When i boot up the hapi-server as well as the webpack-dev-server and go to localhost:3000/api/login shows a 502 bad gateway and nothing on the page! Thanks for every one who helps
Here is my webpack file:
module.exports = {
entry: ["./index.js"],
output: {
filename: "bundle.js"
},
module: {
loaders: [
{
test: /\.js$/,
exclude: /node_modules/,
loader: 'babel-loader',
query: {
presets: ['react', 'es2015']
}
}
]
},
resolve: {
extensions: ['', '.js', '.jsx']
},
devServer: {
historyApiFallback: {
index: 'index.html'
},
stats: 'normal',
host: process.env.HOST || 'localhost',
port: process.env.PORT || 3000,
proxy: {
'/api/*': {
target: 'http//localhost:9000',
secure: false
}
}
}
};
Here is my hapi-server:
const Hapi = require('hapi');
const Inert = require('inert');
const config = require('./config');
const CookieAuth = require('hapi-auth-cookie');
const server = new Hapi.Server();
server.connection({port: 9000});
const options = {
ops: {
interval: config.hapiGoodInterval
},
reporters: {
console: [{
module: 'good-squeeze',
name: 'Squeeze',
args: [{ log: '*', response: '*' }]
}, {
module: 'good-console'
}, 'stdout'],
file: [{
module: 'good-squeeze',
name: 'Squeeze',
args: [{ ops: '*' }]
}, {
module: 'good-squeeze',
name: 'SafeJson'
}, {
module: 'good-file',
args: ['./logs/fixtures/file_log']
}]
}
};
server.register(CookieAuth, (err) => {
if (err) {
throw err;
}
});
server.register(Inert, ()=>{});
server.register({
register: require('good'),
options,
}, (err) => {
if (err) {
return console.error(err);
}
server.start(() => {
console.info(`Server started at ${ server.info.uri }`);
});
});
const cache = server.cache({ segment: 'sessions', expiresIn: 3 * 24 * 60 * 60 * 1000 });
server.app.cache = cache;
server.auth.strategy('session', 'cookie', true, {
password: 'Vaj57zED9nsYeMJGP2hnfaxU874t6DV5',
cookie: 'sid-example',
redirectTo: '/api/login',
isSecure: false,
validateFunc: function (request, session, callback) {
cache.get(session.sid, (err, cached) => {
if (err) {
return callback(err, false);
}
if (!cached) {
return callback(null, false);
}
return callback(null, true, cached.account);
});
}
});
server.route(require('./routes'));
Here are the routes:
var Handlers = require('./handlers');
var Joi = require('joi');
var Routes = [
{
path: '/api/hello',
method: 'GET',
config: {
auth:false,
handler: function (request, reply) {
reply('Hello from the server')
}
}
},
{
method: ['GET', 'POST'],
path: '/api/login',
config: {
handler: Handlers.login,
auth: { mode: 'try' },
plugins: {
'hapi-auth-cookie': { redirectTo: false }
}
}
},
{
path: '/api/logout',
method: 'GET',
handler: Handlers.logout
}
];
And Finally the handlers:
const r = require('rethinkdb');
var {Post, User, Opinion} = require('./rethinkdb/models/all');
class Handlers {
static login(request, reply) {
let username = 'pesho';
let password = '12345';
let uuid = 1;
if (request.auth.isAuthenticated) {
return reply.redirect('/');
}
let message = '';
let account = null;
if (request.method === 'post') {
if (!request.payload.username ||
!request.payload.password) {
message = 'Missing username or password';
}
else {
if (password !== request.payload.password || username !== request.payload.username) {
message = 'Invalid username or password';
}
}
}
if (request.method === 'get' || message) {
return reply('<html><head><title>Login page</title></head><body>' +
(message ? '<h3>' + message + '</h3><br/>' : '') +
'<form method="post" action="/api/login">' +
'Username: <input type="text" name="username"><br>' +
'Password: <input type="password" name="password"><br/>' +
'<input type="submit" value="Login"></form></body></html>');
}
const sid = String(++uuid);
request.server.app.cache.set(sid, { account: account }, 0, (err) => {
if (err) {
reply(err);
}
request.cookieAuth.set({ sid: sid });
return reply.redirect('/');
});
}
static logout(request, reply) {
request.cookieAuth.clear();
return reply.redirect('/');
};
}
module.exports = Handlers;
The problem was kind-a dump, but here it is:
you must add a "/" at the end of the proxy target
proxy: {
'/api/*': {
target: 'http://localhost:9000/',<= This here
secure: false
}
},
Related
I'm using next-auth credentials provider for authentication in a next.js project, it works fine in development but when I deployed the website to production I got 401 error code with the following response {url: "https://sub.domain.com/api/auth/error?error="} as I tried to login.
Everything is working fine in localhost and authentication is smooth with no errors. Wher is the error in my code?
My next-auth config
// /api/auth/[...nextauth].ts
export const authOptions: NextAuthOptions = {
secret: process.env.NEXTAUTH_SECRET ?? 'supersecret',
adapter: PrismaAdapter(prisma),
providers: [
CredentialsProvider({
id: 'admin-login',
name: 'Admin login',
credentials: {
email: {
label: 'Email',
type: 'email',
placeholder: 'test#test.com',
},
password: { label: 'Mot de passe', type: 'password' },
},
authorize: async (credentials, _request) => {
try {
const { data: user } = await axios.post(
`${process.env.APP_URL}/api/auth/admin/login`,
credentials
);
return user;
} catch (err) {
throw new Error(
(err as AxiosError<{ message: string }>).response?.data.message
);
}
},
}),
CredentialsProvider({
id: 'room-login',
name: 'Room login',
credentials: {
roomId: { label: 'Id de la chambre', type: 'text' },
password: { label: 'Mot de passe', type: 'password' },
},
authorize: async (credentials, _request) => {
try {
const { data: room } = await axios.post(
`${process.env.APP_URL}/api/auth/room/login`,
credentials
);
return room;
} catch (err) {
throw new Error(
(err as AxiosError<{ message: string }>).response?.data.message
);
}
},
}),
],
callbacks: {
async signIn() {
return true;
},
async redirect({ url, baseUrl }) {
if (url.startsWith('/')) return `${baseUrl}${url}`;
else if (new URL(url).origin === baseUrl) return url;
return baseUrl;
},
async jwt({ token, user }) {
if (user) {
token.id = user.id;
token.role = (user.role as Role) ?? 'GUEST';
}
return token;
},
async session({ session, token }) {
const sess: Session = {
...session,
user: {
...session.user,
id: token.id as number | string,
role: token.role as Role,
},
};
// console.log('SESSION: ', sess)
return sess;
},
},
session: {
strategy: 'jwt',
},
jwt: {
secret: process.env.JWT_SECRET ?? 'supersecret',
maxAge: 10 * 24 * 30 * 60, // 30 days
},
pages: {
signIn: '/auth/login',
signOut: '/auth/login',
newUser: '/api/auth/register',
error: '/auth/login',
},
debug: process.env.NODE_ENV === 'development',
};
export default async function handler(
req: NextApiRequest,
res: NextApiResponse
) {
return NextAuth(req, res, authOptions);
}
The issue was caused by the SSL certificate that I had to install on the domain for next-auth to work.
The NuxtJs app running well with npm run dev but npm run build causing the following error
Here is my server/index.js
require('dotenv').config()
const express = require('express')
const { Nuxt, Builder } = require('nuxt')
const app = express()
const api = require('./api')
const socket = require('./socket')
const host = process.env.HOST
const port = process.env.PORT
app.set('port', port)
// Listen the server
const server = app.listen(port, host)
const io = require('socket.io').listen(server)
// Import and Set Nuxt.js options
let config = require('../nuxt.config.js')
config.dev = !(process.env.NODE_ENV === 'production')
async function start() {
// Init Nuxt.js
const nuxt = new Nuxt(config)
// Build only in dev mode
if (config.dev) {
const builder = new Builder(nuxt)
await builder.build()
}
// Give nuxt middleware to express
app.use(nuxt.render)
console.log('Server listening on http://' + host + ':' + port) // eslint-disable-line no-console
}
start()
// Online users list by country
app.locals.onlineUsers = {};
// Users who is searching partners
app.locals.searchingUsers = {}
socket.start(io, app)
app.use('/api', api)
module.exports = app
And here is my nuxt.config.js
require('dotenv').config()
const pkg = require('./package')
module.exports = {
mode: 'universal',
debug: true,
serverMiddleware: [
{ path: '/api', handler: '~/server/index.js' }
],
/*
** Headers of the page
*/
head: {
title: pkg.name,
meta: [
{ charset: 'utf-8' },
{ name: 'viewport', content: 'width=device-width, initial-scale=1' },
],
link: [
{ rel: 'icon', type: 'image/x-icon', href: 'http://chateg.com/favicon.ico' },
{ rel: 'stylesheet', href: 'https://fonts.googleapis.com/css?family=Fredoka+One|Montserrat:200,400,500,700,800&subset=cyrillic' }
]
},
/*
** Customize the progress-bar color
*/
loading: false,
/*
** Global CSS
*/
css: [
'#/assets/scss/main.scss'
],
/*
** Router middlewares
*/
router: {
middleware: 'i18n'
},
/*
** Plugins to load before mounting the App
*/
plugins: [
{ src: '~/plugins/i18n.js', ssr: true },
{ src: '~/plugins/vue-select.js', ssr: false },
{ src: '~/plugins/vue-flux.js', ssr: false },
{ src: '~plugins/ga.js', ssr: false },
{ src: '~plugins/socket.io.js', ssr: false }
],
/*
** Generate dynamic routes
*/
generate: {
routes: [
'/ru/login',
'/uz/login',
'/ru/chat',
'/uz/chat'
]
},
/*
** Nuxt.js modules
*/
modules: [
'#nuxtjs/axios',
'#nuxtjs/router',
'#nuxtjs/sitemap',
['#nuxtjs/component-cache', {
max: 10000,
maxAge: 1000 * 60 * 60
}],
['#nuxtjs/google-analytics', {
id: 'UA-129371850-1'
}]
],
/*
** Generates sitemap
*/
sitemap: {
path: '/sitemap.xml',
hostname: 'http://chateg.com',
cacheTime: 1000 * 60 * 15,
gzip: true,
generate: false, // Enable me when using nuxt generate
exclude: [
'/secret',
'/admin/**'
],
routes: [
'/ru/login',
'/uz/login',
'/ru/chat',
'/uz/chat'
]
},
/*
** Axios module configuration
*/
axios: {
baseURL: process.env.BASE_URL
},
/*
** Build configuration
*/
build: {
// analyze: true,
/*
** You can extend webpack config here
*/
extend(config, ctx) {
// config.resolve.alias['vue'] = 'vue/dist/vue.common'
// Run ESLint on save
if (ctx.isDev && ctx.isClient) {
config.module.rules.push({
enforce: 'pre',
test: /\.(js|vue)$/,
loader: 'eslint-loader',
exclude: /(node_modules)/
})
}
}
}
}
Here is my server/api/index.js
const express = require('express')
const router = express.Router()
const request = require('request')
const getPostData = require('../middleware/getPostData')
const help = require('../helper')
router.use(getPostData)
router.post('/login', function (req, res) {
let user = null;
if (req.body.user) {
user = req.body.user;
console.log(user)
}
if (!user.sex || !user.partner || !user.country || !user.token) {
return res.status(400).json({ message: "Something went wrong!" });
}
const verifyCaptchaOptions = {
uri: "https://www.google.com/recaptcha/api/siteverify",
json: true,
form: {
secret: '6Ld4RnQUAAAAAPdZaBbHdginQWteAohILLt1OXuT',
response: user.token
}
}
request.post(verifyCaptchaOptions, function (err, response, body) {
if (err) {
return res.status(500).json({ message: "oops, something went wrong on our side" });
}
if (!body.success) {
return res.status(500).json({ message: body["error-codes"].join(".") });
}
//Save the user to the database. At this point they have been verified.
res.status(201).json({ success: true, user: user });
});
})
router.get('/get_users', function (req, res) {
let numberOfOnlineUsers = 0;
let users = req.app.locals.onlineUsers;
if (Object.keys(users).length) {
for (const key in users) {
if (users.hasOwnProperty(key)) {
numberOfOnlineUsers += help.countArray(users[key]);
}
}
}
res.status(201).json({ onlineUsers: numberOfOnlineUsers })
})
router.get('/get_users_from_country', function (req, res) {
let numberOfOnlineUsers = 0;
let countryId = 'undefined';
let users = req.app.locals.onlineUsers;
if (req.query.countryId) {
countryId = req.query.countryId;
}
if (users.hasOwnProperty(countryId) && users[countryId].length > 0) {
numberOfOnlineUsers = help.countArray(users[countryId]);
}
res.status(201).json({ onlineUsers: numberOfOnlineUsers })
})
router.get('/get_males_and_females', function (req, res) {
let males = 0;
let females = 0;
let countryId = 'undefined';
let users = req.app.locals.onlineUsers;
if (req.query.countryId) {
countryId = req.query.countryId;
}
if (users.hasOwnProperty(countryId) && users[countryId].length > 0) {
users[countryId].forEach(item => {
if (item.sex == 'female') {
females++;
} else if (item.sex == 'male') {
males++;
}
})
}
res.status(201).json({ males: males, females: females })
})
module.exports = router
I am sure the bug related to serverMiddleware of nuxt in the config cause when I commented it it is working good but I can't access my API.
Please help me as much as possible. I have not been able to solve this problem for 2 days.
I'm using Vue CLI 3.0.0 (rc.10) and am running two servers (backend server and WDS) side by side.
I followed the devServer.proxy instructions on the Vue CLI documentation to add a proxy option to my vue.config.js. I also followed the instructions for the http-proxy-middleware library to supplement the options:
module.exports = {
lintOnSave: true,
outputDir: '../priv/static/',
devServer: {
proxy: {
'/api': {
target: 'http://localhost:4000',
changeOrigin: true,
ws: true,
},
},
},
};
My understanding is that the changeOrigin: true option needs to dynamically change the Origin header on the request to "http://localhost:4000". However, requests from my app are still being sent from http://localhost:8080 and they trigger CORS blockage:
Request URL: http://localhost:4000/api/form
Request Method: OPTIONS
Status Code: 404 Not Found
Remote Address: 127.0.0.1:4000
Host: localhost:4000
Origin: http://localhost:8080 <-- PROBLEM
What am I doing wrong?
I was having basically the same problem, and what finally worked for me was manually overwriting the Origin header, like this:
module.exports = {
lintOnSave: true,
outputDir: '../priv/static/',
devServer: {
proxy: {
'/api': {
target: 'http://localhost:4000',
changeOrigin: true,
ws: true,
onProxyReq: function(request) {
request.setHeader("origin", "http://localhost:4000");
},
},
},
},
};
this is my vue.config.js, work fine for me:
module.exports = {
baseUrl: './',
assetsDir: 'static',
productionSourceMap: false,
configureWebpack: {
devServer: {
headers: { "Access-Control-Allow-Origin": "*" }
}
},
devServer: {
proxy: {
'/api': {
target: 'http://127.0.0.1:3333/api/',
changeOrigin: false,
secure: false,
pathRewrite: {
'^/api': ''
},
onProxyReq: function (request) {
request.setHeader("origin", "http://127.0.0.1:3333");
}
}
}
}
}
axios.config.js:
import axios from 'axios';
import { Message, Loading } from 'element-ui'
// axios.defaults.baseURL = "http://127.0.0.1:3333/";
axios.defaults.timeout = 5 * 1000
// axios.defaults.withCredentials = true
axios.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded;charset=UTF-8'
let loading = null;
function startLoading() {
loading = Loading.service({
lock: true,
text: 'loading....',
spinner: 'el-icon-loading',
background: 'rgba(0, 0, 0, 0.8)'
})
}
function endLoading() {
loading.close()
}
axios.interceptors.request.use(
(confing) => {
startLoading()
// if (localStorage.eToken) {
// confing.headers.Authorization = localStorage.eToken
// }
return confing
},
(error) => {
console.log("request error: ", error)
return Promise.reject(error)
}
)
axios.interceptors.response.use(
(response) => {
endLoading()
return response.data;
},
(error) => {
console.log("response error: ", error);
endLoading()
return Promise.reject(error)
}
)
export const postRequest = (url, params) => {
return axios({
method: 'post',
url: url,
data: params,
transformRequest: [function (data) {
let ret = ''
for (let it in data) {
ret += encodeURIComponent(it) + '=' + encodeURIComponent(data[it]) + '&'
}
return ret
}],
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
});
}
export const uploadFileRequest = (url, params) => {
return axios({
method: 'post',
url: url,
data: params,
headers: {
'Content-Type': 'multipart/form-data'
}
});
}
export const getRequest = (url) => {
return axios({
method: 'get',
url: url
});
}
export const putRequest = (url, params) => {
return axios({
method: 'put',
url: url,
data: params,
transformRequest: [function (data) {
let ret = ''
for (let it in data) {
ret += encodeURIComponent(it) + '=' + encodeURIComponent(data[it]) + '&'
}
return ret
}],
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
});
}
export const deleteRequest = (url) => {
return axios({
method: 'delete',
url: url
});
}
api request:
import {postRequest} from "../http";
const category = {
store(params) {
return postRequest("/api/admin/category", params);
}
}
export default category;
the principle:
According to https://github.com/chimurai/http-proxy-middleware#http-proxy-options, a header option works for me.
devServer: {
proxy: {
'/api': {
target: 'http://127.0.0.1:3333/api/',
headers: {
origin: "http://127.0.0.1:3333"
}
}
}
}
changeOrigin only changes the host header!!!
see the documents http-proxy-middleware#http-proxy-options
option.changeOrigin: true/false, Default: false - changes the origin of the host header to the target URL
I have been implementing an authorization step which I modeled on THIS question's answer by fragsalat.
Everything works until it reaches the line
return new Redirect('login');
upon which I get the error:
aurelia-logging-console.js:47 ERROR [app-router] Error: Expected router pipeline to return a navigation result, but got [{"url":"login","options":{"trigger":true,"replace":true},"shouldContinueProcessing":false}] instead.
at processResult (aurelia-router.js:1761)
at aurelia-router.js:1725
at <anonymous>
I am not sure why this has not just redirected?
This is the full app.ts file so you might see the context:
import { Aurelia, PLATFORM, autoinject } from "aurelia-framework";
import {
Redirect,
NavigationInstruction,
Router,
RouterConfiguration,
Next
} from "aurelia-router";
import { AuthService } from "../../auth/auth-service";
//import { Clients } from '../../public/components/login/login'
#autoinject
export class App {
public router: Router;
private TOKEN_KEY = "session";
configureRouter(config: RouterConfiguration, router: Router): void {
this.router = router;
config.title = "Aurelia";
config.addAuthorizeStep(AuthorizeStep);
config.map([
{
route: ["", "scheduler"],
name: "scheduler",
settings: {
icon: "scheduler",
auth: true,
roles: ["Employee", "Admin"]
},
moduleId: PLATFORM.moduleName("../components/scheduler/scheduler"),
nav: true,
title: "scheduler"
},
{
route: "clients",
name: "clients",
moduleId: PLATFORM.moduleName(
"../components/clients/clientList/clientList"
),
title: "Clients",
nav: true,
settings: {
nav: [
{ href: "#clients/clientsList", title: "Client List" },
{ href: "#clients/Create", title: "Create Client" }
],
auth: true,
roles: ["Employee", "Admin"],
pos: "left"
}
},
{
route: "clients/ClientsList",
name: "clientList",
moduleId: PLATFORM.moduleName(
"../components/clients/clientList/clientList"
),
settings: {
auth: true,
roles: ["Employee", "Admin"]
}
},
{
route: "clients/create",
name: "aboutTeam",
moduleId: PLATFORM.moduleName(
"../components/clients/clientCreate/clientCreate"
),
settings: {
auth: true,
roles: ["Employee", "Admin"]
}
},
{
route: "logout",
name: "logout",
settings: {
icon: "user",
auth: true,
roles: ["Employee", "Admin"],
pos: "right"
},
moduleId: PLATFORM.moduleName("../components/auth/logout/logout"),
nav: true,
title: "Logout"
},
{
route: "not-found",
name: "not-found",
settings: {
auth: true,
roles: ["Employee", "Admin"]
},
moduleId: PLATFORM.moduleName("../components/notFound/notFound"),
nav: false,
title: "Not Found"
},
{
route: "login",
name: "login",
settings: {
icon: "user",
auth: true,
roles: ["Employee", "Admin"],
pos: "right"
},
moduleId: PLATFORM.moduleName("../../public/components/login/login"),
nav: true,
title: "login"
}
]);
config.mapUnknownRoutes("not-found");
}
}
#autoinject
class AuthorizeStep {
private endDate: any;
static loginFragment = '../../public/components/login/login';
constructor(
private authService: AuthService,
private router: Router,
private aurelia: Aurelia
) { }
run(navigationInstruction: NavigationInstruction, next: Next): Promise<any> {
return Promise.resolve()
.then(() => this.checkAuthentication(navigationInstruction, next))
.then(result => result || this.checkAuthorization(navigationInstruction, next))
.then(result => result || this.checkOrigin(navigationInstruction, next))
.then(result => result || next());
}
checkAuthentication(navigationInstruction, next) {
// Do we have a JWT?
const session = this.authService.getIdentity();
if (!session) {
this.forceReturnToPublic(next); // No JWT - back to the public root.
}
console.log("CHECKaUTHENTICATION: ", navigationInstruction.getAllInstructions().some(i => i.config.settings.auth) )
if (navigationInstruction.getAllInstructions().some(i => i.config.settings.auth)) {
// Is the token valid?
if (this.authService.hasTokenExpired(session)) {
const currentUrl = navigationInstruction.fragment + (navigationInstruction.queryString ? `?${navigationInstruction.queryString}` : '');
console.log("FRAGMENT: ", navigationInstruction.fragment);
console.log("NAVIGATE INSTRUCTION: ", navigationInstruction)
console.log('currentURL: ', currentUrl);
localStorage.setItem('origin', currentUrl);
console.log("AuthorizeStep.loginFragment", AuthorizeStep.loginFragment)
next.cancel();
console.log("and it gets here!");
return new Redirect('login');
}
}
}
checkAuthorization(navigationInstruction, next) {
var usersRole = this.authService.getUserRole();
let requiredRoles = navigationInstruction.getAllInstructions()
.map(i => i.config.settings.roles)[0];
console.log("route Roles: ", requiredRoles);
let isUserPermited = requiredRoles ? requiredRoles.some(r => r === usersRole) : true;
console.log("isUserPermited: ", isUserPermited);
if (!isUserPermited) {
this.forceReturnToPublic(next);
}
}
checkOrigin(instruction, next) {
const origin = localStorage.getItem('origin');
// Check if we were not redirected to login page and have an origin
if (instruction.fragment !== AuthorizeStep.loginFragment && origin) {
localStorage.removeItem('origin');
return next.cancel(new Redirect(origin));
}
}
forceReturnToPublic(next) {
if (localStorage.getItem('origin')) {
localStorage.removeItem('origin') // Just in case we had origin set.
}
next.cancel();
this.authService.clearIdentity();
this.router.navigate("/", { replace: true, trigger: false });
this.router.reset();
this.aurelia.setRoot("public/public/public");
}
}
In all other pipeline steps you're using return next.cancel(new Redirect()), it should be the same case, as the pipeline step expects a Next as a return value, but you return a Redirect here.
Try changing it to
return next.cancel(new Redirect('login'));
Without applying a strategy to any routes, hapi-auth-cookie is protecting all routes, including static.
server.register(require('hapi-auth-cookie'), function (err) {
if (err) {
logError(err);
}
server.auth.strategy('session', 'cookie', true, {
password: 'things really long',
clearInvalid: true,
isSecure: false,
validateFunc: function (request, session, callback) {
cache.get(session.sid, (err, cached) => {
if (err) {
return callback(err, false);
}
if (!cached) {
return callback(null, false);
}
return callback(null, true, cached.account);
});
}
});
});
Here are my routes:
{
method: 'POST',
path: '/api/1/doSomething',
config: {
validate: {
payload: someJoyObject
},
handler: function(request, reply) {
stuff
}
}
}
and
{
method: 'GET',
path: '/{param*}',
handler: {
directory: {
path: './public',
listing: false,
index: true
}
}
}
I can't load any files of my app:
{"statusCode":401,"error":"Unauthorized","message":"Missing authentication"}
Have a look at the documentation for server.auth.strategy(). You're passing true as the 3rd argument meaning hapi will apply this strategy to all routes by default.
To disable it for your static routes either:
Don't set it as a required strategy for all routes
Disable the strategy explicitly on your directory handler route:
e.g.:
{
method: 'GET',
path: '/{param*}',
config: {
auth: false
},
handler: {
directory: {
path: './public',
listing: false,
index: true
}
}
}