@yognky/premium-security 1.0.0

package/src/utils/logger.ts

@@ -0,0 +1,174 @@
+import fs from 'fs';
+import path from 'path';
+
+export enum LogLevel {
+  INFO = 'INFO',
+  WARNING = 'WARNING',
+  ERROR = 'ERROR',
+  ATTACK = 'ATTACK',
+  DEBUG = 'DEBUG'
+}
+
+export interface LogEntry {
+  timestamp: string;
+  level: LogLevel;
+  message: string;
+  ip?: string;
+  attackType?: string;
+  details?: any;
+}
+
+class Logger {
+  private logFile: string;
+  private enableFileLogging: boolean;
+  private enableConsoleLogging: boolean;
+  private logBuffer: LogEntry[] = [];
+  private bufferSize: number = 100;
+
+  constructor() {
+    this.logFile = path.join(process.cwd(), 'yongky-security.log');
+    this.enableFileLogging = true;
+    this.enableConsoleLogging = true;
+    this.initLogFile();
+  }
+
+  private initLogFile() {
+    if (!fs.existsSync(this.logFile)) {
+      fs.writeFileSync(this.logFile, `# YOGNKY SECURITY LOG\n# Started at: ${new Date().toISOString()}\n\n`);
+    }
+  }
+
+  private formatLogEntry(entry: LogEntry): string {
+    return `[${entry.timestamp}] [${entry.level}] ${entry.message}${entry.ip ? ` | IP: ${entry.ip}` : ''}${entry.attackType ? ` | Attack: ${entry.attackType}` : ''}`;
+  }
+
+  private async writeToFile(entry: LogEntry) {
+    if (!this.enableFileLogging) return;
+    
+    this.logBuffer.push(entry);
+    if (this.logBuffer.length >= this.bufferSize) {
+      await this.flushLogs();
+    }
+  }
+
+  private async flushLogs() {
+    const logsToWrite = this.logBuffer.splice(0, this.bufferSize);
+    const logText = logsToWrite.map(entry => this.formatLogEntry(entry)).join('\n') + '\n';
+    
+    try {
+      fs.appendFileSync(this.logFile, logText);
+    } catch (error) {
+      console.error('Failed to write log:', error);
+    }
+  }
+
+  public log(level: LogLevel, message: string, metadata?: any) {
+    const entry: LogEntry = {
+      timestamp: new Date().toISOString(),
+      level,
+      message,
+      ...metadata
+    };
+
+    if (this.enableConsoleLogging) {
+      const colors = {
+        [LogLevel.INFO]: '\x1b[36m',     // Cyan
+        [LogLevel.WARNING]: '\x1b[33m',  // Yellow
+        [LogLevel.ERROR]: '\x1b[31m',    // Red
+        [LogLevel.ATTACK]: '\x1b[35m',   // Magenta
+        [LogLevel.DEBUG]: '\x1b[32m'     // Green
+      };
+      const reset = '\x1b[0m';
+      console.log(`${colors[level]}${this.formatLogEntry(entry)}${reset}`);
+    }
+
+    this.writeToFile(entry);
+  }
+
+  public info(message: string, metadata?: any) {
+    this.log(LogLevel.INFO, message, metadata);
+  }
+
+  public warning(message: string, metadata?: any) {
+    this.log(LogLevel.WARNING, message, metadata);
+  }
+
+  public error(message: string, metadata?: any) {
+    this.log(LogLevel.ERROR, message, metadata);
+  }
+
+  public attack(attackType: string, ip: string, details?: any) {
+    this.log(LogLevel.ATTACK, `${attackType} detected`, {
+      ip,
+      attackType,
+      details
+    });
+  }
+
+  public debug(message: string, metadata?: any) {
+    if (process.env.NODE_ENV === 'development') {
+      this.log(LogLevel.DEBUG, message, metadata);
+    }
+  }
+
+  public async getLogs(level?: LogLevel, limit: number = 100): Promise<LogEntry[]> {
+    try {
+      const content = fs.readFileSync(this.logFile, 'utf-8');
+      const lines = content.split('\n').filter(line => line.trim());
+      const logs: LogEntry[] = [];
+      
+      for (const line of lines) {
+        if (line.startsWith('#')) continue;
+        
+        const match = line.match(/\[(.*?)\] \[(.*?)\] (.*?)(?: \| IP: (.*?))?(?: \| Attack: (.*?))?/);
+        if (match) {
+          const [, timestamp, level, message, ip, attackType] = match;
+          if (!level || (level && (!level || level === level))) {
+            logs.push({ timestamp, level: level as LogLevel, message, ip, attackType });
+          }
+        }
+      }
+      
+      return logs.slice(-limit);
+    } catch (error) {
+      this.error('Failed to read logs', error);
+      return [];
+    }
+  }
+
+  public async clearLogs() {
+    try {
+      fs.writeFileSync(this.logFile, `# YOGNKY SECURITY LOG\n# Cleared at: ${new Date().toISOString()}\n\n`);
+      this.logBuffer = [];
+      this.info('Logs cleared successfully');
+    } catch (error) {
+      this.error('Failed to clear logs', error);
+    }
+  }
+
+  public async getStatistics() {
+    const logs = await this.getLogs();
+    const stats = {
+      totalAttacks: logs.filter(log => log.level === LogLevel.ATTACK).length,
+      totalErrors: logs.filter(log => log.level === LogLevel.ERROR).length,
+      topAttackTypes: {} as Record<string, number>,
+      topIPs: {} as Record<string, number>,
+      timeline: {} as Record<string, number>
+    };
+    
+    for (const log of logs) {
+      if (log.attackType) {
+        stats.topAttackTypes[log.attackType] = (stats.topAttackTypes[log.attackType] || 0) + 1;
+      }
+      if (log.ip) {
+        stats.topIPs[log.ip] = (stats.topIPs[log.ip] || 0) + 1;
+      }
+      const date = log.timestamp.split('T')[0];
+      stats.timeline[date] = (stats.timeline[date] || 0) + 1;
+    }
+    
+    return stats;
+  }
+}
+
+export const logger = new Logger();

package/test/bruteforce.test.ts

@@ -0,0 +1,34 @@
+import request from 'supertest';
+import express from 'express';
+import { bruteforceProtection } from '../src/defenses/bruteforce';
+
+describe('Anti Brute Force', () => {
+  let app: express.Application;
+
+  beforeEach(() => {
+    app = express();
+    app.use(express.json());
+    app.use(bruteforceProtection);
+    app.post('/login', (req, res) => res.json({ message: 'OK' }));
+  });
+
+  test('should allow first 4 attempts', async () => {
+    for (let i = 0; i < 4; i++) {
+      const response = await request(app)
+        .post('/login')
+        .send({ username: 'admin', password: 'wrong' });
+      expect(response.status).toBe(200);
+    }
+  });
+
+  test('should block after 5 attempts', async () => {
+    for (let i = 0; i < 5; i++) {
+      await request(app).post('/login').send({ username: 'admin', password: 'wrong' });
+    }
+    const response = await request(app)
+      .post('/login')
+      .send({ username: 'admin', password: 'wrong' });
+    expect(response.status).toBe(429);
+    expect(response.body.error).toContain('Brute Force');
+  });
+});

package/test/ddos.test.ts

@@ -0,0 +1,30 @@
+import request from 'supertest';
+import express from 'express';
+import { ddosProtection } from '../src/defenses/ddos';
+
+describe('Anti DDoS Protection', () => {
+  let app: express.Application;
+
+  beforeEach(() => {
+    app = express();
+    app.use(ddosProtection({ maxPerMinute: 5, blockDuration: 10 }));
+    app.get('/', (req, res) => res.json({ message: 'OK' }));
+  });
+
+  test('should allow requests under limit', async () => {
+    for (let i = 0; i < 5; i++) {
+      const response = await request(app).get('/');
+      expect(response.status).toBe(200);
+    }
+  });
+
+  test('should block requests over limit', async () => {
+    for (let i = 0; i < 6; i++) {
+      const response = await request(app).get('/');
+      if (i >= 5) {
+        expect(response.status).toBe(429);
+        expect(response.body.error).toContain('DDoS');
+      }
+    }
+  });
+});

package/test/integration.test.ts

@@ -0,0 +1,44 @@
+import request from 'supertest';
+import express from 'express';
+import ModulesEz from '../src/index';
+
+describe('YONGKY SECURITY - Integration Tests', () => {
+  let app: express.Application;
+
+  beforeEach(() => {
+    app = express();
+    app.use(express.json());
+  });
+
+  test('should load all defenses', () => {
+    ModulesEz({
+      anti_ddos: true,
+      anti_sql: true,
+      anti_xss: true,
+      anti_curl: true,
+      anti_header: true,
+      anti_bruteforce: true,
+      anti_rateLimit: true,
+      anti_malware: true
+    })(app);
+
+    expect(app._router.stack.length).toBeGreaterThan(5);
+  });
+
+  test('should block SQL injection', async () => {
+    ModulesEz({ anti_sql: true })(app);
+    app.get('/test', (req, res) => res.json({ ok: true }));
+
+    const response = await request(app)
+      .get('/test?name=john\' OR \'1\'=\'1');
+    expect(response.status).toBe(403);
+  });
+
+  test('should respect whitelist', async () => {
+    ModulesEz({ anti_pengunjung: '127.0.0.1' })(app);
+    app.get('/test', (req, res) => res.json({ ok: true }));
+
+    const response = await request(app).get('/test');
+    expect(response.status).toBe(200);
+  });
+});

package/test/sql.test.ts

@@ -0,0 +1,39 @@
+import request from 'supertest';
+import express from 'express';
+import { sqlInjectionProtection } from '../src/defenses/sqlInjection';
+
+describe('Anti SQL Injection', () => {
+  let app: express.Application;
+
+  beforeEach(() => {
+    app = express();
+    app.use(express.json());
+    app.use(sqlInjectionProtection);
+    app.get('/test', (req, res) => res.json({ message: 'OK' }));
+    app.post('/test', (req, res) => res.json({ message: 'OK' }));
+  });
+
+  test('should allow normal requests', async () => {
+    const response = await request(app).get('/test?name=john');
+    expect(response.status).toBe(200);
+  });
+
+  test('should block SQL injection in query', async () => {
+    const response = await request(app).get('/test?name=john\' OR \'1\'=\'1');
+    expect(response.status).toBe(403);
+    expect(response.body.error).toContain('SQL Injection');
+  });
+
+  test('should block SQL injection in body', async () => {
+    const response = await request(app)
+      .post('/test')
+      .send({ name: "admin' --", password: "anything" });
+    expect(response.status).toBe(403);
+  });
+
+  test('should block UNION injection', async () => {
+    const response = await request(app)
+      .get('/test?id=1 UNION SELECT * FROM users');
+    expect(response.status).toBe(403);
+  });
+});

package/test/xss.test.ts

@@ -0,0 +1,39 @@
+import request from 'supertest';
+import express from 'express';
+import { xssProtection } from '../src/defenses/xss';
+
+describe('Anti XSS Protection', () => {
+  let app: express.Application;
+
+  beforeEach(() => {
+    app = express();
+    app.use(express.json());
+    app.use(xssProtection);
+    app.get('/test', (req, res) => res.json({ message: 'OK' }));
+    app.post('/test', (req, res) => res.json({ message: 'OK' }));
+  });
+
+  test('should allow normal input', async () => {
+    const response = await request(app).get('/test?name=john');
+    expect(response.status).toBe(200);
+  });
+
+  test('should block script tag', async () => {
+    const response = await request(app)
+      .get('/test?name=<script>alert("xss")</script>');
+    expect(response.status).toBe(403);
+  });
+
+  test('should block javascript protocol', async () => {
+    const response = await request(app)
+      .get('/test?url=javascript:alert(1)');
+    expect(response.status).toBe(403);
+  });
+
+  test('should block onerror event', async () => {
+    const response = await request(app)
+      .post('/test')
+      .send({ comment: '<img src=x onerror=alert(1)>' });
+    expect(response.status).toBe(403);
+  });
+});

package/test-module.js

@@ -0,0 +1,23 @@
+const express = require('express');
+const app = express();
+const yognky = require('./dist/index.js').default;
+
+console.log('Module loaded:', typeof yognky);
+
+yognky({
+  anti_ddos: { maxPerMinute: 5, blockDuration: 10 }
+})(app);
+
+app.get('/', (req, res) => res.json({ ok: true }));
+
+app.listen(3001, () => {
+  console.log('Test server di port 3001');
+  console.log('Kirim 10 request:');
+  
+  setTimeout(() => {
+    for (let i = 1; i <= 10; i++) {
+      fetch('http://localhost:3001/')
+        .then(res => console.log(`Request ${i}: ${res.status}`));
+    }
+  }, 1000);
+});

package/tsconfig.build.json

@@ -0,0 +1,17 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "sourceMap": false,
+    "declarationMap": false,
+    "removeComments": true,
+    "noEmitOnError": true
+  },
+  "exclude": [
+    "node_modules",
+    "dist",
+    "tests",
+    "examples",
+    "**/*.test.ts",
+    "**/*.spec.ts"
+  ]
+}

package/tsconfig.json

@@ -0,0 +1,26 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "lib": ["ES2020", "DOM"],
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "strict": false,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": false,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true,
+    "moduleResolution": "node",
+    "resolveJsonModule": true,
+    "allowSyntheticDefaultImports": true,
+    "noImplicitAny": false,
+    "noUnusedLocals": false,
+    "noUnusedParameters": false,
+    "removeComments": false,
+    "preserveConstEnums": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist", "tests", "examples"]
+}