-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
99 lines (90 loc) · 3.31 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
const express = require("express");
// TODO DECIDE IF WE NEED
const cors = require("cors"); //Cross-Origin resource sharing
const mongoose = require("mongoose");
const https = require("https");
const fs = require("fs");
const path = require("path");
const helmet = require("helmet");
const passport = require("passport");
const cookieParser = require("cookie-parser");
const cookieEncrypter = require("cookie-encrypter");
const mongoSanitize = require("express-mongo-sanitize");
const swaggerUI = require("swagger-ui-express");
const specs = require("./swagger/openapi.json");
require("dotenv").config();
const app = express();
const port = process.env.PORT || 5000;
//When deployed behind reverse proxy
if (process.env.NODE_ENV === "production") {
app.set("trust proxy", 1);
}
//app.use(cors());
app.use(express.json());
app.use(helmet()); //Sets HTTP headers to combat common well-known web vulnerabilities
app.use(passport.initialize());
app.use(cookieParser(process.env.cookieSecret));
app.use(cookieEncrypter(process.env.cookieAESsecret));
app.use(mongoSanitize()); //Stripts requests from characters that can be used maliciously with mongoDB
//Mongodb connection using ATLAS cloud services
const uri = process.env.ATLAS_URI;
mongoose
.connect(uri, {
useNewUrlParser: true,
useCreateIndex: true,
useUnifiedTopology: true,
useFindAndModify: false, //FindAndModify is deprecated
})
.catch((error) => console.error("Mongo Error:" + error));
const connection = mongoose.Connection;
console.log("Mongodb ready state:" + mongoose.connection.readyState);
//Importing Passport js strategies
require("./auth/passport");
//Importing endpoints
const registerRouter = require("./routes/register");
const loginRouter = require("./routes/login");
const logoutRouter = require("./routes/logout");
const userRouter = require("./routes/user");
const adminRouter = require("./routes/admin");
const searchRouter = require("./routes/search");
const hostRouter = require("./routes/host");
//Using endpoints("routes")
app.use("/register", registerRouter);
app.use("/login", loginRouter);
app.use("/logout", logoutRouter);
app.use("/user", userRouter);
app.use("/admin", adminRouter);
app.use("/search", searchRouter);
app.use("/host", hostRouter);
app.use("/docs", swaggerUI.serve, swaggerUI.setup(specs));
//!For production deployment with react frontend set NODE_ENV = production, npm start build and set port=5000 in the .env file
if (process.env.NODE_ENV === "production") {
// Serve any static files
app.use(express.static(path.join(__dirname, "../frontend/react-app/build"))); // Handle React routing, return all requests to React app
app.get("*", function (req, res) {
res.sendFile(
path.join(__dirname, "../frontend/react-app/build", "Index.html")
);
});
}
//*Uncommend for ssl verification
// app.use(express.static(__dirname, { dotfiles: 'allow' } ));
//*HTTPS connection using let's encrypt signed certificate
//*Generated stronger Diffie-Hellman parameters
https
.createServer(
{
key: fs.readFileSync(process.env.KEYPATH),
cert: fs.readFileSync(process.env.FULLCHAIN),
dhparam: fs.readFileSync(process.env.DHPARAM),
honorCipherOrder: true,
ecdhCurve: "auto",
},
app
)
.listen(port, (err) => {
if (err) {
throw err;
}
console.log("Server is running on port:" + port);
});