Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

api-security-gateway

garethslinn27MIT1.0.1

A security gateway for APIs with rate limiting, IP whitelisting, and injection prevention.

api, rate limiting, ip whitelisting, injection prevention, backend, cache, caching, cert, certificate, clickjack, connect, content, content-security-policy, csp, cross-origin-embedder-policy, cross-origin-opener-policy, cross-origin-resource-policy, csrf, express, frame, headers, hpkp, hsts, https, key, mimetype, nocache, noopen, origin-agent-cluster, pinni, policy, powered-by, referrer-policy, security, sri, ssl, strict-transport-security, x-content-type-options, x-dns-prefetch-control, x-download-options, x-frame-options, x-permitted-cross-domain-policies, x-powered-by, x-xss-protection, xss

readme

api-security-gateway

API Security Gateway

A security gateway for APIs with features such as rate limiting, IP whitelisting, and injection prevention. This library helps you secure your APIs by controlling access and preventing common attack vectors.

Features

  • Rate Limiting: Control the number of requests a user can make within a specified timeframe.
  • IP Whitelisting/Blacklisting: Allow or deny requests based on IP addresses.
  • Injection Prevention: Sanitize inputs to prevent SQL injection, XSS, and other injection attacks.

Installation

You can install the library using npm:

npm install api-security-gateway


A security gateway for APIs with features such as rate limiting, IP whitelisting, and injection prevention. This library helps you secure your APIs by controlling access and preventing common attack vectors.

## Features

- **Rate Limiting**: Control the number of requests a user can make within a specified timeframe.
- **IP Whitelisting/Blacklisting**: Allow or deny requests based on IP addresses.
- **Injection Prevention**: Sanitize inputs to prevent SQL injection, XSS, and other injection attacks.

## Installation

```bash
git clone https://github.com/yourusername/api-security-gateway.git
cd api-security-gateway
npm install

Using with Express

Here's an example of how to use the api-security-gateway library in an Express application:

const express = require("express");
const apiSecurityGateway = require("api-security-gateway");

const app = express();
app.use(express.json());

const securityOptions = {
  rateLimit: {
    maxRequests: 100,
    windowMs: 15 * 60 * 1000, // 15 minutes
  },
  ipFilter: {
    whitelist: ["127.0.0.1"],
    blacklist: ["192.168.1.1"],
  },
};

const securityGateway = apiSecurityGateway(securityOptions);

app.use((req, res, next) => {
  const requestInfo = {
    ip: req.ip,
    body: req.body,
    query: req.query,
    params: req.params,
  };

  const result = securityGateway(requestInfo);
  if (result.status === 200) {
    next();
  } else {
    res.status(result.status).json({ message: result.message });
  }
});

app.get("/secure-endpoint", (req, res) => {
  res.send("This is a secure endpoint");
});

app.listen(3000, () => {
  console.log("Server running on port 3000");
});

License

This project is licensed under the MIT License - see the LICENSE file for details.