Skip to content
This repository has been archived by the owner on Dec 14, 2023. It is now read-only.

Commit

Permalink
added helmet for hardening the api (#115)
Browse files Browse the repository at this point in the history 
added helmet for hardening the api
  • Loading branch information
@marcvanandel
marcvanandel authored Jun 29, 2021
1 parent 3b73c86 commit cf75b80
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 0 deletions.
5 changes: 5 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
"class-validator": "^0.12.2",
"cookie-parser": "^1.4.5",
"geteventstore-promise": "^3.2.4",
"helmet": "^4.6.0",
"jwks-rsa": "^1.12.3",
"migrate-mongo": "^8.1.4",
"moment": "^2.26.0",
Expand Down
4 changes: 4 additions & 0 deletions src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,19 @@ import { NestFactory } from '@nestjs/core';
import { ValidationPipe } from '@nestjs/common';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import { DomainExceptionFilter } from './core/errors/domain-exception.filter';
import * as helmet from 'helmet';

async function bootstrap() {
const port = process.env.PORT || 3000;
const app = await NestFactory.create(AppModule, {
logger: ['error', 'warn'],
});
// WARNING the order matters because of the underlying platform !!
app.use(helmet());
app.enableCors();
app.useGlobalPipes(new ValidationPipe());
app.useGlobalFilters(new DomainExceptionFilter());

app.setGlobalPrefix('api');

const documentOptions = new DocumentBuilder()
Expand Down

0 comments on commit cf75b80

Please sign in to comment.