express-bodyguard

A collection of express security middlewares

Usage no npm install needed!

<script type="module">
  import expressBodyguard from 'https://cdn.skypack.dev/express-bodyguard';
</script>

README

Express Bodyguard

Express Bodyguard is a library of middleware that helps enhance web application security.

Features :

  • Http security headers
  • Brute Forcing Protection
  • CSRF Protection
  • Protection against Sql injections

Middlewares :

expressBodyguard.securityHeaders :

const { securityHeaders } = require('express-bodyguard')
app.use(securityHeaders())

expressBodyguard.rateLimit :

const { rateLimit } = require('express-bodyguard')
app.use(rateLimit())

using rate-limit-redis as store :

npm install rate-limit-redis


const RedisStore = require('rate-limit-redis')
const { rateLimit } = require('express-bodyguard')

app.use(rateLimit({
    store : new RedisStore({
        redisURL: '<redis-url>',
    })
}))

expressBodyguard.csrfProtection :

const { csrfProtection } = require('express-bodyguard')

app.use(csrfProtection({
    secret: '<secret-sign-key>',
    key: 'csrfToken',
    saveMethods: ['HEAD', 'OPTIONS', 'GET'],
    statusCode: 403,
    message: 'Invalid CSRF Token',
    expiresIn: 3600,
}))

Contribute

git clone https://github.com/Abderrahman-byte/express-bodyguard
cd express-bodyguard
npm install

To lint and test:

npm test

License

MIT