nestjs-security-cli/dist/controllers/security.controller.js

Advanced IP blocking, role-based security, and attack detection for NestJS applications

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
    return function (target, key) { decorator(target, key, paramIndex); }
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecurityController = void 0;
const common_1 = require("@nestjs/common");
const security_service_1 = require("../services/security.service");
const admin_guard_1 = require("../guards/admin.guard");
let SecurityController = class SecurityController {
    constructor(securityService) {
        this.securityService = securityService;
    }
    async blacklistIp(body, req) {
        const { ip, hours = 24, reason = 'Manual blacklist' } = body;
        const blockedBy = req.user?._id || req.user?.id;
        await this.securityService.blacklistIp(ip, hours, reason, blockedBy);
        return { message: `IP ${ip} blacklisted for ${hours} hours` };
    }
    async removeFromBlacklist(ip) {
        await this.securityService.removeFromBlacklist(ip);
        return { message: `IP ${ip} removed from blacklist` };
    }
    async getBlacklisted(query) {
        const options = {
            active: query.active !== 'false',
            limit: parseInt(query.limit) || 50,
            skip: parseInt(query.skip) || 0,
            sortBy: query.sortBy || 'createdAt',
            sortOrder: query.sortOrder || 'desc'
        };
        return await this.securityService.getBlacklistedIps(options);
    }
    async getAnalytics(days = '7') {
        return await this.securityService.getSecurityAnalytics(parseInt(days));
    }
    async blockMalwareIp(req) {
        const blockedBy = req.user?._id || req.user?.id;
        await this.securityService.blacklistIp('94.69.234.122', 24 * 30, 'Malware deployment attempt', blockedBy);
        return { message: 'Malware IP blocked for 30 days' };
    }
};
exports.SecurityController = SecurityController;
__decorate([
    (0, common_1.Post)('blacklist'),
    __param(0, (0, common_1.Body)()),
    __param(1, (0, common_1.Req)()),
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [Object, Object]),
    __metadata("design:returntype", Promise)
], SecurityController.prototype, "blacklistIp", null);
__decorate([
    (0, common_1.Delete)('blacklist/:ip'),
    __param(0, (0, common_1.Param)('ip')),
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [String]),
    __metadata("design:returntype", Promise)
], SecurityController.prototype, "removeFromBlacklist", null);
__decorate([
    (0, common_1.Get)('blacklist'),
    __param(0, (0, common_1.Query)()),
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [Object]),
    __metadata("design:returntype", Promise)
], SecurityController.prototype, "getBlacklisted", null);
__decorate([
    (0, common_1.Get)('analytics'),
    __param(0, (0, common_1.Query)('days')),
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [String]),
    __metadata("design:returntype", Promise)
], SecurityController.prototype, "getAnalytics", null);
__decorate([
    (0, common_1.Post)('block-malware-ip'),
    __param(0, (0, common_1.Req)()),
    __metadata("design:type", Function),
    __metadata("design:paramtypes", [Object]),
    __metadata("design:returntype", Promise)
], SecurityController.prototype, "blockMalwareIp", null);
exports.SecurityController = SecurityController = __decorate([
    (0, common_1.UseGuards)(admin_guard_1.AdminGuard),
    (0, common_1.Controller)('security'),
    __metadata("design:paramtypes", [security_service_1.SecurityService])
], SecurityController);
//# sourceMappingURL=security.controller.js.map