Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 42 additions & 2 deletions src/config/express.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
import * as bodyParser from 'body-parser';
import express from 'express';
const morgan = require('morgan');
const cookieParser = require('cookie-parser');
const rateLimit = require('express-rate-limit');
const helmet = require('helmet');
const xss = require('xss-clean');
const hpp = require('hpp');
const cors = require('cors');
const compression = require('compression');

import authenticate from '../middlewares/authenticate';
import application from '../constants/application';
Expand All @@ -10,8 +16,42 @@ import * as errorHandler from '../middlewares/apiErrorHandler';

const app = express();

app.enable('trust proxy');

// Set Body parser, reading data from body into req.body
app.use(express.json({ limit: '10kb' }));
app.use(express.urlencoded({ extended: true, limit: '10kb' }));

// Set Cookie parser
app.use(cookieParser());

// Set security HTTP headers
app.use(helmet());

//Limit requests from the same API
const limiter = rateLimit({
max: 100,
windowMs: 60 * 60 * 1000,
messege: 'Too many requests from this IP, Please try again in an hour!'
});
app.use('/', limiter);

//Data sanitization against XSS
app.use(xss());

// Prevent http param pollution
app.use(hpp());

// Implement CORS
app.use(cors());

app.options('*', cors());

app.use(compression());

app.disable('x-powered-by');

require('dotenv').config();
app.use(bodyParser.json());

app.use(morgan('dev'));

Expand Down