-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathserver.js
More file actions
124 lines (107 loc) · 3.69 KB
/
server.js
File metadata and controls
124 lines (107 loc) · 3.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
require('dotenv').config();
const express = require('express');
const mongoose = require('mongoose');
const cors = require('cors');
const path = require('path');
const helmet = require('helmet');
const rateLimit = require('express-rate-limit');
const app = express();
const PORT = process.env.PORT || 3000;
const MONGO_URI = process.env.MONGO_URI || 'mongodb://localhost:27017/bugvault';
// Security: Helmet for security headers
app.use(helmet({
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
styleSrc: ["'self'", "'unsafe-inline'", "https://fonts.googleapis.com"],
fontSrc: ["'self'", "https://fonts.gstatic.com"],
scriptSrc: ["'self'"],
imgSrc: ["'self'", "data:"],
connectSrc: ["'self'"]
}
}
}));
// Security: Rate limiting (100 requests per 15 minutes per IP)
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100,
message: { error: 'Too many requests, please try again later.' },
standardHeaders: true,
legacyHeaders: false
});
app.use('/api', limiter);
// Security: CORS with restricted origins
const corsOptions = {
origin: process.env.ALLOWED_ORIGINS?.split(',') || 'http://localhost:3000',
credentials: true,
optionsSuccessStatus: 200
};
app.use(cors(corsOptions));
// Middleware: Reduced JSON size limit for security
app.use(express.json({ limit: '1mb' }));
app.use(express.urlencoded({ extended: true, limit: '1mb' }));
// Serve static files
app.use(express.static(path.join(__dirname, 'public')));
// Health check endpoint
app.get('/api/health', (req, res) => {
res.json({
status: 'ok',
timestamp: new Date().toISOString(),
database: mongoose.connection.readyState === 1 ? 'connected' : 'disconnected',
uptime: process.uptime()
});
});
// API routes
app.use('/api/bugs', require('./routes/bugs'));
// Serve frontend for all other routes
app.get('*', (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'index.html'));
});
// MongoDB connection with retry logic
const connectDB = async () => {
try {
await mongoose.connect(MONGO_URI, {
serverSelectionTimeoutMS: 5000,
});
console.log('✅ MongoDB connected successfully');
} catch (error) {
console.error('❌ MongoDB connection error:', error.message);
console.log('🔄 Retrying in 5 seconds...');
setTimeout(connectDB, 5000);
}
};
// Handle MongoDB connection events
mongoose.connection.on('disconnected', () => {
console.log('⚠️ MongoDB disconnected. Attempting to reconnect...');
});
mongoose.connection.on('error', (err) => {
console.error('❌ MongoDB error:', err);
});
// Start server
const startServer = async () => {
await connectDB();
app.listen(PORT, '0.0.0.0', () => {
console.log(`
╔═══════════════════════════════════════════╗
║ 🐛 BugVault Server Started ║
╠═══════════════════════════════════════════╣
║ URL: http://localhost:${PORT} ║
║ API: http://localhost:${PORT}/api ║
║ Health: http://localhost:${PORT}/api/health
║ Environment: ${process.env.NODE_ENV || 'development'}
╚═══════════════════════════════════════════╝
`);
});
};
// Graceful shutdown
process.on('SIGINT', async () => {
console.log('\n🛑 Shutting down gracefully...');
await mongoose.connection.close();
process.exit(0);
});
process.on('SIGTERM', async () => {
console.log('\n🛑 Shutting down gracefully...');
await mongoose.connection.close();
process.exit(0);
});
startServer();