@zintrust/core 0.7.8 → 0.7.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/package.json +1 -1
  2. package/src/auth/LoginFlow.d.ts.map +1 -1
  3. package/src/auth/LoginFlow.js +1 -3
  4. package/src/cli/OptionalCliExtensions.d.ts +1 -0
  5. package/src/cli/OptionalCliExtensions.d.ts.map +1 -1
  6. package/src/cli/OptionalCliExtensions.js +11 -1
  7. package/src/cli/commands/MySqlProxyCommand.d.ts.map +1 -1
  8. package/src/cli/commands/MySqlProxyCommand.js +1 -1
  9. package/src/cli/commands/ScheduleStartCommand.d.ts.map +1 -1
  10. package/src/cli/commands/ScheduleStartCommand.js +14 -9
  11. package/src/index.d.ts +7 -4
  12. package/src/index.d.ts.map +1 -1
  13. package/src/index.js +7 -5
  14. package/src/middleware/BulletproofAuthMiddleware.d.ts +2 -1
  15. package/src/middleware/BulletproofAuthMiddleware.d.ts.map +1 -1
  16. package/src/middleware/BulletproofAuthMiddleware.js +103 -39
  17. package/src/security/BulletproofDeviceStore.d.ts.map +1 -1
  18. package/src/security/BulletproofDeviceStore.js +144 -33
  19. package/src/security/JwtVerifier.d.ts +75 -0
  20. package/src/security/JwtVerifier.d.ts.map +1 -0
  21. package/src/security/JwtVerifier.js +336 -0
  22. package/src/templates/project/basic/app/Controllers/AuthController.ts.tpl +1 -1
  23. package/src/templates/project/basic/config/trace.ts.tpl +73 -0
package/src/templates/project/basic/config/trace.ts.tpl ADDED
@@ -0,0 +1,73 @@
1
+ import { Env } from '@zintrust/core';
2
+ import type { TraceConfigOverrides } from '@zintrust/trace';
3
+
4
+ /**
5
+ * SystemTrace Configuration
6
+ *
7
+ * Keep this file declarative:
8
+ * - Package owns defaults and type validation.
9
+ * - Edit values below to override for this project.
10
+ *
11
+ * Usage: import '@zintrust/trace/register' in your bootstrap.
12
+ * Protect /trace with your own middleware (auth, admin role, etc.).
13
+ */
14
+
15
+ export default {
16
+ enabled: Env.getBool('TRACE_ENABLED', false),
17
+
18
+ // Optional: use a separate DB connection for trace tables.
19
+ // Leave undefined to fall back to the app's default connection.
20
+ connection: Env.get('TRACE_DB_CONNECTION', '') || undefined,
21
+
22
+ pruneAfterHours: Env.getInt('TRACE_PRUNE_HOURS', 72),
23
+
24
+ ignoreRoutes: ['/trace', '/health', '/ping', '/metrics', '/api-docs', '/api-docs-json'],
25
+
26
+ ignorePaths: [
27
+ '/telemetry',
28
+ '/favicon.ico',
29
+ '/robots.txt',
30
+ '/sitemap.xml',
31
+ '/workers',
32
+ '/queue-monitor',
33
+ '.js',
34
+ '.css',
35
+ ],
36
+
37
+ slowQueryThreshold: Env.getInt('TRACE_SLOW_QUERY_MS', 100),
38
+
39
+ logMinLevel: Env.get('TRACE_LOG_LEVEL', 'warn') as 'debug' | 'info' | 'warn' | 'error' | 'fatal',
40
+
41
+ watchers: {
42
+ // Set a watcher to false to disable it entirely.
43
+ // All watchers are enabled by default when trace is enabled.
44
+ // Include/exclude filters are contains-based and can be applied per watcher.
45
+ // request: {
46
+ // get: { exclude: ['report','workers/events'] },
47
+ // post: { include: ['auth'] },
48
+ // patch: { include: ['profile'] },
49
+ // delete: { exclude: ['internal'] },
50
+ // },
51
+ // log: { exclude: ['healthcheck'] },
52
+ // exception: { include: ['trace'] },
53
+ // clientRequest: {
54
+ // exclude: ['internal-http'],
55
+ // sources: {
56
+ // termii: { enabled: false },
57
+ // sendgrid: { responseBody: false },
58
+ // s3: { requestHeaders: false, responseHeaders: false },
59
+ // },
60
+ // },
61
+ // cache: { include: ['session:'] },
62
+ // dump: false, // DumpWatcher is opt-in — enable explicitly if needed
63
+ },
64
+
65
+ redaction: {
66
+ // Extra keys to mask recursively before trace entries are persisted.
67
+ // You can also provide these via TRACE_REDACT_KEYS as JSON or CSV.
68
+ keys: ['password', 'token', 'secret', 'authorization', 'card', 'cardNumber', 'cvv'],
69
+ headers: ['authorization', 'cookie', 'x-api-key', 'x-auth-token'],
70
+ body: ['password', 'token', 'secret', 'apiKey', 'api_key', 'jwt', 'bearer'],
71
+ query: [],
72
+ },
73
+ } satisfies TraceConfigOverrides;