@xbg.solutions/backend-core 1.0.0

package/lib/core/src/index.js

@@ -0,0 +1,46 @@
+"use strict";
+/**
+ * @xbg/backend-core
+ * Core framework for XBG backend projects
+ *
+ * Exports base classes, middleware, configuration, types, and code generator
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseEntitySpecification = exports.createGenerator = exports.CodeGenerator = exports.startServer = exports.registerControllers = exports.createApp = void 0;
+// Base classes
+__exportStar(require("./base/BaseEntity"), exports);
+__exportStar(require("./base/BaseRepository"), exports);
+__exportStar(require("./base/BaseService"), exports);
+__exportStar(require("./base/BaseController"), exports);
+// Middleware
+__exportStar(require("./middleware"), exports);
+// Configuration
+__exportStar(require("./config"), exports);
+// Types
+__exportStar(require("./types/errors"), exports);
+// App factory
+var app_1 = require("./app");
+Object.defineProperty(exports, "createApp", { enumerable: true, get: function () { return app_1.createApp; } });
+Object.defineProperty(exports, "registerControllers", { enumerable: true, get: function () { return app_1.registerControllers; } });
+Object.defineProperty(exports, "startServer", { enumerable: true, get: function () { return app_1.startServer; } });
+// Code generator
+var generator_1 = require("./generator/generator");
+Object.defineProperty(exports, "CodeGenerator", { enumerable: true, get: function () { return generator_1.CodeGenerator; } });
+Object.defineProperty(exports, "createGenerator", { enumerable: true, get: function () { return generator_1.createGenerator; } });
+var parser_1 = require("./generator/parser");
+Object.defineProperty(exports, "parseEntitySpecification", { enumerable: true, get: function () { return parser_1.parseEntitySpecification; } });
+//# sourceMappingURL=index.js.map

package/lib/core/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;AAEH,eAAe;AACf,oDAAkC;AAClC,wDAAsC;AACtC,qDAAmC;AACnC,wDAAsC;AAEtC,aAAa;AACb,+CAA6B;AAE7B,gBAAgB;AAChB,2CAAyB;AAEzB,QAAQ;AACR,iDAA+B;AAE/B,cAAc;AACd,6BAAoE;AAA3D,gGAAA,SAAS,OAAA;AAAE,0GAAA,mBAAmB,OAAA;AAAE,kGAAA,WAAW,OAAA;AAGpD,iBAAiB;AACjB,mDAAuE;AAA9D,0GAAA,aAAa,OAAA;AAAE,4GAAA,eAAe,OAAA;AACvC,6CAA8D;AAArD,kHAAA,wBAAwB,OAAA"}

package/lib/core/src/middleware/auth.middleware.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Authentication Middleware
+ * Integrates with the token handler utility
+ */
+import { Request, Response, NextFunction } from 'express';
+import type { ITokenHandler } from '@xbg/utils-token-handler';
+export interface AuthenticatedRequest extends Request {
+    user?: {
+        uid: string;
+        email?: string;
+        role?: string;
+        customClaims?: Record<string, any>;
+    };
+}
+/**
+ * Authentication middleware factory
+ * Verifies JWT tokens and attaches user to request
+ */
+export declare function createAuthMiddleware(options: {
+    tokenHandler: ITokenHandler;
+    required?: boolean;
+    roles?: string[];
+}): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * Optional authentication middleware
+ * Attaches user if token is present but doesn't require it
+ */
+export declare function optionalAuth(tokenHandler: ITokenHandler): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * Required authentication middleware
+ * Requires valid token
+ */
+export declare function requiredAuth(tokenHandler: ITokenHandler): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * Role-based authentication middleware
+ * Requires valid token and specific roles
+ */
+export declare function requireRoles(tokenHandler: ITokenHandler, roles: string[]): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * Admin-only middleware
+ * Pass custom admin roles array to match your project's role names.
+ * Default: ['admin']
+ */
+export declare function requireAdmin(tokenHandler: ITokenHandler, adminRoles?: string[]): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * Check if user owns resource
+ * Pass adminRoles to configure which roles bypass the ownership check.
+ * Default: ['admin']
+ */
+export declare function requireOwnership(getUserIdFromResource: (req: Request) => string | undefined, adminRoles?: string[]): (req: AuthenticatedRequest, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+/**
+ * API Key authentication middleware
+ * For service-to-service communication.
+ * Uses timing-safe comparison to prevent timing attacks.
+ */
+export declare function requireApiKey(validApiKeys: string[]): (req: Request, res: Response, next: NextFunction) => Promise<void | Response<any, Record<string, any>>>;
+//# sourceMappingURL=auth.middleware.d.ts.map

package/lib/core/src/middleware/auth.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.middleware.d.ts","sourceRoot":"","sources":["../../../../src/middleware/auth.middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG1D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAE9D,MAAM,WAAW,oBAAqB,SAAQ,OAAO;IACnD,IAAI,CAAC,EAAE;QACL,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;KACpC,CAAC;CACH;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE;IAC5C,YAAY,EAAE,aAAa,CAAC;IAC5B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CAClB,IACe,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDAwE9D;AAqBD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,aAAa,SAjGnC,OAAO,OAAO,QAAQ,QAAQ,YAAY,wDAmG9D;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,aAAa,SAzGnC,OAAO,OAAO,QAAQ,QAAQ,YAAY,wDA2G9D;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,EAAE,SAjHpD,OAAO,OAAO,QAAQ,QAAQ,YAAY,wDAmH9D;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,YAAY,EAAE,aAAa,EAAE,UAAU,GAAE,MAAM,EAAc,SA1HrE,OAAO,OAAO,QAAQ,QAAQ,YAAY,wDA4H9D;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,qBAAqB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,EAC3D,UAAU,GAAE,MAAM,EAAc,IAElB,KAAK,oBAAoB,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDAmC3E;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,IACpC,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,wDA6B9D"}

package/lib/core/src/middleware/auth.middleware.js

@@ -0,0 +1,256 @@
+"use strict";
+/**
+ * Authentication Middleware
+ * Integrates with the token handler utility
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAuthMiddleware = createAuthMiddleware;
+exports.optionalAuth = optionalAuth;
+exports.requiredAuth = requiredAuth;
+exports.requireRoles = requireRoles;
+exports.requireAdmin = requireAdmin;
+exports.requireOwnership = requireOwnership;
+exports.requireApiKey = requireApiKey;
+const crypto = __importStar(require("crypto"));
+const utils_logger_1 = require("@xbg/utils-logger");
+const errors_1 = require("../types/errors");
+/**
+ * Authentication middleware factory
+ * Verifies JWT tokens and attaches user to request
+ */
+function createAuthMiddleware(options) {
+    return async (req, res, next) => {
+        var _a, _b, _c, _d;
+        try {
+            const token = extractTokenFromHeader(req);
+            if (!token) {
+                if (options.required !== false) {
+                    return res.status(401).json({
+                        success: false,
+                        error: {
+                            code: 'UNAUTHORIZED',
+                            message: 'Authentication required',
+                        },
+                    });
+                }
+                return next();
+            }
+            // Verify token using token handler (includes blacklist check)
+            const verificationResult = await options.tokenHandler.verifyAndUnpack(token, utils_logger_1.logger);
+            if (!verificationResult.isValid) {
+                return res.status(401).json({
+                    success: false,
+                    error: {
+                        code: verificationResult.isBlacklisted ? 'TOKEN_REVOKED' : 'INVALID_TOKEN',
+                        message: verificationResult.error || 'Invalid or expired token',
+                    },
+                });
+            }
+            // Attach user to request
+            req.user = {
+                uid: verificationResult.token.authUID,
+                email: verificationResult.token.email || undefined,
+                role: ((_a = verificationResult.token.customClaims) === null || _a === void 0 ? void 0 : _a.role) || 'user',
+                customClaims: verificationResult.token.customClaims,
+            };
+            // Check role requirements
+            if (options.roles && options.roles.length > 0) {
+                const userRole = (_b = req.user) === null || _b === void 0 ? void 0 : _b.role;
+                if (!userRole || !options.roles.includes(userRole)) {
+                    return res.status(403).json({
+                        success: false,
+                        error: {
+                            code: 'FORBIDDEN',
+                            message: 'Insufficient permissions',
+                        },
+                    });
+                }
+            }
+            utils_logger_1.logger.debug('User authenticated', {
+                uid: (_c = req.user) === null || _c === void 0 ? void 0 : _c.uid,
+                role: (_d = req.user) === null || _d === void 0 ? void 0 : _d.role,
+            });
+            return next();
+        }
+        catch (error) {
+            const err = error instanceof Error ? error : new Error(String(error));
+            const authError = new errors_1.AuthError('Authentication failed', error);
+            utils_logger_1.logger.error(authError.message, err);
+            return res.status(500).json({
+                success: false,
+                error: {
+                    code: 'AUTH_ERROR',
+                    message: 'Authentication failed',
+                },
+            });
+        }
+    };
+}
+/**
+ * Extract token from Authorization header
+ */
+function extractTokenFromHeader(req) {
+    const authHeader = req.headers.authorization;
+    if (!authHeader) {
+        return null;
+    }
+    const parts = authHeader.split(' ');
+    if (parts.length !== 2 || parts[0] !== 'Bearer') {
+        return null;
+    }
+    return parts[1];
+}
+/**
+ * Optional authentication middleware
+ * Attaches user if token is present but doesn't require it
+ */
+function optionalAuth(tokenHandler) {
+    return createAuthMiddleware({ tokenHandler, required: false });
+}
+/**
+ * Required authentication middleware
+ * Requires valid token
+ */
+function requiredAuth(tokenHandler) {
+    return createAuthMiddleware({ tokenHandler, required: true });
+}
+/**
+ * Role-based authentication middleware
+ * Requires valid token and specific roles
+ */
+function requireRoles(tokenHandler, roles) {
+    return createAuthMiddleware({ tokenHandler, required: true, roles });
+}
+/**
+ * Admin-only middleware
+ * Pass custom admin roles array to match your project's role names.
+ * Default: ['admin']
+ */
+function requireAdmin(tokenHandler, adminRoles = ['admin']) {
+    return requireRoles(tokenHandler, adminRoles);
+}
+/**
+ * Check if user owns resource
+ * Pass adminRoles to configure which roles bypass the ownership check.
+ * Default: ['admin']
+ */
+function requireOwnership(getUserIdFromResource, adminRoles = ['admin']) {
+    return async (req, res, next) => {
+        var _a, _b;
+        try {
+            const userId = (_a = req.user) === null || _a === void 0 ? void 0 : _a.uid;
+            const resourceUserId = getUserIdFromResource(req);
+            if (!userId || !resourceUserId || userId !== resourceUserId) {
+                // Allow if user has an admin role
+                if (((_b = req.user) === null || _b === void 0 ? void 0 : _b.role) && adminRoles.includes(req.user.role)) {
+                    return next();
+                }
+                return res.status(403).json({
+                    success: false,
+                    error: {
+                        code: 'FORBIDDEN',
+                        message: 'Access denied to this resource',
+                    },
+                });
+            }
+            return next();
+        }
+        catch (error) {
+            const err = error instanceof Error ? error : new Error(String(error));
+            const authError = new errors_1.AuthError('Failed to verify resource ownership', error);
+            utils_logger_1.logger.error(authError.message, err);
+            return res.status(500).json({
+                success: false,
+                error: {
+                    code: 'AUTHORIZATION_ERROR',
+                    message: 'Failed to verify resource ownership',
+                },
+            });
+        }
+    };
+}
+/**
+ * API Key authentication middleware
+ * For service-to-service communication.
+ * Uses timing-safe comparison to prevent timing attacks.
+ */
+function requireApiKey(validApiKeys) {
+    return async (req, res, next) => {
+        try {
+            const apiKey = req.headers['x-api-key'];
+            if (!apiKey || !timingSafeIncludes(validApiKeys, apiKey)) {
+                return res.status(401).json({
+                    success: false,
+                    error: {
+                        code: 'INVALID_API_KEY',
+                        message: 'Invalid or missing API key',
+                    },
+                });
+            }
+            return next();
+        }
+        catch (error) {
+            const err = error instanceof Error ? error : new Error(String(error));
+            const authError = new errors_1.AuthError('API key validation failed', error);
+            utils_logger_1.logger.error(authError.message, err);
+            return res.status(500).json({
+                success: false,
+                error: {
+                    code: 'AUTH_ERROR',
+                    message: 'API key validation failed',
+                },
+            });
+        }
+    };
+}
+/**
+ * Timing-safe comparison of an API key against a list of valid keys.
+ * Prevents timing side-channel attacks that could leak key information.
+ */
+function timingSafeIncludes(validKeys, candidate) {
+    const candidateBuffer = Buffer.from(candidate);
+    let found = false;
+    for (const key of validKeys) {
+        const keyBuffer = Buffer.from(key);
+        if (candidateBuffer.length === keyBuffer.length) {
+            if (crypto.timingSafeEqual(candidateBuffer, keyBuffer)) {
+                found = true;
+            }
+        }
+    }
+    return found;
+}
+//# sourceMappingURL=auth.middleware.js.map

package/lib/core/src/middleware/auth.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.middleware.js","sourceRoot":"","sources":["../../../../src/middleware/auth.middleware.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqBH,oDA6EC;AAyBD,oCAEC;AAMD,oCAEC;AAMD,oCAEC;AAOD,oCAEC;AAOD,4CAuCC;AAOD,sCA8BC;AAvOD,+CAAiC;AAEjC,oDAA2C;AAC3C,4CAA4C;AAY5C;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,OAIpC;IACC,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;;QAC/D,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC;YAE1C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;oBAC/B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBAC1B,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE;4BACL,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,yBAAyB;yBACnC;qBACF,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,IAAI,EAAE,CAAC;YAChB,CAAC;YAED,8DAA8D;YAC9D,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,eAAe,CAAC,KAAK,EAAE,qBAAM,CAAC,CAAC;YAErF,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,CAAC;gBAChC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE;wBACL,IAAI,EAAE,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe;wBAC1E,OAAO,EAAE,kBAAkB,CAAC,KAAK,IAAI,0BAA0B;qBAChE;iBACF,CAAC,CAAC;YACL,CAAC;YAED,yBAAyB;YACxB,GAA4B,CAAC,IAAI,GAAG;gBACnC,GAAG,EAAE,kBAAkB,CAAC,KAAM,CAAC,OAAO;gBACtC,KAAK,EAAE,kBAAkB,CAAC,KAAM,CAAC,KAAK,IAAI,SAAS;gBACnD,IAAI,EAAE,CAAA,MAAA,kBAAkB,CAAC,KAAM,CAAC,YAAY,0CAAE,IAAI,KAAI,MAAM;gBAC5D,YAAY,EAAE,kBAAkB,CAAC,KAAM,CAAC,YAAY;aACrD,CAAC;YAEF,0BAA0B;YAC1B,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9C,MAAM,QAAQ,GAAG,MAAC,GAA4B,CAAC,IAAI,0CAAE,IAAI,CAAC;gBAC1D,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACnD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBAC1B,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE;4BACL,IAAI,EAAE,WAAW;4BACjB,OAAO,EAAE,0BAA0B;yBACpC;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,qBAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE;gBACjC,GAAG,EAAE,MAAC,GAA4B,CAAC,IAAI,0CAAE,GAAG;gBAC5C,IAAI,EAAE,MAAC,GAA4B,CAAC,IAAI,0CAAE,IAAI;aAC/C,CAAC,CAAC;YAEH,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtE,MAAM,SAAS,GAAG,IAAI,kBAAS,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;YAChE,qBAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAErC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,YAAY;oBAClB,OAAO,EAAE,uBAAuB;iBACjC;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,GAAY;IAC1C,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;IAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,SAAgB,YAAY,CAAC,YAA2B;IACtD,OAAO,oBAAoB,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;AACjE,CAAC;AAED;;;GAGG;AACH,SAAgB,YAAY,CAAC,YAA2B;IACtD,OAAO,oBAAoB,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAChE,CAAC;AAED;;;GAGG;AACH,SAAgB,YAAY,CAAC,YAA2B,EAAE,KAAe;IACvE,OAAO,oBAAoB,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACvE,CAAC;AAED;;;;GAIG;AACH,SAAgB,YAAY,CAAC,YAA2B,EAAE,aAAuB,CAAC,OAAO,CAAC;IACxF,OAAO,YAAY,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,gBAAgB,CAC9B,qBAA2D,EAC3D,aAAuB,CAAC,OAAO,CAAC;IAEhC,OAAO,KAAK,EAAE,GAAyB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;;QAC5E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,GAAG,CAAC;YAC7B,MAAM,cAAc,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;YAElD,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;gBAC5D,kCAAkC;gBAClC,IAAI,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,KAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACzD,OAAO,IAAI,EAAE,CAAC;gBAChB,CAAC;gBAED,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE;wBACL,IAAI,EAAE,WAAW;wBACjB,OAAO,EAAE,gCAAgC;qBAC1C;iBACF,CAAC,CAAC;YACL,CAAC;YAED,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtE,MAAM,SAAS,GAAG,IAAI,kBAAS,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;YAC9E,qBAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAErC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,qBAAqB;oBAC3B,OAAO,EAAE,qCAAqC;iBAC/C;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,YAAsB;IAClD,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAW,CAAC;YAElD,IAAI,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,YAAY,EAAE,MAAM,CAAC,EAAE,CAAC;gBACzD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC1B,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE;wBACL,IAAI,EAAE,iBAAiB;wBACvB,OAAO,EAAE,4BAA4B;qBACtC;iBACF,CAAC,CAAC;YACL,CAAC;YAED,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACtE,MAAM,SAAS,GAAG,IAAI,kBAAS,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;YACpE,qBAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAErC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,YAAY;oBAClB,OAAO,EAAE,2BAA2B;iBACrC;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,SAAmB,EAAE,SAAiB;IAChE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/C,IAAI,KAAK,GAAG,KAAK,CAAC;IAElB,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,eAAe,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM,EAAE,CAAC;YAChD,IAAI,MAAM,CAAC,eAAe,CAAC,eAAe,EAAE,SAAS,CAAC,EAAE,CAAC;gBACvD,KAAK,GAAG,IAAI,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}

package/lib/core/src/middleware/cors.middleware.d.ts

@@ -0,0 +1,13 @@
+/**
+ * CORS Middleware Configuration
+ */
+import cors from 'cors';
+/**
+ * Create CORS middleware with configuration
+ */
+export declare function createCorsMiddleware(): (req: cors.CorsRequest, res: {
+    statusCode?: number | undefined;
+    setHeader(key: string, value: string): any;
+    end(): any;
+}, next: (err?: any) => any) => void;
+//# sourceMappingURL=cors.middleware.d.ts.map

package/lib/core/src/middleware/cors.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.middleware.d.ts","sourceRoot":"","sources":["../../../../src/middleware/cors.middleware.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB;;GAEG;AACH,wBAAgB,oBAAoB;cAqC4I,CAAC;;;aAAmH,CAAC,uBADpS"}

package/lib/core/src/middleware/cors.middleware.js

@@ -0,0 +1,50 @@
+"use strict";
+/**
+ * CORS Middleware Configuration
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createCorsMiddleware = createCorsMiddleware;
+const cors_1 = __importDefault(require("cors"));
+const app_config_1 = require("../config/app.config");
+const middleware_config_1 = require("../config/middleware.config");
+/**
+ * Create CORS middleware with configuration
+ */
+function createCorsMiddleware() {
+    return (0, cors_1.default)({
+        origin: (origin, callback) => {
+            // Allow requests with no origin (mobile apps, Postman, etc.)
+            if (!origin) {
+                return callback(null, true);
+            }
+            // Check if origin is allowed
+            if (app_config_1.APP_CONFIG.api.corsOrigins.includes(origin)) {
+                return callback(null, true);
+            }
+            // In development, allow all localhost origins
+            if (app_config_1.APP_CONFIG.app.environment === 'development' && origin.includes('localhost')) {
+                return callback(null, true);
+            }
+            callback(new Error('Not allowed by CORS'));
+        },
+        credentials: middleware_config_1.MIDDLEWARE_CONFIG.cors.credentials,
+        maxAge: middleware_config_1.MIDDLEWARE_CONFIG.cors.maxAge,
+        methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+        allowedHeaders: [
+            'Content-Type',
+            'Authorization',
+            'X-Request-ID',
+            'X-API-Key',
+        ],
+        exposedHeaders: [
+            'X-Request-ID',
+            'X-Total-Count',
+            'X-Page',
+            'X-Page-Size',
+        ],
+    });
+}
+//# sourceMappingURL=cors.middleware.js.map

package/lib/core/src/middleware/cors.middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.middleware.js","sourceRoot":"","sources":["../../../../src/middleware/cors.middleware.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;AASH,oDAoCC;AA3CD,gDAAwB;AACxB,qDAAkD;AAClD,mEAAgE;AAEhE;;GAEG;AACH,SAAgB,oBAAoB;IAClC,OAAO,IAAA,cAAI,EAAC;QACV,MAAM,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,EAAE;YAC3B,6DAA6D;YAC7D,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,6BAA6B;YAC7B,IAAI,uBAAU,CAAC,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChD,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,8CAA8C;YAC9C,IAAI,uBAAU,CAAC,GAAG,CAAC,WAAW,KAAK,aAAa,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjF,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC;YAED,QAAQ,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC7C,CAAC;QACD,WAAW,EAAE,qCAAiB,CAAC,IAAI,CAAC,WAAW;QAC/C,MAAM,EAAE,qCAAiB,CAAC,IAAI,CAAC,MAAM;QACrC,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC;QAC7D,cAAc,EAAE;YACd,cAAc;YACd,eAAe;YACf,cAAc;YACd,WAAW;SACZ;QACD,cAAc,EAAE;YACd,cAAc;YACd,eAAe;YACf,QAAQ;YACR,aAAa;SACd;KACF,CAAC,CAAC;AACL,CAAC"}

package/lib/core/src/middleware/error.middleware.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Error Handling Middleware
+ * Global error handler and custom error classes
+ */
+import { Request, Response, NextFunction } from 'express';
+/**
+ * Custom application errors
+ */
+export declare class AppError extends Error {
+    code: string;
+    message: string;
+    statusCode: number;
+    details?: Record<string, any> | undefined;
+    constructor(code: string, message: string, statusCode?: number, details?: Record<string, any> | undefined);
+}
+export declare class NotFoundError extends AppError {
+    constructor(resource: string, id?: string);
+}
+export declare class ValidationError extends AppError {
+    constructor(message: string, details?: Record<string, any>);
+}
+export declare class UnauthorizedError extends AppError {
+    constructor(message?: string);
+}
+export declare class ForbiddenError extends AppError {
+    constructor(message?: string);
+}
+export declare class ConflictError extends AppError {
+    constructor(message: string, details?: Record<string, any>);
+}
+/**
+ * Global error handling middleware
+ * Must be registered last in middleware chain
+ */
+export declare function errorHandler(): (err: Error, req: Request, res: Response, _next: NextFunction) => Response<any, Record<string, any>>;
+/**
+ * 404 Not Found handler
+ * For unmatched routes
+ */
+export declare function notFoundHandler(): (req: Request, res: Response) => void;
+/**
+ * Async handler wrapper
+ * Catches async errors and passes to error middleware
+ */
+export declare function asyncHandler(fn: (req: Request, res: Response, next: NextFunction) => Promise<any>): (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=error.middleware.d.ts.map

package/lib/core/src/middleware/error.middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"error.middleware.d.ts","sourceRoot":"","sources":["../../../../src/middleware/error.middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAI1D;;GAEG;AACH,qBAAa,QAAS,SAAQ,KAAK;IAExB,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,MAAM;IACf,UAAU,EAAE,MAAM;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;gBAH7B,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,UAAU,GAAE,MAAY,EACxB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,YAAA;CAMvC;AAED,qBAAa,aAAc,SAAQ,QAAQ;gBAC7B,QAAQ,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM;CAS1C;AAED,qBAAa,eAAgB,SAAQ,QAAQ;gBAC/B,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAI3D;AAED,qBAAa,iBAAkB,SAAQ,QAAQ;gBACjC,OAAO,SAA4B;CAIhD;AAED,qBAAa,cAAe,SAAQ,QAAQ;gBAC9B,OAAO,SAAkB;CAItC;AAED,qBAAa,aAAc,SAAQ,QAAQ;gBAC7B,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAI3D;AAED;;;GAGG;AACH,wBAAgB,YAAY,KAClB,KAAK,KAAK,EAAE,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,OAAO,YAAY,wCA4ErE;AAED;;;GAGG;AACH,wBAAgB,eAAe,KACrB,KAAK,OAAO,EAAE,KAAK,QAAQ,UAsBpC;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,EAAE,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,KAAK,OAAO,CAAC,GAAG,CAAC,IACxF,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UAGxD"}