Swiftpack.co - Package -


CI Status Swift 4.1 Twitter

๐Ÿคจ What is this?

The MSEC framework is a helper that adds further security for applications running Vapor. This includes recommended security headers, helper extensions and middlewares.

TODO: Write intro.

๐Ÿ“ Requirements

| Name | Minimum version | | ------------- | --------------- | | Swift | 4.1 | | Vapor | 3.0 |

๐Ÿ“ฒ Installation

Add the following to your SPM file:

.package(url: "https://github.com/menly/msec.git", from: "1.0.0")

โŒจ๏ธ Usage

TODO: Write usage.

Import the framework to use it's content.

import MSEC

MSEC headers

Start by adding the msec headers to the configuration.

If the server is an api backend, then you can use the .default() static method, but if it's a web server, that serves static content, then you should create your own configuration based on how you serve those files. For more info, see the CSP configuration object.

// 1. add the middleware to the services:
services.register(MSECHeaderMiddleware.default())

// 2. then add the middleware to the middleware config
var middlewares = MiddlewareConfig()
middlewares.use(MSECHeaderMiddleware.self)
...
services.register(middlewares)

IMPORTANT: please remember that the msec headers should be added FIRST in the middleware, so it's always applied, even in the case of errors.

API key middleware

To use the API key middleware, you must make sure that you have an environment variable named ...

This middleware should be used on a per route group basis like:

let internalRoutes = clients.grouped("private").grouped(APIKeyMiddleware())

Then the following requests to this endpoint must have the API key in the bearer token authorization header field.

๐Ÿ‘‹ Get in touch!

Get in touch with us! Send us an email, say hi on twitter (@menlyhq) or check out our website.

๐Ÿ“„ License

See the license file for more information.

The names and logos for Menly and their products are trademarks of Menly ApS.

Copyright (c) Menly ApS 2016-present.

Github

link
Stars:
Help us keep the lights on

Used By

Total: 0