feat: add express-mongo-sanitize middleware for enhanced security

austenstone · austenstone · commit e4c6d69facec · 2025-04-04T01:32:41.000-04:00
diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/backend/package.json b/backend/package.json
@@ -23,6 +23,7 @@
     "dotenv": "^16.4.7",
     "eventsource": "^3.0.6",
     "express": "^4.21.2",
+    "express-mongo-sanitize": "^2.2.0",
     "express-rate-limit": "^7.5.0",
     "mongoose": "^8.13.2",
     "mysql2": "^3.14.0",
diff --git a/backend/src/routes/index.ts b/backend/src/routes/index.ts
@@ -7,9 +7,13 @@ import metricsController from '../controllers/metrics.controller.js';
 import teamsController from '../controllers/teams.controller.js';
 import targetValuesController from '../controllers/target.controller.js';
 import adoptionController from '../controllers/adoption.controller.js';
+import mongoSanitize from 'express-mongo-sanitize';
 
 const router = Router();
 
+
+router.use(mongoSanitize());
+
 router.get('/', (req: Request, res: Response) => {
   res.send('Hello github-value!');
 });
