import * as express from 'express' import * as bodyParser from 'body-parser' import * as helmet from 'helmet' import * as cookieParser from 'cookie-parser' import * as crypto from 'crypto' import {models} from './api/models' import logger from './api/utils/logger' import {pingHubInterval, checkInvitesHubInterval} from './api/hub' import {setupDatabase, setupDone} from './api/utils/setup' import * as controllers from './api/controllers' import * as socket from './api/utils/socket' let server: any = null const port = process.env.PORT || 3001; const env = process.env.NODE_ENV || 'development'; const config = require(__dirname + '/config/app.json')[env]; process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA' var i = 0 // START SETUP! connectToLND() async function connectToLND(){ i++ console.log(`=> [lnd] connecting... attempt #${i}`) try { await controllers.iniGrpcSubscriptions() mainSetup() } catch(e) { setTimeout(async()=>{ // retry each 2 secs await connectToLND() },2000) } } async function mainSetup(){ await setupDatabase(); if (config.hub_api_url) { pingHubInterval(5000) checkInvitesHubInterval(5000) } await setupApp() setupDone() } async function setupApp(){ const app = express(); const server = require("http").Server(app); app.use(helmet()); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(logger) app.options('*', (req, res) => res.send(200)); app.use((req, res, next) => { res.setHeader('Access-Control-Allow-Origin', 'http://localhost:8080'); res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE'); res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept'); res.setHeader('Cache-Control', 'private, no-cache, no-store, must-revalidate'); res.setHeader('Expires', '-1'); res.setHeader('Pragma', 'no-cache'); next(); }); app.use(cookieParser()) if (env != 'development') { app.use(authModule); } app.use('/static', express.static('public')); app.get('/app', (req, res) => res.sendFile(__dirname + '/public/index.html')) server.listen(port, (err) => { if (err) throw err; /* eslint-disable no-console */ console.log(`Node listening on ${port}.`); }); controllers.set(app); socket.connect(server) } async function authModule(req, res, next) { if ( req.path == '/app' || req.path == '/' || req.path == '/info' || req.path == '/contacts/tokens' || req.path == '/login' || req.path.startsWith('/static') || req.path == '/contacts/set_dev' ) { next() return } if (process.env.HOSTING_PROVIDER==='true'){ // const domain = process.env.INVITE_SERVER const host = req.headers.origin console.log('=> host:', host) const referer = req.headers.referer console.log('=> referer:', referer) if (req.path === '/invoices') { next() return } } const token = req.headers['x-user-token'] || req.cookies['x-user-token'] if (token == null) { res.writeHead(401, 'Access invalid for user', {'Content-Type' : 'text/plain'}); res.end('Invalid credentials'); } else { const user = await models.Contact.findOne({ where: { isOwner: true }}) const hashedToken = crypto.createHash('sha256').update(token).digest('base64'); if (user.authToken == null || user.authToken != hashedToken) { res.writeHead(401, 'Access invalid for user', {'Content-Type' : 'text/plain'}); res.end('Invalid credentials'); } else { next(); } } } export default server