enzo
/
Personal-Test-Ground


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							import { NestFactory } from '@nestjs/core';
import { AppModule } from './app.module';
import { serverConfig } from './config/config';
import { join } from 'path';
import * as fs from 'fs';
import { NestExpressApplication } from '@nestjs/platform-express';
import session from 'express-session';
import { ValidationPipe } from '@nestjs/common';

async function bootstrap() {
  const certsDir = join(__dirname, '..', 'certs');
  const httpsOptions = {
    key: fs.readFileSync(join(certsDir, 'myapp.local-key.pem')),
    cert: fs.readFileSync(join(certsDir, 'myapp.local.pem')),
  };

  // Use HTTPS if needed:
  const app = await NestFactory.create<NestExpressApplication>(AppModule, {
    httpsOptions,
  });

  // HTTP version for LAN testing:
  // const app = await NestFactory.create<NestExpressApplication>(AppModule);

  app.useGlobalPipes(
    new ValidationPipe({
      whitelist: true,
      forbidNonWhitelisted: true,
      transform: true,
    }),
  );

  // app.enableCors({
  //   origin: [
  //     'http://localhost:4200',        // browser dev
  //     'capacitor://localhost',        // Capacitor WebView
  //     'http://192.168.100.80:4200',    // optional LAN Angular dev
  //   ],
  //   credentials: true,
  // });

  app.enableCors({
    origin: (origin, callback) => {
      // console.log('CORS origin:', origin); // check what the WebView sends
      callback(null, true); // allow all origins dynamically
    },
    credentials: true,
  });

  app.setGlobalPrefix('api');

  const angularDistPath = join(
    __dirname,
    '..',
    '..',
    'web-app',
    'dist',
    'mobile-auth-web-app',
    'browser',
  );
  const indexPath = join(angularDistPath, 'index.html');

  app.useStaticAssets(angularDistPath);
  app.setBaseViewsDir(angularDistPath);
  app.setViewEngine('html');

  app.use(
    session({
      secret: 'your-secret',
      resave: false,
      saveUninitialized: false,
      cookie: {
        httpOnly: true,
        secure: false, // set to true when using HTTPS
        sameSite: 'lax',
        maxAge: 24 * 60 * 60 * 1000,
      },
    }),
  );

  app.use((req, res, next) => {
    const isStaticAsset = req.url.includes('.');
    const isApiCall = req.url.startsWith('/api') || req.method !== 'GET';
    if (isStaticAsset || isApiCall) return next();
    res.sendFile(indexPath);
  });

  // Listen on all interfaces so LAN devices can reach it
  await app.listen(4000, '0.0.0.0');
  console.log(`🚀 HTTP server running at ${serverConfig.exposedUrl}`);
}

bootstrap();