Peel-Organisation · KevOneRedOne · Dec 10, 2023 · Dec 6, 2023 · Dec 6, 2023 · Dec 6, 2023
diff --git a/package.json b/package.json
@@ -26,14 +26,15 @@
     "express-validator": "^6.14.2",
     "firebase": "^9.22.0",
     "firebase-admin": "^11.7.0",
+    "helmet": "^7.1.0",
     "jsonwebtoken": "^9.0.0",
     "login": "^0.8.0",
     "mathjs": "^10.6.0",
     "moment": "^2.29.4",
     "mongoose": "^6.8.2",
     "mysql": "^2.18.1",
     "mysql2": "^2.3.3",
-    "nodemon": "^2.0.20",
+    "nodemon": "^3.0.2",
     "uuid": "8.3.2"
   },
   "devDependencies": {
@@ -43,7 +44,7 @@
     "@babel/plugin-proposal-object-rest-spread": "^7.20.7",
     "@babel/preset-env": "^7.23.3",
     "@faker-js/faker": "^8.0.1",
-    "artillery": "^2.0.0-32",
+    "artillery": "^1.7.4",
     "babel-cli": "^6.26.0",
     "babel-preset": "^1.1.7",
     "babel-preset-env": "^1.7.0",

diff --git a/src/app.js b/src/app.js
@@ -1,12 +1,17 @@
 const express = require('express');
 const cors = require('cors');
 const apiRouter = require('./routes');
+const moment = require('moment');
+const helmet = require('helmet');
 
 
 const bodyParser = require('body-parser')
 const app = express()
 app.use(cors());
+app.use(helmet());
 
+// Trust the headers set by your reverse proxy
+app.set('trust proxy', true);
 
 // parse application/x-www-form-urlencoded
 app.use(bodyParser.urlencoded({ extended: false }))
@@ -18,10 +23,9 @@ app.use(express.json());
 
 app.use((req, res, next) => {
   if (process.env.STACK === 'development') {
-    const currentTime = new Date().toISOString();
-    const clientIp = req.headers['x-forwarded-for'] || req.socket.remoteAddress;
-    console.log(`[${currentTime}] - Requête reçue : ${req.method}, ${req.url}, ${JSON.stringify(req.params)}, ${JSON.stringify(req.body)} | de l'adresse IP:  [${clientIp}] `);
-
+    const currentTime = moment().format('YYYY-MM-DD HH:mm:ss');
+    const clientIp = (req.headers['x-forwarded-for'] || '').split(',').shift().replace('::ffff:', '') || req.socket.remoteAddress;
+    console.log(`[${currentTime}] - Requête reçue : ${req.method}, ${req.url}, ${JSON.stringify(req.params)}, ${JSON.stringify(req.body)} | l'adresse IP source : [${clientIp}] `);
     if (req.method === 'POST' || req.method === 'PUT') {
       console.log(`[${currentTime}] - Corps de la requête :  ${JSON.stringify(req.body)} | de l'adresse IP:  [${clientIp}] `);
     }
@@ -34,5 +38,8 @@ app.use((req, res, next) => {
 
 app.use('/api', apiRouter);
 
+// Reduce Fingerprinting
+app.disable('x-powered-by')
+
 
 module.exports = app;