Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
rjweb-server
Advanced tools
Easy and Lightweight Way to create a Web Server in Node.js
npm i rjweb-server
or
yarn add rjweb-server
or
pnpm add rjweb-server
Importing
import * as webserver from "rjweb-server"
Interface for ctr Object
import { ctr } from "rjweb-server/interfaces"
const routes = new webserver.routeList()
routes.set(webserver.types.get, '/hello', async(ctr: ctr) => {
if (!ctr.queries.has("name")) return ctr.print('please supply the name queries!!')
return ctr.print(`Hello, ${ctr.queries.get("name")}! How are you doing?`)
})
// ...
Custom Properties in Ctr Object (This also works in JavaScript, just remove the interface logic)
import * as webserver from "rjweb-server"
import { ctr as ctrPreset, ctrFile as ctrFilePreset } from "rjweb-server/interfaces"
interface Custom {
count: number
}
interface ctr<HasError = false, Body = any> extends ctrPreset<Custom, HasError, Body> {}
interface ctrFile<Body = any> extends ctrFilePreset<Custom, Body> {}
const routes = new webserver.routeList()
routes.set(webserver.types.get, '/hello', async(ctr: ctr) => {
if (!ctr.queries.has("name")) return ctr.print('please supply the name queries!!')
return ctr.print(`Hello, ${ctr.queries.get("name")}! You are Visit nr.${ctr['@'].count}`)
})
let count = 0
routes.event('request', async(ctr: ctr) => {
ctr.setCustom('count', ++count)
console.log(`request made to ${decodeURI(ctr.url.pathname)} by ${ctr.client.ip}`)
})
routes.event('error', async(ctr: ctr<true>) => {
console.log(`error on path ${decodeURI(ctr.url.pathname)}!!!`)
console.error(ctr.error.stack)
ctr.status(500)
ctr.print('server error')
})
webserver.start({
bind: '0.0.0.0', // The IP thats bound to
port: 5000, // The Port which the Server runs on
routes: routes // The Routes Object
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
})
Function File
import * as webserver from "rjweb-server"
import { ctr as ctrPreset, ctrFile as ctrFilePreset } from "rjweb-server/interfaces"
interface Custom {
count: number
} // You should import / export this Interface Stuff (look examples section)
interface Body {
username?: string
}
interface ctr<HasError = false, Body = any> extends ctrPreset<Custom, HasError, Body> {}
interface ctrFile<Body = any> extends ctrFilePreset<Custom, Body> {}
export = {
method: webserver.types.post,
path: '/v2/account',
async code(ctr) {
if (!('username' in ctr.body)) return ctr.print('no username in body!!')
ctr.status(204).print(ctr.body.username)
}
} as ctrFile<Body>
Initialize Server
const webserver = require('rjweb-server')
const routes = new webserver.routeList()
// ctr.queries.get... is ?name=
routes.set(webserver.types.get, '/hello', async(ctr) => {
if (!ctr.queries.has("name")) return ctr.print('please supply the name Query!!')
return ctr.print(`Hello, ${ctr.queries.get("name")}! How are you doing?`)
})
// ctr.params.get... is :name, example /hello/0x4096
routes.set(webserver.types.get, '/hello/:name', async(ctr) => {
return ctr.print(`Hello, ${ctr.params.get("name")}! How are you doing?`)
})
// ctr.params.get... is :name, example /hello/0x4096
routes.set(webserver.types.post, '/post', async(ctr) => {
return ctr.print(`Hello, ${ctr.body}! How are you doing?`)
})
routes.set(webserver.types.get, '/profile/:user', async(ctr) => {
ctr.setHeader('Content-Type', 'image/png')
return ctr.printFile(`../images/profile/${ctr.params.get('user')}.png`)
})
webserver.start({
bind: '0.0.0.0', // The IP thats bound to
body: 20, // The Max POST Body in MB
cors: false, // If Cors Headers will be added
port: 5000, // The Port which the Server runs on
routes: routes, // The Routes Object
proxy: true // If enabled, alternate IPs will be shown
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
Serve Static Files
const webserver = require('rjweb-server')
const routes = new webserver.routeList()
routes.static('/', './html', {
preload: false, // If enabled will load every static files content into Memory
remHTML: true // If enabled will remove the html ending from files when serving
}) // The html folder is in the root directory
webserver.start({
bind: '0.0.0.0',
cors: false,
port: 5000,
routes: routes,
proxy: true
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
Custom Not Found / Server Error Page
const routes = new webserver.routeList()
routes.event('notfound', async(ctr) => {
ctr.status(404)
return ctr.print(`page "${ctr.url.pathname}" not found`)
})
routes.event('error', async(ctr) => {
ctr.status(500)
ctr.print(`ERROR!!! ${ctr.error.message}`)
return console.log(ctr.error)
})
webserver.start({
bind: '0.0.0.0',
cors: false,
port: port,
routes: routes,
proxy: true
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
Custom Function on every request
const routes = new webserver.routeList()
routes.event('request', async(ctr) => {
return console.log(`request made to ${decodeURI(ctr.url.href)} by ${ctr.client.ip}`)
// DO NOT write any data or end the request
})
webserver.start({
bind: '0.0.0.0',
cors: false,
port: port,
routes: routes,
proxy: true
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
With Database (EXAMPLE, PLEASE EDIT)
webserver.start({
bind: '0.0.0.0',
cors: false,
port: port,
routes: routes,
proxy: true,
rateLimits: {
enabled: true,
message: 'You are being rate limited',
list: [
{
path: '/auth',
times: 5,
timeout: 10000
},
{
path: '/fetch',
times: 3,
timeout: 5000
}
], functions: {
set: async(key, value) => (await db.queries('update ratelimits set value = ? where key = ?;', [value, key])),
get: async(key) => ((await db.queries('select value from ratelimits where key = ?;', [key])).data.rows[0].value)
}
}
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
With Map
const rateLimits = new Map()
webserver.start({
bind: '0.0.0.0',
cors: false,
port: port,
routes: routes,
proxy: true,
rateLimits: {
enabled: true,
message: 'You are being rate limited',
list: [
{
path: '/auth',
times: 5,
timeout: 10000
},
{
path: '/fetch',
times: 3,
timeout: 5000
}
], functions: rateLimits
}
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
Load Functions from Directory
const webserver = require('rjweb-server')
const routes = new webserver.routeList()
routes.load('./functions') // The functions folder is in the root directory
webserver.start({
bind: '0.0.0.0',
cors: false,
port: 5000,
routes: routes,
proxy: true,
}).then((res) => {
console.log(`webserver started on port ${res.port}`)
}).catch((err) => {
console.log(err)
})
Making a function File
const webserver = require('rjweb-server')
/** @type {import('rjweb-server/interfaces').ctrFile} */
module.exports = {
method: webserver.types.get,
path: '/say/:word',
async code(ctr) {
const word = ctr.params.get('word')
return ctr.print(`I will say it!!!\n${word}`)
}
}
https://replit.com/@RobertJansen/aous
https://replit.com/@RobertJansen/aous-ts
👤 0x4096
Contributions, issues and feature requests are welcome!
Feel free to check issues page.
Give a Star if this project helped you!
Copyright © 2023 0x4096.
This project is MIT licensed.
FAQs
Easy and Robust Way to create a Web Server with many easy-to-use Features in Node.js
The npm package rjweb-server receives a total of 988 weekly downloads. As such, rjweb-server popularity was classified as not popular.
We found that rjweb-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.