@nivinjoseph/n-sec 6.0.2 → 6.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +114 -1
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -1,8 +1,121 @@
|
|
|
1
1
|
# n-sec
|
|
2
|
-
Security library
|
|
3
2
|
|
|
3
|
+
A comprehensive security library for Node.js applications providing cryptographic operations and API security features.
|
|
4
4
|
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
npm install @nivinjoseph/n-sec
|
|
9
|
+
# or
|
|
10
|
+
yarn add @nivinjoseph/n-sec
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
## Features
|
|
14
|
+
|
|
15
|
+
### Cryptographic Operations
|
|
16
|
+
|
|
17
|
+
1. **Hash**
|
|
18
|
+
- Secure hashing operations using SHA-512
|
|
19
|
+
- Generate hash digests for data
|
|
20
|
+
- Support for salted hashing
|
|
21
|
+
|
|
22
|
+
2. **HMAC (Hash-based Message Authentication Code)**
|
|
23
|
+
- Generate HMAC signatures using SHA-256
|
|
24
|
+
|
|
25
|
+
3. **Symmetric Encryption**
|
|
26
|
+
- AES-256-CBC encryption and decryption
|
|
27
|
+
- Secure key generation
|
|
28
|
+
- IV (Initialization Vector) handling
|
|
29
|
+
|
|
30
|
+
### API Security
|
|
31
|
+
|
|
32
|
+
1. **JSON Web Tokens (JWT)**
|
|
33
|
+
- JWT creation and validation
|
|
34
|
+
- Support for HMAC algorithm
|
|
35
|
+
- Token expiration handling
|
|
36
|
+
- Claims management
|
|
37
|
+
|
|
38
|
+
2. **Claims-based Identity**
|
|
39
|
+
- Claims management
|
|
40
|
+
- Identity verification
|
|
41
|
+
- Custom claims support
|
|
42
|
+
|
|
43
|
+
3. **Security Tokens**
|
|
44
|
+
- Token generation and validation
|
|
45
|
+
- Token expiration handling
|
|
46
|
+
- Invalid token detection
|
|
47
|
+
|
|
48
|
+
## Usage
|
|
49
|
+
|
|
50
|
+
### Cryptographic Operations
|
|
51
|
+
|
|
52
|
+
```typescript
|
|
53
|
+
import { Hash, Hmac, SymmetricEncryption } from '@nivinjoseph/n-sec';
|
|
54
|
+
|
|
55
|
+
// Hashing
|
|
56
|
+
const hash = Hash.create('your-data');
|
|
57
|
+
const saltedHash = Hash.createUsingSalt('your-data', 'your-salt');
|
|
58
|
+
|
|
59
|
+
// HMAC
|
|
60
|
+
const hmac = Hmac.create('your-secret-key', 'your-data');
|
|
61
|
+
|
|
62
|
+
// Symmetric Encryption
|
|
63
|
+
const key = await SymmetricEncryption.generateKey();
|
|
64
|
+
const encrypted = await SymmetricEncryption.encrypt(key, 'your-data');
|
|
65
|
+
const decrypted = SymmetricEncryption.decrypt(key, encrypted);
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
### API Security
|
|
69
|
+
|
|
70
|
+
```typescript
|
|
71
|
+
import { JsonWebToken, ClaimsIdentity, Claim, AlgType } from '@nivinjoseph/n-sec';
|
|
72
|
+
|
|
73
|
+
// Create a claims identity
|
|
74
|
+
const claims = [
|
|
75
|
+
new Claim('sub', 'user123'),
|
|
76
|
+
new Claim('role', 'admin')
|
|
77
|
+
];
|
|
78
|
+
|
|
79
|
+
// Create a JWT
|
|
80
|
+
const jwt = JsonWebToken.fromClaims(
|
|
81
|
+
'your-issuer',
|
|
82
|
+
AlgType.hmac,
|
|
83
|
+
'your-secret-key',
|
|
84
|
+
Date.now() + 3600000, // 1 hour expiry
|
|
85
|
+
claims
|
|
86
|
+
);
|
|
87
|
+
const token = jwt.generateToken();
|
|
88
|
+
|
|
89
|
+
// Verify a JWT
|
|
90
|
+
const verifiedJwt = JsonWebToken.fromToken(
|
|
91
|
+
'your-issuer',
|
|
92
|
+
AlgType.hmac,
|
|
93
|
+
'your-secret-key',
|
|
94
|
+
token
|
|
95
|
+
);
|
|
96
|
+
const verifiedClaims = verifiedJwt.claims;
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
## Error Handling
|
|
100
|
+
|
|
101
|
+
The library provides specific exception types for error handling:
|
|
102
|
+
|
|
103
|
+
- `CryptoException`: Base exception for cryptographic operations
|
|
104
|
+
- `ExpiredTokenException`: Thrown when a token has expired
|
|
105
|
+
- `InvalidTokenException`: Thrown when a token is invalid
|
|
106
|
+
|
|
107
|
+
## Requirements
|
|
108
|
+
|
|
109
|
+
- Node.js >= 20.10
|
|
110
|
+
- TypeScript support
|
|
111
|
+
|
|
112
|
+
## Contributing
|
|
113
|
+
|
|
114
|
+
Feel free to submit issues and pull requests.
|
|
5
115
|
For Windows development:
|
|
6
116
|
- Build tools => Open PowerShell as admin and run => npm install -g windows-build-tools
|
|
7
117
|
- OpenSSL => Go to https://slproweb.com/products/Win32OpenSSL.html => Get version Win64 OpenSSL v1.0.2q
|
|
8
118
|
|
|
119
|
+
## License
|
|
120
|
+
|
|
121
|
+
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nivinjoseph/n-sec",
|
|
3
|
-
"version": "6.0.
|
|
3
|
+
"version": "6.0.3",
|
|
4
4
|
"description": "Security library",
|
|
5
5
|
"packageManager": "yarn@4.0.2",
|
|
6
6
|
"type": "module",
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"ts-build": "yarn ts-compile && yarn ts-lint",
|
|
14
14
|
"ts-build-dist": "yarn ts-build && tsc -p ./dist",
|
|
15
15
|
"test": "yarn ts-build && node --test --enable-source-maps ./test/**/*.test.js",
|
|
16
|
-
"publish-package": "yarn ts-build-dist && git add . && git commit -m 'preparing to publish new version' &&
|
|
16
|
+
"publish-package": "yarn ts-build-dist && git add . && git commit -m 'preparing to publish new version' && git push && npm publish --access=public"
|
|
17
17
|
},
|
|
18
18
|
"repository": {
|
|
19
19
|
"type": "git",
|
|
@@ -43,7 +43,7 @@
|
|
|
43
43
|
"@nivinjoseph/n-defensive": "^2.0.2",
|
|
44
44
|
"@nivinjoseph/n-exception": "^2.0.2",
|
|
45
45
|
"@nivinjoseph/n-ext": "^2.0.2",
|
|
46
|
-
"@nivinjoseph/n-util": "^3.0
|
|
46
|
+
"@nivinjoseph/n-util": "^3.2.0"
|
|
47
47
|
},
|
|
48
48
|
"engines": {
|
|
49
49
|
"node": ">=24.10"
|