BaseSecurityDecorator

Defined in: core/src/decorators/base.ts:17

Constructors

Constructor

new BaseSecurityDecorator(config, logger?): BaseSecurityDecorator

Defined in: core/src/decorators/base.ts:24

Parameters

config

agentApiKey

string | null = ...

agentBufferSize

number = ...

agentEnableEvents

boolean = ...

agentEnableMetrics

boolean = ...

agentEndpoint

string = ...

agentFlushInterval

number = ...

agentProjectId

string | null = ...

agentRetryAttempts

number = ...

agentTimeout

number = ...

autoBanDuration

number = ...

autoBanThreshold

number = ...

blacklist

string[] = ...

blockCloudProviders

Set<"AWS" | "GCP" | "Azure"> = ...

blockedCountries

string[] = ...

blockedUserAgents

string[] = ...

cloudIpRefreshInterval

number = ...

corsAllowCredentials

boolean = ...

corsAllowHeaders

string[] = ...

corsAllowMethods

string[] = ...

corsAllowOrigins

string[] = ...

corsExposeHeaders

string[] = ...

corsMaxAge

number = ...

customErrorResponses

Record<number, string> = ...

customLogFile

string | null = ...

customRequestCheck?

(req) => Promise<GuardResponse | null> = ...

customResponseModifier?

(res) => Promise<GuardResponse> = ...

detectionAnomalyThreshold

number = ...

detectionCompilerTimeout

number = ...

detectionMaxContentLength

number = ...

detectionMaxTrackedPatterns

number = ...

detectionMonitorHistorySize

number = ...

detectionPreserveAttackPatterns

boolean = ...

detectionSemanticThreshold

number = ...

detectionSlowPatternThreshold

number = ...

dynamicRuleInterval

number = ...

emergencyMode

boolean = ...

emergencyWhitelist

string[] = ...

enableAgent

boolean = ...

enableCors

boolean = ...

enableDynamicRules

boolean = ...

enableIpBanning

boolean = ...

enablePenetrationDetection

boolean = ...

enableRateLimiting

boolean = ...

enableRedis

boolean = ...

endpointRateLimits

Record<string, [number, number]> = ...

enforceHttps

boolean = ...

excludePaths

string[] = ...

geoIpHandler?

GeoIPHandler = ...

geoResolver?

(ip) => string | null = ...

logFormat

"text" | "json" = ...

logger?

Logger = ...

logRequestLevel

"INFO" | "DEBUG" | "WARNING" | "ERROR" | "CRITICAL" | null = ...

logSuspiciousLevel

"INFO" | "DEBUG" | "WARNING" | "ERROR" | "CRITICAL" | null = ...

passiveMode

boolean = ...

rateLimit

number = ...

rateLimitWindow

number = ...

redisPrefix

string = ...

redisUrl

string = ...

securityHeaders

{ contentTypeOptions: string; csp: Record<string, string[]> | null; custom: Record<string, string> | null; enabled: boolean; frameOptions: "DENY" | "SAMEORIGIN"; hsts?: { includeSubdomains: boolean; maxAge: number; preload: boolean; }; permissionsPolicy: string; referrerPolicy: string; xssProtection: string; } | null = ...

trustedProxies

string[] = ...

trustedProxyDepth

number = ...

trustXForwardedProto

boolean = ...

whitelist

string[] | null = ...

whitelistCountries

string[] = ...

logger?

Logger

Returns

BaseSecurityDecorator

Properties

agentHandler

agentHandler: AgentHandlerProtocol | null = null

Defined in: core/src/decorators/base.ts:20

---

behaviorTracker

behaviorTracker: BehaviorTracker

Defined in: core/src/decorators/base.ts:19

---

config

readonly config: object

Defined in: core/src/decorators/base.ts:21

agentApiKey

agentApiKey: string | null

agentBufferSize

agentBufferSize: number

agentEnableEvents

agentEnableEvents: boolean

agentEnableMetrics

agentEnableMetrics: boolean

agentEndpoint

agentEndpoint: string

agentFlushInterval

agentFlushInterval: number

agentProjectId

agentProjectId: string | null

agentRetryAttempts

agentRetryAttempts: number

agentTimeout

agentTimeout: number

autoBanDuration

autoBanDuration: number

autoBanThreshold

autoBanThreshold: number

blacklist

blacklist: string[]

blockCloudProviders

blockCloudProviders: Set<"AWS" | "GCP" | "Azure">

blockedCountries

blockedCountries: string[]

blockedUserAgents

blockedUserAgents: string[]

cloudIpRefreshInterval

cloudIpRefreshInterval: number

corsAllowCredentials

corsAllowCredentials: boolean

corsAllowHeaders

corsAllowHeaders: string[]

corsAllowMethods

corsAllowMethods: string[]

corsAllowOrigins

corsAllowOrigins: string[]

corsExposeHeaders

corsExposeHeaders: string[]

corsMaxAge

corsMaxAge: number

customErrorResponses

customErrorResponses: Record<number, string>

customLogFile

customLogFile: string | null

customRequestCheck?

optional customRequestCheck?: (req) => Promise<GuardResponse | null>

Parameters

req

GuardRequest

Returns

Promise<GuardResponse | null>

customResponseModifier?

optional customResponseModifier?: (res) => Promise<GuardResponse>

Parameters

res

GuardResponse

Returns

Promise<GuardResponse>

detectionAnomalyThreshold

detectionAnomalyThreshold: number

detectionCompilerTimeout

detectionCompilerTimeout: number

detectionMaxContentLength

detectionMaxContentLength: number

detectionMaxTrackedPatterns

detectionMaxTrackedPatterns: number

detectionMonitorHistorySize

detectionMonitorHistorySize: number

detectionPreserveAttackPatterns

detectionPreserveAttackPatterns: boolean

detectionSemanticThreshold

detectionSemanticThreshold: number

detectionSlowPatternThreshold

detectionSlowPatternThreshold: number

dynamicRuleInterval

dynamicRuleInterval: number

emergencyMode

emergencyMode: boolean

emergencyWhitelist

emergencyWhitelist: string[]

enableAgent

enableAgent: boolean

enableCors

enableCors: boolean

enableDynamicRules

enableDynamicRules: boolean

enableIpBanning

enableIpBanning: boolean

enablePenetrationDetection

enablePenetrationDetection: boolean

enableRateLimiting

enableRateLimiting: boolean

enableRedis

enableRedis: boolean

endpointRateLimits

endpointRateLimits: Record<string, [number, number]>

enforceHttps

enforceHttps: boolean

excludePaths

excludePaths: string[]

geoIpHandler?

optional geoIpHandler?: GeoIPHandler

geoResolver?

optional geoResolver?: (ip) => string | null

Parameters

ip

string

Returns

string | null

logFormat

logFormat: "text" | "json"

logger?

optional logger?: Logger

logRequestLevel

logRequestLevel: "INFO" | "DEBUG" | "WARNING" | "ERROR" | "CRITICAL" | null

logSuspiciousLevel

logSuspiciousLevel: "INFO" | "DEBUG" | "WARNING" | "ERROR" | "CRITICAL" | null

passiveMode

passiveMode: boolean

rateLimit

rateLimit: number

rateLimitWindow

rateLimitWindow: number

redisPrefix

redisPrefix: string

redisUrl

redisUrl: string

securityHeaders

securityHeaders: { contentTypeOptions: string; csp: Record<string, string[]> | null; custom: Record<string, string> | null; enabled: boolean; frameOptions: "DENY" | "SAMEORIGIN"; hsts?: { includeSubdomains: boolean; maxAge: number; preload: boolean; }; permissionsPolicy: string; referrerPolicy: string; xssProtection: string; } | null

trustedProxies

trustedProxies: string[]

trustedProxyDepth

trustedProxyDepth: number

trustXForwardedProto

trustXForwardedProto: boolean

whitelist

whitelist: string[] | null

whitelistCountries

whitelistCountries: string[]

---

logger

readonly logger: Logger

Defined in: core/src/decorators/base.ts:22

---

routeConfigs

routeConfigs: Map<string, RouteConfig>

Defined in: core/src/decorators/base.ts:18

Methods

applyRouteConfig()

applyRouteConfig<T>(fn): T

Defined in: core/src/decorators/base.ts:44

Type Parameters

T

T extends Function

Parameters

fn

T

Returns

T

---

ensureRouteConfig()

ensureRouteConfig(fn): RouteConfig

Defined in: core/src/decorators/base.ts:34

Parameters

fn

Function

Returns

RouteConfig

---

getRouteConfig()

getRouteConfig(routeId): RouteConfig | undefined

Defined in: core/src/decorators/base.ts:30

Parameters

routeId

string

Returns

RouteConfig | undefined

---

getRouteId()

getRouteId(fn): string

Defined in: core/src/decorators/base.ts:49

Parameters

fn

Function

Returns

string

---

initializeAgent()

initializeAgent(agentHandler): Promise<void>

Defined in: core/src/decorators/base.ts:60

Parameters

agentHandler

AgentHandlerProtocol

Returns

Promise<void>

---

initializeBehaviorTracking()

initializeBehaviorTracking(redisHandler?): Promise<void>

Defined in: core/src/decorators/base.ts:56

Parameters

redisHandler?

RedisHandlerProtocol

Returns

Promise<void>

---

sendAccessDeniedEvent()

sendAccessDeniedEvent(request, reason, decoratorType, meta?): Promise<void>

Defined in: core/src/decorators/base.ts:86

Parameters

request

GuardRequest

reason

string

decoratorType

string

meta?

Record<string, unknown>

Returns

Promise<void>

---

sendAuthenticationFailedEvent()

sendAuthenticationFailedEvent(request, reason, authType, meta?): Promise<void>

Defined in: core/src/decorators/base.ts:95

Parameters

request

GuardRequest

reason

string

authType

string

meta?

Record<string, unknown>

Returns

Promise<void>

---

sendDecoratorEvent()

sendDecoratorEvent(eventType, _request, actionTaken, reason, decoratorType, meta?): Promise<void>

Defined in: core/src/decorators/base.ts:65

Parameters

eventType

string

_request

GuardRequest

actionTaken

string

reason

string

decoratorType

string

meta?

Record<string, unknown>

Returns

Promise<void>

---

sendDecoratorViolationEvent()

sendDecoratorViolationEvent(request, violationType, reason, meta?): Promise<void>

Defined in: core/src/decorators/base.ts:113

Parameters

request

GuardRequest

violationType

string

reason

string

meta?

Record<string, unknown>

Returns

Promise<void>

---

sendRateLimitEvent()

sendRateLimitEvent(request, limit, window, meta?): Promise<void>

Defined in: core/src/decorators/base.ts:104

Parameters

request

GuardRequest

limit

number

window

number

meta?

Record<string, unknown>

Returns

Promise<void>