Tor detect middleware for Express
Tor detect middleware for Express.
❤️ Awesome Features:
- Easy to redirect Tor or Surface users. 🔥
- Easy to recognize TorUsers at inside the
req
object,req.isTorUser
🍺 - No infra required, the database is json based using
lowdb
🎉 - The
strictMode
won't allow any request to access until the relays IPs are collected 📦 - The
purge
allow you to dump the database at startup ☣️ debug
is supported 💪- Refresh time is customizable 🧐
- Easy to use and great test coverage ✅
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler())
app.get('/', (req, res) => {
const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
res.send(`Are you (${ip}) a TOR user? ${req.isTorUser}`);
});
app.listen(3000, () => {
console.log('We are in port 3000!');
});
npm install tor-detect-middleware
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler())
app.get('/', (req, res) => {
const ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
res.send(`Are you (${ip}) a TOR user? ${req.isTorUser}`);
});
app.listen(3000, () => {
console.log('We are in port 3000!');
});
In this example we redirect the surface users to https://www.nytimes.com
and Tor users to https://www.nytimes3xbfgragh.onion/
. You can use both ways to redirect.
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler({
surface: "https://www.nytimes.com",
tor: "https://www.nytimes3xbfgragh.onion/"
}))
app.listen(3000, () => {
console.log('We are in port 3000!');
});
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler())
app.get('/surface-only', (req, res) => {
if(req.isTorUser) return res.status(401).send("You can't access from TOR here")
res.send('Welcome surface user!');
});
app.get('/tor-only', (req, res) => {
if(!req.isTorUser) return res.status(401).send("You can't access from the surface here")
res.send('Welcome to the dark side. We have cookies!');
});
app.listen(3000, () => {
console.log('We are in port 3000!');
});
By default we refresh the IP list every hour, but you can modify the ms as you wish.
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler({refreshMs: 600000}))
//...
Special behaviour in Strict mode:
- The server will stop at startup if
https://onionoo.torproject.org/details
url is down - The server will wait until there is a list ready to dispatch requests. (Few seconds)
Note: if there is a list stored you wont surfer any problem, as we start the service from the previous list.
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler({
strictMode: true
}))
//...
You can purge the list by default at the startup of the service.
const express = require('express');
const torUserHandler = require('tor-detect-middleware')
const app = express();
app.use(torUserHandler({
purge: true
}))
//...
Development only:
Production only:
- debug - Debug the app
- got - Download TOR infra data
- ip-regex - Validate relays IPs
- lowdb - Store and query IPs
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning. For the versions available, see the tags on this repository.
- Ulises Gascón - *Initial work- - @ulisesGascon
See also the list of contributors who participated in this project.
This project is licensed under the GNU AGPL3.0 License - see the LICENSE.md file for details
- This project is under development, but you can help us to improve it! We ❤️ FOSS!