app.js 2.95 KB
/**
 * 应用入口
 * @author xuqi<qi.xu@yoho.cn>
 * @date: 2016/3/28
 */
var express = require('express'),
    path = require('path'),
    exphbs = require('express-handlebars'),
    bodyParser = require('body-parser'),
    morgan = require('morgan'),
    favicon = require('serve-favicon'),
    cookieParser = require('cookie-parser'),
    session = require('express-session'),
    connectRedis = require('connect-redis'),
    cors = require('cors');

var config = require('./config');
var sign = require('./library/sign');

var app = express(),
    RedisStore = connectRedis(session);

// 向模板注入变量
app.locals.devEnv = app.get('env') === 'development';
app.locals.proEnv = app.get('env') === 'production';
app.locals.assetsUrl = config.assetsUrl;

app.set('trust proxy', ['loopback', 'linklocal', 'uniquelocal']);
app.set('views', path.join(__dirname, 'views/action'));

app.engine('.hbs', exphbs({
    extname: '.hbs',
    defaultLayout: 'main',
    layoutsDir: 'views/layouts/',
    partialsDir: 'views/partials/',
    helpers: 'helpers'
}));
app.set('view engine', '.hbs');

if (!app.locals.proEnv) {
    app.use(morgan('dev'));
}
app.use(favicon(path.join(__dirname, '/public/favicon.ico')));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(cors({
    origin: function(origin, callback) {
        var originIsWhitelisted = /yohobuy\.com$/.test(origin) || /yoho\.cn$/.test(origin);

        // 只支持 yohobuy.com 和 yoho.cn 下的子域名跨域
        callback(null, originIsWhitelisted);
    }
}));

// session 配置
app.use(session({
    name: config.sessionName,
    resave: true,
    saveUninitialized: true,
    httpOnly: true,
    store: new RedisStore(config.sessionRedis),
    secret: config.sessionSecret
}));

// 前置中间件
app.use(function(req, res, next) {
    if (!req.session) {
        console.error('redis-session 配置有误');
    }

    // app 访问校验参数是否合法
    if (req.query.app_version || (req.query.openrefer === 'app' && req.query.uid)) {
        if (sign.checkSign(req.query) || sign.webSign(req.query)) {
            req.isApp = true;
            return next();
        } else {
            return res.status(403).json({
                code: 403,
                message: '请勿伪造客户端请求'
            });
        }
    }
    next();
});

// 加载路由
app.use('/', require('./router'));
app.use('/web', require('./web-router'));

// 未知路由转入 404
app.use(function(req, res) {
    var err = new Error('Not Found');

    err.status = 404;
    res.status(404).send(err);
});

// 捕获全局错误, 开发环境返回错误详情
app.use(function(err, req, res) {
    if (app.locals.devEnv) {
        console.warn(err);
    } else {
        err = {};
    }

    res.status(err.status || 500);
    res.render('error', {
        message: err.message,
        error: err
    });
});

module.exports = app;