: true });

Note: if you use this middleware EnforceSSL middleware should be the first you add.

Security

Provides middlewares for setting up various security related HTTP headers.

Param Type Description
options Object
↳csp Object More info. Learn more: CSP quick reference
↳hsts Object More info. Learn more: OWASP HSTS page
↳useXssFilter Boolean If true, x-xss-protection middleware will be included. Default: true
↳useNoSniff Boolean If true, dont-sniff-mimetype middleware will be included. Default: true
  app.addSecurityMiddlewares(options);

Default configuration

  {
    csp: {
      directives: {
        defaultSrc: ["'self'"],
        scriptSrc: ["'self'"],
        styleSrc: ["'self'"],
        imgSrc: ["'self'"],
        frameAncestors: ["'self'"],
        reportUri: 'about:blank'
      },
      reportOnly: true
    },
    hsts: {
      maxAge: 30,
      includeSubdomains: true,
      preload: false
    },
    useXssFilter: true,
    useNoSniff: true
  }

Libraries

ControllerFactory

  var ControllerFactory = require('@emartech/boar-koa-server').lib.controllerFactory;
 
  module.exports = ControllerFactory.create(function(router) {
    router.get('/', ControllerFactory.load('main/actions/get'));
    router.get('/healthcheck', ControllerFactory.load('main/actions/healthcheck/get'));
    router.get('/list', ControllerFactory.loadByAcceptType('main/actions/list/get'));
  });