Nest: Create a new module @nestjs/ipware - security, fraud protection and geo-aware request handling

Created on 25 Jun 2019 · 4Comments · Source: nestjs/nest

Feature Request

Is your feature request related to a problem? Please describe.

Ability to track IP addresses and trusted proxies for added security.

Describe the solution you'd like

On any request (or the first request within a session), we examine the real routeable IP address and save that information. This way we'd know if the request is coming from our trusted proxies, a real client and we can take appropriate security actions.

Teachability, Documentation, Adoption, Migration Strategy

This will be a port of https://github.com/un33k/django-ipware

What is the motivation / use case for changing the behavior?

Security, fraud protection on the backend. Also geo-aware request handling based on IP addresses based on providers such as https://www.maxmind.com/en/geoip2-country-database.

needs triage type

Source

un33k

Most helpful comment

Good point @BrunnerLivio. @un33k please, reach either @zMotivat0r or @bashleigh if you're interested!

kamilmysliwiec on 28 Jun 2019

👍2

All 4 comments

I'd love to see such a package, but rather as a community library. Would you love to create a port of this https://github.com/un33k/django-ipware for Nest? We could then add it to the official docs under Recipes section (OR Security)

kamilmysliwiec on 27 Jun 2019

@kamilmysliwiec @un33k maybe nestjx or nestjs-community would be interested in having the Nest port of such a package on their organization? I would definitely recommend maintaining the Nest port on an organization rather than on a private account.

cc @zMotivat0r @bashleigh