-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
78 lines (64 loc) · 2.21 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
const { PORT, ALLOWED_ORIGINS, JWT_SECRET_KEY } = require('./config/index.js');
const express = require('express');
const path = require('path');
const cors = require('cors');
const cookieParser = require('cookie-parser');
const mongoSanitize = require('express-mongo-sanitize');
const helmet = require('helmet');
const connectToDb = require('./db/mongoose');
const userRoutes = require('./api/routes/userRoutes');
const kitRoutes = require('./api/routes/kitRoutes');
const searchRoutes = require('./api/routes/searchRoutes');
const pageRoutes = require('./api/routes/pageRoutes');
const authRoutes = require('./api/routes/authRoutes');
const soundRoutes = require('./api/routes/soundRoutes');
const songRoutes = require('./api/routes/songRoutes');
const { handleErrorMw, handleDbErrorMw, logRequestsMw } = require('./middleware');
connectToDb();
const app = express();
const corsOptions = { origin: { ...ALLOWED_ORIGINS }, credentials: true };
app.use(cors(corsOptions));
app.use(mongoSanitize());
app.use(cookieParser(JWT_SECRET_KEY));
app.use(express.json());
app.use(
helmet({
contentSecurityPolicy: {
directives: {
imgSrc: [
"'self'",
'https://www.googletagmanager.com/',
'https://c.clarity.ms/',
'https://c.bing.com/c.gif',
],
defaultSrc: ["'self'", ...ALLOWED_ORIGINS],
scriptSrc: ["'self'", "'unsafe-eval'", ...ALLOWED_ORIGINS],
connectSrc: ["'self'", ...ALLOWED_ORIGINS],
workerSrc: ["'self'", 'blob:'],
mediaSrc: ["'self'", ...ALLOWED_ORIGINS],
},
},
})
);
app.use((req, res, next) => {
res.setHeader('Permissions-Policy', 'interest-cohort=()');
next();
});
app.use('/views', express.static(path.join(__dirname, './views')));
app.use('/api/users', userRoutes);
app.use('/api/kits', kitRoutes);
app.use('/api/sounds', soundRoutes);
app.use('/api/songs', songRoutes);
app.use('/api/auth', authRoutes);
app.use(searchRoutes);
app.use(pageRoutes);
app.use(logRequestsMw);
app.use(handleDbErrorMw);
app.use(handleErrorMw);
app.use(express.static('public'));
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname + '/public/index.html'));
});
app.listen(PORT, () => {
console.log(`Listening on port ${PORT}`);
});