INSTALL

npm install @btpns/security

please add file in => src/config/config.json

HTTP HELMET

HTTP Helmet helps you secure your apps by setting various HTTP headers. For more information: https://github.com/helmetjs/helmet

CONFIG

please add string httpHelmet as key object. Module exist in httpHelmet:

HOW TO USE

apply in as global middleware in nest:

app.use(helmet())

RATE LIMITER

Rate Limiter to protect your applications from brute-force attacks. For more information: https://github.com/nfriedly/express-rate-limit

PARAMETER

--handler (optional) The function to handle requests once the max limit is exceeded. It receives the request and the response objects. The next param is available if you need to pass to the next middleware. The req.rateLimit object has limit, current, and remaining number of requests and, if the store provides it, a resetTime Date object. Defaults to:

function (req, res, next) {
    res.status(429).send(message);
}

### CONFIG
please add string `rateLimiter` as key object. Variable in rateLimiter:

--`max` (must be number) => max connection during windowMs milliseconds before sending http sattus 429 response. Defaults to 5. Set 0 disable.

--`windowMs` (must be number) => how long in milliseconds to keep records of requests in memory. Defaults to 60000 (1 minute).

--`message` (must be string OR json object) => error message that sent when max is exceeded. Defaults to 'Too many requests, please try again later.'

HOW TO USE

apply in as global middleware in nest:

app.use(rateLimiter())

CSRF

CSRF helps you to secure unauthorized commands are transmitted from a user that the web application trusts. For more information: https://github.com/expressjs/csurf

HOW TO USE

apply in as global middleware in nest:

app.use(csrf())