UNPKG

unleash-server

Version:

Unleash is an enterprise ready feature flag service. It provides different strategies for handling feature flags.

github.com/unleash/unleash

unleash/unleash

151 lines • 7.08 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
import express from 'express'; import compression from 'compression'; import favicon from 'serve-favicon'; import cookieParser from 'cookie-parser'; import path from 'path'; import errorHandler from 'errorhandler'; import { responseTimeMetrics, corsOriginMiddleware, } from './middleware/index.js'; import rbacMiddleware from './middleware/rbac-middleware.js'; import apiTokenMiddleware from './middleware/api-token-middleware.js'; import { IAuthType } from './types/option.js'; import IndexRouter from './routes/index.js'; import requestLogger from './middleware/request-logger.js'; import demoAuthentication from './middleware/demo-authentication.js'; import ossAuthentication from './middleware/oss-authentication.js'; import noAuthentication, { noApiToken, } from './middleware/no-authentication.js'; import secureHeaders from './middleware/secure-headers.js'; import { loadIndexHTML, findPublicFolder } from './util/index.js'; import patMiddleware from './middleware/pat-middleware.js'; import maintenanceMiddleware from './features/maintenance/maintenance-middleware.js'; import { unless } from './middleware/unless-middleware.js'; import { catchAllErrorHandler } from './middleware/catch-all-error-handler.js'; import NotFoundError from './error/notfound-error.js'; import { bearerTokenMiddleware } from './middleware/bearer-token-middleware.js'; import { auditAccessMiddleware } from './middleware/index.js'; import { originMiddleware } from './middleware/origin-middleware.js'; export default async function getApp(config, stores, services, unleashSession, db) { const app = express(); const baseUriPath = config.server.baseUriPath || ''; const publicFolder = config.publicFolder || findPublicFolder(); const indexHTML = await loadIndexHTML(config, publicFolder); const logger = config.getLogger('lib/app.ts'); app.set('trust proxy', true); app.disable('x-powered-by'); app.set('port', config.server.port); app.locals.baseUriPath = baseUriPath; if (config.server.serverMetrics && config.eventBus) { app.use(responseTimeMetrics(config.eventBus, config.flagResolver, services.instanceStatsService)); } app.use(requestLogger(config)); app.use(`${baseUriPath}/api`, bearerTokenMiddleware(config)); // We only need bearer token compatibility on /api paths. if (typeof config.preHook === 'function') { config.preHook(app, config, services, db); } if (!config.server.disableCompression) { app.use(compression()); } app.use(cookieParser()); app.use((req, res, next) => { req.url = req.url.replace(/\/+/g, '/'); next(); }); app.use(`${baseUriPath}/api/admin/features-batch`, express.json({ strict: false, limit: '500kB' })); app.use(unless(`${baseUriPath}/api/admin/features-batch`, express.json({ strict: false }))); if (unleashSession) { app.use(unleashSession); } app.use(secureHeaders(config)); app.use(express.urlencoded({ extended: true })); app.use(favicon(path.join(publicFolder, 'favicon.ico'))); app.use(baseUriPath, favicon(path.join(publicFolder, 'favicon.ico'))); app.use(baseUriPath, express.static(publicFolder, { index: false })); if (config.enableOAS && services.openApiService) { services.openApiService.useDocs(app); } app.use(`${baseUriPath}/api/frontend*`, corsOriginMiddleware(services, config)); app.options(`${baseUriPath}/api/streaming*`, corsOriginMiddleware(services, config)); app.use(baseUriPath, patMiddleware(config, services)); switch (config.authentication.type) { case IAuthType.OPEN_SOURCE: { app.use(baseUriPath, apiTokenMiddleware(config, services)); ossAuthentication(app, config.getLogger, config.server.baseUriPath); break; } case IAuthType.ENTERPRISE: { app.use(baseUriPath, apiTokenMiddleware(config, services)); if (config.authentication.customAuthHandler) { config.authentication.customAuthHandler(app, config, services); } break; } case IAuthType.HOSTED: { app.use(baseUriPath, apiTokenMiddleware(config, services)); if (config.authentication.customAuthHandler) { config.authentication.customAuthHandler(app, config, services); } break; } case IAuthType.DEMO: { app.use(baseUriPath, apiTokenMiddleware(config, services)); demoAuthentication(app, config.server.baseUriPath, services, config); break; } case IAuthType.CUSTOM: { app.use(baseUriPath, apiTokenMiddleware(config, services)); if (config.authentication.customAuthHandler) { config.authentication.customAuthHandler(app, config, services); } break; } case IAuthType.NONE: { logger.warn('The AuthType=none option for Unleash is no longer recommended and will be removed in version 6.'); noApiToken(baseUriPath, app); app.use(baseUriPath, apiTokenMiddleware(config, services)); noAuthentication(baseUriPath, app); break; } default: { app.use(baseUriPath, apiTokenMiddleware(config, services)); demoAuthentication(app, config.server.baseUriPath, services, config); break; } } app.use(baseUriPath, rbacMiddleware(config, stores, services.accessService)); app.use(`${baseUriPath}/api/admin`, originMiddleware(config)); app.use(`${baseUriPath}/api/admin`, auditAccessMiddleware(config)); app.use(`${baseUriPath}/api/admin`, maintenanceMiddleware(config, services.maintenanceService)); if (typeof config.preRouterHook === 'function') { config.preRouterHook(app, config, services, stores, db); } // Setup API routes app.use(`${baseUriPath}/`, new IndexRouter(config, services, stores, db).router); if (process.env.NODE_ENV !== 'production') { app.use(errorHandler()); } else { app.use(catchAllErrorHandler(config.getLogger)); } app.get(`${baseUriPath}`, (req, res) => { res.set('Content-Type', 'text/html'); res.send(indexHTML); }); // handle all API 404s app.use(`${baseUriPath}/api`, (req, res) => { const error = new NotFoundError(`The path you were looking for (${baseUriPath}/api${req.path}) is not available.`); res.status(error.statusCode).send(error); return; }); app.get(`${baseUriPath}/*`, (req, res) => { res.set('Content-Type', 'text/html'); const requestPath = path.parse(req.url); // appropriately return 404 requests for assets with an extension (js, css, etc) if (requestPath.ext !== '' && requestPath.ext !== 'html') { res.set('Cache-Control', 'no-cache'); res.status(404).send(indexHTML); return; } res.send(indexHTML); }); return app; } //# sourceMappingURL=app.js.map