feat(api): add security plugins

Signed-off-by: iverly <github@iverly.net>
iverly · Dec 3, 2023 · e515ecf · e515ecf
1 parent 5b59bb5
commit e515ecf
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 1 deletion.
diff --git a/apps/api/src/main.ts b/apps/api/src/main.ts
@@ -18,6 +18,8 @@ import {
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
 import { ResponseFormatterInterceptor } from '@nx-next-nest-prisma-ory-template/utils';
 import { Logger } from 'nestjs-pino';
+import helmet from '@fastify/helmet';
+import csrf from '@fastify/csrf-protection';
 
 async function bootstrap() {
   if (otelEnabled) {
@@ -38,6 +40,11 @@ async function bootstrap() {
 
   const httpAdapter = app.getHttpAdapter();
 
+  // Security plugins
+  app.enableCors();
+  await app.register(helmet);
+  await app.register(csrf);
+
   // Validation pipe
   app.useGlobalPipes(
     new ValidationPipe({

diff --git a/package.json b/package.json
@@ -20,6 +20,9 @@
     "postinstall": "pnpm prisma:generate"
   },
   "dependencies": {
+    "@fastify/cors": "^8.4.1",
+    "@fastify/csrf-protection": "^6.4.1",
+    "@fastify/helmet": "^11.1.1",
     "@fastify/static": "^6.12.0",
     "@nestjs/common": "^10.2.10",
     "@nestjs/config": "^3.1.1",

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml