feat(*) initial commit
This commit is contained in:
commit
991657c76b
13
.editorconfig
Normal file
13
.editorconfig
Normal file
|
@ -0,0 +1,13 @@
|
|||
# editorconfig.org
|
||||
root = true
|
||||
|
||||
[*]
|
||||
indent_size = 2
|
||||
indent_style = space
|
||||
end_of_line = lf
|
||||
charset = utf-8
|
||||
trim_trailing_whitespace = true
|
||||
insert_final_newline = true
|
||||
|
||||
[*.md]
|
||||
trim_trailing_whitespace = false
|
4
.env.example
Normal file
4
.env.example
Normal file
|
@ -0,0 +1,4 @@
|
|||
HOST=127.0.0.1
|
||||
PORT=3333
|
||||
NODE_ENV=development
|
||||
CACHE_VIEWS=false
|
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
node_modules
|
||||
tmp
|
||||
.env
|
||||
package-lock.json
|
31
README.md
Normal file
31
README.md
Normal file
|
@ -0,0 +1,31 @@
|
|||
# Adonis fullstack application
|
||||
|
||||
This is the fullstack boilerplate for AdonisJs, it comes pre-configured with.
|
||||
|
||||
1. Bodyparser
|
||||
2. Session
|
||||
3. Authentication
|
||||
4. Web security middleware
|
||||
5. CORS
|
||||
6. Edge template engine
|
||||
7. Lucid ORM
|
||||
8. Migrations and seeds
|
||||
|
||||
## Setup
|
||||
|
||||
Use the adonis command to install the blueprint
|
||||
|
||||
```bash
|
||||
adonis new yardstick
|
||||
```
|
||||
|
||||
or manually clone the repo and then run `npm install`.
|
||||
|
||||
|
||||
### Migrations
|
||||
|
||||
Run the following command to run startup migrations.
|
||||
|
||||
```js
|
||||
adonis migration:run
|
||||
```
|
21
ace
Normal file
21
ace
Normal file
|
@ -0,0 +1,21 @@
|
|||
'use strict'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Ace Commands
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The ace file is just a regular Javascript file but with no extension. You
|
||||
| can call `node ace` followed by the command name and it just works.
|
||||
|
|
||||
| Also you can use `adonis` followed by the command name, since the adonis
|
||||
| global proxy all the ace commands.
|
||||
|
|
||||
*/
|
||||
|
||||
const { Ignitor } = require('@adonisjs/ignitor')
|
||||
|
||||
new Ignitor(require('@adonisjs/fold'))
|
||||
.appRoot(__dirname)
|
||||
.fireAce()
|
||||
.catch(console.error)
|
20
app/Models/Hooks/User.js
Normal file
20
app/Models/Hooks/User.js
Normal file
|
@ -0,0 +1,20 @@
|
|||
'use strict'
|
||||
|
||||
const Hash = use('Hash')
|
||||
|
||||
const UserHook = module.exports = {}
|
||||
|
||||
/**
|
||||
* Hash using password as a hook.
|
||||
*
|
||||
* @method
|
||||
*
|
||||
* @param {Object} userInstance
|
||||
*
|
||||
* @return {void}
|
||||
*/
|
||||
UserHook.hashPassword = async (userInstance) => {
|
||||
if (userInstance.password) {
|
||||
userInstance.password = await Hash.make(userInstance.password)
|
||||
}
|
||||
}
|
8
app/Models/Token.js
Normal file
8
app/Models/Token.js
Normal file
|
@ -0,0 +1,8 @@
|
|||
'use strict'
|
||||
|
||||
const Model = use('Model')
|
||||
|
||||
class Token extends Model {
|
||||
}
|
||||
|
||||
module.exports = Token
|
34
app/Models/User.js
Normal file
34
app/Models/User.js
Normal file
|
@ -0,0 +1,34 @@
|
|||
'use strict'
|
||||
|
||||
const Model = use('Model')
|
||||
|
||||
class User extends Model {
|
||||
static boot () {
|
||||
super.boot()
|
||||
|
||||
/**
|
||||
* A hook to bash the user password before saving
|
||||
* it to the database.
|
||||
*
|
||||
* Look at `app/Models/Hooks/User.js` file to
|
||||
* check the hashPassword method
|
||||
*/
|
||||
this.addHook('beforeCreate', 'User.hashPassword')
|
||||
}
|
||||
|
||||
/**
|
||||
* A relationship on tokens is required for auth to
|
||||
* work. Since features like `refreshTokens` or
|
||||
* `rememberToken` will be saved inside the
|
||||
* tokens table.
|
||||
*
|
||||
* @method tokens
|
||||
*
|
||||
* @return {Object}
|
||||
*/
|
||||
tokens () {
|
||||
return this.hasMany('App/Models/Token')
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = User
|
75
config/auth.js
Normal file
75
config/auth.js
Normal file
|
@ -0,0 +1,75 @@
|
|||
'use strict'
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Authenticator
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Authentication is a combination of serializer and scheme with extra
|
||||
| config to define on how to authenticate a user.
|
||||
|
|
||||
| Available Schemes - basic, session, jwt, api
|
||||
| Available Serializers - lucid, database
|
||||
|
|
||||
*/
|
||||
authenticator: 'session',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Session
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Session authenticator makes use of sessions to authenticate a user.
|
||||
| Session authentication is always persistent.
|
||||
|
|
||||
*/
|
||||
session: {
|
||||
serializer: 'lucid',
|
||||
model: 'App/Models/User',
|
||||
scheme: 'session',
|
||||
uid: 'email',
|
||||
password: 'password'
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Basic Auth
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The basic auth authenticator uses basic auth header to authenticate a
|
||||
| user.
|
||||
|
|
||||
| NOTE:
|
||||
| This scheme is not persistent and users are supposed to pass
|
||||
| login credentials on each request.
|
||||
|
|
||||
*/
|
||||
basic: {
|
||||
serializer: 'lucid',
|
||||
model: 'App/Models/User',
|
||||
scheme: 'basic',
|
||||
uid: 'email',
|
||||
password: 'password'
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Jwt
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The jwt authenticator works by passing a jwt token on each HTTP request
|
||||
| via HTTP `Authorization` header.
|
||||
|
|
||||
*/
|
||||
jwt: {
|
||||
serializer: 'lucid',
|
||||
model: 'App/Models/User',
|
||||
scheme: 'jwt',
|
||||
uid: 'email',
|
||||
password: 'password',
|
||||
options: {
|
||||
secret: 'self::app.appKey'
|
||||
}
|
||||
}
|
||||
}
|
138
config/bodyParser.js
Normal file
138
config/bodyParser.js
Normal file
|
@ -0,0 +1,138 @@
|
|||
'use strict'
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| JSON Parser
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Below settings are applied when request body contains JSON payload. If
|
||||
| you want body parser to ignore JSON payload, then simply set `types`
|
||||
| to an empty array.
|
||||
*/
|
||||
json: {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| limit
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Defines the limit of JSON that can be sent by the client. If payload
|
||||
| is over 1mb it will not be processed.
|
||||
|
|
||||
*/
|
||||
limit: '1mb',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| strict
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| When `scrict` is set to true, body parser will only parse Arrays and
|
||||
| Object. Otherwise everything parseable by `JSON.parse` is parsed.
|
||||
|
|
||||
*/
|
||||
strict: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| types
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Which content types are processed as JSON payloads. You are free to
|
||||
| add your own types here, but the request body should be parseable
|
||||
| by `JSON.parse` method.
|
||||
|
|
||||
*/
|
||||
types: [
|
||||
'application/json',
|
||||
'application/json-patch+json',
|
||||
'application/vnd.api+json',
|
||||
'application/csp-report'
|
||||
]
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Raw Parser
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
|
|
||||
|
|
||||
*/
|
||||
raw: {
|
||||
types: [
|
||||
'text/*'
|
||||
]
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Form Parser
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
|
|
||||
|
|
||||
*/
|
||||
form: {
|
||||
types: [
|
||||
'application/x-www-form-urlencoded'
|
||||
]
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Files Parser
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
|
|
||||
|
|
||||
*/
|
||||
files: {
|
||||
types: [
|
||||
'multipart/form-data'
|
||||
],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Max Size
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Below value is the max size of all the files uploaded to the server. It
|
||||
| is validated even before files have been processed and hard exception
|
||||
| is thrown.
|
||||
|
|
||||
| Consider setting a reasonable value here, otherwise people may upload GB's
|
||||
| of files which will keep your server busy.
|
||||
|
|
||||
| Also this value is considered when `autoProcess` is set to true.
|
||||
|
|
||||
*/
|
||||
maxSize: '20mb',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Auto Process
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Whether or not to auto-process files. Since HTTP servers handle files via
|
||||
| couple of specific endpoints. It is better to set this value off and
|
||||
| manually process the files when required.
|
||||
|
|
||||
| This value can contain a boolean or an array of route patterns
|
||||
| to be autoprocessed.
|
||||
*/
|
||||
autoProcess: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Process Manually
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The list of routes that should not process files and instead rely on
|
||||
| manual process. This list should only contain routes when autoProcess
|
||||
| is to true. Otherwise everything is processed manually.
|
||||
|
|
||||
*/
|
||||
processManually: []
|
||||
}
|
||||
}
|
87
config/cors.js
Normal file
87
config/cors.js
Normal file
|
@ -0,0 +1,87 @@
|
|||
'use strict'
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Origin
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Set a list of origins to be allowed. The value can be one of the following
|
||||
|
|
||||
| Boolean: true - Allow current request origin
|
||||
| Boolean: false - Disallow all
|
||||
| String - Comma seperated list of allowed origins
|
||||
| Array - An array of allowed origins
|
||||
| String: * - A wildcard to allow current request origin
|
||||
| Function - Receives the current origin and should return one of the above values.
|
||||
|
|
||||
*/
|
||||
origin: false,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Methods
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| HTTP methods to be allowed. The value can be one of the following
|
||||
|
|
||||
| String - Comma seperated list of allowed methods
|
||||
| Array - An array of allowed methods
|
||||
|
|
||||
*/
|
||||
methods: ['GET', 'PUT', 'POST'],
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Headers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| List of headers to be allowed via Access-Control-Request-Headers header.
|
||||
| The value can be on of the following.
|
||||
|
|
||||
| Boolean: true - Allow current request headers
|
||||
| Boolean: false - Disallow all
|
||||
| String - Comma seperated list of allowed headers
|
||||
| Array - An array of allowed headers
|
||||
| String: * - A wildcard to allow current request headers
|
||||
| Function - Receives the current header and should return one of the above values.
|
||||
|
|
||||
*/
|
||||
headers: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Expose Headers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| A list of headers to be exposed via `Access-Control-Expose-Headers`
|
||||
| header. The value can be on of the following.
|
||||
|
|
||||
| Boolean: false - Disallow all
|
||||
| String: Comma seperated list of allowed headers
|
||||
| Array - An array of allowed headers
|
||||
|
|
||||
*/
|
||||
exposeHeaders: false,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Credentials
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Define Access-Control-Allow-Credentials header. It should always be a
|
||||
| boolean.
|
||||
|
|
||||
*/
|
||||
credentials: false,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| MaxAge
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Define Access-Control-Allow-Max-Age
|
||||
|
|
||||
*/
|
||||
maxAge: 90
|
||||
}
|
78
config/database.js
Normal file
78
config/database.js
Normal file
|
@ -0,0 +1,78 @@
|
|||
'use strict'
|
||||
|
||||
const Env = use('Env')
|
||||
const Helpers = use('Helpers')
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Default Connection
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Connection defines the default connection settings to be used while
|
||||
| interacting with SQL databases.
|
||||
|
|
||||
*/
|
||||
connection: Env.get('DB_CONNECTION', 'sqlite'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Sqlite
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Sqlite is a flat file database and can be good choice under development
|
||||
| environment.
|
||||
|
|
||||
| npm i --save sqlite3
|
||||
|
|
||||
*/
|
||||
sqlite: {
|
||||
client: 'sqlite3',
|
||||
connection: {
|
||||
filename: Helpers.databasePath('development.sqlite')
|
||||
},
|
||||
useNullAsDefault: true
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| MySQL
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here we define connection settings for MySQL database.
|
||||
|
|
||||
| npm i --save mysql
|
||||
|
|
||||
*/
|
||||
mysql: {
|
||||
client: 'mysql',
|
||||
connection: {
|
||||
host: Env.get('DB_HOST', 'localhost'),
|
||||
port: Env.get('DB_PORT', ''),
|
||||
user: Env.get('DB_USER', 'root'),
|
||||
password: Env.get('DB_PASSWORD', ''),
|
||||
database: Env.get('DB_DATABASE', 'adonis')
|
||||
}
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| PostgreSQL
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here we define connection settings for PostgreSQL database.
|
||||
|
|
||||
| npm i --save pg
|
||||
|
|
||||
*/
|
||||
pg: {
|
||||
client: 'pg',
|
||||
connection: {
|
||||
host: Env.get('DB_HOST', 'localhost'),
|
||||
port: Env.get('DB_PORT', ''),
|
||||
user: Env.get('DB_USER', 'root'),
|
||||
password: Env.get('DB_PASSWORD', ''),
|
||||
database: Env.get('DB_DATABASE', 'adonis')
|
||||
}
|
||||
}
|
||||
}
|
94
config/session.js
Normal file
94
config/session.js
Normal file
|
@ -0,0 +1,94 @@
|
|||
'use strict'
|
||||
|
||||
const Env = use('Env')
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Session Driver
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The session driver to be used for storing session values. It can be
|
||||
| cookie, file or redis.
|
||||
|
|
||||
| For `redis` driver, make sure to install and register `@adonisjs/redis`
|
||||
|
|
||||
*/
|
||||
driver: Env.get('SESSION_DRIVER', 'cookie'),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Cookie Name
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The name of the cookie to be used for saving session id. Session ids
|
||||
| are signed and encrypted.
|
||||
|
|
||||
*/
|
||||
cookieName: 'adonis-session',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Clear session when browser closes
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| If this value is true, the session cookie will be temporary and will be
|
||||
| removed when browser closes.
|
||||
|
|
||||
*/
|
||||
clearWithBrowser: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Session age
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This value is only used when `clearWithBrowser` is set to false. The
|
||||
| age must be a valid https://npmjs.org/package/ms string or should
|
||||
| be in milliseconds.
|
||||
|
|
||||
| Valid values are:
|
||||
| '2h', '10d', '5y', '2.5 hrs'
|
||||
|
|
||||
*/
|
||||
age: '2h',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Cookie options
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Cookie options defines the options to be used for setting up session
|
||||
| cookie
|
||||
|
|
||||
*/
|
||||
cookie: {
|
||||
httpOnly: true,
|
||||
sameSite: true,
|
||||
path: '/'
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Sessions location
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| If driver is set to file, we need to define the relative location from
|
||||
| the temporary path or absolute url to any location.
|
||||
|
|
||||
*/
|
||||
file: {
|
||||
location: 'sessions'
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Redis config
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| The configuration for the redis driver. By default we reference it from
|
||||
| the redis file. But you are free to define an object here too.
|
||||
|
|
||||
*/
|
||||
redis: 'self::redis.default'
|
||||
}
|
145
config/shield.js
Normal file
145
config/shield.js
Normal file
|
@ -0,0 +1,145 @@
|
|||
'use strict'
|
||||
|
||||
module.exports = {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Content Security Policy
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Content security policy filters out the origins not allowed to execute
|
||||
| and load resources like scripts, styles and fonts. There are wide
|
||||
| variety of options to choose from.
|
||||
*/
|
||||
csp: {
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Directives
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| All directives are defined in camelCase and here is the list of
|
||||
| available directives and their possible values.
|
||||
|
|
||||
| https://content-security-policy.com
|
||||
|
|
||||
| @example
|
||||
| directives: {
|
||||
| defaultSrc: ['self', '@nonce', 'cdnjs.cloudflare.com']
|
||||
| }
|
||||
|
|
||||
*/
|
||||
directives: {
|
||||
},
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Report only
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Setting `reportOnly=true` will not block the scripts from running and
|
||||
| instead report them to a URL.
|
||||
|
|
||||
*/
|
||||
reportOnly: false,
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Set all headers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Headers staring with `X` have been depreciated, since all major browsers
|
||||
| supports the standard CSP header. So its better to disable deperciated
|
||||
| headers, unless you want them to be set.
|
||||
|
|
||||
*/
|
||||
setAllHeaders: false,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Disable on android
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Certain versions of android are buggy with CSP policy. So you can set
|
||||
| this value to true, to disable it for Android versions with buggy
|
||||
| behavior.
|
||||
|
|
||||
| Here is an issue reported on a different package, but helpful to read
|
||||
| if you want to know the behavior. https://github.com/helmetjs/helmet/pull/82
|
||||
|
|
||||
*/
|
||||
disableAndroid: true
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| X-XSS-Protection
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| X-XSS Protection saves from applications from XSS attacks. It is adopted
|
||||
| by IE and later followed by some other browsers.
|
||||
|
|
||||
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
||||
|
|
||||
*/
|
||||
xss: {
|
||||
enabled: true,
|
||||
enableOnOldIE: false
|
||||
},
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Iframe Options
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| xframe defines whether or not your website can be embedded inside an
|
||||
| iframe. Choose from one of the following options.
|
||||
| @available options
|
||||
| DENY, SAMEORIGIN, ALLOW-FROM http://example.com
|
||||
|
|
||||
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
*/
|
||||
xframe: 'DENY',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| No Sniff
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Browsers have a habit of sniffing content-type of a response. Which means
|
||||
| files with .txt extension containing Javascript code will be executed as
|
||||
| Javascript. You can disable this behavior by setting nosniff to false.
|
||||
|
|
||||
| Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
||||
|
|
||||
*/
|
||||
nosniff: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| No Open
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| IE users can execute webpages in the context of your website, which is
|
||||
| a serious security risk. Below option will manage this for you.
|
||||
|
|
||||
*/
|
||||
noopen: true,
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| CSRF Protection
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| CSRF Protection adds another layer of security by making sure, actionable
|
||||
| routes does have a valid token to execute an action.
|
||||
|
|
||||
*/
|
||||
csrf: {
|
||||
enable: true,
|
||||
methods: ['POST', 'PUT', 'DELETE'],
|
||||
filterUris: [],
|
||||
cookieOptions: {
|
||||
httpOnly: false,
|
||||
sameSite: true,
|
||||
path: '/',
|
||||
maxAge: 7200
|
||||
}
|
||||
}
|
||||
}
|
22
database/factory.js
Normal file
22
database/factory.js
Normal file
|
@ -0,0 +1,22 @@
|
|||
'use strict'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Factory
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Factories are used to define blueprints for database tables or Lucid
|
||||
| models. Later you can use these blueprints to seed your database
|
||||
| with dummy data.
|
||||
|
|
||||
*/
|
||||
|
||||
const Factory = use('Factory')
|
||||
|
||||
/**
|
||||
Factory.blueprint('App/Models/User', (faker) => {
|
||||
return {
|
||||
username: faker.username()
|
||||
}
|
||||
})
|
||||
*/
|
21
database/migrations/1503248427885_user.js
Normal file
21
database/migrations/1503248427885_user.js
Normal file
|
@ -0,0 +1,21 @@
|
|||
'use strict'
|
||||
|
||||
const Schema = use('Schema')
|
||||
|
||||
class UserSchema extends Schema {
|
||||
up () {
|
||||
this.create('users', table => {
|
||||
table.increments()
|
||||
table.string('username', 80).notNullable().unique()
|
||||
table.string('email', 254).notNullable().unique()
|
||||
table.string('password', 60).notNullable()
|
||||
table.timestamps()
|
||||
})
|
||||
}
|
||||
|
||||
down () {
|
||||
this.drop('users')
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = UserSchema
|
21
database/migrations/1503248427886_token.js
Normal file
21
database/migrations/1503248427886_token.js
Normal file
|
@ -0,0 +1,21 @@
|
|||
'use strict'
|
||||
|
||||
const Schema = use('Schema')
|
||||
|
||||
class TokensSchema extends Schema {
|
||||
up () {
|
||||
this.create('tokens', table => {
|
||||
table.increments()
|
||||
table.integer('user_id').unsigned().references('id').inTable('users')
|
||||
table.string('token', 40).notNullable().unique()
|
||||
table.boolean('is_revoked').defaultTo(false)
|
||||
table.timestamps()
|
||||
})
|
||||
}
|
||||
|
||||
down () {
|
||||
this.drop('tokens')
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = TokensSchema
|
29
package.json
Normal file
29
package.json
Normal file
|
@ -0,0 +1,29 @@
|
|||
{
|
||||
"name": "adonis-slim-app",
|
||||
"version": "4.0.0",
|
||||
"description": "Smallest possible application for adonisjs",
|
||||
"main": "index.js",
|
||||
"scripts": {
|
||||
"start": "node server.js",
|
||||
"test": "node ace test"
|
||||
},
|
||||
"keywords": [
|
||||
"adonisjs",
|
||||
"adonis-app"
|
||||
],
|
||||
"author": "",
|
||||
"license": "UNLICENSED",
|
||||
"private": true,
|
||||
"dependencies": {
|
||||
"@adonisjs/ace": "^4.0.4",
|
||||
"@adonisjs/auth": "^2.0.3",
|
||||
"@adonisjs/bodyparser": "^1.0.5",
|
||||
"@adonisjs/cors": "^1.0.1",
|
||||
"@adonisjs/fold": "^4.0.2",
|
||||
"@adonisjs/framework": "^4.0.8",
|
||||
"@adonisjs/ignitor": "^1.0.6",
|
||||
"@adonisjs/lucid": "^4.0.12",
|
||||
"@adonisjs/session": "^1.0.10",
|
||||
"@adonisjs/shield": "^1.0.1"
|
||||
}
|
||||
}
|
1
public/logo.svg
Normal file
1
public/logo.svg
Normal file
|
@ -0,0 +1 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?><svg width="36px" height="33px" viewBox="0 0 36 33" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="translate(0 .5)" fill="none" fill-rule="evenodd"><path d="M20 2.236L5.618 31h28.764L20 2.236z" stroke="#FFFFFF" stroke-width="2"/><path fill="#FFFFFF" d="M12 2l12 24H0"/></g></svg>
|
After Width: | Height: | Size: 363 B |
BIN
public/pyramid.png
Normal file
BIN
public/pyramid.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 111 KiB |
BIN
public/splash.png
Normal file
BIN
public/splash.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 25 KiB |
82
public/style.css
Normal file
82
public/style.css
Normal file
|
@ -0,0 +1,82 @@
|
|||
@import url('https://fonts.googleapis.com/css?family=Montserrat:300');
|
||||
|
||||
html, body {
|
||||
height: 100%;
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
body {
|
||||
font-family: 'Montserrat', sans-serif;
|
||||
font-weight: 300;
|
||||
background-image: url("/splash.png");
|
||||
background-color: #220052;
|
||||
}
|
||||
|
||||
* {
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
}
|
||||
|
||||
section {
|
||||
height: 100%;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
max-width: 536px;
|
||||
margin: auto;
|
||||
position: relative;
|
||||
}
|
||||
|
||||
section:before {
|
||||
content: "";
|
||||
position: absolute;
|
||||
background: url("/pyramid.png") no-repeat;
|
||||
background-size: 100%;
|
||||
width: 100%;
|
||||
height: 402px;
|
||||
z-index: -1;
|
||||
}
|
||||
|
||||
.logo {
|
||||
background: url("/logo.svg") no-repeat;
|
||||
width: 36px;
|
||||
height: 33px;
|
||||
background-size: 100%;
|
||||
margin-bottom: 35px;
|
||||
opacity: 0;
|
||||
animation: slideUp 1s cubic-bezier(0.19, 1, 0.30, 1) 1.3s forwards;
|
||||
}
|
||||
|
||||
.title {
|
||||
background: url("/title.svg") no-repeat;
|
||||
width: 219px;
|
||||
height: 36px;
|
||||
background-size: 100%;
|
||||
opacity: 0;
|
||||
animation: slideUp 1s cubic-bezier(0.19, 1, 0.30, 1) 0.2s forwards;
|
||||
}
|
||||
|
||||
.subtitle {
|
||||
margin-top: 25px;
|
||||
color: #BDB3CB;
|
||||
font-size: 17px;
|
||||
text-align: center;
|
||||
letter-spacing: 0.5;
|
||||
opacity: 0;
|
||||
animation: slideUp 1s cubic-bezier(0.19, 1, 0.30, 1) 0.5s forwards;
|
||||
}
|
||||
|
||||
@keyframes slideUp {
|
||||
0% {
|
||||
transform: translateY(40px);
|
||||
opacity: 0;
|
||||
}
|
||||
50% {
|
||||
opacity: 0.2%;
|
||||
}
|
||||
100% {
|
||||
opacity: 1;
|
||||
transform: none;
|
||||
}
|
||||
}
|
1
public/title.svg
Normal file
1
public/title.svg
Normal file
|
@ -0,0 +1 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?><svg width="186px" height="31px" viewBox="0 0 186 31" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path d="M20.25 6.106V.1H.72v6.006h5.712v17.388H.72V29.5h19.53v-6.006h-5.712V6.106h5.712zm18.774 7.35v-5.46h-6.846V1.528h-7.182v3.108c0 2.226-1.218 3.36-3.444 3.36h-.084v5.46h3.528v8.904c0 4.578 3.528 7.686 8.82 7.686 1.932 0 3.276-.126 5.208-1.05v-5.964c-2.016.882-2.982.966-3.822.966-1.806 0-3.024-1.008-3.024-2.898v-7.644h6.846zm37.17-5.46l-3.612 13.692L68.76 7.996H63.3l-3.822 13.692-3.654-13.692h-7.308L55.068 29.5h7.266l3.696-12.516L69.684 29.5h7.308l6.552-21.504h-7.35zM95.43 7.45c6.846 0 11.424 4.746 11.424 11.256 0 6.552-4.578 11.34-11.424 11.34-6.888 0-11.466-4.788-11.466-11.34 0-6.51 4.578-11.256 11.466-11.256zm0 5.628c-2.898 0-4.62 2.352-4.62 5.628 0 3.318 1.722 5.712 4.62 5.712 2.856 0 4.578-2.394 4.578-5.712 0-3.276-1.722-5.628-4.578-5.628zm22.092.714V7.996h-7.182V29.5h7.182v-7.518c0-5.376 1.89-7.728 8.946-6.972V7.534c-4.788 0-7.686 1.806-8.946 6.258zM145.158 29.5h8.4l-7.812-11.886 7.14-9.618h-8.316l-4.284 6.552h-3.612V.1h-7.182v29.4h7.182v-8.442h3.612l4.872 8.442zm22.092-14.196h6.384c-.462-5.46-4.326-7.854-9.87-7.854-6.09 0-9.534 2.436-9.534 6.804 0 4.998 4.494 5.586 8.19 6.426 3.822.882 4.704 1.134 4.704 2.478 0 1.512-1.428 1.932-2.982 1.932-2.394 0-3.822-.966-4.074-3.486h-6.384c.336 5.88 4.536 8.442 10.542 8.442 6.132 0 9.66-2.688 9.66-7.14 0-4.998-4.41-5.628-8.736-6.594-3.234-.672-4.326-.882-4.326-2.31 0-1.134 1.176-1.848 2.856-1.848 2.268 0 3.276.882 3.57 3.15zm11.424 4.536h6.258L185.94.1h-8.316l1.05 19.74zm-.63 9.66h7.518v-6.51h-7.518v6.51z" fill="#FFFFFF" fill-rule="evenodd"/></svg>
|
After Width: | Height: | Size: 1.7 KiB |
15
resources/views/welcome.edge
Normal file
15
resources/views/welcome.edge
Normal file
|
@ -0,0 +1,15 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<title>Hello Adonis</title>
|
||||
{{ css('style') }}
|
||||
</head>
|
||||
<body>
|
||||
<section>
|
||||
<div class="logo"></div>
|
||||
<div class="title"></div>
|
||||
<div class="subtitle"><p>AdonisJs simplicity will make you feel confident about your code</p></div>
|
||||
</section>
|
||||
</body>
|
||||
</html>
|
25
server.js
Normal file
25
server.js
Normal file
|
@ -0,0 +1,25 @@
|
|||
'use strict'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Http server
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This file bootstrap Adonisjs to start the HTTP server. You are free to
|
||||
| customize the process of booting the http server.
|
||||
|
|
||||
| """ Loading ace commands """
|
||||
| At times you may want to load ace commands when starting the HTTP server.
|
||||
| Same can be done by chaining `loadCommands()` method after
|
||||
|
|
||||
| """ Preloading files """
|
||||
| Also you can preload files by calling `preLoad('path/to/file')` method.
|
||||
| Make sure to pass relative path from the project root.
|
||||
*/
|
||||
|
||||
const { Ignitor } = require('@adonisjs/ignitor')
|
||||
|
||||
new Ignitor(require('@adonisjs/fold'))
|
||||
.appRoot(__dirname)
|
||||
.fireHttpServer()
|
||||
.catch(console.error)
|
61
start/app.js
Normal file
61
start/app.js
Normal file
|
@ -0,0 +1,61 @@
|
|||
'use strict'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Providers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Providers are building blocks for your Adonis app. Anytime you install
|
||||
| a new Adonis specific package, chances are you will register the
|
||||
| provider here.
|
||||
|
|
||||
*/
|
||||
const providers = [
|
||||
'@adonisjs/framework/providers/AppProvider',
|
||||
'@adonisjs/framework/providers/ViewProvider',
|
||||
'@adonisjs/lucid/providers/LucidProvider',
|
||||
'@adonisjs/bodyparser/providers/BodyParserProvider',
|
||||
'@adonisjs/cors/providers/CorsProvider',
|
||||
'@adonisjs/shield/providers/ShieldProvider',
|
||||
'@adonisjs/session/providers/SessionProvider',
|
||||
'@adonisjs/auth/providers/AuthProvider'
|
||||
]
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Ace Providers
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Ace providers are required only when running ace commands. For example
|
||||
| Providers for migrations, tests etc.
|
||||
|
|
||||
*/
|
||||
const aceProviders = [
|
||||
'@adonisjs/lucid/providers/MigrationsProvider'
|
||||
]
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Aliases
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Aliases are short unique names for IoC container bindings. You are free
|
||||
| to create your own aliases.
|
||||
|
|
||||
| For example:
|
||||
| { Route: 'Adonis/Src/Route' }
|
||||
|
|
||||
*/
|
||||
const aliases = {}
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Commands
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here you store ace commands for your package
|
||||
|
|
||||
*/
|
||||
const commands = []
|
||||
|
||||
module.exports = { providers, aceProviders, aliases, commands }
|
46
start/kernel.js
Normal file
46
start/kernel.js
Normal file
|
@ -0,0 +1,46 @@
|
|||
'use strict'
|
||||
|
||||
const Server = use('Server')
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Global Middleware
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Global middleware are executed on each http request only when the routes
|
||||
| match.
|
||||
|
|
||||
*/
|
||||
const globalMiddleware = [
|
||||
'Adonis/Middleware/BodyParser',
|
||||
'Adonis/Middleware/Cors',
|
||||
'Adonis/Middleware/Session',
|
||||
'Adonis/Middleware/Shield',
|
||||
'Adonis/Middleware/AuthInit'
|
||||
]
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Named Middleware
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Named middleware is key/value object to conditionally add middleware on
|
||||
| specific routes or group of routes.
|
||||
|
|
||||
| // define
|
||||
| {
|
||||
| auth: 'Adonis/Middleware/Auth'
|
||||
| }
|
||||
|
|
||||
| // use
|
||||
| Route.get().middleware('auth')
|
||||
|
|
||||
*/
|
||||
const namedMiddleware = {
|
||||
auth: 'Adonis/Middleware/Auth'
|
||||
}
|
||||
|
||||
Server
|
||||
.registerGlobal(globalMiddleware)
|
||||
.registerNamed(namedMiddleware)
|
||||
.use(['Adonis/Middleware/Static'])
|
18
start/routes.js
Normal file
18
start/routes.js
Normal file
|
@ -0,0 +1,18 @@
|
|||
'use strict'
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Routes
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Http routes are entry points to your web application. You can create
|
||||
| routes for different URL's and bind Controller actions to them.
|
||||
|
|
||||
| A complete guide on routing is available here.
|
||||
| http://adonisjs.com/guides/routing
|
||||
|
|
||||
*/
|
||||
|
||||
const Route = use('Route')
|
||||
|
||||
Route.on('/').render('welcome')
|
Loading…
Reference in New Issue
Block a user