Express Bodyguard
Express Bodyguard is a library of middleware that helps enhance web application security.
Features :
- [x] Http security headers
- [x] Brute Forcing Protection
- [x] CSRF Protection
- [ ] Protection against Sql injections
Middlewares :
expressBodyguard.securityHeaders :
const { securityHeaders } = require('express-bodyguard')
app.use(securityHeaders())expressBodyguard.rateLimit :
const { rateLimit } = require('express-bodyguard')
app.use(rateLimit())using rate-limit-redis as store :
npm install rate-limit-redis
const RedisStore = require('rate-limit-redis')
const { rateLimit } = require('express-bodyguard')
app.use(rateLimit({
store : new RedisStore({
redisURL: '<redis-url>',
})
}))expressBodyguard.csrfProtection :
const { csrfProtection } = require('express-bodyguard')
app.use(csrfProtection({
secret: '<secret-sign-key>',
key: 'csrfToken',
saveMethods: ['HEAD', 'OPTIONS', 'GET'],
statusCode: 403,
message: 'Invalid CSRF Token',
expiresIn: 3600,
}))Contribute
git clone https://github.com/Abderrahman-byte/express-bodyguard
cd express-bodyguard
npm install
To lint and test:
npm test