Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
hapi-geo-locate
Advanced tools
Changelog
Version 4.1.1 - 2020-08-05
request-ip
dependency with @supercharge/request-ip
improving request IP detectionReadme
A hapi plugin to geo-locate requests
Installation · Usage · Plugin Options · Proxies and Headers
Follow @marcuspoehls for updates!
Development of this hapi plugin is supported by Future Studio University 🚀
Join the Future Studio University and Skyrocket in Node.js
A hapi plugin to geo locate requests by IP and provide request.location
in your route handlers. The plugin uses ipinfo.io for the IP geo location.
hapi v19 (or later) and Node.js v12 (or newer)
This plugin requires hapi v19 (or later) and Node.js v12 or newer.
Major Release | hapi.js version | Node.js version |
---|---|---|
v4 | >=17 hapi | >=12 |
v3 | >=17 hapi | >=8 |
v2 | <=16 hapi | >=8 |
Add hapi-geo-locate
as a dependency to your project:
npm i hapi-geo-locate
Use the 3.x
release line:
npm i hapi-geo-locate@3
Use the 2.x
release of hapi-geo-locate
with hapi v16 support. Later versions are only compatible with hapi v17 and v18.
npm i hapi-geo-locate@2
The most straight forward way to register the hapi-geo-locate
plugin:
await server.register({
plugin: require('hapi-geo-locate')
})
// went smooth like dark chocolate :)
// Within your route handler functions, you can access the location like this
server.route({
method: 'GET',
path: '/',
handler: (request, h) => {
const location = request.location
// use client location
return location
}
})
The following plugin options allow you to customize the default behavior of hapi-geo-locate
:
(boolean)
, default: true
— by default, the plugin geo locates the request by IP on every request(string)
, no default — the API token to authenticate requests against the IPinfo APIawait server.register({
plugin: require('hapi-geo-locate'),
options: {
enabledByDefault: false
authToken: 'your-ipinfo-api-token'
}
})
// Within your route handler functions, you can access the location like this
server.route({
method: 'GET',
path: '/',
handler: (request, h) => {
const location = request.location // will be undefined
return h.response(location)
}
})
The following plugin options on individual route handlers allow you to customize the behavior of hapi-geo-locate
:
(boolean)
— tells the plugin to enable (true
) or disable (false
) geo location for the request by IP(string)
— tells the plugin to use the defined IP address to geo locate the request (by this IP)The plugin configuration can be customized for single routes using the hapi-geo-locate
key:
server.register({
plugin: require('hapi-geo-locate') // enabled by default
})
// Within your route handler functions, you can access the location like this
server.route({
method: 'GET',
path: '/',
handler: (request, h) => {
const location = request.location
// use the location
return location
},
config: {
plugins: {
'hapi-geo-locate': {
enabled: true,
fakeIP: '8.8.8.8'
}
}
}
})
hapi-geo-locate
supports all proxies that request-ip does:
X-Client-IP
X-Forwarded-For
, picking the first, client IP if the request went through multiple proxies.X-Forwarded
, Forwarded-For
and Forwarded
as variations of X-Forwarded-For
CF-Connecting-IP
True-Client-Ip
X-Real-IP
X-Cluster-Client-IP
request.[connection|socket|info].remoteAddress
variations.If the IP address cannot be found, null
is returned.
Running your application behind a (reverse) proxy like nginx, the client’s IP address gets reset to localhost. You can grab the actual request IP to your app using an HTTP header.
hapi-geo-locate
uses the request-ip package to determine the external IP address. This package supports
all common HTTP headers and ways to get the request’s IP. Awesome!
You should be safe in any way :)
Do you miss a feature? Please don’t hesitate to create an issue with a short description of your desired addition to this plugin.
git checkout -b my-feature
git commit -am 'Add some feature'
git push origin my-new-feature
MIT © Future Studio
futurestud.io · GitHub @futurestudio · Twitter @futurestud_io
FAQs
Provide IP geo location for incoming requests in hapi
We found that hapi-geo-locate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.