nhcarrigan/library
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 54 Actions Releases 3 Activity
Files
c6c098599ac2d33a12cf4baf3f0d42e3cb6aa381
library/api/src/app/app.ts
T
naomi 0a654f423a feat: security and auditing
2026-02-04 16:48:08 -08:00

62 lines
2.1 KiB
TypeScript
Raw Blame History

import * as path from 'path';
import { FastifyInstance, FastifyError } from 'fastify';
import AutoLoad from '@fastify/autoload';
import { AuditService } from './services/audit.service';
import { AuditAction, AuditCategory } from '@library/shared-types';
/* eslint-disable-next-line */
export interface AppOptions {}
export async function app(fastify: FastifyInstance, opts: AppOptions) {
// Add global error handler for security event logging
fastify.setErrorHandler(async (error: FastifyError, request, reply) => {
// Log CSRF validation failures
if (error.code === 'FST_CSRF_INVALID_TOKEN' || error.code === 'FST_CSRF_MISSING_SECRET') {
await AuditService.log({
action: AuditAction.CSRF_VALIDATION_FAILED,
category: AuditCategory.SECURITY,
details: `CSRF validation failed: ${error.message}, URL: ${request.url}`,
success: false,
}, request).catch(() => {
// Ignore logging errors
});
}
// Log unauthorized access attempts
if (error.statusCode === 401 || error.statusCode === 403) {
await AuditService.log({
action: AuditAction.UNAUTHORIZED_ACCESS,
category: AuditCategory.SECURITY,
details: `Unauthorized access attempt: ${error.message}, URL: ${request.url}`,
success: false,
}, request).catch(() => {
// Ignore logging errors
});
}
// Send the error response (don't leak internal details for server errors)
const statusCode = error.statusCode ?? 500;
reply.status(statusCode).send({
statusCode,
error: statusCode >= 500 ? "Internal Server Error" : error.name,
message: statusCode >= 500 ? "An unexpected error occurred" : error.message,
});
});
// This loads all plugins defined in plugins
// those should be support plugins that are reused
// through your application
fastify.register(AutoLoad, {
dir: path.join(__dirname, 'plugins'),
options: { ...opts },
});
// This loads all plugins defined in routes
// define your routes in one of these
fastify.register(AutoLoad, {
dir: path.join(__dirname, 'routes'),
options: { ...opts, prefix: '/api' },
});
}
Reference in New Issue View Git Blame Copy Permalink