-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserver.js
More file actions
67 lines (53 loc) · 2.14 KB
/
server.js
File metadata and controls
67 lines (53 loc) · 2.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
require('dotenv').config();
var express = require('express');
const cors = require('cors');
const bp = require('body-parser');
var path = require( 'path' );
var favicon = require( 'serve-favicon' );
var logger = require( 'morgan' );
const expressJWT = require('express-jwt')
const RateLimit = require('express-rate-limit');
const apiRoutes = require('./routes/recipe-router');
const auth = require('./routes/auth');
const ingredientsRoutes = require('./routes/ingredient-router');
const locked = require('./routes/locked');
var app = express();
// This allows us to accept POST data from axios
app.use(bp.json());
app.use(bp.urlencoded({extended: false}));
app.use(logger('dev'));
app.use(express.json());
app.use(cors());
// Configure both serve-favicon & static middleware to serve from the production 'build' folder
app.use(favicon(path.join(__dirname, 'build', 'favicon.ico')));
app.use(express.static(path.join(__dirname, 'build')));
const loginLimiter = new RateLimit({
windowMs: 5*60*1000, // 5 minutes
max: 3,
delayMs: 0, // 0 means disabled
message: "Maximum login attempts exceeded. Please try again later.",
});
const signupLimiter = new RateLimit({
windowMs: 60*60*1000, // 60 minutes
max: 3,
delayMs: 0, // 0 means disabled
message: "Maximum accounts created. Please try again later.",
})
app.use('/auth/login', loginLimiter);
app.use('/auth/signup', signupLimiter);
require('./config/database.js');
// Put API routes here, before the "catch all" route
app.use('/api', apiRoutes);
app.use('/auth', auth);
app.use('/ingredients', ingredientsRoutes)
app.use('/locked', expressJWT({secret: process.env.JWT_SECRET}).unless({method: 'POST'}), locked);
// The following "catch all" route (note the *)is necessary for a SPA's client-side routing to properly work
app.get('/*', (req, res) => {
res.sendFile(path.join(__dirname, 'build', 'index.html'));
});
// Configure to use port 3000 during development to avoid collision with the React dev server (which is set to 8000)
var port = process.env.BACK_END_PORT || 3001;
var server = app.listen(port, () => {
console.log(`Express app running on port ${port}`)
});
module.exports = server;