-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
84 lines (68 loc) · 2.05 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
const express = require("express");
const morgan = require("morgan");
const helmet = require("helmet");
const cors = require("cors");
const xss = require("xss-clean");
const rateLimiter = require("express-rate-limit");
const apiRoutes = require("./src/routes/");
const { swaggerDefinition } = require("./src/config/swagger");
const swaggerJSDoc = require("swagger-jsdoc");
const swaggerUI = require("swagger-ui-express");
const { developmentConfig, productionConfig } = require("./src/config");
const initializeApp = () => {
// select mode
const isProduction = process.env.NODE_ENV === "production";
// error handler
const notFoundMiddleware = require("./src/middleware/not-found");
const errorHandlerMiddleware = require("./src/middleware/error-handler");
// select mode settings
let config;
if (isProduction) {
config = productionConfig;
} else {
config = developmentConfig;
}
// Instantiate express
const app = express();
//Set body parser middleware (json to text)
app.use(express.json());
//Set request parser middleware
app.use(express.urlencoded({ extended: true }));
//Set static folder
app.use(express.static("public"));
//Set logger
app.use(morgan("tiny"));
/* securite */
//Set security headers
app.use(helmet());
//Set preventing XSS Attacks
app.use(xss());
// Enable cross-origin access through the CORS middleware
app.use(
cors({
origin: config.allowedOrigin,
})
);
//DDos
app.use(
rateLimiter({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // limit each IP to 100 requests per windowMs
})
);
//Add routes
app.use("/api", apiRoutes);
const options = {
...swaggerDefinition,
// Paths to files containing OpenAPI definitions
apis: ["./src/routes/*.js"],
};
const swaggerDocs = swaggerJSDoc(options);
app.use("/api-docs", swaggerUI.serve, swaggerUI.setup(swaggerDocs));
//DEFINE LAST IMPORTANT!!!!!
app.use(notFoundMiddleware);
app.use(errorHandlerMiddleware);
return app;
};
const app = initializeApp();
module.exports = app;