fixup! feat: add express server and update middleware utility functions

cyber-hari · cyber-hari · commit 508b1dd25971 · 2025-08-24T09:20:33.000+05:30
diff --git a/src/servers/express.server.ts b/src/servers/express.server.ts
@@ -475,22 +475,6 @@ export class ExpressServer {
 
   /**
    * Configure and register all middlewares in the optimal order.
-   *
-   * Middleware Order (CRITICAL - don't change without understanding implications):
-   * 1.  Basic server configuration (trust proxy, x-powered-by)
-   * 2.  Request ID generation (for tracing)
-   * 3.  Request context setup (for logging correlation)
-   * 4.  Timeout protection (prevents hanging requests)
-   * 5.  Response time tracking (for performance monitoring)
-   * 6.  Request logging (after ID/context setup)
-   * 7.  Custom request hooks
-   * 8.  Security middleware (rate limiting, CORS, Helmet)
-   * 9.  Response compression
-   * 10. Static file serving
-   * 11. Request parsing (body parsing, cookies)
-   * 12. API documentation (OpenAPI)
-   * 13. Global headers
-   * 14. Custom response hooks
    */
   protected async setupMiddleware(): Promise<void> {
     // Basic middleware should be first
@@ -526,7 +510,6 @@ export class ExpressServer {
       );
     }
 
-    // --- 2-6. Request processing and logging setup ---
     // Request ID generation - must be first for proper tracing
     const requestIdMiddleware = requestId({
       headerName: this.config.requestId?.headerName,
@@ -583,35 +566,6 @@ export class ExpressServer {
       this._app.use(this.hooks.onRequest);
     }
 
-    // --- 8. Security middleware ---
-    // Rate limiting for DDoS protection and fair usage
-    if (this.config.rateLimit?.enable) {
-      this._app.use(
-        rateLimit({
-          windowMs: this.config.rateLimit.windowMs ?? 15 * 60 * 1000,
-          max: this.config.rateLimit.max ?? 100,
-          message: this.config.rateLimit.message ?? 'Too many requests, please try again later',
-          standardHeaders: this.config.rateLimit.standardHeaders ?? true,
-          legacyHeaders: this.config.rateLimit.legacyHeaders ?? false
-        })
-      );
-    }
-
-    // CORS handling for cross-origin requests
-    if (this.config.cors) {
-      this._app.use(cors(this.config.cors === true ? {} : this.config.cors));
-    }
-
-    // Security headers via Helmet (CSP, HSTS, etc.)
-    if (this.config.helmet) {
-      if (typeof this.config.helmet === 'object') {
-        this._app.use(helmet(this.config.helmet));
-      } else {
-        this._app.use(helmet());
-      }
-    }
-
-    // --- 9-10. Performance middleware ---
     // Response compression for better performance
     if (this.config.compression) {
       if (typeof this.config.compression === 'object') {
@@ -637,7 +591,6 @@ export class ExpressServer {
       });
     }
 
-    // --- 11. Request parsing ---
     // Request body parsing with size limits
     if (this.config.bodyParser) {
       if (this.config.bodyParser.json) {
@@ -657,7 +610,6 @@ export class ExpressServer {
       }
     }
 
-    // --- 12. API Documentation ---
     // OpenAPI docs via @scalar/express-api-reference
     if (this.config.openApi?.enable) {
       try {
@@ -694,7 +646,6 @@ export class ExpressServer {
       }
     }
 
-    // --- 13. Global headers ---
     // Global headers middleware
     if (this.config.globalHeaders) {
       this._app.use((_req, res, next) => {
@@ -706,7 +657,6 @@ export class ExpressServer {
       });
     }
 
-    // --- 14. Custom response hooks ---
     // Custom response preprocessing hook (apply global prefix if set)
     if (this.hooks.onResponse) {
       if (this.globalPrefix) {
