UNPKG

secure-express-setup

Version:

Military-grade one-command security setup for Express.js applications

github.com/0Raghav-Sharma0/secure-express-setup

0Raghav-Sharma0/secure-express-setup

29 lines (25 loc) 953 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
const rateLimit = require("express-rate-limit"); /** * Setup brute force protection middleware * @param {Object} options - Brute force protection options * @param {String} redisUrl - Optional Redis URL */ function setupBruteForce(options = {}, redisUrl) { const config = { windowMs: options.windowMs || 15 * 60 * 1000, // 15 minutes max: options.maxAttempts || options.max || 10, // 10 failed attempts message: options.message || { error: "Too many failed attempts", message: "Account temporarily locked. Please try again later." }, skipSuccessfulRequests: true, // Only count failed attempts skip: (req, res) => { // Skip for certain paths or conditions return false; } }; // Note: Removed Redis store for simplicity // In production, you'd want Redis for distributed brute force protection return rateLimit(config); } module.exports = setupBruteForce;