diff --git a/README.md b/README.md index 7c577bbc7..0bb3845be 100644 --- a/README.md +++ b/README.md @@ -147,7 +147,7 @@ There are some config settings you need to change in the files below. | `HMD_URL_ADDPORT` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | | `HMD_USECDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | | `HMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | -| `HMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowanonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | +| `HMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `HMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | | `HMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | | `HMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | @@ -215,46 +215,46 @@ There are some config settings you need to change in the files below. | --------- | ------ | ----------- | | `debug` | `true` or `false` | set debug mode, show more logs | | `domain` | `localhost` | domain name | -| `urlpath` | `hackmd` | sub URL path, like `www.example.com/` | +| `urlPath` | `hackmd` | sub URL path, like `www.example.com/` | | `port` | `80` | web app port | -| `alloworigin` | `['localhost']` | domain name whitelist | -| `usessl` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolusessl`) | +| `allowOrigin` | `['localhost']` | domain name whitelist | +| `useSSL` | `true` or `false` | set to use SSL server (if `true`, will auto turn on `protocolUseSSL`) | | `hsts` | `{"enable": true, "maxAgeSeconds": 31536000, "includeSubdomains": true, "preload": true}` | [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) options to use with HTTPS (default is the example value, max age is a year) | -| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `usessl` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | -| `protocolusessl` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | -| `urladdport` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | -| `usecdn` | `true` or `false` | set to use CDN resources or not (default is `true`) | -| `allowanonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | -| `allowanonymousedits` | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | -| `allowfreeurl` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | -| `defaultpermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | -| `dburl` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | +| `csp` | `{"enable": true, "directives": {"scriptSrc": "trustworthy-scripts.example.com"}, "upgradeInsecureRequests": "auto", "addDefaults": true}` | Configures [Content Security Policy](https://helmetjs.github.io/docs/csp/). Directives are passed to Helmet - see [their documentation](https://helmetjs.github.io/docs/csp/) for more information on the format. Some defaults are added to the configured values so that the application doesn't break. To disable this behaviour, set `addDefaults` to `false`. Further, if `usecdn` is on, some CDN locations are allowed too. By default (`auto`), insecure (HTTP) requests are upgraded to HTTPS via CSP if `useSSL` is on. To change this behaviour, set `upgradeInsecureRequests` to either `true` or `false`. | +| `protocolUseSSL` | `true` or `false` | set to use SSL protocol for resources path (only applied when domain is set) | +| `urlAddPort` | `true` or `false` | set to add port on callback URL (ports `80` or `443` won't be applied) (only applied when domain is set) | +| `useCDN` | `true` or `false` | set to use CDN resources or not (default is `true`) | +| `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | +| `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | +| `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | +| `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | +| `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | | `db` | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | -| `sslkeypath` | `./cert/client.key` | SSL key path (only need when you set `usessl`) | -| `sslcertpath` | `./cert/hackmd_io.crt` | SSL cert path (only need when you set `usessl`) | -| `sslcapath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain (only need when you set `usessl`) | -| `dhparampath` | `./cert/dhparam.pem` | SSL dhparam path (only need when you set `usessl`) | -| `tmppath` | `./tmp/` | temp directory path | -| `defaultnotepath` | `./public/default.md` | default note file path | -| `docspath` | `./public/docs` | docs directory path | -| `indexpath` | `./public/views/index.ejs` | index template file path | -| `hackmdpath` | `./public/views/hackmd.ejs` | hackmd template file path | -| `errorpath` | `./public/views/error.ejs` | error template file path | -| `prettypath` | `./public/views/pretty.ejs` | pretty template file path | -| `slidepath` | `./public/views/slide.hbs` | slide template file path | -| `sessionname` | `connect.sid` | cookie session name | -| `sessionsecret` | `secret` | cookie session secret | -| `sessionlife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | -| `staticcachetime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | -| `heartbeatinterval` | `5000` | socket.io heartbeat interval | -| `heartbeattimeout` | `10000` | socket.io heartbeat timeout | -| `documentmaxlength` | `100000` | note max length | +| `sslKeyPath` | `./cert/client.key` | SSL key path (only need when you set `useSSL`) | +| `sslCertPath` | `./cert/hackmd_io.crt` | SSL cert path (only need when you set `useSSL`) | +| `sslCAPath` | `['./cert/COMODORSAAddTrustCA.crt']` | SSL ca chain (only need when you set `useSSL`) | +| `dhParamPath` | `./cert/dhparam.pem` | SSL dhparam path (only need when you set `useSSL`) | +| `tmpPath` | `./tmp/` | temp directory path | +| `defaultNotePath` | `./public/default.md` | default note file path | +| `docsPath` | `./public/docs` | docs directory path | +| `indexPath` | `./public/views/index.ejs` | index template file path | +| `hackmdPath` | `./public/views/hackmd.ejs` | hackmd template file path | +| `errorPath` | `./public/views/error.ejs` | error template file path | +| `prettyPath` | `./public/views/pretty.ejs` | pretty template file path | +| `slidePath` | `./public/views/slide.hbs` | slide template file path | +| `sessionName` | `connect.sid` | cookie session name | +| `sessionSecret` | `secret` | cookie session secret | +| `sessionLife` | `14 * 24 * 60 * 60 * 1000` | cookie session life | +| `staticCacheTime` | `1 * 24 * 60 * 60 * 1000` | static file cache time | +| `heartbeatInterval` | `5000` | socket.io heartbeat interval | +| `heartbeatTimeout` | `10000` | socket.io heartbeat timeout | +| `documentMaxLength` | `100000` | note max length | | `email` | `true` or `false` | set to allow email signin | -| `allowemailregister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | -| `imageuploadtype` | `imgur`(default), `s3`, `minio` or `filesystem` | Where to upload image -| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageuploadtype` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | +| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | +| `imageUploadType` | `imgur`(default), `s3`, `minio` or `filesystem` | Where to upload image +| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | | `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | -| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageuploadtype` is set to `s3` or `minio` | +| `s3bucket` | `YOUR_S3_BUCKET_NAME` | bucket name when `imageUploadType` is set to `s3` or `minio` | ## Third-party integration API key settings diff --git a/app.js b/app.js index 0db65e947..fcf905d59 100644 --- a/app.js +++ b/app.js @@ -30,7 +30,7 @@ var csp = require('./lib/csp') var constpath = path.join(__dirname, './public/js/lib/common/constant.ejs') var data = { domain: config.domain, - urlpath: config.urlpath, + urlpath: config.urlPath, debug: config.debug, version: config.version, GOOGLE_API_KEY: config.google.clientSecret, @@ -47,20 +47,20 @@ ejs.renderFile(constpath, data, {}, function (err, str) { // server setup var app = express() var server = null -if (config.usessl) { +if (config.useSSL) { var ca = (function () { var i, len, results results = [] - for (i = 0, len = config.sslcapath.length; i < len; i++) { - results.push(fs.readFileSync(config.sslcapath[i], 'utf8')) + for (i = 0, len = config.sslCAPath.length; i < len; i++) { + results.push(fs.readFileSync(config.sslCAPath[i], 'utf8')) } return results })() var options = { - key: fs.readFileSync(config.sslkeypath, 'utf8'), - cert: fs.readFileSync(config.sslcertpath, 'utf8'), + key: fs.readFileSync(config.sslKeyPath, 'utf8'), + cert: fs.readFileSync(config.sslCertPath, 'utf8'), ca: ca, - dhparam: fs.readFileSync(config.dhparampath, 'utf8'), + dhparam: fs.readFileSync(config.dhParamPath, 'utf8'), requestCert: false, rejectUnauthorized: false } @@ -105,7 +105,7 @@ if (config.hsts.enable) { includeSubdomains: config.hsts.includeSubdomains, preload: config.hsts.preload })) -} else if (config.usessl) { +} else if (config.useSSL) { logger.info('Consider enabling HSTS for extra security:') logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security') } @@ -142,17 +142,17 @@ app.use(i18n.init) // routes without sessions // static files -app.use('/', express.static(path.join(__dirname, '/public'), { maxAge: config.staticcachetime })) +app.use('/', express.static(path.join(__dirname, '/public'), { maxAge: config.staticCacheTime })) // session app.use(session({ - name: config.sessionname, - secret: config.sessionsecret, + name: config.sessionName, + secret: config.sessionSecret, resave: false, // don't save session if unmodified saveUninitialized: true, // always create session to ensure the origin rolling: true, // reset maxAge on every response cookie: { - maxAge: config.sessionlife + maxAge: config.sessionLife }, store: sessionStore })) @@ -207,22 +207,22 @@ io.use(realtime.secure) // socket.io auth io.use(passportSocketIo.authorize({ cookieParser: cookieParser, - key: config.sessionname, - secret: config.sessionsecret, + key: config.sessionName, + secret: config.sessionSecret, store: sessionStore, success: realtime.onAuthorizeSuccess, fail: realtime.onAuthorizeFail })) // socket.io heartbeat -io.set('heartbeat interval', config.heartbeatinterval) -io.set('heartbeat timeout', config.heartbeattimeout) +io.set('heartbeat interval', config.heartbeatInterval) +io.set('heartbeat timeout', config.heartbeatTimeout) // socket.io connection io.sockets.on('connection', realtime.connection) // listen function startListen () { server.listen(config.port, function () { - var schema = config.usessl ? 'HTTPS' : 'HTTP' + var schema = config.useSSL ? 'HTTPS' : 'HTTP' logger.info('%s Server listening at port %d', schema, config.port) realtime.maintenance = false }) diff --git a/lib/config/default.js b/lib/config/default.js index 7407ec60a..19ddccf6e 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -2,11 +2,11 @@ module.exports = { domain: '', - urlpath: '', + urlPath: '', port: 3000, - urladdport: false, - alloworigin: ['localhost'], - usessl: false, + urlAddPort: false, + allowOrigin: ['localhost'], + useSSL: false, hsts: { enable: true, maxAgeSeconds: 31536000, @@ -21,42 +21,40 @@ module.exports = { upgradeInsecureRequests: 'auto', reportURI: undefined }, - protocolusessl: false, - usecdn: true, - allowanonymous: true, - allowanonymousedits: false, - allowfreeurl: false, - defaultpermission: 'editable', - dburl: '', + protocolUseSSL: false, + useCDN: true, + allowAnonymous: true, + allowAnonymousEdits: false, + allowFreeURL: false, + defaultPermission: 'editable', + dbURL: '', db: {}, // ssl path - sslkeypath: '', - sslcertpath: '', - sslcapath: '', - dhparampath: '', + sslKeyPath: '', + sslCertPath: '', + sslCAPath: '', + dhParamPath: '', // other path - tmppath: './tmp', - defaultnotepath: './public/default.md', - docspath: './public/docs', - indexpath: './public/views/index.ejs', - hackmdpath: './public/views/hackmd.ejs', - errorpath: './public/views/error.ejs', - prettypath: './public/views/pretty.ejs', - slidepath: './public/views/slide.ejs', + tmpPath: './tmp', + defaultNotePath: './public/default.md', + docsPath: './public/docs', + indexPath: './public/views/index.ejs', + hackmdPath: './public/views/hackmd.ejs', + errorPath: './public/views/error.ejs', + prettyPath: './public/views/pretty.ejs', + slidePath: './public/views/slide.ejs', // session - sessionname: 'connect.sid', - sessionsecret: 'secret', - sessionlife: 14 * 24 * 60 * 60 * 1000, // 14 days - staticcachetime: 1 * 24 * 60 * 60 * 1000, // 1 day + sessionName: 'connect.sid', + sessionSecret: 'secret', + sessionLife: 14 * 24 * 60 * 60 * 1000, // 14 days + staticCacheTime: 1 * 24 * 60 * 60 * 1000, // 1 day // socket.io - heartbeatinterval: 5000, - heartbeattimeout: 10000, + heartbeatInterval: 5000, + heartbeatTimeout: 10000, // document - documentmaxlength: 100000, + documentMaxLength: 100000, // image upload setting, available options are imgur/s3/filesystem - imageuploadtype: 'filesystem', - // legacy variable name for imageuploadtype - imageUploadType: undefined, + imageUploadType: 'filesystem', imgur: { clientID: undefined }, @@ -133,6 +131,6 @@ module.exports = { } }, email: true, - allowemailregister: true, - allowpdfexport: true + allowEmailRegister: true, + allowPDFExport: true } diff --git a/lib/config/environment.js b/lib/config/environment.js index ddc09e105..cab3bc3e4 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -4,10 +4,10 @@ const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils') module.exports = { domain: process.env.HMD_DOMAIN, - urlpath: process.env.HMD_URL_PATH, + urlPath: process.env.HMD_URL_PATH, port: toIntegerConfig(process.env.HMD_PORT), - urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT), - usessl: toBooleanConfig(process.env.HMD_USESSL), + urlAddPort: toBooleanConfig(process.env.HMD_URL_ADDPORT), + useSSL: toBooleanConfig(process.env.HMD_USESSL), hsts: { enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE), maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE, @@ -18,15 +18,15 @@ module.exports = { enable: toBooleanConfig(process.env.HMD_CSP_ENABLE), reportURI: process.env.HMD_CSP_REPORTURI }, - protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), - alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), - usecdn: toBooleanConfig(process.env.HMD_USECDN), - allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), - allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS), - allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), - defaultpermission: process.env.HMD_DEFAULT_PERMISSION, - dburl: process.env.HMD_DB_URL, - imageuploadtype: process.env.HMD_IMAGE_UPLOAD_TYPE, + protocolUseSSL: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), + allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), + useCDN: toBooleanConfig(process.env.HMD_USECDN), + allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), + allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS), + allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), + defaultPermission: process.env.HMD_DEFAULT_PERMISSION, + dbURL: process.env.HMD_DB_URL, + imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE, imgur: { clientID: process.env.HMD_IMGUR_CLIENTID }, @@ -102,6 +102,6 @@ module.exports = { } }, email: toBooleanConfig(process.env.HMD_EMAIL), - allowemailregister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), - allowpdfexport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) + allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), + allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) } diff --git a/lib/config/index.js b/lib/config/index.js index abcd2b3eb..fae51e52c 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -27,6 +27,7 @@ const fileConfig = fs.existsSync(configFilePath) ? require(configFilePath)[env] let config = require('./default') merge(config, require('./defaultSSL')) +merge(config, require('./oldDefault')) merge(config, debugConfig) merge(config, packageConfig) merge(config, fileConfig) @@ -51,35 +52,35 @@ if (config.ldap.tlsca) { // Permission config.permission = Permission -if (!config.allowanonymous && !config.allowanonymousedits) { +if (!config.allowAnonymous && !config.allowAnonymousedits) { delete config.permission.freely } -if (!(config.defaultpermission in config.permission)) { - config.defaultpermission = config.permission.editable +if (!(config.defaultPermission in config.permission)) { + config.defaultPermission = config.permission.editable } // cache result, cannot change config in runtime!!! config.isStandardHTTPsPort = (function isStandardHTTPsPort () { - return config.usessl && config.port === 443 + return config.useSSL && config.port === 443 })() config.isStandardHTTPPort = (function isStandardHTTPPort () { - return !config.usessl && config.port === 80 + return !config.useSSL && config.port === 80 })() // cache serverURL -config.serverurl = (function getserverurl () { +config.serverURL = (function getserverurl () { var url = '' if (config.domain) { - var protocol = config.protocolusessl ? 'https://' : 'http://' + var protocol = config.protocolUseSSL ? 'https://' : 'http://' url = protocol + config.domain - if (config.urladdport) { + if (config.urlAddPort) { if (!config.isStandardHTTPPort || !config.isStandardHTTPsPort) { url += ':' + config.port } } } - if (config.urlpath) { - url += '/' + config.urlpath + if (config.urlPath) { + url += '/' + config.urlPath } return url })() @@ -97,21 +98,33 @@ config.isGitLabEnable = config.gitlab.clientID && config.gitlab.clientSecret config.isMattermostEnable = config.mattermost.clientID && config.mattermost.clientSecret config.isLDAPEnable = config.ldap.url config.isSAMLEnable = config.saml.idpSsoUrl -config.isPDFExportEnable = config.allowpdfexport +config.isPDFExportEnable = config.allowPDFExport // merge legacy values -if (config.imageUploadType && !config.imageuploadtype) { - config.imageuploadtype = config.imageUploadType +let keys = Object.keys(config) +const uppercase = /[A-Z]/ +for (let i = keys.length; i--;) { + let lowercaseKey = keys[i].toLowerCase() + // if the config contains uppercase letters + // and a lowercase version of this setting exists + // and the config with uppercase is not set + // we set the new config using the old key. + if (uppercase.test(keys[i]) && + config[lowercaseKey] && + !config[keys[1]]) { + logger.warn('config.js contains deprecated lowercase setting for ' + keys[i] + '. Please change your config.js file to replace ' + lowercaseKey + ' with ' + keys[i]) + config[keys[i]] = config[lowercaseKey] + } } // Validate upload upload providers -if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageuploadtype) === -1) { +if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageUploadType) === -1) { logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio" or "imgur". Defaulting to "imgur"') - config.imageuploadtype = 'imgur' + config.imageUploadType = 'imgur' } // figure out mime types for image uploads -switch (config.imageuploadtype) { +switch (config.imageUploadType) { case 'imgur': config.allowedUploadMimeTypes = [ 'image/jpeg', @@ -131,22 +144,22 @@ switch (config.imageuploadtype) { } // generate correct path -config.sslcapath.forEach(function (capath, i, array) { +config.sslCAPath.forEach(function (capath, i, array) { array[i] = path.resolve(appRootPath, capath) }) -config.sslcertpath = path.join(appRootPath, config.sslcertpath) -config.sslkeypath = path.join(appRootPath, config.sslkeypath) -config.dhparampath = path.join(appRootPath, config.dhparampath) +config.sslCertPath = path.join(appRootPath, config.sslCertPath) +config.sslKeyPath = path.join(appRootPath, config.sslKeyPath) +config.dhParamPath = path.join(appRootPath, config.dhParamPath) -config.tmppath = path.join(appRootPath, config.tmppath) -config.defaultnotepath = path.join(appRootPath, config.defaultnotepath) -config.docspath = path.join(appRootPath, config.docspath) -config.indexpath = path.join(appRootPath, config.indexpath) -config.hackmdpath = path.join(appRootPath, config.hackmdpath) -config.errorpath = path.join(appRootPath, config.errorpath) -config.prettypath = path.join(appRootPath, config.prettypath) -config.slidepath = path.join(appRootPath, config.slidepath) +config.tmpPath = path.join(appRootPath, config.tmpPath) +config.defaultNotePath = path.join(appRootPath, config.defaultNotePath) +config.docsPath = path.join(appRootPath, config.docsPath) +config.indexPath = path.join(appRootPath, config.indexPath) +config.hackmdPath = path.join(appRootPath, config.hackmdPath) +config.errorPath = path.join(appRootPath, config.errorPath) +config.prettyPath = path.join(appRootPath, config.prettyPath) +config.slidePath = path.join(appRootPath, config.slidePath) // make config readonly config = deepFreeze(config) diff --git a/lib/config/oldDefault.js b/lib/config/oldDefault.js new file mode 100644 index 000000000..90942951d --- /dev/null +++ b/lib/config/oldDefault.js @@ -0,0 +1,42 @@ +'use strict' + +module.exports = { + urlpath: undefined, + urladdport: undefined, + alloworigin: undefined, + usessl: undefined, + protocolusessl: undefined, + usecdn: undefined, + allowanonymous: undefined, + allowanonymousedits: undefined, + allowfreeurl: undefined, + defaultpermission: undefined, + dburl: undefined, + // ssl path + sslkeypath: undefined, + sslcertpath: undefined, + sslcapath: undefined, + dhparampath: undefined, + // other path + tmppath: undefined, + defaultnotepath: undefined, + docspath: undefined, + indexpath: undefined, + hackmdpath: undefined, + errorpath: undefined, + prettypath: undefined, + slidepath: undefined, + // session + sessionname: undefined, + sessionsecret: undefined, + sessionlife: undefined, + staticcachetime: undefined, + // socket.io + heartbeatinterval: undefined, + heartbeattimeout: undefined, + // document + documentmaxlength: undefined, + imageuploadtype: undefined, + allowemailregister: undefined, + allowpdfexport: undefined +} diff --git a/lib/csp.js b/lib/csp.js index b46ae8ef1..cef2e2f6c 100644 --- a/lib/csp.js +++ b/lib/csp.js @@ -25,7 +25,7 @@ CspStrategy.computeDirectives = function () { var directives = {} mergeDirectives(directives, config.csp.directives) mergeDirectivesIf(config.csp.addDefaults, directives, defaultDirectives) - mergeDirectivesIf(config.usecdn, directives, cdnDirectives) + mergeDirectivesIf(config.useCDN, directives, cdnDirectives) if (!areAllInlineScriptsAllowed(directives)) { addInlineScriptExceptions(directives) } @@ -66,7 +66,7 @@ function getCspNonce (req, res) { } function addUpgradeUnsafeRequestsOptionTo (directives) { - if (config.csp.upgradeInsecureRequests === 'auto' && config.usessl) { + if (config.csp.upgradeInsecureRequests === 'auto' && config.useSSL) { directives.upgradeInsecureRequests = true } else if (config.csp.upgradeInsecureRequests === true) { directives.upgradeInsecureRequests = true diff --git a/lib/models/index.js b/lib/models/index.js index e3aa8bf37..0a44ca876 100644 --- a/lib/models/index.js +++ b/lib/models/index.js @@ -15,8 +15,8 @@ dbconfig.logging = config.debug ? logger.info : false var sequelize = null // Heroku specific -if (config.dburl) { - sequelize = new Sequelize(config.dburl, dbconfig) +if (config.dbURL) { + sequelize = new Sequelize(config.dbURL, dbconfig) } else { sequelize = new Sequelize(dbconfig.database, dbconfig.username, dbconfig.password, dbconfig) } diff --git a/lib/models/note.js b/lib/models/note.js index d615bcf7e..69393dd48 100644 --- a/lib/models/note.js +++ b/lib/models/note.js @@ -148,7 +148,7 @@ module.exports = function (sequelize, DataTypes) { } }).then(function (note) { if (note) { - let filePath = path.join(config.docspath, noteId + '.md') + let filePath = path.join(config.docsPath, noteId + '.md') if (Note.checkFileExist(filePath)) { // if doc in filesystem have newer modified time than last change time // then will update the doc in db @@ -190,7 +190,7 @@ module.exports = function (sequelize, DataTypes) { return callback(null, note.id) } } else { - var filePath = path.join(config.docspath, noteId + '.md') + var filePath = path.join(config.docsPath, noteId + '.md') if (Note.checkFileExist(filePath)) { Note.create({ alias: noteId, @@ -520,16 +520,16 @@ module.exports = function (sequelize, DataTypes) { var body = null let filePath = null if (!note.alias) { - filePath = config.defaultnotepath + filePath = config.defaultNotePath } else { - filePath = path.join(config.docspath, note.alias + '.md') + filePath = path.join(config.docsPath, note.alias + '.md') } if (Note.checkFileExist(filePath)) { var fsCreatedTime = moment(fs.statSync(filePath).ctime) body = fs.readFileSync(filePath, 'utf8') note.title = Note.parseNoteTitle(body) note.content = body - if (filePath !== config.defaultnotepath) { + if (filePath !== config.defaultNotePath) { note.createdAt = fsCreatedTime } } @@ -537,7 +537,7 @@ module.exports = function (sequelize, DataTypes) { // if no permission specified and have owner then give default permission in config, else default permission is freely if (!note.permission) { if (note.ownerId) { - note.permission = config.defaultpermission + note.permission = config.defaultPermission } else { note.permission = 'freely' } diff --git a/lib/ot/server.js b/lib/ot/server.js index 227eba257..30ebeac96 100644 --- a/lib/ot/server.js +++ b/lib/ot/server.js @@ -32,7 +32,7 @@ ot.Server = (function (global) { // ... and apply that on the document. var newDocument = operation.apply(this.document); // ignore if exceed the max length of document - if(newDocument.length > config.documentmaxlength && newDocument.length > this.document.length) + if(newDocument.length > config.documentMaxLength && newDocument.length > this.document.length) return; this.document = newDocument; // Store operation in history. diff --git a/lib/realtime.js b/lib/realtime.js index 5ee9f8fde..d8b0b4c55 100644 --- a/lib/realtime.js +++ b/lib/realtime.js @@ -45,10 +45,10 @@ function secure (socket, next) { var handshakeData = socket.request if (handshakeData.headers.cookie) { handshakeData.cookie = cookie.parse(handshakeData.headers.cookie) - handshakeData.sessionID = cookieParser.signedCookie(handshakeData.cookie[config.sessionname], config.sessionsecret) + handshakeData.sessionID = cookieParser.signedCookie(handshakeData.cookie[config.sessionName], config.sessionSecret) if (handshakeData.sessionID && - handshakeData.cookie[config.sessionname] && - handshakeData.cookie[config.sessionname] !== handshakeData.sessionID) { + handshakeData.cookie[config.sessionName] && + handshakeData.cookie[config.sessionName] !== handshakeData.sessionID) { if (config.debug) { logger.info('AUTH success cookie: ' + handshakeData.sessionID) } return next() } else { @@ -284,7 +284,7 @@ function extractNoteIdFromSocket (socket) { return false } var hostUrl = url.parse(referer) - var noteId = config.urlpath ? hostUrl.pathname.slice(config.urlpath.length + 1, hostUrl.pathname.length).split('/')[1] : hostUrl.pathname.split('/')[1] + var noteId = config.urlPath ? hostUrl.pathname.slice(config.urlPath.length + 1, hostUrl.pathname.length).split('/')[1] : hostUrl.pathname.split('/')[1] return noteId } else { return false @@ -330,7 +330,7 @@ function emitRefresh (socket) { var note = notes[noteId] var out = { title: note.title, - docmaxlength: config.documentmaxlength, + docmaxlength: config.documentMaxLength, owner: note.owner, ownerprofile: note.ownerprofile, lastchangeuser: note.lastchangeuser, @@ -788,7 +788,7 @@ function connection (socket) { var note = notes[noteId] // Only owner can change permission if (note.owner && note.owner === socket.request.user.id) { - if (permission === 'freely' && !config.allowanonymous && !config.allowanonymousedits) return + if (permission === 'freely' && !config.allowAnonymous && !config.allowAnonymousedits) return note.permission = permission models.Note.update({ permission: permission diff --git a/lib/response.js b/lib/response.js index 25b9fafc4..b18fd7a3b 100644 --- a/lib/response.js +++ b/lib/response.js @@ -44,22 +44,22 @@ var response = { } function responseError (res, code, detail, msg) { - res.status(code).render(config.errorpath, { - url: config.serverurl, + res.status(code).render(config.errorPath, { + url: config.serverURL, title: code + ' ' + detail + ' ' + msg, code: code, detail: detail, msg: msg, - useCDN: config.usecdn + useCDN: config.useCDN }) } function showIndex (req, res, next) { - res.render(config.indexpath, { - url: config.serverurl, - useCDN: config.usecdn, - allowAnonymous: config.allowanonymous, - allowAnonymousEdits: config.allowanonymousedits, + res.render(config.indexPath, { + url: config.serverURL, + useCDN: config.useCDN, + allowAnonymous: config.allowAnonymous, + allowAnonymousEdits: config.allowAnonymousedits, facebook: config.isFacebookEnable, twitter: config.isTwitterEnable, github: config.isGitHubEnable, @@ -71,8 +71,8 @@ function showIndex (req, res, next) { ldapProviderName: config.ldap.providerName, saml: config.isSAMLEnable, email: config.isEmailEnable, - allowemailregister: config.allowemailregister, - allowpdfexport: config.allowpdfexport, + allowEmailRegister: config.allowEmailRegister, + allowPDFExport: config.allowPDFExport, signin: req.isAuthenticated(), infoMessage: req.flash('info'), errorMessage: req.flash('error') @@ -89,12 +89,12 @@ function responseHackMD (res, note) { 'Cache-Control': 'private', // only cache by client 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling }) - res.render(config.hackmdpath, { - url: config.serverurl, + res.render(config.hackmdPath, { + url: config.serverURL, title: title, - useCDN: config.usecdn, - allowAnonymous: config.allowanonymous, - allowAnonymousEdits: config.allowanonymousedits, + useCDN: config.useCDN, + allowAnonymous: config.allowAnonymous, + allowAnonymousEdits: config.allowAnonymousedits, facebook: config.isFacebookEnable, twitter: config.isTwitterEnable, github: config.isGitHubEnable, @@ -106,8 +106,8 @@ function responseHackMD (res, note) { ldapProviderName: config.ldap.providerName, saml: config.isSAMLEnable, email: config.isEmailEnable, - allowemailregister: config.allowemailregister, - allowpdfexport: config.allowpdfexport + allowEmailRegister: config.allowEmailRegister, + allowPDFExport: config.allowPDFExport }) } @@ -115,7 +115,7 @@ function newNote (req, res, next) { var owner = null if (req.isAuthenticated()) { owner = req.user.id - } else if (!config.allowanonymous) { + } else if (!config.allowAnonymous) { return response.errorForbidden(res) } models.Note.create({ @@ -123,7 +123,7 @@ function newNote (req, res, next) { alias: req.alias ? req.alias : null, content: req.body ? req.body : '' }).then(function (note) { - return res.redirect(config.serverurl + '/' + models.Note.encodeNoteId(note.id)) + return res.redirect(config.serverURL + '/' + models.Note.encodeNoteId(note.id)) }).catch(function (err) { logger.error(err) return response.errorInternalError(res) @@ -155,7 +155,7 @@ function findNote (req, res, callback, include) { include: include || null }).then(function (note) { if (!note) { - if (config.allowfreeurl && noteId) { + if (config.allowFreeURL && noteId) { req.alias = noteId return newNote(req, res) } else { @@ -179,7 +179,7 @@ function showNote (req, res, next) { // force to use note id var noteId = req.params.noteId var id = models.Note.encodeNoteId(note.id) - if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverurl + '/' + (note.alias || id)) } + if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverURL + '/' + (note.alias || id)) } return responseHackMD(res, note) }) } @@ -196,7 +196,7 @@ function showPublishNote (req, res, next) { // force to use short id var shortid = req.params.shortid if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { - return res.redirect(config.serverurl + '/s/' + (note.alias || note.shortid)) + return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) } note.increment('viewcount').then(function (note) { if (!note) { @@ -210,7 +210,7 @@ function showPublishNote (req, res, next) { var updatetime = note.lastchangeAt var title = models.Note.decodeTitle(note.title) title = models.Note.generateWebTitle(meta.title || title) - var origin = config.serverurl + var origin = config.serverURL var data = { title: title, description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), @@ -219,7 +219,7 @@ function showPublishNote (req, res, next) { updatetime: updatetime, url: origin, body: body, - useCDN: config.usecdn, + useCDN: config.useCDN, owner: note.owner ? note.owner.id : null, ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, @@ -240,15 +240,15 @@ function renderPublish (data, res) { res.set({ 'Cache-Control': 'private' // only cache by client }) - res.render(config.prettypath, data) + res.render(config.prettyPath, data) } function actionPublish (req, res, note) { - res.redirect(config.serverurl + '/s/' + (note.alias || note.shortid)) + res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) } function actionSlide (req, res, note) { - res.redirect(config.serverurl + '/p/' + (note.alias || note.shortid)) + res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) } function actionDownload (req, res, note) { @@ -298,10 +298,10 @@ function actionPDF (req, res, note) { var extracted = models.Note.extractMeta(body) var title = models.Note.decodeTitle(note.title) - if (!fs.existsSync(config.tmppath)) { - fs.mkdirSync(config.tmppath) + if (!fs.existsSync(config.tmpPath)) { + fs.mkdirSync(config.tmpPath) } - var path = config.tmppath + '/' + Date.now() + '.pdf' + var path = config.tmpPath + '/' + Date.now() + '.pdf' markdownpdf().from.string(extracted.markdown).to(path, function () { var stream = fs.createReadStream(path) var filename = title @@ -320,7 +320,7 @@ function actionPDF (req, res, note) { function actionGist (req, res, note) { var data = { client_id: config.github.clientID, - redirect_uri: config.serverurl + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', + redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', scope: 'gist', state: shortId.generate() } @@ -393,10 +393,10 @@ function noteActions (req, res, next) { actionInfo(req, res, note) break case 'pdf': - if (config.allowpdfexport) { + if (config.allowPDFExport) { actionPDF(req, res, note) } else { - logger.error('PDF export failed: Disabled by config. Set "allowpdfexport: true" to enable. Check the documentation for details') + logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') response.errorForbidden(res) } break @@ -407,7 +407,7 @@ function noteActions (req, res, next) { actionRevision(req, res, note) break default: - return res.redirect(config.serverurl + '/' + noteId) + return res.redirect(config.serverURL + '/' + noteId) } }) } @@ -417,10 +417,10 @@ function publishNoteActions (req, res, next) { var action = req.params.action switch (action) { case 'edit': - res.redirect(config.serverurl + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) + res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) break default: - res.redirect(config.serverurl + '/s/' + note.shortid) + res.redirect(config.serverURL + '/s/' + note.shortid) break } }) @@ -431,10 +431,10 @@ function publishSlideActions (req, res, next) { var action = req.params.action switch (action) { case 'edit': - res.redirect(config.serverurl + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) + res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) break default: - res.redirect(config.serverurl + '/p/' + note.shortid) + res.redirect(config.serverURL + '/p/' + note.shortid) break } }) @@ -449,7 +449,7 @@ function githubActions (req, res, next) { githubActionGist(req, res, note) break default: - res.redirect(config.serverurl + '/' + noteId) + res.redirect(config.serverURL + '/' + noteId) break } }) @@ -521,7 +521,7 @@ function gitlabActions (req, res, next) { gitlabActionProjects(req, res, note) break default: - res.redirect(config.serverurl + '/' + noteId) + res.redirect(config.serverURL + '/' + noteId) break } }) @@ -569,7 +569,7 @@ function showPublishSlide (req, res, next) { findNote(req, res, function (note) { // force to use short id var shortid = req.params.shortid - if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { return res.redirect(config.serverurl + '/p/' + (note.alias || note.shortid)) } + if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { return res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) } note.increment('viewcount').then(function (note) { if (!note) { return response.errorNotFound(res) @@ -582,7 +582,7 @@ function showPublishSlide (req, res, next) { var updatetime = note.lastchangeAt var title = models.Note.decodeTitle(note.title) title = models.Note.generateWebTitle(meta.title || title) - var origin = config.serverurl + var origin = config.serverURL var data = { title: title, description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), @@ -593,7 +593,7 @@ function showPublishSlide (req, res, next) { body: markdown, theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme), meta: JSON.stringify(extracted.meta), - useCDN: config.usecdn, + useCDN: config.useCDN, owner: note.owner ? note.owner.id : null, ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, @@ -615,7 +615,7 @@ function renderPublishSlide (data, res) { res.set({ 'Cache-Control': 'private' // only cache by client }) - res.render(config.slidepath, data) + res.render(config.slidePath, data) } module.exports = response diff --git a/lib/web/auth/dropbox/index.js b/lib/web/auth/dropbox/index.js index c03fbc57d..c44607da2 100644 --- a/lib/web/auth/dropbox/index.js +++ b/lib/web/auth/dropbox/index.js @@ -12,7 +12,7 @@ passport.use(new DropboxStrategy({ apiVersion: '2', clientID: config.dropbox.clientID, clientSecret: config.dropbox.clientSecret, - callbackURL: config.serverurl + '/auth/dropbox/callback' + callbackURL: config.serverURL + '/auth/dropbox/callback' }, passportGeneralCallback)) dropboxAuth.get('/auth/dropbox', function (req, res, next) { @@ -23,7 +23,7 @@ dropboxAuth.get('/auth/dropbox', function (req, res, next) { // dropbox auth callback dropboxAuth.get('/auth/dropbox/callback', passport.authenticate('dropbox-oauth2', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/email/index.js b/lib/web/auth/email/index.js index 760075f85..f7e58d469 100644 --- a/lib/web/auth/email/index.js +++ b/lib/web/auth/email/index.js @@ -31,7 +31,7 @@ passport.use(new LocalStrategy({ }) })) -if (config.allowemailregister) { +if (config.allowEmailRegister) { emailAuth.post('/register', urlencodedParser, function (req, res, next) { if (!req.body.email || !req.body.password) return response.errorBadRequest(res) if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) @@ -51,10 +51,10 @@ if (config.allowemailregister) { logger.debug('user found: ' + user.id) req.flash('error', 'This email has been used, please try another one.') } - return res.redirect(config.serverurl + '/') + return res.redirect(config.serverURL + '/') } req.flash('error', 'Failed to register your account, please try again.') - return res.redirect(config.serverurl + '/') + return res.redirect(config.serverURL + '/') }).catch(function (err) { logger.error('auth callback failed: ' + err) return response.errorInternalError(res) @@ -67,8 +67,8 @@ emailAuth.post('/login', urlencodedParser, function (req, res, next) { if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) setReturnToFromReferer(req) passport.authenticate('local', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/', + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/', failureFlash: 'Invalid email or password.' })(req, res, next) }) diff --git a/lib/web/auth/facebook/index.js b/lib/web/auth/facebook/index.js index 0e5474d8c..b23649892 100644 --- a/lib/web/auth/facebook/index.js +++ b/lib/web/auth/facebook/index.js @@ -12,7 +12,7 @@ let facebookAuth = module.exports = Router() passport.use(new FacebookStrategy({ clientID: config.facebook.clientID, clientSecret: config.facebook.clientSecret, - callbackURL: config.serverurl + '/auth/facebook/callback' + callbackURL: config.serverURL + '/auth/facebook/callback' }, passportGeneralCallback)) facebookAuth.get('/auth/facebook', function (req, res, next) { @@ -23,7 +23,7 @@ facebookAuth.get('/auth/facebook', function (req, res, next) { // facebook auth callback facebookAuth.get('/auth/facebook/callback', passport.authenticate('facebook', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/github/index.js b/lib/web/auth/github/index.js index a72ad5275..ece634ba2 100644 --- a/lib/web/auth/github/index.js +++ b/lib/web/auth/github/index.js @@ -12,7 +12,7 @@ let githubAuth = module.exports = Router() passport.use(new GithubStrategy({ clientID: config.github.clientID, clientSecret: config.github.clientSecret, - callbackURL: config.serverurl + '/auth/github/callback' + callbackURL: config.serverURL + '/auth/github/callback' }, passportGeneralCallback)) githubAuth.get('/auth/github', function (req, res, next) { @@ -23,8 +23,8 @@ githubAuth.get('/auth/github', function (req, res, next) { // github auth callback githubAuth.get('/auth/github/callback', passport.authenticate('github', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/gitlab/index.js b/lib/web/auth/gitlab/index.js index 51de1602e..38436024d 100644 --- a/lib/web/auth/gitlab/index.js +++ b/lib/web/auth/gitlab/index.js @@ -14,7 +14,7 @@ passport.use(new GitlabStrategy({ clientID: config.gitlab.clientID, clientSecret: config.gitlab.clientSecret, scope: config.gitlab.scope, - callbackURL: config.serverurl + '/auth/gitlab/callback' + callbackURL: config.serverURL + '/auth/gitlab/callback' }, passportGeneralCallback)) gitlabAuth.get('/auth/gitlab', function (req, res, next) { @@ -25,8 +25,8 @@ gitlabAuth.get('/auth/gitlab', function (req, res, next) { // gitlab auth callback gitlabAuth.get('/auth/gitlab/callback', passport.authenticate('gitlab', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/google/index.js b/lib/web/auth/google/index.js index 609c69cfc..60282cf51 100644 --- a/lib/web/auth/google/index.js +++ b/lib/web/auth/google/index.js @@ -11,7 +11,7 @@ let googleAuth = module.exports = Router() passport.use(new GoogleStrategy({ clientID: config.google.clientID, clientSecret: config.google.clientSecret, - callbackURL: config.serverurl + '/auth/google/callback' + callbackURL: config.serverURL + '/auth/google/callback' }, passportGeneralCallback)) googleAuth.get('/auth/google', function (req, res, next) { @@ -21,7 +21,7 @@ googleAuth.get('/auth/google', function (req, res, next) { // google auth callback googleAuth.get('/auth/google/callback', passport.authenticate('google', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/index.js b/lib/web/auth/index.js index 9ab62c258..eb42fb366 100644 --- a/lib/web/auth/index.js +++ b/lib/web/auth/index.js @@ -51,5 +51,5 @@ authRouter.get('/logout', function (req, res) { logger.debug('user logout: ' + req.user.id) } req.logout() - res.redirect(config.serverurl + '/') + res.redirect(config.serverURL + '/') }) diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js index 6aa9789f4..ab1cb4cd4 100644 --- a/lib/web/auth/ldap/index.js +++ b/lib/web/auth/ldap/index.js @@ -84,8 +84,8 @@ ldapAuth.post('/auth/ldap', urlencodedParser, function (req, res, next) { if (!req.body.username || !req.body.password) return response.errorBadRequest(res) setReturnToFromReferer(req) passport.authenticate('ldapauth', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/', + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/', failureFlash: true })(req, res, next) }) diff --git a/lib/web/auth/mattermost/index.js b/lib/web/auth/mattermost/index.js index 9ccf3de54..63a4886f0 100644 --- a/lib/web/auth/mattermost/index.js +++ b/lib/web/auth/mattermost/index.js @@ -16,7 +16,7 @@ let mattermostStrategy = new OAuthStrategy({ tokenURL: config.mattermost.baseURL + '/oauth/access_token', clientID: config.mattermost.clientID, clientSecret: config.mattermost.clientSecret, - callbackURL: config.serverurl + '/auth/mattermost/callback' + callbackURL: config.serverURL + '/auth/mattermost/callback' }, passportGeneralCallback) mattermostStrategy.userProfile = (accessToken, done) => { @@ -43,7 +43,7 @@ mattermostAuth.get('/auth/mattermost', function (req, res, next) { // mattermost auth callback mattermostAuth.get('/auth/mattermost/callback', passport.authenticate('oauth2', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/saml/index.js b/lib/web/auth/saml/index.js index 386293ae8..3ecbc6f35 100644 --- a/lib/web/auth/saml/index.js +++ b/lib/web/auth/saml/index.js @@ -13,9 +13,9 @@ const intersection = function (array1, array2) { return array1.filter((n) => arr let samlAuth = module.exports = Router() passport.use(new SamlStrategy({ - callbackUrl: config.serverurl + '/auth/saml/callback', + callbackUrl: config.serverURL + '/auth/saml/callback', entryPoint: config.saml.idpSsoUrl, - issuer: config.saml.issuer || config.serverurl, + issuer: config.saml.issuer || config.serverURL, cert: fs.readFileSync(config.saml.idpCert, 'utf-8'), identifierFormat: config.saml.identifierFormat }, function (user, done) { @@ -77,15 +77,15 @@ passport.use(new SamlStrategy({ samlAuth.get('/auth/saml', passport.authenticate('saml', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) samlAuth.post('/auth/saml/callback', urlencodedParser, passport.authenticate('saml', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/auth/twitter/index.js b/lib/web/auth/twitter/index.js index 5429522de..c1860d930 100644 --- a/lib/web/auth/twitter/index.js +++ b/lib/web/auth/twitter/index.js @@ -12,7 +12,7 @@ let twitterAuth = module.exports = Router() passport.use(new TwitterStrategy({ consumerKey: config.twitter.consumerKey, consumerSecret: config.twitter.consumerSecret, - callbackURL: config.serverurl + '/auth/twitter/callback' + callbackURL: config.serverURL + '/auth/twitter/callback' }, passportGeneralCallback)) twitterAuth.get('/auth/twitter', function (req, res, next) { @@ -23,7 +23,7 @@ twitterAuth.get('/auth/twitter', function (req, res, next) { // twitter auth callback twitterAuth.get('/auth/twitter/callback', passport.authenticate('twitter', { - successReturnToOrRedirect: config.serverurl + '/', - failureRedirect: config.serverurl + '/' + successReturnToOrRedirect: config.serverURL + '/', + failureRedirect: config.serverURL + '/' }) ) diff --git a/lib/web/imageRouter/filesystem.js b/lib/web/imageRouter/filesystem.js index 25ec38465..da76ba5e5 100644 --- a/lib/web/imageRouter/filesystem.js +++ b/lib/web/imageRouter/filesystem.js @@ -14,5 +14,5 @@ exports.uploadImage = function (imagePath, callback) { return } - callback(null, url.resolve(config.serverurl + '/', imagePath.match(/^public\/(.+$)/)[1])) + callback(null, url.resolve(config.serverURL + '/', imagePath.match(/^public\/(.+$)/)[1])) } diff --git a/lib/web/imageRouter/index.js b/lib/web/imageRouter/index.js index 59f192531..f7e031af4 100644 --- a/lib/web/imageRouter/index.js +++ b/lib/web/imageRouter/index.js @@ -15,7 +15,7 @@ imageRouter.post('/uploadimage', function (req, res) { form.keepExtensions = true - if (config.imageuploadtype === 'filesystem') { + if (config.imageUploadType === 'filesystem') { form.uploadDir = 'public/uploads' } @@ -27,7 +27,7 @@ imageRouter.post('/uploadimage', function (req, res) { logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image)) } - const uploadProvider = require('./' + config.imageuploadtype) + const uploadProvider = require('./' + config.imageUploadType) uploadProvider.uploadImage(files.image.path, function (err, url) { if (err !== null) { logger.error(err) diff --git a/lib/web/middleware/redirectWithoutTrailingSlashes.js b/lib/web/middleware/redirectWithoutTrailingSlashes.js index fbaba6179..60ca04afc 100644 --- a/lib/web/middleware/redirectWithoutTrailingSlashes.js +++ b/lib/web/middleware/redirectWithoutTrailingSlashes.js @@ -6,9 +6,9 @@ module.exports = function (req, res, next) { if (req.method === 'GET' && req.path.substr(-1) === '/' && req.path.length > 1) { const queryString = req.url.slice(req.path.length) const urlPath = req.path.slice(0, -1) - let serverURL = config.serverurl - if (config.urlpath) { - serverURL = serverURL.slice(0, -(config.urlpath.length + 1)) + let serverURL = config.serverURL + if (config.urlPath) { + serverURL = serverURL.slice(0, -(config.urlPath.length + 1)) } res.redirect(301, serverURL + urlPath + queryString) } else { diff --git a/lib/web/statusRouter.js b/lib/web/statusRouter.js index aa3a9b794..d22fac471 100644 --- a/lib/web/statusRouter.js +++ b/lib/web/statusRouter.js @@ -26,7 +26,7 @@ statusRouter.get('/status', function (req, res, next) { // get status statusRouter.get('/temp', function (req, res) { var host = req.get('host') - if (config.alloworigin.indexOf(host) === -1) { + if (config.allowOrigin.indexOf(host) === -1) { response.errorForbidden(res) } else { var tempid = req.query.tempid @@ -61,7 +61,7 @@ statusRouter.get('/temp', function (req, res) { // post status statusRouter.post('/temp', urlencodedParser, function (req, res) { var host = req.get('host') - if (config.alloworigin.indexOf(host) === -1) { + if (config.allowOrigin.indexOf(host) === -1) { response.errorForbidden(res) } else { var data = req.body.data diff --git a/public/views/hackmd/header.ejs b/public/views/hackmd/header.ejs index b87f21fa3..e179f1710 100644 --- a/public/views/hackmd/header.ejs +++ b/public/views/hackmd/header.ejs @@ -70,7 +70,7 @@
  • <%= __('Raw HTML') %>
  • - <% if(typeof allowpdfexport !== 'undefined' && allowpdfexport) {%> + <% if(typeof allowPDFExport !== 'undefined' && allowPDFExport) {%>
  • PDF (Beta)
  • <% } %> @@ -176,7 +176,7 @@
  • <%= __('Raw HTML') %>
  • - <% if(typeof allowpdfexport !== 'undefined' && allowpdfexport) {%> + <% if(typeof allowPDFExport !== 'undefined' && allowPDFExport) {%>
  • PDF (Beta)
  • <% } %> diff --git a/public/views/shared/signin-modal.ejs b/public/views/shared/signin-modal.ejs index ce01c7399..82b5cf1fd 100644 --- a/public/views/shared/signin-modal.ejs +++ b/public/views/shared/signin-modal.ejs @@ -94,7 +94,7 @@
    - <% if(allowemailregister) { %><% }%> + <% if(allowEmailRegister) { %><% }%>