
- Add authentication module with Google OAuth 2.0 and JWT strategies - Create secure user management with email hashing (SHA-256) - Implement rate limiting (10 requests/minute) for auth endpoints - Add CSRF protection and security middleware - Create user registration with Basic plan (50 quota default) - Add JWT-based session management with secure cookies - Implement protected routes with authentication guards - Add comprehensive API documentation with Swagger - Configure environment variables for OAuth and security - Add user profile management and quota tracking Resolves authentication requirements §18-20: - §18: Google OAuth 2.0 with email scope only - §19: Auto-create User record on first OAuth callback - §20: Store only Google UID, display name, and email hash 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
105 lines
No EOL
3.3 KiB
TypeScript
105 lines
No EOL
3.3 KiB
TypeScript
import { NestFactory } from '@nestjs/core';
|
|
import { ValidationPipe, Logger } from '@nestjs/common';
|
|
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
|
|
import { ConfigService } from '@nestjs/config';
|
|
import helmet from 'helmet';
|
|
import * as compression from 'compression';
|
|
import * as cookieParser from 'cookie-parser';
|
|
|
|
import { AppModule } from './app.module';
|
|
|
|
async function bootstrap() {
|
|
const logger = new Logger('Bootstrap');
|
|
|
|
const app = await NestFactory.create(AppModule);
|
|
const configService = app.get(ConfigService);
|
|
|
|
// Global prefix for API routes
|
|
app.setGlobalPrefix('api');
|
|
|
|
// Enable CORS
|
|
app.enableCors({
|
|
origin: configService.get<string>('CORS_ORIGIN', 'http://localhost:3000'),
|
|
credentials: true,
|
|
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
|
|
allowedHeaders: [
|
|
'Content-Type',
|
|
'Authorization',
|
|
'X-Requested-With',
|
|
'X-CSRF-Token',
|
|
'Accept',
|
|
],
|
|
});
|
|
|
|
// Security middleware
|
|
app.use(helmet({
|
|
contentSecurityPolicy: false, // We handle CSP in our custom middleware
|
|
crossOriginEmbedderPolicy: false, // Allow embedding for OAuth
|
|
}));
|
|
|
|
// Compression middleware
|
|
app.use(compression());
|
|
|
|
// Cookie parser
|
|
app.use(cookieParser(configService.get<string>('COOKIE_SECRET')));
|
|
|
|
// Global validation pipe
|
|
app.useGlobalPipes(
|
|
new ValidationPipe({
|
|
whitelist: true, // Strip unknown properties
|
|
forbidNonWhitelisted: true, // Throw error for unknown properties
|
|
transform: true, // Transform payloads to DTO instances
|
|
disableErrorMessages: process.env.NODE_ENV === 'production',
|
|
}),
|
|
);
|
|
|
|
// Swagger documentation (development only)
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
const config = new DocumentBuilder()
|
|
.setTitle('SEO Image Renamer API')
|
|
.setDescription('AI-powered bulk image renaming SaaS API')
|
|
.setVersion('1.0')
|
|
.addBearerAuth(
|
|
{
|
|
type: 'http',
|
|
scheme: 'bearer',
|
|
bearerFormat: 'JWT',
|
|
name: 'JWT',
|
|
description: 'Enter JWT token',
|
|
in: 'header',
|
|
},
|
|
'JWT-auth',
|
|
)
|
|
.addTag('Authentication', 'Google OAuth and JWT authentication')
|
|
.addTag('Users', 'User management and profile operations')
|
|
.addTag('Batches', 'Image batch processing')
|
|
.addTag('Images', 'Individual image operations')
|
|
.addTag('Payments', 'Stripe payment processing')
|
|
.build();
|
|
|
|
const document = SwaggerModule.createDocument(app, config);
|
|
SwaggerModule.setup('api/docs', app, document, {
|
|
customSiteTitle: 'SEO Image Renamer API Documentation',
|
|
customfavIcon: '/favicon.ico',
|
|
customCss: '.swagger-ui .topbar { display: none }',
|
|
});
|
|
|
|
logger.log('Swagger documentation available at /api/docs');
|
|
}
|
|
|
|
// Start server
|
|
const port = configService.get<number>('PORT', 3001);
|
|
await app.listen(port);
|
|
|
|
logger.log(`🚀 SEO Image Renamer API running on port ${port}`);
|
|
logger.log(`📚 Environment: ${process.env.NODE_ENV || 'development'}`);
|
|
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
logger.log(`📖 API Documentation: http://localhost:${port}/api/docs`);
|
|
}
|
|
}
|
|
|
|
bootstrap().catch((error) => {
|
|
Logger.error('Failed to start application', error);
|
|
process.exit(1);
|
|
}); |