-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.js
More file actions
69 lines (49 loc) · 1.42 KB
/
app.js
File metadata and controls
69 lines (49 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
var createError = require('http-errors');
const RateLimit = require('express-rate-limit');
const RedisStore = require('rate-limit-redis');
const cookieParser = require('cookie-parser');
const cors = require('cors');
const express = require('express');
const app = express();
const compression = require('compression');
const helmet = require('helmet');
const csurf = require('csurf');
const mobileRoutesV1 = require('api/v1/mobile');
const webRoutesV1 = require('api/v1/web');
const errorHandler = require('middlewares/errorHandler');
const router = require('routes');
const mongoSanitize = require('express-mongo-sanitize');
const redisClient = require('utils/cache');
// Connect database
require('db').connect();
app.set('view engine', 'ejs');
// Disable insecure headers
app.disable('x-powered-by');
app.all('/api/', (req, res) => {
res.status = 404;
res.json({
success: false,
message: 'Unknown end point'
});
});
// Rate limiting
const limiter = new RateLimit({
store: new RedisStore({
client: redisClient
}),
max: 100
});
const csrfProtection = csurf({ cookie: true });
// MIDDLEWARES
app.use(limiter);
app.use(cors());
app.use(compression());
app.use(helmet());
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
// app.use(csrfProtection);
app.use(mongoSanitize());
app.use('/', router);
app.use(errorHandler);
module.exports = app;