{"id":25302051,"url":"https://github.com/shivamycodee/confession","last_synced_at":"2026-01-31T12:31:45.075Z","repository":{"id":255479519,"uuid":"852903674","full_name":"Shivamycodee/confession","owner":"Shivamycodee","description":"A package for a secure commuite to your server from browser.","archived":false,"fork":false,"pushed_at":"2024-09-13T03:25:56.000Z","size":73,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-15T21:28:24.922Z","etag":null,"topics":["api","crypto-es","jwt","network","protocol"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/@shivamycodee/confession","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Shivamycodee.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-05T16:18:21.000Z","updated_at":"2024-09-13T03:25:59.000Z","dependencies_parsed_at":"2024-09-13T14:27:09.050Z","dependency_job_id":"6960cd8a-a074-4e7f-b67e-65dba5ebd4de","html_url":"https://github.com/Shivamycodee/confession","commit_stats":null,"previous_names":["shivamycodee/confession"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Shivamycodee/confession","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shivamycodee%2Fconfession","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shivamycodee%2Fconfession/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shivamycodee%2Fconfession/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shivamycodee%2Fconfession/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Shivamycodee","download_url":"https://codeload.github.com/Shivamycodee/confession/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shivamycodee%2Fconfession/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28942917,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-31T12:10:04.904Z","status":"ssl_error","status_checked_at":"2026-01-31T12:09:58.894Z","response_time":128,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","crypto-es","jwt","network","protocol"],"created_at":"2025-02-13T06:50:51.449Z","updated_at":"2026-01-31T12:31:45.059Z","avatar_url":"https://github.com/Shivamycodee.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @shivamycodee/confession\n\nA secure communication package for Express.js applications to prevent replay attacks.\n\n## Table of Contents\n\n- [Installation](#installation)\n- [Features](#features)\n- [Usage](#usage)\n- [API Reference](#api-reference)\n- [Best Practices](#best-practices)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Installation\n\nInstall the package using npm:\n\n```bash\nnpm install @shivamycodee/confession\n```\n\n## Features\n\n- JWT token generation and verification\n- Request encryption and decryption of post request only.\n- Protection against Postman requests (optional)\n- Configurable secret key and cache time\n- Easy integration with Express.js applications\n- Built using [bun](https://bun.sh/)\n\n## Usage\n\nHere's an example of how to use the `@shivamycodee/confession` package in Node.js application:\n\n# Install this packges for your server code...\n\n```javascript\nconst express = require('express');\nconst cors = require('cors');\nconst { \n  generateJwtToken,\n  blockPostmanRequests,\n  DecryptRequest,\n  verifyToken,\n  ApplySecretKey,\n  ApplyCacheTime\n} = require('@shivamycodee/confession')\n\nconst app = express();\nconst PORT = 3000;\n\n// Middleware setup\napp.use(cors());\napp.use(express.json()); \n\n\napp.use(verifyToken);  // middleware to protect from Replay attack, DOS and DDOS attack.\napp.use(blockPostmanRequests); // Optional: Remove if you want to allow Postman requests\n\n// Configure the package\nApplySecretKey('i3ifjnqwfin-2q938in2') // Set a private key (mandatory)\nApplyCacheTime(40); // set time (in seconds) for JWT expire time.\n\n// Route to generate JWT token\napp.get('/generateJWT/:mixer?', (req, res) =\u003e {\n    try {\n        let input = req?.params;\n        let token = generateJwtToken(input);\n        if (token?.status == 403) return res.status(403).json({ error: token.message });\n        return res.send(token)\n    } catch (e) {\n        console.log(e)\n        return res.status(403).json({ error: 'generateJWT requests are not allowed' });\n    }\n})\n\n// exampler post request.\napp.post('/checkData', (req, res) =\u003e {\n    let encryptedData = req.body.encryptedData;\n    let decryptedPayload = DecryptRequest(encryptedData);\n    res.send(decryptedPayload)\n})\n\n// Example route\napp.get('/', (req, res) =\u003e {\n    res.send('WELCOME TO CONFESSION!');\n});\n\n// Start the server\napp.listen(PORT, () =\u003e {\n    console.log(`Server started on port ${PORT}`);\n});\n```\n\n\nHere is how you have to wrap your call from client side for JWT TOKEN \u0026 Payload Encryption:\n\n```javascript\n\nimport {encryptPayload,ApplySecretKey} from '@shivamycodee/confession'\n\nconst SECRET_KEY = 'i3ifjnqwfin-2q938in2';\nApplySecretKey(SECRET_KEY); // Make sure to use the same SECRET_KEY you used on server side (Mandotary)\n\n\n  const getJWTToken = async(str)=\u003e{\n    try{\n        const response = await axios.get(`http://localhost:3000/generateJWT/${str}`);\n        let token = response.data;\n        return token;\n    }catch(e){\n        console.error('getJWTToken err : ',e)\n    }\n\n}\n\n// exmpalry call to server...\n\nconst payload = {\n            name:'major',\n            value: '12.233.545.65',\n}\n\nconst checkData = async()=\u003e{\n    try{\n        let str = new Date().getTime().toString();\n        let response = await getJWTToken(str); // fetch jwt token.\n        let token = response.token;\n\n        let encryptedData = encryptPayload(payload);  // encrypt your payload.\n\n       await axios.post('http://localhost:3000/checkData',{encryptedData},{\n            headers:{\n                'Authorization':`Bearer ${token}`,\n            }\n        })\n    }catch(e){\n        console.error('err in checkData...',e)\n    }\n}\n\n\n```\n### Middleware\n\n- `verifyToken`: Middleware to verify JWT tokens in incoming requests.\n- `blockPostmanRequests`: Middleware to block requests from Postman (optional).\n\n### Functions\n\n- `generateJwtToken(input)`: Generates a JWT token based on the provided input.\n- `DecryptRequest(encryptedData)`: Decrypts the encrypted data sent in requests.\n- `ApplySecretKey(key)`: Sets the secret key used for encryption/decryption.\n- `ApplyCacheTime(seconds)`: Sets the cache time for generated tokens.\n\n## Best Practices\n\n1. Always use HTTPS in production to ensure encrypted communication.\n2. Keep your secret key secure and don't expose it in your codebase.\n3. Regularly rotate your secret keys.\n4. Adjust the cache time based on your security requirements.\n\n## Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n## Upcomming updates\n\n1. Support to both CommonJS and ES6 modules. (✅)\n2. More type of request security if needed.\n\n## License\n\nThis project is licensed under the [MIT License](https://github.com/Shivamycodee/confession?tab=MIT-1-ov-file).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshivamycodee%2Fconfession","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshivamycodee%2Fconfession","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshivamycodee%2Fconfession/lists"}