diff --git a/package-lock.json b/package-lock.json index 9ace9ebc2..b715b424e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "@coralproject/talk", - "version": "5.4.0", + "version": "5.4.1", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 1972f2111..4ab95d6c4 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@coralproject/talk", - "version": "5.4.0", + "version": "5.4.1", "author": "The Coral Project", "homepage": "https://coralproject.net/", "sideEffects": [ diff --git a/src/core/server/app/index.ts b/src/core/server/app/index.ts index 878b712e6..a48ceb1f4 100644 --- a/src/core/server/app/index.ts +++ b/src/core/server/app/index.ts @@ -1,7 +1,7 @@ import cons from "consolidate"; import cors from "cors"; import { Express } from "express"; -import enforceHTTPS from "express-enforces-ssl"; +import enforceHTTPSMiddleware from "express-enforces-ssl"; import { GraphQLSchema } from "graphql"; import { RedisPubSub } from "graphql-redis-subscriptions"; import { hsts, noSniff, referrerPolicy, xssFilter } from "helmet"; @@ -27,6 +27,7 @@ import { PersistedQueryCache } from "coral-server/services/queries"; import { AugmentedRedis } from "coral-server/services/redis"; import TenantCache from "coral-server/services/tenant/cache"; +import { healthHandler } from "./handlers"; import { compileTrust } from "./helpers"; import { accessLogger, errorLogger } from "./middleware/logging"; import { metricsRecorder } from "./middleware/metrics"; @@ -71,6 +72,12 @@ export async function createApp(options: AppOptions): Promise { parent.use(metricsRecorder(options.metrics)); } + // Configure the health check endpoint. + parent.get("/api/health", healthHandler); + + // Configure the SSL requirement after the health check endpoint. + configureApplicationHTTPS(options); + // Create some services for the router. const passport = createPassport(options); @@ -113,7 +120,7 @@ export const listenAndServe = ( }); function configureApplication(options: AppOptions) { - const { parent, config } = options; + const { parent } = options; // Trust the proxy in front of us, this will enable us to trust the fact that // SSL was terminated correctly. @@ -128,6 +135,13 @@ function configureApplication(options: AppOptions) { parent.use(referrerPolicy({ policy: "same-origin" })); parent.use(xssFilter()); + // Setup the view config. + configureApplicationViews(options); +} + +function configureApplicationHTTPS(options: AppOptions) { + const { parent, config } = options; + // If we're in production mode, configure some production security settings. if (config.get("env") === "production") { if (config.get("disable_force_ssl")) { @@ -143,15 +157,12 @@ function configureApplication(options: AppOptions) { includeSubDomains: false, }) ); - parent.use(enforceHTTPS()); + parent.use(enforceHTTPSMiddleware()); } } - - // Setup the view config. - setupViews(options); } -function setupViews(options: AppOptions) { +function configureApplicationViews(options: AppOptions) { const { parent } = options; // Configure the default views directory. diff --git a/src/core/server/app/router/api/index.ts b/src/core/server/app/router/api/index.ts index b5069abfc..19b95a5f6 100644 --- a/src/core/server/app/router/api/index.ts +++ b/src/core/server/app/router/api/index.ts @@ -2,11 +2,7 @@ import express from "express"; import passport from "passport"; import { AppOptions } from "coral-server/app"; -import { - graphQLHandler, - healthHandler, - versionHandler, -} from "coral-server/app/handlers"; +import { graphQLHandler, versionHandler } from "coral-server/app/handlers"; import { JSONErrorHandler } from "coral-server/app/middleware/error"; import { persistedQueryMiddleware } from "coral-server/app/middleware/graphql"; import { jsonMiddleware } from "coral-server/app/middleware/json"; @@ -36,9 +32,6 @@ export function createAPIRouter(app: AppOptions, options: RouterOptions) { // Configure the version route. router.get("/version", versionHandler); - // Configure the Health route. - router.get("/health", healthHandler); - // Installation router. router.use("/install", createNewInstallRouter(app));