{"_id":"574c98e4281b010e00009081","project":"55db8f8f1a91690d007ad975","version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"parentDoc":null,"user":"57290a893dfe530e00bac0e8","__v":12,"githubsync":"","category":{"_id":"55dc751b00a8811900c230e3","pages":["55dc75b27fa0290d00559123","55dc75c055be9f21004ee24e","55dc75ef00a8811900c230e7","55dc76036f16451700843e0c","55dc760e00a8811900c230e9","55dc767d55be9f21004ee251","55df5db386ae7f0d00db4ccd","55df64cfaf76b70d0060a60e","55df7263c59b180d005fa70e","55e0b72fa44fae0d002148c5","55e0c42b5087cb1900986c0f","55e36b1bac4eef230079a735","55f363ea2d3bae21009c47aa","55f36bcc5f8674370067b73c","55f36c23ec46040d0030326a","5605d2eda4574a0d00811346","560ac5fef6994b0d0023bca6","561be02937781d0d007942b0","56782f0048c8d00d0094b7fc"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":19,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-08-25T14:00:59.500Z","from_sync":false,"order":1,"slug":"how-to-get-started","title":"Agent Installation"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-05-30T19:47:48.426Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":7,"body":"[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/yKAJGQUmSyiAU0Kyu9XO_node.js%20logo.png\",\n        \"node.js logo.png\",\n        \"426\",\n        \"236\",\n        \"#61a451\",\n        \"\"\n      ],\n      \"sizing\": \"original\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Supported Versions\"\n}\n[/block]\nnodeJS version 0.12 and up\nExpress 3 versions 3.2 and up, or Express 4 versions 4.12 and up\n\nFor Authentication\n* Passport 0.3\n\nFor Cross-Site Scripting Protection:\n* Jade version 1.3 and up\n* Mustache version 2.1 and up\n\nFor Database Protection\n* Sequelize version 2.1 and up\n* pg version 4.x\n* pg-native\n* mysql 2.x\n* sqlite3 3.x\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Prerequisites\"\n}\n[/block]\nThe IMMUNIO agent communicates with a management service at https://agent.immun.io. Ensure outbound access to this address is unblocked.​\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Installation\"\n}\n[/block]\n1. From the root of your Node application run:\n\n*npm install immunio*\n\nThis will create a new IMMUNIO module in node_modules and copy all the agent files and dependencies to the IMMUNIO directory. \n\n2. Add the following as the first line of your application setup code (for example: server.js):\n\n*var immunio = require('immunio');*\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Configuration\"\n}\n[/block]\nThe agent key and secret can be configured via the `IMMUNIO_KEY` and `IMMUNIO_SECRET` environment variables. Code protection is enabled using `CODE_PROTECTION_PLUGINS_ENABLED`.\n\nIf you are using a configuration file instead of using environment variables, it needs to be called immunio.json and to reside in the application root folder. This file should contain content below where my-key and my-secret are the key and secret for your application as indicated in the dashboard:\n\n```json\n{\n  \"key\": \"my-key\",\n  \"secret\": \"my-secret\",\n  \"codeProtectionPluginsEnabled\": \"true\"\n}\n```\n\n*Note:* The environment variables will take precedence over the configuration file when both are present.\n[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"Account Takeover Configuration\",\n  \"body\": \"If you do not plan to use IMMUNIO's Code Protection features, you can set the codeProtectionPluginsEnabled to false, or simply exclude it from your configuration.\"\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Verification\"\n}\n[/block]\nOnce the agent is installed and configured, start your application and send an HTTP request to it. Without that first HTTP call, the agent status will display INACTIVE in the dashboard. Within seconds of your first request, the agent should report in and change its status indicator to OK. Your app is now protected with IMMUNIO!​","excerpt":"","slug":"nodejs","type":"basic","title":"Node.js with Express"}

Node.js with Express


[block:image] { "images": [ { "image": [ "https://files.readme.io/yKAJGQUmSyiAU0Kyu9XO_node.js%20logo.png", "node.js logo.png", "426", "236", "#61a451", "" ], "sizing": "original" } ] } [/block] [block:api-header] { "type": "basic", "title": "Supported Versions" } [/block] nodeJS version 0.12 and up Express 3 versions 3.2 and up, or Express 4 versions 4.12 and up For Authentication * Passport 0.3 For Cross-Site Scripting Protection: * Jade version 1.3 and up * Mustache version 2.1 and up For Database Protection * Sequelize version 2.1 and up * pg version 4.x * pg-native * mysql 2.x * sqlite3 3.x [block:api-header] { "type": "basic", "title": "Prerequisites" } [/block] The IMMUNIO agent communicates with a management service at https://agent.immun.io. Ensure outbound access to this address is unblocked.​ [block:api-header] { "type": "basic", "title": "Installation" } [/block] 1. From the root of your Node application run: *npm install immunio* This will create a new IMMUNIO module in node_modules and copy all the agent files and dependencies to the IMMUNIO directory. 2. Add the following as the first line of your application setup code (for example: server.js): *var immunio = require('immunio');* [block:api-header] { "type": "basic", "title": "Configuration" } [/block] The agent key and secret can be configured via the `IMMUNIO_KEY` and `IMMUNIO_SECRET` environment variables. Code protection is enabled using `CODE_PROTECTION_PLUGINS_ENABLED`. If you are using a configuration file instead of using environment variables, it needs to be called immunio.json and to reside in the application root folder. This file should contain content below where my-key and my-secret are the key and secret for your application as indicated in the dashboard: ```json { "key": "my-key", "secret": "my-secret", "codeProtectionPluginsEnabled": "true" } ``` *Note:* The environment variables will take precedence over the configuration file when both are present. [block:callout] { "type": "info", "title": "Account Takeover Configuration", "body": "If you do not plan to use IMMUNIO's Code Protection features, you can set the codeProtectionPluginsEnabled to false, or simply exclude it from your configuration." } [/block] [block:api-header] { "type": "basic", "title": "Verification" } [/block] Once the agent is installed and configured, start your application and send an HTTP request to it. Without that first HTTP call, the agent status will display INACTIVE in the dashboard. Within seconds of your first request, the agent should report in and change its status indicator to OK. Your app is now protected with IMMUNIO!​