PTS/SkyArtShop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

webupdate

Browse Source
This commit is contained in:
Local Server
2026-01-19 01:17:43 -06:00
parent 5b86f796d6
commit f8068ba54c
65 changed files with 2165 additions and 520 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/server.js
View File

@@ -64,6 +64,12 @@ app.use(
],
connectSrc: ["'self'", "https://cdn.jsdelivr.net"],
objectSrc: ["'none'"],
frameSrc: [
"'self'",
"https://www.google.com",
"https://maps.google.com",
"https://www.openstreetmap.org",
],
upgradeInsecureRequests: !isDevelopment() ? [] : null,
},
},
@@ -72,11 +78,11 @@ app.use(
includeSubDomains: true,
preload: true,
},
frameguard: { action: "deny" },
frameguard: { action: "sameorigin" },
xssFilter: true,
noSniff: true,
referrerPolicy: { policy: "strict-origin-when-cross-origin" },
})
}),
);
// CORS configuration
@@ -85,7 +91,7 @@ if (process.env.CORS_ORIGIN) {
cors({
origin: process.env.CORS_ORIGIN.split(","),
credentials: true,
})
}),
);
}
@@ -95,7 +101,7 @@ app.set("trust proxy", 1);
// Body parsers
app.use(express.json({ limit: BODY_PARSER_LIMITS.JSON }));
app.use(
express.urlencoded({ extended: true, limit: BODY_PARSER_LIMITS.URLENCODED })
express.urlencoded({ extended: true, limit: BODY_PARSER_LIMITS.URLENCODED }),
);
// Fallback middleware for missing product images
@@ -105,7 +111,7 @@ const productImageFallback = (req, res, next) => {
"assets",
"images",
"products",
req.path
req.path,
);
if (fs.existsSync(imagePath)) {
@@ -117,7 +123,7 @@ const productImageFallback = (req, res, next) => {
"assets",
"images",
"products",
"placeholder.jpg"
"placeholder.jpg",
);
logger.debug("Serving placeholder image", { requested: req.path });
res.sendFile(placeholderPath);
@@ -150,7 +156,7 @@ app.use(
res.setHeader("Cache-Control", "public, max-age=86400"); // 1 day default
}
},
})
}),
);
app.use(
"/assets",
@@ -172,7 +178,7 @@ app.use(
res.setHeader("Cache-Control", "public, max-age=86400"); // 1 day for images
}
},
})
}),
);
// Optimized image serving with aggressive caching
app.use("/uploads", imageOptimization(path.join(baseDir, "uploads")));
@@ -183,7 +189,7 @@ app.use(
etag: true,
lastModified: true,
immutable: true,
})
}),
);
// Session middleware
@@ -194,12 +200,12 @@ if (
) {
if (!isDevelopment()) {
logger.error(
"CRITICAL: SESSION_SECRET environment variable must be set in production!"
"CRITICAL: SESSION_SECRET environment variable must be set in production!",
);
process.exit(1);
}
logger.warn(
"WARNING: Using insecure session secret. Set SESSION_SECRET in production!"
"WARNING: Using insecure session secret. Set SESSION_SECRET in production!",
);
}
@@ -224,7 +230,7 @@ app.use(
proxy: !isDevelopment(),
name: SESSION_CONFIG.SESSION_NAME,
rolling: true, // Reset session expiration on each request
})
}),
);
// Request logging
@@ -333,7 +339,7 @@ app.use(
maxAge: "1d",
etag: true,
lastModified: true,
})
}),
);
// Favicon route
@@ -353,7 +359,7 @@ app.get("/health", async (req, res) => {
try {
const dbHealth = await healthCheck();
const missingImages = CRITICAL_IMAGES.filter(
(img) => !fs.existsSync(path.join(baseDir, img))
(img) => !fs.existsSync(path.join(baseDir, img)),
);
const assetsHealthy = missingImages.length === 0;