UNPKG

koruai

Version:

AI-powered security monitoring middleware for Express.js applications. Detects anomalies and threats in real-time with intelligent request analysis.

github.com/koruai/koruai-sdks-express

koruai/koruai-sdks-express

66 lines (65 loc) 4.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.KoruAI = KoruAI; const collectRequest_1 = require("../helper/collectRequest"); const Policy_1 = require("../helper/Policy"); /** * Creates Express middleware for AI-powered security monitoring. * @param config - Configuration object for the Anomaly middleware * @param config.apiKey - Your API key for authentication with Anomaly AI servers * @param config.appId - Your application ID for identifying your app * @param config.blockRealtime - Whether to check for anomaly in real-time. * If true, the middleware will check for anomaly in real-time and block the request if anomaly is detected. * If false, the middleware will check for anomaly in our servers and send report to dashboard. * Default is false. * @returns Express middleware function */ function KoruAI(config) { const policyManager = new Policy_1.PolicyManager(config.blockRealtime, config.appId, config.apiKey); return (req, res, next) => { // Start moment of the request in high resolution time. const start = process.hrtime(); // Only override res.send since res.json and other response methods call res.send internally const originalSend = res.send.bind(res); res.send = function (body) { return __awaiter(this, void 0, void 0, function* () { res.send = originalSend; // Calculate the duration of the request in milliseconds. const diff = process.hrtime(start); const duration_ms = diff[0] * 1000 + diff[1] / 1e6; const duration_uint32 = Math.floor(duration_ms) >>> 0; // Convert to unsigned 32-bit integer. // Creating RequestCollectionData from the request. let requestCollectionData = (0, collectRequest_1.createSDKRequestData)(req, body, res.statusCode, duration_uint32); // Modifying the requestCollectionData with the anomaly result if blockRealtime is true. if (config.blockRealtime) { const anomalyResult = policyManager.checkRequestForAnomaly(requestCollectionData); requestCollectionData = Object.assign(Object.assign({}, requestCollectionData), { anomaly: anomalyResult, blocked: (anomalyResult === null || anomalyResult === void 0 ? void 0 : anomalyResult.is_anomaly) ? 1 : 0, detected_by_policy_id: (anomalyResult === null || anomalyResult === void 0 ? void 0 : anomalyResult.detected_by_policy_id) || "" }); } // Send collected request to Anomaly servers. (0, collectRequest_1.collectRequest)(requestCollectionData, config.apiKey, config.appId); // If requestCollectionData.anomaly is not null and is_anomaly is true (meaning anomaly is detected), send 403 response. if (requestCollectionData.anomaly && requestCollectionData.anomaly.is_anomaly) { return originalSend.call(this, { message: "Anomaly Detected.", }); } // If requestCollectionData.anomaly is null (means not checked for anomaly) // or anomaly.is_anomaly is false (means anomaly is not detected), send the original response. else { return originalSend.call(this, body); } }); }; next(); }; }