-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathapp.js
212 lines (179 loc) · 6.51 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
// Node.js and ExpressDB related
const config = require('./config.js');
const express = require('express');
const app = express();
const cookieParser = require('cookie-parser');
const session = require("express-session")({
secret: config.session_key,
resave: true,
saveUninitialized: true
});
const sharedsession = require("express-socket.io-session");
// Setting up HTTPS variables
const http = require('http').Server(app);
const https = require('https');
const fs = require('fs');
if(config.HTTPS) {
const options = {
key: fs.readFileSync('../SSL/baduk_ca.key'),
cert: fs.readFileSync('../SSL/baduk_ca.crt'),
ca: fs.readFileSync('../SSL/baduk_ca.ca-bundle'),
};
const server = https.createServer(options, app);
}
// Third-party NPM libraries
const io = (config.HTTPS) ? require('socket.io')(server) :require('socket.io')(http);
const favicon = require('serve-favicon');
const Ddos = require('ddos');
const git = require('git-rev');
const csurf = require('csurf');
const ddos = new Ddos({'silentStart' : true});
const bodyParser = require('body-parser');
// Baduk modules
const games = require('./src/backend/games.js');
const sockets = require('./src/backend/sockets.js');
const go = require('./src/modules/go.js');
// Export public, bower_components and src as static directories
app.use(express.static('public'));
app.use('/bower_components', express.static('bower_components'));
app.use('/src', express.static('src'));
app.use(favicon(__dirname + '/public/img/favicon.ico'));
app.use(ddos.express);
app.use(session);
app.use(bodyParser.urlencoded({extended: true}));
app.disable('X-Powered-By');
if(config.env == "PROD" && config.HTTPS) {
app.all('*', require('express-force-domain')('https://baduk.ca'));
} else if(config.env =="PROD" && !config.HTTPS) {
app.all('*', require('express-force-domain')('http://baduk.ca'));
}
// Add a handler to inspect the req.secure flag (see
// http://expressjs.com/api#req.secure). This allows us
// to know whether the request was via http or https.
if(config.HTTPS) {
app.use(function (req, res, next) {
if (req.secure) {
// Request was via https, so do no special handling
next();
} else {
// Request was via http, so redirect to https
res.redirect('https://' + req.headers.host + req.url);
}
});
}
// Enable reverse proxy support in Express. This causes the
// the "X-Forwarded-Proto" header field to be trusted so its
// value can be used to determine the protocol. See
// http://expressjs.com/api#app-settings for more details.
app.enable('trust proxy');
// Global controller. Basically being used as middleware.
app.get('/*', function(req, res, next) {
// General headers for security, ranging from clickjacking protection to
// anti-crawler protection. Note that the XSS protection only applies to
// IE8+ and Chrome, so still sanitize all input.
res.header('X-Frame-Options', 'SAMEORIGIN');
res.header('X-Robots-Tag', 'noindex');
res.header('X-XSS-Protection', '1; mode=block');
res.header('X-Content-Type-Options', 'nosniff');
if(config.HTTPS) {
res.header('Strict-Tranport-Security', 'max-age=31536000');
}
next();
});
app.get('/', function (req, res) {
res.sendFile(__dirname + '/src/views/index.html');
});
// The most recent commit hash
app.get('/hash', function(req, res) {
git.long(function (str) {
res.send(str);
});
});
// No robots around here y'all
app.get('/robots.txt', function(req, res) {
res.sendFile(__dirname + '/public/robots.txt');
});
app.post('/go', function (req, res) {
// If someone just goes to /go without a room ID, we generate a new one.
// IDs are generated with SHA-1, which git uses too so I think its
// a safe assumption that no collisions will occur
console.log(req.body.size);
var hash = games.registerGameRoom({
'board_size': req.body.size,
});
console.log(hash);
res.end(req.protocol + "://" + req.headers.host + '/go/' + hash);
});
app.get('/go/:id', function (req, res) {
// Check if the room id games.currently exists. If not, send them back
// to the homepage.
if(games.game_exists(req.params.id)) {
res.sendFile(__dirname + '/src/views/go.html');
} else {
res.redirect('/');
}
});
app.get('/lobby', function (req, res) {
res.sendFile(__dirname + '/src/views/lobby.html');
});
app.get('/lobby.json', function (req, res) {
var ret = {};
Object.keys(games.current_games).forEach(function (roomId) {
ret[roomId] = {
'numPlayers': games.sockets_in_room(roomId).length,
'gameStatus': go.getLobby()[roomId].gameStatus,
'gameState': go.getLobby()[roomId].gameState,
}
});
res.json(ret);
// console.log(games.current_games);
});
// 404 page will just redirect to homepage
app.get('*', function (req, res) {
res.redirect('/');
});
io.use(sharedsession(session));
io.on('connection', function (socket) {
// If they don't already have a session, get one started
if(socket.handshake.session.id === undefined) {
socket.handshake.session.id = socket.id;
socket.handshake.session.save();
}
socket.on('post_new_connect', function (info) {
sockets.post_new_connect(socket, info, io);
});
socket.on('post_new_disconnect', function (info) {
sockets.post_new_disconnect(socket, info, io);
});
socket.on('post_new_message', function (info) {
sockets.post_new_message(socket, info, io);
});
socket.on('post_new_piece', function (info) {
sockets.post_new_piece(socket, info, io);
});
socket.on('post_pass', function (info) {
sockets.post_pass(socket, info, io);
});
socket.on('post_retract_pass', function (info) {
sockets.post_retract_pass(socket, info, io);
});
socket.on('post_commit_endgame_resolution', function (info) {
console.log('socket received post_commit_endgame_resolution');
sockets.post_commit_endgame_resolution(socket, info, io);
});
socket.on('post_resign', function (info) {
sockets.post_resign(socket, info, io);
});
socket.on('mark_group_as_dead', function (info) {
sockets.mark_group_as_dead(socket, info, io);
});
socket.on('mark_group_as_alive', function (info) {
sockets.mark_group_as_alive(socket, info, io);
});
});
// Figure out if we want HTTPS or not
if(config.HTTPS) {
server.listen(config.HTTPS_port);
}
// Listen on the normal server too
http.listen(config.HTTP_port);