@igxjs/node-components 1.0.11 → 1.0.13

package/README.md

@@ -13,6 +13,7 @@ npm install @igxjs/node-components
 | Component | Description | Documentation |
 |-----------|-------------|---------------|
 | **SessionManager** | SSO session management with Redis/memory storage, supporting both session and token-based authentication | [View docs](./docs/session-manager.md) |
+| **Logger** | High-performance logging utility with zero dependencies and smart color detection | [View docs](./docs/logger.md) |
 | **FlexRouter** | Flexible routing with context paths and middleware | [View docs](./docs/flex-router.md) |
 | **RedisManager** | Redis connection management with TLS support | [View docs](./docs/redis-manager.md) |
 | **JWT Manager** | Secure JWT encryption/decryption with JWE | [View docs](./docs/jwt-manager.md) |
@@ -76,10 +77,11 @@ flexRouter.mount(app, '');
 ```javascript
 import { JwtManager } from '@igxjs/node-components';
 
-const jwt = new JwtManager({ expirationTime: '1h' });
+// Constructor uses UPPERCASE naming with JWT_ prefix
+const jwt = new JwtManager({ SESSION_AGE: 64800000 });
 const SECRET = process.env.JWT_SECRET;
 
-// Create token
+// Create token (encrypt method uses camelCase for per-call options)
 const token = await jwt.encrypt({ userId: '123', email: 'user@example.com' }, SECRET);
 
 // Verify token
@@ -143,7 +145,6 @@ Uses JWT bearer tokens instead of session cookies. When a user authenticates via
 - `SSO_FAILURE_URL`: Redirect URL after failed SSO login  
 - `JWT_ALGORITHM`: JWT algorithm (default: `'dir'`)
 - `JWT_ENCRYPTION`: Encryption algorithm (default: `'A256GCM'`)
-- `JWT_EXPIRATION_TIME`: Token expiration time (default: `'10m'`)
 - `JWT_CLOCK_TOLERANCE`: Clock skew tolerance in seconds (default: 30)
 
 **Auth Methods:**
@@ -154,23 +155,23 @@ Uses JWT bearer tokens instead of session cookies. When a user authenticates via
 
 **Token Storage (Client-Side):**
 
-When using token-based authentication, the client-side HTML page stores the token in `localStorage`:
-
-```html
-<script>
-  // Store auth data in localStorage
-  localStorage.setItem('authToken', ${JSON.stringify(token)});
-  localStorage.setItem('tokenExpiry', ${Date.now() + sessionAge});
-  localStorage.setItem('user', ${JSON.stringify({
-    email: user.email,
-    name: user.name,
-  })});
-  
-  // Redirect to original destination
-  window.location.replace(redirectUrl);
-</script>
+When using token-based authentication, the SSO callback returns an HTML page that stores the token in `localStorage` and redirects the user:
+
+```javascript
+// The token is automatically stored in localStorage by the callback HTML page
+// Default keys (customizable via SESSION_KEY and SESSION_EXPIRY_KEY config):
+localStorage.getItem('session_token');        // JWT token
+localStorage.getItem('session_expires_at');   // Expiry timestamp
+
+// Making authenticated requests from the client:
+const token = localStorage.getItem('session_token');
+fetch('/api/protected', {
+  headers: { 'Authorization': `Bearer ${token}` }
+});
 ```
 
+**Note:** The actual localStorage keys used are determined by the `SESSION_KEY` and `SESSION_EXPIRY_KEY` configuration options (defaults shown above).
+
 ## SessionManager Configuration Options
 
 | Option | Type | Default | Description |
@@ -189,7 +190,6 @@ When using token-based authentication, the client-side HTML page stores the toke
 | `REDIS_CERT_PATH` | string | - | Path to Redis TLS certificate |
 | `JWT_ALGORITHM` | string | `'dir'` | JWT signing algorithm |
 | `JWT_ENCRYPTION` | string | `'A256GCM'` | JWE encryption algorithm |
-| `JWT_EXPIRATION_TIME` | string | `'10m'` | Token expiration duration |
 | `JWT_CLOCK_TOLERANCE` | number | 30 | Clock skew tolerance in seconds |
 | `JWT_SECRET_HASH_ALGORITHM` | string | `'SHA-256'` | Algorithm for hashing secrets |
 | `JWT_ISSUER` | string | - | JWT issuer identifier |

package/components/assets/template.html

@@ -0,0 +1,111 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <title>Sign in IBM Garage</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no,viewport-fit=cover,minimum-scale=1,maximum-scale=1,user-scalable=no">
+    <meta name="robots" content="noindex, nofollow" />
+    <style>
+      :root {
+        --foreground-color-primary: #444;
+        --font-size: 0.8rem;
+        --background-color-primary: #f1f1f199;
+        --gap-global: 0.4rem;
+      }
+      @media (prefers-color-scheme: dark) {
+        :root {
+          --background-color-primary: black;
+          --foreground-color-primary: #bbb;
+        }
+      }
+      html, body {
+        padding: 0px;
+        margin: 0px auto;
+        height: 100%;
+        width: 100%;
+      }
+      body {
+        background-image: radial-gradient(circle at 20% 80%, rgba(255, 140, 140, 0.5), transparent 42%),
+          radial-gradient(circle at 80% 20%, rgba(140, 200, 255, 0.55), transparent 42%),
+          radial-gradient(circle at 40% 40%, rgba(255, 230, 140, 0.45), transparent 32%),
+          linear-gradient(135deg, rgba(160, 120, 240, 0.95), rgba(120, 160, 240, 0.95));
+        background-size: cover;
+        background-repeat: no-repeat;
+        display: flex;
+        align-items: center;
+        justify-content: center;
+        font-family: Verdana, Helvetica, Arial, sans-serif;
+        font-size: var(--font-size);
+        color: var(--foreground-color-primary);
+        flex-flow: column;
+        position: relative;
+        z-index: 10;
+        overflow: hidden;
+      }
+      body::before {
+        background: var(--background-color-primary);
+        content: "";
+        position: absolute;
+        top: 0;
+        left: 0;
+        right: 0;
+        bottom: 0;
+        z-index: -1;
+        backdrop-filter: blur(10px);
+        -webkit-backdrop-filter: blur(10px);
+      }
+      .wrapper {
+        width: 100%;
+        display: flex;
+        align-items: center;
+        justify-content: space-between;
+        box-sizing: border-box;
+        row-gap: var(--gap-global);
+        flex-direction: column;
+        padding: var(--gap-global);
+      }
+      .wrapper #failure {
+        display: none;
+      }
+    </style>
+  </head>
+<body>
+  <hr />
+  <div class="wrapper">
+    <div id="success">Redirecting... <a href="{{SSO_SUCCESS_URL}}" target="_blank" style="color: blue; text-decoration: underline;">(click here if not redirected)</a></div>
+    <div id="failure">
+      <p>Authentication failed. Please try again.</p>
+      <a href="{{SSO_FAILURE_URL}}">Return to login</a>
+    </div>
+  </div>
+  <script>
+  (function() {
+    let success = true;
+
+    // Check localStorage support first
+    if (typeof localStorage !== 'object' || typeof localStorage.setItem !== 'function') {
+      console.warn('localStorage not supported, falling back to session cookie');
+      success = false;
+    }
+
+    try {
+      // Try localStorage first
+      if (localStorage.setItem) {
+        localStorage.setItem('{{SESSION_DATA_KEY}}', '{{SESSION_DATA_VALUE}}');
+        localStorage.setItem('{{SESSION_EXPIRY_KEY}}', '{{SESSION_EXPIRY_VALUE}}');
+      }
+
+      // Fall back to simple navigation
+      location.href = '{{SSO_SUCCESS_URL}}';
+    } catch (e) {
+      console.error('Redirect failed:', e);
+      success = false;
+    }
+
+    if (!success) {
+      document.getElementById('success').style.display = 'none';
+      document.getElementById('failure').style.display = 'block';
+    }
+  })();
+  </script>
+</body>
+</html>

package/components/http-handlers.js

@@ -1,20 +1,11 @@
 import { STATUS_CODES } from 'node:http';
+import { Logger } from './logger.js';
 
-export const httpMessages = {
-  OK: 'OK',
-  CREATED: 'Created',
-  NO_CONTENT: 'No Content',
-  BAD_REQUEST: 'Bad Request',
-  UNAUTHORIZED: 'Unauthorized',
-  FORBIDDEN: 'Forbidden',
-  NOT_FOUND: 'Not Found',
-  NOT_ACCEPTABLE: 'Not Acceptable',
-  CONFLICT: 'Conflict',
-  LOCKED: 'Locked',
-  SYSTEM_FAILURE: 'System Error',
-  NOT_IMPLEMENTED: 'Not Implemented',
-};
+const logger = Logger.getInstance('httpError');
 
+/**
+ * HTTP status codes
+ */
 export const httpCodes = {
   OK: 200,
   CREATED: 201,
@@ -30,23 +21,45 @@ export const httpCodes = {
   NOT_IMPLEMENTED: 501,
 };
 
+/**
+ * HTTP status messages
+ */
+export const httpMessages = {
+  OK: 'OK',
+  CREATED: 'Created',
+  NO_CONTENT: 'No Content',
+  BAD_REQUEST: 'Bad Request',
+  UNAUTHORIZED: 'Unauthorized',
+  FORBIDDEN: 'Forbidden',
+  NOT_FOUND: 'Not Found',
+  NOT_ACCEPTABLE: 'Not Acceptable',
+  CONFLICT: 'Conflict',
+  LOCKED: 'Locked',
+  SYSTEM_FAILURE: 'Internal Server Error',
+  NOT_IMPLEMENTED: 'Not Implemented',
+};
+
+/**
+ * Custom Error class
+ */
 export class CustomError extends Error {
-  /** @type {number} */
-  code;
-  /** @type {object} */
-  data;
-  /** @type {object} */
-  error;
   /**
-   * Construct a custom error
-   * @param {number} code Error code
-   * @param {string} message Message
+   * @param {number} code HTTP status code
+   * @param {string} message Error message
+   * @param {Error} [error] Original error object
+   * @param {object} [data] Additional error data
    */
-  constructor(code, message, error = {}, data = {}) {
+  constructor(code, message, error, data) {
     super(message);
+    this.name = 'CustomError';
     this.code = code;
     this.error = error;
     this.data = data;
+
+    // Maintains proper stack trace for where our error was thrown (only available on V8)
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, CustomError);
+    }
   }
 }
 
@@ -85,21 +98,21 @@ export const httpErrorHandler = (err, req, res, next) => {
   res.status(responseBody.status).json(responseBody);
 
   // Log error details
-  console.error('### ERROR ###');
-  console.error(`${req.method} ${req.path}`);
+  logger.error('### ERROR ###');
+  logger.error(`${req.method} ${req.path}`);
 
   // Log based on error type
   if ([httpCodes.UNAUTHORIZED, httpCodes.FORBIDDEN, httpCodes.NOT_FOUND].includes(err.code)) {
-    console.error('>>> Auth Error:', err.message);
+    logger.error('>>> Auth Error:', err.message);
   } else {
-    console.error('>>> Name:', err.name);
-    console.error('>>> Message:', err.message);
+    logger.error('>>> Name:', err.name);
+    logger.error('>>> Message:', err.message);
     if (err.stack) {
-      console.error('>>> Stack:', err.stack);
+      logger.error('>>> Stack:', err.stack);
     }
   }
 
-  console.error('### /ERROR ###');
+  logger.error('### /ERROR ###');
 };
 
 /**
@@ -177,7 +190,7 @@ export const httpHelper = {
    * @returns {CustomError} Returns CustomError instance
    */
   handleAxiosError(error, defaultMessage = 'An error occurred') {
-    console.warn(`### TRY ERROR: ${defaultMessage} ###`);
+    logger.warn(`### TRY ERROR: ${defaultMessage} ###`);
     // Extract error details
     const errorCode = _getErrorCode(error);
     const errorMessage = _getErrorMessage(error, defaultMessage);
@@ -196,4 +209,4 @@ export const httpHelper = {
  */
 export const httpError = (code, message, error, data) => {
   return new CustomError(code, message, error, data);
-};
+};

package/components/jwt.js

@@ -1,4 +1,4 @@
-import crypto from 'node:crypto';
+import { webcrypto as crypto } from 'node:crypto';
 
 import { jwtDecrypt, EncryptJWT } from 'jose';
 
@@ -13,7 +13,7 @@ export class JwtManager {
   /** @type {string} Encryption method */
   encryption;
   
-  /** @type {string} Token expiration time */
+  /** @type {number} Token expiration time */
   expirationTime;
   
   /** @type {number} Clock tolerance in seconds */
@@ -37,7 +37,7 @@ export class JwtManager {
    * @typedef {Object} JwtManagerOptions JwtManager configuration options
    * @property {string} [JWT_ALGORITHM='dir'] JWE algorithm (default: 'dir')
    * @property {string} [JWT_ENCRYPTION='A256GCM'] Encryption method (default: 'A256GCM')
-   * @property {string} [JWT_EXPIRATION_TIME='10m'] Token expiration time (default: '10m')
+   * @property {number|string} [JWT_EXPIRATION_TIME=64800] Token expiration time - number in seconds (e.g., 64800) or string with time suffix (e.g., '18h', '7d', '1080m') (default: 64800 = 18 hours)
    * @property {string} [JWT_SECRET_HASH_ALGORITHM='SHA-256'] Hash algorithm (default: 'SHA-256')
    * @property {string?} [JWT_ISSUER] Optional JWT issuer claim
    * @property {string?} [JWT_AUDIENCE] Optional JWT audience claim
@@ -48,7 +48,8 @@ export class JwtManager {
   constructor(options = {}) {
     this.algorithm = options.JWT_ALGORITHM || 'dir';
     this.encryption = options.JWT_ENCRYPTION || 'A256GCM';
-    this.expirationTime = options.JWT_EXPIRATION_TIME || '10m';
+    // JWT_EXPIRATION_TIME is in seconds
+    this.expirationTime = options.JWT_EXPIRATION_TIME || 64800;
     this.secretHashAlgorithm = options.JWT_SECRET_HASH_ALGORITHM || 'SHA-256';
     this.issuer = options.JWT_ISSUER;
     this.audience = options.JWT_AUDIENCE;
@@ -62,7 +63,7 @@ export class JwtManager {
    * @typedef {Object} JwtEncryptOptions Encryption method options
    * @property {string} [algorithm='dir'] JWE algorithm (overrides instance JWT_ALGORITHM)
    * @property {string} [encryption='A256GCM'] Encryption method (overrides instance JWT_ENCRYPTION)
-   * @property {string} [expirationTime='10m'] Token expiration time (overrides instance JWT_EXPIRATION_TIME)
+   * @property {number|string} [expirationTime] Token expiration time - number in seconds or string with time suffix like '1h', '30m', '7d' (overrides instance JWT_EXPIRATION_TIME)
    * @property {string} [secretHashAlgorithm='SHA-256'] Hash algorithm for secret derivation (overrides instance JWT_SECRET_HASH_ALGORITHM)
    * @property {string?} [issuer] Optional JWT issuer claim (overrides instance JWT_ISSUER)
    * @property {string?} [audience] Optional JWT audience claim (overrides instance JWT_AUDIENCE)
@@ -90,13 +91,17 @@ export class JwtManager {
       new TextEncoder().encode(secret)
     );
 
+    // Convert number to string with 's' suffix, pass strings directly
+    const expTime = typeof expirationTime === 'number' ? `${expirationTime}s` : expirationTime;
+
     const jwt = new EncryptJWT(data)
       .setProtectedHeader({
         alg: algorithm,
-        enc: encryption
+        enc: encryption,
+        typ: 'JWT',
       })
       .setIssuedAt()
-      .setExpirationTime(expirationTime);
+      .setExpirationTime(expTime); // Accepts: number (as seconds) or string (e.g., '18h', '7d')
 
     // Add optional claims if provided
     if (issuer) jwt.setIssuer(issuer);
@@ -122,7 +127,7 @@ export class JwtManager {
    * @param {string} token JWT token to decrypt
    * @param {string} secret Secret key or password for decryption
    * @param {JwtDecryptOptions} [options] Per-call configuration overrides (camelCase naming convention)
-   * @returns {Promise<import('jose').JWTDecryptResult<import('jose').EncryptJWT>} Returns decrypted JWT token
+   * @returns {Promise<import('jose').JWTDecryptResult>} Returns decrypted JWT token
    */
   async decrypt(token, secret, options = {}) {
     const clockTolerance = options.clockTolerance ?? this.clockTolerance;
@@ -145,4 +150,4 @@ export class JwtManager {
 
     return await jwtDecrypt(token, new Uint8Array(secretHash), decryptOptions);
   }
-}
+}

package/components/logger.js

@@ -0,0 +1,131 @@
+/**
+ * Logger utility for node-components
+ * Provides configurable logging with enable/disable functionality
+ * Uses singleton pattern to manage logger instances per component
+ * 
+ * @example
+ * import { Logger } from './logger.js';
+ * 
+ * // Recommended: Get logger instance (singleton pattern)
+ * const logger = Logger.getInstance('ComponentName');
+ * 
+ * // With explicit enable/disable
+ * const logger = Logger.getInstance('ComponentName', true);  // Always enabled
+ * const logger = Logger.getInstance('ComponentName', false); // Always disabled
+ * 
+ * // Backward compatibility: Constructor still works
+ * const logger = new Logger('ComponentName');
+ * 
+ * // Use logger
+ * logger.info('Operation completed');
+ * logger.error('Error occurred', error);
+ */
+export class Logger {
+  /** @type {Map<string, Logger>} */
+  static #instances = new Map();
+  
+  /** @type {boolean} - Global flag to enable/disable colors */
+  static #colorsEnabled = true;
+  
+  /** ANSI color codes for different log levels */
+  static #colors = {
+    reset: '\x1b[0m',
+    dim: '\x1b[2m',      // debug - dim/gray
+    cyan: '\x1b[36m',    // info - cyan
+    yellow: '\x1b[33m',  // warn - yellow
+    red: '\x1b[31m',     // error - red
+  };
+  
+  /** @type {boolean} */
+  #enabled;
+  /** @type {string} */
+  #prefix;
+  /** @type {boolean} */
+  #useColors;
+
+  /**
+   * Get or create a Logger instance (singleton pattern)
+   * @param {string} componentName Component name for log prefix
+   * @param {boolean} [enableLogging] Enable/disable logging. Defaults to NODE_ENV !== 'production'
+   * @returns {Logger} Logger instance
+   */
+  static getInstance(componentName, enableLogging) {
+    const key = `${componentName}:${enableLogging ?? 'default'}`;
+    
+    if (!Logger.#instances.has(key)) {
+      Logger.#instances.set(key, new Logger(componentName, enableLogging));
+    }
+    
+    return Logger.#instances.get(key);
+  }
+
+  /**
+   * Clear all logger instances (useful for testing)
+   */
+  static clearInstances() {
+    Logger.#instances.clear();
+  }
+
+  /**
+   * Disable colors globally for all logger instances
+   */
+  static disableColors() {
+    Logger.#colorsEnabled = false;
+  }
+
+  /**
+   * Enable colors globally for all logger instances
+   */
+  static enableColors() {
+    Logger.#colorsEnabled = true;
+  }
+
+  /**
+   * Create a new Logger instance
+   * @param {string} componentName Component name for log prefix
+   * @param {boolean} [enableLogging] Enable/disable logging. Defaults to NODE_ENV !== 'production'
+   */
+  constructor(componentName, enableLogging) {
+    // If enableLogging is explicitly set (true/false), use it
+    // Otherwise, default to enabled in development, disabled in production
+    this.#enabled = enableLogging ?? (process.env.NODE_ENV !== 'production');
+    this.#prefix = `[${componentName}]`;
+    
+    // Determine if colors should be used:
+    // - Colors are globally enabled
+    // - Output is a terminal (TTY)
+    // - NO_COLOR environment variable is not set
+    this.#useColors = Logger.#colorsEnabled && 
+                     process.stdout.isTTY && 
+                     !process.env.NO_COLOR;
+    
+    // Assign methods based on enabled flag to eliminate runtime checks
+    // This improves performance by avoiding conditional checks on every log call
+    if (this.#enabled) {
+      const colors = Logger.#colors;
+      
+      if (this.#useColors) {
+        // Logging enabled with colors: colorize the prefix
+        this.debug = (...args) => console.debug(colors.dim + this.#prefix + colors.reset, ...args);
+        this.info = (...args) => console.info(colors.cyan + this.#prefix + colors.reset, ...args);
+        this.warn = (...args) => console.warn(colors.yellow + this.#prefix + colors.reset, ...args);
+        this.error = (...args) => console.error(colors.red + this.#prefix + colors.reset, ...args);
+        this.log = (...args) => console.log(this.#prefix, ...args);
+      } else {
+        // Logging enabled without colors: plain text
+        this.debug = (...args) => console.debug(this.#prefix, ...args);
+        this.info = (...args) => console.info(this.#prefix, ...args);
+        this.warn = (...args) => console.warn(this.#prefix, ...args);
+        this.error = (...args) => console.error(this.#prefix, ...args);
+        this.log = (...args) => console.log(this.#prefix, ...args);
+      }
+    } else {
+      // Logging disabled: assign no-op functions that do nothing
+      this.debug = () => {};
+      this.info = () => {};
+      this.warn = () => {};
+      this.error = () => {};
+      this.log = () => {};
+    }
+  }
+}

package/components/redis.js

@@ -1,42 +1,67 @@
 import fs from 'node:fs';
 
 import { createClient } from '@redis/client';
+import { Logger } from './logger.js';
 
 export class RedisManager {
+  /** @type {Logger} */
+  #logger = Logger.getInstance('RedisManager');
+
   /** @type {import('@redis/client').RedisClientType} */
   #client = null;
   /**
    * Connect with Redis
+   * @param {string} redisUrl Redis connection URL
+   * @param {string} certPath Path to TLS certificate (required when using rediss:// protocol)
    * @returns {Promise<boolean>} Returns `true` if Redis server is connected
+   * @throws {TypeError} If redisUrl is not a string
+   * @throws {Error} If TLS is enabled but certPath is invalid
    */
   async connect(redisUrl, certPath) {
     if (redisUrl?.length > 0) {
       try {
+        // Validate redisUrl is a string
+        if (typeof redisUrl !== 'string') {
+          throw new TypeError(`Invalid redisUrl: expected string but received ${typeof redisUrl}`);
+        }
+
         /** @type {import('@redis/client').RedisClientOptions} */
         const options = {
           url: redisUrl,
           socket: { tls: redisUrl.includes('rediss:'), ca: null },
         };
-        if(options.socket.tls) {
+
+        if (options.socket.tls) {
+          // Validate certPath when TLS is enabled
+          if (!certPath || typeof certPath !== 'string') {
+            throw new Error('TLS certificate path is required when using rediss:// protocol');
+          }
+
+          if (!fs.existsSync(certPath)) {
+            throw new Error(`TLS certificate file not found at path: ${certPath}`);
+          }
+
           const caCert = fs.readFileSync(certPath);
           options.socket.ca = caCert;
         }
         this.#client = createClient(options);
+        this.#logger.info('### REDIS CONNECTING ###');
         this.#client.on('ready', () => {
-          console.info('### REDIS READY ###');
+          this.#logger.info('### REDIS READY ###');
         });
         this.#client.on('reconnecting', (_res) => {
-          console.warn('### REDIS RECONNECTING ###');
+          this.#logger.warn('### REDIS RECONNECTING ###');
         });
         this.#client.on('error', (error) => {
-          console.error(`### REDIS ERROR: ${error.message} ###`);
+          this.#logger.error(`### REDIS ERROR: ${error.message} ###`);
         });
         await this.#client.connect();
+        this.#logger.info('### REDIS CONNECTED SUCCESSFULLY ###');
         return true;
       }
       catch (error) {
-        console.error('### REDIS CONNECT ERROR ###');
-        console.error(error);
+        this.#logger.error('### REDIS CONNECT ERROR ###', error);
+        return false;
       }
     }
     return false;
@@ -60,8 +85,8 @@ export class RedisManager {
         const pongMessage = await this.#client.ping();
         return 'PONG' === pongMessage;
       } catch (error) {
-        console.error(`### REDIS PING ERROR ###`);
-        console.error(error);
+        this.#logger.error(`### REDIS PING ERROR: ${error.message} ###`);
+        return false;
       }
     return false;
   }
@@ -70,7 +95,9 @@ export class RedisManager {
    * Disconnect with Redis
    * @returns {Promise<void>} Returns nothing
    */
-  disConnect() {
-    return this.#client.quit();
+  async disconnect() {
+    this.#logger.info('### REDIS DISCONNECTING ###');
+    await this.#client.quit();
+    this.#logger.info('### REDIS DISCONNECTED ###');
   }
-}
+}

package/components/router.js

@@ -43,11 +43,23 @@ export class FlexRouter {
   }
 
   /**
-   * Mount router
+   * Mount router to Express application
    * @param {import('@types/express').Express} app Express app
    * @param {string} basePath Base path
+   * @throws {TypeError} If app is not a valid Express instance
+   * @throws {TypeError} If basePath is not a string
    */
   mount(app, basePath) {
+    // Validate app is an Express instance (has 'use' method)
+    if (!app || typeof app.use !== 'function') {
+      throw new TypeError('Invalid Express app: app must be an Express application instance with a "use" method');
+    }
+
+    // Validate basePath is a string
+    if (typeof basePath !== 'string') {
+      throw new TypeError(`Invalid basePath: expected string but received ${typeof basePath}`);
+    }
+
     const path = basePath.concat(this.context);
     app.use(path, this.handlers, this.router);
   }