UNPKG

npm-package-nodejs-utils-lda

Version:

Este projeto tem como fins de criar e abstrair módulos basicos e utilidades para o node js

github.com/LUISDASARTIMANHAS/npm-package-nodejs-utils

LUISDASARTIMANHAS/npm-package-nodejs-utils

124 lines (105 loc) 3.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
const { fopen, fwrite, log } = require("./autoFileSysModule.cjs"); const cors = require("cors"); const helmet = require("helmet"); const { configExist } = require("./utils.cjs"); const logPath = "HTTPSfirewall.txt"; configExist(); checkConfigIntegrity(); async function httpsSecurityMiddleware(req, res, next) { const configs = fopen("config.json"); const userAgent = req.get("user-agent") || ""; if (await checkUserAgent(req, res, userAgent)) return; const corsOptions = makeCorsOptions(configs); const hstsOptions = makeHstsOptions(); cors(corsOptions)(req, res, () => { if (req.method === "OPTIONS") { configureCorsHeaders(res, corsOptions); } helmet.hsts(hstsOptions)(req, res, next); }); } async function checkUserAgent(req, res, userAgent) { const configs = fopen("config.json"); const { ALLOWED_USER_AGENTS, BLOCKED_USER_AGENTS } = configs; // Verifica se o User-Agent é permitido ou bloqueado const isAllowed = isUserAgentAllowed(userAgent, ALLOWED_USER_AGENTS); const isBlocked = isUserAgentBlocked(userAgent, BLOCKED_USER_AGENTS); if (!isAllowed || isBlocked) { logBlockedUserAgent(userAgent, req); res.status(403).send("User-Agent not authorized."); return true; // Bloqueado } return false; // Permitido } // FUNÇÕES BASICAS DE SUBPROCESSOS function isUserAgentAllowed(userAgent, allowedAgents) { return allowedAgents.some(ua => userAgent.includes(ua)); } function isUserAgentBlocked(userAgent, blockedAgents) { return blockedAgents.some(blocked => userAgent.includes(blocked)); } function logBlockedUserAgent(userAgent, req) { log(`Blocked UA: '${userAgent}' | IP: ${req.ip} | URL: ${req.originalUrl}`,logPath); } function configureCorsHeaders(res, corsOptions) { res.set("Access-Control-Allow-Origin", corsOptions.origin); res.set("Access-Control-Allow-Methods", corsOptions.methods); res.set("Access-Control-Allow-Headers", corsOptions.allowedHeaders); } function makeCorsOptions(configs) { return { origin: configs.ORIGIN, methods: configs.METHODS, allowedHeaders: configs.ALLOWED_HEADERS, optionsSuccessStatus: 204, }; } function makeHstsOptions() { return { maxAge: 365 * 24 * 60 * 60, includeSubDomains: true, preload: true, }; } function checkConfigIntegrity() { // obtem config.json const configs = fopen("config.json"); if (!configs.ORIGIN) { configs.ORIGIN = ["/^https://.+/"]; } if (!configs.METHODS) { configs.METHODS = "GET,PUT,POST,DELETE"; } if (!configs.ALLOWED_HEADERS) { configs.ALLOWED_HEADERS = [ "Content-Type", "Access-Control-Allow-Origin", "authorization", "id", "key", "urlParams", "cache-control", "X-Disable-Cache", ]; } if (!configs.ALLOWED_USER_AGENTS) { configs.ALLOWED_USER_AGENTS = [ "Mozilla", "Chrome", "Firefox", "custom/1.0", ]; } if (!configs.BLOCKED_USER_AGENTS) { configs.BLOCKED_USER_AGENTS = [ "CensysInspect", "Shodan", "curl", "python-requests", "nmap", ]; } // salva novamente fwrite("config.json", configs); } module.exports = httpsSecurityMiddleware;