lqdvi/app2-api
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
4af14ffb22
app2-api/core/express.js
david 1406bdcbb4 .
2019-08-18 23:15:34 +02:00

122 lines
2.8 KiB
JavaScript
Raw Blame History

'use strict';
const express = require('express');
//const morgan = require('morgan');
const bodyParser = require('body-parser');
const compress = require('compression');
const responseTime = require('response-time');
const methodOverride = require('method-override');
const cors = require('cors');
const helmet = require('helmet');
const passport = require('passport');
const config = require('../config');
const router = require('./router');
const error = require('../middlewares/error');
/**
* Express instance
* @public
*/
const app = express();
// request logging. dev: console | production: file
//app.use(morgan(logs));
// parse body params and attache them to req.body
app.use(bodyParser.json({ limit: '5mb' }));
app.use(bodyParser.urlencoded({
limit: '5mb', extended: true
}));
// set up the response-time middleware
app.use(responseTime());
// gzip compression
app.use(compress());
// lets you use HTTP verbs such as PUT or DELETE
// in places where the client doesn't support it
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// enable CORS - Cross Origin Resource Sharing
var allowedOrigins = ['http://localhost:8080', 'http://127.0.0.1:8080'];
app.use(cors({
origin: function (origin, callback) { // allow requests with no origin
// (like mobile apps or curl requests)
if (!origin) {
return callback(null, true);
}
if (allowedOrigins.indexOf(origin) === -1) {
var msg = 'The CORS policy for this site does not ' +
'allow access from the specified Origin.';
return callback(new Error(msg), false);
}
return callback(null, true);
}
}));
/*app.use(cors({
origin: '*',
exposeHeaders: [
"WWW-Authenticate",
"Server-Authorization",
"Content-Disposition",
"Content-Type",
"Content-Length"
],
maxAge: 31536000,
credentials: true,
allowMethods: [
"GET",
"POST",
"PUT",
"PATCH",
"DELETE",
"OPTIONS",
"HEAD"
],
allowHeaders: [
"Access-Control-Allow-Origin",
"Content-Type",
"X-CSRF-Token",
"X-Requested-With",
"Accept",
"Accept-Version",
"Content-Length",
"Content-MD5",
"Date",
"X-Api-Version",
"X-File-Name",
"Authorization",
"X-Frame-Options",
"Origin",
],
}));*/
// Access validator
app.use(passport.initialize());
require('./passport');
// Set routes
app.use('/api', router());
// if error is not an instanceOf APIError, convert it.
app.use(error.converter);
// catch 404 and forward to error handler
app.use(error.notFound);
// error handler, send stacktrace only during development
app.use(error.handler);
module.exports = app;
Reference in New Issue View Git Blame Copy Permalink