if (app.get('env') === 'development')
{
- // Full logging in development mode
- app.use(logger('dev'));
+ // Full logging in development mode
+ app.use(logger('dev'));
}
else
{
- // http://dev.rdybarra.com/2016/06/23/Production-Logging-With-Morgan-In-Express/
- app.set('trust proxy', true);
- // In prod, only log error responses (https://github.com/expressjs/morgan)
- app.use(logger('combined', {
- skip: function (req, res) { return res.statusCode < 400 }
- }));
+ // http://dev.rdybarra.com/2016/06/23/Production-Logging-With-Morgan-In-Express/
+ app.set('trust proxy', true);
+ // In prod, only log error responses (https://github.com/expressjs/morgan)
+ app.use(logger('combined', {
+ skip: function (req, res) { return res.statusCode < 400 }
+ }));
}
app.use(express.json());
// In development stage the client side has its own server
if (params.cors.enable)
{
- app.use(function(req, res, next) {
- res.header("Access-Control-Allow-Origin", params.cors.allowedOrigin);
- res.header("Access-Control-Allow-Headers",
+ app.use(function(req, res, next) {
+ res.header("Access-Control-Allow-Origin", params.cors.allowedOrigin);
+ res.header("Access-Control-Allow-Credentials", true); //for cookies
+ res.header("Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept");
- res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
+ res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
next();
- });
+ });
}
// Routing (AJAX-only)
// render the error page
res.status(err.status || 500);
res.send(`
- <!doctype html>
- <h1>= message</h1>
- <h2>= error.status</h2>
- <pre>#{error.stack}</pre>
- `);
+ <!doctype html>
+ <h1>= message</h1>
+ <h2>= error.status</h2>
+ <pre>#{error.stack}</pre>
+ `);
});
module.exports = app;