We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
pangolin
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 7d615d00d8
Branches Tags
pangolin
/
server
/
apiServer.ts

apiServer.ts 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. import express, { Request, Response } from "express";
    2. 

  2. import cors from "cors";
    3. 

  3. import cookieParser from "cookie-parser";
    4. 

  4. import config from "@server/config";
    5. 

  5. import logger from "@server/logger";
    6. 

  6. import {
    7. 

  7.     errorHandlerMiddleware,
    8. 

  8.     notFoundMiddleware,
    9. 

  9.     rateLimitMiddleware
    10. 

  10. } from "@server/middlewares";
    11. 

  11. import { authenticated, unauthenticated } from "@server/routers/external";
    12. 

  12. import { router as wsRouter, handleWSUpgrade } from "@server/routers/ws";
    13. 

  13. import { logIncomingMiddleware } from "./middlewares/logIncoming";
    14. 

  14. import { csrfProtectionMiddleware } from "./middlewares/csrfProtection";
    15. 

  15. import helmet from "helmet";
    16. 

  16. 

  17. const dev = process.env.ENVIRONMENT !== "prod";
    18. 

  18. const externalPort = config.server.external_port;
    19. 

  19. 

  20. export function createApiServer() {
    21. 

  21.     const apiServer = express();
    22. 

  22. 

  23.     // Middleware setup
    24. 

  24.     apiServer.set("trust proxy", 1);
    25. 

  25.     if (dev) {
    26. 

  26.         apiServer.use(
    27. 

  27.             cors({
    28. 

  28.                 origin: `http://localhost:${config.server.next_port}`,
    29. 

  29.                 credentials: true
    30. 

  30.             })
    31. 

  31.         );
    32. 

  32.     } else {
    33. 

  33.         const corsOptions = {
    34. 

  34.             origin: config.app.base_url,
    35. 

  35.             methods: ["GET", "POST", "PUT", "DELETE", "PATCH"],
    36. 

  36.             allowedHeaders: ["Content-Type", "X-CSRF-Token"]
    37. 

  37.         };
    38. 

  38. 

  39.         apiServer.use(cors(corsOptions));
    40. 

  40.         apiServer.use(helmet());
    41. 

  41.         apiServer.use(csrfProtectionMiddleware);
    42. 

  42.     }
    43. 

  43. 

  44.     apiServer.use(cookieParser());
    45. 

  45.     apiServer.use(express.json());
    46. 

  46. 

  47.     if (!dev) {
    48. 

  48.         apiServer.use(
    49. 

  49.             rateLimitMiddleware({
    50. 

  50.                 windowMin: config.rate_limits.global.window_minutes,
    51. 

  51.                 max: config.rate_limits.global.max_requests,
    52. 

  52.                 type: "IP_AND_PATH"
    53. 

  53.             })
    54. 

  54.         );
    55. 

  55.     }
    56. 

  56. 

  57.     // API routes
    58. 

  58.     const prefix = `/api/v1`;
    59. 

  59.     apiServer.use(logIncomingMiddleware);
    60. 

  60.     apiServer.use(prefix, unauthenticated);
    61. 

  61.     apiServer.use(prefix, authenticated);
    62. 

  62. 

  63.     // WebSocket routes
    64. 

  64.     apiServer.use(prefix, wsRouter);
    65. 

  65. 

  66.     // Error handling
    67. 

  67.     apiServer.use(notFoundMiddleware);
    68. 

  68.     apiServer.use(errorHandlerMiddleware);
    69. 

  69. 

  70.     // Create HTTP server
    71. 

  71.     const httpServer = apiServer.listen(externalPort, (err?: any) => {
    72. 

  72.         if (err) throw err;
    73. 

  73.         logger.info(
    74. 

  74.             `API server is running on http://localhost:${externalPort}`
    75. 

  75.         );
    76. 

  76.     });
    77. 

  77. 

  78.     // Handle WebSocket upgrades
    79. 

  79.     handleWSUpgrade(httpServer);
    80. 

  80. 

  81.     return httpServer;
    82. 

  82. }
    83.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5