https://github.com/hmcts/lau-frontend

https://github.com/hmcts/lau-frontend

jenkins-cft jenkins-cft-j-z

Last synced: 3 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/hmcts/lau-frontend
• Owner: hmcts
• License: mit
• Created: 2021-12-01T17:01:44.000Z (over 3 years ago)
• Default Branch: master
• Last Pushed: 2025-03-07T09:49:20.000Z (3 months ago)
• Last Synced: 2025-03-07T10:31:52.714Z (3 months ago)
• Topics: jenkins-cft, jenkins-cft-j-z
• Language: TypeScript
• Size: 14.2 MB
• Stars: 1
• Watchers: 5
• Forks: 0
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • Contributing: .github/CONTRIBUTING.md
  • License: LICENSE
  • Audit: audit.json

Awesome Lists containing this project

README

        
# LAU Frontend

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=LAU&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=LAU) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=LAU&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=LAU) [![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=LAU&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=LAU) [![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=LAU&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=LAU) [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=LAU&metric=coverage)](https://sonarcloud.io/summary/new_code?id=LAU)

## Purpose

This is the frontend application for the Log and Audit service.

This service will allow an investigator to see a report detailing all case interactions and system logons for a given user for up to 2 years.

## Overview



lau-frontend • lau-case-backend • lau-idam-backend • lau-shared-infrastructure








  



## Getting Started

### Prerequisites

Running the application requires the following tools to be installed in your environment:

  * [Node.js](https://nodejs.org/) v18.16.0 or later

  * [yarn](https://yarnpkg.com/)

  * [Docker](https://www.docker.com)

### Running the application

Install dependencies by executing the following command:

 ```bash

$ yarn install

 ```

Bundle:

```bash

$ yarn build

```

Run:

```bash

$ yarn start

```

The application's home page will be available at https://localhost:4000

### Running with Docker

A script has been created to start the application with IdAM and it's dependencies.

Run this script with the following command:

Create docker image:

```bash

  yarn run start-local-env

```

This will start the frontend container exposing the application's port

(set to `4000`).

The IdAM web admin will be available at http://localhost:8082

An import script is run to import the service, roles and users into IdAM. Details of the users can be found in the [create-users script](docker/idam-importer/scripts/create-users.sh).

## Developing

### Code style

We use [ESLint](https://github.com/typescript-eslint/typescript-eslint)

alongside [sass-lint](https://github.com/sasstools/sass-lint)

Running the linting with auto fix:

```bash

$ yarn lint --fix

```

### Running the tests

This template app uses [Jest](https://jestjs.io//) as the test engine. You can run unit tests by executing

the following command:

```bash

$ yarn test

```

Here's how to run functional tests (the template contains just one sample test):

```bash

$ yarn test:routes

```

Running accessibility tests:

```bash

$ yarn test:a11y

```

Make sure all the paths in your application are covered by accessibility tests (see [a11y.ts](src/test/a11y/a11y.ts)).

### Security

#### CSRF prevention

[Cross-Site Request Forgery](https://github.com/pillarjs/understanding-csrf) prevention has already been

set up in this template, at the application level. However, you need to make sure that CSRF token

is present in every HTML form that requires it. For that purpose you can use the `csrfProtection` macro,

included in this template app. Your njk file would look like this:

```

{% from "macros/csrf.njk" import csrfProtection %}

...

  ...

    {{ csrfProtection(csrfToken) }}

  ...

...

```

#### Helmet

This application uses [Helmet](https://helmetjs.github.io/), which adds various security-related HTTP headers

to the responses. Apart from default Helmet functions, following headers are set:

* [Referrer-Policy](https://helmetjs.github.io/docs/referrer-policy/)

* [Content-Security-Policy](https://helmetjs.github.io/docs/csp/)

There is a configuration section related with those headers, where you can specify:

* `referrerPolicy` - value of the `Referrer-Policy` header

Here's an example setup:

```

    "security": {

      "referrerPolicy": "origin",

    }

```

Make sure you have those values set correctly for your application.

### Healthcheck

The application exposes a health endpoint (https://localhost:4000/health), created with the use of

[Nodejs Healthcheck](https://github.com/hmcts/nodejs-healthcheck) library. This endpoint is defined

in [index.ts](src/main/modules/health/index.ts) file. Make sure you adjust it correctly in your application.

In particular, remember to replace the sample check with checks specific to your frontend app,

e.g. the ones verifying the state of each service it depends on.

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details