Uecko/Uecko_ERP
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d60b8276f6
Uecko_ERP/apps/server/src/app.ts
david d60b8276f6 Gestión global de errores
2025-11-06 17:14:49 +01:00

97 lines
3.3 KiB
TypeScript
Raw Blame History

import { globalErrorHandler } from "@erp/core/api";
import cors, { CorsOptions } from "cors";
import express, { Application } from "express";
import helmet from "helmet";
import responseTime from "response-time";
// ❗️ No cargamos dotenv aquí. Debe hacerse en el entrypoint o en ./config.
// dotenv.config();
import { ENV } from "./config";
import { logger } from "./lib/logger";
export function createApp(): Application {
const app = express();
app.set("port", process.env.SERVER_PORT ?? 3002);
// Oculta la cabecera x-powered-by
app.disable("x-powered-by");
// Desactiva ETag correctamente a nivel de Express
app.set("etag", false);
// ───────────────────────────────────────────────────────────────────────────
// Parsers
app.use(express.json());
app.use(express.text());
app.use(express.urlencoded({ extended: true }));
// Métrica de tiempo de respuesta
app.use(responseTime());
// ───────────────────────────────────────────────────────────────────────────
// CORS
const devCors: CorsOptions = {
// En desarrollo reflejamos el Origin entrante (permite credenciales)
origin: true,
credentials: true,
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
exposedHeaders: [
"Content-Disposition",
"Content-Type",
"Content-Length",
"X-Total-Count",
"Pagination-Count",
"Pagination-Page",
"Pagination-Limit",
],
};
const prodCors: CorsOptions = {
origin: ENV.FRONTEND_URL,
credentials: true,
methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
exposedHeaders: [
"Content-Disposition",
"Content-Type",
"Content-Length",
"X-Total-Count",
"Pagination-Count",
"Pagination-Page",
"Pagination-Limit",
],
};
app.use(cors(ENV.NODE_ENV === "development" ? devCors : prodCors));
// ───────────────────────────────────────────────────────────────────────────
// Seguridad HTTP
app.use(helmet());
// ───────────────────────────────────────────────────────────────────────────
// Política de caché por defecto (no almacenamiento)
app.use((_, res, next) => {
res.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, max-age=0");
res.setHeader("Pragma", "no-cache");
res.setHeader("Expires", "0");
next();
});
// Inicializar Auth Provider (placeholder)
app.use((_, __, next) => {
// authProvider.initialize();
next();
});
// Logging de cada request
app.use((req, _, next) => {
logger.info(`▶️ Incoming request ${req.method} to ${req.path}`);
next();
});
// Gestión global de errores.
// Siempre al final de la cadena de middlewares
// y después de las rutas.
app.use(globalErrorHandler);
return app;
}
Reference in New Issue View Git Blame Copy Permalink