Skip to content

A minimal working PoC of a more secure DHIS2 Middleware.

Notifications You must be signed in to change notification settings

0xafrogeek/dhis2-middleware-poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DHIS2 Middleware for Public Portal

  • Proof-of-concept for a more secure implementation of a DHIS2 Midddleware for Public Portals

What is this PoC about?

  • A minimal working PoC for a more secure DHIS2 Middleware for public data visualization portals.

  • Additional security measures and best practices are implemented to ensure that only authorized users can access the middleware endpoint/s, using the following:

NOTE: This is in no way a comprehensive list of security measures, but a starting point towards a more secure implementation of a DHIS2 Middleware for public portals.

-   API Key Authorization
-   IP Whitelisting
-   Rate Limiting
-   Request Logging
-   Error Handling
-   Caching (in-memory) for frequently accessed endpoints to reduce the load on the DHIS2 server.

Pre-requisites

  • Node.js >= v16.20.1

Installation

  1. Clone the repository to your local machine:
git clone [email protected]:0xafrogeek/dhis2-middleware-poc.git
  1. Change directory to the project folder:
cd dhis2-middleware-poc
  1. Install packages:
npm i
  1. Copy the example.env file to .env and update the values accordingly.
cp example.env .env
  1. Run the project in development mode:
npm run dev
  1. Once middleware is up and running, any unauthorized request to the /indicators endpoint will be rejected with a 401 Unauthorized response. Only requests with a valid API Key will be allowed.

About

A minimal working PoC of a more secure DHIS2 Middleware.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published