@aikidosec/firewall/middleware/hono.js

Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.addHonoMiddleware = addHonoMiddleware;
const shouldBlockRequest_1 = require("./shouldBlockRequest");
const escapeHTML_1 = require("../helpers/escapeHTML");
/**
 * Calling this function will setup rate limiting and user blocking for the provided Hono app.
 * Attacks will still be blocked by Zen if you do not call this function.
 * Execute this function as early as possible in your Hono app, but after the middleware that sets the user.
 */
function addHonoMiddleware(app) {
    app.use(async (c, next) => {
        const result = (0, shouldBlockRequest_1.shouldBlockRequest)();
        if (result.block) {
            if (result.type === "ratelimited") {
                let message = "You are rate limited by Zen.";
                if (result.trigger === "ip" && result.ip) {
                    message += ` (Your IP: ${(0, escapeHTML_1.escapeHTML)(result.ip)})`;
                }
                return c.text(message, 429);
            }
            if (result.type === "blocked") {
                return c.text("You are blocked by Zen.", 403);
            }
        }
        await next();
    });
}