@fnet/node-express
v0.2.13
Published
The `@fnet/node-express` project is a Node.js application utilizing the Express framework to create a server capable of handling HTTP requests. It aims to provide a robust structure for building Express-based applications with integrated features such as
Downloads
235
Readme
@fnet/node-express
The @fnet/node-express
project is a Node.js application utilizing the Express framework to create a server capable of handling HTTP requests. It aims to provide a robust structure for building Express-based applications with integrated features such as session management, security enhancements, and middleware support.
How It Works
This project sets up an Express server and incorporates various middlewares to manage HTTP requests efficiently. It introduces functionalities such as request IP tracking, JSON request parsing, and basic health checks. The server configuration includes handling CORS (Cross-Origin Resource Sharing) to control accessible origins, and Redis-based session management to maintain states across different server requests. Security is enhanced with Helmet, offering configurations that can be tailored for production environments.
Key Features
- CORS Configuration: Allows the specification of origin whitelists and credential settings, making it easier to define security parameters across different domains.
- Session Management: Uses RedisStore for session storage if Redis is available, with a fallback to in-memory storage, providing flexibility and reliability in maintaining user sessions.
- IP Middleware: Easily capture and log incoming request IPs.
- Security Features: Helmet is used to improve several HTTP headers, contributing to a more secure application environment.
- Health Checks: Simple endpoint to verify server operational status.
- JSON Parsing: Built-in support for parsing JSON requests with a limit to prevent overloads.
- Flexible API Integration: Allows the incorporation of additional APIs through custom middleware functions.
Conclusion
The @fnet/node-express
project offers a foundational setup for developing Express servers with essential features like session management, CORS handling, and security enhancements already configured. This structure is useful for developers looking to quickly set up a secure and functional server environment with the flexibility to add custom functionalities as needed.
Developer Guide for @fnet/node-express
Overview
The @fnet/node-express
library provides a convenient setup for creating robust Node.js applications using the Express framework. It offers pre-configured middleware to handle common requirements such as CORS, security headers, JSON parsing, session management, and health checks. This helps streamline the development of server applications and ensures best practices are embedded without additional configuration.
Installation
To use the @fnet/node-express
library, install it using either npm or yarn:
npm install @fnet/node-express
or
yarn add @fnet/node-express
Usage
To create a server using @fnet/node-express
, you need to import the module, define any optional configurations, and then start the server. Here's a basic setup to get you started:
import startServer from '@fnet/node-express';
const options = {
server_port: 3000,
cors_origin_whitelist: 'http://example.com,http://anotherdomain.com',
session_secret: 'your-session-secret',
apis: [], // you can add custom APIs or middleware here
};
// Start the server with the specified options
startServer(options)
.then(() => console.log('Server started successfully'))
.catch(err => console.error('Error starting server:', err));
Examples
Basic Server Setup
import startServer from '@fnet/node-express';
// Define configuration options
const options = {
server_port: 3000,
};
// Start the server
startServer(options)
.then(() => console.log('Server is running on port 3000'))
.catch(err => console.error('Failed to start server:', err));
Using Custom Middleware
You can extend the server with additional APIs or middleware functions. Below is an example of adding a custom API route:
import startServer from '@fnet/node-express';
// Custom middleware API
const customApi = {
use: function (context) {
context.app.get('/api/custom', (req, res) => {
res.json({ message: 'Custom API Response' });
});
},
};
// Start server with custom API
const options = {
server_port: 3000,
apis: [customApi],
};
startServer(options)
.then(() => console.log('Server is running with custom API'))
.catch(err => console.error('Failed to start server:', err));
Secure Server Settings
Configure security settings for production environments with helmet and custom session configurations:
import startServer from '@fnet/node-express';
// Configure options for secure production environment
const options = {
server_port: 8080,
session_secret: 'secure-session-secret-for-prod',
helmet_cors_policy: 'same-origin', // Example security setting
};
// Start the production server
startServer(options)
.then(() => console.log('Production server running securely'))
.catch(err => console.error('Server startup error:', err));
Acknowledgement
The @fnet/node-express
library leverages several open-source libraries such as Express, Helmet, and Redis for various functionalities. Contributions from these projects help improve and maintain the quality of this library.
Input Schema
$schema: https://json-schema.org/draft/2020-12/schema
type: object
properties:
server_port:
type: integer
description: The port on which the server should listen.
cors_origin_whitelist:
type: string
description: Comma-separated list of domains allowed for CORS.
default: ""
cors_credentials:
type: boolean
description: Indicates whether CORS allows credentials.
default: false
cors_max_age:
type: integer
description: Maximum age of the CORS response in seconds.
default: 3600
cors_allowed_headers:
type: string
description: Comma-separated list of headers allowed for CORS.
cors_methods:
type: string
description: Comma-separated list of HTTP methods allowed for CORS.
cors_exposed_headers:
type: string
description: Comma-separated list of headers exposed in CORS response.
redis_host:
type: string
description: Hostname for the Redis server.
default: 127.0.0.1
redis_port:
type: integer
description: Port number for the Redis server.
default: 6379
redis_store_prefix:
type: string
description: Prefix for Redis store keys.
default: "rsp:"
session_secret:
type: string
description: Secret key for session management.
default: some-secret
session_name:
type: string
description: Name of the session id cookie.
default: some-session-name
session_cookie_domain:
type: string
description: Domain for the session cookie.
apis:
type: array
items:
type: object
properties:
use:
description: Middleware function to be used in app.
instanceof: Function
onReady:
description: Callback function when server starts.
instanceof: Function
helmet_referrer_policy:
type: string
description: Referrer policy for the application.
default: same-origin
helmet_cors_policy:
type: string
description: Cross-Origin Resource Policy for the application.
default: same-site
helmet_cors_opener_policy:
type: string
description: Cross-Origin Opener Policy for the application.
default: same-origin
helmet_cors_embedder_policy:
type: string
description: Cross-Origin Embedder Policy for the application.
default: require-corp
required: []