meb/OLD-server-architecture
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: clean up code and improve error handling in authentication and database modules

Browse Source
This commit is contained in:
Giuseppe Raffa
2026-04-21 20:47:32 +02:00
parent 5433529ffd
commit 69012029ad
6 changed files with 115 additions and 228 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
auth/src/index.js
View File

@@ -61,10 +61,13 @@ const authRateLimit = createRateLimiter(RATE_LIMIT_AUTH_MAX);
app.use((req, res, next) => {
res.setHeader('X-Content-Type-Options', 'nosniff');
res.setHeader('X-Frame-Options', 'DENY');
res.setHeader('X-XSS-Protection', '0'); // Disabilitato a favore di CSP
res.setHeader('X-XSS-Protection', '0');
res.setHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
res.setHeader('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');
// Rimuovi header che rivelano info sul server
res.setHeader(
'Content-Security-Policy',
"default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'"
);
res.removeHeader('X-Powered-By');
next();
});
@@ -134,11 +137,7 @@ app.use((req, res) => {
// ─── ERROR HANDLER GLOBALE ──────────────────────────────────────────
app.use((err, req, res, _next) => {
console.error('[ERROR HANDLER] Global error caught:');
console.error('[ERROR HANDLER] Message:', err.message);
console.error('[ERROR HANDLER] Code:', err.code);
console.error('[ERROR HANDLER] Full error:', err);
console.error('[ERROR HANDLER] Stack:', err.stack);
console.error('[ERROR]', err.message, '| code:', err.code);
res.status(500).json({ error: 'Errore interno del server' });
});