etherpad-lite/node/server.js

/**
 * This module is started with bin/run.sh. It sets up a Express HTTP and a Socket.IO Server. 
 * Static file Requests are answered directly from this module, Socket.IO messages are passed 
 * to MessageHandler and minfied requests are passed to minified.
 */

/*
 * 2011 Peter 'Pita' Martischka (Primary Technology Ltd)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS-IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

var ERR = require("async-stacktrace");
var log4js = require('log4js');
var os = require("os");
var socketio = require('socket.io');
var fs = require('fs');
var settings = require('./utils/Settings');
var db = require('./db/DB');
var async = require('async');
var express = require('express');
var path = require('path');
var minify = require('./utils/Minify');
var formidable = require('formidable');
var padManager;
var socketIORouter;

//try to get the git version
var version = "";
try
{
  var rootPath = path.normalize(__dirname + "/../")
  var ref = fs.readFileSync(rootPath + ".git/HEAD", "utf-8");
  var refPath = rootPath + ".git/" + ref.substring(5, ref.indexOf("\n"));
  version = fs.readFileSync(refPath, "utf-8");
  version = version.substring(0, 7);
  console.log("Your Etherpad Lite git version is " + version);
}
catch(e) 
{
  console.warn("Can't get git version for server header\n" + e.message)
}

console.log("Report bugs at https://github.com/Pita/etherpad-lite/issues")

var serverName = "Etherpad-Lite " + version + " (http://j.mp/ep-lite)";

//cache 6 hours
exports.maxAge = 1000*60*60*6;

//set loglevel
log4js.setGlobalLogLevel(settings.loglevel);

async.waterfall([
  //initalize the database
  function (callback)
  {
    db.init(callback);
  },
  //initalize the http server
  function (callback)
  {
    //create server
    var app = express.createServer();

    app.maxAge = exports.maxAge;
    app.settings = settings;

    app.use(function (req, res, next) {
      res.header("Server", serverName);
      next();
    });

    
    //redirects browser to the pad's sanitized url if needed. otherwise, renders the html
    app.param('pad', function (req, res, next, padId) {
      //ensure the padname is valid and the url doesn't end with a /
      if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
      {
        res.send('Such a padname is forbidden', 404);
      }
      else
      {
        padManager.sanitizePadId(padId, function(sanitizedPadId) {
          //the pad id was sanitized, so we redirect to the sanitized version
          if(sanitizedPadId != padId)
          {
            var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
            res.header('Location', real_path);
            res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
          }
          //the pad id was fine, so just render it
          else
          {
            next();
          }
        });
      }
    });

    //load modules that needs a initalized db
    app.readOnlyManager = require("./db/ReadOnlyManager");
    app.exporthtml = require("./utils/ExportHtml");
    app.exportHandler = require('./handler/ExportHandler');
    app.importHandler = require('./handler/ImportHandler');
    app.apiHandler = require('./handler/APIHandler');
    padManager = require('./db/PadManager');
    app.securityManager = require('./db/SecurityManager');
    socketIORouter = require("./handler/SocketIORouter");
    
    //install logging      
    var httpLogger = log4js.getLogger("http");
    app.configure(function() 
    {
      // Activate http basic auth if it has been defined in settings.json
      if(settings.httpAuth != null) app.use(basic_auth);

      // If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
      // Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
      if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
        app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'}));
      app.use(express.cookieParser());
    });
    
    app.error(function(err, req, res, next){
      res.send(500);
      console.error(err.stack ? err.stack : err.toString());
      gracefulShutdown();
    });
    
    //serve static files
    app.get('/static/js/require-kernel.js', function (req, res, next) {
      res.header("Content-Type","application/javascript; charset: utf-8");
      res.write(minify.requireDefinition());
      res.end();
    });
    
    //serve minified files
    app.get('/minified/:filename', minify.minifyJS);

    //checks for basic http auth
    function basic_auth (req, res, next) {
      if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
        // fetch login and password
        if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == settings.httpAuth) {
          next();
          return;
        }
      }
      
      res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
      if (req.headers.authorization) {
        setTimeout(function () {
          res.send('Authentication required', 401);
        }, 1000);
      } else {
        res.send('Authentication required', 401);
      }
    }

    require('./routes/readonly')(app);

    require('./routes/import')(app);

    require('./routes/export')(app);

    require('./routes/api')(app);

    require('./routes/debug')(app);

    require('./routes/static')(app);

    //let the server listen
    app.listen(settings.port, settings.ip);
    console.log("Server is listening at " + settings.ip + ":" + settings.port);

    var onShutdown = false;
    var gracefulShutdown = function(err)
    {
      if(err && err.stack)
      {
        console.error(err.stack);
      }
      else if(err)
      {
        console.error(err);
      }
      
      //ensure there is only one graceful shutdown running
      if(onShutdown) return;
      onShutdown = true;
    
      console.log("graceful shutdown...");
      
      //stop the http server
      app.close();

      //do the db shutdown
      db.db.doShutdown(function()
      {
        console.log("db sucessfully closed.");
        
        process.exit(0);
      });
      
      setTimeout(function(){
        process.exit(1);
      }, 3000);
    }

    //connect graceful shutdown with sigint and uncaughtexception
    if(os.type().indexOf("Windows") == -1)
    {
      //sigint is so far not working on windows
      //https://github.com/joyent/node/issues/1553
      process.on('SIGINT', gracefulShutdown);
    }
    
    process.on('uncaughtException', gracefulShutdown);

    //init socket.io and redirect all requests to the MessageHandler
    var io = socketio.listen(app);
    
    //this is only a workaround to ensure it works with all browers behind a proxy
    //we should remove this when the new socket.io version is more stable
    io.set('transports', ['xhr-polling']);
    
    var socketIOLogger = log4js.getLogger("socket.io");
    io.set('logger', {
      debug: function (str)
      {
        socketIOLogger.debug.apply(socketIOLogger, arguments);
      }, 
      info: function (str)
      {
        socketIOLogger.info.apply(socketIOLogger, arguments);
      },
      warn: function (str)
      {
        socketIOLogger.warn.apply(socketIOLogger, arguments);
      },
      error: function (str)
      {
        socketIOLogger.error.apply(socketIOLogger, arguments);
      },
    });
    
    //minify socket.io javascript
    if(settings.minify)
      io.enable('browser client minification');
    
    var padMessageHandler = require("./handler/PadMessageHandler");
    var timesliderMessageHandler = require("./handler/TimesliderMessageHandler");
    
    //Initalize the Socket.IO Router
    socketIORouter.setSocketIO(io);
    socketIORouter.addComponent("pad", padMessageHandler);
    socketIORouter.addComponent("timeslider", timesliderMessageHandler);
    
    callback(null);  
  }
]);
Add License to server.js and soround onmessage with a try-catch 2011-03-26 14:52:56 +00:00			`/**`
Documentation 2011-05-30 15:53:11 +01:00			`* This module is started with bin/run.sh. It sets up a Express HTTP and a Socket.IO Server.`
			`* Static file Requests are answered directly from this module, Socket.IO messages are passed`
			`* to MessageHandler and minfied requests are passed to minified.`
			`*/`

			`/*`
changed copyright from Peter 'Pita' Martischka to Peter 'Pita' Martischka (Primary Technology Ltd) 2011-08-11 15:26:41 +01:00			`* 2011 Peter 'Pita' Martischka (Primary Technology Ltd)`
Add License to server.js and soround onmessage with a try-catch 2011-03-26 14:52:56 +00:00			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS-IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`
first-commit 2011-03-26 13:10:41 +00:00
Changed all error handling to async-stacktrace style + fixed import/export on unix 2011-12-04 16:50:02 +01:00			`var ERR = require("async-stacktrace");`
Installed API infrastructure, getText works already 2011-08-03 19:31:25 +01:00			`var log4js = require('log4js');`
PITA, Y U NO TEST? 2011-08-18 21:29:34 +01:00			`var os = require("os");`
Minify and compress JS & CSS before sending it 2011-05-28 18:09:17 +01:00			`var socketio = require('socket.io');`
Show git version in server header 2011-06-30 20:03:09 +01:00			`var fs = require('fs');`
Fixed all requires 2011-07-27 18:52:23 +01:00			`var settings = require('./utils/Settings');`
			`var db = require('./db/DB');`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`var async = require('async');`
			`var express = require('express');`
			`var path = require('path');`
Fixed all requires 2011-07-27 18:52:23 +01:00			`var minify = require('./utils/Minify');`
Log the disconnect diagnostic info that etherpad still sends. Maybe thats usefull 2011-07-25 16:31:41 +01:00			`var formidable = require('formidable');`
check the padID with a regular expression 2011-08-04 16:07:58 +01:00			`var padManager;`
added a security control at socketiorouter, pad security is now fully enforced 2011-08-16 15:53:09 +01:00			`var socketIORouter;`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00
Show git version in server header 2011-06-30 20:03:09 +01:00			`//try to get the git version`
			`var version = "";`
			`try`
			`{`
get the proper git revision even when not started from node dir 2012-01-05 11:35:40 +01:00			`var rootPath = path.normalize(__dirname + "/../")`
			`var ref = fs.readFileSync(rootPath + ".git/HEAD", "utf-8");`
			`var refPath = rootPath + ".git/" + ref.substring(5, ref.indexOf("\n"));`
Show git version in server header 2011-06-30 20:03:09 +01:00			`version = fs.readFileSync(refPath, "utf-8");`
show git version on start 2011-08-19 22:01:33 +01:00			`version = version.substring(0, 7);`
			`console.log("Your Etherpad Lite git version is " + version);`
Show git version in server header 2011-06-30 20:03:09 +01:00			`}`
			`catch(e)`
			`{`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`console.warn("Can't get git version for server header\n" + e.message)`
Show git version in server header 2011-06-30 20:03:09 +01:00			`}`

added a link to the bugtracker 2011-08-21 19:52:24 +01:00			`console.log("Report bugs at https://github.com/Pita/etherpad-lite/issues")`

Show git version in server header 2011-06-30 20:03:09 +01:00			`var serverName = "Etherpad-Lite " + version + " (http://j.mp/ep-lite)";`

Import works now on the server side 2011-07-21 20:13:58 +01:00			`//cache 6 hours`
A cache of 6 hours should be a good middle 2011-06-30 12:43:11 +01:00			`exports.maxAge = 10006060*6;`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00
added a loglevel setting 2011-08-17 17:45:47 +01:00			`//set loglevel`
			`log4js.setGlobalLogLevel(settings.loglevel);`

Installed ueberDB 2011-05-14 18:57:07 +01:00			`async.waterfall([`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//initalize the database`
Installed ueberDB 2011-05-14 18:57:07 +01:00			`function (callback)`
			`{`
			`db.init(callback);`
			`},`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//initalize the http server`
Installed ueberDB 2011-05-14 18:57:07 +01:00			`function (callback)`
first-commit 2011-03-26 13:10:41 +00:00			`{`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//create server`
			`var app = express.createServer();`
Use middleware to specify Server name in header. 2012-01-17 01:42:06 -08:00
move 'static' routes into own module 2012-02-08 14:21:24 +01:00			`app.maxAge = exports.maxAge;`
move routes into modules (readonly, export, import) I moved the routes for requests that handle readonly, export or import requests into seperate modules. 2012-02-08 15:21:33 +01:00			`app.settings = settings;`
move 'static' routes into own module 2012-02-08 14:21:24 +01:00
Use middleware to specify Server name in header. 2012-01-17 01:42:06 -08:00			`app.use(function (req, res, next) {`
			`res.header("Server", serverName);`
			`next();`
			`});`

Convert goToPad to middleware 2012-01-28 21:51:25 -05:00
			`//redirects browser to the pad's sanitized url if needed. otherwise, renders the html`
			`app.param('pad', function (req, res, next, padId) {`
			`//ensure the padname is valid and the url doesn't end with a /`
			`if(!padManager.isValidPadId(padId) \|\| /\/$/.test(req.url))`
			`{`
			`res.send('Such a padname is forbidden', 404);`
			`}`
			`else`
			`{`
			`padManager.sanitizePadId(padId, function(sanitizedPadId) {`
			`//the pad id was sanitized, so we redirect to the sanitized version`
			`if(sanitizedPadId != padId)`
			`{`
			`var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);`
			`res.header('Location', real_path);`
			`res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);`
			`}`
			`//the pad id was fine, so just render it`
			`else`
			`{`
			`next();`
			`}`
			`});`
			`}`
			`});`

Read only access works 2011-07-08 18:33:01 +01:00			`//load modules that needs a initalized db`
move routes into modules (readonly, export, import) I moved the routes for requests that handle readonly, export or import requests into seperate modules. 2012-02-08 15:21:33 +01:00			`app.readOnlyManager = require("./db/ReadOnlyManager");`
			`app.exporthtml = require("./utils/ExportHtml");`
			`app.exportHandler = require('./handler/ExportHandler');`
			`app.importHandler = require('./handler/ImportHandler');`
move 'api' routes into own module 2012-02-08 14:45:10 +01:00			`app.apiHandler = require('./handler/APIHandler');`
check the padID with a regular expression 2011-08-04 16:07:58 +01:00			`padManager = require('./db/PadManager');`
move routes into modules (readonly, export, import) I moved the routes for requests that handle readonly, export or import requests into seperate modules. 2012-02-08 15:21:33 +01:00			`app.securityManager = require('./db/SecurityManager');`
added a security control at socketiorouter, pad security is now fully enforced 2011-08-16 15:53:09 +01:00			`socketIORouter = require("./handler/SocketIORouter");`
Read only access works 2011-07-08 18:33:01 +01:00
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`//install logging`
			`var httpLogger = log4js.getLogger("http");`
			`app.configure(function()`
			`{`
add the ability to set global password with http basic auth 2011-12-01 16:44:51 +01:00			`// Activate http basic auth if it has been defined in settings.json`
			`if(settings.httpAuth != null) app.use(basic_auth);`

Added comments 2011-11-03 07:34:51 +01:00			`// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.`
			`// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.`
Kind of a hack but makes issue #158 go away. There is probably a deeper error somewhere in either log4js or express, I don't have the time to investigate that atm. 2011-10-17 23:31:39 +02:00			`if (!(settings.loglevel === "WARN" \|\| settings.loglevel == "ERROR"))`
			`app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'}));`
restricted access to pad import and export 2011-08-15 22:20:37 +01:00			`app.use(express.cookieParser());`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`});`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00
Don't let express catch errors, let the process die 2011-12-04 15:19:24 +01:00			`app.error(function(err, req, res, next){`
			`res.send(500);`
			`console.error(err.stack ? err.stack : err.toString());`
			`gracefulShutdown();`
			`});`

Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//serve static files`
Use require-kernel for require functionality. 2012-01-15 22:07:45 -08:00			`app.get('/static/js/require-kernel.js', function (req, res, next) {`
			`res.header("Content-Type","application/javascript; charset: utf-8");`
			`res.write(minify.requireDefinition());`
			`res.end();`
			`});`
Use Express to serve static Files 2011-05-19 17:36:26 +01:00
Minify and compress JS & CSS before sending it 2011-05-28 18:09:17 +01:00			`//serve minified files`
Minify uses the stardard middleware interface. 2012-01-17 00:57:59 -08:00			`app.get('/minified/:filename', minify.minifyJS);`
add the ability to set global password with http basic auth 2011-12-01 16:44:51 +01:00
			`//checks for basic http auth`
			`function basic_auth (req, res, next) {`
			`if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {`
			`// fetch login and password`
			`if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == settings.httpAuth) {`
			`next();`
			`return;`
			`}`
			`}`

			`res.header('WWW-Authenticate', 'Basic realm="Protected Area"');`
			`if (req.headers.authorization) {`
			`setTimeout(function () {`
			`res.send('Authentication required', 401);`
reduced the httpAuth timeout to 1000ms 2011-12-04 17:27:36 +01:00			`}, 1000);`
add the ability to set global password with http basic auth 2011-12-01 16:44:51 +01:00			`} else {`
			`res.send('Authentication required', 401);`
			`}`
			`}`
move routes into modules (readonly, export, import) I moved the routes for requests that handle readonly, export or import requests into seperate modules. 2012-02-08 15:21:33 +01:00
			`require('./routes/readonly')(app);`

			`require('./routes/import')(app);`

			`require('./routes/export')(app);`
Implement POST requests for HTTP API 2011-11-18 21:52:12 -05:00
move 'api' routes into own module 2012-02-08 14:45:10 +01:00			`require('./routes/api')(app);`
move 'debug' routes into own module 2012-02-08 13:57:04 +01:00
			`require('./routes/debug')(app);`

move 'static' routes into own module 2012-02-08 14:21:24 +01:00			`require('./routes/static')(app);`

Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//let the server listen`
added the ability to listen at a specific ip 2011-07-30 16:39:53 +01:00			`app.listen(settings.port, settings.ip);`
			`console.log("Server is listening at " + settings.ip + ":" + settings.port);`
Installed ueberDB 2011-05-14 18:57:07 +01:00
added a graceful shutdown 2011-08-17 15:58:42 +01:00			`var onShutdown = false;`
			`var gracefulShutdown = function(err)`
			`{`
			`if(err && err.stack)`
			`{`
			`console.error(err.stack);`
			`}`
			`else if(err)`
			`{`
			`console.error(err);`
			`}`

			`//ensure there is only one graceful shutdown running`
			`if(onShutdown) return;`
			`onShutdown = true;`

			`console.log("graceful shutdown...");`

			`//stop the http server`
			`app.close();`

			`//do the db shutdown`
			`db.db.doShutdown(function()`
			`{`
			`console.log("db sucessfully closed.");`

			`process.exit(0);`
			`});`
limit the graceful shutdown time to 3 seconds 2011-08-18 20:54:04 +01:00
			`setTimeout(function(){`
			`process.exit(1);`
			`}, 3000);`
added a graceful shutdown 2011-08-17 15:58:42 +01:00			`}`

			`//connect graceful shutdown with sigint and uncaughtexception`
don't do a graceful shutdown on SIGINT on windows 2011-08-18 21:02:54 +01:00			`if(os.type().indexOf("Windows") == -1)`
			`{`
			`//sigint is so far not working on windows`
			`//https://github.com/joyent/node/issues/1553`
			`process.on('SIGINT', gracefulShutdown);`
			`}`

added a graceful shutdown 2011-08-17 15:58:42 +01:00			`process.on('uncaughtException', gracefulShutdown);`

Use Express to serve static Files 2011-05-19 17:36:26 +01:00			`//init socket.io and redirect all requests to the MessageHandler`
			`var io = socketio.listen(app);`
A lot small changes that results in a timeslider that shows the latest text 2011-06-20 11:44:04 +01:00
Use only xhr polling 2011-07-05 19:26:31 +02:00			`//this is only a workaround to ensure it works with all browers behind a proxy`
			`//we should remove this when the new socket.io version is more stable`
fix for #224 2011-11-25 13:39:33 -05:00			`io.set('transports', ['xhr-polling']);`
Use only xhr polling 2011-07-05 19:26:31 +02:00
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`var socketIOLogger = log4js.getLogger("socket.io");`
			`io.set('logger', {`
			`debug: function (str)`
			`{`
fixed socket.io logging 2011-11-19 14:14:31 -08:00			`socketIOLogger.debug.apply(socketIOLogger, arguments);`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`},`
			`info: function (str)`
			`{`
fixed socket.io logging 2011-11-19 14:14:31 -08:00			`socketIOLogger.info.apply(socketIOLogger, arguments);`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`},`
			`warn: function (str)`
			`{`
fixed socket.io logging 2011-11-19 14:14:31 -08:00			`socketIOLogger.warn.apply(socketIOLogger, arguments);`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`},`
			`error: function (str)`
			`{`
fixed socket.io logging 2011-11-19 14:14:31 -08:00			`socketIOLogger.error.apply(socketIOLogger, arguments);`
Installed log4js as logging framework 2011-07-31 18:25:51 +01:00			`},`
			`});`
reduce the log level of socket.io 2011-07-07 18:15:39 +01:00
Let socket.io minify its javascript 2011-07-27 14:46:45 +01:00			`//minify socket.io javascript`
			`if(settings.minify)`
			`io.enable('browser client minification');`

Fixed all requires 2011-07-27 18:52:23 +01:00			`var padMessageHandler = require("./handler/PadMessageHandler");`
			`var timesliderMessageHandler = require("./handler/TimesliderMessageHandler");`
A lot small changes that results in a timeslider that shows the latest text 2011-06-20 11:44:04 +01:00
			`//Initalize the Socket.IO Router`
			`socketIORouter.setSocketIO(io);`
			`socketIORouter.addComponent("pad", padMessageHandler);`
			`socketIORouter.addComponent("timeslider", timesliderMessageHandler);`
first-commit 2011-03-26 13:10:41 +00:00
Installed ueberDB 2011-05-14 18:57:07 +01:00			`callback(null);`
first-commit 2011-03-26 13:10:41 +00:00			`}`
Installed ueberDB 2011-05-14 18:57:07 +01:00			`]);`