Boar Server
Example usage for app
put these lines in your server.js
var koa = require('koa');
var path = require('path');
var koaApp = module.exports = koa();
var config = require('./config');
var App = require('boar-server').app;
var app = new App(koaApp);
app.connectToMongoose(config.mongooseUri);
app.addDynamicViewMiddleware(path.join(config.root, '/views'), config.env === 'development');
app.addStaticContentMiddleware(path.join(config.root, '/assets'));
app.addHookMiddleware();
app.loadControllers(path.join(config.root, 'controllers'));
app.loadModels(path.join(config.root, 'models'));
if (!module.parent) { app.listen(config.port); }Add middleware for your app
var cors = require('koa-cors');
var app = new App(koaApp);
app.addMiddleware(cors());Graceful shutdown
You can stop the server from recieving new connections with app.close(). It returns a Promise that resolves when all existing connections are ended.
var app = new App(koaApp);
app.listen(config.port);
process.on('SIGTERM', () => {
app.close().then(() => {
// additional cleaning (e.g. closing db connection)
process.exit(0);
})
})HTTPS support
To enable HTTPS support, simple create SERVE_HTTPS environment variable with value true.
The port for https will be the port of the application increased with 10000 (10k).
If you want to serve the requests with your own SSL certification, create HTTPS_KEY and HTTPS_CERT
environment variables with path of the files as values.
Example
export SERVE_HTTPS=true
export HTTPS_KEY="path/to/cert.key"
export HTTPS_CERT="path/to/cert.crt"
node server.js
Build-in Middlewares
Cors Support (koa-cors)
app.addCorsSupportMiddleware();Static Content (koa-static)
| Param | Type | Description |
|---|---|---|
| path | String |
Path to the static content's folder |
app.addStaticContentMiddleware(path);Dynamic View
This middleware is a wrapper for koa-pug.
| Param | Type | Description |
|---|---|---|
| path | String |
Path to the pug files |
app.addDynamicViewMiddleware(path);Method Override (koa-methodoverwrite)
app.addMethodOverrideMiddleware();Error Handler
| Param | Type | Description |
|---|---|---|
| path | String |
Path to error page pug template |
app.addErrorHandlerMiddleware(path);Body Parse (koa-bodyparser)
| Param | Type | Description |
|---|---|---|
| options | Object |
More info. |
app.addBodyParseMiddleware(options);Request Id (koa-requestid)
| Param | Type | Description |
|---|---|---|
| options | Object |
optional |
| ↳header | String |
The name of the header to read the id on the request, false to disable. |
| ↳query | String |
The name of the header to read the id on the query string, false to disable. |
| ↳expose | String |
The name of the header to expose the id on the response, false to disable. |
app.addRequestIdmiddleware(options);Enforce SSL (koa-ssl)
| Param | Type | Description |
|---|---|---|
| options | Object |
More info. |
app.addEnforceSSLMiddleware();If your application is running behind reverse proxy (like Heroku) you should set the trustProxy configuration option to true in order to process the x-forwarded-proto header.
var app = new App(koaApp);
app.addEnforceSSLMiddleware({ trustProxy: true });Note: if you use this middleware EnforceSSL middleware should be the first you add.
Hook
app.addHookMiddleware();Security
Provides middlewares for setting up various security related HTTP headers.
| Param | Type | Description |
|---|---|---|
| options | Object |
|
| ↳csp | Object |
More info. Learn more: CSP quick reference |
| ↳hsts | Object |
More info. Learn more: OWASP HSTS page |
| ↳useXssFilter | Boolean |
If true, x-xss-protection middleware will be included. Default: true
|
| ↳useNoSniff | Boolean |
If true, dont-sniff-mimetype middleware will be included. Default: true
|
app.addSecurityMiddlewares(options);Default configuration
{
csp: {
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'"],
styleSrc: ["'self'"],
imgSrc: ["'self'"],
frameAncestors: ["'self'"],
reportUri: 'about:blank'
},
reportOnly: true
},
hsts: {
maxAge: 30,
includeSubdomains: true,
preload: false
},
useXssFilter: true,
useNoSniff: true
}Libraries
Mask email address
var maskEmailAddress = require('boar-server').lib.maskEmailAddress;
maskEmailAddress('test@gmail.com');Real ip address (in heroku)
var realIpAddress = require('boar-server').lib.realIpAddress;
realIpAddress(request);ControllerFactory
var ControllerFactory = require('boar-server').lib.controllerFactory;
module.exports = ControllerFactory.create(function(router) {
router.get('/', ControllerFactory.load('main/actions/get'));
router.get('/healthcheck', ControllerFactory.load('main/actions/healthcheck/get'));
router.get('/list', ControllerFactory.loadByAcceptType('main/actions/list/get'));
});ClearCollections
deprecated aliased to dropCollections
Use the more descriptively named dropCollections instead.
DropCollections
var dropCollections = require('boar-server').lib.dropCollections(mongoose);
dropCollections(); // returns a promiseThis will drop all your collections.
TruncateCollections
var truncateCollections = require('boar-server').lib.truncateCollections(mongoose);
truncateCollections(); // returns a promiseThis will truncate all your collections.
ClearGridfs
Database
Wrapper for mongoose connection.