diff --git a/apps/backend/src/main.ts b/apps/backend/src/main.ts index 8f5b56b..28930de 100644 --- a/apps/backend/src/main.ts +++ b/apps/backend/src/main.ts @@ -9,6 +9,7 @@ import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger'; import * as cluster from 'cluster'; import events from 'events'; import * as express from 'express'; +import { NextFunction, Request, Response } from 'express'; import basicAuth from 'express-basic-auth'; import helmet from 'helmet'; import { WinstonModule } from 'nest-winston'; @@ -111,8 +112,22 @@ async function bootstrap() { const document = SwaggerModule.createDocument(app, options); SwaggerModule.setup(routePrefix + '/swagger', app, document); - // Apply Helmet for security (e.g., XSS prevention, frameguard, HSTS) + // Set up basic authentication for accessing compiler queues app.use( + ['/' + routePrefix + '/queues'], + basicAuth({ + users: { developer: serverSecret }, + challenge: true, + realm: 'Bull Board' + }) + ); + + // Apply Helmet for security (e.g., XSS prevention, frameguard, HSTS) + app.use((req: Request, res: Response, next: NextFunction) => { + if (req.path === '/' + routePrefix + '/queues') { + return next(); // Skip Helmet for /queues + } + helmet({ contentSecurityPolicy: { useDefaults: true, @@ -141,8 +156,8 @@ async function bootstrap() { referrerPolicy: { policy: 'same-origin' }, crossOriginEmbedderPolicy: true, crossOriginOpenerPolicy: { policy: 'same-origin' } - }) - ); + })(req, res, next); // Apply Helmet middleware + }); // Enable graceful shutdown with NestJS built-in hooks app.enableShutdownHooks(); diff --git a/apps/backend/src/modules/compiler/compiler.module.ts b/apps/backend/src/modules/compiler/compiler.module.ts index 6915137..c2eaecd 100644 --- a/apps/backend/src/modules/compiler/compiler.module.ts +++ b/apps/backend/src/modules/compiler/compiler.module.ts @@ -3,9 +3,8 @@ import { ExpressAdapter } from '@bull-board/express'; import { BullBoardModule } from '@bull-board/nestjs'; import { InjectionType } from '@full-stack-project/shared'; import { BullModule } from '@nestjs/bullmq'; -import { MiddlewareConsumer, Module } from '@nestjs/common'; +import { Module } from '@nestjs/common'; import { ConfigService } from '@nestjs/config'; -import basicAuth from 'express-basic-auth'; import { CompileController } from './controllers'; import { CompileQueueService, CompileService } from './services'; @@ -41,20 +40,4 @@ import { CompileQueueService, CompileService } from './services'; CompileQueueService ] }) -export class CompilerModule { - constructor(private readonly configService: ConfigService) {} - - configure(consumer: MiddlewareConsumer) { - const serverSecret: string = this.configService.get('server.secret') as string; - - consumer - .apply( - basicAuth({ - users: { developer: serverSecret }, - challenge: true, - realm: 'Bull Board' - }) - ) - .forRoutes('/queues'); - } -} +export class CompilerModule {}