@liberstudio/cloudflare-list 2.0.1

package/README.md

@@ -0,0 +1,31 @@
+# Modulo NestJS per la gestione IP List Cloudflare
+*npm run build*
+*npm publish --access public*
+
+## Installazione
+
+```bash
+npm install @lbr/cloudflare-list
+```
+
+## Utilizzo
+
+### Configurazione
+
+Nel file di configurazione del progetto, aggiungere il modulo all'import della configurazione:
+
+```typescript
+import { CloudflareAttacksModule } from "@lbr/cloudflare-list";
+
+@Module({
+  imports: [
+    CloudflareAttacksModule.forRoot({
+      accountId: "<account_id>",
+      listId: "<list_id>",
+      apiToken: "<api_token>",
+      comment: "<comment>",
+    }),
+  ],
+})
+export class AppModule {}
+```

package/dist/attacks.module.d.ts

@@ -0,0 +1,7 @@
+import { DynamicModule, type MiddlewareConsumer, NestModule } from "@nestjs/common";
+import type { CloudflareAttacksAsyncOptions, CloudflareAttacksOptions } from "./interfaces";
+export declare class CloudflareAttacksModule implements NestModule {
+    configure(consumer: MiddlewareConsumer): void;
+    static forRoot(options: CloudflareAttacksOptions): DynamicModule;
+    static forRootAsync(options: CloudflareAttacksAsyncOptions): DynamicModule;
+}

package/dist/attacks.module.js

@@ -0,0 +1,52 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var CloudflareAttacksModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CloudflareAttacksModule = void 0;
+const common_1 = require("@nestjs/common");
+const axios_1 = require("@nestjs/axios");
+const attacks_service_1 = require("./attacks.service");
+const middleware_1 = require("./middleware");
+let CloudflareAttacksModule = CloudflareAttacksModule_1 = class CloudflareAttacksModule {
+    configure(consumer) {
+        consumer.apply(middleware_1.AttackLoggerMiddleware).forRoutes("*"); // Oppure specifica rotte precise
+    }
+    static forRoot(options) {
+        return {
+            module: CloudflareAttacksModule_1,
+            imports: [axios_1.HttpModule],
+            providers: [
+                {
+                    provide: "CLOUDFLARE_OPTIONS",
+                    useValue: options,
+                },
+            ],
+        };
+    }
+    static forRootAsync(options) {
+        return {
+            module: CloudflareAttacksModule_1,
+            imports: [axios_1.HttpModule, ...(options.imports || [])],
+            providers: [
+                {
+                    provide: "CLOUDFLARE_OPTIONS",
+                    useFactory: options.useFactory,
+                    inject: options.inject || [],
+                },
+            ],
+        };
+    }
+};
+exports.CloudflareAttacksModule = CloudflareAttacksModule;
+exports.CloudflareAttacksModule = CloudflareAttacksModule = CloudflareAttacksModule_1 = __decorate([
+    (0, common_1.Module)({
+        imports: [axios_1.HttpModule],
+        providers: [attacks_service_1.AttacksService, middleware_1.AttackLoggerMiddleware],
+        exports: [attacks_service_1.AttacksService, axios_1.HttpModule],
+    })
+], CloudflareAttacksModule);

package/dist/attacks.service.d.ts

@@ -0,0 +1,10 @@
+import { HttpService } from '@nestjs/axios';
+import type { CloudflareAttacksOptions, CloudflareResponse } from './interfaces';
+export declare class AttacksService {
+    private readonly httpService;
+    private readonly options;
+    private readonly logger;
+    private readonly API_URL;
+    constructor(httpService: HttpService, options: CloudflareAttacksOptions);
+    updateIpList(ip: string): Promise<CloudflareResponse>;
+}

package/dist/attacks.service.js

@@ -0,0 +1,62 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AttacksService = void 0;
+// attacks.service.ts
+const common_1 = require("@nestjs/common");
+const axios_1 = require("@nestjs/axios");
+const axios_2 = __importDefault(require("axios"));
+const rxjs_1 = require("rxjs");
+let AttacksService = class AttacksService {
+    constructor(httpService, options) {
+        this.httpService = httpService;
+        this.options = options;
+        this.logger = new common_1.Logger('AttackLogger');
+        this.API_URL = `https://api.cloudflare.com/client/v4/accounts`;
+    }
+    async updateIpList(ip) {
+        const { accountId, listId, apiToken, comment } = this.options;
+        const url = `${this.API_URL}/${accountId}/rules/lists/${listId}/items`;
+        this.logger.error(`Aggiungo IP ${ip} alla lista Cloudflare`);
+        const formattedIp = ip.includes('/') ? ip : `${ip}/32`;
+        const body = [{ ip: formattedIp, comment }];
+        try {
+            const response = await (0, rxjs_1.firstValueFrom)(this.httpService.post(url, body, {
+                headers: {
+                    Authorization: `Bearer ${apiToken}`,
+                    'Content-Type': 'application/json',
+                },
+            }));
+            return response.data;
+        }
+        catch (error) {
+            if (axios_2.default.isAxiosError(error)) {
+                const data = error.response?.data;
+                const message = data?.errors?.[0]?.message || 'Errore Cloudflare API';
+                const status = error.response?.status || 500;
+                throw new common_1.HttpException(message, status);
+            }
+            throw new common_1.HttpException('Internal Server Error', 500);
+        }
+    }
+};
+exports.AttacksService = AttacksService;
+exports.AttacksService = AttacksService = __decorate([
+    (0, common_1.Injectable)(),
+    __param(1, (0, common_1.Inject)('CLOUDFLARE_OPTIONS')),
+    __metadata("design:paramtypes", [axios_1.HttpService, Object])
+], AttacksService);

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export * from './interfaces';
+export * from './middleware';
+export * from './attacks.module';
+export * from './attacks.service';

package/dist/index.js

@@ -0,0 +1,20 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./interfaces"), exports);
+__exportStar(require("./middleware"), exports);
+__exportStar(require("./attacks.module"), exports);
+__exportStar(require("./attacks.service"), exports);

package/dist/interfaces/cloudflare-attacks.interface.d.ts

@@ -0,0 +1,11 @@
+export interface CloudflareAttacksOptions {
+    apiToken: string;
+    accountId: string;
+    listId: string;
+    comment: string;
+}
+export interface CloudflareAttacksAsyncOptions {
+    imports?: any[];
+    inject?: any[];
+    useFactory: (...args: any[]) => Promise<CloudflareAttacksOptions> | CloudflareAttacksOptions;
+}

package/dist/interfaces/cloudflare-attacks.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/interfaces/cloudflare-response.interface.d.ts

@@ -0,0 +1,13 @@
+export interface CloudflareResponse {
+    success: boolean;
+    errors: any[];
+    messages: any[];
+    result: {
+        operation_id: string;
+    };
+}
+export interface CloudflareErrorData {
+    errors?: Array<{
+        message: string;
+    }>;
+}

package/dist/interfaces/cloudflare-response.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/interfaces/index.d.ts

@@ -0,0 +1,2 @@
+export * from './cloudflare-attacks.interface';
+export * from './cloudflare-response.interface';

package/dist/interfaces/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./cloudflare-attacks.interface"), exports);
+__exportStar(require("./cloudflare-response.interface"), exports);

package/dist/middleware/attack-logger.middleware.d.ts

@@ -0,0 +1,12 @@
+import { NestMiddleware } from "@nestjs/common";
+import { NextFunction, Request, Response } from "express";
+import { AttacksService } from "../attacks.service";
+export declare class AttackLoggerMiddleware implements NestMiddleware {
+    private readonly attSrv;
+    private readonly logger;
+    private readonly logPath;
+    constructor(attSrv: AttacksService);
+    use(req: Request, res: Response, next: NextFunction): void;
+    private processSuspiciousRequest;
+    private getClientIp;
+}

package/dist/middleware/attack-logger.middleware.js

@@ -0,0 +1,98 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AttackLoggerMiddleware = void 0;
+const fs = __importStar(require("fs/promises")); // Passiamo alla versione asincrona
+const common_1 = require("@nestjs/common");
+const attacks_service_1 = require("../attacks.service");
+let AttackLoggerMiddleware = class AttackLoggerMiddleware {
+    constructor(attSrv) {
+        this.attSrv = attSrv;
+        this.logger = new common_1.Logger("AttackLogger");
+        this.logPath = "/var/log/nestjs-attacks.log";
+    }
+    use(req, res, next) {
+        res.on("finish", () => {
+            if (res.statusCode === 404) {
+                this.processSuspiciousRequest(req).catch((err) => {
+                    const msg = err instanceof Error ? err.message : "Unknown error";
+                    this.logger.error(`Errore nel processando attacco: ${msg}`);
+                });
+            }
+        });
+        next();
+    }
+    async processSuspiciousRequest(req) {
+        const ip = this.getClientIp(req);
+        if (ip === "unknown")
+            return;
+        const logEntry = `${new Date().toISOString()} [ATTACK] IP=${ip} METHOD=${req.method} URL=${req.url}\n`;
+        await this.attSrv.updateIpList(ip);
+        try {
+            await fs.appendFile(this.logPath, logEntry);
+        }
+        catch (error) {
+            const msg = error instanceof Error ? error.message : "FS Error";
+            this.logger.error(`Impossibile scrivere log su ${this.logPath}: ${msg}`);
+        }
+    }
+    getClientIp(req) {
+        const cfIp = req.headers["cf-connecting-ip"];
+        if (typeof cfIp === "string")
+            return cfIp;
+        const xRealIp = req.headers["x-real-ip"];
+        if (typeof xRealIp === "string")
+            return xRealIp;
+        const xForwardedFor = req.headers["x-forwarded-for"];
+        if (typeof xForwardedFor === "string") {
+            return xForwardedFor.split(",")[0].trim();
+        }
+        return req.socket.remoteAddress ?? "unknown";
+    }
+};
+exports.AttackLoggerMiddleware = AttackLoggerMiddleware;
+exports.AttackLoggerMiddleware = AttackLoggerMiddleware = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [attacks_service_1.AttacksService])
+], AttackLoggerMiddleware);

package/dist/middleware/index.d.ts

@@ -0,0 +1 @@
+export * from './attack-logger.middleware';

package/dist/middleware/index.js

@@ -0,0 +1,17 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./attack-logger.middleware"), exports);

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "@liberstudio/cloudflare-list",
+  "version": "2.0.1",
+  "description": "Modulo NestJS per gestione IP List Cloudflare",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "npx tsc",
+    "prepublishOnly": "npm run build",
+    "version:bump": "npm version patch --no-git-tag-version"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "simple-git-hooks": {
+    "pre-commit": "npm run version:bump && git add package.json package-lock.json"
+  },
+  "dependencies": {},
+  "peerDependencies": {
+    "@nestjs/axios": ">=3.0.0",
+    "@nestjs/common": ">=10.0.0",
+    "axios": ">=1.0.0",
+    "rxjs": ">=7.0.0"
+  },
+  "devDependencies": {
+    "@nestjs/axios": ">=3.0.0",
+    "@nestjs/common": ">=10.0.0",
+    "axios": ">=1.0.0",
+    "rxjs": "^7.8.0",
+    "@types/express": "^5.0.6",
+    "@types/node": "^20.9.0",
+    "simple-git-hooks": "^2.13.1",
+    "typescript": ">=5.0.0"
+  }
+}