code-server/src/node/routes/index.ts

import { logger } from "@coder/logger"
import bodyParser from "body-parser"
import cookieParser from "cookie-parser"
import * as express from "express"
import { promises as fs } from "fs"
import http from "http"
import * as path from "path"
import * as tls from "tls"
import { HttpCode, HttpError } from "../../common/http"
import { plural } from "../../common/util"
import { AuthType, DefaultedArgs } from "../cli"
import { rootPath } from "../constants"
import { Heart } from "../heart"
import { replaceTemplates } from "../http"
import { loadPlugins } from "../plugin"
import * as domainProxy from "../proxy"
import { getMediaMime, paths } from "../util"
import { WebsocketRequest } from "../wsRouter"
import * as health from "./health"
import * as login from "./login"
import * as proxy from "./proxy"
// static is a reserved keyword.
import * as _static from "./static"
import * as update from "./update"
import * as vscode from "./vscode"

declare global {
  // eslint-disable-next-line @typescript-eslint/no-namespace
  namespace Express {
    export interface Request {
      args: DefaultedArgs
      heart: Heart
    }
  }
}

/**
 * Register all routes and middleware.
 */
export const register = async (
  app: express.Express,
  wsApp: express.Express,
  server: http.Server,
  args: DefaultedArgs,
): Promise<void> => {
  const heart = new Heart(path.join(paths.data, "heartbeat"), async () => {
    return new Promise((resolve, reject) => {
      server.getConnections((error, count) => {
        if (error) {
          return reject(error)
        }
        logger.trace(plural(count, `${count} active connection`))
        resolve(count > 0)
      })
    })
  })

  app.disable("x-powered-by")
  wsApp.disable("x-powered-by")

  app.use(cookieParser())
  wsApp.use(cookieParser())

  app.use(bodyParser.json())
  app.use(bodyParser.urlencoded({ extended: true }))

  const common: express.RequestHandler = (req, _, next) => {
    heart.beat()

    // Add common variables routes can use.
    req.args = args
    req.heart = heart

    next()
  }

  app.use(common)
  wsApp.use(common)

  app.use(async (req, res, next) => {
    // If we're handling TLS ensure all requests are redirected to HTTPS.
    // TODO: This does *NOT* work if you have a base path since to specify the
    // protocol we need to specify the whole path.
    if (args.cert && !(req.connection as tls.TLSSocket).encrypted) {
      return res.redirect(`https://${req.headers.host}${req.originalUrl}`)
    }

    // Return robots.txt.
    if (req.originalUrl === "/robots.txt") {
      const resourcePath = path.resolve(rootPath, "src/browser/robots.txt")
      res.set("Content-Type", getMediaMime(resourcePath))
      return res.send(await fs.readFile(resourcePath))
    }

    next()
  })

  app.use("/", domainProxy.router)
  wsApp.use("/", domainProxy.wsRouter.router)

  app.use("/", vscode.router)
  wsApp.use("/", vscode.wsRouter.router)
  app.use("/vscode", vscode.router)
  wsApp.use("/vscode", vscode.wsRouter.router)

  app.use("/healthz", health.router)

  if (args.auth === AuthType.Password) {
    app.use("/login", login.router)
  }

  app.use("/proxy", proxy.router)
  wsApp.use("/proxy", proxy.wsRouter.router)

  app.use("/static", _static.router)
  app.use("/update", update.router)

  await loadPlugins(app, args)

  app.use(() => {
    throw new HttpError("Not Found", HttpCode.NotFound)
  })

  const errorHandler: express.ErrorRequestHandler = async (err, req, res, next) => {
    const resourcePath = path.resolve(rootPath, "src/browser/pages/error.html")
    res.set("Content-Type", getMediaMime(resourcePath))
    try {
      const content = await fs.readFile(resourcePath, "utf8")
      if (err.code === "ENOENT" || err.code === "EISDIR") {
        err.status = HttpCode.NotFound
      }
      const status = err.status ?? err.statusCode ?? 500
      res.status(status).send(
        replaceTemplates(req, content)
          .replace(/{{ERROR_TITLE}}/g, status)
          .replace(/{{ERROR_HEADER}}/g, status)
          .replace(/{{ERROR_BODY}}/g, err.message),
      )
    } catch (error) {
      next(error)
    }
  }

  app.use(errorHandler)

  const wsErrorHandler: express.ErrorRequestHandler = async (err, req) => {
    logger.error(`${err.message} ${err.stack}`)
    ;(req as WebsocketRequest).ws.destroy(err)
  }

  wsApp.use(wsErrorHandler)
}
Convert routes to Express 2020-10-21 01:05:58 +02:00			`import { logger } from "@coder/logger"`
			`import bodyParser from "body-parser"`
			`import cookieParser from "cookie-parser"`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`import * as express from "express"`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`import { promises as fs } from "fs"`
			`import http from "http"`
			`import * as path from "path"`
			`import * as tls from "tls"`
			`import { HttpCode, HttpError } from "../../common/http"`
			`import { plural } from "../../common/util"`
			`import { AuthType, DefaultedArgs } from "../cli"`
			`import { rootPath } from "../constants"`
			`import { Heart } from "../heart"`
			`import { replaceTemplates } from "../http"`
			`import { loadPlugins } from "../plugin"`
			`import * as domainProxy from "../proxy"`
			`import { getMediaMime, paths } from "../util"`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`import { WebsocketRequest } from "../wsRouter"`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`import * as health from "./health"`
			`import * as login from "./login"`
			`import * as proxy from "./proxy"`
			`// static is a reserved keyword.`
			`import * as _static from "./static"`
			`import * as update from "./update"`
			`import * as vscode from "./vscode"`

			`declare global {`
			`// eslint-disable-next-line @typescript-eslint/no-namespace`
			`namespace Express {`
			`export interface Request {`
			`args: DefaultedArgs`
			`heart: Heart`
			`}`
			`}`
			`}`

			`/**`
			`* Register all routes and middleware.`
			`*/`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`export const register = async (`
			`app: express.Express,`
			`wsApp: express.Express,`
			`server: http.Server,`
			`args: DefaultedArgs,`
			`): Promise<void> => {`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`const heart = new Heart(path.join(paths.data, "heartbeat"), async () => {`
			`return new Promise((resolve, reject) => {`
			`server.getConnections((error, count) => {`
			`if (error) {`
			`return reject(error)`
			`}`
			logger.trace(plural(count, `${count} active connection`))
			`resolve(count > 0)`
			`})`
			`})`
			`})`

			`app.disable("x-powered-by")`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`wsApp.disable("x-powered-by")`
Convert routes to Express 2020-10-21 01:05:58 +02:00
			`app.use(cookieParser())`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`wsApp.use(cookieParser())`

Convert routes to Express 2020-10-21 01:05:58 +02:00			`app.use(bodyParser.json())`
			`app.use(bodyParser.urlencoded({ extended: true }))`

Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`const common: express.RequestHandler = (req, _, next) => {`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`heart.beat()`

Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`// Add common variables routes can use.`
			`req.args = args`
			`req.heart = heart`

			`next()`
			`}`

			`app.use(common)`
			`wsApp.use(common)`

			`app.use(async (req, res, next) => {`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`// If we're handling TLS ensure all requests are redirected to HTTPS.`
			`// TODO: This does NOT work if you have a base path since to specify the`
			`// protocol we need to specify the whole path.`
			`if (args.cert && !(req.connection as tls.TLSSocket).encrypted) {`
			return res.redirect(`https://${req.headers.host}${req.originalUrl}`)
			`}`

			`// Return robots.txt.`
			`if (req.originalUrl === "/robots.txt") {`
			`const resourcePath = path.resolve(rootPath, "src/browser/robots.txt")`
			`res.set("Content-Type", getMediaMime(resourcePath))`
			`return res.send(await fs.readFile(resourcePath))`
			`}`

Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`next()`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`})`

			`app.use("/", domainProxy.router)`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`wsApp.use("/", domainProxy.wsRouter.router)`

Convert routes to Express 2020-10-21 01:05:58 +02:00			`app.use("/", vscode.router)`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`wsApp.use("/", vscode.wsRouter.router)`
			`app.use("/vscode", vscode.router)`
			`wsApp.use("/vscode", vscode.wsRouter.router)`

Convert routes to Express 2020-10-21 01:05:58 +02:00			`app.use("/healthz", health.router)`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00
Convert routes to Express 2020-10-21 01:05:58 +02:00			`if (args.auth === AuthType.Password) {`
			`app.use("/login", login.router)`
			`}`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00
Convert routes to Express 2020-10-21 01:05:58 +02:00			`app.use("/proxy", proxy.router)`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`wsApp.use("/proxy", proxy.wsRouter.router)`

Convert routes to Express 2020-10-21 01:05:58 +02:00			`app.use("/static", _static.router)`
			`app.use("/update", update.router)`

			`await loadPlugins(app, args)`

			`app.use(() => {`
			`throw new HttpError("Not Found", HttpCode.NotFound)`
			`})`

Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00			`const errorHandler: express.ErrorRequestHandler = async (err, req, res, next) => {`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`const resourcePath = path.resolve(rootPath, "src/browser/pages/error.html")`
			`res.set("Content-Type", getMediaMime(resourcePath))`
			`try {`
			`const content = await fs.readFile(resourcePath, "utf8")`
			`if (err.code === "ENOENT" \|\| err.code === "EISDIR") {`
			`err.status = HttpCode.NotFound`
			`}`
Fix error handler types 2020-10-27 23:18:44 +01:00			`const status = err.status ?? err.statusCode ?? 500`
			`res.status(status).send(`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`replaceTemplates(req, content)`
Fix error handler types 2020-10-27 23:18:44 +01:00			`.replace(/{{ERROR_TITLE}}/g, status)`
			`.replace(/{{ERROR_HEADER}}/g, status)`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`.replace(/{{ERROR_BODY}}/g, err.message),`
			`)`
			`} catch (error) {`
			`next(error)`
			`}`
Fix error handler types 2020-10-27 23:18:44 +01:00			`}`

			`app.use(errorHandler)`
Move websocket routes into a separate app This is mostly so we don't have to do any wacky patching but it also makes it so we don't have to keep checking if the request is a web socket request every time we add middleware. 2020-11-05 19:58:37 +01:00
			`const wsErrorHandler: express.ErrorRequestHandler = async (err, req) => {`
			logger.error(`${err.message} ${err.stack}`)
			`;(req as WebsocketRequest).ws.destroy(err)`
			`}`

			`wsApp.use(wsErrorHandler)`
Convert routes to Express 2020-10-21 01:05:58 +02:00			`}`