Update cookie-session 1->2, update dependencies, add eslint as dev-de…

…p, lint files, code cleanup.

.eslintrc.json

@@ -0,0 +1,33 @@
+{
+    "rules": {
+        "indent": [
+            2,
+            "tab"
+        ],
+        "quotes": [
+            2,
+            "double"
+        ],
+        "semi": [
+            2,
+            "always"
+        ],
+        "complexity": [
+            2,
+            22
+        ],
+        "linebreak-style": 0,
+        "no-var": 1
+    },
+    "parserOptions": {
+        "ecmaVersion": 8
+    },
+    "ignorePatterns": [],
+    "globals": {
+    },
+    "env": {
+        "es6": true,
+        "node": true
+    },
+    "extends": "eslint:recommended"
+}

app.js

@@ -1,51 +1,53 @@
-const express       = require('express');
-const bodyParser    = require('body-parser');
-const cookieSession = require('cookie-session');
-const path          = require('path');
-const crypto        = require('crypto');
+const
+	express       	= require("express"),
+	bodyParser    	= require("body-parser"),
+	cookieSession 	= require("cookie-session"),
+	path          	= require("path"),
+	crypto        	= require("crypto"),
 
-const config        = require('./config');
-const defaultroutes = require('./routes/default');
-const webuathnroutes  = require('./routes/webauthn');
-const tokenroutes   = require('./routes/token');
+	config        	= require("./config"),
 
-const app           = express();
+	defaultroutes 	= require("./routes/default"),
+	webuathnroutes  = require("./routes/webauthn"),
+	tokenroutes   	= require("./routes/token"),
+
+	app           	= express();
 
 app.use(bodyParser.json());
 
 // Sessions
 app.use(cookieSession({
-  name: 'session',
-  keys: [crypto.randomBytes(32).toString('hex')],
+	name: "session",
+	keys: [crypto.randomBytes(32).toString("hex")],
 
-  // Cookie Options
-  maxAge: 24 * 60 * 60 * 1000 // 24 hours
+	// Cookie Options
+	maxAge: config.cookieMaxAge
 }));
 
 // Static files (./static)
-app.use(express.static(path.join(__dirname, 'static')));
+app.use(express.static(path.join(__dirname, "public/static")));
 
 // Routes
-app.use('/', defaultroutes);
-app.use('/webauthn', webuathnroutes);
-app.use('/token', tokenroutes);
+app.use("/", defaultroutes);
+app.use("/webauthn", webuathnroutes);
+app.use("/token", tokenroutes);
 
-const port = config.port || 3000;
+const port = config.port;
 
 // Local development
 if (config.mode === "development") {
-  const https = require("https");
-  const fs = require('fs');
-  var privateKey = fs.readFileSync('./keys/key.pem');
-  var certificate = fs.readFileSync('./keys/cert.pem');
-  https.createServer({
-    key: privateKey,
-    cert: certificate
-  }, app).listen(port);  
+	const https = require("https");
+	const fs = require("fs");
+	let privateKey = fs.readFileSync("./keys/key.pem");
+	let certificate = fs.readFileSync("./keys/cert.pem");
+	https.createServer({
+		key: privateKey,
+		cert: certificate
+	}, app).listen(port);  
 
 // "Production" HTTP - (for use behind https proxy)
 } else {
-  app.listen(port);
+	app.listen(port);
 
 }
 

config.js

@@ -1,11 +1,14 @@
 // Base configuration
 let config = {
-    "port": 3000,
-    "origin": "https://localhost:3000",
-    "rpId": "localhost",
-    "rpName": "Webauthn Skeleton",
-    "mode": "development",
-    "baseUrl": undefined, // Uses origin as default
+	"port": 3000,
+	"origin": "https://localhost:3000",
+	"rpId": "localhost",
+	"rpName": "Webauthn Skeleton",
+	"mode": "development",
+	"baseUrl": undefined, // Uses origin as default
+	"cookieMaxAge": 24 * 60 * 60 * 1000, // 24 hours
+	"challengeTimeoutMs": 90 * 1000, // 90 seconds
+	"loginTokenExpireSeconds": 60	
 };
 
 // Environment overrides (normally no need to touch this)