-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
37 lines (26 loc) · 1.15 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
const { path, express, morgan, helmet, rateLimit, mongoSanitize, xss} = require('./dependencies');
const express = require('express');
const userRoutes = require('./routes/userRoutes');
const adminRoutes = require('./routes/adminRoutes');
const superAdminRoutes = require('./routes/superAdminRoutes');
const app = express();
// Body Parser, reading data from body into req.body
app.use(express.json({ limit: '10kb' }));
// Serving static files
app.use(express.static(path.join(__dirname, 'public')));
// Set security for HTTP headers
app.use(helmet());
// Limt requests from same API
const limiter = rateLimit({
max: 10000, // no of attempt with given no of hours which is intialize in windowMs
windowMs: 60 * 60 * 1000, // 1 hour -> within 1 hour there is 100 request possible with same ip
message: 'Too Many request from these IP, please try again in an hour!'
});
// Data sanitization against NoSql query injection
app.use(mongoSanitize());
// Data sanitization against xss
app.use(xss());
app.use('/user', userRoutes);
app.use('/admin', adminRoutes);
app.use('/superAdmin', superAdminRoutes);
module.exports = app;