npm - @exyconn/common - Versions diffs - 2.0.0 → 2.3.2 - Mend

@exyconn/common 2.0.0 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (124) hide show

package/README.md +864 -261
package/dist/{index-BLltj-zN.d.ts → client/hooks/index.d.mts} +1 -195
package/dist/{index-CIUdLBjA.d.mts → client/hooks/index.d.ts} +1 -195
package/dist/client/hooks/index.js +2276 -0
package/dist/client/hooks/index.js.map +1 -0
package/dist/client/hooks/index.mjs +2217 -0
package/dist/client/hooks/index.mjs.map +1 -0
package/dist/client/index.d.mts +4 -1
package/dist/client/index.d.ts +4 -1
package/dist/client/index.js +2693 -19
package/dist/client/index.js.map +1 -1
package/dist/client/index.mjs +2634 -21
package/dist/client/index.mjs.map +1 -1
package/dist/client/web/index.d.mts +1461 -0
package/dist/client/web/index.d.ts +1461 -0
package/dist/client/web/index.js +2681 -0
package/dist/client/web/index.js.map +1 -0
package/dist/client/web/index.mjs +2618 -0
package/dist/client/web/index.mjs.map +1 -0
package/dist/data/brand-identity.d.mts +149 -0
package/dist/data/brand-identity.d.ts +149 -0
package/dist/data/brand-identity.js +235 -0
package/dist/data/brand-identity.js.map +1 -0
package/dist/data/brand-identity.mjs +220 -0
package/dist/data/brand-identity.mjs.map +1 -0
package/dist/data/countries.d.mts +61 -0
package/dist/data/countries.d.ts +61 -0
package/dist/data/countries.js +987 -0
package/dist/data/countries.js.map +1 -0
package/dist/data/countries.mjs +971 -0
package/dist/data/countries.mjs.map +1 -0
package/dist/data/currencies.d.mts +19 -0
package/dist/data/currencies.d.ts +19 -0
package/dist/data/currencies.js +162 -0
package/dist/data/currencies.js.map +1 -0
package/dist/data/currencies.mjs +153 -0
package/dist/data/currencies.mjs.map +1 -0
package/dist/data/index.d.mts +7 -0
package/dist/data/index.d.ts +7 -0
package/dist/data/index.js +2087 -0
package/dist/data/index.js.map +1 -0
package/dist/data/index.mjs +1948 -0
package/dist/data/index.mjs.map +1 -0
package/dist/data/phone-codes.d.mts +15 -0
package/dist/data/phone-codes.d.ts +15 -0
package/dist/data/phone-codes.js +219 -0
package/dist/data/phone-codes.js.map +1 -0
package/dist/data/phone-codes.mjs +211 -0
package/dist/data/phone-codes.mjs.map +1 -0
package/dist/data/regex.d.mts +287 -0
package/dist/data/regex.d.ts +287 -0
package/dist/data/regex.js +306 -0
package/dist/data/regex.js.map +1 -0
package/dist/data/regex.mjs +208 -0
package/dist/data/regex.mjs.map +1 -0
package/dist/data/timezones.d.mts +16 -0
package/dist/data/timezones.d.ts +16 -0
package/dist/data/timezones.js +98 -0
package/dist/data/timezones.js.map +1 -0
package/dist/data/timezones.mjs +89 -0
package/dist/data/timezones.mjs.map +1 -0
package/dist/index-01hoqibP.d.ts +119 -0
package/dist/index-D3yCCjBZ.d.mts +119 -0
package/dist/index-D9a9oxQy.d.ts +305 -0
package/dist/index-DKn4raO7.d.ts +222 -0
package/dist/index-DuxL84IW.d.mts +305 -0
package/dist/index-NS8dS0p9.d.mts +222 -0
package/dist/index-Nqm5_lwT.d.ts +188 -0
package/dist/index-jBi3V6e5.d.mts +188 -0
package/dist/index.d.mts +21 -729
package/dist/index.d.ts +21 -729
package/dist/index.js +3470 -97
package/dist/index.js.map +1 -1
package/dist/index.mjs +3457 -104
package/dist/index.mjs.map +1 -1
package/dist/server/configs/index.d.mts +602 -0
package/dist/server/configs/index.d.ts +602 -0
package/dist/server/configs/index.js +707 -0
package/dist/server/configs/index.js.map +1 -0
package/dist/server/configs/index.mjs +665 -0
package/dist/server/configs/index.mjs.map +1 -0
package/dist/server/index.d.mts +3 -0
package/dist/server/index.d.ts +3 -0
package/dist/server/index.js +699 -0
package/dist/server/index.js.map +1 -1
package/dist/server/index.mjs +662 -1
package/dist/server/index.mjs.map +1 -1
package/dist/shared/config/index.d.mts +40 -0
package/dist/shared/config/index.d.ts +40 -0
package/dist/shared/config/index.js +58 -0
package/dist/shared/config/index.js.map +1 -0
package/dist/shared/config/index.mjs +51 -0
package/dist/shared/config/index.mjs.map +1 -0
package/dist/shared/constants/index.d.mts +593 -0
package/dist/shared/constants/index.d.ts +593 -0
package/dist/shared/constants/index.js +391 -0
package/dist/shared/constants/index.js.map +1 -0
package/dist/shared/constants/index.mjs +360 -0
package/dist/shared/constants/index.mjs.map +1 -0
package/dist/shared/index.d.mts +5 -1
package/dist/shared/index.d.ts +5 -1
package/dist/shared/types/index.d.mts +140 -0
package/dist/shared/types/index.d.ts +140 -0
package/dist/shared/types/index.js +4 -0
package/dist/shared/types/index.js.map +1 -0
package/dist/shared/types/index.mjs +3 -0
package/dist/shared/types/index.mjs.map +1 -0
package/dist/shared/utils/index.d.mts +255 -0
package/dist/shared/utils/index.d.ts +255 -0
package/dist/shared/utils/index.js +623 -0
package/dist/shared/utils/index.js.map +1 -0
package/dist/shared/utils/index.mjs +324 -0
package/dist/shared/utils/index.mjs.map +1 -0
package/dist/shared/validation/index.d.mts +258 -0
package/dist/shared/validation/index.d.ts +258 -0
package/dist/shared/validation/index.js +185 -0
package/dist/shared/validation/index.js.map +1 -0
package/dist/shared/validation/index.mjs +172 -0
package/dist/shared/validation/index.mjs.map +1 -0
package/package.json +151 -56
package/dist/index-DEzgM15j.d.ts +0 -67
package/dist/index-DNFVgQx8.d.ts +0 -1375
package/dist/index-DbV04Dx8.d.mts +0 -67
package/dist/index-DfqEP6Oe.d.mts +0 -1375

package/dist/server/index.js CHANGED Viewed

@@ -6,6 +6,7 @@ var path = require('path');
 var mongoose = require('mongoose');
 var jwt = require('jsonwebtoken');
 var fs = require('fs');
+var rateLimit = require('express-rate-limit');
 function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
@@ -14,6 +15,7 @@ var DailyRotateFile__default = /*#__PURE__*/_interopDefault(DailyRotateFile);
 var path__default = /*#__PURE__*/_interopDefault(path);
 var mongoose__default = /*#__PURE__*/_interopDefault(mongoose);
 var jwt__default = /*#__PURE__*/_interopDefault(jwt);
+var rateLimit__default = /*#__PURE__*/_interopDefault(rateLimit);
 // src/server/enums/status.ts
 var StatusCode = /* @__PURE__ */ ((StatusCode2) => {
@@ -720,20 +722,710 @@ var packageCheckServer = {
   print: printPackageCheckSummary
 };
+// src/server/configs/cors.config.ts
+var DEFAULT_CORS_CONFIG = {
+  productionOrigins: [],
+  developmentOrigins: [
+    "http://localhost:3000",
+    "http://localhost:4000",
+    "http://localhost:5000",
+    "http://localhost:5173",
+    "http://localhost:8080",
+    "http://127.0.0.1:3000",
+    "http://127.0.0.1:4000",
+    "http://127.0.0.1:5000",
+    "http://127.0.0.1:5173",
+    "http://127.0.0.1:8080"
+  ],
+  allowedSubdomains: [],
+  originPatterns: [],
+  allowNoOrigin: true,
+  allowAllInDev: true,
+  credentials: true,
+  methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS", "HEAD"],
+  allowedHeaders: [
+    "Content-Type",
+    "Authorization",
+    "X-Requested-With",
+    "Accept",
+    "Origin",
+    "X-API-Key",
+    "X-Organization-Id",
+    "X-Request-Id"
+  ],
+  exposedHeaders: [
+    "Content-Range",
+    "X-Content-Range",
+    "X-Total-Count",
+    "X-Request-Id"
+  ],
+  maxAge: 86400
+  // 24 hours
+};
+var createCorsOptions = (config = {}) => {
+  const finalConfig = { ...DEFAULT_CORS_CONFIG, ...config };
+  const {
+    productionOrigins,
+    developmentOrigins,
+    allowedSubdomains,
+    originPatterns,
+    allowNoOrigin,
+    allowAllInDev,
+    customValidator,
+    credentials,
+    methods,
+    allowedHeaders,
+    exposedHeaders,
+    maxAge
+  } = finalConfig;
+  const allOrigins = /* @__PURE__ */ new Set([...productionOrigins, ...developmentOrigins]);
+  const originHandler = (origin, callback) => {
+    if (!origin) {
+      callback(null, allowNoOrigin);
+      return;
+    }
+    if (allOrigins.has(origin)) {
+      callback(null, true);
+      return;
+    }
+    if (allowedSubdomains.some((subdomain) => origin.endsWith(subdomain))) {
+      callback(null, true);
+      return;
+    }
+    if (originPatterns.some((pattern) => pattern.test(origin))) {
+      callback(null, true);
+      return;
+    }
+    if (customValidator && customValidator(origin)) {
+      callback(null, true);
+      return;
+    }
+    if (process.env.NODE_ENV !== "production" && allowAllInDev) {
+      callback(null, true);
+      return;
+    }
+    if (process.env.NODE_ENV === "production") {
+      callback(new Error(`Origin ${origin} not allowed by CORS`));
+      return;
+    }
+    callback(null, true);
+  };
+  return {
+    origin: originHandler,
+    credentials,
+    methods,
+    allowedHeaders,
+    exposedHeaders,
+    maxAge
+  };
+};
+var createBrandCorsOptions = (brandDomain, additionalConfig = {}) => {
+  const productionOrigins = [
+    `https://${brandDomain}`,
+    `https://www.${brandDomain}`
+  ];
+  const allowedSubdomains = [`.${brandDomain}`];
+  return createCorsOptions({
+    productionOrigins,
+    allowedSubdomains,
+    ...additionalConfig
+  });
+};
+var createMultiBrandCorsOptions = (domains, additionalConfig = {}) => {
+  const productionOrigins = domains.flatMap((domain) => [
+    `https://${domain}`,
+    `https://www.${domain}`
+  ]);
+  const allowedSubdomains = domains.map((domain) => `.${domain}`);
+  return createCorsOptions({
+    productionOrigins,
+    allowedSubdomains,
+    ...additionalConfig
+  });
+};
+var EXYCONN_CORS_CONFIG = {
+  productionOrigins: [
+    "https://exyconn.com",
+    "https://www.exyconn.com",
+    "https://botify.life",
+    "https://www.botify.life",
+    "https://partywings.fun",
+    "https://www.partywings.fun",
+    "https://sibera.work",
+    "https://www.sibera.work",
+    "https://spentiva.com",
+    "https://www.spentiva.com"
+  ],
+  allowedSubdomains: [
+    ".exyconn.com",
+    ".botify.life",
+    ".partywings.fun",
+    ".sibera.work",
+    ".spentiva.com"
+  ],
+  developmentOrigins: [
+    "http://localhost:3000",
+    "http://localhost:4000",
+    "http://localhost:4001",
+    "http://localhost:4002",
+    "http://localhost:4003",
+    "http://localhost:4004",
+    "http://localhost:4005",
+    "http://localhost:5173",
+    "http://127.0.0.1:3000",
+    "http://127.0.0.1:4000",
+    "http://127.0.0.1:5173"
+  ]
+};
+var STRICT_CORS_CONFIG = {
+  allowNoOrigin: false,
+  allowAllInDev: false,
+  methods: ["GET", "POST", "PUT", "DELETE"]
+};
+var PERMISSIVE_CORS_CONFIG = {
+  allowNoOrigin: true,
+  allowAllInDev: true,
+  originPatterns: [/localhost/, /127\.0\.0\.1/]
+};
+var corsOptions = createCorsOptions(EXYCONN_CORS_CONFIG);
+var DEFAULT_RATE_LIMIT_TIERS = {
+  STANDARD: {
+    windowMs: 15 * 60 * 1e3,
+    // 15 minutes
+    maxRequests: 100,
+    message: "Too many requests, please try again later.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  },
+  STRICT: {
+    windowMs: 15 * 60 * 1e3,
+    // 15 minutes
+    maxRequests: 20,
+    message: "Too many requests, please try again later.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  },
+  DDOS: {
+    windowMs: 60 * 1e3,
+    // 1 minute
+    maxRequests: 60,
+    message: "Rate limit exceeded. Please slow down.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  },
+  // Additional presets
+  VERY_STRICT: {
+    windowMs: 60 * 60 * 1e3,
+    // 1 hour
+    maxRequests: 5,
+    message: "Too many attempts. Please try again in an hour.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  },
+  RELAXED: {
+    windowMs: 15 * 60 * 1e3,
+    // 15 minutes
+    maxRequests: 500,
+    message: "Rate limit exceeded.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  },
+  API: {
+    windowMs: 60 * 1e3,
+    // 1 minute
+    maxRequests: 30,
+    message: "API rate limit exceeded.",
+    skipSuccessfulRequests: false,
+    skipFailedRequests: false
+  }
+};
+var defaultKeyGenerator = (req) => {
+  const forwarded = req.headers["x-forwarded-for"];
+  const ip = forwarded ? Array.isArray(forwarded) ? forwarded[0] : forwarded.split(",")[0].trim() : req.ip || req.socket.remoteAddress || "unknown";
+  return ip;
+};
+var createPrefixedKeyGenerator = (prefix) => (req) => {
+  return `${prefix}:${defaultKeyGenerator(req)}`;
+};
+var createUserKeyGenerator = (getUserId) => (req) => {
+  const userId = getUserId(req);
+  return userId || defaultKeyGenerator(req);
+};
+var createApiKeyGenerator = (headerName = "x-api-key") => (req) => {
+  const apiKey = req.headers[headerName.toLowerCase()];
+  return apiKey || defaultKeyGenerator(req);
+};
+var createRateLimitResponse = (message, retryAfter) => ({
+  status: "error",
+  statusCode: 429,
+  message,
+  ...retryAfter
+});
+var createRateLimiter = (tierConfig, options = {}) => {
+  const {
+    standardHeaders = true,
+    legacyHeaders = false,
+    keyGenerator = defaultKeyGenerator,
+    skip,
+    handler
+  } = options;
+  return rateLimit__default.default({
+    windowMs: tierConfig.windowMs,
+    max: tierConfig.maxRequests,
+    message: createRateLimitResponse(tierConfig.message),
+    standardHeaders,
+    legacyHeaders,
+    keyGenerator,
+    skip,
+    handler,
+    skipSuccessfulRequests: tierConfig.skipSuccessfulRequests,
+    skipFailedRequests: tierConfig.skipFailedRequests
+  });
+};
+var createStandardRateLimiter = (config = {}, options = {}) => {
+  const tierConfig = { ...DEFAULT_RATE_LIMIT_TIERS.STANDARD, ...config };
+  return createRateLimiter(tierConfig, options);
+};
+var createStrictRateLimiter = (config = {}, options = {}) => {
+  const tierConfig = { ...DEFAULT_RATE_LIMIT_TIERS.STRICT, ...config };
+  return createRateLimiter(tierConfig, options);
+};
+var createDdosRateLimiter = (config = {}, options = {}) => {
+  const tierConfig = { ...DEFAULT_RATE_LIMIT_TIERS.DDOS, ...config };
+  return createRateLimiter(tierConfig, options);
+};
+var createApiRateLimiter = (config = {}, options = {}) => {
+  const tierConfig = { ...DEFAULT_RATE_LIMIT_TIERS.API, ...config };
+  return createRateLimiter(tierConfig, {
+    keyGenerator: createApiKeyGenerator(),
+    ...options
+  });
+};
+var RateLimiterBuilder = class {
+  constructor(preset = "STANDARD") {
+    const presetConfig = DEFAULT_RATE_LIMIT_TIERS[preset];
+    this.config = {
+      windowMs: presetConfig.windowMs,
+      maxRequests: presetConfig.maxRequests,
+      message: presetConfig.message,
+      skipSuccessfulRequests: presetConfig.skipSuccessfulRequests ?? false,
+      skipFailedRequests: presetConfig.skipFailedRequests ?? false
+    };
+    this.options = {};
+  }
+  /**
+   * Set window duration
+   */
+  windowMs(ms) {
+    this.config.windowMs = ms;
+    return this;
+  }
+  /**
+   * Set window duration in minutes
+   */
+  windowMinutes(minutes) {
+    this.config.windowMs = minutes * 60 * 1e3;
+    return this;
+  }
+  /**
+   * Set window duration in hours
+   */
+  windowHours(hours) {
+    this.config.windowMs = hours * 60 * 60 * 1e3;
+    return this;
+  }
+  /**
+   * Set maximum requests
+   */
+  max(requests) {
+    this.config.maxRequests = requests;
+    return this;
+  }
+  /**
+   * Set error message
+   */
+  message(msg) {
+    this.config.message = msg;
+    return this;
+  }
+  /**
+   * Skip successful requests
+   */
+  skipSuccessful(skip = true) {
+    this.config.skipSuccessfulRequests = skip;
+    return this;
+  }
+  /**
+   * Skip failed requests
+   */
+  skipFailed(skip = true) {
+    this.config.skipFailedRequests = skip;
+    return this;
+  }
+  /**
+   * Set key generator
+   */
+  keyBy(generator) {
+    this.options.keyGenerator = generator;
+    return this;
+  }
+  /**
+   * Key by IP (default)
+   */
+  keyByIp() {
+    this.options.keyGenerator = defaultKeyGenerator;
+    return this;
+  }
+  /**
+   * Key by API key
+   */
+  keyByApiKey(headerName) {
+    this.options.keyGenerator = createApiKeyGenerator(headerName);
+    return this;
+  }
+  /**
+   * Skip certain requests
+   */
+  skipWhen(predicate) {
+    this.options.skip = predicate;
+    return this;
+  }
+  /**
+   * Build the rate limiter
+   */
+  build() {
+    return createRateLimiter(this.config, this.options);
+  }
+};
+var rateLimiter = (preset) => {
+  return new RateLimiterBuilder(preset);
+};
+var RATE_LIMIT_CONFIG = {
+  STANDARD: DEFAULT_RATE_LIMIT_TIERS.STANDARD,
+  STRICT: DEFAULT_RATE_LIMIT_TIERS.STRICT,
+  DDOS: DEFAULT_RATE_LIMIT_TIERS.DDOS
+};
+var standardRateLimiter = createStandardRateLimiter();
+var strictRateLimiter = createStrictRateLimiter();
+var ddosProtectionLimiter = createDdosRateLimiter();
+// src/server/configs/server.config.ts
+var DEFAULT_SERVER_CONFIG = {
+  name: "app-server",
+  version: "1.0.0",
+  environment: process.env.NODE_ENV || "development",
+  port: parseInt(process.env.PORT || "3000", 10),
+  host: process.env.HOST || "0.0.0.0",
+  basePath: "/api",
+  debug: process.env.DEBUG === "true",
+  trustProxy: true
+};
+var DEFAULT_DATABASE_CONFIG = {
+  uri: process.env.DATABASE_URL || process.env.MONGODB_URI || "",
+  name: process.env.DATABASE_NAME || "app_db",
+  maxPoolSize: process.env.NODE_ENV === "production" ? 50 : 10,
+  minPoolSize: process.env.NODE_ENV === "production" ? 10 : 5,
+  socketTimeoutMS: 45e3,
+  serverSelectionTimeoutMS: 1e4,
+  maxIdleTimeMS: 1e4,
+  retryWrites: true,
+  retryReads: true,
+  writeConcern: "majority"
+};
+var DEFAULT_AUTH_CONFIG = {
+  jwtSecret: process.env.JWT_SECRET || "",
+  jwtExpiresIn: process.env.JWT_EXPIRES_IN || "7d",
+  refreshTokenExpiresIn: process.env.REFRESH_TOKEN_EXPIRES_IN || "30d",
+  enableRefreshTokens: true,
+  apiKeyHeader: "x-api-key",
+  orgHeader: "x-organization-id"
+};
+var DEFAULT_LOGGING_CONFIG = {
+  level: process.env.LOG_LEVEL || "info",
+  logsDir: process.env.LOGS_DIR || "logs",
+  maxSize: "20m",
+  maxFiles: "14d",
+  errorMaxFiles: "30d",
+  console: true,
+  file: process.env.NODE_ENV === "production",
+  json: process.env.NODE_ENV === "production"
+};
+var DEFAULT_CORS_ORIGINS = {
+  production: [],
+  development: [
+    "http://localhost:3000",
+    "http://localhost:4000",
+    "http://localhost:5173",
+    "http://127.0.0.1:3000",
+    "http://127.0.0.1:4000",
+    "http://127.0.0.1:5173"
+  ],
+  patterns: []
+};
+var DEFAULT_RATE_LIMIT_CONFIG = {
+  enabled: true,
+  standard: {
+    windowMs: 15 * 60 * 1e3,
+    // 15 minutes
+    maxRequests: 100,
+    message: "Too many requests, please try again later."
+  },
+  strict: {
+    windowMs: 15 * 60 * 1e3,
+    // 15 minutes
+    maxRequests: 20,
+    message: "Too many requests, please try again later."
+  },
+  ddos: {
+    windowMs: 60 * 1e3,
+    // 1 minute
+    maxRequests: 60,
+    message: "Rate limit exceeded. Please slow down.",
+    skipSuccessfulRequests: false
+  }
+};
+function deepMerge(target, source) {
+  const result = { ...target };
+  for (const key in source) {
+    if (Object.prototype.hasOwnProperty.call(source, key)) {
+      const sourceValue = source[key];
+      const targetValue = target[key];
+      if (sourceValue !== void 0 && typeof sourceValue === "object" && sourceValue !== null && !Array.isArray(sourceValue) && typeof targetValue === "object" && targetValue !== null && !Array.isArray(targetValue)) {
+        result[key] = deepMerge(
+          targetValue,
+          sourceValue
+        );
+      } else if (sourceValue !== void 0) {
+        result[key] = sourceValue;
+      }
+    }
+  }
+  return result;
+}
+var ConfigBuilder = class {
+  constructor() {
+    this.config = {
+      server: { ...DEFAULT_SERVER_CONFIG },
+      database: { ...DEFAULT_DATABASE_CONFIG },
+      auth: { ...DEFAULT_AUTH_CONFIG },
+      logging: { ...DEFAULT_LOGGING_CONFIG },
+      cors: { ...DEFAULT_CORS_ORIGINS },
+      rateLimit: { ...DEFAULT_RATE_LIMIT_CONFIG }
+    };
+  }
+  /**
+   * Set server configuration
+   */
+  setServer(config) {
+    this.config.server = deepMerge(this.config.server, config);
+    return this;
+  }
+  /**
+   * Set database configuration
+   */
+  setDatabase(config) {
+    this.config.database = deepMerge(this.config.database, config);
+    return this;
+  }
+  /**
+   * Set auth configuration
+   */
+  setAuth(config) {
+    this.config.auth = deepMerge(this.config.auth, config);
+    return this;
+  }
+  /**
+   * Set logging configuration
+   */
+  setLogging(config) {
+    this.config.logging = deepMerge(this.config.logging, config);
+    return this;
+  }
+  /**
+   * Set CORS origins
+   */
+  setCorsOrigins(config) {
+    this.config.cors = deepMerge(this.config.cors, config);
+    return this;
+  }
+  /**
+   * Add CORS production origin
+   */
+  addProductionOrigin(origin) {
+    if (!this.config.cors.production.includes(origin)) {
+      this.config.cors.production.push(origin);
+    }
+    return this;
+  }
+  /**
+   * Add CORS development origin
+   */
+  addDevelopmentOrigin(origin) {
+    if (!this.config.cors.development.includes(origin)) {
+      this.config.cors.development.push(origin);
+    }
+    return this;
+  }
+  /**
+   * Add CORS pattern
+   */
+  addCorsPattern(pattern) {
+    if (!this.config.cors.patterns.includes(pattern)) {
+      this.config.cors.patterns.push(pattern);
+    }
+    return this;
+  }
+  /**
+   * Set rate limit configuration
+   */
+  setRateLimit(config) {
+    this.config.rateLimit = deepMerge(this.config.rateLimit, config);
+    return this;
+  }
+  /**
+   * Add custom rate limit tier
+   */
+  addRateLimitTier(name, tier) {
+    if (!this.config.rateLimit.custom) {
+      this.config.rateLimit.custom = {};
+    }
+    this.config.rateLimit.custom[name] = tier;
+    return this;
+  }
+  /**
+   * Set custom configuration
+   */
+  setCustom(key, value) {
+    if (!this.config.custom) {
+      this.config.custom = {};
+    }
+    this.config.custom[key] = value;
+    return this;
+  }
+  /**
+   * Load configuration from environment variables
+   */
+  loadFromEnv() {
+    if (process.env.SERVER_NAME) this.config.server.name = process.env.SERVER_NAME;
+    if (process.env.SERVER_VERSION) this.config.server.version = process.env.SERVER_VERSION;
+    if (process.env.PORT) this.config.server.port = parseInt(process.env.PORT, 10);
+    if (process.env.HOST) this.config.server.host = process.env.HOST;
+    if (process.env.BASE_PATH) this.config.server.basePath = process.env.BASE_PATH;
+    if (process.env.DATABASE_URL) this.config.database.uri = process.env.DATABASE_URL;
+    if (process.env.MONGODB_URI) this.config.database.uri = process.env.MONGODB_URI;
+    if (process.env.DATABASE_NAME) this.config.database.name = process.env.DATABASE_NAME;
+    if (process.env.JWT_SECRET) this.config.auth.jwtSecret = process.env.JWT_SECRET;
+    if (process.env.JWT_EXPIRES_IN) this.config.auth.jwtExpiresIn = process.env.JWT_EXPIRES_IN;
+    if (process.env.LOG_LEVEL) this.config.logging.level = process.env.LOG_LEVEL;
+    if (process.env.LOGS_DIR) this.config.logging.logsDir = process.env.LOGS_DIR;
+    if (process.env.CORS_ORIGINS) {
+      const origins = process.env.CORS_ORIGINS.split(",").map((o) => o.trim());
+      this.config.cors.production.push(...origins);
+    }
+    return this;
+  }
+  /**
+   * Validate configuration
+   */
+  validate() {
+    const errors = [];
+    if (!this.config.server.name) errors.push("Server name is required");
+    if (this.config.server.port < 1 || this.config.server.port > 65535) {
+      errors.push("Server port must be between 1 and 65535");
+    }
+    if (this.config.server.environment === "production") {
+      if (!this.config.auth.jwtSecret || this.config.auth.jwtSecret.length < 32) {
+        errors.push("JWT secret must be at least 32 characters in production");
+      }
+    }
+    return { valid: errors.length === 0, errors };
+  }
+  /**
+   * Build the final configuration
+   */
+  build() {
+    return { ...this.config };
+  }
+};
+var createConfig = () => {
+  return new ConfigBuilder();
+};
+var buildConfig = (partial = {}) => {
+  const builder = createConfig().loadFromEnv();
+  if (partial.server) builder.setServer(partial.server);
+  if (partial.database) builder.setDatabase(partial.database);
+  if (partial.auth) builder.setAuth(partial.auth);
+  if (partial.logging) builder.setLogging(partial.logging);
+  if (partial.cors) builder.setCorsOrigins(partial.cors);
+  if (partial.rateLimit) builder.setRateLimit(partial.rateLimit);
+  return builder.build();
+};
+var isProduction = (config) => {
+  return (config?.environment || process.env.NODE_ENV) === "production";
+};
+var isDevelopment = (config) => {
+  return (config?.environment || process.env.NODE_ENV) === "development";
+};
+var isTest = (config) => {
+  return (config?.environment || process.env.NODE_ENV) === "test";
+};
+var getDatabaseOptions = (config) => {
+  return {
+    maxPoolSize: config.maxPoolSize,
+    minPoolSize: config.minPoolSize,
+    socketTimeoutMS: config.socketTimeoutMS,
+    serverSelectionTimeoutMS: config.serverSelectionTimeoutMS,
+    maxIdleTimeMS: config.maxIdleTimeMS,
+    retryWrites: config.retryWrites,
+    retryReads: config.retryReads,
+    w: config.writeConcern
+  };
+};
+exports.ConfigBuilder = ConfigBuilder;
+exports.DEFAULT_AUTH_CONFIG = DEFAULT_AUTH_CONFIG;
+exports.DEFAULT_CORS_CONFIG = DEFAULT_CORS_CONFIG;
+exports.DEFAULT_CORS_ORIGINS = DEFAULT_CORS_ORIGINS;
+exports.DEFAULT_DATABASE_CONFIG = DEFAULT_DATABASE_CONFIG;
+exports.DEFAULT_LOGGING_CONFIG = DEFAULT_LOGGING_CONFIG;
+exports.DEFAULT_RATE_LIMIT_CONFIG = DEFAULT_RATE_LIMIT_CONFIG;
+exports.DEFAULT_RATE_LIMIT_TIERS = DEFAULT_RATE_LIMIT_TIERS;
+exports.DEFAULT_SERVER_CONFIG = DEFAULT_SERVER_CONFIG;
+exports.EXYCONN_CORS_CONFIG = EXYCONN_CORS_CONFIG;
+exports.PERMISSIVE_CORS_CONFIG = PERMISSIVE_CORS_CONFIG;
+exports.RATE_LIMIT_CONFIG = RATE_LIMIT_CONFIG;
+exports.RateLimiterBuilder = RateLimiterBuilder;
+exports.STRICT_CORS_CONFIG = STRICT_CORS_CONFIG;
 exports.StatusCode = StatusCode;
 exports.StatusMessage = StatusMessage;
 exports.authenticateApiKey = authenticateApiKey;
 exports.authenticateJWT = authenticateJWT;
 exports.badRequestResponse = badRequestResponse;
+exports.buildConfig = buildConfig;
 exports.buildFilter = buildFilter;
 exports.buildPagination = buildPagination;
 exports.buildPaginationMeta = buildPaginationMeta;
 exports.checkPackageServer = checkPackageServer;
 exports.conflictResponse = conflictResponse;
 exports.connectDB = connectDB;
+exports.corsOptions = corsOptions;
+exports.createApiKeyGenerator = createApiKeyGenerator;
+exports.createApiRateLimiter = createApiRateLimiter;
+exports.createBrandCorsOptions = createBrandCorsOptions;
+exports.createConfig = createConfig;
+exports.createCorsOptions = createCorsOptions;
+exports.createDdosRateLimiter = createDdosRateLimiter;
 exports.createLogger = createLogger;
 exports.createMorganStream = createMorganStream;
+exports.createMultiBrandCorsOptions = createMultiBrandCorsOptions;
+exports.createPrefixedKeyGenerator = createPrefixedKeyGenerator;
+exports.createRateLimiter = createRateLimiter;
+exports.createStandardRateLimiter = createStandardRateLimiter;
+exports.createStrictRateLimiter = createStrictRateLimiter;
+exports.createUserKeyGenerator = createUserKeyGenerator;
 exports.createdResponse = createdResponse;
+exports.ddosProtectionLimiter = ddosProtectionLimiter;
+exports.defaultKeyGenerator = defaultKeyGenerator;
 exports.disconnectDB = disconnectDB;
 exports.errorResponse = errorResponse;
 exports.extractColumns = extractColumns;
@@ -742,6 +1434,10 @@ exports.forbiddenResponse = forbiddenResponse;
 exports.formatPackageCheckResult = formatPackageCheckResult;
 exports.generateNcuCommand = generateNcuCommand;
 exports.getConnectionStatus = getConnectionStatus;
+exports.getDatabaseOptions = getDatabaseOptions;
+exports.isDevelopment = isDevelopment;
+exports.isProduction = isProduction;
+exports.isTest = isTest;
 exports.logger = logger;
 exports.noContentResponse = noContentResponse;
 exports.notFoundResponse = notFoundResponse;
@@ -751,13 +1447,16 @@ exports.packageCheckServer = packageCheckServer;
 exports.pickFields = pickFields;
 exports.printPackageCheckSummary = printPackageCheckSummary;
 exports.rateLimitResponse = rateLimitResponse;
+exports.rateLimiter = rateLimiter;
 exports.requireOrganization = requireOrganization;
 exports.sanitizeDocument = sanitizeDocument;
 exports.sanitizeUser = sanitizeUser;
 exports.simpleLogger = simpleLogger;
+exports.standardRateLimiter = standardRateLimiter;
 exports.statusCode = statusCode;
 exports.statusMessage = statusMessage;
 exports.stream = stream;
+exports.strictRateLimiter = strictRateLimiter;
 exports.successResponse = successResponse;
 exports.successResponseArr = successResponseArr;
 exports.unauthorizedResponse = unauthorizedResponse;