@forgeframework/guard
v0.3.0
Published
Provides protection middleware for the Forge Framework.
Maintainers
Readme
@forgeframework/guard
Provides protection middleware for the Forge Framework.
Part of the Forge Framework — a TypeScript framework for backend microservices and web applications.
Installation
npm install @forgeframework/guardUsage
import {
RateLimiter, CorsMiddleware, CsrfMiddleware,
InputSanitizer, secureHeaders, validate, composeGuards,
} from '@forgeframework/guard';
server.use(secureHeaders());
server.use(new CorsMiddleware({ origin: ['https://app.example.com'], credentials: true }));
server.use(new InputSanitizer({ stripHtml: true, trimStrings: true }));
const apiLimiter = new RateLimiter({
windowMs: 15 * 60 * 1000,
maxRequests: 100,
keyGenerator: (ctx) => ctx.state.get('identity')?.id ?? ctx.request.headers['x-forwarded-for'],
});
server.group('/api', (router) => {
router.use(apiLimiter);
router.post('/orders', validate({
body: {
items: { type: 'array', required: true },
shippingAddress: { type: 'object', required: true },
},
}), createOrder);
});Documentation
Full API reference and guides: https://carbonforge.io/framework/docs/security/guard
(Documentation site launching soon.)
License
MIT © Carbon Forge
