Created
March 27, 2018 13:07
-
-
Save trickydisco78/471286339de564f7aa85ecc008bc8625 to your computer and use it in GitHub Desktop.
http proxy with caching
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import express from 'express'; | |
import proxy from 'http-proxy-middleware'; | |
import compression from 'compression'; | |
import apicache from 'apicache'; | |
let cors = require('cors'); | |
let helmet = require('helmet'); | |
require('dotenv').config(); | |
let cache = apicache.middleware; | |
// whitelist domains | |
var whitelist = [ | |
'https://www.domain1.com', | |
'http://www.domain2.com', | |
'https://www.domain3.com', | |
'http://www.domain4.com' | |
]; | |
var corsOptionsDelegate = function(req, callback) { | |
var corsOptions; | |
if (whitelist.indexOf(req.header('Origin')) !== -1) { | |
corsOptions = { origin: true }; // reflect (enable) the requested origin in the CORS response | |
} else { | |
corsOptions = { origin: false }; // disable CORS for this request | |
} | |
callback(null, corsOptions); // callback expects two parameters: error and options | |
credentials: true; | |
}; | |
var options = { | |
logLevel: 'debug', | |
target: 'https://api.airtable.com/v0/', //+ process.env.APP_ID, | |
changeOrigin: true, | |
headers: { | |
Accept: 'application/json', | |
Authorization: 'Bearer ' + process.env.API_KEY, | |
'Cache-Control': 'max-age=450000' | |
}, | |
pathRewrite: { | |
'^/api': '' | |
}, | |
onError(err, req, res) { | |
res.writeHead(500, { | |
'Content-Type': 'text/plain' | |
}); | |
res.end('Something went wrong. And we are reporting a custom error message.'); | |
}, | |
onProxyRes(proxyRes, req, res) { | |
// Secure API so only GET requests are handled | |
proxyRes.headers['Access-Control-Allow-Methods'] = 'GET'; | |
proxyRes.headers['Access-Control-Allow-Headers'] = | |
'content-type, authorization, content-length, X-Requested-With, accept'; | |
if (req.headers.origin) { | |
if (whitelist.indexOf(req.headers.origin) === -1) { | |
//|| whitelist.indexOf(req.headers.referer) === -1) { | |
proxyRes.headers['Access-Control-Allow-Origin'] = 'http://www.domain1.com'; | |
} else { | |
proxyRes.headers['Access-Control-Allow-Origin'] = req.headers.origin; //|| req.headers.referer; | |
} | |
} | |
proxyRes.headers['P3P'] = | |
'ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI'; | |
}, | |
// http://stackoverflow.com/questions/14262986/node-js-hostname-ip-doesnt-match-certificates-altnames | |
// https://github.com/nodejitsu/node-http-proxy/blob/f345a1ac2dde1884e72b952a685a0a1796059f14/lib/http-proxy/common.js#L54 | |
secure: true, | |
ssl: { | |
rejectUnauthorized: true | |
} | |
}; | |
let apiProxy = proxy(options); | |
let app = express(); | |
app.use(compression()); | |
app.use(helmet()); | |
app.use('/api/**', cache('5 minutes'), cors(corsOptionsDelegate), apiProxy); | |
let server = app.listen(process.env.PORT || 3000, function() { | |
console.log('Listening on port ' + server.address().port); | |
}); | |
export default app; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment