Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const createError = require('http-errors');
- const express = require('express');
- const path = require('path');
- const cookieParser = require('cookie-parser');
- const session = require('express-session');
- const expressLayouts = require('express-ejs-layouts');
- const bodyParser = require('body-parser');
- const mongoose = require('mongoose');
- const flash = require('connect-flash');
- const passport = require('passport');
- const csrf = require('csurf');
- const helmet = require('helmet')
- const indexRouter = require('./routes/index');
- const usersRouter = require('./routes/users');
- const challengesRouter = require('./routes/challenges');
- const activitiesRouter = require('./routes/activities');
- const app = express();
- require('./config/passport')(passport);
- const db = require('./config/keys').mongoURI;
- //import Recaptcha from 'express-recaptcha'
- // Connect to MongoDB
- mongoose
- .connect(db, {
- useCreateIndex: true,
- useNewUrlParser: true,
- useFindAndModify: false
- })
- .then(() => console.log('MongoDB Connected'))
- .catch(err => console.log(err));
- // View engine setup
- app.use(expressLayouts);
- app.set('views', path.join(__dirname, 'views'));
- app.set('view engine', 'ejs');
- // Set body-parser
- app.use(bodyParser.json());
- app.use(
- bodyParser.urlencoded({
- extended: true
- })
- );
- app.use(helmet());
- app.disable('x-powered-by');
- app.use(express.json());
- app.use(express.urlencoded({ extended: false }));
- app.use(cookieParser());
- // Set static resources
- app.use(express.static(path.join(__dirname, 'public')));
- // Express session
- app.use(
- session({
- secret: 'secret',
- resave: true,
- saveUninitialized: true,
- name: 'sessionId',
- cookie:{
- httpOnly: true,
- secure: true,
- sameSite: true,
- expires: new Date(Date.now() + 60 * 60 * 1000)
- }
- })
- );
- // Passport middleware
- app.use(passport.initialize());
- app.use(passport.session());
- // Connect flash
- app.use(flash());
- // Global variables
- app.use(function(req, res, next) {
- res.locals.success_msg = req.flash('success_msg');
- res.locals.error_msg = req.flash('error_msg');
- next();
- });
- // CSRF Token Protection
- app.use(csrf());
- app.use(function(req, res, next) {
- res.cookie('XSRF-TOKEN', req.csrfToken(), {
- httpOnly: true,
- secure: true,
- sameSite: true,
- expires: new Date(Date.now() + 60 * 60 * 1000)
- });
- res.locals.csrftoken = req.csrfToken();
- next();
- });
- // Router
- app.use('/', indexRouter);
- app.use('/users', usersRouter);
- app.use('/challenges', challengesRouter);
- app.use('/activities', activitiesRouter);
- // catch 404 and forward to error handler
- app.use(function(req, res, next) {
- next(createError(404));
- });
- // error handler
- app.use(function(err, req, res, next) {
- // set locals, only providing error in development
- res.locals.message = err.message;
- res.locals.error = req.app.get('env') === 'development' ? err : {};
- // render the error page
- res.status(err.status || 500);
- res.render('error');
- });
- module.exports = app;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement