Ghost/core/server/web/admin/app.js
Hannah Wolfe 19dde146c1 Renamed redirect functions for clarity
- we had urlRedirects, urlRedirects.adminRedirect and adminRedirects
- all do kinda similar things, but for different contexts so for now I've done a minimal renaming for clarity
- and updated some comments!!
- also removed totally unnecessary if res.isAdmin clause, as we don't use that, and it was never true
2020-04-22 19:31:36 +01:00

63 lines
2.3 KiB
JavaScript

const debug = require('ghost-ignition').debug('web:admin:app');
const express = require('express');
const serveStatic = require('express').static;
const config = require('../../config');
const constants = require('../../lib/constants');
const urlUtils = require('../../lib/url-utils');
const shared = require('../shared');
const adminMiddleware = require('./middleware');
const sentry = require('../../sentry');
module.exports = function setupAdminApp() {
debug('Admin setup start');
const adminApp = express();
adminApp.use(sentry.requestHandler);
// Make sure 'req.secure' and `req.hostname` is valid for proxied requests
// (X-Forwarded-Proto header will be checked, if present)
adminApp.enable('trust proxy');
// Admin assets
// @TODO ensure this gets a local 404 error handler
const configMaxAge = config.get('caching:admin:maxAge');
adminApp.use('/assets', serveStatic(
config.get('paths').clientAssets,
{maxAge: (configMaxAge || configMaxAge === 0) ? configMaxAge : constants.ONE_YEAR_MS, fallthrough: false}
));
// Ember CLI's live-reload script
if (config.get('env') === 'development') {
adminApp.get('/ember-cli-live-reload.js', function emberLiveReload(req, res) {
res.redirect(`http://localhost:4200${urlUtils.getSubdir()}/ghost/ember-cli-live-reload.js`);
});
}
// Render error page in case of maintenance
adminApp.use(shared.middlewares.maintenance);
// Force SSL if required
// must happen AFTER asset loading and BEFORE routing
adminApp.use(shared.middlewares.urlRedirects.adminSSLAndHostRedirect);
// Add in all trailing slashes & remove uppercase
// must happen AFTER asset loading and BEFORE routing
adminApp.use(shared.middlewares.prettyUrls);
// Cache headers go last before serving the request
// Admin is currently set to not be cached at all
adminApp.use(shared.middlewares.cacheControl('private'));
// Special redirects for the admin (these should have their own cache-control headers)
adminApp.use(adminMiddleware);
// Finally, routing
adminApp.get('*', require('./controller'));
adminApp.use(sentry.errorHandler);
adminApp.use(shared.middlewares.errorHandler.pageNotFound);
adminApp.use(shared.middlewares.errorHandler.handleHTMLResponse);
debug('Admin setup end');
return adminApp;
};