nhanco/index.js

## index.js
import express from "express"
import next from "next"
import bodyParser from "body-parser"
import cookieParser from "cookie-parser"
import dotenv from "dotenv"
import jwt from "jsonwebtoken"
import lusca from "lusca"
import moment from "moment"
import helmet from "helmet"
import Auth from "./tools/Auth"
import routes from "./server/routes"

const port = parseInt(process.env.PORT, 10) || 3000
const dev = process.env.NODE_ENV !== "production"
const app = next({ dev })
const handle = app.getRequestHandler()

app.prepare()
  .then(() => {
    const server = express()
    // Request body parsing middleware should be above methodOverride
    server.use(bodyParser.json())
    server.use(bodyParser.urlencoded({
      extended: true,
      limit: "50mb",
      parameterLimit: 10000000, // experiment with this parameter and tweak
    }))
    server.use(cookieParser())
    server.use(lusca.xframe("SAMEORIGIN"))
    server.use(lusca.xssProtection(true))
    // global user info
    server.use(helmet())
    server.use(helmet.xssFilter()) // sets the X-XSS-Protection header
    server.use(helmet.frameguard("deny")) // Prevent iframe clickjacking
    server.use(lusca.nosniff())
    server.locals.moment = moment

    server.use((req, res, next) => {
      res.locals.user = req.user
      next()
      res.setHeader("X-Powered-By", "Nhan Co") // modify X power header
      res.setHeader("X-Dev-By", "http://fb.com/nhanco") // modify X power header
    })
    routes(server, handle)

    server.listen(port, (err) => {
      if (err) throw err
      console.log("> Ready on http://vbo.local")
    })
  })
	import express from "express"
	import next from "next"
	import bodyParser from "body-parser"
	import cookieParser from "cookie-parser"
	import dotenv from "dotenv"
	import jwt from "jsonwebtoken"
	import lusca from "lusca"
	import moment from "moment"
	import helmet from "helmet"
	import Auth from "./tools/Auth"
	import routes from "./server/routes"

	const port = parseInt(process.env.PORT, 10) \|\| 3000
	const dev = process.env.NODE_ENV !== "production"
	const app = next({ dev })
	const handle = app.getRequestHandler()

	app.prepare()
	.then(() => {
	const server = express()
	// Request body parsing middleware should be above methodOverride
	server.use(bodyParser.json())
	server.use(bodyParser.urlencoded({
	extended: true,
	limit: "50mb",
	parameterLimit: 10000000, // experiment with this parameter and tweak
	}))
	server.use(cookieParser())
	server.use(lusca.xframe("SAMEORIGIN"))
	server.use(lusca.xssProtection(true))
	// global user info
	server.use(helmet())
	server.use(helmet.xssFilter()) // sets the X-XSS-Protection header
	server.use(helmet.frameguard("deny")) // Prevent iframe clickjacking
	server.use(lusca.nosniff())
	server.locals.moment = moment

	server.use((req, res, next) => {
	res.locals.user = req.user
	next()
	res.setHeader("X-Powered-By", "Nhan Co") // modify X power header
	res.setHeader("X-Dev-By", "http://fb.com/nhanco") // modify X power header
	})
	routes(server, handle)

	server.listen(port, (err) => {
	if (err) throw err
	console.log("> Ready on http://vbo.local")
	})
	})