-
Notifications
You must be signed in to change notification settings - Fork 0
/
hostExpress.js
32 lines (29 loc) · 1021 Bytes
/
hostExpress.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
import db from './db.js';
import bodyParser from 'body-parser';
import cors from 'cors';
import express from 'express';
server();
async function server() {
express().disable('x-powered-by')
.use(bodyParser.json({ limit: '100mb' }))
.use(cors())
// .use('/orange', validateToken)
.use('/orange', db.express({
order: {
// baseFilter: (db, req, _res) => {
// const customerId = Number.parseInt(req.headers.authorization.split(' ')[1]);
// return db.order.customerId.eq(Number.parseInt(customerId));
// }
}
}))
.listen(3000, () => console.log('Example app listening on port 3000!'));
}
function validateToken(req, res, next) {
// For demo purposes, we're just checking against existence of authorization header
// In a real-world scenario, this would be a dangerous approach because it bypasses signature validation
const authHeader = req.headers.authorization;
if (authHeader) {
return next();
} else
return res.status(401).json({ error: 'Authorization header missing' });
}