Base Project Files

middlewares/auth.js

@@ -0,0 +1,34 @@
+"use strict";
+
+var Promise = require('bluebird'),
+	moment = require('moment-timezone');
+
+/**
+ * Authentication middleware
+ *
+ * @param      {Express Request}   req     Express Request object
+ * @param      {Express Response}  res     Express Response object
+ * @param      {Function}          next    Next callback function
+ * @return     {any}               void
+ */
+module.exports = (req, res, next) => {
+
+	// Is user authenticated ?
+
+	if (!req.isAuthenticated()) {
+		return res.redirect('/login');
+	}
+
+	// Set i18n locale
+
+	req.i18n.changeLanguage(req.user.lang);
+	res.locals.userMoment = moment;
+	res.locals.userMoment.locale(req.user.lang);
+
+	// Expose user data
+
+	res.locals.user = req.user;
+
+	return next();
+
+};

middlewares/security.js

@@ -0,0 +1,28 @@
+/**
+ * Security Middleware
+ *
+ * @param      {Express Request}   req     Express request object
+ * @param      {Express Response}  res     Express response object
+ * @param      {Function}          next    next callback function
+ * @return     {any}               void
+ */
+module.exports = function(req, res, next) {
+
+	//-> Disable X-Powered-By
+	app.disable('x-powered-by');
+
+	//-> Disable Frame Embedding
+	res.set('X-Frame-Options', 'deny');
+
+	//-> Re-enable XSS Fitler if disabled
+	res.set('X-XSS-Protection', '1; mode=block');
+
+	//-> Disable MIME-sniffing
+	res.set('X-Content-Type-Options', 'nosniff');
+
+	//-> Disable IE Compatibility Mode
+	res.set('X-UA-Compatible', 'IE=edge');
+
+	return next();
+
+};