@anomira/node-sdk 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +56 -20
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -10,43 +10,60 @@ npm install @anomira/node-sdk
10
10
 
11
11
  ## Quick Start
12
12
 
13
- ```ts
13
+ ```js
14
14
  import { SentinelAPI } from "@anomira/node-sdk";
15
15
 
16
16
  const sentinel = new SentinelAPI({
17
- apiKey: process.env.ANOMIRA_API_KEY!,
18
- appId: process.env.ANOMIRA_APP_ID!,
17
+ apiKey: process.env.SENTINEL_API_KEY,
18
+ appId: process.env.SENTINEL_APP_ID,
19
+ ingestUrl: process.env.SENTINEL_INGEST_URL,
20
+ debug: true,
19
21
  });
20
22
  ```
21
23
 
22
24
  ## Express
23
25
 
24
- ```ts
26
+ ```js
25
27
  import express from "express";
26
28
  import { SentinelAPI } from "@anomira/node-sdk";
27
29
 
28
30
  const app = express();
31
+
29
32
  const sentinel = new SentinelAPI({
30
- apiKey: process.env.ANOMIRA_API_KEY!,
31
- appId: process.env.ANOMIRA_APP_ID!,
33
+ apiKey: process.env.SENTINEL_API_KEY,
34
+ appId: process.env.SENTINEL_APP_ID,
35
+ ingestUrl: process.env.SENTINEL_INGEST_URL,
36
+ debug: true,
37
+ captureConsole: true, // forwards console.log/warn/error to Logs dashboard
38
+ service: "my-api",
39
+ detect: {
40
+ bruteForce: true,
41
+ rateAbuse: true,
42
+ pathTraversal: true,
43
+ xss: true,
44
+ scanDetection: true,
45
+ geoVelocity: true,
46
+ },
32
47
  });
33
48
 
34
- // Add as global middleware — must come before your routes
35
- app.use(sentinel.express());
49
+ app.use(express.json());
50
+ app.use(sentinel.express()); // auto-instruments all routes
36
51
 
37
52
  app.listen(3000);
38
53
  ```
39
54
 
40
55
  ## Fastify
41
56
 
42
- ```ts
57
+ ```js
43
58
  import Fastify from "fastify";
44
59
  import { SentinelAPI } from "@anomira/node-sdk";
45
60
 
46
61
  const app = Fastify();
62
+
47
63
  const sentinel = new SentinelAPI({
48
- apiKey: process.env.ANOMIRA_API_KEY!,
49
- appId: process.env.ANOMIRA_APP_ID!,
64
+ apiKey: process.env.SENTINEL_API_KEY,
65
+ appId: process.env.SENTINEL_APP_ID,
66
+ ingestUrl: process.env.SENTINEL_INGEST_URL,
50
67
  });
51
68
 
52
69
  await app.register(sentinel.fastify());
@@ -56,7 +73,7 @@ app.listen({ port: 3000 });
56
73
 
57
74
  ## Manual Event Tracking
58
75
 
59
- ```ts
76
+ ```js
60
77
  // Track a failed OTP attempt
61
78
  sentinel.track("auth.otp.failed", {
62
79
  ip: req.ip,
@@ -73,17 +90,17 @@ sentinel.trackPhoneAuth({ ip: req.ip, userId: user.id, phone: user.phone });
73
90
 
74
91
  ## Structured Logging
75
92
 
76
- ```ts
77
- sentinel.log("info", "User registered", { userId: user.id });
78
- sentinel.log("warn", "Slow DB query", { queryMs: 1240 });
79
- sentinel.log("error", "Payment failed", { reason: err.message });
93
+ ```js
94
+ sentinel.log("info", "User registered", { userId: user.id });
95
+ sentinel.log("warn", "Slow DB query", { queryMs: 1240 });
96
+ sentinel.log("error", "Payment failed", { reason: err.message });
80
97
  ```
81
98
 
82
99
  ## Blocklist & Firewall
83
100
 
84
- The SDK syncs your blocklist and firewall rules from the dashboard every 60 seconds. In your own middleware you can check:
101
+ The SDK syncs your blocklist and firewall rules from the dashboard every 60 seconds. Check them in your own middleware:
85
102
 
86
- ```ts
103
+ ```js
87
104
  if (sentinel.isBlocked(req.ip)) {
88
105
  return res.status(403).json({ error: "Forbidden" });
89
106
  }
@@ -91,7 +108,7 @@ if (sentinel.isBlocked(req.ip)) {
91
108
  const match = sentinel.matchFirewallRule({
92
109
  url: req.url,
93
110
  body: req.body,
94
- headers: req.headers as Record<string, string>,
111
+ headers: req.headers,
95
112
  ip: req.ip,
96
113
  });
97
114
  if (match?.rule.action === "block") {
@@ -109,13 +126,21 @@ npx anomira scan ./src
109
126
 
110
127
  Exit code `1` if violations are found — CI/CD compatible.
111
128
 
129
+ ## Environment Variables
130
+
131
+ | Variable | Description |
132
+ |---|---|
133
+ | `SENTINEL_API_KEY` | Your Anomira API key |
134
+ | `SENTINEL_APP_ID` | Your Anomira app ID |
135
+ | `SENTINEL_INGEST_URL` | Ingest endpoint (from your dashboard) |
136
+
112
137
  ## Configuration
113
138
 
114
139
  | Option | Type | Default | Description |
115
140
  |---|---|---|---|
116
141
  | `apiKey` | `string` | — | Your Anomira API key (required) |
117
142
  | `appId` | `string` | — | Your Anomira app ID (required) |
118
- | `ingestUrl` | `string` | Anomira cloud | Custom ingest endpoint |
143
+ | `ingestUrl` | `string` | Anomira cloud | Ingest endpoint URL |
119
144
  | `debug` | `boolean` | `false` | Log SDK activity to console |
120
145
  | `captureConsole` | `boolean` | `false` | Forward `console.*` calls to the Logs dashboard |
121
146
  | `service` | `string` | `"app"` | Service name tag for logs |
@@ -126,6 +151,17 @@ Exit code `1` if violations are found — CI/CD compatible.
126
151
  | `detect.scanDetection` | `boolean` | `true` | Detect scanner/bot probing |
127
152
  | `detect.geoVelocity` | `boolean` | `true` | Detect impossible travel between logins |
128
153
 
154
+ ## Graceful Shutdown
155
+
156
+ Always flush pending events before your process exits:
157
+
158
+ ```js
159
+ process.on("SIGTERM", async () => {
160
+ await sentinel.flush();
161
+ process.exit(0);
162
+ });
163
+ ```
164
+
129
165
  ## License
130
166
 
131
167
  MIT
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@anomira/node-sdk",
3
- "version": "0.1.2",
3
+ "version": "0.1.3",
4
4
  "description": "Anomira Node.js SDK — drop-in API security monitoring for Express and Fastify",
5
5
  "author": "Anomira <sdk@anomira.io>",
6
6
  "license": "MIT",