-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.js
119 lines (106 loc) · 2.64 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
const express = require("express");
const app = express();
const host = "0.0.0.0";
const port = process.env.PORT || 3000;
const jwt = require("jsonwebtoken");
(bodyParser = require("body-parser")),
(swaggerJsdoc = require("swagger-jsdoc")),
(swaggerUi = require("swagger-ui-express"));
require("dotenv").config();
require("./configs/db.js")();
const cors = require("cors");
app.use(express.json());
app.set("view engine", "html");
app.use(cors());
app.use(express.static(__dirname + "/views/"));
app.use(express.static(__dirname + "/public/"));
const options = {
definition: {
openapi: "3.1.0",
info: {
title: "App Store Express / Mongo API",
version: "0.1.0",
description: "An App Store Api built with Express, Mongo, and Swagger",
license: {
name: "MIT",
url: "https://spdx.org/licenses/MIT.html",
},
contact: {
name: "Stephen Gordon",
url: "https://stephengordon.ie",
email: "stephengordon48@gmail.com",
},
},
servers: [
{
url: "https://express-app-store-api-6f6c8ec32640.herokuapp.com/api/",
},
],
components: {
securitySchemes: {
bearerAuth: {
type: "http",
in: "header",
name: "Authorization",
description: "Bearer token to access these api endpoints",
scheme: "bearer",
bearerFormat: "JWT",
},
},
},
security: [
{
bearerAuth: [],
},
],
},
apis: ["./routes/*.js"],
};
const specs = swaggerJsdoc(options);
app.use(
"/api/docs",
swaggerUi.serve,
swaggerUi.setup(specs, { explorer: true })
);
app.use((req, res, next) => {
res.header("Access-Control-Allow-Origin", "*");
res.header(
"Access-Control-Allow-Headers",
"Origin, X-Requested, Content-Type, Accept Authorization"
);
if (req.method === "OPTIONS") {
res.header("Access-Control-Allow-Methods", "POST, PUT, PATCH, GET, DELETE");
return res.status(200).json({});
}
next();
});
//custom middleware
app.use((req, res, next) => {
let token = null;
if (req.headers.authorization) {
token = req.headers.authorization.split(" ");
}
if (token && token[0] === "Bearer") {
// verify token is valid
jwt.verify(token[1], process.env.JWT_SECRET, (err, decoded) => {
if (err) {
return console.error("Verification failed:", err);
} else {
// if token is valid set token to decoded information
req.user = decoded;
}
// go to next middleware
next();
});
} else {
req.user = undefined;
next();
}
});
// routes
app.use("/api/users", require("./routes/users"));
app.use("/api/apps", require("./routes/apps"));
app.use("/api/reviews", require("./routes/reviews"));
app.listen(port, host, () => {
console.log(`Example app listening on port ${port}`);
});