Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
apik = auto mount koa routes with routes_folder_path
with the simplest way, you can install apes as a cli module
$ [sudo] npm install --global apik
$ apik
apik will mount routes directory as Auto-mount-folder
install as dependency
$ npm install --save apik
way 1
var apik = require('apik')
apik('./routes', 3000);
way 2
var apik = require(apik).app;
// return an express app
var app = apik('./routes');
// start server
app.listen(3000)
use .json
for simple mock-api
{
"body": {
"json": "Hello Sang!"
}
}
use .js
for all features that expressjs supported
module.exports = {
"body": "Hello world!"
}
Response.body Oriented Programming(ROP)
writing support
module.exports = {
"path": "/json",
"body": "Hello world!"
}
module.exports = {
"path": "/json",
"body": {
"json": "Hello world!"
}
}
module.exports = {
"path": "/jsonfile",
"body": "demo.json"
}
module.exports = {
"path": "/json",
"body": function(ctx, next){
ctx.body = "Hello world!"
}
}
module.exports = {
"path": "/json",
"body": [function(ctx, next) {
next()
}, function(ctx){
ctx.body = "Hello world!"
}]
}
step1: app.js
var apik = require('./index').app;
// return an express app
var app = apik('./routes');
app.set('view engine', 'pug');
// start server
app.listen(3000)
step2: install pug template
npm install pug
step3: use res.render()
module.exports = {
"path": "/view",
"body": function (ctx) {
return ctx.render('index', { title: 'Express' });
}
}
$ mkdir routes/public
and then create html/js/jcss/json file. it will be served as static server, all the same as express!
use express/connect middleware in middlewares folder
middlewares/a.js
module.exports = function a (ctx, next) {
console.log('a')
next()
}
config with middlewares options
middleware.js
module.exports = {
"path": "/middleware",
"middlewares": 'a',
"body": {
"json": "Hello middleware world!"
}
}
middlewares.js
module.exports = {
"path": "/middlewares",
"middlewares": ['a', 'b'],
"body": {
"json": "Hello middlewares world!"
}
}
get all api info at http://127.0.0.1:3000/api.json
{"data":[{"file":"/all.js","method":"all","path":"/all"},{"file":"/api/index.js","method":"get","path":"/home"},{"file":"/api/user.js","method":"get","path":"/home1"},{"file":"/demo/path.js","method":"get","path":"/demo/path"},{"file":"/demo/demo/json.js","method":"get","path":"/demo/demo/json"},{"file":"/home.js","method":"get","path":"/home"},{"file":"/json.js","method":"get","path":"/json"},{"file":"/jsonfile.js","method":"get","path":"/jsonfile"},{"file":"/middleware.js","method":"get","path":"/middleware"},{"file":"/middlewares.js","method":"get","path":"/middlewares"},{"file":"/movies.js","method":"get","path":"/movies"},{"file":"/post.js","method":"post","path":"/post"},{"file":"/simple.js","method":"get","path":"/simple"},{"file":"/users.js","method":"get","path":"/users"},{"file":"/view.js","method":"get","path":"/view"}]}
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)i5ting
i5ting@126.com如有建议或意见,请在issue提问或邮件
this repo is released under the MIT License.
FAQs
mount-routes = auto mount express routes with routes_folder_path
The npm package apik receives a total of 3 weekly downloads. As such, apik popularity was classified as not popular.
We found that apik demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.