Added helmet manage security header

vibhasfl · vibhasfl · commit 4cfcf2a95e05 · 2019-02-25T20:23:14.000+05:30
diff --git a/package.json b/package.json
@@ -11,6 +11,7 @@
     "dotenv": "^6.2.0",
     "express": "^4.16.4",
     "express-jwt": "^5.3.1",
+    "helmet": "^3.15.1",
     "joi": "^14.3.1",
     "jsonwebtoken": "^8.4.0",
     "mongoose": "^5.4.10"
@@ -42,7 +43,7 @@
     "lint": "./node_modules/.bin/eslint 'index.js' 'server/**/*.js' 'server/app.js' ",
     "precommit": "npm run lint",
     "prepush": "npm run lint",
-    "test:coverage":"nyc --reporter=lcov yarn test"
+    "test:coverage": "nyc --reporter=lcov yarn test"
   },
   "repository": {
     "type": "git",
diff --git a/server/app.js b/server/app.js
@@ -4,12 +4,14 @@ import { connectMongo } from './config/mongoconnect'
 import { errorHandler } from './config/errorHandler'
 import bodyParser from 'body-parser'
 import jwt from 'express-jwt'
+import helmet from 'helmet'
 import { httpStatus } from './utils/httpStatus'
 import { AppError } from './utils/appError'
 import { secretCallback } from './utils/secretCallback'
 const app = express()
 
 app.use(bodyParser.json())
+app.use(helmet())
 app.use(jwt({ secret: secretCallback }).unless({ path: [ '/api/health-check', '/api/users', '/api/auth/login' ], requestProperty: 'auth' }))
 app.use('/api', Router)
 
