"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); const express_1 = __importDefault(require("express")); const cors_1 = __importDefault(require("cors")); const helmet_1 = __importDefault(require("helmet")); const compression_1 = __importDefault(require("compression")); const express_rate_limit_1 = __importDefault(require("express-rate-limit")); const path_1 = __importDefault(require("path")); const config_1 = require("./config/config"); const errorHandler_1 = require("./middleware/errorHandler"); const requestLogger_1 = require("./middleware/requestLogger"); const recipes_1 = __importDefault(require("./routes/recipes")); const ingredients_1 = __importDefault(require("./routes/ingredients")); const images_1 = __importDefault(require("./routes/images")); const health_1 = __importDefault(require("./routes/health")); const app = (0, express_1.default)(); app.use((0, helmet_1.default)({ crossOriginResourcePolicy: { policy: "cross-origin" }, })); app.use((0, compression_1.default)()); const limiter = (0, express_rate_limit_1.default)({ windowMs: 15 * 60 * 1000, max: 100, message: 'Too many requests from this IP, please try again later.', }); app.use(limiter); const allowedOrigins = [ 'http://localhost:5173', 'http://localhost:3000', config_1.config.cors.origin ].filter(Boolean); const corsConfig = config_1.config.cors.origin === '*' ? { origin: true, credentials: true, } : { origin: allowedOrigins, credentials: true, }; app.use((0, cors_1.default)(corsConfig)); app.use((req, res, next) => { const origin = req.headers.origin; if (config_1.config.cors.origin === '*') { res.header('Access-Control-Allow-Origin', origin || '*'); } else if (origin && allowedOrigins.includes(origin)) { res.header('Access-Control-Allow-Origin', origin); } res.header('Access-Control-Allow-Credentials', 'true'); res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization'); if (req.method === 'OPTIONS') { return res.sendStatus(200); } next(); }); app.use(express_1.default.json({ limit: '10mb' })); app.use(express_1.default.urlencoded({ extended: true, limit: '10mb' })); app.use(requestLogger_1.requestLogger); app.use('/uploads', express_1.default.static(path_1.default.join(process.cwd(), 'uploads'))); app.use('/api/health', health_1.default); app.use('/api/recipes', recipes_1.default); app.use('/api/ingredients', ingredients_1.default); app.use('/api/images', images_1.default); app.get('/serve/*', (req, res, next) => { const imagePath = req.params[0]; const cleanPath = imagePath.replace(/^uploads\//, ''); const fullPath = path_1.default.join(process.cwd(), '../../uploads', cleanPath); console.log(`Direct serve request: ${req.originalUrl} -> ${fullPath}`); const fs = require('fs'); if (!fs.existsSync(fullPath)) { return res.status(404).json({ success: false, message: 'Image not found', requestedPath: req.originalUrl, resolvedPath: fullPath }); } res.set({ 'Access-Control-Allow-Origin': 'http://localhost:5173', 'Access-Control-Allow-Credentials': 'true', 'Cache-Control': 'public, max-age=31536000', }); res.sendFile(path_1.default.resolve(fullPath)); }); app.use('*', (req, res) => { res.status(404).json({ success: false, message: `Route ${req.originalUrl} not found`, }); }); app.use(errorHandler_1.errorHandler); const PORT = config_1.config.port; app.listen(PORT, () => { console.log(`🚀 Server running on port ${PORT}`); console.log(`📱 Health check: http://localhost:${PORT}/api/health`); console.log(`🎯 API Documentation: http://localhost:${PORT}/api`); }); exports.default = app; //# sourceMappingURL=app.js.map