@gzl10/ts-helpers 4.2.1

package/dist/node/validation-crypto.js

@@ -0,0 +1,179 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/node/validation-crypto.ts
+var validation_crypto_exports = {};
+__export(validation_crypto_exports, {
+  escapeShellCommand: () => escapeShellCommand,
+  generateNonce: () => generateNonce,
+  generateSecureToken: () => generateSecureToken,
+  hashString: () => hashString,
+  isSecureUrl: () => isSecureUrl,
+  isValidBase64: () => isValidBase64,
+  isValidJWTFormat: () => isValidJWTFormat,
+  removeDangerousChars: () => removeDangerousChars,
+  sanitizeHtml: () => sanitizeHtml,
+  validatePassword: () => validatePassword
+});
+module.exports = __toCommonJS(validation_crypto_exports);
+var import_crypto = require("crypto");
+var validatePassword = (password, criteria = {}) => {
+  const {
+    minLength = 8,
+    requireUppercase = true,
+    requireLowercase = true,
+    requireNumbers = true,
+    requireSpecialChars = true,
+    maxLength = 128,
+    forbiddenPatterns = []
+  } = criteria;
+  const errors = [];
+  let score = 0;
+  if (password.length < minLength) {
+    errors.push(`La contrase\xF1a debe tener al menos ${minLength} caracteres`);
+  } else {
+    score += 20;
+  }
+  if (password.length > maxLength) {
+    errors.push(`La contrase\xF1a no puede tener m\xE1s de ${maxLength} caracteres`);
+  }
+  if (requireUppercase && !/[A-Z]/.test(password)) {
+    errors.push("La contrase\xF1a debe contener al menos una letra may\xFAscula");
+  } else if (/[A-Z]/.test(password)) {
+    score += 15;
+  }
+  if (requireLowercase && !/[a-z]/.test(password)) {
+    errors.push("La contrase\xF1a debe contener al menos una letra min\xFAscula");
+  } else if (/[a-z]/.test(password)) {
+    score += 15;
+  }
+  if (requireNumbers && !/\d/.test(password)) {
+    errors.push("La contrase\xF1a debe contener al menos un n\xFAmero");
+  } else if (/\d/.test(password)) {
+    score += 15;
+  }
+  if (requireSpecialChars && !/[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/.test(password)) {
+    errors.push("La contrase\xF1a debe contener al menos un caracter especial");
+  } else if (/[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?]/.test(password)) {
+    score += 15;
+  }
+  for (const pattern of forbiddenPatterns) {
+    if (password.toLowerCase().includes(pattern.toLowerCase())) {
+      errors.push(`La contrase\xF1a no puede contener: ${pattern}`);
+    }
+  }
+  if (password.length >= 12) score += 10;
+  if (password.length >= 16) score += 10;
+  if (/(.)\\1{2,}/.test(password)) score -= 10;
+  if (/123|abc|qwe/i.test(password)) score -= 15;
+  score = Math.max(0, Math.min(100, score));
+  let strength;
+  if (score < 30) strength = "weak";
+  else if (score < 60) strength = "fair";
+  else if (score < 80) strength = "good";
+  else strength = "strong";
+  return {
+    isValid: errors.length === 0,
+    errors,
+    strength,
+    score
+  };
+};
+var sanitizeHtml = (html) => {
+  if (!html) return "";
+  let sanitized = html.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, "").replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, "");
+  sanitized = sanitized.replace(/ on\w+="[^"]*"/gi, "");
+  sanitized = sanitized.replace(/ on\w+='[^']*'/gi, "");
+  sanitized = sanitized.replace(/javascript:/gi, "");
+  sanitized = sanitized.replace(/<iframe\b[^<]*(?:(?!<\/iframe>)<[^<]*)*<\/iframe>/gi, "");
+  sanitized = sanitized.replace(/<object\b[^<]*(?:(?!<\/object>)<[^<]*)*<\/object>/gi, "");
+  sanitized = sanitized.replace(/<embed\b[^>]*>/gi, "");
+  return sanitized.trim();
+};
+var isValidJWTFormat = (token) => {
+  if (!token || typeof token !== "string") return false;
+  const parts = token.split(".");
+  if (parts.length !== 3) return false;
+  try {
+    for (const part of parts) {
+      if (!part || !/^[A-Za-z0-9_-]+$/.test(part)) return false;
+      atob(part.replace(/-/g, "+").replace(/_/g, "/"));
+    }
+    return true;
+  } catch {
+    return false;
+  }
+};
+var hashString = (input, salt = "") => {
+  return (0, import_crypto.createHash)("sha256").update(input + salt).digest("hex");
+};
+var generateSecureToken = (length = 32) => {
+  return (0, import_crypto.randomBytes)(length).toString("hex");
+};
+var isValidBase64 = (input) => {
+  if (!input || typeof input !== "string") return false;
+  if (!/^[A-Za-z0-9+/]*={0,2}$/.test(input)) return false;
+  try {
+    const decoded = atob(input);
+    const reencoded = btoa(decoded);
+    return reencoded === input;
+  } catch {
+    return false;
+  }
+};
+var escapeShellCommand = (input) => {
+  if (!input) return "";
+  return input.replace(/\\/g, "\\\\").replace(/'/g, "\\'").replace(/"/g, '\\"').replace(/;/g, "\\;").replace(/&/g, "\\&").replace(/\|/g, "\\|").replace(/`/g, "\\`").replace(/\$/g, "\\$").replace(/\(/g, "\\(").replace(/\)/g, "\\)").replace(/</g, "\\\\<").replace(/>/g, "\\\\>");
+};
+var isSecureUrl = (url) => {
+  if (!url || typeof url !== "string") return false;
+  try {
+    const parsed = new URL(url);
+    return parsed.protocol === "https:" || parsed.protocol === "http:" && (parsed.hostname === "localhost" || parsed.hostname === "127.0.0.1");
+  } catch {
+    return false;
+  }
+};
+var removeDangerousChars = (input, replacement = "") => {
+  if (!input) return "";
+  return input.replace(/[<>]/g, replacement).replace(/['"]/g, replacement).replace(/[&]/g, replacement).replace(/[\\x00-\\x1f\\x7f]/g, replacement);
+};
+var generateNonce = (length = 32) => {
+  const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+  let result = "";
+  const bytes = (0, import_crypto.randomBytes)(length);
+  for (let i = 0; i < length; i++) {
+    result += chars[bytes[i] % chars.length];
+  }
+  return result;
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  escapeShellCommand,
+  generateNonce,
+  generateSecureToken,
+  hashString,
+  isSecureUrl,
+  isValidBase64,
+  isValidJWTFormat,
+  removeDangerousChars,
+  sanitizeHtml,
+  validatePassword
+});
+//# sourceMappingURL=validation-crypto.js.map

package/dist/node/validation-crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/node/validation-crypto.ts"],"sourcesContent":["/**\n * Node.js-specific validation utilities with crypto support\n * Uses Node.js crypto module for secure operations\n */\n\n/* eslint-disable complexity */\n\nimport { createHash, randomBytes } from 'crypto'\n\n// =============================================================================\n// PASSWORD VALIDATION (Node.js with crypto)\n// =============================================================================\n\nexport interface PasswordCriteria {\n  minLength?: number\n  requireUppercase?: boolean\n  requireLowercase?: boolean\n  requireNumbers?: boolean\n  requireSpecialChars?: boolean\n  maxLength?: number\n  forbiddenPatterns?: string[]\n}\n\nexport interface PasswordValidationResult {\n  isValid: boolean\n  errors: string[]\n  strength: 'weak' | 'fair' | 'good' | 'strong'\n  score: number // 0-100\n}\n\nexport const validatePassword = (\n  password: string,\n  criteria: PasswordCriteria = {}\n): PasswordValidationResult => {\n  const {\n    minLength = 8,\n    requireUppercase = true,\n    requireLowercase = true,\n    requireNumbers = true,\n    requireSpecialChars = true,\n    maxLength = 128,\n    forbiddenPatterns = [],\n  } = criteria\n\n  const errors: string[] = []\n  let score = 0\n\n  if (password.length < minLength) {\n    errors.push(`La contraseña debe tener al menos ${minLength} caracteres`)\n  } else {\n    score += 20\n  }\n\n  if (password.length > maxLength) {\n    errors.push(`La contraseña no puede tener más de ${maxLength} caracteres`)\n  }\n\n  if (requireUppercase && !/[A-Z]/.test(password)) {\n    errors.push('La contraseña debe contener al menos una letra mayúscula')\n  } else if (/[A-Z]/.test(password)) {\n    score += 15\n  }\n\n  if (requireLowercase && !/[a-z]/.test(password)) {\n    errors.push('La contraseña debe contener al menos una letra minúscula')\n  } else if (/[a-z]/.test(password)) {\n    score += 15\n  }\n\n  if (requireNumbers && !/\\d/.test(password)) {\n    errors.push('La contraseña debe contener al menos un número')\n  } else if (/\\d/.test(password)) {\n    score += 15\n  }\n\n  if (requireSpecialChars && !/[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/.test(password)) {\n    errors.push('La contraseña debe contener al menos un caracter especial')\n  } else if (/[!@#$%^&*()_+\\-=[\\]{};':\"\\\\|,.<>/?]/.test(password)) {\n    score += 15\n  }\n\n  for (const pattern of forbiddenPatterns) {\n    if (password.toLowerCase().includes(pattern.toLowerCase())) {\n      errors.push(`La contraseña no puede contener: ${pattern}`)\n    }\n  }\n\n  if (password.length >= 12) score += 10\n  if (password.length >= 16) score += 10\n\n  if (/(.)\\\\1{2,}/.test(password)) score -= 10\n  if (/123|abc|qwe/i.test(password)) score -= 15\n\n  score = Math.max(0, Math.min(100, score))\n\n  let strength: 'weak' | 'fair' | 'good' | 'strong'\n  if (score < 30) strength = 'weak'\n  else if (score < 60) strength = 'fair'\n  else if (score < 80) strength = 'good'\n  else strength = 'strong'\n\n  return {\n    isValid: errors.length === 0,\n    errors,\n    strength,\n    score,\n  }\n}\n\n// =============================================================================\n// SECURITY FUNCTIONS (Node.js crypto)\n// =============================================================================\n\nexport const sanitizeHtml = (html: string): string => {\n  if (!html) return ''\n\n  let sanitized = html\n    .replace(/<script\\b[^<]*(?:(?!<\\/script>)<[^<]*)*<\\/script>/gi, '')\n    .replace(/<style\\b[^<]*(?:(?!<\\/style>)<[^<]*)*<\\/style>/gi, '')\n\n  sanitized = sanitized.replace(/ on\\w+=\"[^\"]*\"/gi, '')\n  sanitized = sanitized.replace(/ on\\w+='[^']*'/gi, '')\n  sanitized = sanitized.replace(/javascript:/gi, '')\n  sanitized = sanitized.replace(/<iframe\\b[^<]*(?:(?!<\\/iframe>)<[^<]*)*<\\/iframe>/gi, '')\n  sanitized = sanitized.replace(/<object\\b[^<]*(?:(?!<\\/object>)<[^<]*)*<\\/object>/gi, '')\n  sanitized = sanitized.replace(/<embed\\b[^>]*>/gi, '')\n\n  return sanitized.trim()\n}\n\nexport const isValidJWTFormat = (token: string): boolean => {\n  if (!token || typeof token !== 'string') return false\n\n  const parts = token.split('.')\n  if (parts.length !== 3) return false\n\n  try {\n    for (const part of parts) {\n      if (!part || !/^[A-Za-z0-9_-]+$/.test(part)) return false\n      atob(part.replace(/-/g, '+').replace(/_/g, '/'))\n    }\n    return true\n  } catch {\n    return false\n  }\n}\n\nexport const hashString = (input: string, salt = ''): string => {\n  return createHash('sha256')\n    .update(input + salt)\n    .digest('hex')\n}\n\nexport const generateSecureToken = (length = 32): string => {\n  return randomBytes(length).toString('hex')\n}\n\nexport const isValidBase64 = (input: string): boolean => {\n  if (!input || typeof input !== 'string') return false\n\n  if (!/^[A-Za-z0-9+/]*={0,2}$/.test(input)) return false\n\n  try {\n    const decoded = atob(input)\n    const reencoded = btoa(decoded)\n    return reencoded === input\n  } catch {\n    return false\n  }\n}\n\nexport const escapeShellCommand = (input: string): string => {\n  if (!input) return ''\n\n  return input\n    .replace(/\\\\/g, '\\\\\\\\')\n    .replace(/'/g, \"\\\\'\")\n    .replace(/\"/g, '\\\\\"')\n    .replace(/;/g, '\\\\;')\n    .replace(/&/g, '\\\\&')\n    .replace(/\\|/g, '\\\\|')\n    .replace(/`/g, '\\\\`')\n    .replace(/\\$/g, '\\\\$')\n    .replace(/\\(/g, '\\\\(')\n    .replace(/\\)/g, '\\\\)')\n    .replace(/</g, '\\\\\\\\<')\n    .replace(/>/g, '\\\\\\\\>')\n}\n\nexport const isSecureUrl = (url: string): boolean => {\n  if (!url || typeof url !== 'string') return false\n\n  try {\n    const parsed = new URL(url)\n    return (\n      parsed.protocol === 'https:' ||\n      (parsed.protocol === 'http:' &&\n        (parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1'))\n    )\n  } catch {\n    return false\n  }\n}\n\nexport const removeDangerousChars = (input: string, replacement = ''): string => {\n  if (!input) return ''\n\n  return input\n    .replace(/[<>]/g, replacement)\n    .replace(/['\"]/g, replacement)\n    .replace(/[&]/g, replacement)\n    .replace(/[\\\\x00-\\\\x1f\\\\x7f]/g, replacement)\n}\n\nexport const generateNonce = (length = 32): string => {\n  const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'\n  let result = ''\n\n  const bytes = randomBytes(length)\n  for (let i = 0; i < length; i++) {\n    result += chars[bytes[i] % chars.length]\n  }\n\n  return result\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAOA,oBAAwC;AAuBjC,IAAM,mBAAmB,CAC9B,UACA,WAA6B,CAAC,MACD;AAC7B,QAAM;AAAA,IACJ,YAAY;AAAA,IACZ,mBAAmB;AAAA,IACnB,mBAAmB;AAAA,IACnB,iBAAiB;AAAA,IACjB,sBAAsB;AAAA,IACtB,YAAY;AAAA,IACZ,oBAAoB,CAAC;AAAA,EACvB,IAAI;AAEJ,QAAM,SAAmB,CAAC;AAC1B,MAAI,QAAQ;AAEZ,MAAI,SAAS,SAAS,WAAW;AAC/B,WAAO,KAAK,wCAAqC,SAAS,aAAa;AAAA,EACzE,OAAO;AACL,aAAS;AAAA,EACX;AAEA,MAAI,SAAS,SAAS,WAAW;AAC/B,WAAO,KAAK,6CAAuC,SAAS,aAAa;AAAA,EAC3E;AAEA,MAAI,oBAAoB,CAAC,QAAQ,KAAK,QAAQ,GAAG;AAC/C,WAAO,KAAK,gEAA0D;AAAA,EACxE,WAAW,QAAQ,KAAK,QAAQ,GAAG;AACjC,aAAS;AAAA,EACX;AAEA,MAAI,oBAAoB,CAAC,QAAQ,KAAK,QAAQ,GAAG;AAC/C,WAAO,KAAK,gEAA0D;AAAA,EACxE,WAAW,QAAQ,KAAK,QAAQ,GAAG;AACjC,aAAS;AAAA,EACX;AAEA,MAAI,kBAAkB,CAAC,KAAK,KAAK,QAAQ,GAAG;AAC1C,WAAO,KAAK,sDAAgD;AAAA,EAC9D,WAAW,KAAK,KAAK,QAAQ,GAAG;AAC9B,aAAS;AAAA,EACX;AAEA,MAAI,uBAAuB,CAAC,sCAAsC,KAAK,QAAQ,GAAG;AAChF,WAAO,KAAK,8DAA2D;AAAA,EACzE,WAAW,sCAAsC,KAAK,QAAQ,GAAG;AAC/D,aAAS;AAAA,EACX;AAEA,aAAW,WAAW,mBAAmB;AACvC,QAAI,SAAS,YAAY,EAAE,SAAS,QAAQ,YAAY,CAAC,GAAG;AAC1D,aAAO,KAAK,uCAAoC,OAAO,EAAE;AAAA,IAC3D;AAAA,EACF;AAEA,MAAI,SAAS,UAAU,GAAI,UAAS;AACpC,MAAI,SAAS,UAAU,GAAI,UAAS;AAEpC,MAAI,aAAa,KAAK,QAAQ,EAAG,UAAS;AAC1C,MAAI,eAAe,KAAK,QAAQ,EAAG,UAAS;AAE5C,UAAQ,KAAK,IAAI,GAAG,KAAK,IAAI,KAAK,KAAK,CAAC;AAExC,MAAI;AACJ,MAAI,QAAQ,GAAI,YAAW;AAAA,WAClB,QAAQ,GAAI,YAAW;AAAA,WACvB,QAAQ,GAAI,YAAW;AAAA,MAC3B,YAAW;AAEhB,SAAO;AAAA,IACL,SAAS,OAAO,WAAW;AAAA,IAC3B;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;AAMO,IAAM,eAAe,CAAC,SAAyB;AACpD,MAAI,CAAC,KAAM,QAAO;AAElB,MAAI,YAAY,KACb,QAAQ,uDAAuD,EAAE,EACjE,QAAQ,oDAAoD,EAAE;AAEjE,cAAY,UAAU,QAAQ,oBAAoB,EAAE;AACpD,cAAY,UAAU,QAAQ,oBAAoB,EAAE;AACpD,cAAY,UAAU,QAAQ,iBAAiB,EAAE;AACjD,cAAY,UAAU,QAAQ,uDAAuD,EAAE;AACvF,cAAY,UAAU,QAAQ,uDAAuD,EAAE;AACvF,cAAY,UAAU,QAAQ,oBAAoB,EAAE;AAEpD,SAAO,UAAU,KAAK;AACxB;AAEO,IAAM,mBAAmB,CAAC,UAA2B;AAC1D,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAEhD,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAE/B,MAAI;AACF,eAAW,QAAQ,OAAO;AACxB,UAAI,CAAC,QAAQ,CAAC,mBAAmB,KAAK,IAAI,EAAG,QAAO;AACpD,WAAK,KAAK,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG,CAAC;AAAA,IACjD;AACA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,IAAM,aAAa,CAAC,OAAe,OAAO,OAAe;AAC9D,aAAO,0BAAW,QAAQ,EACvB,OAAO,QAAQ,IAAI,EACnB,OAAO,KAAK;AACjB;AAEO,IAAM,sBAAsB,CAAC,SAAS,OAAe;AAC1D,aAAO,2BAAY,MAAM,EAAE,SAAS,KAAK;AAC3C;AAEO,IAAM,gBAAgB,CAAC,UAA2B;AACvD,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAEhD,MAAI,CAAC,yBAAyB,KAAK,KAAK,EAAG,QAAO;AAElD,MAAI;AACF,UAAM,UAAU,KAAK,KAAK;AAC1B,UAAM,YAAY,KAAK,OAAO;AAC9B,WAAO,cAAc;AAAA,EACvB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,IAAM,qBAAqB,CAAC,UAA0B;AAC3D,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MACJ,QAAQ,OAAO,MAAM,EACrB,QAAQ,MAAM,KAAK,EACnB,QAAQ,MAAM,KAAK,EACnB,QAAQ,MAAM,KAAK,EACnB,QAAQ,MAAM,KAAK,EACnB,QAAQ,OAAO,KAAK,EACpB,QAAQ,MAAM,KAAK,EACnB,QAAQ,OAAO,KAAK,EACpB,QAAQ,OAAO,KAAK,EACpB,QAAQ,OAAO,KAAK,EACpB,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,OAAO;AAC1B;AAEO,IAAM,cAAc,CAAC,QAAyB;AACnD,MAAI,CAAC,OAAO,OAAO,QAAQ,SAAU,QAAO;AAE5C,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,WACE,OAAO,aAAa,YACnB,OAAO,aAAa,YAClB,OAAO,aAAa,eAAe,OAAO,aAAa;AAAA,EAE9D,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEO,IAAM,uBAAuB,CAAC,OAAe,cAAc,OAAe;AAC/E,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO,MACJ,QAAQ,SAAS,WAAW,EAC5B,QAAQ,SAAS,WAAW,EAC5B,QAAQ,QAAQ,WAAW,EAC3B,QAAQ,uBAAuB,WAAW;AAC/C;AAEO,IAAM,gBAAgB,CAAC,SAAS,OAAe;AACpD,QAAM,QAAQ;AACd,MAAI,SAAS;AAEb,QAAM,YAAQ,2BAAY,MAAM;AAChC,WAAS,IAAI,GAAG,IAAI,QAAQ,KAAK;AAC/B,cAAU,MAAM,MAAM,CAAC,IAAI,MAAM,MAAM;AAAA,EACzC;AAEA,SAAO;AACT;","names":[]}