-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.js
63 lines (51 loc) · 1.6 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
const cors = require('cors');
const createError = require('http-errors');
const cookieParser = require('cookie-parser')
const express = require('express');
const helmet = require('helmet');
const path = require('path');
const logger = require('morgan');
const routes = require('./routes');
const usersRouter = require('./routes/api/users');
const appointmentsRouter = require('./routes/api/appointments');
const app = express();
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(express.static(path.join(__dirname, 'public')));
app.use(cookieParser())
// Security Middleware
app.use(cors({ origin: true }));
app.use(helmet({ hsts: false }));
// app.use(csurf({
// cookie: {
// secure: process.env.NODE_ENV === 'production',
// sameSite: process.env.NODE_ENV === 'production',
// httpOnly: true
// }
// }));
app.use(routes);
// app.use('/api/users', usersRouter);
// app.use('/api/appointments', appointmentsRouter);
// Serve React Application
// This should come after routes, but before 404 and error handling.
if (process.env.NODE_ENV === "production") {
app.use(express.static("client/build"));
app.get(/\/(?!api)*/, (req, res) => {
res.sendFile(path.resolve(__dirname, "client", "build", "index.html"));
});
}
app.use(function (_req, _res, next) {
next(createError(404));
});
app.use(function (err, _req, res, _next) {
res.status(err.status || 500);
if (err.status === 401) {
res.set('WWW-Authenticate', 'Bearer');
}
res.json({
message: err.message,
error: JSON.parse(JSON.stringify(err)),
});
});
module.exports = app;