Advancing Safely in Node.js

Click here to watch the live recording

Code produced during a Meetup at NodeBR, where I taught about security in the Express.js structure of Node.js.

Technology   |    Prerequisites   |    Getting started   |    Extra links   |    How to contribute   |    License

🚀 Technology

• Express — A web framework for Node.js
• Sqlite — Library that implements an embedded SQL database
• Yup — JavaScript schema builder for value parsing and validation.
• Sentry — Open-source error tracking that helps developers monitor and fix crashes in real time.
• Express Brute — A brute-force protection middleware for express routes that rate-limits incoming requests, increasing the delay with each request in a fibonacci-like sequence.
• Express Rate Limite — Rate limiter middleware for express applications.
• Helmet — Helps you secure your Express apps by setting various HTTP headers.
• Cors — Package for providing a Connect/Express middleware that can be used to enable CORS with various options.
• Express Session — Create a session middleware with the given options.

☑️ Prerequisites

• Node.js
• NPM or Yarn
• Redis

🆙 Getting started

• Clone this repo
• Enter the folder advancing-safely-class-nodebr
• Run yarn or npm install to install the dependencies
• Copy the .env.example file and create an .env file with your Redis credentials

🎁 Extra links

• Snyk — Helps you use open source and stay secure. Continuously find and fix vulnerabilities.
• TLS — How to use the module
• NPM Trends — express-brute vs express-limiter vs express-rate-limit
• Security advisories by the NPM team

✏️ How to contribute

• Make a fork;
• Create a branck with your feature: git checkout -b my-feature;
• Commit changes: git commit -m 'feat: My new feature';
• Make a push to your branch: git push origin my-feature.

After merging your receipt request to done, you can delete a branch from yours.

📝 License

This project is under the MIT license. See the LICENSE for more information.

---

Made with by Roberto Sousa 👋 Get in touch!