55 lines
1.3 KiB
JavaScript
55 lines
1.3 KiB
JavaScript
const debug=require('debug')('debug');
|
|
|
|
//start
|
|
debug('api start...');
|
|
|
|
require('dotenv').config();
|
|
const HELMET = require('helmet');
|
|
const COMPRESSION = require('compression');
|
|
|
|
const EXPRESS = require("express");
|
|
const CORS = require("cors");
|
|
|
|
const ROOTROUTER = require('./route/root');
|
|
const BUS_STOPS_COUNT = require('./route/bus-stops-count');
|
|
|
|
//TODO make this list available via config
|
|
//limit access to this origin list
|
|
let whitelist = [
|
|
'http(s)://foo.bar'
|
|
];
|
|
|
|
const APP = EXPRESS();
|
|
|
|
//compress all routes
|
|
APP.use(COMPRESSION());
|
|
|
|
//protect against vulnerabilities
|
|
APP.use(HELMET());
|
|
|
|
//configure CORS
|
|
APP.use(CORS({
|
|
origin: function(origin, callback){
|
|
// allow requests with no origin
|
|
debug('origin: '+origin)
|
|
if(!origin){
|
|
return callback(null, true);
|
|
}
|
|
if(whitelist.indexOf(origin) === -1){
|
|
let message = 'The CORS policy for this origin does not allow access from the particular origin: '+origin;
|
|
return callback(new Error(message), false);
|
|
}
|
|
debug('origin: '+origin+' allowed by CORS');
|
|
return callback(null, true);
|
|
}
|
|
}));
|
|
|
|
//api enable/disable?
|
|
APP.use('/', ROOTROUTER);
|
|
APP.use('/bus-stops-count',BUS_STOPS_COUNT);
|
|
|
|
module.exports=APP;
|
|
|
|
//end
|
|
debug('api done..');
|