@fizz.js/node-security NPM

@fizz.js/node-security

This is a security library for express.

install

add dependencies into package.json and run yarn install

configure

please put security config into config/${env}.json

{
  "context": {
    "scope": {
      "private": "private",
      "public": "public"
    }
  },
  "redis": {
    "enabled": true,
    "host": "127.0.0.1",
    "port": 6379,
    "options": {
      "no_ready_check": true
    }
  },
  "security": {
    "parser": {
      "urlencoded": {
        "extended": false,
        "limit": "8mb",
        "parameterLimit": 100000
      },
      "json": {
        "limit": "8mb"
      }
    },
    "curf": {
      "enabled": false,
      "cookie": false
    },
    "timeout": {
      "threshold": 60000,
      "enabled": true
    },
    "cors": {
      "credentials": true,
      "origin": "http://localhost"
    },
    "rateLimit": {
      "enabled": false,
      "default": {
        "windowMs": 60000,
        "max": 25000,
        "message": "Too many requests, please try again later",
        "statusCode": 504,
        "headers": true,
        "skipSuccessfulRequests": false,
        "skipFailedRequests": false
      },
      "slowDown": {
        "windowMs": 10000,
        "delayAfter": 50000,
        "delayMs": 100,
        "maxDelayMs": 2000,
        "skipSuccessfulRequests": false,
        "skipFailedRequests": false
      }
    }
  }
}

test

yarn test

coverage

yarn cover

build

yarn build

docs

yarn docs

body-parser compose-middleware compression connect-timeout cookie-parser cors csurf express-rate-limit express-slow-down helmet nocache rate-limit-redis

@everything-registry/sub-chunk-326 @infinitebrahmanuniverse/nolb-_fiz

1.0.0-hotfix2

3 years ago

1.0.0-hotfix

3 years ago

1.0.0

3 years ago