forked from ManuelaIacobovici/acebook-mern-water-team
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.js
92 lines (70 loc) · 2.43 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
const createError = require("http-errors");
const express = require("express");
const path = require("path");
const logger = require("morgan");
const JWT = require("jsonwebtoken");
const postsRouter = require("./routes/posts");
const tokensRouter = require("./routes/tokens");
const usersRouter = require("./routes/users");
const corsOrigin = process.env.CORS_ORIGIN || "https://farcebook-9uwa.onrender.com"
const app = express();
// setup for receiving JSON
app.use(express.json())
app.use(logger("dev"));
app.use(express.static(path.join(__dirname, "public")));
// Define a middleware function for CORS headers
const handleCors = (req, res, next) => {
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content, Accept, Content-Type, Authorization');
next();
};
// Use the CORS middleware for specific routes
app.options('/posts', handleCors, (req, res) => {
res.sendStatus(200);
});
app.options('/posts/:id', handleCors, (req, res) => {
res.sendStatus(200);
});
// Use the CORS middleware for all routes
app.use(handleCors);
// avatars is the URL path to access the avatars folder
//display the images in the avatars folder
app.use('/avatars', express.static(path.join(__dirname, 'avatars')));
// middleware function to check for valid tokens
const tokenChecker = (req, res, next) => {
let token;
const authHeader = req.get("Authorization")
if(authHeader) {
token = authHeader.slice(7)
}
JWT.verify(token, process.env.JWT_SECRET, (err, payload) => {
if(err) {
console.log(err)
res.status(401).json({message: "auth error"});
} else {
req.user_id = payload.user_id;
next();
}
});
};
// route setup
app.get('/health', (req, res) => {
res.status(200).send('Server is up and running.');
});
app.use("/posts", tokenChecker, postsRouter);
app.use("/tokens", tokensRouter);
app.use("/users", usersRouter);
// catch 404 and forward to error handler
app.use((req, res, next) => {
next(createError(404));
});
// error handler
app.use((err, req, res) => {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get("env") === "development" ? err : {};
// respond with details of the error
res.status(err.status || 500).json({message: 'server error'})
});
module.exports = app;