-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
47 lines (40 loc) · 1.37 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
const express = require("express");
const app = express();
const morgan = require("morgan");
app.use(express.json()); //middleware ==> use() ==> middleware for tour
const rateLimiter = require("express-rate-limit");
const helmet = require("helmet");
const musicRoutes = require("./routes/musicRoutes");
const userRoutes = require("./routes/userRoutes");
const tourRoutes = require("./routes/tourRoutes");
const reviewRoutes = require("./routes/reviewRoutes");
const mongoSanitize = require("express-mongo-sanitize");
const xss = require("xss-clean");
// helemt is a package to set http headers
app.use(helmet());
//Data sanitization against NoSQL query injection
app.use(mongoSanitize());
//Data sanitization against XSS
app.use(xss());
//morgan is a package to log requests
app.use(morgan("dev"));
//to parse data from body to req.body
app.use(express.json());
const limitOptions = {
max: 100, //100 max requests
windowMs: 60 * 60 * 1000, //1 hour
message: "Too many requests from this IP, please try again in an hour",
};
//limit the number of requests from the same IP
const limiter = rateLimiter(limitOptions);
app.use("/", limiter);
app.use("/music", musicRoutes);
app.use("/user", userRoutes);
app.use("/tours", tourRoutes);
app.use("/reviews", reviewRoutes);
module.exports = app;
//3andak kaza params ll req
// req.body
// req.headers.authentication
// req.params
// req.protocol