UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

31 lines (30 loc) 1.21 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.elysiaHandler = void 0; const shouldBlockRequest_1 = require("./shouldBlockRequest"); const escapeHTML_1 = require("../helpers/escapeHTML"); /** * Adding this handler using app.onBeforeHandle(elysiaHandler) will setup rate limiting and user blocking for the provided Elysia app. * Attacks will still be blocked by Zen if you do not add this handler. */ const elysiaHandler = () => { const result = (0, shouldBlockRequest_1.shouldBlockRequest)(); if (result.block) { if (result.type === "ratelimited") { let message = "You are rate limited by Zen."; if (result.trigger === "ip" && result.ip) { message += ` (Your IP: ${(0, escapeHTML_1.escapeHTML)(result.ip)})`; } return new Response(message, { status: 429, headers: { "Retry-After": result.retryAfterSeconds.toString(), }, }); } if (result.type === "blocked") { return new Response("You are blocked by Zen.", { status: 403 }); } } }; exports.elysiaHandler = elysiaHandler;