diff --git a/app.js b/app.js index 18d8e77..138b7f8 100644 --- a/app.js +++ b/app.js @@ -28,6 +28,6 @@ app.set("env", _config("app.env")); app.set("views", _config("app.views")); app.set("view engine", _config("app.view_engine")); app.set("x-powered-by", _config("app.x_powered_by")); -app.set('trust proxy', 1); +app.set('trust proxy', _config("app.trust_proxy")); module.exports = app; diff --git a/app/services/.gitkeep b/app/services/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/config/app.js b/config/app.js index b2239c0..6b35d7c 100644 --- a/config/app.js +++ b/config/app.js @@ -19,6 +19,15 @@ module.exports = { port: process.env.PORT || 3000, + /** + * Enabling trust proxy will have the following impact: + * The value of req.hostname is derived from the value set in the X-Forwarded-Host header, which can be set by the client or by the proxy. + * X-Forwarded-Proto can be set by the reverse proxy to tell the app whether it is https or http or even an invalid name. This value is reflected by req.protocol. + * The req.ip and req.ips values are populated with the list of addresses from X-Forwarded-For. + */ + + trust_proxy: true, + /** * The x-powered-by header key */ diff --git a/package-lock.json b/package-lock.json index fb7b234..4049134 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,5 +1,5 @@ { - "name": "express-mvc", + "name": "expressmvc", "version": "0.0.1", "lockfileVersion": 1, "requires": true, @@ -571,6 +571,11 @@ "connect-flash": "0.1.1" } }, + "express-mvc-generate": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/express-mvc-generate/-/express-mvc-generate-0.0.2.tgz", + "integrity": "sha512-3oRKRNEcHXFIYdRzaBU5lTM8jerdQGr4qgwLrjUpusjqXXHlgN6qNBf9vvLZYJ5jEYsm7n8RSOUNJ/XEDNkW7g==" + }, "express-session": { "version": "1.15.6", "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.15.6.tgz", @@ -788,9 +793,9 @@ "integrity": "sha512-v0XCLxICi9nPfYrS9RL8HbYnXi9obYAeLbSP00BmnZwCK9+Ih9WOjoZ8YoHCoav2csqn4FOz4Orldsy2dmDwmQ==" }, "hooks-fixed": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-2.0.0.tgz", - "integrity": "sha1-oB2JTVKsf2WZu7H2PfycQR33DLo=" + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-2.0.2.tgz", + "integrity": "sha512-YurCM4gQSetcrhwEtpQHhQ4M7Zo7poNGqY4kQGeBS6eZtOcT3tnNs01ThFa0jYBByAiYt1MjMjP/YApG0EnAvQ==" }, "http-errors": { "version": "1.6.2", @@ -1158,13 +1163,13 @@ } }, "mongoose": { - "version": "4.12.4", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.12.4.tgz", - "integrity": "sha512-3QTbQ/+wRe8Lr1IGTBAu2gyx+7VgvnCGmY2N1HSW8nsvfMGO0QW9iNDzZT3ceEY2Wctlt28wNavHivcLDO76bQ==", + "version": "4.12.5", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.12.5.tgz", + "integrity": "sha512-dhCcCfYJjZv95nn4mAIAzj/+o2iR8rIBPOFlWps/STe+wJD53B2sKOpS+UH2bp7CqBHcLnwdRJL6aGJUcWS7kg==", "requires": { "async": "2.1.4", "bson": "1.0.4", - "hooks-fixed": "2.0.0", + "hooks-fixed": "2.0.2", "kareem": "1.5.0", "mongodb": "2.2.33", "mpath": "0.3.0", diff --git a/package.json b/package.json index 72db555..6cd6c7c 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "name": "express-mvc", + "name": "expressmvc", "version": "0.0.1", "description": "express light-weight mvc", "main": "server.js", @@ -20,11 +20,12 @@ "express": "^4.16.2", "express-back": "0.0.2", "express-flash": "0.0.2", + "express-mvc-generate": "0.0.2", "express-session": "^1.15.6", "express-validator": "^4.3.0", "i18n": "^0.8.3", "jsonwebtoken": "^8.1.0", - "mongoose": "^4.12.4", + "mongoose": "^4.12.5", "morgan": "^1.9.0", "passport": "^0.4.0", "passport-jwt": "^3.0.1",