-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
105 lines (85 loc) · 2.73 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
const dotenv = require('dotenv')
dotenv.config()
const path = require('path')
const express = require('express')
const session = require('express-session')
const flash = require('connect-flash')
const mongoose = require('mongoose')
const MongoDBstore = require('connect-mongodb-session')(session)
const MONGODB_URI = 'mongodb+srv://mrc-bsllt:[email protected]/shop'
const bodyParser = require('body-parser') // Con questo posso agilmente salvare i dati testuali nel req.body della richiesta
const multer = require('multer') // Con questo posso salvare i file in formato binario
const fileStorage = multer.diskStorage({
destination: (req, file, callback) => {
callback(null, 'storage/images')
},
filename: (req, file, callback) => {
callback(null, file.filename + '-' + file.originalname)
}
})
const fileFilter = (req, file, callback) => {
if(file.mimetype === 'image/png' || file.mimetype === 'image/jpg' || file.mimetype === 'image/jpeg') {
callback(null, true)
} else {
callback(null, false)
}
}
const csrf = require('csurf')
const csrfProtection = csrf()
// MODELS
const User = require('./models/User')
const app = express()
app.use(bodyParser.urlencoded({ extended: false }))
app.use(multer({ storage: fileStorage, fileFilter }).single('image'))
app.set('view engine', 'ejs')
app.use(express.static(path.join(__dirname, 'public')))
app.use('/storage/images', express.static(path.join(__dirname, 'storage/images')))
app.use(flash())
const store = new MongoDBstore({
uri: MONGODB_URI,
collection: 'sessions'
})
app.use(session({
secret: 'my secret',
resave: false,
saveUninitialized: false,
store
}))
app.use(csrfProtection)
app.use((req, res, next) => { // Con res.locals posso passare delle variabili a tutte le viste che verranno renderizzate
res.locals.csrfToken = req.csrfToken()
next()
})
app.use((req, res, next) => {
if(req.session.user) {
User.findById(req.session.user._id).then(user => {
req.user = user
next()
}).catch(error => {
next(new Error(error))
})
} else {
next()
}
})
app.use((req, res, next) => {
res.locals.user = req.session.user
next()
})
// Exporter routes
const { userRoutes } = require('./routes/user')
const { adminRoutes } = require('./routes/admin')
const { authRoutes } = require('./routes/auth')
app.use(authRoutes)
app.use(userRoutes)
app.use('/admin', adminRoutes)
app.use('/', (req, res, next) => {
res.status(404).render('404', { path: '404', user: req.user })
})
app.use((error, req, res, next) => {
console.log(error)
res.status(500).render('500', { path: '500', user: req.user })
})
mongoose.connect(`${MONGODB_URI}?retryWrites=true&w=majority`).then(() => {
app.listen(3000)
}).catch(error => console.log(error))