- Protects server by defining: Content Security Policy, DNS Prefetch Control,
X-Frame-Options,Strict-Transport-Security,Referrer-Policy,X-XSS-Protection - Serves custom static paths
- Defines new routes (GET, POST, PUT, PATCH, DELETE)
- Provides CERN SSO authentication and e-groups authorization using OpenID Connect module
- Secures routes with JWT token
const {HttpServer} = require('@aliceo2/web-ui');
HttpServer({port: PORT, hostname: HOSTNAME, tls: TLS_ENABLED, portSecure: HTTPS_PORT, key: TLS_KEY, cert: TLS_CERT, autoListen: AUTO_LISTEN}, JWT_CONF, OPENID_CONF);Where:
HTTP_CONFconsists of following fields:PORT- HTTP port number- [
HOSTNAME] - server's hostname which is required by Content Security Policy (default:localhost) - [
TLS_ENABLED] - flag that enables/disables TLS (default:false) - [
HTTPS_PORT] - HTTPS port number, TLS must be enabled - [
TLS_KEY] - private key filepath, TLS must be enabled - [
TLS_CERT] - certificate filepath, TLS must be enabled - [
AUTO_LISTEN] - flag that enables/disables automatic listening (default:true) - [
LIMIT] - controls the maximum request body size. Defaults to '100kb'.
- [
JWT_CONF] - JWT module config, see JWT module - [
OPENID_CONF] - OpenID config, see OpenID Connect module
listencloseaddressaddStaticPathgetpostputpatchdelete// Include required modules
const {HttpServer} = require('@aliceo2/web-ui');
// create instance of http server
const http = new HttpServer({
port: 8080
});
// Server `public` folder
http.addStaticPath('public');http.get('/hi', (req, res) => {
res.status(200).json({message: 'hi'})
}, { public: true }); // turns off JWT verification