UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

58 lines (57 loc) 2.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.setRateLimitGroup = setRateLimitGroup; const isPlainObject_1 = require("../helpers/isPlainObject"); const AgentSingleton_1 = require("../agent/AgentSingleton"); const Context_1 = require("../agent/Context"); function setRateLimitGroup(g) { const agent = (0, AgentSingleton_1.getInstance)(); if (!agent) { return; } const context = (0, Context_1.getContext)(); if (!context) { logWarningSetRateLimitGroupCalledWithoutContext(); return; } const group = g; if (!(0, isPlainObject_1.isPlainObject)(group)) { agent.log(`setRateLimitGroup(...) expects an object with 'id' property, found ${typeof group} instead.`); return; } if (!("id" in group)) { agent.log(`setRateLimitGroup(...) expects an object with 'id' property.`); return; } if (typeof group.id !== "string" && typeof group.id !== "number") { agent.log(`setRateLimitGroup(...) expects an object with 'id' property of type string or number, found ${typeof group.id} instead.`); return; } if (typeof group.id === "string" && group.id.length === 0) { agent.log(`setRateLimitGroup(...) expects an object with 'id' property non-empty string.`); return; } const groupId = group.id.toString(); if (context.executedMiddleware) { logWarningSetRateLimitGroupCalledAfterMiddleware(); } (0, Context_1.updateContext)(context, "rateLimitGroup", groupId); } let loggedWarningSetRateLimitGroupCalledAfterMiddleware = false; function logWarningSetRateLimitGroupCalledAfterMiddleware() { if (loggedWarningSetRateLimitGroupCalledAfterMiddleware) { return; } // eslint-disable-next-line no-console console.warn(`setRateLimitGroup(...) must be called before the Zen middleware is executed.`); loggedWarningSetRateLimitGroupCalledAfterMiddleware = true; } let loggedWarningSetRateLimitGroupCalledWithoutContext = false; function logWarningSetRateLimitGroupCalledWithoutContext() { if (loggedWarningSetRateLimitGroupCalledWithoutContext) { return; } // eslint-disable-next-line no-console console.warn("setRateLimitGroup(...) was called without a context. Make sure to call setRateLimitGroup(...) within an HTTP request. If you're using serverless functions, make sure to use the handler wrapper provided by Zen. Also ensure you import Zen at the top of your main app file (before any other imports)."); loggedWarningSetRateLimitGroupCalledWithoutContext = true; }