heath impl

src/main.ts

@@ -3,10 +3,14 @@ import { AppModule } from './app.module';
 import { ValidationPipe } from '@nestjs/common';
 import { ResponseInterceptor } from './common/response.interceptor';
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
+import helmet from 'helmet';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
 
+  // Adicionar Helmet para proteção de cabeçalhos HTTP
+  app.use(helmet());
+  
   app.useGlobalInterceptors(new ResponseInterceptor());
   
   app.useGlobalPipes(
@@ -14,14 +18,24 @@ async function bootstrap() {
       whitelist: true,
       forbidNonWhitelisted: true,
       transform: true,
+      transformOptions: {
+        enableImplicitConversion: true,
+      },
+      // Tornar validações mais rigorosas
+      forbidUnknownValues: true,
+      disableErrorMessages: process.env.NODE_ENV === 'production',
     }),
   );
 
+  // Configuração CORS mais restritiva
   app.enableCors({
-    origin: '*',
-    methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
+    origin: process.env.NODE_ENV === 'production' 
+      ? ['https://seu-dominio.com', 'https://admin.seu-dominio.com'] 
+      : '*',
+    methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'],
     credentials: true,
-    allowedHeaders: 'Content-Type, Accept',
+    allowedHeaders: ['Content-Type', 'Authorization', 'Accept'],
+    maxAge: 3600,
   });
 
   const config = new DocumentBuilder()
@@ -34,7 +48,6 @@ async function bootstrap() {
   const document = SwaggerModule.createDocument(app, config);
   SwaggerModule.setup('docs', app, document); 
 
-
   await app.listen(8066);
 }
 bootstrap();