-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
124 lines (92 loc) Β· 2.99 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
const path = require("path");
const express = require("express");
const fileUpload = require("express-fileupload");
//configuring here itself aboce requiring routes, otherwise geoCoder is not able to import the process variables
const dotenv = require("dotenv").config({ path: "./config/config.env" });
const colors = require("colors");
var cookieParser = require("cookie-parser");
//Error Handler Middleware function
const errorHandler = require("./middlewares/error");
//Express mongo sanitize
const mongoSanitize = require("express-mongo-sanitize");
//Helmet security Headers
const helmet = require("helmet");
//XSS Prevention
const xss = require("xss-clean");
//Rate Limiting
const rateLimit = require("express-rate-limit");
//cross origin resource sharing
var cors = require("cors");
//http parameter pollution protection
var hpp = require("hpp");
//Requiring routes
const bootcamps = require("./routes/bootcamps");
const auth = require("./routes/auth");
const courses = require("./routes/courses");
const users = require("./routes/users");
const reviews = require("./routes/reviews");
//Requiring logger middleware morgan
const morgan = require("morgan");
//Loading env variables
//Initialising app with express
const app = express();
//Middleware to use req.body i.e body parser
app.use(express.json());
//Cookie Parser
app.use(cookieParser());
//MongoDB connection variable
const connectDB = require("./config/db");
//Connect to db
connectDB();
//Dev logging middleware
if (process.env.NODE_ENV == "development") {
app.use(morgan("combined"));
}
//Enable cross origin resource sharing i.e a different domain can request to our api.
app.use(cors());
//HPP http parameter pollution attack protection
app.use(hpp());
//Rate limit
const limiter = rateLimit({
windowMs: 10 * 60 * 1000, // 10 minutes
max: 100, // limit each IP to 100 requests per windowMs
});
// apply to all requests
app.use(limiter);
//Security Headers
app.use(
helmet({
contentSecurityPolicy: false,
})
);
//Prevent XSS
app.use(xss());
//Mongo Sanitize Data
app.use(mongoSanitize());
//File Upload Middleware
app.use(fileUpload());
//Set static folder
app.use(express.static(path.join(__dirname, "public")));
//Using bootcamp routes and connecting them with bootcamp uri
app.use("/api/v1/bootcamps", bootcamps);
app.use("/api/v1/courses", courses);
app.use("/api/v1/auth", auth);
app.use("/api/v1/users", users);
app.use("/api/v1/reviews", reviews);
app.use("/*", (req, res) => {
res.send("404 Not Found");
});
//Using error handler middleware
app.use(errorHandler);
//Port to run on rnv port or 5000 if env port is not available
const PORT = process.env.PORT || 5000;
const server = app.listen(PORT, () => {
console.log(`Server running on port: ${PORT}`.yellow.bold);
});
//Handling unhandled promise rejections
process.on("unhandledRejection", (err, promise) => {
//Logging error message
console.log(`Error: ${err.message}`.red);
//Closing server and exiting the process/application
server.close(() => process.exit(1));
});