UNPKG

get-express-starter

Version:

Get production ready express boilerplate with a single command

67 lines (51 loc) 1.62 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
const express = require('express'); const helmet = require('helmet'); const xss = require('xss-clean'); const mongoSanitize = require('express-mongo-sanitize'); const compression = require('compression'); const httpStatus = require('http-status'); const routes = require('./routes'); const env = require('./config/env'); const morgan = require('./config/morgan'); const corsConfig = require('./config/cors'); const { authLimiter } = require('./middlewares/rate-limiter'); const { errorConverter, errorHandler } = require('./middlewares/error'); const ApiError = require('./utils/api-error'); const app = express(); if (env.mode !== 'test') { app.use(morgan.successHandler); app.use(morgan.errorHandler); } // set security HTTP headers app.use(helmet()); // parse json request body app.use(express.json()); // parse urlencoded request body app.use(express.urlencoded({ extended: true })); // sanitize request data app.use(xss()); app.use(mongoSanitize()); // gzip compression app.use(compression()); // enable cors app.use(corsConfig); app.options('*', corsConfig); // limit repeated failed requests to auth endpoints if (env.mode === 'production') { app.use('/api/auth', authLimiter); } // root route app.get('/', (_, res) => { res.status(httpStatus.OK).json({ status: 'OK' }); }); // api routes app.use('/v1', routes); // send back a 404 error for any unknown api request app.use((req, res, next) => { next(new ApiError(httpStatus.NOT_FOUND, 'No endpoint found')); }); // convert error to ApiError, if needed app.use(errorConverter); // handle error app.use(errorHandler); module.exports = app;