@nis2shield/angular-guard
v1.1.1
Published
Angular wrapper for NIS2 Shield - Session Guard, Secure Storage, and Security Telemetry
Maintainers
fabdip89Readme
@nis2shield/angular-guard
Enterprise-grade Angular wrapper for NIS2 compliance — Session Guard, Secure Storage, and Security Telemetry.
Why this package?
Companies subject to the NIS2 Directive require strict session management and audit logs. This library provides:
- Automatic session termination (Idle Timer) -
Nis2Service.isIdle$ - Route protection -
Nis2CanActivateGuardblocks navigation when idle - HTTP security headers -
Nis2InterceptoraddsX-NIS2-*headers - Encrypted local storage (AES-256) -
getSecureStorage() - Device fingerprinting - Session hijacking detection
Part of the NIS2 Shield Ecosystem
- Backend: django-nis2-shield, nis2-spring-shield
- Core SDK: @nis2shield/core (dependency)
- Vue: @nis2shield/vue-guard
- Infrastructure: nis2shield/infrastructure
Features
- 🛡️ Nis2Service — RxJS observables for session state (
isIdle$,warning$) - 🔒 Nis2CanActivateGuard — Route protection for idle sessions
- 📡 Nis2Interceptor — Automatic security headers on HTTP requests
- 💾 SecureStorage — Encrypted localStorage via Core SDK
- ⚡ NgZone optimized — Timers run outside Angular for performance
// app.module.ts
import { Nis2Module } from '@nis2shield/angular-guard';
@NgModule({
imports: [
Nis2Module.forRoot({
auditEndpoint: '/api/nis2/telemetry/',
idleTimeoutMinutes: 15,
debug: !environment.production
})
]
})
export class AppModule {}2. Use the Service
// app.component.ts
import { Component } from '@angular/core';
import { Nis2Service } from '@nis2shield/angular-guard';
@Component({
selector: 'app-root',
template: `
<div *ngIf="warning$ | async as seconds">
⚠️ Session expires in {{ seconds }} seconds
</div>
`
})
export class AppComponent {
warning$ = this.nis2.warning$;
constructor(private nis2: Nis2Service) {
this.nis2.isIdle$.subscribe(isIdle => {
if (isIdle) {
window.location.href = '/logout?reason=idle';
}
});
}
}3. Protect Routes
// app-routing.module.ts
import { Nis2CanActivateGuard } from '@nis2shield/angular-guard';
const routes: Routes = [
{
path: 'dashboard',
component: DashboardComponent,
canActivate: [Nis2CanActivateGuard]
}
];4. Use Secure Storage
export class ProfileComponent implements OnInit {
constructor(private nis2: Nis2Service) {}
async ngOnInit() {
const storage = this.nis2.getSecureStorage();
// Store encrypted data
await storage.set('user_iban', 'IT60X0542811101000000123456');
// Retrieve and decrypt
const iban = await storage.get<string>('user_iban');
}
}5. Log Security Events
async onHighValueTransaction(amount: number) {
if (amount > 10000) {
await this.nis2.logWarning('HIGH_VALUE_TRANSACTION', {
amount,
currency: 'EUR'
});
}
}API Reference
Nis2Service
| Property/Method | Type | Description |
|----------------|------|-------------|
| isIdle$ | Observable<boolean> | Emits when user becomes idle |
| isActive$ | Observable<boolean> | Emits when user becomes active |
| warning$ | Observable<number \| null> | Seconds before timeout |
| resetIdleTimer() | void | Reset the idle countdown |
| getTimeRemaining() | number | Milliseconds until idle |
| getFingerprint() | DeviceFingerprint | Current device fingerprint |
| getSecureStorage() | SecureStorage | Encrypted storage instance |
| logWarning() | Promise<void> | Log warning event |
| logCritical() | Promise<void> | Log critical event |
Configuration Options
interface Nis2Config {
auditEndpoint: string; // Required
idleTimeoutMinutes?: number; // Default: 15
enableWarning?: boolean; // Default: true
debug?: boolean; // Default: false
headers?: Record<string, string>;
}NIS2 Compliance
| Feature | NIS2 Article | |---------|--------------| | Session timeout | Art. 21.2.h | | Encrypted storage | Art. 21.2.j | | Device fingerprinting | Art. 21.2.g | | Incident reporting | Art. 23 |
License
MIT License - see LICENSE for details.
Part of the NIS2 Shield ecosystem.