Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

nestjs-hmac256-guard

Package Overview
Dependencies
Maintainers
1
Versions
7
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

nestjs-hmac256-guard

HMAC authentication guard for NestJS

  • 1.0.6
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
21
increased by162.5%
Maintainers
1
Weekly downloads
 
Created
Source

NestJS module to support HMAC 256 verification

This module implement HMAC256 request verification base on requirement here - (https://learn.microsoft.com/en-us/azure/azure-app-configuration/rest-api-authentication-hmac)

Basic usage with all default

import { HMacModule } from 'nestjs-hmac256-guard';

@Module({
  imports: [
    HMacModule.register({ HMAC_HASH_SECRET: 'this is my hash secret' }),
  ],
  controllers: [AppController],
  providers: [AppService],
})
export class AppModule {}

Then use Guard

import { HmacGuard } from 'nestjs-hmac256-guard';
@Controller()
@UseGuards(HmacGuard)
export class AppController {

}

Customise header name

import { HMacModule } from 'nestjs-hmac256-guard';

@Module({
  imports: [
    HMacModule.register({ 
        HMAC_HASH_SECRET: 'this is my hash secret',
        HMAC_SIGNATURE_HEADER_NAME : 'x-my-hmac256-signature'
        REQUEST_CONTENT_HASH_HEADER_NAME: 'x-content-sha26',
        REQUEST_DATE_HEADER_NAME: 'x-date',
        MAX_REQUEST_MINUTES_ALLOW = 900
     }),
  ],
  controllers: [AppController],
  providers: [AppService],
})

Default value

HMAC_SIGNATURE_HEADER_NAME: x-signature

REQUEST_CONTENT_HASH_HEADER_NAME: x-content-sha26

MAX_REQUEST_MINUTES_ALLOW: 900 REQUEST_DATE_HEADER_NAME: x-date

Custom hash format

import { HMacModule } from 'nestjs-hmac256-guard';

@Module({
  imports: [
    HMacModule.register({ 
        HMAC_HASH_SECRET: 'this is my hash secret',
        getStringToHash: ({
            verb,
            url,
            host,
            date,
            contentHash,
        }) => {
            return 'your custom string format if that not same with default '
        }
     }),
  ],
  controllers: [AppController],
  providers: [AppService],
})

Keywords

FAQs

Package last updated on 19 Dec 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs

Security News

New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs

PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.

By Sarah Gooding  -  Jan 07, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc