├── README.md
├── views
└── index.ejs
├── routers
└── mainRouter.ts
├── middleware
├── securityMiddleware.ts
└── applicationMiddleware.ts
├── models
└── testModel.ts
├── errors
├── 404errorHandler.ts
└── errorHandler.ts
├── controllers
└── mainPageController.ts
├── package.json
├── index.ts
├── LICENSE
└── tsconfig.json
/README.md:
--------------------------------------------------------------------------------
1 | # express-mvc
2 | The base of a secure mvc project with express js
3 |
--------------------------------------------------------------------------------
/views/index.ejs:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Hello <%= ip %>!
5 |
6 |
7 |
--------------------------------------------------------------------------------
/routers/mainRouter.ts:
--------------------------------------------------------------------------------
1 | import { Router } from "express";
2 | import mainPageController from "../controllers/mainPageController";
3 | const app = Router();
4 | app.get("/", mainPageController.mainPage);
5 | export default app;
6 |
--------------------------------------------------------------------------------
/middleware/securityMiddleware.ts:
--------------------------------------------------------------------------------
1 | import helmet from "helmet";
2 | const xss = require("xss-clean");
3 | import hpp from "hpp";
4 | import mongoSanitize from "express-mongo-sanitize";
5 |
6 | export default [xss(), helmet(), hpp(), mongoSanitize()];
7 |
--------------------------------------------------------------------------------
/models/testModel.ts:
--------------------------------------------------------------------------------
1 | import mongoose from "mongoose";
2 | const schema = new mongoose.Schema({
3 | name : {type : String, required : true},
4 | age : {type : Number, required : true},
5 | })
6 | export default mongoose.model("testModel", schema,"testModels");
--------------------------------------------------------------------------------
/middleware/applicationMiddleware.ts:
--------------------------------------------------------------------------------
1 | import express, { Application } from "express";
2 | import securityMiddleware from "./securityMiddleware";
3 | import mainRouters from '../routers/mainRouter'
4 | export default (app: Application) => {
5 | app.use("/public", express.static("./public"));
6 | app.use(securityMiddleware);
7 | app.use('/',mainRouters)
8 | };
9 |
--------------------------------------------------------------------------------
/errors/404errorHandler.ts:
--------------------------------------------------------------------------------
1 | import { Request, Response, NextFunction } from "express";
2 | export default (req: Request, res: Response, next: NextFunction) => {
3 | try {
4 | let err = new Error("Not Found");
5 | //@ts-ignore
6 | err.code = 404;
7 | err.stack = req.url;
8 | throw err;
9 | } catch (err) {
10 | next(err);
11 | }
12 | };
13 |
--------------------------------------------------------------------------------
/controllers/mainPageController.ts:
--------------------------------------------------------------------------------
1 | import { Request, Response, NextFunction } from "express";
2 |
3 | class Ctrl {
4 | public mainPage(req: Request, res: Response, next: NextFunction) {
5 | try {
6 | /* test error handler
7 | res.end(1) */
8 | res.render("index.ejs", { ip: req.ip });
9 | } catch (err) {
10 | next(err);
11 | }
12 | }
13 | }
14 |
15 | export default new Ctrl();
16 |
--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "dependencies": {
3 | "dotenv": "^16.0.1",
4 | "ejs": "^3.1.8",
5 | "express": "^4.18.1",
6 | "express-mongo-sanitize": "^2.2.0",
7 | "helmet": "^5.1.0",
8 | "hpp": "^0.2.3",
9 | "mongoose": "^6.3.5",
10 | "xss-clean": "^0.1.1"
11 | },
12 | "name": "express-mvc-starter",
13 | "version": "1.0.0",
14 | "main": "index.js",
15 | "devDependencies": {
16 | "@types/express": "^4.17.13",
17 | "@types/hpp": "^0.2.2"
18 | },
19 | "scripts": {
20 | "test": "echo \"Error: no test specified\" && exit 1"
21 | },
22 | "author": "",
23 | "license": "ISC",
24 | "description": ""
25 | }
26 |
--------------------------------------------------------------------------------
/errors/errorHandler.ts:
--------------------------------------------------------------------------------
1 | import { Request, Response, NextFunction } from "express";
2 | export default (err: Error, req: Request, res: Response,next : NextFunction) => {
3 | //@ts-ignore
4 | err.code ||= 500;
5 | if (process.env.DEBUG == "true") {
6 | //@ts-ignore
7 | res
8 | //@ts-ignore
9 | .send(
10 | //@ts-ignore
11 | `${err.code}
${err.message}
${err?.stack}
`
12 | );
13 | } else {
14 | //@ts-ignore
15 | if (isNaN(err.code)) {
16 | //@ts-ignore
17 | err.code = 500;
18 | err.message = "server internal error";
19 | }
20 | res
21 | //@ts-ignore
22 | .status(err.code)
23 | .send(
24 | //@ts-ignore
25 | `${err.code}
${err.message}
`
26 | );
27 | }
28 | };
29 |
--------------------------------------------------------------------------------
/index.ts:
--------------------------------------------------------------------------------
1 | import express from "express";
2 | import mongoose from "mongoose";
3 | import env from "dotenv";
4 | import _404ErrorHandler from "./errors/404errorHandler";
5 | import errorHandler from "./errors/errorHandler";
6 | import applicationMiddleware from "./middleware/applicationMiddleware";
7 |
8 | env.config({
9 | path: "./config/.env",
10 | });
11 |
12 | const app = express();
13 |
14 | mongoose.connect(
15 | //@ts-ignore
16 | process.env.DATABASE_URL + process.env.DATABASE_NAME,
17 | (error) => {
18 | if (error) {
19 | console.log(error);
20 | } else {
21 | console.log("connected to database");
22 | }
23 | }
24 | );
25 |
26 | applicationMiddleware(app);
27 |
28 | app.use(_404ErrorHandler);
29 | app.use(errorHandler);
30 |
31 | app.listen(process.env.PORT, () => {
32 | console.log(`Server is running on port ${process.env.PORT}`);
33 | });
34 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2022 hamidreza ghahremani
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/tsconfig.json:
--------------------------------------------------------------------------------
1 | {
2 | "compilerOptions": {
3 | /* Visit https://aka.ms/tsconfig.json to read more about this file */
4 |
5 | /* Projects */
6 | // "incremental": true, /* Enable incremental compilation */
7 | // "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */
8 | // "tsBuildInfoFile": "./", /* Specify the folder for .tsbuildinfo incremental compilation files. */
9 | // "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects */
10 | // "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
11 | // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
12 |
13 | /* Language and Environment */
14 | "target": "ES2022", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
15 | // "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */
16 | // "jsx": "preserve", /* Specify what JSX code is generated. */
17 | // "experimentalDecorators": true, /* Enable experimental support for TC39 stage 2 draft decorators. */
18 | // "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
19 | // "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */
20 | // "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
21 | // "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using `jsx: react-jsx*`.` */
22 | // "reactNamespace": "", /* Specify the object invoked for `createElement`. This only applies when targeting `react` JSX emit. */
23 | // "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
24 | // "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
25 |
26 | /* Modules */
27 | "module": "commonjs", /* Specify what module code is generated. */
28 | // "rootDir": "./", /* Specify the root folder within your source files. */
29 | // "moduleResolution": "node", /* Specify how TypeScript looks up a file from a given module specifier. */
30 | // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
31 | // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
32 | // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
33 | // "typeRoots": [], /* Specify multiple folders that act like `./node_modules/@types`. */
34 | // "types": [], /* Specify type package names to be included without being referenced in a source file. */
35 | // "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
36 | // "resolveJsonModule": true, /* Enable importing .json files */
37 | // "noResolve": true, /* Disallow `import`s, `require`s or ``s from expanding the number of files TypeScript should add to a project. */
38 |
39 | /* JavaScript Support */
40 | // "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the `checkJS` option to get errors from these files. */
41 | // "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */
42 | // "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from `node_modules`. Only applicable with `allowJs`. */
43 |
44 | /* Emit */
45 | // "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
46 | // "declarationMap": true, /* Create sourcemaps for d.ts files. */
47 | // "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
48 | // "sourceMap": true, /* Create source map files for emitted JavaScript files. */
49 | // "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */
50 | // "outDir": "./", /* Specify an output folder for all emitted files. */
51 | // "removeComments": true, /* Disable emitting comments. */
52 | // "noEmit": true, /* Disable emitting files from a compilation. */
53 | // "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
54 | // "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types */
55 | // "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */
56 | // "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */
57 | // "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */
58 | // "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */
59 | // "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */
60 | // "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */
61 | // "newLine": "crlf", /* Set the newline character for emitting files. */
62 | // "stripInternal": true, /* Disable emitting declarations that have `@internal` in their JSDoc comments. */
63 | // "noEmitHelpers": true, /* Disable generating custom helper functions like `__extends` in compiled output. */
64 | // "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */
65 | // "preserveConstEnums": true, /* Disable erasing `const enum` declarations in generated code. */
66 | // "declarationDir": "./", /* Specify the output directory for generated declaration files. */
67 | // "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */
68 |
69 | /* Interop Constraints */
70 | // "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
71 | // "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
72 | "esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */
73 | // "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
74 | "forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */
75 |
76 | /* Type Checking */
77 | "strict": true, /* Enable all strict type-checking options. */
78 | // "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied `any` type.. */
79 | // "strictNullChecks": true, /* When type checking, take into account `null` and `undefined`. */
80 | // "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
81 | // "strictBindCallApply": true, /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */
82 | // "strictPropertyInitialization": true, /* Check for class properties that are declared but not set in the constructor. */
83 | // "noImplicitThis": true, /* Enable error reporting when `this` is given the type `any`. */
84 | // "useUnknownInCatchVariables": true, /* Type catch clause variables as 'unknown' instead of 'any'. */
85 | // "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
86 | // "noUnusedLocals": true, /* Enable error reporting when a local variables aren't read. */
87 | // "noUnusedParameters": true, /* Raise an error when a function parameter isn't read */
88 | // "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */
89 | // "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */
90 | // "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */
91 | // "noUncheckedIndexedAccess": true, /* Include 'undefined' in index signature results */
92 | // "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */
93 | // "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type */
94 | // "allowUnusedLabels": true, /* Disable error reporting for unused labels. */
95 | // "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */
96 |
97 | /* Completeness */
98 | // "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
99 | "skipLibCheck": true /* Skip type checking all .d.ts files. */
100 | }
101 | }
102 |
--------------------------------------------------------------------------------