@aikidosec/firewall/agent/AttackLogger.js

Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.AttackLogger = void 0;
/* eslint-disable no-console */
const escapeLog_1 = require("../helpers/escapeLog");
const Attack_1 = require("./Attack");
class AttackLogger {
    constructor(maxLogs) {
        this.maxLogs = maxLogs;
        // Tracks number of logs in the current hour
        this.logCount = 0;
        // Tracks the last reset time
        this.lastResetTime = Date.now();
        if (this.maxLogs <= 0) {
            throw new Error("maxLogs must be greater than 0");
        }
    }
    log(event) {
        const currentTime = Date.now();
        // Reset the counter if more than an hour has passed
        this.resetLogCountIfNeeded(currentTime);
        if (this.logCount >= this.maxLogs) {
            return;
        }
        this.logCount++; // Increment the log counter
        const { blocked, kind, operation, source, path } = event.attack;
        const { ipAddress } = event.request;
        const message = `Zen has ${blocked ? "blocked" : "detected"} ${(0, Attack_1.attackKindHumanName)(kind)}: kind="${(0, escapeLog_1.escapeLog)(kind)}" operation="${(0, escapeLog_1.escapeLog)(operation)}(...)" source="${(0, escapeLog_1.escapeLog)(source)}${(0, escapeLog_1.escapeLog)(path)}" ip="${(0, escapeLog_1.escapeLog)(ipAddress)}"`;
        console.log(message);
    }
    resetLogCountIfNeeded(currentTime) {
        // Reset the count if the last reset was more than an hour ago
        const oneHourAgo = this.lastResetTime + 60 * 60 * 1000;
        if (currentTime >= oneHourAgo) {
            this.logCount = 0;
            this.lastResetTime = currentTime;
        }
    }
}
exports.AttackLogger = AttackLogger;