@adaptic/backend-legacy 0.0.70 → 0.0.72

package/middleware/query-complexity.cjs

@@ -0,0 +1,182 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkQueryComplexity = checkQueryComplexity;
+exports.createQueryComplexityPlugin = createQueryComplexityPlugin;
+const graphql_query_complexity_1 = require("graphql-query-complexity");
+const logger_1 = require("../utils/logger.cjs");
+/**
+ * Default query complexity limits per authentication level.
+ * These can be overridden via environment variables.
+ */
+const DEFAULT_MAX_COMPLEXITY_AUTHENTICATED = 1000;
+const DEFAULT_MAX_COMPLEXITY_UNAUTHENTICATED = 200;
+const DEFAULT_MAX_DEPTH = 10;
+/**
+ * Resolves the maximum allowed query complexity from environment variables or defaults.
+ *
+ * @param isAuthenticated - Whether the request is from an authenticated user
+ * @returns The maximum allowed complexity score
+ */
+function getMaxComplexity(isAuthenticated) {
+    if (isAuthenticated) {
+        const envValue = process.env.GRAPHQL_MAX_COMPLEXITY_AUTH;
+        if (envValue) {
+            const parsed = parseInt(envValue, 10);
+            if (!isNaN(parsed) && parsed > 0)
+                return parsed;
+        }
+        return DEFAULT_MAX_COMPLEXITY_AUTHENTICATED;
+    }
+    const envValue = process.env.GRAPHQL_MAX_COMPLEXITY_UNAUTH;
+    if (envValue) {
+        const parsed = parseInt(envValue, 10);
+        if (!isNaN(parsed) && parsed > 0)
+            return parsed;
+    }
+    return DEFAULT_MAX_COMPLEXITY_UNAUTHENTICATED;
+}
+/**
+ * Resolves the maximum allowed query depth.
+ */
+function getMaxDepth() {
+    const envValue = process.env.GRAPHQL_MAX_DEPTH;
+    if (envValue) {
+        const parsed = parseInt(envValue, 10);
+        if (!isNaN(parsed) && parsed > 0)
+            return parsed;
+    }
+    return DEFAULT_MAX_DEPTH;
+}
+/**
+ * Computes the complexity of a GraphQL document against a schema.
+ *
+ * Uses two estimators:
+ * 1. fieldExtensionsEstimator: Reads complexity from field extensions (set via schema directives)
+ * 2. simpleEstimator: Assigns a default cost of 1 per field as fallback
+ *
+ * @param schema - The GraphQL schema
+ * @param document - The parsed GraphQL document (AST)
+ * @param variables - Query variables (used for list size estimation)
+ * @param isAuthenticated - Whether the request is authenticated (affects limits)
+ * @returns The complexity check result
+ */
+function checkQueryComplexity(schema, document, variables, isAuthenticated) {
+    const maxComplexity = getMaxComplexity(isAuthenticated);
+    try {
+        const complexity = (0, graphql_query_complexity_1.getComplexity)({
+            schema,
+            query: document,
+            variables,
+            estimators: [
+                (0, graphql_query_complexity_1.fieldExtensionsEstimator)(),
+                (0, graphql_query_complexity_1.simpleEstimator)({ defaultComplexity: 1 }),
+            ],
+        });
+        return {
+            complexity,
+            exceeded: complexity > maxComplexity,
+            maxComplexity,
+        };
+    }
+    catch (estimationError) {
+        logger_1.logger.warn('Failed to estimate query complexity', {
+            error: estimationError instanceof Error
+                ? estimationError.message
+                : String(estimationError),
+        });
+        // On failure, allow the query to proceed to avoid blocking legitimate requests
+        return {
+            complexity: 0,
+            exceeded: false,
+            maxComplexity,
+        };
+    }
+}
+/**
+ * Checks query depth by counting nested selections.
+ *
+ * @param document - The parsed GraphQL document (AST)
+ * @returns The maximum depth found in the query
+ */
+function computeQueryDepth(document) {
+    let maxDepth = 0;
+    function traverse(node, depth) {
+        if (depth > maxDepth) {
+            maxDepth = depth;
+        }
+        if (node.selectionSet) {
+            for (const selection of node.selectionSet.selections) {
+                traverse(selection, depth + 1);
+            }
+        }
+    }
+    for (const definition of document.definitions) {
+        traverse(definition, 0);
+    }
+    return maxDepth;
+}
+/**
+ * Creates an Apollo Server plugin that enforces query complexity and depth limits.
+ *
+ * The plugin runs before query execution and rejects queries that exceed
+ * configured complexity or depth thresholds.
+ *
+ * Environment variables:
+ * - GRAPHQL_MAX_COMPLEXITY_AUTH: Max complexity for authenticated users (default: 1000)
+ * - GRAPHQL_MAX_COMPLEXITY_UNAUTH: Max complexity for unauthenticated users (default: 200)
+ * - GRAPHQL_MAX_DEPTH: Max query depth (default: 10)
+ * - GRAPHQL_COMPLEXITY_ENABLED: Explicit on/off ('true'/'false'). Defaults to on in production/staging.
+ *
+ * @param schema - The GraphQL schema to validate against
+ * @returns Apollo Server plugin configuration
+ */
+function createQueryComplexityPlugin(schema) {
+    const isEnabled = () => {
+        const explicitSetting = process.env.GRAPHQL_COMPLEXITY_ENABLED;
+        if (explicitSetting !== undefined) {
+            return explicitSetting === 'true' || explicitSetting === '1';
+        }
+        const env = process.env.NODE_ENV || 'development';
+        return env === 'production' || env === 'staging';
+    };
+    return {
+        async requestDidStart() {
+            return {
+                async didResolveOperation(requestContext) {
+                    if (!isEnabled())
+                        return;
+                    const { document, request, contextValue } = requestContext;
+                    const variables = (request.variables || {});
+                    const isAuthenticated = Boolean(contextValue.user);
+                    // Check depth limit
+                    const maxDepth = getMaxDepth();
+                    const depth = computeQueryDepth(document);
+                    if (depth > maxDepth) {
+                        logger_1.logger.warn('Query depth exceeded', {
+                            depth,
+                            maxDepth,
+                            isAuthenticated,
+                        });
+                        throw new Error(`Query depth of ${depth} exceeds maximum allowed depth of ${maxDepth}`);
+                    }
+                    // Check complexity limit
+                    const result = checkQueryComplexity(schema, document, variables, isAuthenticated);
+                    if (result.exceeded) {
+                        logger_1.logger.warn('Query complexity exceeded', {
+                            complexity: result.complexity,
+                            maxComplexity: result.maxComplexity,
+                            isAuthenticated,
+                        });
+                        throw new Error(`Query complexity of ${result.complexity} exceeds maximum allowed complexity of ${result.maxComplexity}`);
+                    }
+                    logger_1.logger.debug('Query complexity check passed', {
+                        complexity: result.complexity,
+                        maxComplexity: result.maxComplexity,
+                        depth,
+                    });
+                },
+            };
+        },
+    };
+}
+//# sourceMappingURL=query-complexity.js.map

package/middleware/query-complexity.d.ts

@@ -0,0 +1,56 @@
+import { GraphQLSchema, DocumentNode } from 'graphql';
+/**
+ * Result of a query complexity check.
+ */
+interface ComplexityCheckResult {
+    /** The computed complexity score */
+    complexity: number;
+    /** Whether the query exceeds the maximum allowed complexity */
+    exceeded: boolean;
+    /** The maximum allowed complexity for this request */
+    maxComplexity: number;
+}
+/**
+ * Computes the complexity of a GraphQL document against a schema.
+ *
+ * Uses two estimators:
+ * 1. fieldExtensionsEstimator: Reads complexity from field extensions (set via schema directives)
+ * 2. simpleEstimator: Assigns a default cost of 1 per field as fallback
+ *
+ * @param schema - The GraphQL schema
+ * @param document - The parsed GraphQL document (AST)
+ * @param variables - Query variables (used for list size estimation)
+ * @param isAuthenticated - Whether the request is authenticated (affects limits)
+ * @returns The complexity check result
+ */
+export declare function checkQueryComplexity(schema: GraphQLSchema, document: DocumentNode, variables: Record<string, unknown>, isAuthenticated: boolean): ComplexityCheckResult;
+/**
+ * Creates an Apollo Server plugin that enforces query complexity and depth limits.
+ *
+ * The plugin runs before query execution and rejects queries that exceed
+ * configured complexity or depth thresholds.
+ *
+ * Environment variables:
+ * - GRAPHQL_MAX_COMPLEXITY_AUTH: Max complexity for authenticated users (default: 1000)
+ * - GRAPHQL_MAX_COMPLEXITY_UNAUTH: Max complexity for unauthenticated users (default: 200)
+ * - GRAPHQL_MAX_DEPTH: Max query depth (default: 10)
+ * - GRAPHQL_COMPLEXITY_ENABLED: Explicit on/off ('true'/'false'). Defaults to on in production/staging.
+ *
+ * @param schema - The GraphQL schema to validate against
+ * @returns Apollo Server plugin configuration
+ */
+export declare function createQueryComplexityPlugin(schema: GraphQLSchema): {
+    requestDidStart: () => Promise<{
+        didResolveOperation: (requestContext: {
+            document: DocumentNode;
+            request: {
+                variables?: Record<string, unknown> | null;
+            };
+            contextValue: {
+                user?: unknown;
+            };
+        }) => Promise<void>;
+    }>;
+};
+export {};
+//# sourceMappingURL=query-complexity.d.ts.map

package/middleware/query-complexity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"query-complexity.d.ts","sourceRoot":"","sources":["../../src/middleware/query-complexity.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AA+CtD;;GAEG;AACH,UAAU,qBAAqB;IAC7B,oCAAoC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,+DAA+D;IAC/D,QAAQ,EAAE,OAAO,CAAC;IAClB,sDAAsD;IACtD,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,aAAa,EACrB,QAAQ,EAAE,YAAY,EACtB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,eAAe,EAAE,OAAO,GACvB,qBAAqB,CAiCvB;AAgDD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,2BAA2B,CAAC,MAAM,EAAE,aAAa,GAAG;IAClE,eAAe,EAAE,MAAM,OAAO,CAAC;QAC7B,mBAAmB,EAAE,CAAC,cAAc,EAAE;YACpC,QAAQ,EAAE,YAAY,CAAC;YACvB,OAAO,EAAE;gBAAE,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;aAAE,CAAC;YACxD,YAAY,EAAE;gBAAE,IAAI,CAAC,EAAE,OAAO,CAAA;aAAE,CAAC;SAClC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;KACrB,CAAC,CAAC;CACJ,CAgEA"}

package/middleware/query-complexity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"query-complexity.js","sourceRoot":"","sources":["../../src/middleware/query-complexity.ts"],"names":[],"mappings":";;AA6EA,oDAsCC;AA+DD,kEAwEC;AA1PD,uEAIkC;AAElC,4CAAyC;AAEzC;;;GAGG;AACH,MAAM,oCAAoC,GAAG,IAAI,CAAC;AAClD,MAAM,sCAAsC,GAAG,GAAG,CAAC;AACnD,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B;;;;;GAKG;AACH,SAAS,gBAAgB,CAAC,eAAwB;IAChD,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC;QACzD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACtC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC;gBAAE,OAAO,MAAM,CAAC;QAClD,CAAC;QACD,OAAO,oCAAoC,CAAC;IAC9C,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IAC3D,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC;YAAE,OAAO,MAAM,CAAC;IAClD,CAAC;IACD,OAAO,sCAAsC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,SAAS,WAAW;IAClB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC/C,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC;YAAE,OAAO,MAAM,CAAC;IAClD,CAAC;IACD,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAcD;;;;;;;;;;;;GAYG;AACH,SAAgB,oBAAoB,CAClC,MAAqB,EACrB,QAAsB,EACtB,SAAkC,EAClC,eAAwB;IAExB,MAAM,aAAa,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;IAExD,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,IAAA,wCAAa,EAAC;YAC/B,MAAM;YACN,KAAK,EAAE,QAAQ;YACf,SAAS;YACT,UAAU,EAAE;gBACV,IAAA,mDAAwB,GAAE;gBAC1B,IAAA,0CAAe,EAAC,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAC;aAC1C;SACF,CAAC,CAAC;QAEH,OAAO;YACL,UAAU;YACV,QAAQ,EAAE,UAAU,GAAG,aAAa;YACpC,aAAa;SACd,CAAC;IACJ,CAAC;IAAC,OAAO,eAAe,EAAE,CAAC;QACzB,eAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;YACjD,KAAK,EACH,eAAe,YAAY,KAAK;gBAC9B,CAAC,CAAC,eAAe,CAAC,OAAO;gBACzB,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC;SAC9B,CAAC,CAAC;QACH,+EAA+E;QAC/E,OAAO;YACL,UAAU,EAAE,CAAC;YACb,QAAQ,EAAE,KAAK;YACf,aAAa;SACd,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,QAAsB;IAC/C,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,SAAS,QAAQ,CACf,IAEC,EACD,KAAa;QAEb,IAAI,KAAK,GAAG,QAAQ,EAAE,CAAC;YACrB,QAAQ,GAAG,KAAK,CAAC;QACnB,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC;gBACrD,QAAQ,CACN,SAIC,EACD,KAAK,GAAG,CAAC,CACV,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,MAAM,UAAU,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC9C,QAAQ,CACN,UAIC,EACD,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,SAAgB,2BAA2B,CAAC,MAAqB;IAS/D,MAAM,SAAS,GAAG,GAAY,EAAE;QAC9B,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;QAC/D,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,eAAe,KAAK,MAAM,IAAI,eAAe,KAAK,GAAG,CAAC;QAC/D,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,aAAa,CAAC;QAClD,OAAO,GAAG,KAAK,YAAY,IAAI,GAAG,KAAK,SAAS,CAAC;IACnD,CAAC,CAAC;IAEF,OAAO;QACL,KAAK,CAAC,eAAe;YACnB,OAAO;gBACL,KAAK,CAAC,mBAAmB,CAAC,cAAc;oBACtC,IAAI,CAAC,SAAS,EAAE;wBAAE,OAAO;oBAEzB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;oBAC3D,MAAM,SAAS,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAGzC,CAAC;oBACF,MAAM,eAAe,GAAG,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;oBAEnD,oBAAoB;oBACpB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;oBAC/B,MAAM,KAAK,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;oBAC1C,IAAI,KAAK,GAAG,QAAQ,EAAE,CAAC;wBACrB,eAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE;4BAClC,KAAK;4BACL,QAAQ;4BACR,eAAe;yBAChB,CAAC,CAAC;wBACH,MAAM,IAAI,KAAK,CACb,kBAAkB,KAAK,qCAAqC,QAAQ,EAAE,CACvE,CAAC;oBACJ,CAAC;oBAED,yBAAyB;oBACzB,MAAM,MAAM,GAAG,oBAAoB,CACjC,MAAM,EACN,QAAQ,EACR,SAAS,EACT,eAAe,CAChB,CAAC;oBACF,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;wBACpB,eAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;4BACvC,UAAU,EAAE,MAAM,CAAC,UAAU;4BAC7B,aAAa,EAAE,MAAM,CAAC,aAAa;4BACnC,eAAe;yBAChB,CAAC,CAAC;wBACH,MAAM,IAAI,KAAK,CACb,uBAAuB,MAAM,CAAC,UAAU,0CAA0C,MAAM,CAAC,aAAa,EAAE,CACzG,CAAC;oBACJ,CAAC;oBAED,eAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;wBAC5C,UAAU,EAAE,MAAM,CAAC,UAAU;wBAC7B,aAAa,EAAE,MAAM,CAAC,aAAa;wBACnC,KAAK;qBACN,CAAC,CAAC;gBACL,CAAC;aACF,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}

package/middleware/rate-limiter.cjs

@@ -0,0 +1,112 @@
+"use strict";
+// Integration: add to server.ts - app.use('/graphql', graphqlRateLimiter) and app.use('/auth', authRateLimiter)
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authRateLimiter = exports.graphqlRateLimiter = void 0;
+/**
+ * Checks whether a request carries a valid-looking authentication token.
+ * Does not verify the token -- only checks for its presence in the
+ * Authorization header as a Bearer token with three dot-separated parts
+ * (standard JWT structure).
+ */
+function isAuthenticated(req) {
+    const authHeader = req.headers.authorization || '';
+    if (!authHeader.startsWith('Bearer ')) {
+        return false;
+    }
+    const token = authHeader.slice(7);
+    // Google OAuth tokens (ya29.) and JWTs (three dot-separated segments) count
+    if (token.startsWith('ya29.')) {
+        return true;
+    }
+    return token.split('.').length === 3;
+}
+/**
+ * Creates a simple in-memory rate limiter middleware with separate limits
+ * for authenticated and unauthenticated requests.
+ *
+ * Response headers (when standardHeaders is enabled):
+ *   X-RateLimit-Limit     - maximum requests allowed in the current window
+ *   X-RateLimit-Remaining - requests remaining in the current window
+ *   X-RateLimit-Reset     - seconds until the current window resets
+ *   Retry-After           - seconds to wait before retrying (only on 429)
+ *
+ * @param config - Rate limit configuration
+ * @returns Express middleware function
+ */
+function createRateLimiter(config) {
+    const store = {};
+    // Clean up expired entries every minute
+    setInterval(() => {
+        const now = Date.now();
+        Object.keys(store).forEach((key) => {
+            if (store[key].resetTime < now) {
+                delete store[key];
+            }
+        });
+    }, 60000);
+    return (req, res, next) => {
+        const identifier = req.ip || req.connection.remoteAddress || 'unknown';
+        const authenticated = isAuthenticated(req);
+        const effectiveMax = authenticated
+            ? config.maxAuthenticated
+            : config.maxUnauthenticated;
+        const storeKey = `${identifier}:${authenticated ? 'auth' : 'anon'}`;
+        const now = Date.now();
+        if (!store[storeKey] || store[storeKey].resetTime < now) {
+            store[storeKey] = {
+                count: 1,
+                resetTime: now + config.windowMs,
+            };
+        }
+        else {
+            store[storeKey].count += 1;
+        }
+        const current = store[storeKey];
+        const remaining = Math.max(0, effectiveMax - current.count);
+        const resetSeconds = Math.ceil((current.resetTime - now) / 1000);
+        // Add rate limit headers
+        if (config.standardHeaders !== false) {
+            res.setHeader('X-RateLimit-Limit', effectiveMax.toString());
+            res.setHeader('X-RateLimit-Remaining', remaining.toString());
+            res.setHeader('X-RateLimit-Reset', resetSeconds.toString());
+        }
+        if (current.count > effectiveMax) {
+            // Include Retry-After header on 429 responses (RFC 6585 / RFC 7231)
+            res.setHeader('Retry-After', resetSeconds.toString());
+            res.status(429).json(config.message);
+            return;
+        }
+        next();
+    };
+}
+/**
+ * Rate limiter for GraphQL endpoint.
+ *
+ * Authenticated requests:   1000 requests per 15 minutes (configurable via RATE_LIMIT_MAX)
+ * Unauthenticated requests: 200 requests per 15 minutes (configurable via RATE_LIMIT_MAX_UNAUTH)
+ */
+exports.graphqlRateLimiter = createRateLimiter({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    maxAuthenticated: parseInt(process.env.RATE_LIMIT_MAX || '1000', 10),
+    maxUnauthenticated: parseInt(process.env.RATE_LIMIT_MAX_UNAUTH || '200', 10),
+    standardHeaders: true,
+    legacyHeaders: false,
+    message: {
+        errors: [{ message: 'Too many requests, please try again later.' }],
+    },
+});
+/**
+ * Rate limiter for authentication endpoints.
+ *
+ * Authenticated requests:   50 requests per 15 minutes
+ * Unauthenticated requests: 20 requests per 15 minutes
+ */
+exports.authRateLimiter = createRateLimiter({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    maxAuthenticated: 50,
+    maxUnauthenticated: 20,
+    standardHeaders: true,
+    legacyHeaders: false,
+    message: { errors: [{ message: 'Too many authentication attempts.' }] },
+});
+//# sourceMappingURL=rate-limiter.js.map

package/middleware/rate-limiter.d.ts

@@ -0,0 +1,16 @@
+import { Request, Response, NextFunction } from 'express';
+/**
+ * Rate limiter for GraphQL endpoint.
+ *
+ * Authenticated requests:   1000 requests per 15 minutes (configurable via RATE_LIMIT_MAX)
+ * Unauthenticated requests: 200 requests per 15 minutes (configurable via RATE_LIMIT_MAX_UNAUTH)
+ */
+export declare const graphqlRateLimiter: (req: Request, res: Response, next: NextFunction) => void;
+/**
+ * Rate limiter for authentication endpoints.
+ *
+ * Authenticated requests:   50 requests per 15 minutes
+ * Unauthenticated requests: 20 requests per 15 minutes
+ */
+export declare const authRateLimiter: (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=rate-limiter.d.ts.map

package/middleware/rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAyG1D;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB,QA9ChB,OAAO,OAAO,QAAQ,QAAQ,YAAY,KAAG,IAuD1D,CAAC;AAEH;;;;;GAKG;AACH,eAAO,MAAM,eAAe,QA/Db,OAAO,OAAO,QAAQ,QAAQ,YAAY,KAAG,IAsE1D,CAAC"}

package/middleware/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/middleware/rate-limiter.ts"],"names":[],"mappings":";AAAA,gHAAgH;;;AAsBhH;;;;;GAKG;AACH,SAAS,eAAe,CAAC,GAAY;IACnC,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC;IACnD,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAClC,4EAA4E;IAC5E,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACvC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,iBAAiB,CAAC,MAAuB;IAChD,MAAM,KAAK,GAAmB,EAAE,CAAC;IAEjC,wCAAwC;IACxC,WAAW,CAAC,GAAG,EAAE;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YACjC,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;gBAC/B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;YACpB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,EAAE,KAAK,CAAC,CAAC;IAEV,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,CAAC,aAAa,IAAI,SAAS,CAAC;QACvE,MAAM,aAAa,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,YAAY,GAAG,aAAa;YAChC,CAAC,CAAC,MAAM,CAAC,gBAAgB;YACzB,CAAC,CAAC,MAAM,CAAC,kBAAkB,CAAC;QAC9B,MAAM,QAAQ,GAAG,GAAG,UAAU,IAAI,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACpE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;YACxD,KAAK,CAAC,QAAQ,CAAC,GAAG;gBAChB,KAAK,EAAE,CAAC;gBACR,SAAS,EAAE,GAAG,GAAG,MAAM,CAAC,QAAQ;aACjC,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,QAAQ,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;QAC7B,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;QAEjE,yBAAyB;QACzB,IAAI,MAAM,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;YACrC,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC5D,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC7D,GAAG,CAAC,SAAS,CAAC,mBAAmB,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,OAAO,CAAC,KAAK,GAAG,YAAY,EAAE,CAAC;YACjC,oEAAoE;YACpE,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACrC,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACU,QAAA,kBAAkB,GAAG,iBAAiB,CAAC;IAClD,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;IACvC,gBAAgB,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,MAAM,EAAE,EAAE,CAAC;IACpE,kBAAkB,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,KAAK,EAAE,EAAE,CAAC;IAC5E,eAAe,EAAE,IAAI;IACrB,aAAa,EAAE,KAAK;IACpB,OAAO,EAAE;QACP,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;KACpE;CACF,CAAC,CAAC;AAEH;;;;;GAKG;AACU,QAAA,eAAe,GAAG,iBAAiB,CAAC;IAC/C,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;IACvC,gBAAgB,EAAE,EAAE;IACpB,kBAAkB,EAAE,EAAE;IACtB,eAAe,EAAE,IAAI;IACrB,aAAa,EAAE,KAAK;IACpB,OAAO,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC,EAAE;CACxE,CAAC,CAAC"}

package/middleware/soft-delete.cjs

@@ -0,0 +1,175 @@
+"use strict";
+/**
+ * Soft Delete Utilities
+ *
+ * Provides utilities for soft-delete behavior on critical models.
+ * Instead of removing records from the database, a `deletedAt` timestamp
+ * is set, and query helpers filter out soft-deleted records by default.
+ *
+ * Models with soft delete support: User, BrokerageAccount, Trade, Action
+ *
+ * Usage patterns:
+ * 1. Use `softDeleteFilter()` in where clauses to exclude deleted records
+ * 2. Use `softDeleteRecord()` to soft-delete a record (set deletedAt)
+ * 3. Use `hardDelete()` for permanent administrative deletion
+ * 4. Pass `includeDeleted: true` to admin queries to see all records
+ *
+ * Note: Prisma 6 removed the $use() middleware API. Soft delete behavior
+ * is implemented via utility functions called from resolvers and services.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SOFT_DELETE_MODELS = void 0;
+exports.softDeleteFilter = softDeleteFilter;
+exports.deletedOnlyFilter = deletedOnlyFilter;
+exports.isSoftDeleteModel = isSoftDeleteModel;
+exports.softDeleteRecord = softDeleteRecord;
+exports.restoreRecord = restoreRecord;
+exports.hardDelete = hardDelete;
+const logger_1 = require("../utils/logger.cjs");
+/**
+ * Models that support soft deletion via the deletedAt field.
+ * Only these models have the deletedAt column in the database.
+ */
+const SOFT_DELETE_MODELS = new Set([
+    'User',
+    'BrokerageAccount',
+    'Trade',
+    'Action',
+]);
+exports.SOFT_DELETE_MODELS = SOFT_DELETE_MODELS;
+/**
+ * Returns a where clause filter that excludes soft-deleted records.
+ * Can be spread into any Prisma where clause for soft-delete-aware queries.
+ *
+ * @param includeDeleted - When true, returns an empty filter (includes deleted records)
+ * @returns An object to spread into a Prisma where clause
+ *
+ * @example
+ * ```typescript
+ * // Exclude soft-deleted users (default)
+ * const users = await prisma.user.findMany({
+ *   where: { role: 'USER', ...softDeleteFilter() },
+ * });
+ *
+ * // Include soft-deleted users (admin query)
+ * const allUsers = await prisma.user.findMany({
+ *   where: { role: 'USER', ...softDeleteFilter(true) },
+ * });
+ * ```
+ */
+function softDeleteFilter(includeDeleted = false) {
+    if (includeDeleted) {
+        return {};
+    }
+    return { deletedAt: null };
+}
+/**
+ * Returns a where clause filter for finding only soft-deleted records.
+ * Useful for admin interfaces that need to list deleted records for restoration.
+ *
+ * @returns An object to spread into a Prisma where clause
+ *
+ * @example
+ * ```typescript
+ * // Find only soft-deleted users
+ * const deletedUsers = await prisma.user.findMany({
+ *   where: { ...deletedOnlyFilter() },
+ * });
+ * ```
+ */
+function deletedOnlyFilter() {
+    return { deletedAt: { not: null } };
+}
+/**
+ * Checks whether a given model supports soft deletion.
+ *
+ * @param modelName - The Prisma model name (PascalCase)
+ * @returns True if the model has a deletedAt field
+ */
+function isSoftDeleteModel(modelName) {
+    return SOFT_DELETE_MODELS.has(modelName);
+}
+/**
+ * Soft-deletes a record by setting its deletedAt timestamp.
+ * This is the recommended way to "delete" records in soft-delete-enabled models.
+ *
+ * @param delegate - The Prisma model delegate (e.g., prisma.user)
+ * @param id - The record ID to soft-delete
+ * @param modelName - The model name for logging purposes
+ * @returns The updated record
+ *
+ * @example
+ * ```typescript
+ * // Soft-delete a user
+ * await softDeleteRecord(prisma.user, 'user-123', 'User');
+ * ```
+ */
+async function softDeleteRecord(delegate, id, modelName) {
+    logger_1.logger.info('Soft delete: Setting deletedAt on record', {
+        model: modelName,
+        id,
+    });
+    return delegate.update({
+        where: { id },
+        data: { deletedAt: new Date() },
+    });
+}
+/**
+ * Restores a soft-deleted record by clearing its deletedAt timestamp.
+ *
+ * @param delegate - The Prisma model delegate (e.g., prisma.user)
+ * @param id - The record ID to restore
+ * @param modelName - The model name for logging purposes
+ * @returns The updated record
+ *
+ * @example
+ * ```typescript
+ * // Restore a soft-deleted user
+ * await restoreRecord(prisma.user, 'user-123', 'User');
+ * ```
+ */
+async function restoreRecord(delegate, id, modelName) {
+    logger_1.logger.info('Soft delete: Restoring record (clearing deletedAt)', {
+        model: modelName,
+        id,
+    });
+    return delegate.update({
+        where: { id },
+        data: { deletedAt: null },
+    });
+}
+/**
+ * Mapping from model names to their database table names.
+ * Used for raw SQL hard-delete operations.
+ */
+const TABLE_NAME_MAP = {
+    User: 'users',
+    BrokerageAccount: 'brokerage_accounts',
+    Trade: 'trades',
+    Action: 'actions',
+};
+/**
+ * Permanently deletes a record from the database.
+ * This bypasses soft delete and removes the row entirely.
+ * Should only be used for administrative cleanup operations.
+ *
+ * @param prisma - The Prisma client instance (with $executeRawUnsafe)
+ * @param model - The model name (PascalCase)
+ * @param id - The record ID to permanently delete
+ * @returns The number of rows deleted
+ *
+ * @example
+ * ```typescript
+ * // Permanently delete a soft-deleted user
+ * const deleted = await hardDelete(prisma, 'User', 'user-123');
+ * ```
+ */
+async function hardDelete(prisma, model, id) {
+    const tableName = TABLE_NAME_MAP[model];
+    if (!tableName) {
+        throw new Error(`Model "${model}" does not support hard delete`);
+    }
+    logger_1.logger.warn('Hard delete: Permanently removing record', { model, id });
+    return prisma.$executeRawUnsafe(`DELETE FROM "${tableName}" WHERE "id" = $1`, id);
+}
+//# sourceMappingURL=soft-delete.js.map