app.post() and app.get() is not getting triggered, app.use() is working fine. xhr api calls are being captured in the get and post. Need help solving this. I want to set cookie in the post response api.
that’s all the info I have.
const express = require('express');
const path = require('path');
const app = express();
const port = process.env.PORT || 3000;
app.post('/api-route/:id', async (req, res) => {
console.log("Request body: ", req.body);
console.log("Request params: ", req.params);
// Example of setting a cookie with HttpOnly and Secure flags
const token = 'your-generated-token'; // Replace with actual token logic
res.cookie('sessionToken', token, {
httpOnly: true, // Prevent JavaScript access
secure: true, // Only send cookie over HTTPS
sameSite: 'Strict', // Optionally add SameSite attribute for additional security
maxAge: 3600000 // Set the cookie's expiration time (1 hour in this example)
});
});
app.get('/health', function (request, response) {
response.send("ok")
});
// Middleware to set security headers
app.use((req, res, next) => {
sendSecurityHeaders(res);
next();
});
function sendSecurityHeaders(response) {
response.setHeader('Strict-Transport-Security', 'max-age=31536000;');
response.setHeader('X-Frame-Options', 'SAMEORIGIN');
response.setHeader('X-Content-Type-Options', 'nosniff');
response.setHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
response.setHeader('Permissions-Policy', 'geolocation=(self)');
response.setHeader('Content-Security-Policy', "default-src 'self");
}
// Middleware to serve static files
app.use(express.static(path.join(__dirname, 'build')));
// Catch-all route to handle client-side routing
app.get('*', (req, res) => {
res.sendFile(path.resolve(__dirname, 'build', 'index.html'));
});
app.listen(port, () => {
console.log(`Server is listening on port ${port}`);
});