76 lines
2.7 KiB
JavaScript
76 lines
2.7 KiB
JavaScript
const express = require('express');
|
|
const bodyParser = require('body-parser');
|
|
const cors = require('cors');
|
|
const https = require('https');
|
|
const fs = require('fs');
|
|
require('dotenv').config();
|
|
const sequelize = require('./config/database');
|
|
const authRouter = require('./routes/auth');
|
|
const eventTypesRouter = require('./routes/eventtypes');
|
|
const eventPlacesRouter = require('./routes/eventPlaces');
|
|
const contactPersonsRouter = require('./routes/contactPerson');
|
|
const positionsRouter = require('./routes/positions');
|
|
const institutionRouter = require('./routes/institutions');
|
|
const eventRouter = require('./routes/event');
|
|
const menuDataRouter = require('./routes/menuData');
|
|
const worshipRouter = require('./routes/worships');
|
|
const pageRouter = require('./routes/pages');
|
|
const userRouter = require('./routes/users');
|
|
const imageRouter = require('./routes/image');
|
|
const filesRouter = require('./routes/files');
|
|
const liturgicalDaysRouter = require('./routes/liturgicalDays');
|
|
|
|
const app = express();
|
|
const PORT = parseInt(process.env.PORT, 10) || 3000;
|
|
|
|
// CORS mit Whitelist und tolerantem Fallback für fehlende Origin-Header
|
|
const allowedOrigins = (process.env.ALLOWED_ORIGINS || '')
|
|
.split(',')
|
|
.map(s => s.trim())
|
|
.filter(Boolean);
|
|
|
|
app.use(cors({
|
|
origin: (origin, callback) => {
|
|
if (!origin) return callback(null, true); // z.B. Healthchecks/curl/Server-zu-Server
|
|
if (allowedOrigins.length === 0) return callback(null, true); // Fallback: alles erlauben
|
|
if (allowedOrigins.includes(origin)) return callback(null, true);
|
|
return callback(new Error('Not allowed by CORS'), false);
|
|
},
|
|
credentials: true,
|
|
methods: ['GET','POST','PUT','PATCH','DELETE','OPTIONS'],
|
|
allowedHeaders: ['Content-Type','Authorization']
|
|
}));
|
|
app.options('*', cors());
|
|
|
|
app.use(bodyParser.json());
|
|
|
|
app.use('/api/auth', authRouter);
|
|
app.use('/api/event-types', eventTypesRouter);
|
|
app.use('/api/event-places', eventPlacesRouter);
|
|
app.use('/api/contact-persons', contactPersonsRouter);
|
|
app.use('/api/positions', positionsRouter);
|
|
app.use('/api/institutions', institutionRouter);
|
|
app.use('/api/events', eventRouter);
|
|
app.use('/api/menu-data', menuDataRouter);
|
|
app.use('/api/worships', worshipRouter);
|
|
app.use('/api/page-content', pageRouter);
|
|
app.use('/api/users', userRouter);
|
|
app.use('/api/image', imageRouter);
|
|
app.use('/api/files', filesRouter);
|
|
app.use('/api/liturgical-days', liturgicalDaysRouter);
|
|
|
|
const options = {
|
|
key: fs.readFileSync('server.key'),
|
|
cert: fs.readFileSync('server.cert'),
|
|
|
|
};
|
|
|
|
sequelize.sync().then(() => {
|
|
/* https.createServer(options, app).listen(PORT, () => {
|
|
console.log(`Server läuft auf Port ${PORT}`);
|
|
});*/
|
|
app.listen(PORT, () => {
|
|
console.log(`Server läuft auf Port ${PORT}`);
|
|
});
|
|
});
|