Kraut.World/server
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove middleware to secure access API.

Browse source
This commit is contained in:
gparant 2020-05-10 17:31:27 +02:00
parent 029a7a9a64
commit 69777ad1cb
5 changed files with 38 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

19
back/src/App.ts
View file

@ -6,27 +6,28 @@ import {Application, Request, Response} from 'express';
import bodyParser = require('body-parser');
import * as http from "http";
import {MapController} from "./Controller/MapController";
import {AuthenticateMiddleware} from "./Middleware/AuthenticateMiddleware";
class App {
public app: Application;
public server: http.Server;
public ioSocketController: IoSocketController;
public authenticateController: AuthenticateController;
//public AuthenticateMiddleware: AuthenticateMiddleware;
public mapController: MapController;
constructor() {
this.app = express();
//config server http
this.config();
this.server = http.createServer(this.app);
this.config();
this.crossOrigin();
//TODO add middleware with access token to secure api
//create socket controllers
this.ioSocketController = new IoSocketController(this.server);
this.authenticateController = new AuthenticateController(this.app);
//this.AuthenticateMiddleware = new AuthenticateMiddleware(this.app);
this.mapController = new MapController(this.app);
}
@ -34,9 +35,15 @@ class App {
private config(): void {
this.app.use(bodyParser.json());
this.app.use(bodyParser.urlencoded({extended: false}));
}
private crossOrigin(){
this.app.use((req: Request, res: Response, next) => {
res.header("Access-Control-Allow-Origin", "*"); // update to match the domain you will make the request from
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.setHeader("Access-Control-Allow-Origin", "*"); // update to match the domain you will make the request from
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
}