/
server.js
77 lines (54 loc) · 1.62 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
const express = require('express')
const PORT = process.env.PORT || 3003
const routes = require('./routes')
const dotenv = require('dotenv').config()
const session = require('express-session')
const cors = require('cors')
const app = express()
const MongoDBStore = require('connect-mongodb-session')(session)
require('./config/db.connection')
const whitelist = ['http://localhost:3000', 'https://api.petfinder.com/v2/','https://frontend-ww.herokuapp.com']
const corsOptions = {
origin: (origin, callback) => {
if (whitelist.indexOf(origin) !== -1 || !origin) {
callback(null, true)
}else {
callback(new Error ('Not allowed by CORS'))
}
},
credentials:true
}
app.use(cors(corsOptions))
// cors options...
// session settings
app.set('trust proxy', 1) // trust first proxy
// this line is creating the object "req.session"
app.use(session({
secret: process.env.SESSION_SECRET || "A6SD5F6d56fs5fs6f6529S8D9F9X8DG1WS6FG4",
resave: false,
saveUninitialized: false,
store: new MongoDBStore({
uri: process.env.MONGODBURI,
collection: 'mySessions'
}),
cookie:{
sameSite: 'none',
secure: true
}
}))
const isAuthenticated = (req, res, next) => {
if (req.session.currentUser) {
return next()
} else {
res.status(403).json({msg:"login required"})
}
}
app.use(express.json());
app.get('/', function (req, res) {
res.send("Wags & Whiskers")
})
app.use('/users', routes.users)
app.use('/animals', routes.animals)
app.listen(PORT, () => {
console.log ("Server is running")
})