Writing a Proxy Server

I’m currently trying to write a proxy in Node.js using repl.it, as I plan to release an open-source system for other developers to use to essentially “partner” them with my own games. I’ve gotten a database set up where I store logins (users join my game, create an account which is then stored in the database, then get redirected back to the game they were in), but I have the issue of the authorization. I want to write a proxy for this, since I don’t want to send requests directly, as that would expose the authorization token, leaving the developers able to freely tamper with the database. The proxy would solve this as the module would send a request to the proxy, and the proxy sends a request to the database, and vice versa.

The way I currently have this set up will leave my database vulnerable to tampering if I distribute it as-is, so a proxy is a must-have.

Assistance with helping me understand this would be greatly appreciated.

5 Likes

Finally!
NodeJS is my jam! :slight_smile:
Assuming you are using Express (or if you are using Restify, etc, let me know) you can simply setup a proxy server w/ routes and use an HTTP client (Axios is my favorite :slight_smile: )

Axios: GitHub - axios/axios: Promise based HTTP client for the browser and node.js

Sample setup:

const express = require('express')
const app = express()

app.post('/proxy', function (req, res) {
    const httpInstance = axios.create({
        headers: {'AuthCode': 'YourSecretCode'}
    });
    httpInstance.get('yoursupersecreturl').then(function (response) {
        // handle success or error. Implement rest of your logic here :)
        console.log(response);
        //res.send(response) //do whatever you want
    })
})

Then setup the rest of the server logic, this way all you have to do is send a POST request to /proxy and you won’t need to pass any sensitive info

3 Likes