@security_packages/sentinelgate
v1.1.7
Published
SentinelGate is a lightweight security monitoring package for Node.js applications. It detects suspicious login behavior, computes a risk score, and provides a dashboard to visualize high-risk activities.
Downloads
90
Readme
SentinelGate
SentinelGate is a lightweight security monitoring package for Node.js applications. It detects suspicious login behavior, computes a risk score, and provides a dashboard to visualize high-risk activities.
Installation
npm install @security_packages/sentinelgateGenerating the Secret Key
Run the following command:
npx @security_packages/sentinelgateThis generates a secure dashboard access key and stores it in the .env file as:
SENTINELGATE_DASHBOARD_KEY=your_generated_keyBasic Setup
const express = require("express");
const Sentinel = require("@security_packages/sentinelgate");
const app = express();
app.use("/sentinelgate", Sentinel.sentinelGate());Enables:
- Dashboard UI →
/sentinelgate - API endpoints →
/sentinelgate/*
System Overview
SentinelGate operates as follows:
- A user attempts to log in
- System tracks anomalies:
- Incorrect password attempts
- CAPTCHA failures
- Abnormal form submission time
- Hidden parameter manipulation
- Data stored in MongoDB
- Risk score calculated
- High-risk activity shown in dashboard
MongoDB Initialization
await Sentinel.initParameters(
dbName,
collectionName,
statsCollectionName,
client,
dbURL,
req
);Core Functions
1. initParameters(...)
await Sentinel.initParameters(...);Initializes DB connection and collections.
2. wrongPassword(Username)
await Sentinel.wrongPassword(Username);Tracks failed password attempts.
3. wrongCaptcha(Username)
await Sentinel.wrongCaptcha(Username);Tracks CAPTCHA failures.
4. evaluateTime(start, end, Username)
await Sentinel.evaluateTime(loginStartTime, loginEndTime, Username);Detects abnormal login timing.
5. hiddenFields(hiddenParams, Username, body)
await Sentinel.hiddenFields(hiddenParameters, Username, req.body);Detects hidden parameter manipulation.
Example Integration
app.post("/login", async (req, res) => {
await Sentinel.initParameters(
dbName,
collectionName,
statsCollectionName,
client,
dbUrl,
req
);
const {
Username,
Password,
Captcha,
enteredCaptcha,
loginStartTime,
loginEndTime
} = req.body;
if (Password !== "expectedPassword") {
await Sentinel.wrongPassword(Username);
}
if (Captcha !== enteredCaptcha) {
await Sentinel.wrongCaptcha(Username);
}
await Sentinel.evaluateTime(loginStartTime, loginEndTime, Username);
await Sentinel.hiddenFields(hiddenParameters, Username, req.body);
res.send("Login processed");
});Dashboard Access
http://localhost:3000/sentinelgateFeatures:
- High-risk IP detection
- Risk score visualization
- Activity tracking
- Charts (daily / weekly / monthly)
Risk Score Calculation
- Wrong Password → +2
- Wrong CAPTCHA → +2.5
- Suspicious Timing → +3
- Hidden Parameter Detection → +4
Only high-risk entries are displayed.
Security and Data Handling
- Uses MongoDB with safe upsert operations
- Avoids duplicate entries (Username + IP)
- Stores only security-related data
- No sensitive data exposed
- Aggregated analytics maintained
Database Collections
Information Collection
- Stores user/IP activity
Statistics Collection
- Stores aggregated metrics
Available Routes
/sentinelgate → Dashboard
/sentinelgate/getIp → IP data
/sentinelgate/fetchData → Chart data
/sentinelgate/verify → Auth Future Enhancements
- Real-time alerts (Email/SMS)
- Automated IP blocking
- ML-based threat detection
- Geo-location risk analysis
Summary
SentinelGate integrates seamlessly into existing applications with minimal setup and provides effective login security monitoring.