Slpclient-slpserve NPM

UNTESTED -- do not use yet

[] - Add BitDB validation too

SLPClient server.

Allowing clients to run arbitray read queries on big databases creates a vulnerability for DDOS. The TL;DR for this library is that it's just a combination of SLPServe and SLPSockServe, with validation of each query by SLPClient. Check out those READMEs if you need to.

Install and run:

If you're just getting started, you will need an SLPDB instance running on your local machine.

Some other differences from SLPServe and SLPSockServe is that this server runs on a single port, and no raw or aggregate queries are allowed.

We currently get an error with node-jq trying to install these libraries. Please use these installation commands:

cp .env.example .env; 
npm install --save --unafe-perm --no-bin-links;
npm run start

Summary of validation

// A new SLP Client is initialized:
var slpclient = new SLPClient()

... later ...

// When a query comes in, it's validated using the validateQuery function
function validateQuery(query){
	...
	if(query!= slpclient[query.slpclient.func](...query.slpclient.args).query)return {"error":"Invalid query"};
}

... later ...

if(validateQuery(query).error){
	res.json(validateQuery(query));
	return;
}

Other validations

The creator of BitD uses a 'header' variable to authenticate users based on an API key. This header is also supported by SLPClient (but not this server). You can extend this server with your own header logic for this purpose.

cors dotenv ejs express express-rate-limit fountainhead-slpqueryd ip node-jq p-queue slpclient url

@infinitebrahmanuniverse/nolb-slp @everything-registry/sub-chunk-2781 slpdex

5 years ago

5 years ago

5 years ago

5 years ago