-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.js
More file actions
97 lines (82 loc) · 2.8 KB
/
index.js
File metadata and controls
97 lines (82 loc) · 2.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
require('dotenv').config();
const express = require('express');
const app = express();
const swaggerUi = require('swagger-ui-express');
const cors = require('cors');
const rateLimit = require('express-rate-limit');
const morgan = require('morgan');
const session = require('express-session');
const MongoStore = require('connect-mongo');
const swaggerDocument = require('./swagger');
const connectToDatabase = require('./database/connection');
const { handleError } = require('./middleware/errorHandler');
const { welcomeHTML } = require('./utils/welcomeHTML');
const path = require('path');
// Import routes
const userRoutes = require('./routes/users');
const taskRoutes = require('./routes/tasks');
const apiRateLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // limit each IP to 100 requests per windowMs
message: 'Too many requests from this IP. Please try again after 15 minutes.',
});
const CSS_URL = "https://cdnjs.cloudflare.com/ajax/libs/swagger-ui/4.1.0/swagger-ui.min.css";
const allowedDomains = [process.env.LOCAL_URL, process.env.BUILD_URL, process.env.PROD_URL];
app.use(express.json());
app.set('trust proxy', 1);
app.use(cors({
origin: function(origin, callback){
if(allowedDomains.indexOf(origin) !== -1 || !origin){
return callback(null, true);
} else {
return callback(new Error('CORS not allowed'), false);
}
},
credentials: true,
methods: "GET,HEAD,PUT,POST,DELETE",
}));
app.use(morgan('dev'));
app.use(session({
name: 'sid',
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
store: MongoStore.create({ mongoUrl: process.env.MONGODB_URI }),
cookie: {
secure: process.env.NODE_ENV === 'production',
httpOnly: true,
maxAge: 1000 * 60 * 60 * 24
},
rolling: true,
}));
// Apply rate limiter to all API routes
app.use('/api/v1/', apiRateLimiter);
// app.use(shouldSendSameSiteNone);
app.use(express.static('build'));
app.use('/api/docs', swaggerUi.serve, swaggerUi.setup(swaggerDocument, { customCssUrl: CSS_URL }));
// Routes
app.use('/api/v1/users', userRoutes);
app.use('/api/v1', taskRoutes);
// error handler middleware
app.use(handleError);
app.get('/api', (req, res) => {
res.send(welcomeHTML());
});
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname + '/build/index.html'));
});
// Connect to MongoDB for both direct run and tests
connectToDatabase()
.then(() => {
// Only start the server if this file is run directly
if (require.main === module) {
const port = process.env.PORT || 3000;
app.listen(port, () => {
console.log(`Server is running on port ${port}`);
});
}
})
.catch((err) => {
console.error('Failed to connect to MongoDB', err);
});
module.exports = app;