@zintrust/core 0.1.19 → 0.1.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +10 -10
- package/bin/zintrust-main.d.ts.map +1 -1
- package/bin/zintrust-main.js +9 -0
- package/package.json +3 -2
- package/public/error-pages/404.html +145 -0
- package/public/error-pages/500.html +266 -0
- package/public/error-pages/error.css +628 -0
- package/public/error-pages/error.js +428 -0
- package/public/zintrust.svg +30 -0
- package/routes/api.d.ts.map +1 -1
- package/routes/api.js +41 -17
- package/routes/metrics.d.ts +9 -0
- package/routes/metrics.d.ts.map +1 -0
- package/routes/metrics.js +20 -0
- package/routes/openapi.d.ts +9 -0
- package/routes/openapi.d.ts.map +1 -0
- package/routes/openapi.js +76 -0
- package/src/boot/Application.d.ts +2 -2
- package/src/boot/Application.d.ts.map +1 -1
- package/src/boot/Application.js +66 -13
- package/src/boot/Server.d.ts +3 -2
- package/src/boot/Server.d.ts.map +1 -1
- package/src/boot/Server.js +39 -165
- package/src/boot/bootstrap.js +2 -0
- package/src/cache/Cache.d.ts +1 -1
- package/src/cache/Cache.d.ts.map +1 -1
- package/src/cache/CacheDriver.d.ts +4 -0
- package/src/cache/CacheDriver.d.ts.map +1 -1
- package/src/cache/drivers/KVDriver.d.ts +1 -1
- package/src/cache/drivers/KVDriver.d.ts.map +1 -1
- package/src/cache/drivers/MemoryDriver.d.ts +1 -1
- package/src/cache/drivers/MemoryDriver.d.ts.map +1 -1
- package/src/cache/drivers/MemoryDriver.js +16 -0
- package/src/cache/drivers/MongoDriver.d.ts +1 -1
- package/src/cache/drivers/MongoDriver.d.ts.map +1 -1
- package/src/cache/drivers/RedisDriver.d.ts +1 -1
- package/src/cache/drivers/RedisDriver.d.ts.map +1 -1
- package/src/cli/CLI.d.ts.map +1 -1
- package/src/cli/CLI.js +10 -4
- package/src/cli/commands/AddCommand.d.ts +2 -2
- package/src/cli/commands/AddCommand.d.ts.map +1 -1
- package/src/cli/commands/AddCommand.js +135 -58
- package/src/cli/commands/ConfigCommand.d.ts +1 -1
- package/src/cli/commands/ConfigCommand.d.ts.map +1 -1
- package/src/cli/commands/CreateCommand.d.ts +15 -0
- package/src/cli/commands/CreateCommand.d.ts.map +1 -0
- package/src/cli/commands/CreateCommand.js +143 -0
- package/src/cli/commands/D1MigrateCommand.d.ts +1 -1
- package/src/cli/commands/D1MigrateCommand.d.ts.map +1 -1
- package/src/cli/commands/D1MigrateCommand.js +16 -20
- package/src/cli/commands/DbSeedCommand.d.ts +9 -0
- package/src/cli/commands/DbSeedCommand.d.ts.map +1 -0
- package/src/cli/commands/DbSeedCommand.js +171 -0
- package/src/cli/commands/DebugCommand.d.ts +1 -1
- package/src/cli/commands/DebugCommand.d.ts.map +1 -1
- package/src/cli/commands/FixCommand.d.ts +1 -1
- package/src/cli/commands/FixCommand.d.ts.map +1 -1
- package/src/cli/commands/JwtDevCommand.d.ts +8 -0
- package/src/cli/commands/JwtDevCommand.d.ts.map +1 -0
- package/src/cli/commands/JwtDevCommand.js +114 -0
- package/src/cli/commands/KeyGenerateCommand.d.ts +1 -1
- package/src/cli/commands/KeyGenerateCommand.d.ts.map +1 -1
- package/src/cli/commands/LogsCommand.d.ts +2 -2
- package/src/cli/commands/LogsCommand.d.ts.map +1 -1
- package/src/cli/commands/LogsCommand.js +36 -2
- package/src/cli/commands/MakeMailTemplateCommand.d.ts +1 -1
- package/src/cli/commands/MakeMailTemplateCommand.d.ts.map +1 -1
- package/src/cli/commands/MakeNotificationTemplateCommand.d.ts +1 -1
- package/src/cli/commands/MakeNotificationTemplateCommand.d.ts.map +1 -1
- package/src/cli/commands/MigrateCommand.d.ts +1 -1
- package/src/cli/commands/MigrateCommand.d.ts.map +1 -1
- package/src/cli/commands/MigrateCommand.js +324 -35
- package/src/cli/commands/NewCommand.d.ts +1 -1
- package/src/cli/commands/NewCommand.d.ts.map +1 -1
- package/src/cli/commands/NewCommand.js +12 -4
- package/src/cli/commands/PluginCommand.d.ts +1 -1
- package/src/cli/commands/PluginCommand.d.ts.map +1 -1
- package/src/cli/commands/PrepareCommand.d.ts +1 -1
- package/src/cli/commands/PrepareCommand.d.ts.map +1 -1
- package/src/cli/commands/QACommand.d.ts +2 -2
- package/src/cli/commands/QACommand.d.ts.map +1 -1
- package/src/cli/commands/RoutesCommand.d.ts +10 -0
- package/src/cli/commands/RoutesCommand.d.ts.map +1 -0
- package/src/cli/commands/RoutesCommand.js +242 -0
- package/src/cli/commands/SimulateCommand.d.ts +1 -1
- package/src/cli/commands/SimulateCommand.d.ts.map +1 -1
- package/src/cli/commands/index.d.ts +3 -0
- package/src/cli/commands/index.d.ts.map +1 -1
- package/src/cli/commands/index.js +3 -0
- package/src/cli/config/ConfigManager.d.ts +1 -1
- package/src/cli/config/ConfigManager.d.ts.map +1 -1
- package/src/cli/config/ConfigValidator.d.ts +1 -1
- package/src/cli/config/ConfigValidator.d.ts.map +1 -1
- package/src/cli/config/ConfigValidator.js +1 -1
- package/src/cli/d1/D1SqlMigrations.d.ts +20 -0
- package/src/cli/d1/D1SqlMigrations.d.ts.map +1 -0
- package/src/cli/d1/D1SqlMigrations.js +229 -0
- package/src/cli/d1/WranglerConfig.d.ts +4 -0
- package/src/cli/d1/WranglerConfig.d.ts.map +1 -0
- package/src/cli/d1/WranglerConfig.js +122 -0
- package/src/cli/d1/WranglerD1.d.ts +11 -0
- package/src/cli/d1/WranglerD1.d.ts.map +1 -0
- package/src/cli/d1/WranglerD1.js +16 -0
- package/src/cli/scaffolding/ControllerGenerator.d.ts.map +1 -1
- package/src/cli/scaffolding/ControllerGenerator.js +76 -26
- package/src/cli/scaffolding/FactoryGenerator.d.ts.map +1 -1
- package/src/cli/scaffolding/FactoryGenerator.js +3 -1
- package/src/cli/scaffolding/GovernanceScaffolder.d.ts +23 -0
- package/src/cli/scaffolding/GovernanceScaffolder.d.ts.map +1 -0
- package/src/cli/scaffolding/GovernanceScaffolder.js +327 -0
- package/src/cli/scaffolding/MigrationGenerator.d.ts +10 -0
- package/src/cli/scaffolding/MigrationGenerator.d.ts.map +1 -1
- package/src/cli/scaffolding/MigrationGenerator.js +137 -51
- package/src/cli/scaffolding/ModelGenerator.js +1 -1
- package/src/cli/scaffolding/ProjectScaffolder.d.ts.map +1 -1
- package/src/cli/scaffolding/ProjectScaffolder.js +36 -4
- package/src/cli/scaffolding/RouteGenerator.d.ts.map +1 -1
- package/src/cli/scaffolding/RouteGenerator.js +79 -43
- package/src/cli/scaffolding/SeederGenerator.d.ts +5 -0
- package/src/cli/scaffolding/SeederGenerator.d.ts.map +1 -1
- package/src/cli/scaffolding/SeederGenerator.js +63 -15
- package/src/cli/scaffolding/ServiceScaffolder.d.ts.map +1 -1
- package/src/cli/scaffolding/ServiceScaffolder.js +28 -7
- package/src/cli/scaffolding/index.d.ts +2 -0
- package/src/cli/scaffolding/index.d.ts.map +1 -1
- package/src/cli/scaffolding/index.js +1 -0
- package/src/common/index.d.ts +8 -0
- package/src/common/index.d.ts.map +1 -1
- package/src/common/index.js +28 -0
- package/src/common/utility.d.ts +38 -0
- package/src/common/utility.d.ts.map +1 -0
- package/src/common/utility.js +101 -0
- package/src/config/FileLogWriter.d.ts +2 -1
- package/src/config/FileLogWriter.d.ts.map +1 -1
- package/src/config/FileLogWriter.js +83 -2
- package/src/config/app.d.ts.map +1 -1
- package/src/config/app.js +3 -1
- package/src/config/broadcast.d.ts +14 -28
- package/src/config/broadcast.d.ts.map +1 -1
- package/src/config/broadcast.js +69 -35
- package/src/config/cache.d.ts +13 -45
- package/src/config/cache.d.ts.map +1 -1
- package/src/config/cache.js +69 -25
- package/src/config/cloudflare.d.ts +1 -1
- package/src/config/cloudflare.d.ts.map +1 -1
- package/src/config/database.d.ts +22 -64
- package/src/config/database.d.ts.map +1 -1
- package/src/config/database.js +191 -37
- package/src/config/env.d.ts +12 -0
- package/src/config/env.d.ts.map +1 -1
- package/src/config/env.js +14 -0
- package/src/config/index.d.ts +33 -137
- package/src/config/index.d.ts.map +1 -1
- package/src/config/logging/KvLogger.js +1 -1
- package/src/config/logging/SlackLogger.js +2 -2
- package/src/config/mail.d.ts +19 -55
- package/src/config/mail.d.ts.map +1 -1
- package/src/config/mail.js +63 -21
- package/src/config/middleware.d.ts +44 -1
- package/src/config/middleware.d.ts.map +1 -1
- package/src/config/middleware.js +157 -5
- package/src/config/notification.d.ts +14 -27
- package/src/config/notification.d.ts.map +1 -1
- package/src/config/notification.js +82 -36
- package/src/config/queue.d.ts +21 -51
- package/src/config/queue.d.ts.map +1 -1
- package/src/config/queue.js +72 -27
- package/src/config/security.d.ts +1 -1
- package/src/config/security.js +1 -1
- package/src/config/storage.d.ts +27 -34
- package/src/config/storage.d.ts.map +1 -1
- package/src/config/storage.js +97 -56
- package/src/config/type.d.ts +13 -2
- package/src/config/type.d.ts.map +1 -1
- package/src/events/EventDispatcher.d.ts.map +1 -1
- package/src/events/EventDispatcher.js +6 -4
- package/src/exceptions/ZintrustError.d.ts +7 -0
- package/src/exceptions/ZintrustError.d.ts.map +1 -1
- package/src/exceptions/ZintrustError.js +56 -0
- package/src/features/Auth.d.ts +1 -1
- package/src/features/Auth.d.ts.map +1 -1
- package/src/features/Auth.js +3 -3
- package/src/features/Queue.js +1 -1
- package/src/functions/cloudflare.d.ts.map +1 -1
- package/src/functions/cloudflare.js +3 -14
- package/src/functions/deno.d.ts.map +1 -1
- package/src/functions/deno.js +3 -14
- package/src/functions/lambda.d.ts.map +1 -1
- package/src/functions/lambda.js +3 -14
- package/src/health/StartupHealthChecks.js +1 -1
- package/src/http/Controller.d.ts +2 -2
- package/src/http/Controller.d.ts.map +1 -1
- package/src/http/FileUpload.d.ts +68 -0
- package/src/http/FileUpload.d.ts.map +1 -0
- package/src/http/FileUpload.js +120 -0
- package/src/http/Kernel.d.ts +5 -5
- package/src/http/Kernel.d.ts.map +1 -1
- package/src/http/Kernel.js +139 -23
- package/src/http/Request.d.ts +20 -1
- package/src/http/Request.d.ts.map +1 -1
- package/src/http/Request.js +23 -0
- package/src/http/RequestContext.d.ts +6 -0
- package/src/http/RequestContext.d.ts.map +1 -1
- package/src/http/RequestContext.js +77 -1
- package/src/http/Response.d.ts +1 -1
- package/src/http/Response.d.ts.map +1 -1
- package/src/http/ValidationHelper.d.ts +78 -0
- package/src/http/ValidationHelper.d.ts.map +1 -0
- package/src/http/ValidationHelper.js +121 -0
- package/src/http/error-pages/ErrorPageRenderer.d.ts +17 -0
- package/src/http/error-pages/ErrorPageRenderer.d.ts.map +1 -0
- package/src/http/error-pages/ErrorPageRenderer.js +88 -0
- package/src/http/middleware/BodyParsingMiddleware.d.ts +12 -0
- package/src/http/middleware/BodyParsingMiddleware.d.ts.map +1 -0
- package/src/http/middleware/BodyParsingMiddleware.js +251 -0
- package/src/http/middleware/FileUploadMiddleware.d.ts +12 -0
- package/src/http/middleware/FileUploadMiddleware.d.ts.map +1 -0
- package/src/http/middleware/FileUploadMiddleware.js +74 -0
- package/src/http/parsers/BodyParsers.d.ts +32 -0
- package/src/http/parsers/BodyParsers.d.ts.map +1 -0
- package/src/http/parsers/BodyParsers.js +159 -0
- package/src/http/parsers/MultipartParser.d.ts +33 -0
- package/src/http/parsers/MultipartParser.d.ts.map +1 -0
- package/src/http/parsers/MultipartParser.js +156 -0
- package/src/http/parsers/MultipartParserRegistry.d.ts +34 -0
- package/src/http/parsers/MultipartParserRegistry.d.ts.map +1 -0
- package/src/http/parsers/MultipartParserRegistry.js +20 -0
- package/src/http/validated.d.ts +12 -0
- package/src/http/validated.d.ts.map +1 -0
- package/src/http/validated.js +41 -0
- package/src/index.d.ts +73 -12
- package/src/index.d.ts.map +1 -1
- package/src/index.js +60 -5
- package/src/microservices/PostgresAdapter.d.ts.map +1 -1
- package/src/microservices/PostgresAdapter.js +0 -1
- package/src/microservices/RequestTracingMiddleware.d.ts +2 -2
- package/src/microservices/RequestTracingMiddleware.d.ts.map +1 -1
- package/src/microservices/RequestTracingMiddleware.js +3 -0
- package/src/microservices/ServiceAuthMiddleware.d.ts +2 -2
- package/src/microservices/ServiceAuthMiddleware.d.ts.map +1 -1
- package/src/middleware/AuthMiddleware.d.ts +10 -0
- package/src/middleware/AuthMiddleware.d.ts.map +1 -0
- package/src/middleware/AuthMiddleware.js +16 -0
- package/src/middleware/CsrfMiddleware.d.ts +11 -1
- package/src/middleware/CsrfMiddleware.d.ts.map +1 -1
- package/src/middleware/CsrfMiddleware.js +33 -0
- package/src/middleware/JwtAuthMiddleware.d.ts +11 -0
- package/src/middleware/JwtAuthMiddleware.d.ts.map +1 -0
- package/src/middleware/JwtAuthMiddleware.js +73 -0
- package/src/middleware/LoggingMiddleware.d.ts.map +1 -1
- package/src/middleware/LoggingMiddleware.js +8 -3
- package/src/middleware/MiddlewareStack.d.ts +2 -2
- package/src/middleware/MiddlewareStack.d.ts.map +1 -1
- package/src/middleware/RateLimiter.d.ts +2 -2
- package/src/middleware/RateLimiter.d.ts.map +1 -1
- package/src/middleware/SanitizeBodyMiddleware.d.ts +12 -0
- package/src/middleware/SanitizeBodyMiddleware.d.ts.map +1 -0
- package/src/middleware/SanitizeBodyMiddleware.js +31 -0
- package/src/middleware/SecurityMiddleware.d.ts +1 -1
- package/src/middleware/SecurityMiddleware.d.ts.map +1 -1
- package/src/middleware/SessionMiddleware.d.ts +1 -1
- package/src/middleware/SessionMiddleware.d.ts.map +1 -1
- package/src/middleware/ValidationMiddleware.d.ts +25 -0
- package/src/middleware/ValidationMiddleware.d.ts.map +1 -0
- package/src/middleware/ValidationMiddleware.js +251 -0
- package/src/migrations/MigrationDiscovery.d.ts +5 -0
- package/src/migrations/MigrationDiscovery.d.ts.map +1 -0
- package/src/migrations/MigrationDiscovery.js +16 -0
- package/src/migrations/MigrationLoader.d.ts +5 -0
- package/src/migrations/MigrationLoader.d.ts.map +1 -0
- package/src/migrations/MigrationLoader.js +43 -0
- package/src/migrations/MigrationLock.d.ts +4 -0
- package/src/migrations/MigrationLock.d.ts.map +1 -0
- package/src/migrations/MigrationLock.js +33 -0
- package/src/migrations/Migrator.d.ts +23 -0
- package/src/migrations/Migrator.d.ts.map +1 -0
- package/src/migrations/Migrator.js +4 -0
- package/src/migrations/MigratorFactory.d.ts +25 -0
- package/src/migrations/MigratorFactory.d.ts.map +1 -0
- package/src/migrations/MigratorFactory.js +339 -0
- package/src/migrations/schema/Blueprint.d.ts +5 -0
- package/src/migrations/schema/Blueprint.d.ts.map +1 -0
- package/src/migrations/schema/Blueprint.js +189 -0
- package/src/migrations/schema/Schema.d.ts +8 -0
- package/src/migrations/schema/Schema.d.ts.map +1 -0
- package/src/migrations/schema/Schema.js +141 -0
- package/src/migrations/schema/SchemaCompiler.d.ts +20 -0
- package/src/migrations/schema/SchemaCompiler.d.ts.map +1 -0
- package/src/migrations/schema/SchemaCompiler.js +262 -0
- package/src/migrations/schema/index.d.ts +5 -0
- package/src/migrations/schema/index.d.ts.map +1 -0
- package/src/migrations/schema/index.js +3 -0
- package/src/migrations/schema/types.d.ts +86 -0
- package/src/migrations/schema/types.d.ts.map +1 -0
- package/src/migrations/schema/types.js +1 -0
- package/src/migrations/types.d.ts +45 -0
- package/src/migrations/types.d.ts.map +1 -0
- package/src/migrations/types.js +1 -0
- package/src/node-singletons/crypto.d.ts +1 -1
- package/src/node-singletons/crypto.d.ts.map +1 -1
- package/src/node-singletons/crypto.js +1 -1
- package/src/node-singletons/fs.d.ts +2 -2
- package/src/node-singletons/fs.d.ts.map +1 -1
- package/src/node-singletons/fs.js +1 -1
- package/src/node-singletons/util.d.ts +6 -0
- package/src/node-singletons/util.d.ts.map +1 -0
- package/src/node-singletons/util.js +5 -0
- package/src/node.d.ts +3 -1
- package/src/node.d.ts.map +1 -1
- package/src/node.js +6 -2
- package/src/observability/OpenTelemetry.d.ts +62 -0
- package/src/observability/OpenTelemetry.d.ts.map +1 -0
- package/src/observability/OpenTelemetry.js +167 -0
- package/src/observability/PrometheusMetrics.d.ts +25 -0
- package/src/observability/PrometheusMetrics.d.ts.map +1 -0
- package/src/observability/PrometheusMetrics.js +114 -0
- package/src/openapi/OpenApiGenerator.d.ts +68 -0
- package/src/openapi/OpenApiGenerator.d.ts.map +1 -0
- package/src/openapi/OpenApiGenerator.js +287 -0
- package/src/orm/Database.d.ts +5 -2
- package/src/orm/Database.d.ts.map +1 -1
- package/src/orm/Database.js +219 -63
- package/src/orm/DatabaseAdapter.d.ts +14 -0
- package/src/orm/DatabaseAdapter.d.ts.map +1 -1
- package/src/orm/DatabaseAdapterRegistry.d.ts.map +1 -1
- package/src/orm/DatabaseAdapterRegistry.js +3 -1
- package/src/orm/DatabaseRuntimeRegistration.d.ts.map +1 -1
- package/src/orm/DatabaseRuntimeRegistration.js +12 -0
- package/src/orm/Model.d.ts +30 -2
- package/src/orm/Model.d.ts.map +1 -1
- package/src/orm/Model.js +255 -62
- package/src/orm/QueryBuilder.d.ts +22 -1
- package/src/orm/QueryBuilder.d.ts.map +1 -1
- package/src/orm/QueryBuilder.js +406 -99
- package/src/orm/Relationships.d.ts +7 -1
- package/src/orm/Relationships.d.ts.map +1 -1
- package/src/orm/Relationships.js +18 -0
- package/src/orm/SchemaCompiler.d.ts +9 -0
- package/src/orm/SchemaCompiler.d.ts.map +1 -0
- package/src/orm/SchemaCompiler.js +145 -0
- package/src/orm/adapters/D1Adapter.d.ts +1 -1
- package/src/orm/adapters/D1Adapter.d.ts.map +1 -1
- package/src/orm/adapters/MySQLAdapter.d.ts +1 -1
- package/src/orm/adapters/MySQLAdapter.d.ts.map +1 -1
- package/src/orm/adapters/MySQLAdapter.js +88 -69
- package/src/orm/adapters/PostgreSQLAdapter.d.ts +1 -1
- package/src/orm/adapters/PostgreSQLAdapter.d.ts.map +1 -1
- package/src/orm/adapters/PostgreSQLAdapter.js +88 -69
- package/src/orm/adapters/SQLServerAdapter.d.ts +1 -1
- package/src/orm/adapters/SQLServerAdapter.d.ts.map +1 -1
- package/src/orm/adapters/SQLiteAdapter.d.ts +1 -1
- package/src/orm/adapters/SQLiteAdapter.d.ts.map +1 -1
- package/src/orm/adapters/SQLiteAdapter.js +59 -3
- package/src/orm/maintenance/SqliteMaintenance.d.ts +5 -0
- package/src/orm/maintenance/SqliteMaintenance.d.ts.map +1 -0
- package/src/orm/maintenance/SqliteMaintenance.js +14 -0
- package/src/orm/migrations/MigrationStore.d.ts +38 -0
- package/src/orm/migrations/MigrationStore.d.ts.map +1 -0
- package/src/orm/migrations/MigrationStore.js +157 -0
- package/src/performance/CodeGenerationBenchmark.d.ts.map +1 -1
- package/src/performance/Optimizer.d.ts +7 -6
- package/src/performance/Optimizer.d.ts.map +1 -1
- package/src/performance/Optimizer.js +170 -55
- package/src/profiling/MemoryProfiler.d.ts +1 -1
- package/src/profiling/MemoryProfiler.d.ts.map +1 -1
- package/src/profiling/N1Detector.d.ts +1 -1
- package/src/profiling/N1Detector.d.ts.map +1 -1
- package/src/profiling/QueryLogger.d.ts +1 -1
- package/src/profiling/QueryLogger.d.ts.map +1 -1
- package/src/profiling/RequestProfiler.d.ts +3 -3
- package/src/profiling/RequestProfiler.d.ts.map +1 -1
- package/src/routes/metrics.d.ts +2 -0
- package/src/routes/metrics.d.ts.map +1 -0
- package/src/routes/metrics.js +1 -0
- package/src/routing/CoreRoutes.d.ts +12 -0
- package/src/routing/CoreRoutes.d.ts.map +1 -0
- package/src/routing/CoreRoutes.js +151 -0
- package/src/routing/RouteRegistry.d.ts +39 -0
- package/src/routing/RouteRegistry.d.ts.map +1 -0
- package/src/routing/RouteRegistry.js +44 -0
- package/src/routing/Router.d.ts +26 -9
- package/src/routing/Router.d.ts.map +1 -1
- package/src/routing/Router.js +79 -35
- package/src/routing/common.d.ts +15 -0
- package/src/routing/common.d.ts.map +1 -0
- package/src/routing/common.js +47 -0
- package/src/routing/doc.d.ts +27 -0
- package/src/routing/doc.d.ts.map +1 -0
- package/src/routing/doc.js +110 -0
- package/src/routing/error.d.ts +21 -0
- package/src/routing/error.d.ts.map +1 -0
- package/src/routing/error.js +126 -0
- package/src/routing/errorPages.d.ts +14 -0
- package/src/routing/errorPages.d.ts.map +1 -0
- package/src/routing/errorPages.js +103 -0
- package/src/routing/publicRoot.d.ts +27 -0
- package/src/routing/publicRoot.d.ts.map +1 -0
- package/src/routing/publicRoot.js +110 -0
- package/src/runtime/PluginAutoImports.d.ts +21 -0
- package/src/runtime/PluginAutoImports.d.ts.map +1 -0
- package/src/runtime/PluginAutoImports.js +59 -0
- package/src/runtime/PluginManager.d.ts +1 -5
- package/src/runtime/PluginManager.d.ts.map +1 -1
- package/src/runtime/PluginManager.js +25 -18
- package/src/runtime/RuntimeDetector.d.ts +1 -1
- package/src/runtime/RuntimeDetector.d.ts.map +1 -1
- package/src/runtime/StartupConfigFileRegistry.d.ts +20 -0
- package/src/runtime/StartupConfigFileRegistry.d.ts.map +1 -0
- package/src/runtime/StartupConfigFileRegistry.js +44 -0
- package/src/runtime/adapters/CloudflareAdapter.d.ts +1 -1
- package/src/runtime/adapters/CloudflareAdapter.d.ts.map +1 -1
- package/src/runtime/adapters/CloudflareAdapter.js +1 -1
- package/src/runtime/adapters/DenoAdapter.d.ts +1 -1
- package/src/runtime/adapters/DenoAdapter.d.ts.map +1 -1
- package/src/runtime/adapters/DenoAdapter.js +1 -1
- package/src/runtime/adapters/LambdaAdapter.d.ts +1 -1
- package/src/runtime/adapters/LambdaAdapter.d.ts.map +1 -1
- package/src/runtime/adapters/LambdaAdapter.js +1 -1
- package/src/runtime/adapters/NodeServerAdapter.d.ts +1 -1
- package/src/runtime/adapters/NodeServerAdapter.d.ts.map +1 -1
- package/src/runtime/getKernel.d.ts +9 -0
- package/src/runtime/getKernel.d.ts.map +1 -0
- package/src/runtime/getKernel.js +27 -0
- package/src/runtime/useFileLoader.d.ts +26 -0
- package/src/runtime/useFileLoader.d.ts.map +1 -0
- package/src/runtime/useFileLoader.js +188 -0
- package/src/scripts/TemplateImportsCheck.js +40 -0
- package/src/scripts/TemplateSync.js +90 -24
- package/src/security/Encryptor.d.ts.map +1 -1
- package/src/security/Encryptor.js +64 -7
- package/src/security/JwtManager.d.ts +1 -0
- package/src/security/JwtManager.d.ts.map +1 -1
- package/src/security/JwtManager.js +33 -0
- package/src/security/Sanitizer.d.ts +76 -0
- package/src/security/Sanitizer.d.ts.map +1 -0
- package/src/security/Sanitizer.js +412 -0
- package/src/security/TokenRevocation.d.ts +7 -0
- package/src/security/TokenRevocation.d.ts.map +1 -0
- package/src/security/TokenRevocation.js +57 -0
- package/src/security/XssProtection.d.ts.map +1 -1
- package/src/security/XssProtection.js +62 -14
- package/src/seeders/SeederDiscovery.d.ts +5 -0
- package/src/seeders/SeederDiscovery.d.ts.map +1 -0
- package/src/seeders/SeederDiscovery.js +21 -0
- package/src/seeders/SeederLoader.d.ts +5 -0
- package/src/seeders/SeederLoader.d.ts.map +1 -0
- package/src/seeders/SeederLoader.js +60 -0
- package/src/seeders/types.d.ts +18 -0
- package/src/seeders/types.d.ts.map +1 -0
- package/src/seeders/types.js +1 -0
- package/src/session/SessionManager.js +1 -1
- package/src/templates/adapters/MySQLAdapter.ts.tpl +109 -85
- package/src/templates/adapters/PostgreSQLAdapter.ts.tpl +129 -88
- package/src/templates/adapters/SQLServerAdapter.ts.tpl +5 -9
- package/src/templates/adapters/SQLiteAdapter.ts.tpl +78 -11
- package/src/templates/features/Queue.ts.tpl +3 -2
- package/src/templates/project/basic/app/Controllers/AuthController.ts.tpl +217 -0
- package/src/templates/project/basic/app/Controllers/UserController.ts.tpl +1 -12
- package/src/templates/project/basic/app/Types/controller.ts.tpl +46 -0
- package/src/templates/project/basic/config/FileLogWriter.ts.tpl +5 -236
- package/src/templates/project/basic/config/SecretsManager.ts.tpl +10 -447
- package/src/templates/project/basic/config/StartupConfigValidator.ts.tpl +9 -268
- package/src/templates/project/basic/config/app.ts.tpl +13 -153
- package/src/templates/project/basic/config/broadcast.ts.tpl +29 -126
- package/src/templates/project/basic/config/cache.ts.tpl +12 -70
- package/src/templates/project/basic/config/cloudflare.ts.tpl +4 -39
- package/src/templates/project/basic/config/constants.ts.tpl +9 -65
- package/src/templates/project/basic/config/database.ts.tpl +66 -123
- package/src/templates/project/basic/config/env.ts.tpl +5 -169
- package/src/templates/project/basic/config/features.ts.tpl +6 -54
- package/src/templates/project/basic/config/index.ts.tpl +8 -23
- package/src/templates/project/basic/config/logging/HttpLogger.ts.tpl +7 -114
- package/src/templates/project/basic/config/mail.ts.tpl +9 -62
- package/src/templates/project/basic/config/microservices.ts.tpl +11 -97
- package/src/templates/project/basic/config/middleware.ts.tpl +25 -43
- package/src/templates/project/basic/config/notification.ts.tpl +13 -114
- package/src/templates/project/basic/config/queue.ts.tpl +9 -40
- package/src/templates/project/basic/config/security.ts.tpl +11 -163
- package/src/templates/project/basic/config/startup.ts.tpl +10 -21
- package/src/templates/project/basic/config/storage.ts.tpl +57 -137
- package/src/templates/project/basic/config/type.ts.tpl +32 -451
- package/src/templates/project/basic/database/factories/UserFactory.ts.tpl +80 -0
- package/src/templates/project/basic/database/migrations/create_tasks_table.ts.tpl +28 -0
- package/src/templates/project/basic/database/migrations/create_users_table.ts.tpl +29 -0
- package/src/templates/project/basic/database/seeders/DatabaseSeeder.ts.tpl +19 -0
- package/src/templates/project/basic/database/seeders/UserSeeder.ts.tpl +18 -0
- package/src/templates/project/basic/database/seeders/index.ts.tpl +2 -0
- package/src/templates/project/basic/routes/api.ts.tpl +71 -33
- package/src/templates/project/basic/routes/metrics.ts.tpl +22 -0
- package/src/templates/project/basic/src/index.ts.tpl +3 -0
- package/src/templates/project/basic/tsconfig.json.tpl +12 -11
- package/src/testing/TestEnvironment.d.ts +40 -0
- package/src/testing/TestEnvironment.d.ts.map +1 -0
- package/src/testing/TestEnvironment.js +141 -0
- package/src/testing/TestHttp.d.ts +29 -0
- package/src/testing/TestHttp.d.ts.map +1 -0
- package/src/testing/TestHttp.js +96 -0
- package/src/testing/index.d.ts +5 -0
- package/src/testing/index.d.ts.map +1 -0
- package/src/testing/index.js +2 -0
- package/src/time/DateTime.d.ts +181 -0
- package/src/time/DateTime.d.ts.map +1 -0
- package/src/time/DateTime.js +300 -0
- package/src/time/index.d.ts +7 -0
- package/src/time/index.d.ts.map +1 -0
- package/src/time/index.js +5 -0
- package/src/tools/http/Http.d.ts.map +1 -1
- package/src/tools/http/Http.js +4 -0
- package/src/tools/mail/drivers/Smtp.js +1 -1
- package/src/tools/queue/drivers/InMemory.d.ts +1 -1
- package/src/tools/queue/drivers/InMemory.d.ts.map +1 -1
- package/src/tools/queue/drivers/InMemory.js +1 -1
- package/src/tools/queue/drivers/Redis.d.ts +1 -1
- package/src/tools/queue/drivers/Redis.d.ts.map +1 -1
- package/src/tools/queue/drivers/Redis.js +1 -1
- package/src/validation/ValidationError.d.ts.map +1 -1
- package/src/validation/ValidationError.js +4 -2
- package/src/validation/Validator.d.ts +49 -16
- package/src/validation/Validator.d.ts.map +1 -1
- package/src/validation/Validator.js +307 -5
- package/src/common/uuid.d.ts +0 -3
- package/src/common/uuid.d.ts.map +0 -1
- package/src/common/uuid.js +0 -30
- package/src/templates/project/basic/.env.example.tpl +0 -74
- package/src/templates/project/basic/.env.tpl +0 -166
- package/src/templates/project/basic/config/logging/KvLogger.ts.tpl +0 -181
- package/src/templates/project/basic/config/logging/SlackLogger.ts.tpl +0 -156
- package/src/templates/project/basic/database/migrations/index.ts.tpl +0 -2
|
@@ -126,17 +126,31 @@ const rewriteStarterTemplateImports = (relPath, content) => {
|
|
|
126
126
|
// Starter templates should import framework APIs from the public package surface,
|
|
127
127
|
// not from internal path-alias modules that only exist in the framework repo.
|
|
128
128
|
return (content
|
|
129
|
+
// Some templates are extracted from internal sources that use repo-relative imports.
|
|
130
|
+
// Normalize those to the public package surface.
|
|
131
|
+
.replaceAll("'../../../features'", "'@zintrust/core'")
|
|
132
|
+
.replaceAll('"../../../features"', '"@zintrust/core"')
|
|
133
|
+
.replaceAll("'../../../logger'", "'@zintrust/core'")
|
|
134
|
+
.replaceAll('"../../../logger"', '"@zintrust/core"')
|
|
135
|
+
.replaceAll("'../../logger'", "'@zintrust/core'")
|
|
136
|
+
.replaceAll('"../../logger"', '"@zintrust/core"')
|
|
137
|
+
.replaceAll("'../logger'", "'@zintrust/core'")
|
|
138
|
+
.replaceAll('"../logger"', '"@zintrust/core"')
|
|
139
|
+
.replaceAll("'@common/uuid'", "'@zintrust/core'")
|
|
140
|
+
.replaceAll('"@common/uuid"', '"@zintrust/core"')
|
|
129
141
|
// Starter templates should not rely on local config/env wrappers.
|
|
130
142
|
// Normalize Env imports to come from the public package surface.
|
|
131
|
-
.replaceAll("from '../env';", "from '
|
|
132
|
-
.replaceAll('from "../env";', 'from "
|
|
133
|
-
.replaceAll("from './env';", "from '
|
|
134
|
-
.replaceAll('from "./env";', 'from "
|
|
143
|
+
.replaceAll("from '../env';", "from '../index.js';")
|
|
144
|
+
.replaceAll('from "../env";', 'from "../index.js";')
|
|
145
|
+
.replaceAll("from './env';", "from '../index.js';")
|
|
146
|
+
.replaceAll('from "./env";', 'from "../index.js";')
|
|
135
147
|
// Node-singletons are internal to this repo; starter templates should use Node built-ins.
|
|
136
148
|
.replaceAll("'@node-singletons/fs'", "'node:fs'")
|
|
137
149
|
.replaceAll('"@node-singletons/fs"', '"node:fs"')
|
|
138
150
|
.replaceAll("'@node-singletons/path'", "'node:path'")
|
|
139
151
|
.replaceAll('"@node-singletons/path"', '"node:path"')
|
|
152
|
+
.replaceAll("'@node-singletons/perf-hooks'", "'node:perf_hooks'")
|
|
153
|
+
.replaceAll('"@node-singletons/perf-hooks"', '"node:perf_hooks"')
|
|
140
154
|
// Starter project config/* should reference sibling config modules via relative imports.
|
|
141
155
|
.replaceAll(/(['"])@config\/([^'"]+)\1/g, (_m, quote, suffix) => {
|
|
142
156
|
const rewritten = rewriteConfigAlias(suffix);
|
|
@@ -162,9 +176,51 @@ const rewriteStarterTemplateImports = (relPath, content) => {
|
|
|
162
176
|
.replaceAll('"@common/index"', '"@zintrust/core"')
|
|
163
177
|
.replaceAll('"@httpClient/Http"', '"@zintrust/core"'));
|
|
164
178
|
};
|
|
179
|
+
const rewriteRegistryTemplateImports = (relPath, content) => {
|
|
180
|
+
if (!relPath.endsWith('.ts') && !relPath.endsWith('.tsx') && !relPath.endsWith('.mts')) {
|
|
181
|
+
return content;
|
|
182
|
+
}
|
|
183
|
+
// Registry templates (adapters/features) must only import from the public package surface.
|
|
184
|
+
// Unlike starter project templates, they should NEVER rewrite `@config/*` into relative imports.
|
|
185
|
+
return (content
|
|
186
|
+
// Normalize internal aliases to public API
|
|
187
|
+
.replaceAll("'@config/logger'", "'@zintrust/core'")
|
|
188
|
+
.replaceAll('"@config/logger"', '"@zintrust/core"')
|
|
189
|
+
.replaceAll("'@config/features'", "'@zintrust/core'")
|
|
190
|
+
.replaceAll('"@config/features"', '"@zintrust/core"')
|
|
191
|
+
.replaceAll("'@exceptions/ZintrustError'", "'@zintrust/core'")
|
|
192
|
+
.replaceAll('"@exceptions/ZintrustError"', '"@zintrust/core"')
|
|
193
|
+
.replaceAll("'@orm/DatabaseAdapter'", "'@zintrust/core'")
|
|
194
|
+
.replaceAll('"@orm/DatabaseAdapter"', '"@zintrust/core"')
|
|
195
|
+
.replaceAll("'@orm/QueryBuilder'", "'@zintrust/core'")
|
|
196
|
+
.replaceAll('"@orm/QueryBuilder"', '"@zintrust/core"')
|
|
197
|
+
.replaceAll("'@orm/Database'", "'@zintrust/core'")
|
|
198
|
+
.replaceAll('"@orm/Database"', '"@zintrust/core"')
|
|
199
|
+
.replaceAll("'@common/uuid'", "'@zintrust/core'")
|
|
200
|
+
.replaceAll('"@common/uuid"', '"@zintrust/core"')
|
|
201
|
+
.replaceAll("'@common/index'", "'@zintrust/core'")
|
|
202
|
+
.replaceAll('"@common/index"', '"@zintrust/core"')
|
|
203
|
+
// Node-singletons are internal to this repo; templates should use Node built-ins.
|
|
204
|
+
.replaceAll("'@node-singletons/fs'", "'node:fs'")
|
|
205
|
+
.replaceAll('"@node-singletons/fs"', '"node:fs"')
|
|
206
|
+
.replaceAll("'@node-singletons/path'", "'node:path'")
|
|
207
|
+
.replaceAll('"@node-singletons/path"', '"node:path"')
|
|
208
|
+
.replaceAll("'@node-singletons/perf-hooks'", "'node:perf_hooks'")
|
|
209
|
+
.replaceAll('"@node-singletons/perf-hooks"', '"node:perf_hooks"')
|
|
210
|
+
// Defensive: if old templates already contain repo-relative imports, normalize them.
|
|
211
|
+
.replaceAll("'../../../features'", "'@zintrust/core'")
|
|
212
|
+
.replaceAll('"../../../features"', '"@zintrust/core"')
|
|
213
|
+
.replaceAll("'../../../logger'", "'@zintrust/core'")
|
|
214
|
+
.replaceAll('"../../../logger"', '"@zintrust/core"')
|
|
215
|
+
.replaceAll("'../../logger'", "'@zintrust/core'")
|
|
216
|
+
.replaceAll('"../../logger"', '"@zintrust/core"')
|
|
217
|
+
.replaceAll("'../logger'", "'@zintrust/core'")
|
|
218
|
+
.replaceAll('"../logger"', '"@zintrust/core"'));
|
|
219
|
+
};
|
|
165
220
|
const syncRegistryMappings = (params) => {
|
|
166
221
|
let updated = 0;
|
|
167
222
|
let skipped = 0;
|
|
223
|
+
const checksumSalt = 'registry-imports-v3';
|
|
168
224
|
for (const mapping of params.mappings) {
|
|
169
225
|
const basePath = path.join(ROOT_DIR, mapping.basePath);
|
|
170
226
|
const templatePath = path.join(ROOT_DIR, mapping.templatePath);
|
|
@@ -173,17 +229,19 @@ const syncRegistryMappings = (params) => {
|
|
|
173
229
|
continue;
|
|
174
230
|
}
|
|
175
231
|
const currentHash = hashFile(basePath);
|
|
176
|
-
const
|
|
232
|
+
const checksumKey = `${mapping.basePath}|${checksumSalt}`;
|
|
233
|
+
const storedHash = params.checksums[checksumKey];
|
|
177
234
|
if (currentHash === storedHash && fs.existsSync(templatePath)) {
|
|
178
235
|
Logger.info(`✓ ${mapping.description} (in sync)`);
|
|
179
236
|
skipped++;
|
|
180
237
|
continue;
|
|
181
238
|
}
|
|
182
239
|
try {
|
|
183
|
-
const
|
|
240
|
+
const rawTemplateContent = extractTemplateContent(basePath);
|
|
241
|
+
const templateContent = rewriteRegistryTemplateImports(mapping.basePath, rawTemplateContent);
|
|
184
242
|
ensureDir(path.dirname(templatePath));
|
|
185
243
|
fs.writeFileSync(templatePath, templateContent, 'utf8');
|
|
186
|
-
params.checksums[
|
|
244
|
+
params.checksums[checksumKey] = currentHash;
|
|
187
245
|
Logger.info(`✓ Updated: ${mapping.description}`);
|
|
188
246
|
updated++;
|
|
189
247
|
}
|
|
@@ -239,14 +297,10 @@ const syncStarterProjectTemplates = (params) => {
|
|
|
239
297
|
templateDirRel: `${params.projectRoot}/app`,
|
|
240
298
|
description: 'Starter project app/*',
|
|
241
299
|
});
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
description: 'Starter project config/* (from src/config/*)',
|
|
247
|
-
transformContent: rewriteStarterTemplateImports,
|
|
248
|
-
checksumSalt: 'starter-imports-v4',
|
|
249
|
-
});
|
|
300
|
+
// NOTE:
|
|
301
|
+
// `src/templates/project/basic/config/*` is intentionally hand-authored.
|
|
302
|
+
// It must stay declarative (core owns runtime/env logic), and should never be
|
|
303
|
+
// auto-generated from `src/config/*` (which would overwrite project-level overrides).
|
|
250
304
|
const s3 = syncProjectTemplateDir({
|
|
251
305
|
checksums: params.checksums,
|
|
252
306
|
baseDirRel: 'src/database',
|
|
@@ -268,9 +322,9 @@ const syncStarterProjectTemplates = (params) => {
|
|
|
268
322
|
projectRoot: params.projectRoot,
|
|
269
323
|
});
|
|
270
324
|
return {
|
|
271
|
-
updated: s1.updated +
|
|
272
|
-
skipped: s1.skipped +
|
|
273
|
-
total: s1.total +
|
|
325
|
+
updated: s1.updated + s3.updated + s4.updated + s5.updated,
|
|
326
|
+
skipped: s1.skipped + s3.skipped + s4.skipped + s5.skipped,
|
|
327
|
+
total: s1.total + s3.total + s4.total + s5.total,
|
|
274
328
|
};
|
|
275
329
|
};
|
|
276
330
|
/**
|
|
@@ -303,16 +357,28 @@ function saveChecksums(checksums) {
|
|
|
303
357
|
// eslint-disable-next-line @typescript-eslint/require-await
|
|
304
358
|
async function syncTemplates() {
|
|
305
359
|
Logger.info('🔄 Syncing templates...\n');
|
|
360
|
+
const args = new Set(process.argv.slice(2));
|
|
361
|
+
const shouldSyncStarterTemplates = args.has('--dangerously-sync-starter-templates');
|
|
306
362
|
const checksums = loadChecksums();
|
|
307
363
|
const mappings = TemplateRegistry.getMappings();
|
|
308
364
|
const registry = syncRegistryMappings({ checksums, mappings });
|
|
365
|
+
let starter = {
|
|
366
|
+
updated: 0,
|
|
367
|
+
skipped: 0,
|
|
368
|
+
total: 0,
|
|
369
|
+
};
|
|
309
370
|
// Sync starter project templates (basic) from base framework folders.
|
|
310
|
-
//
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
371
|
+
// This is intentionally opt-in to avoid overwriting hand-authored starter templates.
|
|
372
|
+
if (shouldSyncStarterTemplates) {
|
|
373
|
+
Logger.info('');
|
|
374
|
+
Logger.info('🔄 Syncing starter project templates (basic)...');
|
|
375
|
+
const projectRoot = 'src/templates/project/basic';
|
|
376
|
+
starter = syncStarterProjectTemplates({ checksums, projectRoot });
|
|
377
|
+
}
|
|
378
|
+
else {
|
|
379
|
+
Logger.info('');
|
|
380
|
+
Logger.info('⏭️ Skipping starter project template sync (pass --dangerously-sync-starter-templates to enable)');
|
|
381
|
+
}
|
|
316
382
|
// Save updated checksums
|
|
317
383
|
saveChecksums(checksums);
|
|
318
384
|
// Summary
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Encryptor.d.ts","sourceRoot":"","sources":["../../../src/security/Encryptor.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"Encryptor.d.ts","sourceRoot":"","sources":["../../../src/security/Encryptor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAsMhD,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzD,YAAY,IAAI,aAAa,CAAC;CAC/B;AAuCD,eAAO,MAAM,SAAS,EAAE,UAItB,CAAC"}
|
|
@@ -4,7 +4,8 @@
|
|
|
4
4
|
*/
|
|
5
5
|
import { Logger } from '../config/logger.js';
|
|
6
6
|
import { ErrorFactory } from '../exceptions/ZintrustError.js';
|
|
7
|
-
import
|
|
7
|
+
import * as crypto from '../node-singletons/crypto.js';
|
|
8
|
+
import { promisify } from '../node-singletons/util.js';
|
|
8
9
|
function isBcryptModule(value) {
|
|
9
10
|
if (typeof value !== 'object' || value === null)
|
|
10
11
|
return false;
|
|
@@ -56,19 +57,47 @@ function timingSafeEquals(a, b) {
|
|
|
56
57
|
/**
|
|
57
58
|
* Hash with PBKDF2 (default)
|
|
58
59
|
*/
|
|
59
|
-
function hashPbkdf2(password) {
|
|
60
|
+
async function hashPbkdf2(password) {
|
|
60
61
|
const iterations = 600000; // OWASP recommended for SHA-256
|
|
61
|
-
const salt = randomBytes(32).toString('hex');
|
|
62
|
+
const salt = crypto.randomBytes(32).toString('hex');
|
|
62
63
|
const keyLength = 64;
|
|
63
64
|
const digest = 'sha256';
|
|
64
|
-
const
|
|
65
|
+
const pbkdf2Fn = (() => {
|
|
66
|
+
try {
|
|
67
|
+
const maybe = crypto.pbkdf2;
|
|
68
|
+
return typeof maybe === 'function' ? maybe : undefined;
|
|
69
|
+
}
|
|
70
|
+
catch {
|
|
71
|
+
return undefined;
|
|
72
|
+
}
|
|
73
|
+
})();
|
|
74
|
+
const pbkdf2SyncFn = (() => {
|
|
75
|
+
try {
|
|
76
|
+
const maybe = crypto.pbkdf2Sync;
|
|
77
|
+
return typeof maybe === 'function' ? maybe : undefined;
|
|
78
|
+
}
|
|
79
|
+
catch {
|
|
80
|
+
return undefined;
|
|
81
|
+
}
|
|
82
|
+
})();
|
|
83
|
+
let hashHex = '';
|
|
84
|
+
if (pbkdf2Fn) {
|
|
85
|
+
const pbkdf2Async = promisify(pbkdf2Fn);
|
|
86
|
+
hashHex = (await pbkdf2Async(password, salt, iterations, keyLength, digest)).toString('hex');
|
|
87
|
+
}
|
|
88
|
+
else if (pbkdf2SyncFn) {
|
|
89
|
+
hashHex = pbkdf2SyncFn(password, salt, iterations, keyLength, digest).toString('hex');
|
|
90
|
+
}
|
|
91
|
+
else {
|
|
92
|
+
throw ErrorFactory.createSecurityError('PBKDF2 is not available in this runtime');
|
|
93
|
+
}
|
|
65
94
|
// Format: algorithm$iterations$salt$hash
|
|
66
|
-
return `pbkdf2$${iterations}$${salt}$${
|
|
95
|
+
return `pbkdf2$${iterations}$${salt}$${hashHex}`;
|
|
67
96
|
}
|
|
68
97
|
/**
|
|
69
98
|
* Verify PBKDF2 hash
|
|
70
99
|
*/
|
|
71
|
-
function verifyPbkdf2(password, passwordHash) {
|
|
100
|
+
async function verifyPbkdf2(password, passwordHash) {
|
|
72
101
|
const parts = passwordHash.split('$');
|
|
73
102
|
const iterationsStr = parts[1];
|
|
74
103
|
const salt = parts[2];
|
|
@@ -80,7 +109,35 @@ function verifyPbkdf2(password, passwordHash) {
|
|
|
80
109
|
const iterations = Number.parseInt(iterationsStr, 10);
|
|
81
110
|
const keyLength = 64;
|
|
82
111
|
const digest = 'sha256';
|
|
83
|
-
const
|
|
112
|
+
const pbkdf2Fn = (() => {
|
|
113
|
+
try {
|
|
114
|
+
const maybe = crypto.pbkdf2;
|
|
115
|
+
return typeof maybe === 'function' ? maybe : undefined;
|
|
116
|
+
}
|
|
117
|
+
catch {
|
|
118
|
+
return undefined;
|
|
119
|
+
}
|
|
120
|
+
})();
|
|
121
|
+
const pbkdf2SyncFn = (() => {
|
|
122
|
+
try {
|
|
123
|
+
const maybe = crypto.pbkdf2Sync;
|
|
124
|
+
return typeof maybe === 'function' ? maybe : undefined;
|
|
125
|
+
}
|
|
126
|
+
catch {
|
|
127
|
+
return undefined;
|
|
128
|
+
}
|
|
129
|
+
})();
|
|
130
|
+
let computed = '';
|
|
131
|
+
if (pbkdf2Fn) {
|
|
132
|
+
const pbkdf2Async = promisify(pbkdf2Fn);
|
|
133
|
+
computed = (await pbkdf2Async(password, salt, iterations, keyLength, digest)).toString('hex');
|
|
134
|
+
}
|
|
135
|
+
else if (pbkdf2SyncFn) {
|
|
136
|
+
computed = pbkdf2SyncFn(password, salt, iterations, keyLength, digest).toString('hex');
|
|
137
|
+
}
|
|
138
|
+
else {
|
|
139
|
+
throw ErrorFactory.createSecurityError('PBKDF2 is not available in this runtime');
|
|
140
|
+
}
|
|
84
141
|
return timingSafeEquals(computed, storedHash);
|
|
85
142
|
}
|
|
86
143
|
catch (error) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtManager.d.ts","sourceRoot":"","sources":["../../../src/security/JwtManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"JwtManager.d.ts","sourceRoot":"","sources":["../../../src/security/JwtManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAEvD,MAAM,WAAW,UAAU;IACzB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,CAAC,EAAE,YAAY,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACxD,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IACxD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,UAAU,CAAC;IAC5D,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CAAC;IAClC,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;IACjC,aAAa,IAAI,MAAM,CAAC;CACzB;AAQD,MAAM,WAAW,cAAc;IAC7B,MAAM,IAAI,WAAW,CAAC;IACtB,eAAe,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;CACtE;AA6ED;;GAEG;AACH,eAAO,MAAM,UAAU,EAAE,cAGvB,CAAC"}
|
|
@@ -3,8 +3,40 @@
|
|
|
3
3
|
* JSON Web Token generation, verification, and claims management
|
|
4
4
|
* Uses native Node.js crypto module (zero external dependencies)
|
|
5
5
|
*/
|
|
6
|
+
import { securityConfig } from '../config/index.js';
|
|
6
7
|
import { ErrorFactory } from '../exceptions/ZintrustError.js';
|
|
7
8
|
import { createHmac, createSign, createVerify, randomBytes } from '../node-singletons/crypto.js';
|
|
9
|
+
const createJwt = () => {
|
|
10
|
+
const algorithm = securityConfig.jwt.algorithm;
|
|
11
|
+
const secret = securityConfig.jwt.secret;
|
|
12
|
+
const jwt = JwtManager.create();
|
|
13
|
+
if (algorithm === 'HS256' || algorithm === 'HS512') {
|
|
14
|
+
jwt.setHmacSecret(secret);
|
|
15
|
+
}
|
|
16
|
+
return jwt;
|
|
17
|
+
};
|
|
18
|
+
const signAccessToken = (payload, expiresIn) => {
|
|
19
|
+
const algorithm = securityConfig.jwt.algorithm;
|
|
20
|
+
const jwt = createJwt();
|
|
21
|
+
// JwtManager currently supports HMAC secrets directly for HS algorithms.
|
|
22
|
+
// For other algorithms, verify will still reject mismatched tokens.
|
|
23
|
+
if (algorithm !== 'HS256' && algorithm !== 'HS512') {
|
|
24
|
+
return jwt.sign(payload, {
|
|
25
|
+
algorithm,
|
|
26
|
+
issuer: securityConfig.jwt.issuer,
|
|
27
|
+
audience: securityConfig.jwt.audience,
|
|
28
|
+
jwtId: jwt.generateJwtId(),
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
return jwt.sign(payload, {
|
|
32
|
+
algorithm,
|
|
33
|
+
expiresIn: expiresIn ?? securityConfig.jwt.expiresIn,
|
|
34
|
+
issuer: securityConfig.jwt.issuer,
|
|
35
|
+
audience: securityConfig.jwt.audience,
|
|
36
|
+
subject: typeof payload.sub === 'string' ? payload.sub : undefined,
|
|
37
|
+
jwtId: jwt.generateJwtId(),
|
|
38
|
+
});
|
|
39
|
+
};
|
|
8
40
|
/**
|
|
9
41
|
* Create a new JWT manager instance
|
|
10
42
|
*/
|
|
@@ -44,6 +76,7 @@ const create = () => {
|
|
|
44
76
|
*/
|
|
45
77
|
export const JwtManager = Object.freeze({
|
|
46
78
|
create,
|
|
79
|
+
signAccessToken,
|
|
47
80
|
});
|
|
48
81
|
/**
|
|
49
82
|
* Sign JWT token
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Input Sanitizer (Character Whitelisting)
|
|
3
|
+
*
|
|
4
|
+
* Provides small utilities to remove unwanted characters from user input.
|
|
5
|
+
*
|
|
6
|
+
* Important:
|
|
7
|
+
* - This is NOT a complete SQL injection defense.
|
|
8
|
+
* - Always use parameterized queries / the ORM / QueryBuilder.
|
|
9
|
+
*
|
|
10
|
+
* Use this for:
|
|
11
|
+
* - Normalizing identifiers (username, slug-ish strings)
|
|
12
|
+
* - Cleaning phone numbers / numeric strings
|
|
13
|
+
* - Reducing unexpected characters before storage/logging
|
|
14
|
+
*
|
|
15
|
+
* Bulletproof Mode:
|
|
16
|
+
* - Enabled by default (`bulletproof=true`) for security-critical methods
|
|
17
|
+
* - Throws SanitizerError instead of returning empty/invalid values
|
|
18
|
+
* - Validates numeric ranges, leading zeros, type coercion attacks
|
|
19
|
+
* - ~5-15% performance overhead; disable for performance-critical paths
|
|
20
|
+
*/
|
|
21
|
+
export type SanitizerType = Readonly<{
|
|
22
|
+
parseAmount: (value: unknown, bulletproof?: boolean) => number;
|
|
23
|
+
alphanumeric: (value: unknown) => string;
|
|
24
|
+
alphanumericDotDash: (value: unknown) => string;
|
|
25
|
+
/** Returns `null` when value isn't numeric; returns `0` for empty / negative numbers. */
|
|
26
|
+
nonNegativeNumericStringOrNull: (value: unknown, bulletproof?: boolean) => number | null | string;
|
|
27
|
+
addressText: (value: unknown) => string;
|
|
28
|
+
emailLike: (value: unknown) => string;
|
|
29
|
+
email: (value: unknown, bulletproof?: boolean) => string;
|
|
30
|
+
messageText: (value: unknown) => string;
|
|
31
|
+
numericDotOnly: (value: unknown) => string;
|
|
32
|
+
ipAddressText: (value: unknown) => string;
|
|
33
|
+
nameText: (value: unknown, bulletproof?: boolean) => string;
|
|
34
|
+
alphaNumericColonDash: (value: unknown) => string;
|
|
35
|
+
digitsOnly: (value: unknown, bulletproof?: boolean) => string;
|
|
36
|
+
decimalString: (value: unknown, bulletproof?: boolean) => string;
|
|
37
|
+
dateSlash: (value: unknown) => string;
|
|
38
|
+
safePasswordChars: (value: unknown, bulletproof?: boolean) => string;
|
|
39
|
+
wordCharsAndSpaces: (value: unknown) => string;
|
|
40
|
+
lowercaseAlphanumeric: (value: unknown) => string;
|
|
41
|
+
uppercaseAlphanumeric: (value: unknown) => string;
|
|
42
|
+
alphanumericNoSpaces: (value: unknown) => string;
|
|
43
|
+
dateSlashNoSpaces: (value: unknown) => string;
|
|
44
|
+
uuidTokenSafe: (value: unknown) => string;
|
|
45
|
+
tokenSafe: (value: unknown) => string;
|
|
46
|
+
keyLike: (value: unknown) => string;
|
|
47
|
+
}>;
|
|
48
|
+
export declare const createSanitizer: () => SanitizerType;
|
|
49
|
+
export declare const Sanitizer: Readonly<{
|
|
50
|
+
parseAmount: (value: unknown, bulletproof?: boolean) => number;
|
|
51
|
+
alphanumeric: (value: unknown) => string;
|
|
52
|
+
alphanumericDotDash: (value: unknown) => string;
|
|
53
|
+
/** Returns `null` when value isn't numeric; returns `0` for empty / negative numbers. */
|
|
54
|
+
nonNegativeNumericStringOrNull: (value: unknown, bulletproof?: boolean) => number | null | string;
|
|
55
|
+
addressText: (value: unknown) => string;
|
|
56
|
+
emailLike: (value: unknown) => string;
|
|
57
|
+
email: (value: unknown, bulletproof?: boolean) => string;
|
|
58
|
+
messageText: (value: unknown) => string;
|
|
59
|
+
numericDotOnly: (value: unknown) => string;
|
|
60
|
+
ipAddressText: (value: unknown) => string;
|
|
61
|
+
nameText: (value: unknown, bulletproof?: boolean) => string;
|
|
62
|
+
alphaNumericColonDash: (value: unknown) => string;
|
|
63
|
+
digitsOnly: (value: unknown, bulletproof?: boolean) => string;
|
|
64
|
+
decimalString: (value: unknown, bulletproof?: boolean) => string;
|
|
65
|
+
dateSlash: (value: unknown) => string;
|
|
66
|
+
safePasswordChars: (value: unknown, bulletproof?: boolean) => string;
|
|
67
|
+
wordCharsAndSpaces: (value: unknown) => string;
|
|
68
|
+
lowercaseAlphanumeric: (value: unknown) => string;
|
|
69
|
+
uppercaseAlphanumeric: (value: unknown) => string;
|
|
70
|
+
alphanumericNoSpaces: (value: unknown) => string;
|
|
71
|
+
dateSlashNoSpaces: (value: unknown) => string;
|
|
72
|
+
uuidTokenSafe: (value: unknown) => string;
|
|
73
|
+
tokenSafe: (value: unknown) => string;
|
|
74
|
+
keyLike: (value: unknown) => string;
|
|
75
|
+
}>;
|
|
76
|
+
//# sourceMappingURL=Sanitizer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Sanitizer.d.ts","sourceRoot":"","sources":["../../../src/security/Sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AA8CH,MAAM,MAAM,aAAa,GAAG,QAAQ,CAAC;IACnC,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC/D,YAAY,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACzC,mBAAmB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEhD,yFAAyF;IACzF,8BAA8B,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC;IAElG,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACxC,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACtC,KAAK,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAExC,cAAc,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAC3C,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE1C,QAAQ,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC5D,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAElD,UAAU,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC9D,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAEjE,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEtC,iBAAiB,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACrE,kBAAkB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE/C,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAClD,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAElD,oBAAoB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACjD,iBAAiB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE9C,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAC1C,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEtC,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;CACrC,CAAC,CAAC;AAufH,eAAO,MAAM,eAAe,QAAO,aAMlC,CAAC;AAEF,eAAO,MAAM,SAAS;iBAniBP,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;kBAChD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;yBACnB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;IAE/C,yFAAyF;oCACzD,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,IAAI,GAAG,MAAM;iBAEpF,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;eAC5B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;WAC9B,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;iBAC3C,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;oBAEvB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;mBAC3B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;cAE/B,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;2BACpC,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;gBAErC,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;mBAC9C,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;eAErD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;uBAElB,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;wBAChD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;2BAEvB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;2BAC1B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;0BAE3B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;uBAC7B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;mBAE9B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;eAC9B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;aAE5B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;EAggBK,CAAC"}
|