text changes and remove infra folder
This commit is contained in:
jackiettran
@@ -1,5 +1,5 @@
|
||||
// Load environment-specific config
|
||||
const env = process.env.NODE_ENV || "dev";
|
||||
const env = process.env.NODE_ENV;
|
||||
const envFile = `.env.${env}`;
|
||||
|
||||
require("dotenv").config({
|
||||
@@ -46,7 +46,7 @@ const server = http.createServer(app);
|
||||
// Initialize Socket.io with CORS
|
||||
const io = new Server(server, {
|
||||
cors: {
|
||||
origin: process.env.FRONTEND_URL || "http://localhost:3000",
|
||||
origin: process.env.FRONTEND_URL,
|
||||
credentials: true,
|
||||
methods: ["GET", "POST"],
|
||||
},
|
||||
@@ -93,7 +93,7 @@ app.use(
|
||||
frameSrc: ["'self'", "https://accounts.google.com"],
|
||||
},
|
||||
},
|
||||
})
|
||||
}),
|
||||
);
|
||||
|
||||
// Cookie parser for CSRF
|
||||
@@ -108,11 +108,11 @@ app.use("/api/", apiLogger);
|
||||
// CORS with security settings (must come BEFORE rate limiter to ensure headers on all responses)
|
||||
app.use(
|
||||
cors({
|
||||
origin: process.env.FRONTEND_URL || "http://localhost:3000",
|
||||
origin: process.env.FRONTEND_URL,
|
||||
credentials: true,
|
||||
optionsSuccessStatus: 200,
|
||||
exposedHeaders: ["X-CSRF-Token"],
|
||||
})
|
||||
}),
|
||||
);
|
||||
|
||||
// General rate limiting for all routes
|
||||
@@ -126,14 +126,14 @@ app.use(
|
||||
// Store raw body for webhook verification
|
||||
req.rawBody = buf;
|
||||
},
|
||||
})
|
||||
}),
|
||||
);
|
||||
app.use(
|
||||
bodyParser.urlencoded({
|
||||
extended: true,
|
||||
limit: "1mb",
|
||||
parameterLimit: 100, // Limit number of parameters
|
||||
})
|
||||
}),
|
||||
);
|
||||
|
||||
// Apply input sanitization to all API routes (XSS prevention)
|
||||
@@ -171,7 +171,7 @@ app.use("/api/upload", requireAlphaAccess, uploadRoutes);
|
||||
app.use(errorLogger);
|
||||
app.use(sanitizeError);
|
||||
|
||||
const PORT = process.env.PORT || 5000;
|
||||
const PORT = process.env.PORT;
|
||||
|
||||
const { checkPendingMigrations } = require("./utils/checkMigrations");
|
||||
|
||||
@@ -185,7 +185,7 @@ sequelize
|
||||
if (pendingMigrations.length > 0) {
|
||||
logger.error(
|
||||
`Found ${pendingMigrations.length} pending migration(s). Please run 'npm run db:migrate'`,
|
||||
{ pendingMigrations }
|
||||
{ pendingMigrations },
|
||||
);
|
||||
process.exit(1);
|
||||
}
|
||||
@@ -203,12 +203,12 @@ sequelize
|
||||
// Fail fast - don't start server if email templates can't load
|
||||
if (env === "prod" || env === "production") {
|
||||
logger.error(
|
||||
"Cannot start server without email services in production"
|
||||
"Cannot start server without email services in production",
|
||||
);
|
||||
process.exit(1);
|
||||
} else {
|
||||
logger.warn(
|
||||
"Email services failed to initialize - continuing in dev mode"
|
||||
"Email services failed to initialize - continuing in dev mode",
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user