-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.js
More file actions
93 lines (90 loc) · 2.83 KB
/
Copy pathapp.js
File metadata and controls
93 lines (90 loc) · 2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
/*********************************************
* Project name: Blogs API
* Author: Muslim Shah
* Date: 28/5/2023
*
* Description: Blogs API in which users can create an account, login, create, update, and delete blogs,
* read their own and other users' blogs, comment on a blog, and delete their comments.
*
* Routes Handled:
* - api/v1/auth/register
* - api/v1/auth/login (GET)
* - Blogs [Authentication Required]
* - GET api/v1/
* - GET api/v1/:id
* - GET api/v1/users/blogs
* - GET api/v1/users/blogs/:id
* - Create Blog (POST api/v1/)
* - Update Blog (PATCH api/v1/:id)
* - Delete Blog (DELETE api/v1/:id)
* - Post Comment
* - PATCH api/v1/users/blogs/:id
* - Delete Comment (DELETE api/v1/users/blogs/comments/:commentId)
*
* Security Packages Used:
* - helmet: Provides various security-related HTTP headers.
* - cors: Enables Cross-Origin Resource Sharing (CORS) for handling requests from different domains.
* - xss-clean: Prevents Cross-Site Scripting (XSS) attacks by sanitizing user input.
* - express-limiter: Implements rate limiting to protect against brute force and denial-of-service attacks.
*
* Error Handling:
* - express-async-errors: Handles asynchronous errors in Express.js.
*********************************************/
//importing required files from import.js
const {
express,
authRouts,
blogsRoutes,
connectDB,
pageNotFound,
errorHandler,
cors,
helmet,
xss,
rateLimit,
} = require("./config/import");
require("dotenv").config();
const auth = require("./utils/auth");
const path = require("path");
const app = express();
const PORT = process.env.PORT || 5000;
app.use(express.urlencoded({ extended: true }));
app.use(express.json());
// app.use(helmet());
app.use(
cors({
origin: "*",
methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
allowedHeaders: ["Content-Type", "Authorization"],
})
);
// app.use(xss());
app.use(express.static(path.join(__dirname, "public")));
// app.use(
// rateLimit({
// windowMs: 15 * 60 * 1000, // 15 minutes
// max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
// standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
// legacyHeaders: false, // Disable the `X-RateLimit-*` headers
// })
// );
app.set("view engine", "views");
//routes
app.use("/api/v1/auth", authRouts);
app.use("/api/v1/", auth, blogsRoutes);
//page not found middleware
app.use(pageNotFound);
//error handler middleware
app.use(errorHandler);
//start function for starting server
const start = async () => {
//connecting to db
console.log("Initializing ...");
try {
await connectDB(process.env.MONGODB_URI);
app.listen(PORT, "0.0.0.0", () => console.log(`CONNECTED ON PORT ${PORT}`));
} catch (error) {
console.log("database connection error");
}
};
start();