dkrutsko / express-bouncer Goto Github PK

I implemented the CrowdSec bouncer in MeshCentral using this code and it's wonderful. I did notice that you can make a decision based on a username instead of an IP address, but this bouncer code does not have a getRemediationForUsername() method. Could it be added?

If added, I will implement it right away in MeshCentral.

Thanks,
Ylian

Let's suppose user(userid or ip) can hit a route with 5 valid or invalid attempt. Minimum 25 sec wait & max 25 minute wait. Now i want that after 25 minutes express-bouncer auto reset for this user. so that user can now again hit 5 times on same route. Hope you understand my question. please reply

When I tried to use express-bouncer in two different files I found that the module creates a new instance of the module.

I resolve the issue by my own, Do you want me to share the code?

How can I do this ?

When testing with my express app, open handles are detected due to express-bouncer using setInterval with no way to clean it up.

A close method would resolve the issue.

Hello! Awesome library. There's a status code specifically for this type of error. I do understand why 403 is logical as well and I feel like if someone is brute forcing you may not want to give them any more info. Also, might remove additional info to tip people off into how your bounce scheme is functioning to prevent them from changing IPs.