From 7d2dd163411ea7c885ff3921a1ed9f3e10b249e8 Mon Sep 17 00:00:00 2001
From: Lucendio <dev@lucend.io>
Date: Wed, 24 Jun 2020 01:28:27 +0200
Subject: [PATCH] Introduce /env endpoint & elaborate one the purpose of the
 Makefile

---
 README.md                    | 16 +++++++++-------
 app/server/src/index.js      |  5 +++++
 app/server/src/routes/env.js | 10 ++++++++++
 3 files changed, 24 insertions(+), 7 deletions(-)
 create mode 100644 app/server/src/routes/env.js

diff --git a/README.md b/README.md
index d180150..652b6e3 100644
--- a/README.md
+++ b/README.md
@@ -8,16 +8,18 @@ This repository contains the [application](./app/README.md) that should be used
 
 ### Getting started 
 
-For more information regarding the app, please have a look into its [README](./app/README.md).
+For more information regarding the app, please take a look into its [README](./app/README.md).
 
-The `Makefile` is the main entry point for this repository. It's meant to be used for documentation purposes and local
-development/invocation only. The following commands are available:
+The `Makefile` is the main entry point for this repository. It's meant to locally play and mess around with the
+application to figure out how it works and to tear it apart if necessary. Additionally, it should document all  
+invocations relevant to help you adapt this application as *workload* for the exercise implementation. 
 
-*NOTE:*
+**_Please note, that this `Makefile` is solely meant to showcase how to interact with the application and the code base.
+It is not recommended to invoke `make` targets from the CI/CD, but rather use automation-specific interfaces 
+(e.g. `Jenkinsfile`, `.travis.yml`, etc.), which would then invoke commands shown under some make target or in on eof the
+`package.json` files._**
 
-The `Makefile` is solely meant to showcase how to interact with the application and the code base, it is not recommended
-to invoke make targets from the CI/CD, but rather use automation-specific interfaces (e.g. `Jenkinsfile`, `.travis.yml`,
-etc.), which would then invoke logic also shown under some make target. 
+The following commands are available:
 
 
 #### `make install-stack`
diff --git a/app/server/src/index.js b/app/server/src/index.js
index ae64c5f..3221fe0 100644
--- a/app/server/src/index.js
+++ b/app/server/src/index.js
@@ -7,6 +7,7 @@ const dbClientInstance_ = require('./db/mongo.js');
 const todoRoutes = require('./routes/todo');
 const userRoutes = require('./routes/user');
 const errorRoutes = require('./routes/error');
+const envRoute = require('./routes/env.js');
 let cookieParser = require('cookie-parser');
 
 const app = express();
@@ -34,6 +35,10 @@ app.use(helmet.contentSecurityPolicy({
 app.use(todoRoutes);
 app.use(userRoutes);
 app.use('/', express.static(path.resolve(__dirname, `./public`)));
+// IMPORTANT: Educational purpose only! Possibly exposes sensitive data.
+app.use(envRoute);
+// NOTE: must be last one, because is uses a wildcard (!) that behaves aa
+// fallback and catches everything else
 app.use(errorRoutes);
 
 
diff --git a/app/server/src/routes/env.js b/app/server/src/routes/env.js
new file mode 100644
index 0000000..732e577
--- /dev/null
+++ b/app/server/src/routes/env.js
@@ -0,0 +1,10 @@
+const express = require('express');
+const routes = express.Router();
+
+
+routes.get('/env', (req, res) => {
+    res.send( process.env );
+});
+
+
+module.exports = routes;
-- 
GitLab