UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

29 lines (28 loc) 1.19 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.addHonoMiddleware = addHonoMiddleware; const shouldBlockRequest_1 = require("./shouldBlockRequest"); const escapeHTML_1 = require("../helpers/escapeHTML"); /** * Calling this function will setup rate limiting and user blocking for the provided Hono app. * Attacks will still be blocked by Zen if you do not call this function. * Execute this function as early as possible in your Hono app, but after the middleware that sets the user. */ function addHonoMiddleware(app) { app.use(async (c, next) => { const result = (0, shouldBlockRequest_1.shouldBlockRequest)(); if (result.block) { if (result.type === "ratelimited") { let message = "You are rate limited by Zen."; if (result.trigger === "ip" && result.ip) { message += ` (Your IP: ${(0, escapeHTML_1.escapeHTML)(result.ip)})`; } return c.text(message, 429); } if (result.type === "blocked") { return c.text("You are blocked by Zen.", 403); } } await next(); }); }