express-devguard
Advanced tools
A plug-and-play middleware suite for small scale APIs: logging + validation + rate-limiting, all in one package.
Plug-and-play middleware suite for Express.js
Includes API request logging, rate-limiting, and request body validation — perfect for small to mid-scale API projects.
npm install express-devguard
import express from "express";
import { apiLogger, rateLimiter, validateSchema } from "express-devguard";
const app = express();
app.use(express.json());
// Logger middleware
app.use(
apiLogger({
redact: ["password"], // Hides sensitive fields
logToFile: true, // saves logs to 'requests.log'
})
);
// Rate limiter
app.use(
rateLimiter({
windowMs: 10 * 60 * 1000,
max: 10,
message: "Too much requests detected!!",
})
);
// Schema validation
const schema = {
username: {
required: true,
type: "string" as const,
minLength: 3,
},
password: {
required: true,
type: "string" as const,
minLength: 8,
},
};
app.post("/login", validateSchema(schema), (req, res) => {
res.send({ message: "Logged in" });
});
app.listen(3000, () => {
console.log("Server running at http://localhost:3000");
});
apiLogger(options)| Option | Type | Description |
|---|---|---|
redact | string[] | Keys to hide in request body logs |
logToFile | boolean | Whether to save logs to a file |
logFilePath | string | Custom log file path (default: requests.log) |
rateLimiter(options)| Option | Type | Description |
|---|---|---|
windowMs | number | Time window in milliseconds |
max | number | Max number of requests per IP per window |
message | string | Response message when rate limit is hit |
validateSchema(schema)Validates incoming req.body using custom rules.
| Rule | Type | Description |
|---|---|---|
required | boolean | Whether the field is required |
type | "string" | "number" | "boolean" | Expected type of the value |
minLength | number | Minimum string length |
maxLength | number | Maximum string length |
min | number | Minimum numeric value |
max | number | Maximum numeric value |
MIT
FAQs
A plug-and-play middleware suite for small scale APIs: logging + validation + rate-limiting, all in one package.
We found that express-devguard demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.