@nauth-toolkit/core 0.1.13 → 0.1.17

package/dist/utils/ip-extractor.js

@@ -1,29 +1,76 @@
 "use strict";
+/**
+ * IP Address Extractor
+ *
+ * Extracts the real client IP address from requests, handling:
+ * - Direct connections
+ * - Reverse proxies (Nginx, Apache)
+ * - Load balancers (AWS ALB/NLB, GCP, Azure)
+ * - CDNs (Cloudflare, Fastly, Akamai)
+ *
+ * **Priority Order:**
+ * 1. X-Forwarded-For (standard proxy header)
+ * 2. CF-Connecting-IP (Cloudflare)
+ * 3. X-Real-IP (Nginx proxy)
+ * 4. X-Client-IP (Apache, other proxies)
+ * 5. Fastly-Client-IP (Fastly CDN)
+ * 6. Akamai-Origin-Hop (Akamai CDN)
+ * 7. req.ip (NestJS/Express default)
+ * 8. req.socket.remoteAddress (fallback)
+ *
+ * **Security:**
+ * - Handles multiple proxies (takes leftmost IP)
+ * - Validates IP format
+ * - Filters private/internal IPs (optional)
+ * - Prevents IP spoofing
+ *
+ * @example
+ * ```typescript
+ * import { extractClientIp } from '@nauth-toolkit/core/utils';
+ *
+ * @Post('login')
+ * async login(@Req() req: Request) {
+ *   const ipAddress = extractClientIp(req);
+ *   logger.debug('Client IP:', ipAddress); // Real client IP
+ * }
+ * ```
+ */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.extractClientIp = extractClientIp;
 exports.isPrivateIp = isPrivateIp;
 exports.getIpGeolocation = getIpGeolocation;
+/**
+ * Extracts the real client IP address from an HTTP request
+ *
+ * @param req - Express Request object
+ * @param options - Optional configuration
+ * @returns The client's IP address, or '0.0.0.0' if unable to determine
+ */
 function extractClientIp(req, options = {}) {
     const { filterPrivateIps = false, useLeftmostIp = true } = options;
+    // Priority order of headers to check
     const headers = [
-        'x-forwarded-for',
-        'cf-connecting-ip',
-        'x-real-ip',
-        'x-client-ip',
-        'fastly-client-ip',
-        'akamai-origin-hop',
-        'true-client-ip',
-        'x-original-forwarded-for',
+        'x-forwarded-for', // Standard proxy header (comma-separated)
+        'cf-connecting-ip', // Cloudflare
+        'x-real-ip', // Nginx
+        'x-client-ip', // Apache, other proxies
+        'fastly-client-ip', // Fastly CDN
+        'akamai-origin-hop', // Akamai CDN
+        'true-client-ip', // Cloudflare Enterprise
+        'x-original-forwarded-for', // AWS ALB
     ];
+    // Ensure headers object exists
     const reqHeaders = req.headers || {};
+    // Try each header in priority order
     for (const header of headers) {
+        // Try multiple case variations
         const variations = [
-            header,
-            header.toUpperCase(),
+            header, // lowercase: x-forwarded-for
+            header.toUpperCase(), // uppercase: X-FORWARDED-FOR
             header
                 .split('-')
                 .map((part) => part.charAt(0).toUpperCase() + part.slice(1))
-                .join('-'),
+                .join('-'), // PascalCase: X-Forwarded-For
         ];
         let value = null;
         for (const variant of variations) {
@@ -37,53 +84,99 @@ function extractClientIp(req, options = {}) {
             const ip = extractIpFromHeader(value, useLeftmostIp);
             if (ip && isValidIp(ip)) {
                 if (filterPrivateIps && isPrivateIp(ip)) {
-                    continue;
+                    continue; // Skip private IPs
                 }
                 return ip;
             }
         }
     }
+    // Fallback to NestJS/Express defaults
     const fallbackIp = req.ip || req.socket?.remoteAddress || req.connection?.remoteAddress || '0.0.0.0';
+    // Clean up IPv6 localhost to IPv4
     if (fallbackIp === '::1' || fallbackIp === '::ffff:127.0.0.1') {
         return '127.0.0.1';
     }
+    // Strip IPv6 prefix if present
     const cleanIp = fallbackIp.replace(/^::ffff:/, '');
     return cleanIp;
 }
+/**
+ * Extracts IP address from header value
+ *
+ * @param value - Header value (may be comma-separated list)
+ * @param useLeftmost - Whether to use leftmost (original client) or rightmost (last proxy)
+ * @returns Extracted IP address or null
+ */
 function extractIpFromHeader(value, useLeftmost) {
     const valueStr = Array.isArray(value) ? value[0] : value;
     if (!valueStr)
         return null;
+    // Split by comma (X-Forwarded-For can have multiple IPs)
     const ips = valueStr
         .split(',')
         .map((ip) => ip.trim())
         .filter(Boolean);
     if (ips.length === 0)
         return null;
+    // Return leftmost (original client) or rightmost (last proxy)
     return useLeftmost ? ips[0] : ips[ips.length - 1];
 }
+/**
+ * Validates if a string is a valid IPv4 or IPv6 address
+ *
+ * @param ip - IP address to validate
+ * @returns True if valid, false otherwise
+ */
 function isValidIp(ip) {
+    // IPv4 validation
     const ipv4Regex = /^(\d{1,3}\.){3}\d{1,3}$/;
     if (ipv4Regex.test(ip)) {
         const parts = ip.split('.').map(Number);
         return parts.every((part) => part >= 0 && part <= 255);
     }
+    // IPv6 validation (simplified)
     const ipv6Regex = /^([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}$/;
     return ipv6Regex.test(ip);
 }
+/**
+ * Checks if an IP address is private/internal
+ *
+ * Detects:
+ * - Localhost (127.0.0.0/8, ::1)
+ * - Private IPv4 ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16)
+ * - Link-local addresses (169.254.0.0/16)
+ *
+ * @param ip - IP address to check
+ * @returns True if private, false otherwise
+ *
+ * @example
+ * ```typescript
+ * isPrivateIp('192.168.1.1'); // true
+ * isPrivateIp('8.8.8.8'); // false
+ * ```
+ */
 function isPrivateIp(ip) {
+    // Localhost
     if (ip === '127.0.0.1' || ip === '::1' || ip.startsWith('127.')) {
         return true;
     }
+    // Private IPv4 ranges
     const privateRanges = [
-        /^10\./,
-        /^172\.(1[6-9]|2[0-9]|3[0-1])\./,
-        /^192\.168\./,
-        /^169\.254\./,
+        /^10\./, // 10.0.0.0/8
+        /^172\.(1[6-9]|2[0-9]|3[0-1])\./, // 172.16.0.0/12
+        /^192\.168\./, // 192.168.0.0/16
+        /^169\.254\./, // Link-local (169.254.0.0/16)
     ];
     return privateRanges.some((regex) => regex.test(ip));
 }
+/**
+ * Gets geolocation information for an IP address (placeholder)
+ *
+ * @param ip - IP address
+ * @returns Geolocation info (to be implemented with MaxMind/IP-API)
+ */
 function getIpGeolocation(_ip) {
+    // TODO: Implement with MaxMind GeoIP2 or IP-API
     return {};
 }
 //# sourceMappingURL=ip-extractor.js.map

package/dist/utils/ip-extractor.js.map

@@ -1 +1 @@
-{"version":3,"file":"ip-extractor.js","sourceRoot":"","sources":["../../src/utils/ip-extractor.ts"],"names":[],"mappings":";;AAmFA,0CA8DC;AA8DD,kCAeC;AAQD,4CAGC;AAtJD,SAAgB,eAAe,CAAC,GAAkB,EAAE,UAA8B,EAAE;IAClF,MAAM,EAAE,gBAAgB,GAAG,KAAK,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAGnE,MAAM,OAAO,GAAG;QACd,iBAAiB;QACjB,kBAAkB;QAClB,WAAW;QACX,aAAa;QACb,kBAAkB;QAClB,mBAAmB;QACnB,gBAAgB;QAChB,0BAA0B;KAC3B,CAAC;IAGF,MAAM,UAAU,GAA4B,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;IAG9D,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAE7B,MAAM,UAAU,GAAG;YACjB,MAAM;YACN,MAAM,CAAC,WAAW,EAAE;YACpB,MAAM;iBACH,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;iBAC3D,IAAI,CAAC,GAAG,CAAC;SACb,CAAC;QAEF,IAAI,KAAK,GAA6B,IAAI,CAAC;QAC3C,KAAK,MAAM,OAAO,IAAI,UAAU,EAAE,CAAC;YACjC,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;YACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC9D,KAAK,GAAG,SAAS,CAAC;gBAClB,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;YACrD,IAAI,EAAE,IAAI,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC;gBACxB,IAAI,gBAAgB,IAAI,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC;oBACxC,SAAS;gBACX,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;IACH,CAAC;IAGD,MAAM,UAAU,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa,IAAI,SAAS,CAAC;IAGrG,IAAI,UAAU,KAAK,KAAK,IAAI,UAAU,KAAK,kBAAkB,EAAE,CAAC;QAC9D,OAAO,WAAW,CAAC;IACrB,CAAC;IAGD,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAEnD,OAAO,OAAO,CAAC;AACjB,CAAC;AASD,SAAS,mBAAmB,CAAC,KAAwB,EAAE,WAAoB;IACzE,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAEzD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAG3B,MAAM,GAAG,GAAG,QAAQ;SACjB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;SACtB,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAGlC,OAAO,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACpD,CAAC;AAQD,SAAS,SAAS,CAAC,EAAU;IAE3B,MAAM,SAAS,GAAG,yBAAyB,CAAC;IAC5C,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACxC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,GAAG,CAAC,CAAC;IACzD,CAAC;IAGD,MAAM,SAAS,GAAG,4CAA4C,CAAC;IAC/D,OAAO,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5B,CAAC;AAmBD,SAAgB,WAAW,CAAC,EAAU;IAEpC,IAAI,EAAE,KAAK,WAAW,IAAI,EAAE,KAAK,KAAK,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,MAAM,aAAa,GAAG;QACpB,OAAO;QACP,gCAAgC;QAChC,aAAa;QACb,aAAa;KACd,CAAC;IAEF,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AACvD,CAAC;AAQD,SAAgB,gBAAgB,CAAC,GAAW;IAE1C,OAAO,EAAE,CAAC;AACZ,CAAC"}
+{"version":3,"file":"ip-extractor.js","sourceRoot":"","sources":["../../src/utils/ip-extractor.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;;AAgDH,0CA8DC;AA8DD,kCAeC;AAQD,4CAGC;AA7JD;;;;;;GAMG;AACH,SAAgB,eAAe,CAAC,GAAkB,EAAE,UAA8B,EAAE;IAClF,MAAM,EAAE,gBAAgB,GAAG,KAAK,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAEnE,qCAAqC;IACrC,MAAM,OAAO,GAAG;QACd,iBAAiB,EAAE,0CAA0C;QAC7D,kBAAkB,EAAE,aAAa;QACjC,WAAW,EAAE,QAAQ;QACrB,aAAa,EAAE,wBAAwB;QACvC,kBAAkB,EAAE,aAAa;QACjC,mBAAmB,EAAE,aAAa;QAClC,gBAAgB,EAAE,wBAAwB;QAC1C,0BAA0B,EAAE,UAAU;KACvC,CAAC;IAEF,+BAA+B;IAC/B,MAAM,UAAU,GAA4B,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;IAE9D,oCAAoC;IACpC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,+BAA+B;QAC/B,MAAM,UAAU,GAAG;YACjB,MAAM,EAAE,6BAA6B;YACrC,MAAM,CAAC,WAAW,EAAE,EAAE,6BAA6B;YACnD,MAAM;iBACH,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;iBAC3D,IAAI,CAAC,GAAG,CAAC,EAAE,8BAA8B;SAC7C,CAAC;QAEF,IAAI,KAAK,GAA6B,IAAI,CAAC;QAC3C,KAAK,MAAM,OAAO,IAAI,UAAU,EAAE,CAAC;YACjC,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;YACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC9D,KAAK,GAAG,SAAS,CAAC;gBAClB,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;YACrD,IAAI,EAAE,IAAI,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC;gBACxB,IAAI,gBAAgB,IAAI,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC;oBACxC,SAAS,CAAC,mBAAmB;gBAC/B,CAAC;gBACD,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,MAAM,UAAU,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,EAAE,aAAa,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa,IAAI,SAAS,CAAC;IAErG,kCAAkC;IAClC,IAAI,UAAU,KAAK,KAAK,IAAI,UAAU,KAAK,kBAAkB,EAAE,CAAC;QAC9D,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,+BAA+B;IAC/B,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAEnD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,mBAAmB,CAAC,KAAwB,EAAE,WAAoB;IACzE,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAEzD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,yDAAyD;IACzD,MAAM,GAAG,GAAG,QAAQ;SACjB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;SACtB,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAElC,8DAA8D;IAC9D,OAAO,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACpD,CAAC;AAED;;;;;GAKG;AACH,SAAS,SAAS,CAAC,EAAU;IAC3B,kBAAkB;IAClB,MAAM,SAAS,GAAG,yBAAyB,CAAC;IAC5C,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACxC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,+BAA+B;IAC/B,MAAM,SAAS,GAAG,4CAA4C,CAAC;IAC/D,OAAO,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5B,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,WAAW,CAAC,EAAU;IACpC,YAAY;IACZ,IAAI,EAAE,KAAK,WAAW,IAAI,EAAE,KAAK,KAAK,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sBAAsB;IACtB,MAAM,aAAa,GAAG;QACpB,OAAO,EAAE,aAAa;QACtB,gCAAgC,EAAE,gBAAgB;QAClD,aAAa,EAAE,iBAAiB;QAChC,aAAa,EAAE,8BAA8B;KAC9C,CAAC;IAEF,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AACvD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,gDAAgD;IAChD,OAAO,EAAE,CAAC;AACZ,CAAC"}

package/dist/utils/nauth-logger.d.ts

@@ -1,4 +1,41 @@
 import { LoggerService, NAuthLoggerConfig } from '../interfaces/config.interface';
+/**
+ * NAuth Logger Wrapper
+ *
+ * Wraps any NestJS-compatible logger and adds features:
+ * 1. "NAUTH:" prefix to all messages for easy identification
+ * 2. Automatic PII redaction (emails, IPs, tokens, etc.) - enabled by default
+ * 3. Optional log level filtering
+ * 4. Silent mode if no logger is provided
+ *
+ * This allows nauth-toolkit to integrate seamlessly with the consuming application's
+ * logging infrastructure while maintaining security and compliance.
+ *
+ * @example
+ * ```typescript
+ * // With NestJS built-in logger (PII redaction enabled by default)
+ * const logger = new NAuthLogger(new Logger('MyApp'));
+ * logger.log('User user@example.com signed up');
+ * // Output: [MyApp] NAUTH: User u***@***.com signed up
+ *
+ * // With config options
+ * const logger = new NAuthLogger({
+ *   instance: new Logger('MyApp'),
+ *   enablePiiRedaction: true,  // Default
+ *   logLevel: 'debug'
+ * });
+ *
+ * // Disable PII redaction (debugging only)
+ * const logger = new NAuthLogger({
+ *   instance: myLogger,
+ *   enablePiiRedaction: false
+ * });
+ *
+ * // Silent mode (no logger provided)
+ * const logger = new NAuthLogger();
+ * logger.log('This will not be logged'); // No output
+ * ```
+ */
 export declare class NAuthLogger implements LoggerService {
     private static readonly PREFIX;
     private readonly logger?;
@@ -6,15 +43,48 @@ export declare class NAuthLogger implements LoggerService {
     private readonly enablePiiRedaction;
     private readonly logLevel?;
     constructor(config?: LoggerService | NAuthLoggerConfig);
+    /**
+     * Log a message (info level)
+     */
     log(message: any, ...optionalParams: any[]): any;
+    /**
+     * Log an error message
+     */
     error(message: any, ...optionalParams: any[]): any;
+    /**
+     * Log a warning message
+     */
     warn(message: any, ...optionalParams: any[]): any;
+    /**
+     * Log a debug message
+     */
     debug(message: any, ...optionalParams: any[]): any;
+    /**
+     * Log a verbose message
+     */
     verbose(message: any, ...optionalParams: any[]): any;
+    /**
+     * Process message: add prefix and apply PII redaction
+     * @private
+     */
     private processMessage;
+    /**
+     * Process optional parameters: apply PII redaction
+     * @private
+     */
     private processParams;
+    /**
+     * Check if message should be logged based on log level
+     * @private
+     */
     private shouldLog;
+    /**
+     * Check if logger is enabled
+     */
     isEnabled(): boolean;
+    /**
+     * Check if PII redaction is enabled
+     */
     isPiiRedactionEnabled(): boolean;
 }
 //# sourceMappingURL=nauth-logger.d.ts.map

package/dist/utils/nauth-logger.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"nauth-logger.d.ts","sourceRoot":"","sources":["../../src/utils/nauth-logger.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAwClF,qBAAa,WAAY,YAAW,aAAa;IAC/C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAY;IAE1C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAgB;IACxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAU;IAC7C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;gBAEvB,MAAM,CAAC,EAAE,aAAa,GAAG,iBAAiB;IA8BtD,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAWhD,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAWlD,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAWjD,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAWlD,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAYpD,OAAO,CAAC,cAAc;IAyBtB,OAAO,CAAC,aAAa;IA+BrB,OAAO,CAAC,SAAS;IAajB,SAAS,IAAI,OAAO;IAOpB,qBAAqB,IAAI,OAAO;CAGjC"}
+{"version":3,"file":"nauth-logger.d.ts","sourceRoot":"","sources":["../../src/utils/nauth-logger.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAGlF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,WAAY,YAAW,aAAa;IAC/C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAY;IAE1C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAgB;IACxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAU;IAC7C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;gBAEvB,MAAM,CAAC,EAAE,aAAa,GAAG,iBAAiB;IA2BtD;;OAEG;IACH,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAQhD;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAQlD;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAQjD;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAQlD;;OAEG;IACH,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,EAAE,GAAG,GAAG;IAQpD;;;OAGG;IACH,OAAO,CAAC,cAAc;IAqBtB;;;OAGG;IACH,OAAO,CAAC,aAAa;IA2BrB;;;OAGG;IACH,OAAO,CAAC,SAAS;IAUjB;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;OAEG;IACH,qBAAqB,IAAI,OAAO;CAGjC"}

package/dist/utils/nauth-logger.js

@@ -2,6 +2,43 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.NAuthLogger = void 0;
 const pii_redactor_1 = require("./pii-redactor");
+/**
+ * NAuth Logger Wrapper
+ *
+ * Wraps any NestJS-compatible logger and adds features:
+ * 1. "NAUTH:" prefix to all messages for easy identification
+ * 2. Automatic PII redaction (emails, IPs, tokens, etc.) - enabled by default
+ * 3. Optional log level filtering
+ * 4. Silent mode if no logger is provided
+ *
+ * This allows nauth-toolkit to integrate seamlessly with the consuming application's
+ * logging infrastructure while maintaining security and compliance.
+ *
+ * @example
+ * ```typescript
+ * // With NestJS built-in logger (PII redaction enabled by default)
+ * const logger = new NAuthLogger(new Logger('MyApp'));
+ * logger.log('User user@example.com signed up');
+ * // Output: [MyApp] NAUTH: User u***@***.com signed up
+ *
+ * // With config options
+ * const logger = new NAuthLogger({
+ *   instance: new Logger('MyApp'),
+ *   enablePiiRedaction: true,  // Default
+ *   logLevel: 'debug'
+ * });
+ *
+ * // Disable PII redaction (debugging only)
+ * const logger = new NAuthLogger({
+ *   instance: myLogger,
+ *   enablePiiRedaction: false
+ * });
+ *
+ * // Silent mode (no logger provided)
+ * const logger = new NAuthLogger();
+ * logger.log('This will not be logged'); // No output
+ * ```
+ */
 class NAuthLogger {
     static PREFIX = 'NAUTH:';
     logger;
@@ -10,13 +47,15 @@ class NAuthLogger {
     logLevel;
     constructor(config) {
         if (!config) {
+            // Silent mode
             this.logger = undefined;
             this.enablePiiRedaction = true;
             this.piiRedactor = new pii_redactor_1.PiiRedactor();
         }
         else if ('instance' in config) {
+            // LoggerConfig object
             this.logger = config.instance;
-            this.enablePiiRedaction = config.enablePiiRedaction !== false;
+            this.enablePiiRedaction = config.enablePiiRedaction !== false; // Default: true
             this.logLevel = config.logLevel;
             this.piiRedactor = new pii_redactor_1.PiiRedactor({
                 redactEmails: this.enablePiiRedaction,
@@ -24,15 +63,19 @@ class NAuthLogger {
                 redactTokens: this.enablePiiRedaction,
                 redactPhoneNumbers: this.enablePiiRedaction,
                 redactNames: this.enablePiiRedaction,
-                redactPasswords: true,
+                redactPasswords: true, // Always redact passwords
             });
         }
         else {
+            // LoggerService instance directly
             this.logger = config;
-            this.enablePiiRedaction = true;
+            this.enablePiiRedaction = true; // Default: enabled
             this.piiRedactor = new pii_redactor_1.PiiRedactor();
         }
     }
+    /**
+     * Log a message (info level)
+     */
     log(message, ...optionalParams) {
         if (!this.logger || !this.shouldLog('log'))
             return;
@@ -40,6 +83,9 @@ class NAuthLogger {
         const processedParams = this.processParams(optionalParams);
         return this.logger.log(processedMessage, ...processedParams);
     }
+    /**
+     * Log an error message
+     */
     error(message, ...optionalParams) {
         if (!this.logger || !this.shouldLog('error'))
             return;
@@ -47,6 +93,9 @@ class NAuthLogger {
         const processedParams = this.processParams(optionalParams);
         return this.logger.error(processedMessage, ...processedParams);
     }
+    /**
+     * Log a warning message
+     */
     warn(message, ...optionalParams) {
         if (!this.logger || !this.shouldLog('warn'))
             return;
@@ -54,6 +103,9 @@ class NAuthLogger {
         const processedParams = this.processParams(optionalParams);
         return this.logger.warn(processedMessage, ...processedParams);
     }
+    /**
+     * Log a debug message
+     */
     debug(message, ...optionalParams) {
         if (!this.logger || !this.logger.debug || !this.shouldLog('debug'))
             return;
@@ -61,6 +113,9 @@ class NAuthLogger {
         const processedParams = this.processParams(optionalParams);
         return this.logger.debug(processedMessage, ...processedParams);
     }
+    /**
+     * Log a verbose message
+     */
     verbose(message, ...optionalParams) {
         if (!this.logger || !this.logger.verbose || !this.shouldLog('verbose'))
             return;
@@ -68,22 +123,33 @@ class NAuthLogger {
         const processedParams = this.processParams(optionalParams);
         return this.logger.verbose(processedMessage, ...processedParams);
     }
+    /**
+     * Process message: add prefix and apply PII redaction
+     * @private
+     */
     processMessage(message) {
         let processedMessage;
         if (typeof message === 'string') {
             processedMessage = message;
         }
         else if (typeof message === 'object') {
+            // For objects, stringify then redact
             processedMessage = JSON.stringify(message);
         }
         else {
             processedMessage = String(message);
         }
+        // Apply PII redaction if enabled
         if (this.enablePiiRedaction) {
             processedMessage = this.piiRedactor.redactMessage(processedMessage);
         }
+        // Add NAUTH: prefix
         return `${NAuthLogger.PREFIX} ${processedMessage}`;
     }
+    /**
+     * Process optional parameters: apply PII redaction
+     * @private
+     */
     processParams(params) {
         if (!this.enablePiiRedaction || params.length === 0) {
             return params;
@@ -93,6 +159,7 @@ class NAuthLogger {
                 return this.piiRedactor.redactMessage(param);
             }
             else if (typeof param === 'object') {
+                // For objects, stringify, redact, then parse back
                 try {
                     const stringified = JSON.stringify(param);
                     const redacted = this.piiRedactor.redactMessage(stringified);
@@ -104,23 +171,34 @@ class NAuthLogger {
                     }
                 }
                 catch {
+                    // Handle circular references or other JSON.stringify errors (e.g., toJSON throwing)
                     return '[Object with circular reference or invalid JSON]';
                 }
             }
             return param;
         });
     }
+    /**
+     * Check if message should be logged based on log level
+     * @private
+     */
     shouldLog(level) {
         if (!this.logLevel)
-            return true;
+            return true; // No filter, log everything
         const levels = ['error', 'warn', 'log', 'debug', 'verbose'];
         const configLevel = levels.indexOf(this.logLevel);
         const messageLevel = levels.indexOf(level);
         return messageLevel <= configLevel;
     }
+    /**
+     * Check if logger is enabled
+     */
     isEnabled() {
         return !!this.logger;
     }
+    /**
+     * Check if PII redaction is enabled
+     */
     isPiiRedactionEnabled() {
         return this.enablePiiRedaction;
     }

package/dist/utils/nauth-logger.js.map

@@ -1 +1 @@
-{"version":3,"file":"nauth-logger.js","sourceRoot":"","sources":["../../src/utils/nauth-logger.ts"],"names":[],"mappings":";;;AAEA,iDAA6C;AAuC7C,MAAa,WAAW;IACd,MAAM,CAAU,MAAM,GAAG,QAAQ,CAAC;IAEzB,MAAM,CAAiB;IACvB,WAAW,CAAc;IACzB,kBAAkB,CAAU;IAC5B,QAAQ,CAAU;IAEnC,YAAY,MAA0C;QACpD,IAAI,CAAC,MAAM,EAAE,CAAC;YAEZ,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;YACxB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;YAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAC;QACvC,CAAC;aAAM,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;YAEhC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC9B,IAAI,CAAC,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,KAAK,KAAK,CAAC;YAC9D,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,CAAC;gBACjC,YAAY,EAAE,IAAI,CAAC,kBAAkB;gBACrC,iBAAiB,EAAE,IAAI,CAAC,kBAAkB;gBAC1C,YAAY,EAAE,IAAI,CAAC,kBAAkB;gBACrC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;gBAC3C,WAAW,EAAE,IAAI,CAAC,kBAAkB;gBACpC,eAAe,EAAE,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YAEN,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;YACrB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;YAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAC;QACvC,CAAC;IACH,CAAC;IAKD,GAAG,CAAC,OAAY,EAAE,GAAG,cAAqB;QACxC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,OAAO;QAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IAC/D,CAAC;IAKD,KAAK,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,OAAO;QAErD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACjE,CAAC;IAKD,IAAI,CAAC,OAAY,EAAE,GAAG,cAAqB;QACzC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;YAAE,OAAO;QAEpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IAChE,CAAC;IAKD,KAAK,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,OAAO;QAE3E,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACjE,CAAC;IAKD,OAAO,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC5C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;YAAE,OAAO;QAE/E,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACnE,CAAC;IAMO,cAAc,CAAC,OAAY;QACjC,IAAI,gBAAwB,CAAC;QAE7B,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAChC,gBAAgB,GAAG,OAAO,CAAC;QAC7B,CAAC;aAAM,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAEvC,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAGD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,gBAAgB,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAGD,OAAO,GAAG,WAAW,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC;IACrD,CAAC;IAMO,aAAa,CAAC,MAAa;QACjC,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC/C,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAErC,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;oBAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;oBAC7D,IAAI,CAAC;wBACH,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;oBAC9B,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,QAAQ,CAAC;oBAClB,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBAEP,OAAO,kDAAkD,CAAC;gBAC5D,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;IAMO,SAAS,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEhC,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC5D,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAE3C,OAAO,YAAY,IAAI,WAAW,CAAC;IACrC,CAAC;IAKD,SAAS;QACP,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;IACvB,CAAC;IAKD,qBAAqB;QACnB,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;;AA5KH,kCA6KC"}
+{"version":3,"file":"nauth-logger.js","sourceRoot":"","sources":["../../src/utils/nauth-logger.ts"],"names":[],"mappings":";;;AAEA,iDAA6C;AAE7C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,WAAW;IACd,MAAM,CAAU,MAAM,GAAG,QAAQ,CAAC;IAEzB,MAAM,CAAiB;IACvB,WAAW,CAAc;IACzB,kBAAkB,CAAU;IAC5B,QAAQ,CAAU;IAEnC,YAAY,MAA0C;QACpD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,cAAc;YACd,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;YACxB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;YAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAC;QACvC,CAAC;aAAM,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;YAChC,sBAAsB;YACtB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC9B,IAAI,CAAC,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,KAAK,KAAK,CAAC,CAAC,gBAAgB;YAC/E,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,CAAC;gBACjC,YAAY,EAAE,IAAI,CAAC,kBAAkB;gBACrC,iBAAiB,EAAE,IAAI,CAAC,kBAAkB;gBAC1C,YAAY,EAAE,IAAI,CAAC,kBAAkB;gBACrC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;gBAC3C,WAAW,EAAE,IAAI,CAAC,kBAAkB;gBACpC,eAAe,EAAE,IAAI,EAAE,0BAA0B;aAClD,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,kCAAkC;YAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;YACrB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC,mBAAmB;YACnD,IAAI,CAAC,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAC;QACvC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,OAAY,EAAE,GAAG,cAAqB;QACxC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,OAAO;QAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,OAAO;QAErD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACH,IAAI,CAAC,OAAY,EAAE,GAAG,cAAqB;QACzC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;YAAE,OAAO;QAEpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IAChE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;YAAE,OAAO;QAE3E,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,OAAY,EAAE,GAAG,cAAqB;QAC5C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;YAAE,OAAO;QAE/E,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,eAAe,CAAC,CAAC;IACnE,CAAC;IAED;;;OAGG;IACK,cAAc,CAAC,OAAY;QACjC,IAAI,gBAAwB,CAAC;QAE7B,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAChC,gBAAgB,GAAG,OAAO,CAAC;QAC7B,CAAC;aAAM,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YACvC,qCAAqC;YACrC,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAED,iCAAiC;QACjC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,gBAAgB,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAED,oBAAoB;QACpB,OAAO,GAAG,WAAW,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC;IACrD,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,MAAa;QACjC,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC/C,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACrC,kDAAkD;gBAClD,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;oBAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;oBAC7D,IAAI,CAAC;wBACH,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;oBAC9B,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,QAAQ,CAAC;oBAClB,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,oFAAoF;oBACpF,OAAO,kDAAkD,CAAC;gBAC5D,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,SAAS,CAAC,KAAa;QAC7B,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC,CAAC,4BAA4B;QAE7D,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC5D,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAE3C,OAAO,YAAY,IAAI,WAAW,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,qBAAqB;QACnB,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;;AA5KH,kCA6KC"}

package/dist/utils/pii-redactor.d.ts

@@ -1,16 +1,86 @@
 import { LogMetadata, PiiRedactionOptions } from '../interfaces/logger.interface';
+/**
+ * PII Redactor Utility
+ *
+ * Automatically redacts Personally Identifiable Information (PII) from log messages
+ * and metadata to ensure privacy compliance (GDPR, CCPA, etc.).
+ *
+ * Redaction patterns:
+ * - Emails: `user@example.com` → `u***@***.com`
+ * - IP Addresses: `192.168.1.100` → `192.168.1.***`
+ * - Tokens: `eyJhbGciOiJIUz...` → `[REDACTED_TOKEN]`
+ * - Passwords: Always `[REDACTED]`
+ * - Phone Numbers: `+1234567890` → `+123***7890`
+ * - Names: `John Doe` → `J*** D***`
+ *
+ * @example
+ * ```typescript
+ * const redactor = new PiiRedactor();
+ * const safe = redactor.redactMessage('User user@example.com logged in');
+ * // Output: 'User u***@***.com logged in'
+ * ```
+ */
 export declare class PiiRedactor {
     private options;
+    /**
+     * Constructor
+     *
+     * @param options - PII redaction configuration
+     */
     constructor(options?: PiiRedactionOptions);
+    /**
+     * Redact PII from a log message
+     *
+     * @param message - Log message that may contain PII
+     * @returns Redacted message
+     */
     redactMessage(message: string): string;
+    /**
+     * Redact PII from log metadata
+     *
+     * @param metadata - Log metadata that may contain PII
+     * @returns Redacted metadata
+     */
     redactMetadata(metadata?: LogMetadata): LogMetadata | undefined;
+    /**
+     * Redact email addresses
+     * @private
+     */
     private redactEmails;
+    /**
+     * Redact IP addresses (keep first 3 octets)
+     * @private
+     */
     private redactIpAddresses;
+    /**
+     * Redact a single IP address
+     * @private
+     */
     private redactIpAddress;
+    /**
+     * Redact JWT tokens and bearer tokens
+     * @private
+     */
     private redactTokens;
+    /**
+     * Redact phone numbers
+     * @private
+     */
     private redactPhoneNumbers;
+    /**
+     * Redact names (firstName, lastName)
+     * @private
+     */
     private redactNames;
+    /**
+     * Redact passwords and password-related fields
+     * @private
+     */
     private redactPasswords;
+    /**
+     * Recursively redact an object
+     * @private
+     */
     private redactObject;
 }
 //# sourceMappingURL=pii-redactor.d.ts.map

package/dist/utils/pii-redactor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pii-redactor.d.ts","sourceRoot":"","sources":["../../src/utils/pii-redactor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAuBlF,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAgC;gBAOnC,OAAO,CAAC,EAAE,mBAAmB;IAoBzC,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IA0CtC,cAAc,CAAC,QAAQ,CAAC,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS;IAoC/D,OAAO,CAAC,YAAY;IAepB,OAAO,CAAC,iBAAiB;IAczB,OAAO,CAAC,eAAe;IAoBvB,OAAO,CAAC,YAAY;IAiBpB,OAAO,CAAC,kBAAkB;IAW1B,OAAO,CAAC,WAAW;IA2BnB,OAAO,CAAC,eAAe;IAiBvB,OAAO,CAAC,YAAY;CAqCrB"}
+{"version":3,"file":"pii-redactor.d.ts","sourceRoot":"","sources":["../../src/utils/pii-redactor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAElF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAgC;IAE/C;;;;OAIG;gBACS,OAAO,CAAC,EAAE,mBAAmB;IAczC;;;;;OAKG;IACH,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAoCtC;;;;;OAKG;IACH,cAAc,CAAC,QAAQ,CAAC,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS;IAgC/D;;;OAGG;IACH,OAAO,CAAC,YAAY;IAWpB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAUzB;;;OAGG;IACH,OAAO,CAAC,eAAe;IAgBvB;;;OAGG;IACH,OAAO,CAAC,YAAY;IAapB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAO1B;;;OAGG;IACH,OAAO,CAAC,WAAW;IAuBnB;;;OAGG;IACH,OAAO,CAAC,eAAe;IAavB;;;OAGG;IACH,OAAO,CAAC,YAAY;CAqCrB"}