eo-services/src/loaders/express.js

import express from "express";
import cors from "cors";
import compression from "compression";
import morgan from "morgan";
import helmet from "helmet";
import config from "./../config/index.js";
import routes from "./../api/routes/index.js";
import { logger } from "../utils/index.js";
// import { rateLimiter } from '../api/middlewares/index.js';
import bodyParser from "body-parser";
import session from "express-session";
import cookieParser from "cookie-parser";

export default (app) => {
  logger.info("Loading Express ...");
  process.on("uncaughtException", async (error) => {
    logger.error(error);
  });

  process.on("unhandledRejection", async (ex) => {
    logger.error(ex);
  });

  if (!config.jwtSecret) {
    logger.crit("Jwtprivatekey is not defined");
    process.exit(1);
  }

  app.enable("trust proxy");
  // app.use(cors());

  app.use(cors({ origin: true, credentials: true }));
  app.use(bodyParser.urlencoded({ extended: false }));
  app.use(bodyParser.json());
  // app.use(morgan("dev"));
  app.use(morgan("common", {
    stream: {
      write: (message) => logger.info(message.trim()),
    },
  }));
  app.use(helmet());
  app.use(compression());
  app.use(cookieParser());
  app.use(express.static("public"));
  app.disable("x-powered-by");
  app.disable("etag");
  app.use(
    session({
      secret: "1234567890", // don't use this secret in prod :)
      resave: false,
      saveUninitialized: false,
      cookie: {
        secure: "auto",
        httpOnly: true,
        maxAge: 3600000,
      },
    })
  );

  //   app.use(rateLimiter);
  logger.info(`Mounting routes on ${config.api.prefix}`);
  app.use(config.api.prefix, routes);

  app.get("/", (_req, res) => {
    return res
      .status(200)
      .json({
        resultMessage: {
          en: "Project is successfully working...",
        },
        resultCode: "00004",
      })
      .end();
  });

  app.use((req, res, next) => {
    // res.header("Access-Control-Allow-Origin", "*");
    // res.header(
    //   "Access-Control-Allow-Headers",
    //   "Origin, X-Requested-With, Content-Type, Accept, Authorization"
    // );
    // res.header("Content-Security-Policy-Report-Only", "default-src: https:");
    // if (req.method === "OPTIONS") {
    //   res.header("Access-Control-Allow-Methods", "PUT POST PATCH DELETE GET");
    //   return res.status(200).json({});
    // }
    next();
  });

  app.use((_req, _res, next) => {
    const error = new Error("Endpoint could not find!");
    error.status = 404;
    next(error);
  });

  app.use((error, req, res) => {
    res.status(error.status || 500);
    logger.error(error.message);
    return res.json({
      resultMessage: {
        en: error.message,
        tr: error.message,
      },
    });
  });
};