-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.ts
54 lines (47 loc) · 1.43 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import cors from "cors";
import "dotenv/config"; // fetch secrets from .env
import express from "express";
import rateLimit from "express-rate-limit";
import helmet from "helmet";
import docs from "./routes/docs";
import recipes from "./routes/recipes";
import terms from "./routes/terms";
import { connectToMongoDB } from "./utils/db";
const app = express();
/**
* Initialize middleware:
* - Parse JSON
* - Serve Swagger UI files
* - Enable CORS
* - Add security headers
* - Add rate limiting
*/
app.use(express.json());
app.use(cors());
app.use(
helmet({
// Customize the CSP header to enable "Try it out"
contentSecurityPolicy: {
directives: {
"connect-src": ["'self'", "ez-recipes-server.onrender.com"],
},
},
})
);
app.use(
rateLimit({
windowMs: 60 * 60 * 1000, // 1 hour
limit: 60, // limit each IP to 60 requests per `window` (here, per hour).
standardHeaders: "draft-7", // draft-6: `RateLimit-*` headers; draft-7: combined `RateLimit` header
legacyHeaders: false, // disable the `X-RateLimit-*` headers.
validate: { xForwardedForHeader: false }, // apply the limit globally
})
);
// Define routes
app.use("/", docs);
app.use("/api/recipes", recipes);
app.use("/api/terms", terms);
connectToMongoDB();
// parseInt() requires a string, not undefined
const port = parseInt(`${process.env.PORT}`) || 5000;
app.listen(port, () => console.log(`Server listening on port ${port}...`));