ident-express
Advanced tools
Adds ident authentation to your express.js routes.
How to use (in CoffeeScript):
checkIdent = require 'ident-express'
app.get '/foo', checkIdent, (req, res) ->
# Do something with req.ident
console.log "I think you are " + req.ident
Ident is described in RFC 1413. One important thing to note is that the information returned by identd should only be trusted if you trust the machine running the identd, which is the machine from which the connection has been made (the user/browser/service that is making the GET/POST/PUT request).
If your express.js app is behind a reverse-proxy such as nginx
then the IP address that express.js sees will be those of nginx,
not of the original HTTP request that was made to nginx. nginx
can set headers that reveal the real IP address. Ident express
will make use of the headers X-Real-Port, X-Real-IP, X-Server-Port
which can be set by using the following fragment of nginx config:
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Server-IP $server_addr;
proxy_set_header X-Server-Port $server_port;
FAQs
Add results from ident daemon to your express request objects
The npm package ident-express receives a total of 5 weekly downloads. As such, ident-express popularity was classified as not popular.
We found that ident-express demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.