express-brute-mongoose
Advanced tools
Mongoose store adapter for express-brute.
yarn add express-brute-mongoose
var ExpressBrute = require("express-brute");
var MongooseStore = require("express-brute-mongoose");
var BruteForceSchema = require("express-brute-mongoose/dist/schema");
var mongoose = require("mongoose");
var model = mongoose.model("bruteforce", new mongoose.Schema(BruteForceSchema));
var store = new MongooseStore(model);
var bruteforce = new ExpressBrute(store);
app.post(
"/auth",
bruteforce.prevent, // error 403 if we hit this route too often
function(req, res, next) {
res.send("Success!");
}
);
You can either use the default schema provided at express-brute-mongoose/schema or roll your own, as long as it matches the basic structural requirements of the schema as follows:
{
"_id": String,
"data": {
"count": Number,
"lastRequest": Date,
"firstRequest": Date
},
"expires": Date
}
The default schema included in the package includes a Mongo index on the _id field and another index that will automatically delete each entry 1 day after it has passed its expires time, in an effort to keep the collection clean.
Build the package with
yarn compile
Run tests with
yarn test
Run the linter with
yarn lint
You should have mongo running on port 27017 before running tests. If you have docker-compose and docker installed, you can get mongo up and running by using the following command:
docker-compose up
FAQs
Mongoose store for express-brute.
The npm package express-brute-mongoose receives a total of 542 weekly downloads. As such, express-brute-mongoose popularity was classified as not popular.
We found that express-brute-mongoose demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.