Merge pull request #758 from SISheogorath/cleanup/config

Change config to camel case with backwards compatibility
This commit is contained in:
Christoph (Sheogorath) Kern 2018-03-25 19:15:17 +02:00 committed by GitHub
commit 57c47a65dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
29 changed files with 290 additions and 237 deletions

View file

@ -147,7 +147,7 @@ There are some config settings you need to change in the files below.
| `HMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | | `HMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
| `HMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | | `HMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
| `HMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `HMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) |
| `HMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowanonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `HMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| `HMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | | `HMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
| `HMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | | `HMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
| `HMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | | `HMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL |
@ -215,46 +215,46 @@ There are some config settings you need to change in the files below.
| --------- | ------ | ----------- | | --------- | ------ | ----------- |
| `debug` | `true` or `false` | set debug mode, show more logs | | `debug` | `true` or `false` | set debug mode, show more logs |
| `domain` | `localhost` | domain name | | `domain` | `localhost` | domain name |
| `urlpath` | `hackmd` | sub URL path, like `www.example.com/<urlpath>` | | `urlPath` | `hackmd` | sub URL path, like `www.example.com/<urlpath>` |
| `port` | `80` | web app port | | `port` | `80` | web app port |
| `alloworigin` | `['localhost']` | domain name whitelist | | `allowOrigin` | `['localhost']` | domain name whitelist |
| `usessl` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolusessl`) | | `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) |
| `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | | `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) |
| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `usessl` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | | `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. |
| `protocolusessl` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | | `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) |
| `urladdport` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | | `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) |
| `usecdn` | `true` or `false` | set to use CDN resources or not (default is `true`) | | `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) |
| `allowanonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) |
| `allowanonymousedits` | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| `allowfreeurl` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | | `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL |
| `defaultpermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | | `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
| `dburl` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | | `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied |
| `db` | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | | `db` | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) |
| `sslkeypath` | `./cert/client.key` | SSL key path (only need when you set `usessl`) | | `sslKeyPath` | `./cert/client.key` | SSL key path (only need when you set `useSSL`) |
| `sslcertpath` | `./cert/hackmd_io.crt` | SSL cert path (only need when you set `usessl`) | | `sslCertPath` | `./cert/hackmd_io.crt` | SSL cert path (only need when you set `useSSL`) |
| `sslcapath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain (only need when you set `usessl`) | | `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain (only need when you set `useSSL`) |
| `dhparampath` | `./cert/dhparam.pem` | SSL dhparam path (only need when you set `usessl`) | | `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path (only need when you set `useSSL`) |
| `tmppath` | `./tmp/` | temp directory path | | `tmpPath` | `./tmp/` | temp directory path |
| `defaultnotepath` | `./public/default.md` | default note file path | | `defaultNotePath` | `./public/default.md` | default note file path |
| `docspath` | `./public/docs` | docs directory path | | `docsPath` | `./public/docs` | docs directory path |
| `indexpath` | `./public/views/index.ejs` | index template file path | | `indexPath` | `./public/views/index.ejs` | index template file path |
| `hackmdpath` | `./public/views/hackmd.ejs` | hackmd template file path | | `hackmdPath` | `./public/views/hackmd.ejs` | hackmd template file path |
| `errorpath` | `./public/views/error.ejs` | error template file path | | `errorPath` | `./public/views/error.ejs` | error template file path |
| `prettypath` | `./public/views/pretty.ejs` | pretty template file path | | `prettyPath` | `./public/views/pretty.ejs` | pretty template file path |
| `slidepath` | `./public/views/slide.hbs` | slide template file path | | `slidePath` | `./public/views/slide.hbs` | slide template file path |
| `sessionname` | `connect.sid` | cookie session name | | `sessionName` | `connect.sid` | cookie session name |
| `sessionsecret` | `secret` | cookie session secret | | `sessionSecret` | `secret` | cookie session secret |
| `sessionlife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | | `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life |
| `staticcachetime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | | `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time |
| `heartbeatinterval` | `5000` | socket.io heartbeat interval | | `heartbeatInterval` | `5000` | socket.io heartbeat interval |
| `heartbeattimeout` | `10000` | socket.io heartbeat timeout | | `heartbeatTimeout` | `10000` | socket.io heartbeat timeout |
| `documentmaxlength` | `100000` | note max length | | `documentMaxLength` | `100000` | note max length |
| `email` | `true` or `false` | set to allow email signin | | `email` | `true` or `false` | set to allow email signin |
| `allowemailregister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | | `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
| `imageuploadtype` | `imgur`(default), `s3`, `minio` or `filesystem` | Where to upload image | `imageUploadType` | `imgur`(default), `s3`, `minio` or `filesystem` | Where to upload image
| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageuploadtype` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | | `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | | `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |
| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageuploadtype` is set to `s3` or `minio` | | `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` |
## Third-party integration API key settings ## Third-party integration API key settings

34
app.js
View file

@ -30,7 +30,7 @@ var csp = require('./lib/csp')
var constpath = path.join(__dirname, './public/js/lib/common/constant.ejs') var constpath = path.join(__dirname, './public/js/lib/common/constant.ejs')
var data = { var data = {
domain: config.domain, domain: config.domain,
urlpath: config.urlpath, urlpath: config.urlPath,
debug: config.debug, debug: config.debug,
version: config.version, version: config.version,
GOOGLE_API_KEY: config.google.clientSecret, GOOGLE_API_KEY: config.google.clientSecret,
@ -47,20 +47,20 @@ ejs.renderFile(constpath, data, {}, function (err, str) {
// server setup // server setup
var app = express() var app = express()
var server = null var server = null
if (config.usessl) { if (config.useSSL) {
var ca = (function () { var ca = (function () {
var i, len, results var i, len, results
results = [] results = []
for (i = 0, len = config.sslcapath.length; i < len; i++) { for (i = 0, len = config.sslCAPath.length; i < len; i++) {
results.push(fs.readFileSync(config.sslcapath[i], 'utf8')) results.push(fs.readFileSync(config.sslCAPath[i], 'utf8'))
} }
return results return results
})() })()
var options = { var options = {
key: fs.readFileSync(config.sslkeypath, 'utf8'), key: fs.readFileSync(config.sslKeyPath, 'utf8'),
cert: fs.readFileSync(config.sslcertpath, 'utf8'), cert: fs.readFileSync(config.sslCertPath, 'utf8'),
ca: ca, ca: ca,
dhparam: fs.readFileSync(config.dhparampath, 'utf8'), dhparam: fs.readFileSync(config.dhParamPath, 'utf8'),
requestCert: false, requestCert: false,
rejectUnauthorized: false rejectUnauthorized: false
} }
@ -105,7 +105,7 @@ if (config.hsts.enable) {
includeSubdomains: config.hsts.includeSubdomains, includeSubdomains: config.hsts.includeSubdomains,
preload: config.hsts.preload preload: config.hsts.preload
})) }))
} else if (config.usessl) { } else if (config.useSSL) {
logger.info('Consider enabling HSTS for extra security:') logger.info('Consider enabling HSTS for extra security:')
logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security') logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security')
} }
@ -142,17 +142,17 @@ app.use(i18n.init)
// routes without sessions // routes without sessions
// static files // static files
app.use('/', express.static(path.join(__dirname, '/public'), { maxAge: config.staticcachetime })) app.use('/', express.static(path.join(__dirname, '/public'), { maxAge: config.staticCacheTime }))
// session // session
app.use(session({ app.use(session({
name: config.sessionname, name: config.sessionName,
secret: config.sessionsecret, secret: config.sessionSecret,
resave: false, // don't save session if unmodified resave: false, // don't save session if unmodified
saveUninitialized: true, // always create session to ensure the origin saveUninitialized: true, // always create session to ensure the origin
rolling: true, // reset maxAge on every response rolling: true, // reset maxAge on every response
cookie: { cookie: {
maxAge: config.sessionlife maxAge: config.sessionLife
}, },
store: sessionStore store: sessionStore
})) }))
@ -207,22 +207,22 @@ io.use(realtime.secure)
// socket.io auth // socket.io auth
io.use(passportSocketIo.authorize({ io.use(passportSocketIo.authorize({
cookieParser: cookieParser, cookieParser: cookieParser,
key: config.sessionname, key: config.sessionName,
secret: config.sessionsecret, secret: config.sessionSecret,
store: sessionStore, store: sessionStore,
success: realtime.onAuthorizeSuccess, success: realtime.onAuthorizeSuccess,
fail: realtime.onAuthorizeFail fail: realtime.onAuthorizeFail
})) }))
// socket.io heartbeat // socket.io heartbeat
io.set('heartbeat interval', config.heartbeatinterval) io.set('heartbeat interval', config.heartbeatInterval)
io.set('heartbeat timeout', config.heartbeattimeout) io.set('heartbeat timeout', config.heartbeatTimeout)
// socket.io connection // socket.io connection
io.sockets.on('connection', realtime.connection) io.sockets.on('connection', realtime.connection)
// listen // listen
function startListen () { function startListen () {
server.listen(config.port, function () { server.listen(config.port, function () {
var schema = config.usessl ? 'HTTPS' : 'HTTP' var schema = config.useSSL ? 'HTTPS' : 'HTTP'
logger.info('%s Server listening at port %d', schema, config.port) logger.info('%s Server listening at port %d', schema, config.port)
realtime.maintenance = false realtime.maintenance = false
}) })

View file

@ -2,11 +2,11 @@
module.exports = { module.exports = {
domain: '', domain: '',
urlpath: '', urlPath: '',
port: 3000, port: 3000,
urladdport: false, urlAddPort: false,
alloworigin: ['localhost'], allowOrigin: ['localhost'],
usessl: false, useSSL: false,
hsts: { hsts: {
enable: true, enable: true,
maxAgeSeconds: 31536000, maxAgeSeconds: 31536000,
@ -21,42 +21,40 @@ module.exports = {
upgradeInsecureRequests: 'auto', upgradeInsecureRequests: 'auto',
reportURI: undefined reportURI: undefined
}, },
protocolusessl: false, protocolUseSSL: false,
usecdn: true, useCDN: true,
allowanonymous: true, allowAnonymous: true,
allowanonymousedits: false, allowAnonymousEdits: false,
allowfreeurl: false, allowFreeURL: false,
defaultpermission: 'editable', defaultPermission: 'editable',
dburl: '', dbURL: '',
db: {}, db: {},
// ssl path // ssl path
sslkeypath: '', sslKeyPath: '',
sslcertpath: '', sslCertPath: '',
sslcapath: '', sslCAPath: '',
dhparampath: '', dhParamPath: '',
// other path // other path
tmppath: './tmp', tmpPath: './tmp',
defaultnotepath: './public/default.md', defaultNotePath: './public/default.md',
docspath: './public/docs', docsPath: './public/docs',
indexpath: './public/views/index.ejs', indexPath: './public/views/index.ejs',
hackmdpath: './public/views/hackmd.ejs', hackmdPath: './public/views/hackmd.ejs',
errorpath: './public/views/error.ejs', errorPath: './public/views/error.ejs',
prettypath: './public/views/pretty.ejs', prettyPath: './public/views/pretty.ejs',
slidepath: './public/views/slide.ejs', slidePath: './public/views/slide.ejs',
// session // session
sessionname: 'connect.sid', sessionName: 'connect.sid',
sessionsecret: 'secret', sessionSecret: 'secret',
sessionlife: 14 * 24 * 60 * 60 * 1000, // 14 days sessionLife: 14 * 24 * 60 * 60 * 1000, // 14 days
staticcachetime: 1 * 24 * 60 * 60 * 1000, // 1 day staticCacheTime: 1 * 24 * 60 * 60 * 1000, // 1 day
// socket.io // socket.io
heartbeatinterval: 5000, heartbeatInterval: 5000,
heartbeattimeout: 10000, heartbeatTimeout: 10000,
// document // document
documentmaxlength: 100000, documentMaxLength: 100000,
// image upload setting, available options are imgur/s3/filesystem // image upload setting, available options are imgur/s3/filesystem
imageuploadtype: 'filesystem', imageUploadType: 'filesystem',
// legacy variable name for imageuploadtype
imageUploadType: undefined,
imgur: { imgur: {
clientID: undefined clientID: undefined
}, },
@ -133,6 +131,6 @@ module.exports = {
} }
}, },
email: true, email: true,
allowemailregister: true, allowEmailRegister: true,
allowpdfexport: true allowPDFExport: true
} }

View file

@ -4,10 +4,10 @@ const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils')
module.exports = { module.exports = {
domain: process.env.HMD_DOMAIN, domain: process.env.HMD_DOMAIN,
urlpath: process.env.HMD_URL_PATH, urlPath: process.env.HMD_URL_PATH,
port: toIntegerConfig(process.env.HMD_PORT), port: toIntegerConfig(process.env.HMD_PORT),
urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT), urlAddPort: toBooleanConfig(process.env.HMD_URL_ADDPORT),
usessl: toBooleanConfig(process.env.HMD_USESSL), useSSL: toBooleanConfig(process.env.HMD_USESSL),
hsts: { hsts: {
enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE), enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE, maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE,
@ -18,15 +18,15 @@ module.exports = {
enable: toBooleanConfig(process.env.HMD_CSP_ENABLE), enable: toBooleanConfig(process.env.HMD_CSP_ENABLE),
reportURI: process.env.HMD_CSP_REPORTURI reportURI: process.env.HMD_CSP_REPORTURI
}, },
protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), protocolUseSSL: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
usecdn: toBooleanConfig(process.env.HMD_USECDN), useCDN: toBooleanConfig(process.env.HMD_USECDN),
allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS), allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
defaultpermission: process.env.HMD_DEFAULT_PERMISSION, defaultPermission: process.env.HMD_DEFAULT_PERMISSION,
dburl: process.env.HMD_DB_URL, dbURL: process.env.HMD_DB_URL,
imageuploadtype: process.env.HMD_IMAGE_UPLOAD_TYPE, imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE,
imgur: { imgur: {
clientID: process.env.HMD_IMGUR_CLIENTID clientID: process.env.HMD_IMGUR_CLIENTID
}, },
@ -102,6 +102,6 @@ module.exports = {
} }
}, },
email: toBooleanConfig(process.env.HMD_EMAIL), email: toBooleanConfig(process.env.HMD_EMAIL),
allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER),
allowpdfexport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT)
} }

View file

@ -27,6 +27,7 @@ const fileConfig = fs.existsSync(configFilePath) ? require(configFilePath)[env]
let config = require('./default') let config = require('./default')
merge(config, require('./defaultSSL')) merge(config, require('./defaultSSL'))
merge(config, require('./oldDefault'))
merge(config, debugConfig) merge(config, debugConfig)
merge(config, packageConfig) merge(config, packageConfig)
merge(config, fileConfig) merge(config, fileConfig)
@ -51,35 +52,35 @@ if (config.ldap.tlsca) {
// Permission // Permission
config.permission = Permission config.permission = Permission
if (!config.allowanonymous && !config.allowanonymousedits) { if (!config.allowAnonymous && !config.allowAnonymousedits) {
delete config.permission.freely delete config.permission.freely
} }
if (!(config.defaultpermission in config.permission)) { if (!(config.defaultPermission in config.permission)) {
config.defaultpermission = config.permission.editable config.defaultPermission = config.permission.editable
} }
// cache result, cannot change config in runtime!!! // cache result, cannot change config in runtime!!!
config.isStandardHTTPsPort = (function isStandardHTTPsPort () { config.isStandardHTTPsPort = (function isStandardHTTPsPort () {
return config.usessl && config.port === 443 return config.useSSL && config.port === 443
})() })()
config.isStandardHTTPPort = (function isStandardHTTPPort () { config.isStandardHTTPPort = (function isStandardHTTPPort () {
return !config.usessl && config.port === 80 return !config.useSSL && config.port === 80
})() })()
// cache serverURL // cache serverURL
config.serverurl = (function getserverurl () { config.serverURL = (function getserverurl () {
var url = '' var url = ''
if (config.domain) { if (config.domain) {
var protocol = config.protocolusessl ? 'https://' : 'http://' var protocol = config.protocolUseSSL ? 'https://' : 'http://'
url = protocol + config.domain url = protocol + config.domain
if (config.urladdport) { if (config.urlAddPort) {
if (!config.isStandardHTTPPort || !config.isStandardHTTPsPort) { if (!config.isStandardHTTPPort || !config.isStandardHTTPsPort) {
url += ':' + config.port url += ':' + config.port
} }
} }
} }
if (config.urlpath) { if (config.urlPath) {
url += '/' + config.urlpath url += '/' + config.urlPath
} }
return url return url
})() })()
@ -97,21 +98,33 @@ config.isGitLabEnable = config.gitlab.clientID && config.gitlab.clientSecret
config.isMattermostEnable = config.mattermost.clientID && config.mattermost.clientSecret config.isMattermostEnable = config.mattermost.clientID && config.mattermost.clientSecret
config.isLDAPEnable = config.ldap.url config.isLDAPEnable = config.ldap.url
config.isSAMLEnable = config.saml.idpSsoUrl config.isSAMLEnable = config.saml.idpSsoUrl
config.isPDFExportEnable = config.allowpdfexport config.isPDFExportEnable = config.allowPDFExport
// merge legacy values // merge legacy values
if (config.imageUploadType && !config.imageuploadtype) { let keys = Object.keys(config)
config.imageuploadtype = config.imageUploadType const uppercase = /[A-Z]/
for (let i = keys.length; i--;) {
let lowercaseKey = keys[i].toLowerCase()
// if the config contains uppercase letters
// and a lowercase version of this setting exists
// and the config with uppercase is not set
// we set the new config using the old key.
if (uppercase.test(keys[i]) &&
config[lowercaseKey] &&
!config[keys[1]]) {
logger.warn('config.js contains deprecated lowercase setting for ' + keys[i] + '. Please change your config.js file to replace ' + lowercaseKey + ' with ' + keys[i])
config[keys[i]] = config[lowercaseKey]
}
} }
// Validate upload upload providers // Validate upload upload providers
if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageuploadtype) === -1) { if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageUploadType) === -1) {
logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio" or "imgur". Defaulting to "imgur"') logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio" or "imgur". Defaulting to "imgur"')
config.imageuploadtype = 'imgur' config.imageUploadType = 'imgur'
} }
// figure out mime types for image uploads // figure out mime types for image uploads
switch (config.imageuploadtype) { switch (config.imageUploadType) {
case 'imgur': case 'imgur':
config.allowedUploadMimeTypes = [ config.allowedUploadMimeTypes = [
'image/jpeg', 'image/jpeg',
@ -131,22 +144,22 @@ switch (config.imageuploadtype) {
} }
// generate correct path // generate correct path
config.sslcapath.forEach(function (capath, i, array) { config.sslCAPath.forEach(function (capath, i, array) {
array[i] = path.resolve(appRootPath, capath) array[i] = path.resolve(appRootPath, capath)
}) })
config.sslcertpath = path.join(appRootPath, config.sslcertpath) config.sslCertPath = path.join(appRootPath, config.sslCertPath)
config.sslkeypath = path.join(appRootPath, config.sslkeypath) config.sslKeyPath = path.join(appRootPath, config.sslKeyPath)
config.dhparampath = path.join(appRootPath, config.dhparampath) config.dhParamPath = path.join(appRootPath, config.dhParamPath)
config.tmppath = path.join(appRootPath, config.tmppath) config.tmpPath = path.join(appRootPath, config.tmpPath)
config.defaultnotepath = path.join(appRootPath, config.defaultnotepath) config.defaultNotePath = path.join(appRootPath, config.defaultNotePath)
config.docspath = path.join(appRootPath, config.docspath) config.docsPath = path.join(appRootPath, config.docsPath)
config.indexpath = path.join(appRootPath, config.indexpath) config.indexPath = path.join(appRootPath, config.indexPath)
config.hackmdpath = path.join(appRootPath, config.hackmdpath) config.hackmdPath = path.join(appRootPath, config.hackmdPath)
config.errorpath = path.join(appRootPath, config.errorpath) config.errorPath = path.join(appRootPath, config.errorPath)
config.prettypath = path.join(appRootPath, config.prettypath) config.prettyPath = path.join(appRootPath, config.prettyPath)
config.slidepath = path.join(appRootPath, config.slidepath) config.slidePath = path.join(appRootPath, config.slidePath)
// make config readonly // make config readonly
config = deepFreeze(config) config = deepFreeze(config)

42
lib/config/oldDefault.js Normal file
View file

@ -0,0 +1,42 @@
'use strict'
module.exports = {
urlpath: undefined,
urladdport: undefined,
alloworigin: undefined,
usessl: undefined,
protocolusessl: undefined,
usecdn: undefined,
allowanonymous: undefined,
allowanonymousedits: undefined,
allowfreeurl: undefined,
defaultpermission: undefined,
dburl: undefined,
// ssl path
sslkeypath: undefined,
sslcertpath: undefined,
sslcapath: undefined,
dhparampath: undefined,
// other path
tmppath: undefined,
defaultnotepath: undefined,
docspath: undefined,
indexpath: undefined,
hackmdpath: undefined,
errorpath: undefined,
prettypath: undefined,
slidepath: undefined,
// session
sessionname: undefined,
sessionsecret: undefined,
sessionlife: undefined,
staticcachetime: undefined,
// socket.io
heartbeatinterval: undefined,
heartbeattimeout: undefined,
// document
documentmaxlength: undefined,
imageuploadtype: undefined,
allowemailregister: undefined,
allowpdfexport: undefined
}

View file

@ -25,7 +25,7 @@ CspStrategy.computeDirectives = function () {
var directives = {} var directives = {}
mergeDirectives(directives, config.csp.directives) mergeDirectives(directives, config.csp.directives)
mergeDirectivesIf(config.csp.addDefaults, directives, defaultDirectives) mergeDirectivesIf(config.csp.addDefaults, directives, defaultDirectives)
mergeDirectivesIf(config.usecdn, directives, cdnDirectives) mergeDirectivesIf(config.useCDN, directives, cdnDirectives)
if (!areAllInlineScriptsAllowed(directives)) { if (!areAllInlineScriptsAllowed(directives)) {
addInlineScriptExceptions(directives) addInlineScriptExceptions(directives)
} }
@ -66,7 +66,7 @@ function getCspNonce (req, res) {
} }
function addUpgradeUnsafeRequestsOptionTo (directives) { function addUpgradeUnsafeRequestsOptionTo (directives) {
if (config.csp.upgradeInsecureRequests === 'auto' && config.usessl) { if (config.csp.upgradeInsecureRequests === 'auto' && config.useSSL) {
directives.upgradeInsecureRequests = true directives.upgradeInsecureRequests = true
} else if (config.csp.upgradeInsecureRequests === true) { } else if (config.csp.upgradeInsecureRequests === true) {
directives.upgradeInsecureRequests = true directives.upgradeInsecureRequests = true

View file

@ -15,8 +15,8 @@ dbconfig.logging = config.debug ? logger.info : false
var sequelize = null var sequelize = null
// Heroku specific // Heroku specific
if (config.dburl) { if (config.dbURL) {
sequelize = new Sequelize(config.dburl, dbconfig) sequelize = new Sequelize(config.dbURL, dbconfig)
} else { } else {
sequelize = new Sequelize(dbconfig.database, dbconfig.username, dbconfig.password, dbconfig) sequelize = new Sequelize(dbconfig.database, dbconfig.username, dbconfig.password, dbconfig)
} }

View file

@ -148,7 +148,7 @@ module.exports = function (sequelize, DataTypes) {
} }
}).then(function (note) { }).then(function (note) {
if (note) { if (note) {
let filePath = path.join(config.docspath, noteId + '.md') let filePath = path.join(config.docsPath, noteId + '.md')
if (Note.checkFileExist(filePath)) { if (Note.checkFileExist(filePath)) {
// if doc in filesystem have newer modified time than last change time // if doc in filesystem have newer modified time than last change time
// then will update the doc in db // then will update the doc in db
@ -190,7 +190,7 @@ module.exports = function (sequelize, DataTypes) {
return callback(null, note.id) return callback(null, note.id)
} }
} else { } else {
var filePath = path.join(config.docspath, noteId + '.md') var filePath = path.join(config.docsPath, noteId + '.md')
if (Note.checkFileExist(filePath)) { if (Note.checkFileExist(filePath)) {
Note.create({ Note.create({
alias: noteId, alias: noteId,
@ -520,16 +520,16 @@ module.exports = function (sequelize, DataTypes) {
var body = null var body = null
let filePath = null let filePath = null
if (!note.alias) { if (!note.alias) {
filePath = config.defaultnotepath filePath = config.defaultNotePath
} else { } else {
filePath = path.join(config.docspath, note.alias + '.md') filePath = path.join(config.docsPath, note.alias + '.md')
} }
if (Note.checkFileExist(filePath)) { if (Note.checkFileExist(filePath)) {
var fsCreatedTime = moment(fs.statSync(filePath).ctime) var fsCreatedTime = moment(fs.statSync(filePath).ctime)
body = fs.readFileSync(filePath, 'utf8') body = fs.readFileSync(filePath, 'utf8')
note.title = Note.parseNoteTitle(body) note.title = Note.parseNoteTitle(body)
note.content = body note.content = body
if (filePath !== config.defaultnotepath) { if (filePath !== config.defaultNotePath) {
note.createdAt = fsCreatedTime note.createdAt = fsCreatedTime
} }
} }
@ -537,7 +537,7 @@ module.exports = function (sequelize, DataTypes) {
// if no permission specified and have owner then give default permission in config, else default permission is freely // if no permission specified and have owner then give default permission in config, else default permission is freely
if (!note.permission) { if (!note.permission) {
if (note.ownerId) { if (note.ownerId) {
note.permission = config.defaultpermission note.permission = config.defaultPermission
} else { } else {
note.permission = 'freely' note.permission = 'freely'
} }

View file

@ -32,7 +32,7 @@ ot.Server = (function (global) {
// ... and apply that on the document. // ... and apply that on the document.
var newDocument = operation.apply(this.document); var newDocument = operation.apply(this.document);
// ignore if exceed the max length of document // ignore if exceed the max length of document
if(newDocument.length > config.documentmaxlength && newDocument.length > this.document.length) if(newDocument.length > config.documentMaxLength && newDocument.length > this.document.length)
return; return;
this.document = newDocument; this.document = newDocument;
// Store operation in history. // Store operation in history.

View file

@ -45,10 +45,10 @@ function secure (socket, next) {
var handshakeData = socket.request var handshakeData = socket.request
if (handshakeData.headers.cookie) { if (handshakeData.headers.cookie) {
handshakeData.cookie = cookie.parse(handshakeData.headers.cookie) handshakeData.cookie = cookie.parse(handshakeData.headers.cookie)
handshakeData.sessionID = cookieParser.signedCookie(handshakeData.cookie[config.sessionname], config.sessionsecret) handshakeData.sessionID = cookieParser.signedCookie(handshakeData.cookie[config.sessionName], config.sessionSecret)
if (handshakeData.sessionID && if (handshakeData.sessionID &&
handshakeData.cookie[config.sessionname] && handshakeData.cookie[config.sessionName] &&
handshakeData.cookie[config.sessionname] !== handshakeData.sessionID) { handshakeData.cookie[config.sessionName] !== handshakeData.sessionID) {
if (config.debug) { logger.info('AUTH success cookie: ' + handshakeData.sessionID) } if (config.debug) { logger.info('AUTH success cookie: ' + handshakeData.sessionID) }
return next() return next()
} else { } else {
@ -284,7 +284,7 @@ function extractNoteIdFromSocket (socket) {
return false return false
} }
var hostUrl = url.parse(referer) var hostUrl = url.parse(referer)
var noteId = config.urlpath ? hostUrl.pathname.slice(config.urlpath.length + 1, hostUrl.pathname.length).split('/')[1] : hostUrl.pathname.split('/')[1] var noteId = config.urlPath ? hostUrl.pathname.slice(config.urlPath.length + 1, hostUrl.pathname.length).split('/')[1] : hostUrl.pathname.split('/')[1]
return noteId return noteId
} else { } else {
return false return false
@ -330,7 +330,7 @@ function emitRefresh (socket) {
var note = notes[noteId] var note = notes[noteId]
var out = { var out = {
title: note.title, title: note.title,
docmaxlength: config.documentmaxlength, docmaxlength: config.documentMaxLength,
owner: note.owner, owner: note.owner,
ownerprofile: note.ownerprofile, ownerprofile: note.ownerprofile,
lastchangeuser: note.lastchangeuser, lastchangeuser: note.lastchangeuser,
@ -788,7 +788,7 @@ function connection (socket) {
var note = notes[noteId] var note = notes[noteId]
// Only owner can change permission // Only owner can change permission
if (note.owner && note.owner === socket.request.user.id) { if (note.owner && note.owner === socket.request.user.id) {
if (permission === 'freely' && !config.allowanonymous && !config.allowanonymousedits) return if (permission === 'freely' && !config.allowAnonymous && !config.allowAnonymousedits) return
note.permission = permission note.permission = permission
models.Note.update({ models.Note.update({
permission: permission permission: permission

View file

@ -44,22 +44,22 @@ var response = {
} }
function responseError (res, code, detail, msg) { function responseError (res, code, detail, msg) {
res.status(code).render(config.errorpath, { res.status(code).render(config.errorPath, {
url: config.serverurl, url: config.serverURL,
title: code + ' ' + detail + ' ' + msg, title: code + ' ' + detail + ' ' + msg,
code: code, code: code,
detail: detail, detail: detail,
msg: msg, msg: msg,
useCDN: config.usecdn useCDN: config.useCDN
}) })
} }
function showIndex (req, res, next) { function showIndex (req, res, next) {
res.render(config.indexpath, { res.render(config.indexPath, {
url: config.serverurl, url: config.serverURL,
useCDN: config.usecdn, useCDN: config.useCDN,
allowAnonymous: config.allowanonymous, allowAnonymous: config.allowAnonymous,
allowAnonymousEdits: config.allowanonymousedits, allowAnonymousEdits: config.allowAnonymousedits,
facebook: config.isFacebookEnable, facebook: config.isFacebookEnable,
twitter: config.isTwitterEnable, twitter: config.isTwitterEnable,
github: config.isGitHubEnable, github: config.isGitHubEnable,
@ -71,8 +71,8 @@ function showIndex (req, res, next) {
ldapProviderName: config.ldap.providerName, ldapProviderName: config.ldap.providerName,
saml: config.isSAMLEnable, saml: config.isSAMLEnable,
email: config.isEmailEnable, email: config.isEmailEnable,
allowemailregister: config.allowemailregister, allowEmailRegister: config.allowEmailRegister,
allowpdfexport: config.allowpdfexport, allowPDFExport: config.allowPDFExport,
signin: req.isAuthenticated(), signin: req.isAuthenticated(),
infoMessage: req.flash('info'), infoMessage: req.flash('info'),
errorMessage: req.flash('error') errorMessage: req.flash('error')
@ -89,12 +89,12 @@ function responseHackMD (res, note) {
'Cache-Control': 'private', // only cache by client 'Cache-Control': 'private', // only cache by client
'X-Robots-Tag': 'noindex, nofollow' // prevent crawling 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
}) })
res.render(config.hackmdpath, { res.render(config.hackmdPath, {
url: config.serverurl, url: config.serverURL,
title: title, title: title,
useCDN: config.usecdn, useCDN: config.useCDN,
allowAnonymous: config.allowanonymous, allowAnonymous: config.allowAnonymous,
allowAnonymousEdits: config.allowanonymousedits, allowAnonymousEdits: config.allowAnonymousedits,
facebook: config.isFacebookEnable, facebook: config.isFacebookEnable,
twitter: config.isTwitterEnable, twitter: config.isTwitterEnable,
github: config.isGitHubEnable, github: config.isGitHubEnable,
@ -106,8 +106,8 @@ function responseHackMD (res, note) {
ldapProviderName: config.ldap.providerName, ldapProviderName: config.ldap.providerName,
saml: config.isSAMLEnable, saml: config.isSAMLEnable,
email: config.isEmailEnable, email: config.isEmailEnable,
allowemailregister: config.allowemailregister, allowEmailRegister: config.allowEmailRegister,
allowpdfexport: config.allowpdfexport allowPDFExport: config.allowPDFExport
}) })
} }
@ -115,7 +115,7 @@ function newNote (req, res, next) {
var owner = null var owner = null
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
owner = req.user.id owner = req.user.id
} else if (!config.allowanonymous) { } else if (!config.allowAnonymous) {
return response.errorForbidden(res) return response.errorForbidden(res)
} }
models.Note.create({ models.Note.create({
@ -123,7 +123,7 @@ function newNote (req, res, next) {
alias: req.alias ? req.alias : null, alias: req.alias ? req.alias : null,
content: req.body ? req.body : '' content: req.body ? req.body : ''
}).then(function (note) { }).then(function (note) {
return res.redirect(config.serverurl + '/' + models.Note.encodeNoteId(note.id)) return res.redirect(config.serverURL + '/' + models.Note.encodeNoteId(note.id))
}).catch(function (err) { }).catch(function (err) {
logger.error(err) logger.error(err)
return response.errorInternalError(res) return response.errorInternalError(res)
@ -155,7 +155,7 @@ function findNote (req, res, callback, include) {
include: include || null include: include || null
}).then(function (note) { }).then(function (note) {
if (!note) { if (!note) {
if (config.allowfreeurl && noteId) { if (config.allowFreeURL && noteId) {
req.alias = noteId req.alias = noteId
return newNote(req, res) return newNote(req, res)
} else { } else {
@ -179,7 +179,7 @@ function showNote (req, res, next) {
// force to use note id // force to use note id
var noteId = req.params.noteId var noteId = req.params.noteId
var id = models.Note.encodeNoteId(note.id) var id = models.Note.encodeNoteId(note.id)
if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverurl + '/' + (note.alias || id)) } if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverURL + '/' + (note.alias || id)) }
return responseHackMD(res, note) return responseHackMD(res, note)
}) })
} }
@ -196,7 +196,7 @@ function showPublishNote (req, res, next) {
// force to use short id // force to use short id
var shortid = req.params.shortid var shortid = req.params.shortid
if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
return res.redirect(config.serverurl + '/s/' + (note.alias || note.shortid)) return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid))
} }
note.increment('viewcount').then(function (note) { note.increment('viewcount').then(function (note) {
if (!note) { if (!note) {
@ -210,7 +210,7 @@ function showPublishNote (req, res, next) {
var updatetime = note.lastchangeAt var updatetime = note.lastchangeAt
var title = models.Note.decodeTitle(note.title) var title = models.Note.decodeTitle(note.title)
title = models.Note.generateWebTitle(meta.title || title) title = models.Note.generateWebTitle(meta.title || title)
var origin = config.serverurl var origin = config.serverURL
var data = { var data = {
title: title, title: title,
description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
@ -219,7 +219,7 @@ function showPublishNote (req, res, next) {
updatetime: updatetime, updatetime: updatetime,
url: origin, url: origin,
body: body, body: body,
useCDN: config.usecdn, useCDN: config.useCDN,
owner: note.owner ? note.owner.id : null, owner: note.owner ? note.owner.id : null,
ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
@ -240,15 +240,15 @@ function renderPublish (data, res) {
res.set({ res.set({
'Cache-Control': 'private' // only cache by client 'Cache-Control': 'private' // only cache by client
}) })
res.render(config.prettypath, data) res.render(config.prettyPath, data)
} }
function actionPublish (req, res, note) { function actionPublish (req, res, note) {
res.redirect(config.serverurl + '/s/' + (note.alias || note.shortid)) res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid))
} }
function actionSlide (req, res, note) { function actionSlide (req, res, note) {
res.redirect(config.serverurl + '/p/' + (note.alias || note.shortid)) res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid))
} }
function actionDownload (req, res, note) { function actionDownload (req, res, note) {
@ -298,10 +298,10 @@ function actionPDF (req, res, note) {
var extracted = models.Note.extractMeta(body) var extracted = models.Note.extractMeta(body)
var title = models.Note.decodeTitle(note.title) var title = models.Note.decodeTitle(note.title)
if (!fs.existsSync(config.tmppath)) { if (!fs.existsSync(config.tmpPath)) {
fs.mkdirSync(config.tmppath) fs.mkdirSync(config.tmpPath)
} }
var path = config.tmppath + '/' + Date.now() + '.pdf' var path = config.tmpPath + '/' + Date.now() + '.pdf'
markdownpdf().from.string(extracted.markdown).to(path, function () { markdownpdf().from.string(extracted.markdown).to(path, function () {
var stream = fs.createReadStream(path) var stream = fs.createReadStream(path)
var filename = title var filename = title
@ -320,7 +320,7 @@ function actionPDF (req, res, note) {
function actionGist (req, res, note) { function actionGist (req, res, note) {
var data = { var data = {
client_id: config.github.clientID, client_id: config.github.clientID,
redirect_uri: config.serverurl + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist',
scope: 'gist', scope: 'gist',
state: shortId.generate() state: shortId.generate()
} }
@ -393,10 +393,10 @@ function noteActions (req, res, next) {
actionInfo(req, res, note) actionInfo(req, res, note)
break break
case 'pdf': case 'pdf':
if (config.allowpdfexport) { if (config.allowPDFExport) {
actionPDF(req, res, note) actionPDF(req, res, note)
} else { } else {
logger.error('PDF export failed: Disabled by config. Set "allowpdfexport: true" to enable. Check the documentation for details') logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
response.errorForbidden(res) response.errorForbidden(res)
} }
break break
@ -407,7 +407,7 @@ function noteActions (req, res, next) {
actionRevision(req, res, note) actionRevision(req, res, note)
break break
default: default:
return res.redirect(config.serverurl + '/' + noteId) return res.redirect(config.serverURL + '/' + noteId)
} }
}) })
} }
@ -417,10 +417,10 @@ function publishNoteActions (req, res, next) {
var action = req.params.action var action = req.params.action
switch (action) { switch (action) {
case 'edit': case 'edit':
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
break break
default: default:
res.redirect(config.serverurl + '/s/' + note.shortid) res.redirect(config.serverURL + '/s/' + note.shortid)
break break
} }
}) })
@ -431,10 +431,10 @@ function publishSlideActions (req, res, next) {
var action = req.params.action var action = req.params.action
switch (action) { switch (action) {
case 'edit': case 'edit':
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
break break
default: default:
res.redirect(config.serverurl + '/p/' + note.shortid) res.redirect(config.serverURL + '/p/' + note.shortid)
break break
} }
}) })
@ -449,7 +449,7 @@ function githubActions (req, res, next) {
githubActionGist(req, res, note) githubActionGist(req, res, note)
break break
default: default:
res.redirect(config.serverurl + '/' + noteId) res.redirect(config.serverURL + '/' + noteId)
break break
} }
}) })
@ -521,7 +521,7 @@ function gitlabActions (req, res, next) {
gitlabActionProjects(req, res, note) gitlabActionProjects(req, res, note)
break break
default: default:
res.redirect(config.serverurl + '/' + noteId) res.redirect(config.serverURL + '/' + noteId)
break break
} }
}) })
@ -569,7 +569,7 @@ function showPublishSlide (req, res, next) {
findNote(req, res, function (note) { findNote(req, res, function (note) {
// force to use short id // force to use short id
var shortid = req.params.shortid var shortid = req.params.shortid
if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { return res.redirect(config.serverurl + '/p/' + (note.alias || note.shortid)) } if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { return res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) }
note.increment('viewcount').then(function (note) { note.increment('viewcount').then(function (note) {
if (!note) { if (!note) {
return response.errorNotFound(res) return response.errorNotFound(res)
@ -582,7 +582,7 @@ function showPublishSlide (req, res, next) {
var updatetime = note.lastchangeAt var updatetime = note.lastchangeAt
var title = models.Note.decodeTitle(note.title) var title = models.Note.decodeTitle(note.title)
title = models.Note.generateWebTitle(meta.title || title) title = models.Note.generateWebTitle(meta.title || title)
var origin = config.serverurl var origin = config.serverURL
var data = { var data = {
title: title, title: title,
description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
@ -593,7 +593,7 @@ function showPublishSlide (req, res, next) {
body: markdown, body: markdown,
theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme), theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme),
meta: JSON.stringify(extracted.meta), meta: JSON.stringify(extracted.meta),
useCDN: config.usecdn, useCDN: config.useCDN,
owner: note.owner ? note.owner.id : null, owner: note.owner ? note.owner.id : null,
ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
@ -615,7 +615,7 @@ function renderPublishSlide (data, res) {
res.set({ res.set({
'Cache-Control': 'private' // only cache by client 'Cache-Control': 'private' // only cache by client
}) })
res.render(config.slidepath, data) res.render(config.slidePath, data)
} }
module.exports = response module.exports = response

View file

@ -12,7 +12,7 @@ passport.use(new DropboxStrategy({
apiVersion: '2', apiVersion: '2',
clientID: config.dropbox.clientID, clientID: config.dropbox.clientID,
clientSecret: config.dropbox.clientSecret, clientSecret: config.dropbox.clientSecret,
callbackURL: config.serverurl + '/auth/dropbox/callback' callbackURL: config.serverURL + '/auth/dropbox/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
dropboxAuth.get('/auth/dropbox', function (req, res, next) { dropboxAuth.get('/auth/dropbox', function (req, res, next) {
@ -23,7 +23,7 @@ dropboxAuth.get('/auth/dropbox', function (req, res, next) {
// dropbox auth callback // dropbox auth callback
dropboxAuth.get('/auth/dropbox/callback', dropboxAuth.get('/auth/dropbox/callback',
passport.authenticate('dropbox-oauth2', { passport.authenticate('dropbox-oauth2', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -31,7 +31,7 @@ passport.use(new LocalStrategy({
}) })
})) }))
if (config.allowemailregister) { if (config.allowEmailRegister) {
emailAuth.post('/register', urlencodedParser, function (req, res, next) { emailAuth.post('/register', urlencodedParser, function (req, res, next) {
if (!req.body.email || !req.body.password) return response.errorBadRequest(res) if (!req.body.email || !req.body.password) return response.errorBadRequest(res)
if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res)
@ -51,10 +51,10 @@ if (config.allowemailregister) {
logger.debug('user found: ' + user.id) logger.debug('user found: ' + user.id)
req.flash('error', 'This email has been used, please try another one.') req.flash('error', 'This email has been used, please try another one.')
} }
return res.redirect(config.serverurl + '/') return res.redirect(config.serverURL + '/')
} }
req.flash('error', 'Failed to register your account, please try again.') req.flash('error', 'Failed to register your account, please try again.')
return res.redirect(config.serverurl + '/') return res.redirect(config.serverURL + '/')
}).catch(function (err) { }).catch(function (err) {
logger.error('auth callback failed: ' + err) logger.error('auth callback failed: ' + err)
return response.errorInternalError(res) return response.errorInternalError(res)
@ -67,8 +67,8 @@ emailAuth.post('/login', urlencodedParser, function (req, res, next) {
if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res)
setReturnToFromReferer(req) setReturnToFromReferer(req)
passport.authenticate('local', { passport.authenticate('local', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/', failureRedirect: config.serverURL + '/',
failureFlash: 'Invalid email or password.' failureFlash: 'Invalid email or password.'
})(req, res, next) })(req, res, next)
}) })

View file

@ -12,7 +12,7 @@ let facebookAuth = module.exports = Router()
passport.use(new FacebookStrategy({ passport.use(new FacebookStrategy({
clientID: config.facebook.clientID, clientID: config.facebook.clientID,
clientSecret: config.facebook.clientSecret, clientSecret: config.facebook.clientSecret,
callbackURL: config.serverurl + '/auth/facebook/callback' callbackURL: config.serverURL + '/auth/facebook/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
facebookAuth.get('/auth/facebook', function (req, res, next) { facebookAuth.get('/auth/facebook', function (req, res, next) {
@ -23,7 +23,7 @@ facebookAuth.get('/auth/facebook', function (req, res, next) {
// facebook auth callback // facebook auth callback
facebookAuth.get('/auth/facebook/callback', facebookAuth.get('/auth/facebook/callback',
passport.authenticate('facebook', { passport.authenticate('facebook', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -12,7 +12,7 @@ let githubAuth = module.exports = Router()
passport.use(new GithubStrategy({ passport.use(new GithubStrategy({
clientID: config.github.clientID, clientID: config.github.clientID,
clientSecret: config.github.clientSecret, clientSecret: config.github.clientSecret,
callbackURL: config.serverurl + '/auth/github/callback' callbackURL: config.serverURL + '/auth/github/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
githubAuth.get('/auth/github', function (req, res, next) { githubAuth.get('/auth/github', function (req, res, next) {
@ -23,8 +23,8 @@ githubAuth.get('/auth/github', function (req, res, next) {
// github auth callback // github auth callback
githubAuth.get('/auth/github/callback', githubAuth.get('/auth/github/callback',
passport.authenticate('github', { passport.authenticate('github', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -14,7 +14,7 @@ passport.use(new GitlabStrategy({
clientID: config.gitlab.clientID, clientID: config.gitlab.clientID,
clientSecret: config.gitlab.clientSecret, clientSecret: config.gitlab.clientSecret,
scope: config.gitlab.scope, scope: config.gitlab.scope,
callbackURL: config.serverurl + '/auth/gitlab/callback' callbackURL: config.serverURL + '/auth/gitlab/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
gitlabAuth.get('/auth/gitlab', function (req, res, next) { gitlabAuth.get('/auth/gitlab', function (req, res, next) {
@ -25,8 +25,8 @@ gitlabAuth.get('/auth/gitlab', function (req, res, next) {
// gitlab auth callback // gitlab auth callback
gitlabAuth.get('/auth/gitlab/callback', gitlabAuth.get('/auth/gitlab/callback',
passport.authenticate('gitlab', { passport.authenticate('gitlab', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -11,7 +11,7 @@ let googleAuth = module.exports = Router()
passport.use(new GoogleStrategy({ passport.use(new GoogleStrategy({
clientID: config.google.clientID, clientID: config.google.clientID,
clientSecret: config.google.clientSecret, clientSecret: config.google.clientSecret,
callbackURL: config.serverurl + '/auth/google/callback' callbackURL: config.serverURL + '/auth/google/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
googleAuth.get('/auth/google', function (req, res, next) { googleAuth.get('/auth/google', function (req, res, next) {
@ -21,7 +21,7 @@ googleAuth.get('/auth/google', function (req, res, next) {
// google auth callback // google auth callback
googleAuth.get('/auth/google/callback', googleAuth.get('/auth/google/callback',
passport.authenticate('google', { passport.authenticate('google', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -51,5 +51,5 @@ authRouter.get('/logout', function (req, res) {
logger.debug('user logout: ' + req.user.id) logger.debug('user logout: ' + req.user.id)
} }
req.logout() req.logout()
res.redirect(config.serverurl + '/') res.redirect(config.serverURL + '/')
}) })

View file

@ -84,8 +84,8 @@ ldapAuth.post('/auth/ldap', urlencodedParser, function (req, res, next) {
if (!req.body.username || !req.body.password) return response.errorBadRequest(res) if (!req.body.username || !req.body.password) return response.errorBadRequest(res)
setReturnToFromReferer(req) setReturnToFromReferer(req)
passport.authenticate('ldapauth', { passport.authenticate('ldapauth', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/', failureRedirect: config.serverURL + '/',
failureFlash: true failureFlash: true
})(req, res, next) })(req, res, next)
}) })

View file

@ -16,7 +16,7 @@ let mattermostStrategy = new OAuthStrategy({
tokenURL: config.mattermost.baseURL + '/oauth/access_token', tokenURL: config.mattermost.baseURL + '/oauth/access_token',
clientID: config.mattermost.clientID, clientID: config.mattermost.clientID,
clientSecret: config.mattermost.clientSecret, clientSecret: config.mattermost.clientSecret,
callbackURL: config.serverurl + '/auth/mattermost/callback' callbackURL: config.serverURL + '/auth/mattermost/callback'
}, passportGeneralCallback) }, passportGeneralCallback)
mattermostStrategy.userProfile = (accessToken, done) => { mattermostStrategy.userProfile = (accessToken, done) => {
@ -43,7 +43,7 @@ mattermostAuth.get('/auth/mattermost', function (req, res, next) {
// mattermost auth callback // mattermost auth callback
mattermostAuth.get('/auth/mattermost/callback', mattermostAuth.get('/auth/mattermost/callback',
passport.authenticate('oauth2', { passport.authenticate('oauth2', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -13,9 +13,9 @@ const intersection = function (array1, array2) { return array1.filter((n) => arr
let samlAuth = module.exports = Router() let samlAuth = module.exports = Router()
passport.use(new SamlStrategy({ passport.use(new SamlStrategy({
callbackUrl: config.serverurl + '/auth/saml/callback', callbackUrl: config.serverURL + '/auth/saml/callback',
entryPoint: config.saml.idpSsoUrl, entryPoint: config.saml.idpSsoUrl,
issuer: config.saml.issuer || config.serverurl, issuer: config.saml.issuer || config.serverURL,
cert: fs.readFileSync(config.saml.idpCert, 'utf-8'), cert: fs.readFileSync(config.saml.idpCert, 'utf-8'),
identifierFormat: config.saml.identifierFormat identifierFormat: config.saml.identifierFormat
}, function (user, done) { }, function (user, done) {
@ -77,15 +77,15 @@ passport.use(new SamlStrategy({
samlAuth.get('/auth/saml', samlAuth.get('/auth/saml',
passport.authenticate('saml', { passport.authenticate('saml', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )
samlAuth.post('/auth/saml/callback', urlencodedParser, samlAuth.post('/auth/saml/callback', urlencodedParser,
passport.authenticate('saml', { passport.authenticate('saml', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -12,7 +12,7 @@ let twitterAuth = module.exports = Router()
passport.use(new TwitterStrategy({ passport.use(new TwitterStrategy({
consumerKey: config.twitter.consumerKey, consumerKey: config.twitter.consumerKey,
consumerSecret: config.twitter.consumerSecret, consumerSecret: config.twitter.consumerSecret,
callbackURL: config.serverurl + '/auth/twitter/callback' callbackURL: config.serverURL + '/auth/twitter/callback'
}, passportGeneralCallback)) }, passportGeneralCallback))
twitterAuth.get('/auth/twitter', function (req, res, next) { twitterAuth.get('/auth/twitter', function (req, res, next) {
@ -23,7 +23,7 @@ twitterAuth.get('/auth/twitter', function (req, res, next) {
// twitter auth callback // twitter auth callback
twitterAuth.get('/auth/twitter/callback', twitterAuth.get('/auth/twitter/callback',
passport.authenticate('twitter', { passport.authenticate('twitter', {
successReturnToOrRedirect: config.serverurl + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverurl + '/' failureRedirect: config.serverURL + '/'
}) })
) )

View file

@ -14,5 +14,5 @@ exports.uploadImage = function (imagePath, callback) {
return return
} }
callback(null, url.resolve(config.serverurl + '/', imagePath.match(/^public\/(.+$)/)[1])) callback(null, url.resolve(config.serverURL + '/', imagePath.match(/^public\/(.+$)/)[1]))
} }

View file

@ -15,7 +15,7 @@ imageRouter.post('/uploadimage', function (req, res) {
form.keepExtensions = true form.keepExtensions = true
if (config.imageuploadtype === 'filesystem') { if (config.imageUploadType === 'filesystem') {
form.uploadDir = 'public/uploads' form.uploadDir = 'public/uploads'
} }
@ -27,7 +27,7 @@ imageRouter.post('/uploadimage', function (req, res) {
logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image)) logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))
} }
const uploadProvider = require('./' + config.imageuploadtype) const uploadProvider = require('./' + config.imageUploadType)
uploadProvider.uploadImage(files.image.path, function (err, url) { uploadProvider.uploadImage(files.image.path, function (err, url) {
if (err !== null) { if (err !== null) {
logger.error(err) logger.error(err)

View file

@ -6,9 +6,9 @@ module.exports = function (req, res, next) {
if (req.method === 'GET' && req.path.substr(-1) === '/' && req.path.length > 1) { if (req.method === 'GET' && req.path.substr(-1) === '/' && req.path.length > 1) {
const queryString = req.url.slice(req.path.length) const queryString = req.url.slice(req.path.length)
const urlPath = req.path.slice(0, -1) const urlPath = req.path.slice(0, -1)
let serverURL = config.serverurl let serverURL = config.serverURL
if (config.urlpath) { if (config.urlPath) {
serverURL = serverURL.slice(0, -(config.urlpath.length + 1)) serverURL = serverURL.slice(0, -(config.urlPath.length + 1))
} }
res.redirect(301, serverURL + urlPath + queryString) res.redirect(301, serverURL + urlPath + queryString)
} else { } else {

View file

@ -26,7 +26,7 @@ statusRouter.get('/status', function (req, res, next) {
// get status // get status
statusRouter.get('/temp', function (req, res) { statusRouter.get('/temp', function (req, res) {
var host = req.get('host') var host = req.get('host')
if (config.alloworigin.indexOf(host) === -1) { if (config.allowOrigin.indexOf(host) === -1) {
response.errorForbidden(res) response.errorForbidden(res)
} else { } else {
var tempid = req.query.tempid var tempid = req.query.tempid
@ -61,7 +61,7 @@ statusRouter.get('/temp', function (req, res) {
// post status // post status
statusRouter.post('/temp', urlencodedParser, function (req, res) { statusRouter.post('/temp', urlencodedParser, function (req, res) {
var host = req.get('host') var host = req.get('host')
if (config.alloworigin.indexOf(host) === -1) { if (config.allowOrigin.indexOf(host) === -1) {
response.errorForbidden(res) response.errorForbidden(res)
} else { } else {
var data = req.body.data var data = req.body.data

View file

@ -70,7 +70,7 @@
</li> </li>
<li role="presentation"><a role="menuitem" class="ui-download-raw-html" tabindex="-1" href="#" target="_self"><i class="fa fa-file-code-o fa-fw"></i> <%= __('Raw HTML') %></a> <li role="presentation"><a role="menuitem" class="ui-download-raw-html" tabindex="-1" href="#" target="_self"><i class="fa fa-file-code-o fa-fw"></i> <%= __('Raw HTML') %></a>
</li> </li>
<% if(typeof allowpdfexport !== 'undefined' && allowpdfexport) {%> <% if(typeof allowPDFExport !== 'undefined' && allowPDFExport) {%>
<li role="presentation"><a role="menuitem" class="ui-download-pdf-beta" tabindex="-1" href="#" target="_self"><i class="fa fa-file-pdf-o fa-fw"></i> PDF (Beta)</a> <li role="presentation"><a role="menuitem" class="ui-download-pdf-beta" tabindex="-1" href="#" target="_self"><i class="fa fa-file-pdf-o fa-fw"></i> PDF (Beta)</a>
</li> </li>
<% } %> <% } %>
@ -176,7 +176,7 @@
</li> </li>
<li role="presentation"><a role="menuitem" class="ui-download-raw-html" tabindex="-1" href="#" target="_self"><i class="fa fa-file-code-o fa-fw"></i> <%= __('Raw HTML') %></a> <li role="presentation"><a role="menuitem" class="ui-download-raw-html" tabindex="-1" href="#" target="_self"><i class="fa fa-file-code-o fa-fw"></i> <%= __('Raw HTML') %></a>
</li> </li>
<% if(typeof allowpdfexport !== 'undefined' && allowpdfexport) {%> <% if(typeof allowPDFExport !== 'undefined' && allowPDFExport) {%>
<li role="presentation"><a role="menuitem" class="ui-download-pdf-beta" tabindex="-1" href="#" target="_self"><i class="fa fa-file-pdf-o fa-fw"></i> PDF (Beta)</a> <li role="presentation"><a role="menuitem" class="ui-download-pdf-beta" tabindex="-1" href="#" target="_self"><i class="fa fa-file-pdf-o fa-fw"></i> PDF (Beta)</a>
</li> </li>
<% } %> <% } %>

View file

@ -94,7 +94,7 @@
<div class="form-group"> <div class="form-group">
<div class="col-sm-12"> <div class="col-sm-12">
<button type="submit" class="btn btn-primary" formaction="<%- url %>/login">Sign in</button> <button type="submit" class="btn btn-primary" formaction="<%- url %>/login">Sign in</button>
<% if(allowemailregister) { %><button type="submit" class="btn btn-default" formaction="<%- url %>/register">Register</button><% }%> <% if(allowEmailRegister) { %><button type="submit" class="btn btn-default" formaction="<%- url %>/register">Register</button><% }%>
</div> </div>
</div> </div>
</form> </form>