Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kartikmehta8/captcha

A Dockerized Node.js CAPTCHA system with Redis, Prometheus, and Grafana, optimized for scalability, performance, and security, featuring monitoring, rate limiting, circuit breaker, and security enhancements.
https://github.com/kartikmehta8/captcha

captcha docker express grafana prometheus

Last synced: about 1 month ago
JSON representation

Host: GitHub
URL: https://github.com/kartikmehta8/captcha
Owner: kartikmehta8
License: other
Created: 2024-08-23T18:01:51.000Z (5 months ago)
Default Branch: main
Last Pushed: 2024-08-23T18:04:06.000Z (5 months ago)
Last Synced: 2024-11-27T00:07:20.974Z (about 2 months ago)
Topics: captcha, docker, express, grafana, prometheus
Language: JavaScript
Homepage:
Size: 204 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Node.js CAPTCHA System with Redis, Prometheus, and Docker

## Overview

![Captcha](./assets/captcha.png)

This project is a robust, scalable, and secure Node.js CAPTCHA system designed to run in a Dockerized environment. The application uses Redis for fast in-memory data storage, Prometheus for monitoring, and Grafana for visualization. It also includes several optimizations for performance, security, and scalability.

## Features

- **CAPTCHA System**: A simple CAPTCHA system implemented with Node.js and Redis.
- **Redis Integration**: Utilizes Redis for efficient data storage and retrieval.
- **Prometheus Monitoring**: Exposes application metrics for Prometheus to scrape.
- **Grafana Dashboard**: Visualizes metrics in Grafana.
- **Dockerized Environment**: Runs in a Dockerized environment with Docker Compose.
- **Cluster Mode**: Scales the application across multiple CPU cores.
- **Circuit Breaker**: Implements a circuit breaker pattern using `opossum` to handle Redis failures.
- **Rate Limiting and Throttling**: Protects the application from abuse using rate limiting.
- **Security Enhancements**: Implements security headers using Helmet and input validation using `express-validator`.

## Technologies Used

- **Node.js**: Backend framework for the CAPTCHA system.
- **Express**: Web framework for handling HTTP requests.
- **Redis**: In-memory data store for storing CAPTCHA data.
- **Prom-client**: Library for exposing Prometheus metrics from Node.js.
- **Docker**: Containerization platform for packaging the application.
- **Docker Compose**: Tool for defining and running multi-container Docker applications.
- **Prometheus**: Monitoring system to scrape metrics from the application.
- **Grafana**: Visualization tool for monitoring metrics from Prometheus.
- **Helmet**: Middleware for securing HTTP headers.
- **express-validator**: Middleware for input validation and sanitization.
- **opossum**: Circuit breaker library for Node.js.

## Setup and Installation

### Prerequisites

- Docker and Docker Compose installed on your system.
- Node.js and npm installed for local development.

### Installation Steps

1. **Clone the repository**:
```bash
git clone
cd
```

2. **Install Node.js dependencies**:
```bash
npm install
```

3. **Build and start the Docker containers**:
```bash
docker-compose up --build
```

4. **Access the Application**:
- **Node.js App**: `http://localhost:3000`
- **Swagger Docs**: `http://localhost:3000/api-docs`
- **Prometheus**: `http://localhost:9090`
- **Grafana**: `http://localhost:3001`

### Prometheus, Grafana & Swagger

![Prometheus](./assets/prometheus.png)
- **Prometheus Configuration**: The `prometheus.yml` file configures Prometheus to scrape metrics from the Node.js application.

![Grafana](./assets/grafana.png)
- **Grafana Configuration**: Access Grafana at `http://localhost:3001`, add Prometheus as a data source, and create custom dashboards to visualize the metrics.

![Swagger](./assets/swagger.png)
- **Swagger**: Access all the APIs related to Captcha on Swagger Docs - `http://localhost:3000/api-docs`

## Optimizations

- **Cluster Mode**: Utilizes Node.js's built-in `cluster` module to run the application across multiple CPU cores, improving scalability.
- **Circuit Breaker**: The circuit breaker pattern is implemented to prevent cascading failures when Redis is unavailable.
- **Rate Limiting**: Express rate limiting is configured to prevent abuse and ensure fair usage of the API.
- **Caching**: Redis is used for caching CAPTCHA data, significantly improving performance.
- **Dockerization**: The application is fully containerized using Docker and Docker Compose for consistent environments and easy deployment.

## Security

- **Helmet**: Applied to secure HTTP headers, preventing well-known web vulnerabilities.
- **Input Validation**: `express-validator` is used to sanitize and validate user inputs, protecting against injection attacks.
- **HTTPS**: It is recommended to run this application behind a reverse proxy like NGINX with SSL termination for HTTPS.

## Conclusion

This project demonstrates a fully Dockerized Node.js application with a focus on performance, security, and scalability. The integration of Redis, Prometheus, Grafana, and other tools ensures a robust solution for a production-grade CAPTCHA system.