@naman_deep_singh/security 1.6.0 → 1.7.0

package/dist/cjs/core/crypto/cryptoManager.js

@@ -1,208 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.cryptoManager = exports.createCryptoManager = exports.CryptoManager = void 0;
-const errors_1 = require("@naman_deep_singh/errors");
-const index_1 = require("./index");
-/**
- * Default configuration
- */
-const DEFAULT_CONFIG = {
-    defaultAlgorithm: 'aes-256-gcm',
-    defaultEncoding: 'utf8',
-    hmacAlgorithm: 'sha256',
-};
-/**
- * CryptoManager - Class-based wrapper for all cryptographic operations
- * Provides a consistent interface for encryption, decryption, HMAC generation, and secure random generation
- */
-class CryptoManager {
-    constructor(config = {}) {
-        this.config = { ...DEFAULT_CONFIG, ...config };
-    }
-    /**
-     * Update configuration
-     */
-    updateConfig(config) {
-        this.config = { ...this.config, ...config };
-    }
-    /**
-     * Get current configuration
-     */
-    getConfig() {
-        return { ...this.config };
-    }
-    /**
-     * Encrypt data using the default or specified algorithm
-     */
-    encrypt(plaintext, key, _options) {
-        try {
-            return (0, index_1.encrypt)(plaintext, key);
-        }
-        catch (error) {
-            throw new errors_1.CryptoIntegrityError({
-                reason: 'Encryption failed',
-            }, error instanceof Error ? error : undefined);
-        }
-    }
-    /**
-     * Decrypt data using the default or specified algorithm
-     */
-    decrypt(encryptedData, key, _options) {
-        try {
-            return (0, index_1.decrypt)(encryptedData, key);
-        }
-        catch (error) {
-            throw new errors_1.CryptoIntegrityError({
-                reason: 'Decryption failed',
-            }, error instanceof Error ? error : undefined);
-        }
-    }
-    /**
-     * Generate HMAC signature
-     */
-    generateHmac(data, secret, _options) {
-        // Use the basic HMAC sign function for now
-        // TODO: Add support for different algorithms
-        return (0, index_1.hmacSign)(data, secret);
-    }
-    /**
-     * Generate cryptographically secure random bytes
-     */
-    generateSecureRandom(length, _encoding = 'hex') {
-        // Use the basic random token function
-        return (0, index_1.randomToken)(length);
-    }
-    /**
-     * Verify HMAC signature
-     */
-    verifyHmac(data, secret, signature, _options) {
-        // Use the basic HMAC verify function
-        return (0, index_1.hmacVerify)(data, secret, signature);
-    }
-    /**
-     * Create a key derivation function using PBKDF2
-     */
-    deriveKey(password, salt, iterations = 100000, keyLength = 32) {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            crypto.pbkdf2(password, salt, iterations, keyLength, 'sha256', (error, derivedKey) => {
-                if (error) {
-                    reject(new errors_1.CryptoIntegrityError({
-                        reason: 'Key derivation failed',
-                    }, error instanceof Error ? error : undefined));
-                }
-                else {
-                    resolve(derivedKey.toString('hex'));
-                }
-            });
-        });
-    }
-    /**
-     * Hash data using SHA-256
-     */
-    sha256(data, encoding = 'hex') {
-        const crypto = require('crypto');
-        return crypto.createHash('sha256').update(data).digest(encoding);
-    }
-    /**
-     * Hash data using SHA-512
-     */
-    sha512(data, encoding = 'hex') {
-        const crypto = require('crypto');
-        return crypto.createHash('sha512').update(data).digest(encoding);
-    }
-    /**
-     * Generate a secure key pair for asymmetric encryption
-     */
-    generateKeyPair(options) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const keyPair = crypto.generateKeyPairSync('rsa', {
-                modulusLength: options?.modulusLength || 2048,
-                publicKeyEncoding: options?.publicKeyEncoding || {
-                    type: 'spki',
-                    format: 'pem',
-                },
-                privateKeyEncoding: options?.privateKeyEncoding || {
-                    type: 'pkcs8',
-                    format: 'pem',
-                },
-            });
-            resolve(keyPair);
-        });
-    }
-    /**
-     * Encrypt data using RSA public key
-     */
-    rsaEncrypt(data, publicKey) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const buffer = Buffer.from(data, 'utf8');
-            const encrypted = crypto.publicEncrypt(publicKey, buffer);
-            resolve(encrypted.toString('base64'));
-        });
-    }
-    /**
-     * Decrypt data using RSA private key
-     */
-    rsaDecrypt(encryptedData, privateKey) {
-        return new Promise((resolve, _reject) => {
-            const crypto = require('crypto');
-            const buffer = Buffer.from(encryptedData, 'base64');
-            const decrypted = crypto.privateDecrypt(privateKey, buffer);
-            resolve(decrypted.toString('utf8'));
-        });
-    }
-    /**
-     * Create digital signature using RSA private key
-     */
-    rsaSign(data, privateKey, algorithm = 'sha256') {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            try {
-                const sign = crypto.createSign(algorithm);
-                sign.update(data);
-                sign.end();
-                const signature = sign.sign(privateKey, 'base64');
-                resolve(signature);
-            }
-            catch (error) {
-                reject(new errors_1.CryptoIntegrityError({
-                    reason: 'RSA signing failed',
-                }, error instanceof Error ? error : undefined));
-            }
-        });
-    }
-    /**
-     * Verify digital signature using RSA public key
-     */
-    rsaVerify(data, signature, publicKey, algorithm = 'sha256') {
-        return new Promise((resolve, reject) => {
-            const crypto = require('crypto');
-            try {
-                const verify = crypto.createVerify(algorithm);
-                verify.update(data);
-                verify.end();
-                const isValid = verify.verify(publicKey, signature, 'base64');
-                resolve(isValid);
-            }
-            catch (error) {
-                reject(new errors_1.CryptoIntegrityError({
-                    reason: 'RSA verification failed',
-                }, error instanceof Error ? error : undefined));
-            }
-        });
-    }
-}
-exports.CryptoManager = CryptoManager;
-/**
- * Create a CryptoManager instance with default configuration
- */
-const createCryptoManager = (config) => {
-    return new CryptoManager(config);
-};
-exports.createCryptoManager = createCryptoManager;
-/**
- * Default CryptoManager instance
- */
-exports.cryptoManager = new CryptoManager();

package/dist/cjs/core/crypto/decrypt.d.ts

@@ -1 +0,0 @@
-export declare const decrypt: (data: string, secret: string) => string;

package/dist/cjs/core/crypto/encrypt.d.ts

@@ -1 +0,0 @@
-export declare const encrypt: (text: string, secret: string) => string;

package/dist/cjs/core/crypto/hmac.d.ts

@@ -1,8 +0,0 @@
-/**
- * Sign message using HMAC SHA-256
- */
-export declare const hmacSign: (message: string, secret: string) => string;
-/**
- * Verify HMAC signature
- */
-export declare const hmacVerify: (message: string, secret: string, signature: string) => boolean;

package/dist/cjs/core/crypto/index.d.ts

@@ -1,5 +0,0 @@
-export { decrypt } from './decrypt';
-export { encrypt } from './encrypt';
-export { hmacSign, hmacVerify } from './hmac';
-export { randomToken, generateStrongPassword } from './random';
-export * from './cryptoManager';

package/dist/cjs/core/crypto/random.d.ts

@@ -1,8 +0,0 @@
-/**
- * Generate cryptographically secure random string
- */
-export declare const randomToken: (length?: number) => string;
-/**
- * Generate a strong random password
- */
-export declare const generateStrongPassword: (length?: number) => string;

package/dist/cjs/core/jwt/decode.d.ts

@@ -1,12 +0,0 @@
-import { type JwtPayload } from 'jsonwebtoken';
-/**
- * Flexible decode
- * Returns: null | string | JwtPayload
- * Mirrors jsonwebtoken.decode()
- */
-export declare function decodeToken(token: string): null | string | JwtPayload;
-/**
- * Strict decode
- * Always returns JwtPayload or throws error
- */
-export declare function decodeTokenStrict(token: string): JwtPayload;

package/dist/cjs/core/jwt/extractToken.d.ts

@@ -1,11 +0,0 @@
-export interface TokenSources {
-    header?: string | undefined | null;
-    cookies?: Record<string, string> | undefined;
-    query?: Record<string, string | undefined> | undefined;
-    body?: Record<string, unknown> | undefined;
-    wsMessage?: string | Record<string, unknown> | undefined;
-}
-/**
- * Universal token extractor
- */
-export declare function extractToken(sources: TokenSources): string | null;

package/dist/cjs/core/jwt/generateTokens.d.ts

@@ -1,4 +0,0 @@
-import type { Secret } from 'jsonwebtoken';
-import type { RefreshToken, TokenPair } from './types';
-export declare const generateTokens: (payload: Record<string, unknown>, accessSecret: Secret, refreshSecret: Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => TokenPair;
-export declare function rotateRefreshToken(oldToken: string, secret: Secret): RefreshToken;

package/dist/cjs/core/jwt/index.d.ts

@@ -1,8 +0,0 @@
-export * from './decode';
-export * from './extractToken';
-export * from './generateTokens';
-export * from './parseDuration';
-export * from './signToken';
-export * from './types';
-export * from './validateToken';
-export * from './verify';

package/dist/cjs/core/jwt/jwtManager.d.ts

@@ -1,43 +0,0 @@
-import { type JwtPayload, type Secret } from 'jsonwebtoken';
-import type { AccessToken, ITokenManager, JWTConfig, RefreshToken, TokenPair } from '../../interfaces/jwt.interface';
-export declare class JWTManager implements ITokenManager {
-    private accessSecret;
-    private refreshSecret;
-    private accessExpiry;
-    private refreshExpiry;
-    private cache?;
-    private cacheTTL;
-    constructor(config: JWTConfig);
-    /** Generate both access and refresh tokens */
-    generateTokens(payload: Record<string, unknown>): Promise<TokenPair>;
-    /** Generate access token */
-    generateAccessToken(payload: Record<string, unknown>): Promise<AccessToken>;
-    /** Generate refresh token */
-    generateRefreshToken(payload: Record<string, unknown>): Promise<RefreshToken>;
-    /** Verify access token */
-    verifyAccessToken(token: string): Promise<JwtPayload>;
-    /** Verify refresh token */
-    verifyRefreshToken(token: string): Promise<JwtPayload>;
-    /** Decode token without verification */
-    decodeToken(token: string, complete?: boolean): JwtPayload | string | null;
-    /** Extract token from Authorization header */
-    extractTokenFromHeader(authHeader: string): string | null;
-    /** Validate token without throwing exceptions */
-    validateToken(token: string, secret: Secret): boolean;
-    /** Rotate refresh token */
-    rotateRefreshToken(oldToken: string): Promise<RefreshToken>;
-    /** Check if token is expired */
-    isTokenExpired(token: string): boolean;
-    /** Get token expiration date */
-    getTokenExpiration(token: string): Date | null;
-    /** Clear token cache */
-    clearCache(): void;
-    /** Get cache statistics */
-    getCacheStats(): {
-        size: number;
-        maxSize: number;
-    } | null;
-    /** Private helper methods */
-    private validatePayload;
-    private verifyTokenWithCache;
-}

package/dist/cjs/core/jwt/parseDuration.d.ts

@@ -1 +0,0 @@
-export declare function parseDuration(input: string | number): number;

package/dist/cjs/core/jwt/signToken.d.ts

@@ -1,2 +0,0 @@
-import { type Secret, type SignOptions } from 'jsonwebtoken';
-export declare const signToken: (payload: Record<string, unknown>, secret: Secret, expiresIn?: string | number, options?: SignOptions) => string;

package/dist/cjs/core/jwt/types.d.ts

@@ -1,22 +0,0 @@
-import type { JwtPayload } from 'jsonwebtoken';
-export interface AccessTokenBrand {
-    readonly access: unique symbol;
-}
-export interface RefreshTokenBrand {
-    readonly refresh: unique symbol;
-}
-export type AccessToken = string & AccessTokenBrand;
-export type RefreshToken = string & RefreshTokenBrand;
-export interface TokenPair {
-    accessToken: AccessToken;
-    refreshToken: RefreshToken;
-}
-export interface VerificationResult<T = JwtPayload> {
-    valid: boolean;
-    payload?: T | string;
-    error?: Error;
-}
-export interface TokenValidationOptions {
-    ignoreExpiration?: boolean;
-    ignoreIssuedAt?: boolean;
-}

package/dist/cjs/core/jwt/validateToken.d.ts

@@ -1,16 +0,0 @@
-import type { JwtPayload } from 'jsonwebtoken';
-export interface TokenRequirements {
-    requiredFields?: string[];
-    forbiddenFields?: string[];
-    validateTypes?: Record<string, 'string' | 'number' | 'boolean'>;
-}
-/**
- * Validates a JWT payload according to the provided rules.
- * Throws ValidationError if validation fails.
- */
-export declare function validateTokenPayload(payload: Record<string, unknown>, rules?: TokenRequirements): void;
-/**
- * Checks if a JWT payload is expired.
- * Returns true if expired or missing 'exp'.
- */
-export declare function isTokenExpired(payload: JwtPayload): boolean;

package/dist/cjs/core/jwt/verify.d.ts

@@ -1,18 +0,0 @@
-import { type JwtPayload, type Secret, type VerifyOptions } from 'jsonwebtoken';
-import type { VerificationResult } from './types';
-/**
- * Verify token (throws UnauthorizedError if invalid or expired)
- */
-export declare const verifyToken: (token: string, secret: Secret) => string | JwtPayload;
-/**
- * Verify token with options
- */
-export declare const verifyTokenWithOptions: (token: string, secret: Secret, options?: VerifyOptions) => string | JwtPayload;
-/**
- * Safe verify — never throws, returns structured result with UnauthorizedError on failure
- */
-export declare const safeVerifyToken: (token: string, secret: Secret) => VerificationResult;
-/**
- * Safe verify with options — never throws, returns structured result with UnauthorizedError on failure
- */
-export declare const safeVerifyTokenWithOptions: (token: string, secret: Secret, options?: VerifyOptions) => VerificationResult;

package/dist/cjs/core/password/hash.d.ts

@@ -1,10 +0,0 @@
-/**
- * Hash a password asynchronously using bcrypt.
- */
-export declare const hashPassword: (password: string, saltRounds?: number) => Promise<string>;
-export declare function hashPasswordWithPepper(password: string, pepper: string): Promise<string>;
-/**
- * Hash a password synchronously using bcrypt.
- */
-export declare const hashPasswordSync: (password: string, saltRounds?: number) => string;
-export declare function hashPasswordWithPepperSync(password: string, pepper: string): string;

package/dist/cjs/core/password/index.d.ts

@@ -1,3 +0,0 @@
-export * from './hash';
-export * from './strength';
-export * from './verify';

package/dist/cjs/core/password/passwordManager.d.ts

@@ -1,29 +0,0 @@
-import type { HashedPassword, IPasswordManager, PasswordConfig, PasswordStrength, PasswordValidationResult } from '../../interfaces/password.interface';
-export declare class PasswordManager implements IPasswordManager {
-    private defaultConfig;
-    constructor(config?: PasswordConfig);
-    /**
-     * Hash a password asynchronously using bcrypt
-     */
-    hash(password: string, salt?: string): Promise<HashedPassword>;
-    /**
-     * Verify password against hash and salt
-     */
-    verify(password: string, hash: string, salt: string): Promise<boolean>;
-    /**
-     * Generate a random password
-     */
-    generate(length?: number, options?: PasswordConfig): string;
-    /**
-     * Validate password against configuration
-     */
-    validate(password: string, config?: PasswordConfig): PasswordValidationResult;
-    /**
-     * Check password strength
-     */
-    checkStrength(password: string): PasswordStrength;
-    /**
-     * Check if password hash needs upgrade (saltRounds change)
-     */
-    needsUpgrade(_hash: string, _currentConfig: PasswordConfig): boolean;
-}

package/dist/cjs/core/password/strength.d.ts

@@ -1,2 +0,0 @@
-import type { PasswordStrengthOptions } from './types';
-export declare const isPasswordStrong: (password: string, options?: PasswordStrengthOptions) => boolean;

package/dist/cjs/core/password/types.d.ts

@@ -1,7 +0,0 @@
-export interface PasswordStrengthOptions {
-    minLength?: number;
-    requireUppercase?: boolean;
-    requireLowercase?: boolean;
-    requireNumbers?: boolean;
-    requireSymbols?: boolean;
-}

package/dist/cjs/core/password/utils.d.ts

@@ -1,16 +0,0 @@
-/**
- * Ensure password is a valid non-empty string
- */
-export declare function ensureValidPassword(password: string): void;
-/**
- * Timing-safe comparison between two strings
- */
-export declare function safeCompare(a: string, b: string): boolean;
-/**
- * Estimate password entropy based on character pool
- */
-export declare function estimatePasswordEntropy(password: string): number;
-/**
- * Normalize password string to a consistent form
- */
-export declare function normalizePassword(password: string): string;

package/dist/cjs/core/password/verify.d.ts

@@ -1,10 +0,0 @@
-/**
- * Compare a password with a stored hash asynchronously.
- */
-export declare const verifyPassword: (password: string, hash: string) => Promise<boolean>;
-export declare function verifyPasswordWithPepper(password: string, pepper: string, hash: string): Promise<boolean>;
-/**
- * Compare a password with a stored hash synchronously.
- */
-export declare const verifyPasswordSync: (password: string, hash: string) => boolean;
-export declare function verifyPasswordWithPepperSync(password: string, pepper: string, hash: string): Promise<boolean>;

package/dist/cjs/index.d.ts

@@ -1,40 +0,0 @@
-export * from './core/password';
-export * from './core/jwt';
-export * from './core/crypto';
-export { BadRequestError, UnauthorizedError, ValidationError, InternalServerError, } from '@naman_deep_singh/errors';
-import * as CryptoUtils from './core/crypto';
-import * as JWTUtils from './core/jwt';
-declare const _default: {
-    decrypt: (data: string, secret: string) => string;
-    encrypt: (text: string, secret: string) => string;
-    hmacSign: (message: string, secret: string) => string;
-    hmacVerify: (message: string, secret: string, signature: string) => boolean;
-    randomToken: (length?: number) => string;
-    generateStrongPassword: (length?: number) => string;
-    CryptoManager: typeof CryptoUtils.CryptoManager;
-    createCryptoManager: (config?: CryptoUtils.CryptoManagerConfig) => CryptoUtils.CryptoManager;
-    cryptoManager: CryptoUtils.CryptoManager;
-    decodeToken(token: string): null | string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    decodeTokenStrict(token: string): import("node_modules/@types/jsonwebtoken").JwtPayload;
-    extractToken(sources: JWTUtils.TokenSources): string | null;
-    rotateRefreshToken(oldToken: string, secret: import("node_modules/@types/jsonwebtoken").Secret): JWTUtils.RefreshToken;
-    generateTokens: (payload: Record<string, unknown>, accessSecret: import("node_modules/@types/jsonwebtoken").Secret, refreshSecret: import("node_modules/@types/jsonwebtoken").Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => JWTUtils.TokenPair;
-    parseDuration(input: string | number): number;
-    signToken: (payload: Record<string, unknown>, secret: import("node_modules/@types/jsonwebtoken").Secret, expiresIn?: string | number, options?: import("node_modules/@types/jsonwebtoken").SignOptions) => string;
-    validateTokenPayload(payload: Record<string, unknown>, rules?: JWTUtils.TokenRequirements): void;
-    isTokenExpired(payload: import("node_modules/@types/jsonwebtoken").JwtPayload): boolean;
-    verifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    verifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    safeVerifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => JWTUtils.VerificationResult;
-    safeVerifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => JWTUtils.VerificationResult;
-    hashPasswordWithPepper(password: string, pepper: string): Promise<string>;
-    hashPasswordWithPepperSync(password: string, pepper: string): string;
-    hashPassword: (password: string, saltRounds?: number) => Promise<string>;
-    hashPasswordSync: (password: string, saltRounds?: number) => string;
-    isPasswordStrong: (password: string, options?: import("./core/password/types").PasswordStrengthOptions) => boolean;
-    verifyPasswordWithPepper(password: string, pepper: string, hash: string): Promise<boolean>;
-    verifyPasswordWithPepperSync(password: string, pepper: string, hash: string): Promise<boolean>;
-    verifyPassword: (password: string, hash: string) => Promise<boolean>;
-    verifyPasswordSync: (password: string, hash: string) => boolean;
-};
-export default _default;

package/dist/cjs/interfaces/jwt.interface.d.ts

@@ -1,47 +0,0 @@
-import type { JwtPayload, Secret } from 'jsonwebtoken';
-export interface AccessToken extends String {
-    readonly __type: 'AccessToken';
-}
-export interface RefreshToken extends String {
-    readonly __type: 'RefreshToken';
-}
-export interface TokenPair {
-    accessToken: AccessToken;
-    refreshToken: RefreshToken;
-}
-export interface JWTConfig {
-    accessSecret: Secret;
-    refreshSecret: Secret;
-    accessExpiry?: string | number;
-    refreshExpiry?: string | number;
-    enableCaching?: boolean;
-    maxCacheSize?: number;
-}
-export interface TokenValidationOptions {
-    ignoreExpiration?: boolean;
-    ignoreNotBefore?: boolean;
-    audience?: string | string[];
-    issuer?: string;
-    algorithms?: string[];
-}
-export interface TokenGenerationOptions {
-    algorithm?: string;
-    expiresIn?: string | number;
-    audience?: string | string[];
-    issuer?: string;
-    subject?: string;
-    kid?: string;
-}
-export interface ITokenManager {
-    generateTokens(payload: Record<string, unknown>): Promise<TokenPair>;
-    generateAccessToken(payload: Record<string, unknown>): Promise<AccessToken>;
-    generateRefreshToken(payload: Record<string, unknown>): Promise<RefreshToken>;
-    verifyAccessToken(token: string): Promise<JwtPayload | string>;
-    verifyRefreshToken(token: string): Promise<JwtPayload | string>;
-    decodeToken(token: string, complete?: boolean): JwtPayload | string | null;
-    extractTokenFromHeader(authHeader: string): string | null;
-    validateToken(token: string, secret: Secret, options?: TokenValidationOptions): boolean;
-    rotateRefreshToken(oldToken: string): Promise<RefreshToken>;
-    isTokenExpired(token: string): boolean;
-    getTokenExpiration(token: string): Date | null;
-}

package/dist/cjs/interfaces/password.interface.d.ts

@@ -1,60 +0,0 @@
-export interface PasswordConfig {
-    saltRounds?: number;
-    minLength?: number;
-    maxLength?: number;
-    requireUppercase?: boolean;
-    requireLowercase?: boolean;
-    requireNumbers?: boolean;
-    requireSpecialChars?: boolean;
-    customRules?: PasswordRule[];
-}
-export interface PasswordRule {
-    test: (password: string) => boolean;
-    message: string;
-}
-export interface PasswordStrength {
-    score: number;
-    label: 'very-weak' | 'weak' | 'fair' | 'good' | 'strong';
-    feedback: string[];
-    suggestions: string[];
-}
-export interface PasswordValidationResult {
-    isValid: boolean;
-    errors: string[];
-    strength: PasswordStrength;
-}
-export interface HashedPassword {
-    hash: string;
-    salt: string;
-}
-export interface IPasswordManager {
-    hash(password: string, salt?: string): Promise<HashedPassword>;
-    verify(password: string, hash: string, salt: string): Promise<boolean>;
-    generate(length?: number, options?: PasswordConfig): string;
-    validate(password: string, config?: PasswordConfig): PasswordValidationResult;
-    checkStrength(password: string): PasswordStrength;
-    needsUpgrade(hash: string, currentConfig: PasswordConfig): boolean;
-}
-export interface IPasswordStrengthChecker {
-    analyze(password: string): PasswordStrength;
-    checkLength(password: string): {
-        valid: boolean;
-        message: string;
-    };
-    checkComplexity(password: string, config: PasswordConfig): {
-        valid: boolean;
-        message: string;
-    }[];
-    checkCommonPasswords(password: string): {
-        valid: boolean;
-        message: string;
-    };
-    checkSequential(password: string): {
-        valid: boolean;
-        message: string;
-    };
-    checkRepetition(password: string): {
-        valid: boolean;
-        message: string;
-    };
-}