var express = require('express'),
bodyParser = require('body-parser'),
cors = require('cors'),
helmet = require('helmet'),
rateLimit = require('express-rate-limit'),
enrouten = require('express-enrouten'),
session = require('express-session'),
uuid = require('uuid/v4'),
fileStore = require('session-file-store')(session),
passport = require('passport');
//Start express
var app = express();
//Set global variables
global.config = require('./config/config');
//Set up express middleware
app.use([
//Body Parser middleware
bodyParser.json(),
bodyParser.urlencoded({ extended: true }),
//Disable cors
cors({
origin: '*',
methods: 'GET,HEAD,POST',
preflightContinue: false,
credentials: false
}),
//Helmet middleware
helmet({
framegaurd: {
action: 'deny'
},
hsts: {
maxAge: 5184000,
includeSubDomains: true,
preload: true
},
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
styleSrc: ["'self'", 'maxcdn.bootstrapcdn.com']
}
}
}),
//Express rate limit middleware
rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100 // limit each IP to 100 requests per windowMs
}),
//Passport
passport.initialize(),
passport.session(),
//Session
session({
genid: function(req) {
return uuid();
},
store: new fileStore(),
secret: config.ss,
resave: false,
name: 'website',
saveUninitialized: false,
cookie: {
domain: '.website.com',
secure: true,
httpOnly: true,
expires: new Date(Date.now() + 3600000),
maxAge: 3600000
},
path: 'sessions'
}),
//Routes
enrouten({
directory: 'routes',
index: 'routes/posts.js'
})
]);
//Listen
app.listen(process.env.PORT || 4000, function() {
console.log('Run');
});
bodyParser = require('body-parser'),
cors = require('cors'),
helmet = require('helmet'),
rateLimit = require('express-rate-limit'),
enrouten = require('express-enrouten'),
session = require('express-session'),
uuid = require('uuid/v4'),
fileStore = require('session-file-store')(session),
passport = require('passport');
//Start express
var app = express();
//Set global variables
global.config = require('./config/config');
//Set up express middleware
app.use([
//Body Parser middleware
bodyParser.json(),
bodyParser.urlencoded({ extended: true }),
//Disable cors
cors({
origin: '*',
methods: 'GET,HEAD,POST',
preflightContinue: false,
credentials: false
}),
//Helmet middleware
helmet({
framegaurd: {
action: 'deny'
},
hsts: {
maxAge: 5184000,
includeSubDomains: true,
preload: true
},
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
styleSrc: ["'self'", 'maxcdn.bootstrapcdn.com']
}
}
}),
//Express rate limit middleware
rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100 // limit each IP to 100 requests per windowMs
}),
//Passport
passport.initialize(),
passport.session(),
//Session
session({
genid: function(req) {
return uuid();
},
store: new fileStore(),
secret: config.ss,
resave: false,
name: 'website',
saveUninitialized: false,
cookie: {
domain: '.website.com',
secure: true,
httpOnly: true,
expires: new Date(Date.now() + 3600000),
maxAge: 3600000
},
path: 'sessions'
}),
//Routes
enrouten({
directory: 'routes',
index: 'routes/posts.js'
})
]);
//Listen
app.listen(process.env.PORT || 4000, function() {
console.log('Run');
});