UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

56 lines (55 loc) 2.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.FetchListsAPINodeHTTP = void 0; const fetch_1 = require("../../helpers/fetch"); const getAPIURL_1 = require("../getAPIURL"); class FetchListsAPINodeHTTP { constructor(baseUrl = (0, getAPIURL_1.getAPIURL)()) { this.baseUrl = baseUrl; } async getLists(token) { const { body, statusCode } = await (0, fetch_1.fetch)({ url: new URL(`${this.baseUrl.toString()}api/runtime/firewall/lists`), method: "GET", headers: { // We need to set the Accept-Encoding header to "gzip" to receive the response in gzip format "Accept-Encoding": "gzip", Authorization: token.asString(), }, timeoutInMS: 60 * 1000, }); if (statusCode !== 200) { if (statusCode === 401) { throw new Error(`Unable to access the Aikido platform, please check your token.`); } throw new Error(`Failed to fetch blocked lists: ${statusCode}`); } return this.toAPIResponse(body); } toAPIResponse(data) { const result = JSON.parse(data); return { blockedIPAddresses: result && Array.isArray(result.blockedIPAddresses) ? result.blockedIPAddresses : [], allowedIPAddresses: result && Array.isArray(result.allowedIPAddresses) ? result.allowedIPAddresses : [], monitoredIPAddresses: result && Array.isArray(result.monitoredIPAddresses) ? result.monitoredIPAddresses : [], // Blocked user agents are stored as a string pattern for usage in a regex (e.g. "Googlebot|Bingbot") blockedUserAgents: result && typeof result.blockedUserAgents === "string" ? result.blockedUserAgents : "", // Monitored user agents are stored as a string pattern for usage in a regex (e.g. "ClaudeBot|ChatGPTBot") monitoredUserAgents: result && typeof result.monitoredUserAgents === "string" ? result.monitoredUserAgents : "", userAgentDetails: result && Array.isArray(result.userAgentDetails) ? result.userAgentDetails : [], }; } } exports.FetchListsAPINodeHTTP = FetchListsAPINodeHTTP;