npm - @cored3v/web-core - Versions diffs - 1.0.0 - Mend

@cored3v/web-core 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/README.md ADDED Viewed

	@@ -0,0 +1 @@
1	+ This is a package to protect source code against unauthorised use

package/dist/app/createApp.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { CreateAppOptions } from "../types";
+export declare function createApp(opts: CreateAppOptions): Promise<{
+    app: import("express-serve-static-core").Express;
+    start: () => Promise<void>;
+    shutdown: () => Promise<void>;
+}>;

package/dist/app/createApp.js ADDED Viewed

@@ -0,0 +1,91 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createApp = createApp;
+const express_1 = __importStar(require("express"));
+const http_1 = __importDefault(require("http"));
+const config_1 = require("../config");
+const verify_1 = require("../license/verify");
+const security_1 = require("./security");
+const db_1 = require("../db");
+const jwt_1 = require("../auth/jwt");
+async function createApp(opts) {
+    // 1) CONFIG
+    const config = (0, config_1.loadConfig)();
+    // 2) LICENSE GATE
+    await (0, verify_1.verifyLicense)({
+        appId: opts.appId,
+        licensePath: config.get("LICENSE_PATH", "./license.json"),
+    });
+    // 3) EXPRESS INIT
+    const app = (0, express_1.default)();
+    const server = http_1.default.createServer(app);
+    const router = (0, express_1.Router)();
+    if (opts.http?.trustProxy)
+        app.set("trust proxy", true);
+    // 4) CORE MIDDLEWARE
+    (0, security_1.applySecurity)(app);
+    app.use(express_1.default.json());
+    app.use(express_1.default.urlencoded({ extended: false }));
+    // 5) DB (non-optional if declared)
+    const db = await (0, db_1.initDb)(opts.db);
+    // 6) AUTH
+    const auth = (0, jwt_1.initJwtAuth)(config);
+    // 7) ROUTES
+    if (opts.routes) {
+        opts.routes({ app, router, db, auth, config });
+    }
+    app.use(router);
+    // 8) ERROR HANDLER
+    app.use((err, _req, res, _next) => {
+        console.error(err);
+        res.status(500).json({ error: "Internal Server Error from web-core" });
+    });
+    // 9) LIFE CYCLE
+    async function start() {
+        const port = opts.http?.port ?? config.get("PORT", 3000);
+        await new Promise((resolve) => server.listen(port, resolve));
+        console.log(`[web-core] listening on ${port}`);
+    }
+    async function shutdown() {
+        if (db?.close)
+            await db.close();
+        server.close();
+    }
+    return { app, start, shutdown };
+}

package/dist/app/security.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { Express } from "express";
2	+ export declare function applySecurity(app: Express): void;

package/dist/app/security.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.applySecurity = applySecurity;
+const helmet_1 = __importDefault(require("helmet"));
+const cors_1 = __importDefault(require("cors"));
+function applySecurity(app) {
+    app.use((0, helmet_1.default)());
+    app.use((0, cors_1.default)());
+}

package/dist/auth/jwt.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { Config } from "../types";
+export declare function initJwtAuth(config: Config): {
+    middleware(): (req: any, _res: any, next: any) => any;
+};

package/dist/auth/jwt.js ADDED Viewed

@@ -0,0 +1,27 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initJwtAuth = initJwtAuth;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+function initJwtAuth(config) {
+    const secret = config.get("JWT_SECRET");
+    if (!secret)
+        throw new Error("JWT_SECRET missing");
+    return {
+        middleware() {
+            return (req, _res, next) => {
+                const h = req.headers.authorization;
+                if (!h)
+                    return next();
+                try {
+                    const token = h.replace("Bearer ", "");
+                    req.user = jsonwebtoken_1.default.verify(token, secret);
+                }
+                catch { }
+                next();
+            };
+        },
+    };
+}

package/dist/config/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { Config } from "../types";
2	+ export declare function loadConfig(): Config;

package/dist/config/index.js ADDED Viewed

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadConfig = loadConfig;
+function loadConfig() {
+    return {
+        get(key, fallback) {
+            const val = process.env[key];
+            if (val === undefined)
+                return fallback;
+            return val;
+        }
+    };
+}

package/dist/db/index.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+export declare function initDb(opts?: {
+    type: "postgres";
+    uri?: string;
+}): Promise<{
+    query: {
+        <T extends import("pg").Submittable>(queryStream: T): T;
+        <R extends any[] = any[], I = any[]>(queryConfig: import("pg").QueryArrayConfig<I>, values?: import("pg").QueryConfigValues<I>): Promise<import("pg").QueryArrayResult<R>>;
+        <R extends import("pg").QueryResultRow = any, I = any>(queryConfig: import("pg").QueryConfig<I>): Promise<import("pg").QueryResult<R>>;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryTextOrConfig: string | import("pg").QueryConfig<I>, values?: import("pg").QueryConfigValues<I>): Promise<import("pg").QueryResult<R>>;
+        <R extends any[] = any[], I = any[]>(queryConfig: import("pg").QueryArrayConfig<I>, callback: (err: Error, result: import("pg").QueryArrayResult<R>) => void): void;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryTextOrConfig: string | import("pg").QueryConfig<I>, callback: (err: Error, result: import("pg").QueryResult<R>) => void): void;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryText: string, values: import("pg").QueryConfigValues<I>, callback: (err: Error, result: import("pg").QueryResult<R>) => void): void;
+    };
+    close: () => Promise<void>;
+} | null>;

package/dist/db/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initDb = initDb;
+const postgres_1 = require("./postgres");
+async function initDb(opts) {
+    if (!opts)
+        return null;
+    if (opts.type === "postgres") {
+        if (!opts.uri)
+            throw new Error("Postgres URI required");
+        return (0, postgres_1.initPostgres)(opts.uri);
+    }
+    throw new Error("Unsupported DB");
+}

package/dist/db/postgres.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export declare function initPostgres(uri: string): Promise<{
+    query: {
+        <T extends import("pg").Submittable>(queryStream: T): T;
+        <R extends any[] = any[], I = any[]>(queryConfig: import("pg").QueryArrayConfig<I>, values?: import("pg").QueryConfigValues<I>): Promise<import("pg").QueryArrayResult<R>>;
+        <R extends import("pg").QueryResultRow = any, I = any>(queryConfig: import("pg").QueryConfig<I>): Promise<import("pg").QueryResult<R>>;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryTextOrConfig: string | import("pg").QueryConfig<I>, values?: import("pg").QueryConfigValues<I>): Promise<import("pg").QueryResult<R>>;
+        <R extends any[] = any[], I = any[]>(queryConfig: import("pg").QueryArrayConfig<I>, callback: (err: Error, result: import("pg").QueryArrayResult<R>) => void): void;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryTextOrConfig: string | import("pg").QueryConfig<I>, callback: (err: Error, result: import("pg").QueryResult<R>) => void): void;
+        <R extends import("pg").QueryResultRow = any, I = any[]>(queryText: string, values: import("pg").QueryConfigValues<I>, callback: (err: Error, result: import("pg").QueryResult<R>) => void): void;
+    };
+    close: () => Promise<void>;
+}>;

package/dist/db/postgres.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initPostgres = initPostgres;
+const pg_1 = require("pg");
+async function initPostgres(uri) {
+    const client = new pg_1.Client({ connectionString: uri });
+    await client.connect();
+    return {
+        query: client.query.bind(client),
+        close: () => client.end(),
+    };
+}

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { createApp } from "./app/createApp";
2	+ export * from "./types";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createApp = void 0;
+var createApp_1 = require("./app/createApp");
+Object.defineProperty(exports, "createApp", { enumerable: true, get: function () { return createApp_1.createApp; } });
+__exportStar(require("./types"), exports);

package/dist/license/crypto.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare function verifySignature(payload: object, signature: string): boolean;

package/dist/license/crypto.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifySignature = verifySignature;
+const crypto_1 = __importDefault(require("crypto"));
+const PUBLIC_KEY = `
+-----BEGIN PUBLIC KEY-----
+REPLACE WITH YOUR RSA PUBLIC KEY
+-----END PUBLIC KEY-----
+`;
+function verifySignature(payload, signature) {
+    const verify = crypto_1.default.createVerify("RSA-SHA256");
+    verify.update(JSON.stringify(payload));
+    verify.end();
+    return verify.verify(PUBLIC_KEY, Buffer.from(signature, "base64"));
+}

package/dist/license/types.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export interface License {
+    licenseId: string;
+    appId: string;
+    issuedTo: string;
+    expiresAt: string;
+    signature: string;
+}

package/dist/license/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/license/verify.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export declare function verifyLicense(opts: {
+    appId: string;
+    licensePath: string;
+}): Promise<void>;

package/dist/license/verify.js ADDED Viewed

@@ -0,0 +1,24 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyLicense = verifyLicense;
+const fs_1 = __importDefault(require("fs"));
+const crypto_1 = require("./crypto");
+async function verifyLicense(opts) {
+    if (!fs_1.default.existsSync(opts.licensePath)) {
+        throw new Error("License file not found");
+    }
+    const raw = JSON.parse(fs_1.default.readFileSync(opts.licensePath, "utf8"));
+    const { signature, ...payload } = raw;
+    if (raw.appId !== opts.appId) {
+        throw new Error("License appId mismatch");
+    }
+    if (new Date(raw.expiresAt) < new Date()) {
+        throw new Error("License expired");
+    }
+    if (!(0, crypto_1.verifySignature)(payload, signature)) {
+        throw new Error("Invalid license signature");
+    }
+}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { Express, Router } from "express";
+export interface CreateAppOptions {
+    appId: string;
+    http?: {
+        port?: number;
+        trustProxy?: boolean;
+    };
+    db?: {
+        type: "postgres";
+        uri?: string;
+    };
+    auth?: {
+        provider: "jwt";
+    };
+    routes?: (ctx: AppContext) => void;
+}
+export interface AppContext {
+    app: Express;
+    router: Router;
+    db: any;
+    auth: {
+        middleware(): any;
+    };
+    config: Config;
+}
+export interface Config {
+    get<T = any>(key: string, fallback?: T): T;
+}

package/dist/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/package.json ADDED Viewed

@@ -0,0 +1,29 @@
+{
+  "name": "@cored3v/web-core",
+  "version": "1.0.0",
+  "description": "Reusable licensed Express core for web applications",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {
+    "cors": "^2.8.5",
+    "express": "^4.19.2",
+    "helmet": "^7.1.0",
+    "jsonwebtoken": "^9.0.2",
+    "pg": "^8.11.5"
+  },
+  "devDependencies": {
+    "@types/cors": "^2.8.19",
+    "@types/express": "^4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
+    "@types/node": "^20.11.0",
+    "@types/pg": "^8.16.0",
+    "typescript": "^5.4.0"
+  }
+}