npm - @hackthedev/dsync-ipsec - Versions diffs - 1.0.1 → 1.0.3 - Mend

@hackthedev/dsync-ipsec 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/.github/workflows/publish.yml +43 -0
package/README.md +4 -0
package/index.mjs +72 -59
package/package.json +1 -1

package/.github/workflows/publish.yml ADDED Viewed

@@ -0,0 +1,43 @@
+name: Publish to npm
+on:
+  push:
+    branches:
+      - main
+permissions:
+  contents: write
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: true
+      - name: Skip version bump commits
+        run: |
+          if git log -1 --pretty=%B | grep -q "chore: bump version"; then
+            echo "Version bump commit detected, skipping."
+            exit 0
+          fi
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          registry-url: https://registry.npmjs.org/
+      - run: npm ci
+      - run: |
+          git config user.name "github-actions"
+          git config user.email "actions@github.com"
+          npm version patch -m "chore: bump version %s"
+          git push
+      - run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/README.md CHANGED Viewed

@@ -7,6 +7,10 @@ This library comes with features meant to prevent abuse in form of spam and othe
 The library was designed for usage with `express` and filtering abusive and (potentially) malicious traffic based on the IP address.
+> [!IMPORTANT]
+>
+> It is highly recommended that you cache or store the API response!!!!
 ------
 ## Setup

package/index.mjs CHANGED Viewed

@@ -19,7 +19,9 @@ export default class dSyncIPSec {
                         "::1",
                         "127.0.0.1",
                         "localhost"
-                    ]
+                    ],
+                    //
+                    checkCache = null
                 } = {}) {
         this.blockBogon = blockBogon;
@@ -30,72 +32,78 @@ export default class dSyncIPSec {
         this.blockVPN = blockVPN;
         this.blockTor = blockTor;
         this.blockAbuser = blockAbuser;
-        this.blockedCountryCodes = blockedCountryCodes;
-        this.urlWhitelist = new ArrayTools(whitelistedUrls)
-        this.ipWhitelist = new ArrayTools(whitelistedIps)
-        this.ipBlacklist = new ArrayTools(blacklistedIps)
-        this.companyDomainWhitelist = new ArrayTools(whitelistedCompanyDomains)
-        this.blockedCountriesByCode = new ArrayTools(blockedCountryCodes)
+        this.urlWhitelist = whitelistedUrls;
+        this.ipWhitelist = whitelistedIps;
+        this.ipBlacklist = blacklistedIps;
+        this.companyDomainWhitelist = whitelistedCompanyDomains;
+        this.blockedCountriesByCode = blockedCountryCodes;
+        this.checkCache = checkCache;
     }
     updateRule({
-                    blockBogon = null,
-                    blockDatacenter = null,
-                    blockSatelite = null,
-                    blockCrawler = null,
-                    blockProxy = null,
-                    blockVPN = null,
-                    blockTor = null,
-                    blockAbuser = null,
+                   blockBogon = null,
+                   blockDatacenter = null,
+                   blockSatelite = null,
+                   blockCrawler = null,
+                   blockProxy = null,
+                   blockVPN = null,
+                   blockTor = null,
+                   blockAbuser = null,
                    whitelistedUrls = null,
                    whitelistedIps = null,
                    blockedCountryCodes = null,
                    whitelistedCompanyDomains = null,
                    blacklistedIps = null,
-                }){
-        if(blockBogon !== null) this.blockBogon = blockBogon
-        if(blockDatacenter !== null) this.blockDatacenter = blockDatacenter
-        if(blockSatelite !== null) this.blockSatelite =blockSatelite
-        if(blockCrawler !== null) this.blockCrawler = blockCrawler
-        if(blockProxy !== null) this.blockProxy = blockProxy
-        if(blockVPN !== null) this.blockVPN = blockVPN
-        if(blockTor !== null) this.blockTor = blockTor
-        if(blockAbuser !== null) this.blockAbuser = blockAbuser
-        if(whitelistedUrls !== null) this.urlWhitelist = new ArrayTools(whitelistedUrls)
-        if(whitelistedIps !== null) this.ipWhitelist = new ArrayTools(whitelistedIps)
-        if(blacklistedIps !== null) this.ipBlacklist = new ArrayTools(blacklistedIps)
-        if(blockedCountryCodes !== null) this.blockedCountriesByCode = new ArrayTools(blockedCountryCodes)
+               }) {
+        if (blockBogon !== null) this.blockBogon = blockBogon
+        if (blockDatacenter !== null) this.blockDatacenter = blockDatacenter
+        if (blockSatelite !== null) this.blockSatelite = blockSatelite
+        if (blockCrawler !== null) this.blockCrawler = blockCrawler
+        if (blockProxy !== null) this.blockProxy = blockProxy
+        if (blockVPN !== null) this.blockVPN = blockVPN
+        if (blockTor !== null) this.blockTor = blockTor
+        if (blockAbuser !== null) this.blockAbuser = blockAbuser
+        if (whitelistedUrls !== null) this.urlWhitelist = whitelistedUrls
+        if (whitelistedIps !== null) this.ipWhitelist = whitelistedIps
+        if (blacklistedIps !== null) this.ipBlacklist = blacklistedIps
+        if (blockedCountryCodes !== null) this.blockedCountriesByCode = blockedCountryCodes
     }
-    whitelistIP(ip, allowDuplicates = false){
-        if(!ip) throw new Error("Unable to whitelist ip as no ip was provided.");
-        if(!this.ipWhitelist.matches(ip) && !allowDuplicates) this.ipWhitelist.addEntry(ip);
-        if(this.ipBlacklist.matches(ip)) this.ipBlacklist.removeEntry(ip);
+    whitelistIP(ip, allowDuplicates = false) {
+        if (!ip) throw new Error("Unable to whitelist ip as no ip was provided.");
+        if (!ArrayTools.matches(this.ipWhitelist, ip) && !allowDuplicates)
+            ArrayTools.addEntry(this.ipWhitelist, ip);
+        if (ArrayTools.matches(this.ipBlacklist, ip))
+            this.ipBlacklist = ArrayTools.removeEntry(this.ipBlacklist, ip);
     }
-    blacklistIp(ip, allowDuplicates = false){
-        if(!ip) throw new Error("Unable to blacklist ip as no ip was provided.");
-        if(!this.ipBlacklist.matches(ip) && !allowDuplicates) this.ipBlacklist.addEntry(ip);
-        if(this.ipWhitelist.matches(ip)) this.ipWhitelist.removeEntry(ip);
+    blacklistIp(ip, allowDuplicates = false) {
+        if (!ip) throw new Error("Unable to blacklist ip as no ip was provided.");
+        if (!ArrayTools.matches(this.ipBlacklist, ip) && !allowDuplicates)
+            ArrayTools.addEntry(this.ipBlacklist, ip);
+        if (ArrayTools.matches(this.ipWhitelist, ip))
+            this.ipWhitelist = ArrayTools.removeEntry(this.ipWhitelist, ip);
     }
-    isBlacklistedIp(ip){
-        if(!ip) throw new Error("Coudlnt check ip blacklist as no ip was provided.")
-        return this.ipBlacklist.matches(ip);
+    isBlacklistedIp(ip) {
+        if (!ip) throw new Error("Coudlnt check ip blacklist as no ip was provided.")
+        return ArrayTools.matches(this.ipBlacklist, ip)
     }
-    isWhitelistedIp(ip){
-        if(!ip) throw new Error("Coudlnt check ip blacklist as no ip was provided.")
-        return this.ipWhitelist.matches(ip);
+    isWhitelistedIp(ip) {
+        if (!ip) throw new Error("Coudlnt check ip blacklist as no ip was provided.")
+        return ArrayTools.matches(this.ipWhitelist, ip)
     }
-    async filterExpressTraffic(app){
-        if(!app) throw new Error("Unable to filter express traffic as no express app was provided.");
+    async filterExpressTraffic(app) {
+        if (!app) throw new Error("Unable to filter express traffic as no express app was provided.");
         app.use(async (req, res, next) => {
             const ipInfo = await this.lookupIP(this.getClientIp(req));
@@ -103,18 +111,18 @@ export default class dSyncIPSec {
             // whitelist some urls for functionality
             let reqPath = req.path;
-            if(!reqPath) throw new Error("Unable to get request path from req parameter as it wasnt specified or null");
+            if (!reqPath) throw new Error("Unable to get request path from req parameter as it wasnt specified or null");
             // first check for ip blacklist
-            if(this.ipBlacklist.matches(ipInfo?.ip)) return res.sendStatus(403);
+            if (ArrayTools.matches(this.ipBlacklist, ipInfo?.ip)) return res.sendStatus(403);
             // then we can check for whitelisted urls as these bypass normal checks
             // url whitelist
-            if(this.urlWhitelist.matches(reqPath)) return next();
+            if (ArrayTools.matches(this.urlWhitelist, reqPath)) return next();
             // let whitelisted ips pass
-            if(this.ipWhitelist.matches(ipInfo?.ip)) return next();
+            if (ArrayTools.matches(this.ipWhitelist, ipInfo?.ip)) return next();
             // company domain whitelist
-            if(this.companyDomainWhitelist.matches(ipInfo?.company?.domain)) return next();
+            if (ArrayTools.matches(this.companyDomainWhitelist, ipInfo?.company?.domain)) return next();
             // looking kinda beautiful
             if (ipInfo?.is_bogon && this.blockBogon) return res.sendStatus(403);
@@ -128,7 +136,7 @@ export default class dSyncIPSec {
             if (
                 ipInfo.location?.country_code &&
-                this.blockedCountriesByCode.matches(ipInfo?.location?.country_code?.toLowerCase())
+                ArrayTools.matches(this.blockedCountriesByCode, ipInfo?.location?.country_code?.toLowerCase())
             ) return res.sendStatus(403);
             // continue
@@ -137,25 +145,30 @@ export default class dSyncIPSec {
     }
     getClientIp(req) {
-        if(!req) throw new Error("Unable to get client ip from req parameter as it wasnt specified or null");
+        if (!req) throw new Error("Unable to get client ip from req parameter as it wasnt specified or null");
         const xf = req.headers["x-forwarded-for"];
         if (xf) return xf.split(",")[0].trim();
         return req.socket?.remoteAddress || req.connection?.remoteAddress;
     }
-    async lookupIP(ip){
-        if(!ip) throw new Error("Unable to lookup ip as it wasnt provided.")
+    async lookupIP(ip) {
+        if (!ip) throw new Error("Unable to lookup ip as it wasnt provided.")
         // if an ip is blacklisted we return with an error "reponse"
-        if(this.isBlacklistedIp(ip)) return {error: `IP ${ip} was local.`};
+        if (this.isBlacklistedIp(ip)) return {error: `IP ${ip} was blacklisted.`};
+        // if we use cache we can skip the fetch
+        if (this.checkCache && typeof this.checkCache === "function") {
+            let ipInfo = await this.checkCache(ip);
+            if (ipInfo) return ipInfo;
+        }
         // make request to get ip info
         let ipRequest = await fetch(`https://api.ipapi.is/?q=${ip}`);
-        if(ipRequest.status === 200){
+        if (ipRequest.status === 200) {
             let ipData = await ipRequest.json();
             return ipData;
-        }
-        else{
+        } else {
             return {error: "Failed to fetch IP data"};
         }
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hackthedev/dsync-ipsec",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "IP Based Security Library against Abuse",
   "license": "ISC",
   "author": "",