-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.js
More file actions
110 lines (83 loc) · 2.58 KB
/
index.js
File metadata and controls
110 lines (83 loc) · 2.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
"use strict";
/* ------------------------------------------------- */
/* QUICKSTOCK API */
/* ------------------------------------------------- */
const cors = require("cors");
const rateLimit = require("express-rate-limit");
const helmet = require("helmet");
const mongoSanitize = require("express-mongo-sanitize");
const xss = require("xss-clean");
const hpp = require("hpp");
const express = require("express");
const app = express();
/* ------------------------------------------------- */
// envVariables to process.env:
require("dotenv").config();
const HOST = process.env?.HOST || "127.0.0.1";
const PORT = process.env?.PORT || 8000;
// asyncErrors to errorHandler:
require("express-async-errors");
/* ------------------------------------------------- */
// Configrations:
// DB Connection
const connectDB = require("./src/configs/dbConnection");
connectDB();
/* ------------------------------------------------- */
// Middlewares:
// Cors
const corsOptions = {
origin: process.env.CLIENT_URL,
methods: ["GET", "POST", "PUT", "PATCH", "DELETE"],
credentials: true,
};
app.use(cors(corsOptions));
// Accept JSON:
app.use(express.json());
// Set security HTTP headers
app.use(helmet());
// Limit requests from same API
const limiter = rateLimit({
max: 100,
windowMs: 60 * 60 * 1000,
message: "Too many requests from this IP, please try again in an hour!",
});
app.use("/", limiter);
// Data sanitization against NoSQL query injection
app.use(mongoSanitize());
// Data sanitization against XSS
app.use(xss());
// Prevent parameter pollution
app.use(hpp());
// Check Authentication:
app.use(require("./src/middlewares/authentication"));
// Run Logger:
// app.use(require("./src/middlewares/logger"));
// res.getModelList():
app.use(require("./src/middlewares/queryHandler"));
/* ------------------------------------------------- */
// Routes:
// HomePath:
app.all("/", (req, res) => {
res.send({
error: false,
message: "Welcome to QUICKSTOCK API",
documents: {
swagger: "/documents/swagger",
redoc: "/documents/redoc",
json: "/documents/json",
},
});
});
// Routes:
app.use(require("./src/routes"));
/* ------------------------------------------------- */
// errorHandler:
app.use(require("./src/middlewares/errorHandler"));
/* ------------------------------------------------- */
// RUN SERVER:
app.listen(PORT, () => {
console.log(`Server running on http://${HOST}:${PORT}`);
});
/* ------------------------------------------------------- */
// Syncronization (must be in commentLine):
// require("./src/helpers/sync")(); //!