surya/freeplanet_serverside
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
08cf4b6d9f80af8ccd688e2333f5ad16d0842be4
freeplanet_serverside/src/server/server.js
Surya Paolo 08cf4b6d9f - aggiunto componenti per Home Template... ma ancora da provare 
- sistemato catprods
- Sistemato menu
2025-09-22 19:09:02 +02:00

1079 lines
34 KiB
JavaScript
Executable File
Raw Blame History

require('./config/config');
// console.log(" lodash");
console.log('VERSIONE NODE.JS :', process.versions.node);
if (process.env.AUTH_MONGODB === undefined) {
console.error("AUTH_MONGODB non presente. VARIABILI D'AMBIENTE NON SETTATI!");
process.exit(1);
}
const _ = require('lodash');
// console.log(" cors");
const cors = require('cors');
// console.log(" 2) fs");
const fs = require('fs'); // 👈 Usa il modulo promises
var https = require('https');
var http = require('http');
const WebSocket = require('ws');
const { spawn } = require('child_process');
const helmet = require('helmet');
const morgan = require('morgan');
const apiRouter = require('./routes/index-aa');
const { notFound, errorHandler } = require('./middleware/error');
const rateLimit = require('./middleware/rateLimit').rateLimit;
const NUOVO_METODO_TEST = true;
const METODO_MULTI_CORS = true;
const server_constants = require('./tools/server_constants');
//const throttle = require('express-throttle-bandwidth');
// app.use(throttle(1024 * 128)) // throttling bandwidth
// var cookieParser = require('cookie-parser')
// var csrf = require('csurf')
const express = require('express');
const vhost = require('vhost');
const bodyParser = require('body-parser');
const path = require('path');
const cron = require('node-cron');
console.log('Starting mongoose...');
// console.log('Starting pem...');
// const pem = require('pem')
const { Settings } = require('./models/settings');
const Site = require('./models/site');
// test
const i18n = require('i18n');
const readline = require('readline');
let credentials = null;
console.log('DB: ' + process.env.DATABASE);
// console.log("PORT: " + port);
// console.log("MONGODB_URI: " + process.env.MONGODB_URI);
var app = express();
let telegrambot = null;
const tools = require('./tools/general');
const shared_consts = require('./tools/shared_nodejs');
const { connectToDatabase, connectionUrl, options } = require('./db/mongoose');
// Avvia la connessione
connectToDatabase(connectionUrl, options)
.then(() => {
console.log('------------------------------------------------------------------');
console.log('--------------- CONNESSIONE AL DB EFFETTUATA ! -----------------');
console.log('------------------------------------------------------------------');
const { CfgServer } = require('./models/cfgserver');
const { ObjectId } = require('mongodb');
const populate = require('./populate/populate');
const { Circuit } = require('./models/circuit');
const printf = require('util').format;
myLoad().then((ris) => {
const { User } = require('./models/user');
require('./models/todo');
require('./models/project');
require('./models/subscribers');
require('./models/booking');
require('./models/sendmsg');
require('./models/sendnotif');
require('./models/mailinglist');
require('./models/newstosent');
require('./models/mypage');
require('./models/myelem');
require('./models/myscheda');
require('./models/bot');
require('./models/calzoom');
const mysql_func = require('./mysql/mysql_func');
const index_router = require('./router/index_router');
const push_router = require('./router/push_router');
const newsletter_router = require('./router/newsletter_router');
const booking_router = require('./router/booking_router');
const dashboard_router = require('./router/dashboard_router');
const myevent_router = require('./router/myevent_router');
const subscribe_router = require('./router/subscribe_router');
const sendmsg_router = require('./router/sendmsg_router');
const sendnotif_router = require('./router/sendnotif_router');
const email_router = require('./router/email_router');
const todos_router = require('./router/todos_router');
const test_router = require('./router/test_router');
const projects_router = require('./router/projects_router');
const report_router = require('./router/report_router');
const users_router = require('./router/users_router');
const reactions_router = require('./router/reactions_router');
const mygroups_router = require('./router/mygroups_router');
const circuits_router = require('./router/circuits_router');
const accounts_router = require('./router/accounts_router');
const iscrittiConacreis_router = require('./router/iscrittiConacreis_router');
const iscrittiArcadei_router = require('./router/iscrittiArcadei_router');
const site_router = require('./router/site_router');
const admin_router = require('./router/admin_router');
const products_router = require('./router/products_router');
const myscraping_router = require('./router/myscraping_router');
const catalogs_router = require('./router/catalogs_router');
const cart_router = require('./router/cart_router');
const orders_router = require('./router/orders_router');
const city_router = require('./router/city_router');
const myskills_router = require('./router/myskills_router');
const mygoods_router = require('./router/mygoods_router');
const mygen_router = require('./router/mygen_router');
const aitools_router = require('./router/aitools_router');
const article_router = require('./router/articleRoutes');
const api_router = require('./router/api_router');
const { MyEvent } = require('./models/myevent');
app.use(bodyParser.json({ limit: '50mb' }));
app.use(bodyParser.urlencoded({ limit: '50mb', extended: true }));
app.use(express.static('views'));
app.use(express.json({ limit: '100mb' }));
app.use(express.urlencoded({ extended: true, limit: '100mb' }));
// app.use(express.static(path.join(__dirname, 'client')));
app.use(bodyParser.json());
// app.set('view engine', 'pug');
// Set static folder
// app.use(express.static(path.join(__dirname, 'public')));
i18n.configure({
locales: ['it', 'enUs', 'es', 'fr', 'pt', 'si'],
defaultLocale: 'it',
// cookie: 'cook',
directory: __dirname + '/locales',
api: {
__: 'translate',
__n: 'translateN',
},
});
// Serve il tuo service worker da una certa directory
/*app.get('/service-worker.js', (req, res) => {
res.set('Cache-Control', 'no-cache'); // Aggiunge l'intestazione
// res.sendFile(path.join(__dirname, 'service-worker.js')); // Modifica il percorso secondo la tua struttura
});*/
app.use(bodyParser.json());
// app.use(express.cookieParser());
app.use(i18n.init);
console.log('Use Routes ...');
// catch 404 and forward to error handler
// app.use(function (req, res, next) {
// var err = new Error('Not Found');
// err.status = 404;
// next(err);
// });
// app.set('views', path.join(__dirname, 'views'));
// app.set('view engine', 'pug');
// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function (err, req, res, next) {
console.log('Server Error: ', err.message);
// console.trace();
res.status(err.status || 500).send({ error: err.message });
// res.render('error', {
// message: err.message,
// error: err
// });
});
}
if (process.env.NODE_ENV === 'production') {
console.log('*** PRODUCTION! ');
}
if (process.env.NODE_ENV === 'production' || process.env.NODE_ENV === 'test') {
}
startServer(app, process.env.PORT);
// Use Routes
app.use('/', index_router);
app.use('/subscribe', subscribe_router);
app.use('/sendmsg', sendmsg_router);
app.use('/sendnotif', sendnotif_router);
app.use('/push', push_router);
app.use('/news', newsletter_router);
app.use('/booking', booking_router);
app.use('/dashboard', dashboard_router);
app.use('/event', myevent_router);
app.use('/email', email_router);
app.use('/todos', todos_router);
app.use('/test', test_router);
app.use('/projects', projects_router);
app.use('/users', users_router);
app.use('/reactions', reactions_router);
app.use('/mygroup', mygroups_router);
app.use('/circuit', circuits_router);
app.use('/account', accounts_router);
app.use('/iscritti_conacreis', iscrittiConacreis_router);
app.use('/iscritti_arcadei', iscrittiArcadei_router);
app.use('/report', report_router);
app.use('/site', site_router);
app.use('/admin', admin_router);
app.use('/products', products_router);
app.use('/myscraping', myscraping_router);
app.use('/catalogs', catalogs_router);
app.use('/cart', cart_router);
app.use('/orders', orders_router);
app.use('/city', city_router);
app.use('/myskills', myskills_router);
app.use('/mygoods', mygoods_router);
app.use('/mygen', mygen_router);
app.use('/aitools', aitools_router);
app.use('/apisqlsrv', article_router);
app.use('/api', api_router);
mystart();
});
// app.use(throttle(1024 * 128)); // throttling bandwidth
async function myLoad() {
return tools.loadApps();
}
async function mystart() {
// await estraiTutteLeImmagini();
console.log('Versione Server: ' + (await tools.getVersServer()));
await tools.getApps();
let miapass = '';
if (process.env.PROD !== 1) {
testmsgwebpush();
// tools.sendNotifToAdmin('Riparti', 'Riparti');
if (miapass !== '') {
let crypt = tools.cryptdata(miapass);
let decrypt = tools.decryptdata(crypt);
console.log('crypted:', crypt);
console.log('decrypted:', decrypt);
}
mycron();
}
miapass = 'PROVA123@';
let crypt = tools.cryptdata(miapass);
let decrypt = tools.decryptdata(crypt);
telegrambot = require('./telegram/telegrambot');
if (decrypt === miapass) {
console.log('✅ Decrypt OK');
// OK FUNZIONA
} else {
let msgerr = '❌ ERRORE! la decrittazione non funziona! ';
console.error(msgerr);
await telegrambot.sendMsgTelegramToTheAdminAllSites(msgerr, false);
}
await inizia();
await resetProcessingJob();
populate.popolaTabelleNuove();
faitest();
// ----------------- MAILCHIMP -----
const querystring = require('querystring');
const mailchimpClientId = 'xxxxxxxxxxxxxxxx';
app.get('/mailchimp/auth/authorize', function (req, res) {
res.redirect(
'https://login.mailchimp.com/oauth2/authorize?' +
querystring.stringify({
response_type: 'code',
client_id: mailchimpClientId,
redirect_uri: 'http://127.0.0.1:3000/mailchimp/auth/callback',
})
);
});
}
// -----------------
function populateDBadmin() {
const cfgserv = [
{
_id: new ObjectId(),
idapp: '9',
chiave: 'vers',
userId: 'ALL',
valore: '0.1.2',
},
];
let cfg = new CfgServer(cfgserv[0]).save();
}
async function mycron() {
try {
const sendemail = require('./sendemail');
const { Cron } = require('./models/cron');
const arr = await tools.getApps();
for (const app of arr) {
await sendemail.checkifPendingNewsletter(app.idapp);
await sendemail.checkifSentNewsletter(app.idapp);
await Cron.startJobCron(app.idapp);
}
} catch (e) {
console.error('Err mycron', e);
}
}
async function mycron_30min() {
for (const app of await tools.getApps()) {
let enablecrontab = false;
enablecrontab = await Settings.getValDbSettings(app.idapp, tools.ENABLE_CRONTAB, false);
if (enablecrontab) {
// ...
}
}
}
async function mycron_everyday() {
try {
const { User } = require('./models/user');
const arrapps = await tools.getApps();
for (const app of arrapps) {
// Azzera le richieste di password:
const usersblocked = await User.find({ idapp: app.idapp, retry_pwd: { $exists: true, $gte: 29 } }).lean();
for (const user of usersblocked) {
await User.findOneAndUpdate({ _id: user._id }, { $set: { retry_pwd: 20 } });
let text = `⚠️⚠️⚠️ L\'utente ${user.username} (${user.name} ${user.surname}) viene sbloccato dal numero massimo di tentativi di richiesta password!\nTelerlo d\'occhio !\n@${user.profile.username_telegram}`;
await telegrambot.sendMsgTelegramToTheAdminAllSites(text, false);
}
}
} catch (e) {
console.error('mycron_everyday: ', e);
}
}
function testmsgwebpush() {
const { User } = require('./models/user');
// console.log('nomeapp 1: ' , tools.getNomeAppByIdApp(1));
// console.log('nomeapp 2: ' , tools.getNomeAppByIdApp(2));
User.find({ username: 'paoloar77', idapp: '1' }).then(async (arrusers) => {
if (arrusers !== null) {
for (const user of arrusers) {
await tools
.sendNotificationToUser(user._id, 'Server', 'Il Server è Ripartito', '/', '', 'server', [])
.then((ris) => {
if (ris) {
} else {
// already sent the error on calling sendNotificationToUser
}
});
}
}
});
}
// Esecuzione ogni 1 minuto (*/1 * * * *)
// La sintassi di cron è:
// 0 12 * * * comando
// che significa: esegui il comando ogni giorno alle 12:00
// La sintassi di node-cron è:
// cron.schedule('0 12 * * *', () => {
// che significa: esegui il comando ogni giorno alle 12:00
// La sintassi di node-cron con */1 esegue il comando ogni 1 minuto
cron.schedule('*/1 * * * *', () => {
// console.log('Running Cron Job');
// if (!process.env.VITE_DEBUG) {
mycron();
// }
});
// Cron every 1 HOUR
cron.schedule('*/60 * * * *', async () => {
if (!process.env.VITE_DEBUG) {
mycron_30min();
}
});
// Cron every 21:00 (1 volta al giorno)
cron.schedule('0 21 * * *', async () => {
mycron_everyday();
});
// mycron_30min();
// tools.writelogfile('test', 'prova.txt');
async function resetProcessingJob() {
const { Newstosent } = require('./models/newstosent');
arrrec = await Newstosent.find({});
for (const rec of arrrec) {
rec.processing_job = false;
await Newstosent.findOneAndUpdate({ _id: rec.id }, { $set: rec }, { new: false }).then((item) => {});
}
}
//app.listen(port, () => {
// console.log(`Server started at port ${port}`);
//});
async function inizia() {
try {
if (true) {
const url = 'https://raw.githubusercontent.com/matteocontrini/comuni-json/master/comuni.json';
const outputPath = './comuni_italia_geojson.json';
downloadGeoJSON(url, outputPath);
}
mycron_everyday();
if (process.env.NODE_ENV === 'development') {
await telegrambot.sendMsgTelegram(
tools.FREEPLANET,
shared_consts.ADMIN_USER_SERVER,
`Ciao ${telegrambot.ADMIN_USER_NAME_SERVER}!`
);
await telegrambot.sendMsgTelegramByIdTelegram(
tools.FREEPLANET,
telegrambot.ADMIN_IDTELEGRAM_SERVER,
`Ciao ${telegrambot.ADMIN_USER_NAME_SERVER}\n` + `🔅 Il Server ${process.env.DATABASE} è appena ripartito!`
);
} else {
await telegrambot.sendMsgTelegramToTheAdminAllSites(
`Ciao Admin\n` + `🔅🔅🔅 Il Server col BOT di {appname} è appena ripartito!`,
false
);
}
await Site.createFirstUserAdmin();
/*const {Circuit} = require('./models/circuit');
await Circuit.setDeperimentoOff();
*/
} catch (e) {}
}
//
// telegrambot.sendMsgTelegramToTheManagers('7', 'PROVAAA!');
// if (process.env.PROD !== 1) {
// const reg = require('./reg/registration');
// const link = reg.getlinkregByEmail('7', 'tomasihelen@dasdasgmail.comAAAA' , 'HelenTomasidasdasd');
// const link2 = reg.getlinkregByEmail('7', 'tomasihelen@gmail.com' , 'HelenTomasi');
// //const link2 = reg.getlinkregByEmail('7', 'elenaliubicich@gmail.com' , 'Elenaliu');
//
// console.log(link);
// console.log(link2);
// }
async function estraiImmagini(table) {
const { User } = require('./models/user');
let idapp = '13';
let arrlist;
const globalTables = require('./tools/globalTables');
const mytable = globalTables.getTableByTableName(table);
if (!mytable) return;
console.log('INIZIO - estraiImmagini', table);
arrlist = await mytable.find({ idapp }).lean();
let file = '';
let filetocheck = '';
let dirmain = '';
let filefrom = '';
let filefrom2 = '';
try {
if (!tools.sulServer()) {
dirmain = server_constants.DIR_PUBLIC_LOCALE;
}
let dir = tools.getdirByIdApp(idapp) + dirmain + '/upload/';
for (const rec of arrlist) {
const myuser = await User.findOne({ idapp, _id: rec.userId }).lean();
if (myuser) {
const myphotos = rec.photos;
if (myphotos.length > 0) {
let folderprof = dir + 'profile/' + myuser.username;
try {
// console.log('checkdir', folderprof);
if (!(await tools.isFileExistsAsync(folderprof))) {
console.log('*** Creadir', folderprof);
await fs.mkdirSync(folderprof);
}
folderprof = dir + 'profile/' + myuser.username + '/' + table;
// console.log('checkdir', folderprof);
if (!(await tools.isFileExistsAsync(folderprof))) {
console.log('creadir', folderprof);
await fs.mkdirSync(folderprof);
}
} catch (e) {}
}
for (const photo of myphotos) {
if (photo.imagefile) {
file = dir + 'profile/' + myuser.username + '/' + table + '/' + photo.imagefile;
filefrom = dir + 'profile/undefined/' + table + '/' + photo.imagefile;
filefrom2 = dir + 'profile/' + myuser.username + '/' + photo.imagefile;
// console.log('file', file);
// console.log('filefrom', filefrom);
if (!(await tools.isFileExistsAsync(file))) {
// non esiste
console.log('non esiste', file);
console.log(' filefrom', filefrom);
console.log(' filefrom2', filefrom2);
}
if (!(await tools.isFileExistsAsync(file)) && (await tools.isFileExistsAsync(filefrom))) {
console.log('@@@@@@ copia file:', filefrom, 'a', file);
tools.copy(filefrom, file);
}
if (!(await tools.isFileExistsAsync(file)) && (await tools.isFileExistsAsync(filefrom2))) {
console.log('@@@@@@ copia file 2:', filefrom2, 'a', file);
tools.copy(filefrom2, file);
}
}
}
}
}
console.log('FINE - estraiImmagini', table);
} catch (e) {
console.error('e', e);
}
}
async function estraiTutteLeImmagini() {
await estraiImmagini('myskills');
await estraiImmagini('mygoods');
await estraiImmagini('mybachecas');
}
async function faitest() {
// console.log('Fai Test:')
const testfind = false;
// const $vers = tools.getVersionint('1.92.45');
if (true) {
// tools.execScript("ls -la");
}
if (false) {
prova = tools.removeAtChar('@prova');
}
if (false) {
const prova = tools.getConfSiteOptionEnabledByIdApp('13', shared_consts.ConfSite.Notif_Reg_Push_Admin);
console.log('prova', prova);
}
if (testfind) {
const { City } = require('./models/city');
let miacity = 'roma';
const ris = await City.findByCity(miacity);
console.log('ris', ris);
}
const { User } = require('./models/user');
if (false) {
let myuser = await User.findOne({
idapp: '1',
username: 'paoloar77',
});
const langdest = 'it';
telegrambot.askConfirmationUser(myuser.idapp, shared_consts.CallFunz.REGISTRATION, myuser);
}
if (false) {
const user = await User.findOne({
idapp: 12,
username: 'paolotest1',
});
await sendemail.sendEmail_Registration('it', 'paolo@arcodiluce.it', user, '12', '');
}
if (false) {
const { User } = require('./models/user');
const idapp = tools.FREEPLANET;
const idreg = 0;
try {
const user = await User.findOne({
idapp,
username: 'paoloar773',
});
user.aportador_solidario = 'paoloar77';
let mylocalsconf = {
idapp,
dataemail: null,
locale: user.lang,
nomeapp: tools.getNomeAppByIdApp(idapp),
strlinksito: tools.getHostByIdApp(idapp),
strlinkreg: '',
username: user.username,
name: user.name,
surname: user.surname,
forgetpwd: tools.getHostByIdApp(idapp) + '/requestresetpwd',
emailto: '',
user,
};
await telegrambot.notifyToTelegram(telegrambot.phase.REGISTRATION, mylocalsconf);
} catch (e) {
console.log('error ' + e);
}
}
}
// Funzione migliorata per ottenere chiave e certificato
async function getCredentials(hostname) {
try {
let keyPath, certPath;
if (NUOVO_METODO_TEST) {
if (METODO_MULTI_CORS) {
// Percorso basato su hostname (Let's Encrypt)
keyPath = `/etc/letsencrypt/live/${hostname}/${process.env.PATH_CERT_KEY}`;
certPath = `/etc/letsencrypt/live/${hostname}/${process.env.PATH_SERVER_CRT}`;
} else {
// Percorso relativo
keyPath = path.resolve(`./${process.env.PATH_CERT_KEY}`);
certPath = path.resolve(`./${process.env.PATH_SERVER_CRT}`);
}
// Verifica esistenza file
if (!(await tools.isFileExistsAsync(keyPath))) {
throw new Error(`Chiave privata non trovata: ${keyPath}`);
}
if (!(await tools.isFileExistsAsync(certPath))) {
throw new Error(`Certificato non trovato: ${certPath}`);
}
// Leggi chiave e certificato
const key = fs.readFileSync(keyPath, 'utf8');
const cert = fs.readFileSync(certPath, 'utf8');
// Restituisci oggetto con credenziali + configurazione TLS avanzata
return {
key,
cert,
ciphers:
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384',
honorCipherOrder: true,
secureOptions: require('constants').OPENSSL_OPTIONS_TLS_NODELAY,
secureProtocol: 'TLSv1_2_method', // Forza TLS 1.2+ (meglio se usi TLSv1_3)
};
} else {
// Metodo legacy (opzionale)
throw new Error('Metodo legacy non supportato');
}
} catch (error) {
console.error(`[getCredentials] Errore per ${hostname}:`, error.message);
throw error;
}
}
// 🔧 Funzione factory per creare e configurare un server HTTPS
function createHttpsServer({ hostname, port, website, app, credentials, timeoutMinutes = 5 }) {
const server = https.createServer(credentials, app);
const timeoutMs = 1000 * 60 * timeoutMinutes;
// ⏱️ Timeout globale per la connessione TCP
server.setTimeout(timeoutMs, () => {
console.log(`TCP timeout su server: ${hostname}:${port}`);
});
// ⏱️ Timeout per singola richiesta HTTP
server.on('request', (req, res) => {
req.setTimeout(timeoutMs);
res.setTimeout(timeoutMs);
});
// 📡 Eventuali altri eventi utili
server.on('clientError', (err, socket) => {
console.error(`Client error su ${hostname}:${port}:`, err.message);
});
// Avvia il server
server.listen(port, () => {
console.log(
'⭐️⭐️⭐️⭐️⭐️ HTTPS server: %s Port: %d%s',
hostname,
port,
website ? ' WebSite = ' + website : ''
);
});
return server;
}
function parseDomains() {
let domains = [];
let domainsAllowed = [];
try {
if (process.env.DOMAINS) domains = JSON.parse(process.env.DOMAINS);
if (process.env.DOMAINS_ALLOWED) domainsAllowed = JSON.parse(process.env.DOMAINS_ALLOWED);
} catch (error) {
console.error('Errore parsing DOMAINS:', error);
}
return { domains, domainsAllowed };
}
function buildAllowedOrigins(domains, domainsAllowed, isProduction) {
if (!isProduction) {
return [
'https://localhost:3000',
'https://localhost:8089',
'https://localhost:8082',
'https://localhost:8083',
'https://localhost:8084',
'https://localhost:8085',
'https://localhost:8088',
'https://localhost:8099',
];
}
const baseOrigins = domains.flatMap((domain) => [
`https://${domain.hostname}`,
`https://api.${domain.hostname}`,
`https://test.${domain.hostname}`,
`https://testapi.${domain.hostname}`,
`http://${domain.hostname}`,
`http://api.${domain.hostname}`,
`http://test.${domain.hostname}`,
`http://testapi.${domain.hostname}`,
]);
const allowedExtra = domainsAllowed.flatMap((domain) => [`https://${domain}`, `http://${domain}`]);
return [...baseOrigins, ...allowedExtra];
}
function createCorsOptions(domains, domainsAllowed, isProduction, noCors = false) {
if (noCors) {
console.log('NOCORS mode enabled');
return {
exposedHeaders: ['x-auth', 'x-refrtok'],
};
}
const allowedOrigins = buildAllowedOrigins(domains, domainsAllowed, isProduction);
const originValidator = (origin, callback) => {
if (!origin) {
// console.log('✅ Origin undefined or empty — allowing');
return callback(null, true);
}
if (typeof origin !== 'string' || !/^https?:\/\/[^\s/$.?#].[^\s]*$/.test(origin)) {
console.error('❌ Invalid origin:', origin);
return callback(new Error('Origine non valida'), false);
}
if (allowedOrigins.includes(origin)) {
return callback(null, true);
}
console.warn('❌ Origin blocked:', origin);
return callback(new Error('CORS non permesso per questa origine'), false);
};
return {
origin: originValidator,
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'PATCH'],
allowedHeaders: [
'Origin',
'X-Requested-With',
'Content-Type',
'Accept',
'Authorization',
'x-auth',
'x-refrtok',
],
exposedHeaders: ['x-auth', 'x-refrtok'],
maxAge: 86400,
preflightContinue: false,
optionsSuccessStatus: 204,
};
}
function setupMiddleware(app, corsOptions, isDebug = false) {
app.use(helmet());
app.use(cors(corsOptions));
app.set('trust proxy', true);
app.use(express.json());
app.use(morgan('dev'));
app.use(rateLimit);
app.get('/health', (_req, res) => res.json({ ok: true }));
app.use('/apinew', apiRouter);
// app.use(notFound);
app.use(errorHandler);
app.options('*', cors(corsOptions));
if (isDebug) {
app.use((req, res, next) => {
console.log(`${new Date().toISOString()} - ${req.method} ${req.url}`);
console.log('Request Headers:', req.headers);
const oldSend = res.send;
res.send = function (...args) {
console.log('Response Headers:', res.getHeaders());
return oldSend.apply(res, args);
};
next();
});
}
app.use((err, req, res, next) => {
if (err.message === 'CORS non permesso per questa origine') {
console.error('❌ Errore CORS:', {
origin: req.headers.origin,
method: req.method,
path: req.path,
});
return res.status(403).json({
error: `❌ CORS non permesso per questa origine (${req.headers.origin})`,
origin: req.headers.origin,
});
}
next(err);
});
}
async function createHttpOrHttpsServer(app, port, isProduction, domains) {
if (isProduction) {
const promises = domains.map(async (domain) => {
const credentials = await getCredentials(domain.hostname);
return createHttpsServer({
hostname: domain.hostname,
port: domain.port,
website: domain.website,
app,
credentials,
timeoutMinutes: 6,
});
});
await Promise.all(promises);
return null;
}
if (process.env.HTTPS_LOCALHOST === 'true') {
try {
const key = fs.readFileSync(path.resolve(`./${process.env.PATH_CERT_KEY}`), 'utf8');
const cert = fs.readFileSync(path.resolve(`./${process.env.PATH_SERVER_CRT}`), 'utf8');
const credentials = {
key,
cert,
ciphers:
'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384',
honorCipherOrder: true,
secureProtocol: 'TLSv1_2_method',
};
const httpsServer = https.createServer(credentials, app);
httpsServer.listen(port);
console.log('⭐️ HTTPS server running locally on port', port);
return httpsServer;
} catch (error) {
console.error('Errore caricamento certificati HTTPS locali:', error.message);
// fallback HTTP server
}
}
const httpServer = http.createServer(app);
httpServer.listen(port);
console.log('⭐️ HTTP server running on port', port);
return httpServer;
}
function setupWebSocketServer(httpOrHttpsServer) {
if (!httpOrHttpsServer) {
console.error('Nessun server HTTP o HTTPS disponibile per WebSocket');
return null;
}
const wss = new WebSocket.Server({ server: httpOrHttpsServer });
wss.on('connection', (ws) => {
console.log('Client socket connected...');
const { User } = require('./models/user');
const pty = require('node-pty');
let scriptProcess = null;
ws.on('message', async (message) => {
try {
const parsed = JSON.parse(message);
if (parsed.type === 'start_script' && User.isAdminById(parsed.user_id)) {
if (scriptProcess) scriptProcess.kill();
const scriptPath = path.join(__dirname, '..', '..', parsed.scriptName);
if (!(await tools.isFileExistsAsync(scriptPath))) {
return ws.send(JSON.stringify({ type: 'error', data: 'Script non trovato o non autorizzato' }));
}
scriptProcess = pty.spawn('bash', [scriptPath], {
name: 'xterm-color',
cols: 80,
rows: 40,
cwd: process.cwd(),
env: process.env,
});
let buffer = '';
scriptProcess.on('data', (data) => {
buffer += data;
ws.send(JSON.stringify({ type: 'output', data }));
if (
buffer.endsWith(': ') ||
buffer.includes('? ') ||
buffer.toLowerCase().includes('password') ||
buffer.includes('Inserisci') ||
buffer.includes('Inserted') ||
buffer.includes('(Y)')
) {
ws.send(JSON.stringify({ type: 'input_required', prompt: data.trim() }));
buffer = '';
}
if (buffer.length > 5024) buffer = buffer.slice(-500);
});
scriptProcess.on('exit', (code) => {
const closeMsg = code === 0 ? '*** FINE SCRIPT ***' : `Script terminato con codice ${code}`;
ws.send(JSON.stringify({ type: 'close', data: closeMsg }));
});
} else if (parsed.type === 'input') {
if (scriptProcess) {
scriptProcess.write(parsed.data + '\n');
}
}
} catch (err) {
console.error("Errore durante l'elaborazione del messaggio:", err.message);
}
});
ws.on('close', () => {
console.log('*** Client socket disconnected');
if (scriptProcess) scriptProcess.kill();
});
});
return wss;
}
async function startServer(app, port) {
try {
const isProduction = ['production', 'test'].includes(process.env.NODE_ENV);
const ISDEBUG = false;
const NOCORS = false;
const { domains, domainsAllowed } = parseDomains();
console.log('domains:', domains);
console.log('isProduction:', isProduction);
const corsOptions = createCorsOptions(domains, domainsAllowed, isProduction, NOCORS);
setupMiddleware(app, corsOptions, ISDEBUG);
const server = await createHttpOrHttpsServer(app, port, isProduction, domains);
const wss = setupWebSocketServer(server);
return { server, wss };
} catch (error) {
console.error('Errore in startServer:', error);
}
}
})
.catch((err) => {
console.error('Impossibile connettersi al database dopo diversi tentativi:', err);
process.exit(1); // Termina il processo se non riesce a connettersi
});
function add_numbers(a, b) {}
module.exports = { app };
Reference in New Issue View Git Blame Copy Permalink