npm - @prashant-neosoft-ecommerce/shared - Versions diffs - 1.0.3 - Mend

@prashant-neosoft-ecommerce/shared 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/index.js +14 -0
package/middleware/auth.js +38 -0
package/middleware/encryption.js +48 -0
package/middleware/errorHandler.js +49 -0
package/middleware/rateLimiter.js +28 -0
package/middleware/validation.js +65 -0
package/package.json +31 -0
package/utils/constants.js +41 -0
package/utils/logger.js +33 -0
package/utils/redis.js +72 -0

package/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+module.exports = {
+  middleware: {
+    rateLimiter: require("./middleware/rateLimiter"),
+    encryption: require("./middleware/encryption"),
+    validation: require("./middleware/validation"),
+    auth: require("./middleware/auth"),
+    errorHandler: require("./middleware/errorHandler"),
+  },
+  utils: {
+    logger: require("./utils/logger"),
+    redis: require("./utils/redis"),
+    constants: require("./utils/constants"),
+  },
+};

package/middleware/auth.js ADDED Viewed

@@ -0,0 +1,38 @@
+const jwt = require("jsonwebtoken");
+const redisClient = require("../utils/redis");
+const auth = async (req, res, next) => {
+  try {
+    const token = req.header("Authorization")?.replace("Bearer ", "");
+    if (!token) {
+      return res.status(401).json({ error: "Authentication required" });
+    }
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    const cachedUser = await redisClient.get(`user:${decoded.userId}`);
+    if (!cachedUser) {
+      return res.status(401).json({ error: "Session expired" });
+    }
+    req.user = JSON.parse(cachedUser);
+    req.token = token;
+    next();
+  } catch (error) {
+    res.status(401).json({ error: "Invalid authentication token" });
+  }
+};
+const authorize = (...roles) => {
+  return (req, res, next) => {
+    if (!req.user || !roles.includes(req.user.role)) {
+      return res.status(403).json({
+        error: "Access denied. Insufficient permissions.",
+      });
+    }
+    next();
+  };
+};
+module.exports = { auth, authorize };

package/middleware/encryption.js ADDED Viewed

@@ -0,0 +1,48 @@
+const crypto = require("crypto");
+const ALGORITHM = "aes-256-cbc";
+const ENCRYPTION_KEY = Buffer.from(
+  process.env.ENCRYPTION_KEY ||
+    crypto.randomBytes(32).toString("hex").slice(0, 32),
+  "utf8"
+);
+const IV_LENGTH = 16;
+const encrypt = (text) => {
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+  let encrypted = cipher.update(text);
+  encrypted = Buffer.concat([encrypted, cipher.final()]);
+  return iv.toString("hex") + ":" + encrypted.toString("hex");
+};
+const decrypt = (text) => {
+  const textParts = text.split(":");
+  const iv = Buffer.from(textParts.shift(), "hex");
+  const encryptedText = Buffer.from(textParts.join(":"), "hex");
+  const decipher = crypto.createDecipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+  let decrypted = decipher.update(encryptedText);
+  decrypted = Buffer.concat([decrypted, decipher.final()]);
+  return decrypted.toString();
+};
+const encryptionMiddleware = (req, res, next) => {
+  if (req.body && req.body.encrypted) {
+    try {
+      const decrypted = decrypt(req.body.encrypted);
+      req.body = JSON.parse(decrypted);
+    } catch (error) {
+      return res.status(400).json({
+        error: "Invalid encrypted payload",
+      });
+    }
+  }
+  next();
+};
+module.exports = { encrypt, decrypt, encryptionMiddleware };

package/middleware/errorHandler.js ADDED Viewed

@@ -0,0 +1,49 @@
+const logger = require("../utils/logger");
+class AppError extends Error {
+  constructor(message, statusCode) {
+    super(message);
+    this.statusCode = statusCode;
+    this.isOperational = true;
+    Error.captureStackTrace(this, this.constructor);
+  }
+}
+const errorHandler = (err, req, res, next) => {
+  err.statusCode = err.statusCode || 500;
+  err.message = err.message || "Internal Server Error";
+  logger.error({
+    message: err.message,
+    stack: err.stack,
+    statusCode: err.statusCode,
+    path: req.path,
+    method: req.method,
+  });
+  if (process.env.NODE_ENV === "development") {
+    return res.status(err.statusCode).json({
+      success: false,
+      error: err.message,
+      stack: err.stack,
+    });
+  }
+  if (err.isOperational) {
+    return res.status(err.statusCode).json({
+      success: false,
+      error: err.message,
+    });
+  }
+  return res.status(500).json({
+    success: false,
+    error: "Something went wrong",
+  });
+};
+const asyncHandler = (fn) => (req, res, next) => {
+  Promise.resolve(fn(req, res, next)).catch(next);
+};
+module.exports = { AppError, errorHandler, asyncHandler };

package/middleware/rateLimiter.js ADDED Viewed

@@ -0,0 +1,28 @@
+const rateLimit = require("express-rate-limit");
+const { RedisStore } = require("rate-limit-redis");
+const redisClient = require("../utils/redis");
+const createRateLimiter = (options = {}) => {
+  return rateLimit({
+    store: new RedisStore({
+      client: redisClient.client,
+      prefix: "rl:",
+    }),
+    windowMs: options.windowMs || 15 * 60 * 1000, // 15 minutes
+    max: options.max || 100,
+    message: options.message || "Too many requests, please try again later.",
+    standardHeaders: true,
+    legacyHeaders: false,
+  });
+};
+const strictLimiter = createRateLimiter({ max: 5, windowMs: 60 * 1000 });
+const standardLimiter = createRateLimiter({ max: 100 });
+const generousLimiter = createRateLimiter({ max: 1000 });
+module.exports = {
+  createRateLimiter,
+  strictLimiter,
+  standardLimiter,
+  generousLimiter,
+};

package/middleware/validation.js ADDED Viewed

@@ -0,0 +1,65 @@
+const Joi = require("joi");
+const validate = (schema) => {
+  return (req, res, next) => {
+    const { error } = schema.validate(req.body, { abortEarly: false });
+    if (error) {
+      const errors = error.details.map((detail) => ({
+        field: detail.path.join("."),
+        message: detail.message,
+      }));
+      return res.status(400).json({
+        success: false,
+        errors,
+      });
+    }
+    next();
+  };
+};
+const schemas = {
+  register: Joi.object({
+    name: Joi.string().min(2).max(50).required(),
+    email: Joi.string().email().required(),
+    password: Joi.string().min(8).required(),
+    role: Joi.string().valid("user", "admin").default("user"),
+  }),
+  login: Joi.object({
+    email: Joi.string().email().required(),
+    password: Joi.string().required(),
+  }),
+  product: Joi.object({
+    name: Joi.string().min(2).max(100).required(),
+    description: Joi.string().max(1000).required(),
+    price: Joi.number().min(0).required(),
+    stock: Joi.number().integer().min(0).required(),
+    category: Joi.string().required(),
+    sku: Joi.string().required(),
+  }),
+  order: Joi.object({
+    items: Joi.array()
+      .items(
+        Joi.object({
+          productId: Joi.string().required(),
+          quantity: Joi.number().integer().min(1).required(),
+        })
+      )
+      .min(1)
+      .required(),
+    shippingAddress: Joi.object({
+      street: Joi.string().required(),
+      city: Joi.string().required(),
+      state: Joi.string().required(),
+      zipCode: Joi.string().required(),
+      country: Joi.string().required(),
+    }).required(),
+  }),
+};
+module.exports = { validate, schemas };

package/package.json ADDED Viewed

@@ -0,0 +1,31 @@
+{
+  "name": "@prashant-neosoft-ecommerce/shared",
+  "version": "1.0.3",
+  "description": "added by prashant",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "express": "^4.18.2",
+    "express-rate-limit": "^7.1.5",
+    "rate-limit-redis": "^4.2.0",
+    "ioredis": "^5.3.2",
+    "jsonwebtoken": "^9.0.2",
+    "joi": "^17.11.0",
+    "winston": "^3.11.0",
+    "helmet": "^7.1.0",
+    "cors": "^2.8.5",
+    "compression": "^1.7.4"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "index.js",
+    "middleware",
+    "utils"
+  ]
+}

package/utils/constants.js ADDED Viewed

@@ -0,0 +1,41 @@
+module.exports = {
+  EVENTS: {
+    ORDER_CREATED: "OrderCreated",
+    ORDER_UPDATED: "OrderUpdated",
+    ORDER_CANCELLED: "OrderCancelled",
+    PAYMENT_PROCESSED: "PaymentProcessed",
+    PAYMENT_FAILED: "PaymentFailed",
+    PAYMENT_REFUNDED: "PaymentRefunded",
+    INVENTORY_RESERVED: "InventoryReserved",
+    INVENTORY_RELEASED: "InventoryReleased",
+  },
+  ORDER_STATUS: {
+    PENDING: "pending",
+    CONFIRMED: "confirmed",
+    PROCESSING: "processing",
+    SHIPPED: "shipped",
+    DELIVERED: "delivered",
+    CANCELLED: "cancelled",
+    FAILED: "failed",
+  },
+  PAYMENT_STATUS: {
+    PENDING: "pending",
+    PROCESSING: "processing",
+    COMPLETED: "completed",
+    FAILED: "failed",
+    REFUNDED: "refunded",
+  },
+  USER_ROLES: {
+    USER: "user",
+    ADMIN: "admin",
+  },
+  CACHE_TTL: {
+    SHORT: 300, // 5 minutes
+    MEDIUM: 1800, // 30 minutes
+    LONG: 3600, // 1 hour
+  },
+};

package/utils/logger.js ADDED Viewed

@@ -0,0 +1,33 @@
+const winston = require("winston");
+const logger = winston.createLogger({
+  level: process.env.LOG_LEVEL || "info",
+  format: winston.format.combine(
+    winston.format.timestamp(),
+    winston.format.errors({ stack: true }),
+    winston.format.json()
+  ),
+  defaultMeta: { service: process.env.SERVICE_NAME || "unknown" },
+  transports: [
+    new winston.transports.File({
+      filename: "logs/error.log",
+      level: "error",
+    }),
+    new winston.transports.File({
+      filename: "logs/combined.log",
+    }),
+  ],
+});
+if (process.env.NODE_ENV !== "production") {
+  logger.add(
+    new winston.transports.Console({
+      format: winston.format.combine(
+        winston.format.colorize(),
+        winston.format.simple()
+      ),
+    })
+  );
+}
+module.exports = logger;

package/utils/redis.js ADDED Viewed

@@ -0,0 +1,72 @@
+const Redis = require("ioredis");
+const logger = require("./logger");
+class RedisClient {
+  constructor() {
+    this.client = null;
+    this.isConnected = false;
+  }
+  connect() {
+    if (this.client) return this.client;
+    this.client = new Redis({
+      host: process.env.REDIS_HOST || "redis-srv",
+      port: process.env.REDIS_PORT || 6379,
+      maxRetriesPerRequest: null,
+      enableReadyCheck: true,
+      retryStrategy(times) {
+        const delay = Math.min(times * 50, 2000);
+        return delay;
+      },
+    });
+    this.client.on("connect", () => {
+      this.isConnected = true;
+      logger.info("Redis connected");
+    });
+    this.client.on("error", (err) => {
+      logger.error("Redis error", err);
+    });
+    return this.client;
+  }
+  getClient() {
+    if (!this.client) {
+      this.connect();
+    }
+    return this.client;
+  }
+  async get(key) {
+    try {
+      return await this.getClient().get(key);
+    } catch (err) {
+      logger.error("Redis GET error", err);
+      return null;
+    }
+  }
+  async set(key, value, ttl = 300) {
+    try {
+      if (typeof value === "object") {
+        value = JSON.stringify(value);
+      }
+      await this.getClient().set(key, value, "EX", ttl);
+    } catch (err) {
+      logger.error("Redis SET error", err);
+    }
+  }
+  async del(key) {
+    try {
+      await this.getClient().del(key);
+    } catch (err) {
+      logger.error("Redis DEL error", err);
+    }
+  }
+}
+module.exports = new RedisClient();