From 8b975cff5c312a696539155596202b8654b8e0c4 Mon Sep 17 00:00:00 2001 From: Young Yu Date: Tue, 13 Feb 2024 00:16:47 -0800 Subject: [PATCH] add trust proxy --- backend/.env.example | 8 +++++++- backend/.env.testing | 8 ++++++++ backend/config/development.json | 3 ++- backend/config/testing.json | 3 ++- backend/package.json | 2 +- backend/src/app.ts | 11 +++++++++++ backend/src/index.ts | 2 -- backend/tests/app.test.ts | 15 +++++++++------ 8 files changed, 40 insertions(+), 12 deletions(-) diff --git a/backend/.env.example b/backend/.env.example index bbd8c84..11b8667 100644 --- a/backend/.env.example +++ b/backend/.env.example @@ -9,4 +9,10 @@ REFRESH_TOKEN_SECRET = TODO PASSWORD_SECRET = TODO # MongoDB URI (Developer User, Fitnesse Database only) -MONGO_CONNECTION_URL = TODO \ No newline at end of file +MONGO_CONNECTION_URL = TODO + +# environment +NODE_ENV = TODO + +# IPs for trust proxy +TRUSTED_IPS = TODO \ No newline at end of file diff --git a/backend/.env.testing b/backend/.env.testing index 115a4f3..e69f83f 100644 --- a/backend/.env.testing +++ b/backend/.env.testing @@ -14,3 +14,11 @@ PASSWORD_SECRET = password_secret # MongoDB URI (Developer User, Fitnesse Database only) MONGO_CONNECTION_URL = test_url + +# environment +NODE_ENV = testing + +# IPs for trust proxy +TRUSTED_IPS = ["0.0.0.0"] + + diff --git a/backend/config/development.json b/backend/config/development.json index 3e1d125..02e0d49 100644 --- a/backend/config/development.json +++ b/backend/config/development.json @@ -30,5 +30,6 @@ "FAILED_LOGIN_ATTEMPTS_WINDOW": 900, "ACCESS_TOKEN_LIFETIME": "15m", "IDLE_TIMEOUT": 604800 - } + }, + "TRUSTED_IPS": "$TRUSTED_IPS::set:string" } \ No newline at end of file diff --git a/backend/config/testing.json b/backend/config/testing.json index daa0efd..d1e2b9b 100644 --- a/backend/config/testing.json +++ b/backend/config/testing.json @@ -30,5 +30,6 @@ "FAILED_LOGIN_ATTEMPTS_WINDOW": 5, "ACCESS_TOKEN_LIFETIME": "1d", "IDLE_TIMEOUT": 5000 - } + }, + "TRUSTED_IPS": "$TRUSTED_IPS::set:string" } \ No newline at end of file diff --git a/backend/package.json b/backend/package.json index 2e9f825..e05a2b1 100644 --- a/backend/package.json +++ b/backend/package.json @@ -61,7 +61,7 @@ "scripts": { "build": "pnpm install && tsc", "start": "node dist/index.js", - "dev": "nodemon src/index.ts --env=development", + "dev": "nodemon src/index.ts", "lint": "eslint .", "test": "jest --verbose", "prettier": "prettier --config .prettierrc 'src/**/*.ts' 'tests/**/*.ts' --write" diff --git a/backend/src/app.ts b/backend/src/app.ts index db5e8ae..16f14d6 100644 --- a/backend/src/app.ts +++ b/backend/src/app.ts @@ -28,6 +28,7 @@ class App { this.expressApp = express(); this.initializeMiddleWares(); this.mountRoutes(); + this.setNetworkConfigs(); this.serverPool = new Map(); } @@ -39,6 +40,16 @@ class App { this.expressApp.use(helmet()); } + /** + * Set network communication configurations. + */ + private setNetworkConfigs() { + /* Set trust proxy IPs */ + const trustedIps: Set = Config.get('TRUSTED_IPS'); + const trustedIpList = Array.from(trustedIps); + this.expressApp.set('trust proxy', trustedIpList); + } + /** * Mounts the routes for the backend API endpoints. */ diff --git a/backend/src/index.ts b/backend/src/index.ts index e65efa8..a988e74 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -2,8 +2,6 @@ import App from './app'; import logger from './logging/logger'; import Config from 'simple-app-config'; -logger.info('starting the app'); -logger.debug('debug'); /* Get the server port from configuration object */ const PORT: number = Config.get('PORT'); diff --git a/backend/tests/app.test.ts b/backend/tests/app.test.ts index 7ecd17e..ca7f776 100644 --- a/backend/tests/app.test.ts +++ b/backend/tests/app.test.ts @@ -31,12 +31,15 @@ describe('App Tests', () => { jest.spyOn(mongoose, 'connect').mockImplementation(() => { return { close: jest.fn() } as unknown as Promise; }); - jest.spyOn(Config, 'get').mockImplementation(() => { - return 'dummy connection string'; - }); - jest.spyOn(Config, 'get').mockImplementation(() => { - return 2; - }); + + jest + .spyOn(Config, 'get') + .mockImplementationOnce(() => { + return 'dummy connection string'; + }) + .mockImplementationOnce(() => { + return 2; + }); /* Connect to DB */ await appInstance.connectToDatabase();