here is my app.js
const express = require('express')
const requireAll = require('require-all')
const path = require('path')
const cookieParser = require('cookie-parser')
const bodyParser = require('body-parser')
const cors = require('cors')
const jwt = require('express-jwt')
const { logger } = require('./services/logger.services')
const expressWinston = require('express-winston')
const { ensureAuthenticated, PUBLIC_ROUTES } = require('forest-express-mongoose')
const config = require('config')
const app = express()
app.use(
expressWinston.logger({
winstonInstance: logger,
metaField: 'http',
requestField: 'request',
responseField: 'response',
requestWhitelist: [],
responseWhitelist: [],
headerBlacklist: ['user-agent'],
expressFormat: true,
colorize: true,
dynamicMeta: function(req, res) {
return {
request: {
method: req.method,
url: `${req.protocol}://${req.hostname}${req.url}`,
path: req.path,
query: req.query,
headers: config.get('log.http_headers') ? req.headers : {},
source_ip: req.get('x-forwarded-for')
// user_agent: req.get('user-agent')
},
response: {
status: res.statusCode,
message: res.statusMessage,
type: res.get('Content-Type'),
headers: config.get('log.http_headers') ? res.getHeaders() : {}
}
}
}
})
)
app.use(bodyParser.json({ limit: '5mb' }))
app.use(bodyParser.urlencoded({ extended: false, limit: '5mb' }))
app.use(cookieParser())
app.use(express.static(path.join(__dirname, 'public')))
let allowedOrigins = [/forestadmin\.com$/, /localhost:\d{4}$/]
if (process.env.CORS_ORIGINS) {
allowedOrigins = allowedOrigins.concat(process.env.CORS_ORIGINS.split(','))
}
const corsConfig = {
origin: allowedOrigins,
allowedHeaders: ['Authorization', 'X-Requested-With', 'Content-Type'],
maxAge: 86400, // NOTICE: 1 day
credentials: true
}
app.use(
'/forest/authentication',
cors({
...corsConfig,
origin: corsConfig.origin.concat('null')
})
)
app.use(cors(corsConfig))
app.use(
jwt({
secret: config.get('forest.auth_secret'),
credentialsRequired: false,
algorithms: ['HS256']
})
)
app.use('/forest', (request, response, next) => {
if (PUBLIC_ROUTES.includes(request.url)) {
return next()
}
return ensureAuthenticated(request, response, next)
})
requireAll({
dirname: path.join(__dirname, 'routes'),
recursive: true,
resolve: Module => app.use('/forest', Module)
})
requireAll({
dirname: path.join(__dirname, 'middlewares'),
recursive: true,
resolve: Module => Module(app)
})
module.exports = app