-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
73 lines (57 loc) · 1.96 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
import express from "express";
import dotEnv from "dotenv";
import connectToDB from "./config/db.js";
import fileUpload from "express-fileupload";
import cookieParser from "cookie-parser";
// Routes
import bootcampRoutes from "./routes/bootcamps.js";
import courseRoutes from "./routes/courses.js";
import authRoutes from "./routes/auth.js";
import userRoutes from "./routes/users.js"
import reviewRoutes from "./routes/reviews.js"
// Middlewares
import { errorHandler } from "./middlewares/errorHandler.js";
// 1.Sanitize data for preventing NoSQL Injection
import mongoSanitize from "express-mongo-sanitize";
// 2. prevent XSS
import xssClean from "xss-clean";
// 3. Set Security Headers
import helmet from "helmet";
// 4. limit Rate of requests (100 request per 10min)
import { rateLimit } from "express-rate-limit";
const requestLimit = rateLimit({
windowMs: 10 * 60 * 1000,
max : 100
})
// 5. Prevent Params Pollution (HPP)
import hpp from "hpp";
// 6. Enable CORS ( Public APIs )
import cors from "cors";
// dirname in ES Module
import path from "path";
import { fileURLToPath } from "url";
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
dotEnv.config({ path: "./config/config.env" })
connectToDB();
const app = express()
// Middlewares
app
.use(express.json())
.use(mongoSanitize())
.use(xssClean())
.use(helmet())
.use(requestLimit)
.use(hpp())
.use(cors())
.use(fileUpload())
.use(cookieParser())
.use(express.static(path.join(__dirname, "/public")));
// Mounting Routes
app.use("/bootcamps", bootcampRoutes).use(errorHandler);
app.use("/courses", courseRoutes).use(errorHandler);
app.use("/auth", authRoutes).use(errorHandler);
app.use("/users", userRoutes).use(errorHandler);
app.use("/reviews", reviewRoutes).use(errorHandler);
const port = process.env.PORT || 7001;
app.listen(port, () => console.log(`Server running in ${process.env.NODE_ENV} mode and listening on port ${port}!`.bgGreen.black.bold))