Skip to content
/ paranoik Public

HTTP Request integrity verifier middleware for Node.js

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gmoqa/paranoik

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

paranoik

NPM Version size license

Check integrity of each request using a custom HTTP header checksum (X-Checksum).

The hash is formed by [request url, request method, request data, request user-agent, secret key] in a MD5 hash function.

Installation

npm install paranoik

Backend Usage

const express = require('express');
const paranoik = require('paranoik');

const app = express();

app.use(paranoik('YOUR_SECRET'));

Express Configuration

const options = {
    secret: YOUR_SECRET,
    whitelist: [
        '/login',
        '/recovery'
    ]
};

app.use(paranoik(options));

Frontend usage

import paranoik from 'paranoik';

axios.interceptors.request.use( async (config) => {
    config.headers.XChecksum = await paranoik.checksum('YOUR_SECRET');
    return config;
  }, function (error) {
    return Promise.reject(error);
  });

License

MIT

About

HTTP Request integrity verifier middleware for Node.js

Topics

nodejs javascript security middleware express checksum

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages