-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapp.js
More file actions
100 lines (81 loc) · 3.04 KB
/
app.js
File metadata and controls
100 lines (81 loc) · 3.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
const express = require("express");
const cookieParser = require("cookie-parser");
const mongoSanitize = require("express-mongo-sanitize");
const xssMiddleware = require("./middlewares/xssMiddleware");
const morgan = require("morgan");
const cors = require("cors");
const compression = require("compression");
const rateLimit = require("express-rate-limit");
const dotenv = require("dotenv");
const errorHandler = require("./middlewares/errorHandler");
const app = express();
app.use(express.json({ limit: "500mb" })); // <- Parses Json data
app.use(express.urlencoded({ extended: true, limit: "500mb" })); // <- Parses URLencoded data
dotenv.config({ path: "./.env" }); // <- connecting the enviroment variables
// MIDLEWARES ->>
app.set("trust proxy", 1);
const CLIENT_URL = process.env.CLIENT_URL;
const ADMIN_URL = process.env.ADMIN_URL;
const allowedOrigins = [CLIENT_URL, ADMIN_URL];
const corsOptions = {
origin: (origin, callback) => {
if (!origin || allowedOrigins.includes(origin)) {
callback(null, true);
} else {
const error = new Error("Not allowed by CORS");
console.log(error);
console.log(origin);
callback(error);
}
},
credentials: true,
};
app.use(cors(corsOptions));
app.use(cookieParser());
console.log(`ENV = ${process.env.NODE_ENV}`);
app.use(morgan("dev")); // <- Logs res status code and time taken
// Limits #apicalls that can be made per IP address
const limiter = rateLimit({
max: 1000, // max number of times per windowMS
windowMs: 60 * 60 * 1000, //1hr
message: "Too many requests, Please try again in 1 hour !!!",
});
app.use("/api/v1", limiter);
app.use((req, res, next) => {
// <- Serves req time and cookies
req.requestTime = new Date().toISOString();
console.log(req.requestTime);
if (req.cookies) console.log(req.cookies);
next();
});
app.use((req, res, next) => {
res.setHeader("Content-Type", "application/json");
next();
});
// Data Sanitization aganist NoSQL query Injection.
app.use(mongoSanitize());
// Data Sanitization aganist XSS (Cross Site Scripting) attacks
app.use(xssMiddleware);
// compressing the size of HTTP response data before sending
app.use(compression());
// Routers for app
// const router = require("./routes/mainroutes");
// const authRouter = require("./routes/authRoutes");
// const userRouter = require("./routes/userRoutes");
// const eventRouter = require("./routes/eventRoutes");
// const userEnrollRouter = require("./routes/userEnrollRoutes");
// setting Routes
// app.use("/api/v1/", router);
// app.use("/api/v1/auth/", authRouter);
// app.use("/api/v1/member/", userRouter);
// app.use("/api/v1/event/", eventRouter);
// app.use("/api/v1/eventreg/", userEnrollRouter);
// app.all('*', (req, res, next) => { // <- Middleware to handle Non-existing Routes
// return res.statusCode(404).json({
// success: 'false',
// status: 404,
// message: 'Route not found in server',
// })
// });
app.use(errorHandler); // <- Error Handling Middleware
module.exports = app;