UNPKG

node-enterprise-starter

Version:

<h1 align="center">Node Enterprise Starter</h1>

125 lines (109 loc) 2.92 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
/* eslint-disable no-undef */ /* eslint-disable no-unused-vars */ /* eslint-disable @typescript-eslint/no-unused-vars */ /* eslint-disable @typescript-eslint/no-explicit-any */ import express, { Application, Request, Response } from "express"; import cookieParser from "cookie-parser"; import cors from "cors"; import helmet from "helmet"; import compression from "compression"; import morgan from "morgan"; import rateLimit from "express-rate-limit"; // Import routes and middlewares import router from "./app/routes"; import notFound from "./app/middlewares/notFound"; import globalErrorHandler from "./app/middlewares/globalErrorhandler"; import logger from "./app/utils/logger"; import config from "./config"; /** * Express application setup */ const app: Application = express(); /** * Security Middleware */ // Set security HTTP headers app.use(helmet()); // Implement CORS app.use( cors({ origin: config.client_url, credentials: true, methods: ["GET", "POST", "PUT", "DELETE", "PATCH"], allowedHeaders: ["Content-Type", "Authorization"], }) ); // Rate limiting to prevent brute-force attacks const limiter = rateLimit({ windowMs: 15 * 60 * 1000, // 15 minutes max: 100, // limit each IP to 100 requests per windowMs standardHeaders: true, legacyHeaders: false, message: "Too many requests from this IP, please try again later", }); app.use("/api", limiter); /** * Request Parsers */ // Body parser, reading data from body into req.body app.use(express.json({ limit: "10kb" })); app.use(express.urlencoded({ extended: true, limit: "10kb" })); app.use(cookieParser()); /** * Performance Middleware */ // Compress all responses app.use(compression()); /** * Logging Middleware */ // Development logging if (config.NODE_ENV === "development") { app.use(morgan("dev")); } else { // Custom logging format for production app.use( morgan( ':remote-addr - :remote-user [:date[clf]] ":method :url HTTP/:http-version" :status :res[content-length] ":referrer" ":user-agent" - :response-time ms', { stream: { write: (message: string) => logger.http(message.trim()), }, } ) ); } /** * Health Check Endpoint */ app.get("/health", (req: Request, res: Response) => { res.status(200).json({ status: "success", message: "Server is healthy", timestamp: new Date().toISOString(), environment: config.NODE_ENV, }); }); /** * API Routes */ app.use("/api/v1", router); /** * Root Endpoint */ app.get("/", (req: Request, res: Response) => { res.status(200).json({ status: "success", message: `API Server running on port: ${config.port}`, version: "1.0.0", }); }); /** * Error Handling Middleware * Note: Error handlers must be the last middleware to be used */ // Handle 404 errors app.use(notFound); // Global error handler app.use(globalErrorHandler); export default app;