Created
May 24, 2014 14:35
-
-
Save dommmel/638f552046799456dfef to your computer and use it in GitHub Desktop.
secure express 4 boilerplate using (tags: mincer, sass, coffeescript, bootstrap, cookie-session, csrf, swig)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var express = require('express') | |
| , path = require('path') | |
| , helmet = require('helmet') | |
| , csrf = require('csurf') | |
| , cookieParser = require('cookie-parser') | |
| , bodyParser = require('body-parser') | |
| , cookieSession = require('cookie-session') | |
| , methodOverride = require('method-override') | |
| , compress = require('compression') | |
| , mincer = require('mincer') | |
| , swig = require('swig'); | |
| var app = express(); | |
| app.set('port', (process.env.PORT || 5000)); | |
| app.use(compress()); | |
| app.use(bodyParser()); | |
| app.use(helmet.defaults()) | |
| app.use(methodOverride()); | |
| // Don't cache templates in development | |
| if (process.env.NODE_ENV !== 'production') { | |
| swig.setDefaults({ cache: false }); | |
| } | |
| // set .html as the default extension | |
| app.engine('html', swig.renderFile) | |
| app.set('view engine', 'html'); | |
| app.set('views', __dirname + '/views'); | |
| //app.use(express.static(__dirname + '/public')); | |
| app.use( cookieParser("guess me")); | |
| app.use(cookieSession({ | |
| secret: "dant guess me", | |
| })) | |
| // CSRF Protection | |
| app.use(csrf()); | |
| app.use(function (req, res, next) { | |
| res.cookie('XSRF-TOKEN', req.csrfToken()); | |
| res.locals.csrf_token = req.csrfToken(); | |
| next(); | |
| }); | |
| mincer.logger.use(console); | |
| var environment = new mincer.Environment(__dirname); | |
| environment.enable('source_maps');// Enable source maps support | |
| //environment.sourceRoot = '/'; // use to cheat nesting level in dev tools | |
| // Configure environment load paths (where to find assets) | |
| environment.appendPath('assets/javascripts'); | |
| environment.appendPath('assets/stylesheets'); | |
| environment.appendPath('assets/images'); | |
| environment.appendPath('assets/fonts'); | |
| // Paths for bootstrap-sass-official | |
| // see https://github.com/twbs/bootstrap-sass#mincer for futher configuration/usage | |
| var bootstrapDir = "../bower_components/bootstrap-sass-official/vendor/assets/" | |
| environment.appendPath(bootstrapDir + 'stylesheets'); | |
| environment.appendPath(bootstrapDir + 'fonts'); | |
| environment.appendPath(bootstrapDir + 'javascripts'); | |
| // Define environment essential *_path helper that will be available in the | |
| // processed assets. See `assets/stylesheets/app.css.ejs` for example. | |
| environment.ContextClass.defineAssetPath(function (pathname, options) { | |
| var asset = this.environment.findAsset(pathname, options); | |
| if (!asset) { | |
| throw new Error("File " + pathname + " not found"); | |
| } | |
| return '/assets/' + asset.digestPath; | |
| }); | |
| environment.enable("autoprefixer"); | |
| // Prepare production-ready environment | |
| if ('production' === process.env.NODE_ENV) { | |
| // Cache compiled assets. | |
| environment.cache = new mincer.FileStore(path.join(__dirname, 'cache')); | |
| // Enable JS and CSS compression | |
| environment.jsCompressor = "uglify"; | |
| // (!) use csswring, because csso does not supports sourcemaps | |
| environment.cssCompressor = "csswring"; | |
| // cache environment. | |
| environment = environment.index; | |
| } | |
| app.use('/assets/', mincer.createServer(environment)); | |
| /* | |
| * Asset View helpers | |
| * Allows you to call javascript("filename.js") or stylesheet("filename.css") | |
| * in your templates. | |
| */ | |
| function rewrite_extension(source, ext) { | |
| var source_ext = path.extname(source); | |
| return (source_ext === ext) ? source : (source + ext); | |
| } | |
| function alertAssetNotFound(fileType, logicalPath){ | |
| return '<script type="application/javascript">alert("' + fileType + ' file ' + | |
| JSON.stringify(logicalPath).replace(/"/g, '\\"') + | |
| ' not found.")</script>'; | |
| } | |
| app.locals.javascript = function javascript(logicalPath) { | |
| var asset = environment.findAsset(logicalPath); | |
| if (!asset) alertAssetNotFound("Javascript", logicalPath); | |
| return '<script type="application/javascript" src="/assets/' + | |
| rewrite_extension(asset.digestPath, '.js') + | |
| '"></script>'; | |
| }; | |
| app.locals.stylesheet = function stylesheet(logicalPath) { | |
| var asset = environment.findAsset(logicalPath); | |
| if (!asset) alertAssetNotFound("Stylesheet", logicalPath); | |
| return '<link rel="stylesheet" type="text/css" href="/assets/' + | |
| rewrite_extension(asset.digestPath, '.css') + | |
| '" />'; | |
| }; | |
| /* | |
| * | |
| * ADD ROUTES HERE | |
| * | |
| */ | |
| // START SERVER | |
| app.listen(app.get('port'), function() { | |
| console.log("Node app is running at localhost:" + app.get('port')) | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment