cookie-ag

            /*-------------- Simple use of async parallel to find user and count them --------------*/

            var NoticiaModel = require('../models/noticias');
            var User = require('../models/user');
            var ObjectId = require('mongoose').Types.ObjectId;
            var async = require('async');

            exports.index = function(req, res) {
                async.parallel([
                        /*-------------- find, n=1 --------------*/

cookie-ag

#!/usr/bin/env nodejs

var http = require('http');

http.createServer(function (req, res) {
  res.writeHead(200, {'Content-Type': 'text/plain'});
  res.end('Hello World\n');
}).listen(8080, 'localhost');

console.log('Server running at http://localhost:8080/');

cookie-ag

// /etc/nginx/sites-available/default

server {
    listen 80;

    server_name example.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;

cookie-ag

# HTTP - redirect all requests to HTTPS:
server {
        listen 80;
        listen [::]:80 default_server ipv6only=on;
        return 301 https://$host$request_uri;
}

# HTTPS - proxy requests on to local Node.js app:
server {
        listen 443;

cookie-ag

// Create self-signed certificate using $ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
// Key is certificate key and cert.pem is certificate file

var fs = require('fs'),
    https = require('https'),
    express = require('express'),
    app = express();

    https.createServer({
      key: fs.readFileSync('key.pem'),

cookie-ag

// Create self-signed certificate using: 
// openssl genrsa 1024 > private.key
// openssl req -new -key private.key -out cert.csr
// openssl x509 -req -in cert.csr -signkey private.key -out certificate.pem
// Key is certificate key and cert.pem is certificate file
// 443 is standard for all HTTPS but is not recommended to use as it might be obvious port to attack. 

var fs = require('fs');
var https = require('https');
var express = require('express');

cookie-ag

// If the application has a error it can bring down the complete server as it has credentials to do so. 
// To prevent this : Create a new user in /home/safeuser/

- if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi (Check if you are root)
- sudo -i (change to root)
- cut -d: -f1 /etc/passwd (To list all local users)
- useradd -s /bin/bash -m -d /home/safeuser -c "safe user" safeuser :(Create only as root)
- passwd safeuser : (Add a password)
- usermod -aG sudo safeuser :(Give safeuser permission to use root level commands)
- Login as safeUser : ssh safeuser@IP

cookie-ag

// Since safeuser is not admin, it cannot access port 80 permissions.
// For obvious reasons, we don't want root to access the node.js in production

- sudo apt-get install libcap2-bin

# Non nodesource distribution
- which node
- sudo setcap cap_net_bind_service=+ep /usr/local/bin/node

# Nodesource distribution

cookie-ag

var appId = 'https://127.0.0.1'
var routine = require('routine');

exports.GET = function(req, res, next) {
	var tokens = req.session.tokens || [];
	routine.U2FstartRegistration(req, res, next, appId, tokens);
};

exports.POST = function(req, res, next) {
	var request = req.session.registrationRequest;

cookie-ag

db.getCollection('Logging').count({"status":{$eq: 200}}) //Equal to 200

db.getCollection('Logging').count({"status":{$gt: 399}}) //Greater than to 399, HTTP Errors

db.getCollection('Logging').count({"status":{$lt: 399}}) //Less than 399, HTTP Success