-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpublic-baseline.ts
More file actions
75 lines (68 loc) · 1.7 KB
/
public-baseline.ts
File metadata and controls
75 lines (68 loc) · 1.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import {
CORS,
RequestId,
RateLimiter,
Security,
Timeout,
WebServer,
json,
text
} from "../src";
const app = new WebServer({
type: "http",
options: {},
locals: () => ({
startedAt: Date.now()
}),
security: {
trustedProxies: ["127.0.0.1"],
trustHostHeader: true,
allowedHosts: ["app.example.com"],
headersTimeoutMs: 30_000,
requestTimeoutMs: 60_000,
keepAliveTimeoutMs: 5_000,
maxRequestBodySize: 1024 * 1024,
allowedWebSocketOrigins: "https://app.example.com"
}
});
app.pre(async (event) => {
if (event.url.pathname.startsWith("/private")) {
const auth = event.request.headers.get("authorization");
if (!auth) {
return new Response("Unauthorized", {status: 401});
}
}
});
app.useMiddleware(
RequestId.assign(),
Security.headers({
strictTransportSecurity: "max-age=31536000; includeSubDomains"
}),
Timeout.deadline({
ms: 15_000,
status: 503,
body: "Request timed out"
}),
CORS.policy({
origin: "https://app.example.com",
credentials: true
}),
RateLimiter.fixedWindowLimit({
max: 60,
windowMs: 60_000
})
);
app.GET("/", () => text("hello"));
app.GET("/users/[id]", (event) => json({
id: event.params.id,
requestId: event.locals.requestId,
startedAt: event.locals.startedAt
}));
app.post(async (_event, response) => {
const nextResponse = new Response(response.body, response);
nextResponse.headers.set("x-server", "node-webserver");
return nextResponse;
});
app.listen(3000, () => {
console.log("server listening on port 3000");
});