npm - easy-forms-core - Versions diffs - 1.1.3 → 1.1.6 - Mend

easy-forms-core 1.1.3 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -5,7 +5,7 @@ type FieldType = 'text' | 'email' | 'number' | 'password' | 'textarea' | 'select
 /**
  * Tipos de validaciones soportadas
  */
-type ValidationType = 'required' | 'email' | 'minLength' | 'maxLength' | 'min' | 'max' | 'pattern' | 'custom';
+type ValidationType = 'required' | 'email' | 'minLength' | 'maxLength' | 'min' | 'max' | 'pattern' | 'custom' | 'noInjection';
 /**
  * Operadores de condición
  */
@@ -50,10 +50,13 @@ interface CustomValidation extends BaseValidation {
     type: 'custom';
     validator: (value: any) => boolean | Promise<boolean>;
 }
+interface NoInjectionValidation extends BaseValidation {
+    type: 'noInjection';
+}
 /**
  * Unión de todas las validaciones
  */
-type Validation = RequiredValidation | EmailValidation | MinLengthValidation | MaxLengthValidation | MinValidation | MaxValidation | PatternValidation | CustomValidation;
+type Validation = RequiredValidation | EmailValidation | MinLengthValidation | MaxLengthValidation | MinValidation | MaxValidation | PatternValidation | CustomValidation | NoInjectionValidation;
 /**
  * Condición individual para campos
  */
@@ -109,6 +112,8 @@ interface BaseField {
     disabled?: boolean;
     hidden?: boolean;
     description?: string;
+    /** Si true, no se aplica validación anti-inyección automática */
+    skipInjectionValidation?: boolean;
     dependencies?: FieldDependencies;
     conditionalValidations?: Array<{
         condition: FieldCondition | FieldCondition[];
@@ -302,6 +307,19 @@ interface FormColors {
  * Template names available
  */
 type TemplateName = 'login' | 'register' | 'otp' | 'contact' | 'password-reset' | 'password-change' | 'profile' | 'checkout' | 'feedback' | 'subscription' | 'booking' | 'review';
+/**
+ * Configuración del botón de submit
+ */
+interface SubmitButtonConfig {
+    /** Si false, no se muestra el botón (submit programático) */
+    visible?: boolean;
+    /** Texto del botón (default: "Enviar") */
+    text?: string;
+    /** Ancho del botón: "auto", "100%", "200px", etc. (default: "auto") */
+    width?: string;
+    /** Alineación: "left" | "center" | "right" (default: "left") */
+    align?: 'left' | 'center' | 'right';
+}
 /**
  * Schema del formulario
  */
@@ -309,6 +327,8 @@ interface FormSchema {
     fields?: Field[];
     steps?: Step[];
     initialData?: Record<string, any>;
+    /** Configuración del botón de submit (también puede definirse vía atributo submit-button) */
+    submitButton?: SubmitButtonConfig;
 }
 /**
  * Estado del formulario
@@ -388,6 +408,8 @@ declare class EasyForm extends BrowserHTMLElement {
     protected shadow: ShadowRoot;
     private customComponents;
     private isRendering;
+    private attemptsLock;
+    private lockCountdownInterval;
     static get observedAttributes(): string[];
     constructor();
     /**
@@ -414,6 +436,30 @@ declare class EasyForm extends BrowserHTMLElement {
      * Establece los campos adicionales para extender el template
      */
     set templateExtend(value: Field[] | null);
+    /**
+     * Máximo de intentos antes de bloquear (para AttemptsLock)
+     */
+    get maxAttempts(): number | null;
+    set maxAttempts(value: number | null);
+    /**
+     * Duración del bloqueo en minutos (default: 5)
+     */
+    get blockDurationMinutes(): number | null;
+    set blockDurationMinutes(value: number | null);
+    /**
+     * Clave para persistir intentos en sessionStorage
+     */
+    get attemptsStorageKey(): string | null;
+    set attemptsStorageKey(value: string | null);
+    /**
+     * Configuración del botón de submit (desde atributo o schema)
+     */
+    get submitButton(): SubmitButtonConfig | null;
+    set submitButton(value: SubmitButtonConfig | null);
+    /**
+     * Obtiene la configuración efectiva del botón submit (atributo > schema > defaults)
+     */
+    private getSubmitButtonConfig;
     /**
      * Se llama cuando el componente se conecta al DOM
      */
@@ -422,6 +468,10 @@ declare class EasyForm extends BrowserHTMLElement {
      * Se llama cuando un atributo cambia
      */
     attributeChangedCallback(name: string, oldValue: string, newValue: string): void;
+    /**
+     * Configura el AttemptsLock según los atributos actuales
+     */
+    private setupAttemptsLock;
     /**
      * Maneja el cambio de schema
      */
@@ -434,6 +484,11 @@ declare class EasyForm extends BrowserHTMLElement {
      * Renderiza el formulario
      */
     private render;
+    /**
+     * Actualiza el overlay de bloqueo por intentos
+     */
+    private updateLockOverlay;
+    private stopLockCountdown;
     /**
      * Actualiza el overlay de loading sobre el formulario
      */
@@ -516,6 +571,28 @@ declare class EasyForm extends BrowserHTMLElement {
      * Resetea el formulario a sus valores iniciales
      */
     reset(): void;
+    /**
+     * Incrementa el contador de intentos (para bloqueo por intentos fallidos).
+     * El consumidor debe llamar esto cuando la API/login falle.
+     */
+    incrementAttempts(): void;
+    /**
+     * Resetea el contador de intentos y desbloquea el formulario.
+     */
+    resetAttempts(): void;
+    /**
+     * Retorna true si el formulario está bloqueado por intentos.
+     */
+    isLocked(): boolean;
+    /**
+     * Retorna los milisegundos restantes del bloqueo, o 0 si no está bloqueado.
+     */
+    getRemainingBlockTimeMs(): number;
+    /**
+     * Dispara el submit del formulario programáticamente.
+     * Útil cuando el botón submit está oculto (visible: false).
+     */
+    requestSubmit(): void;
     /**
      * Limpia todos los valores del formulario
      */
@@ -793,6 +870,10 @@ declare class ValidationEngine {
      * Valida patrón regex
      */
     private validatePattern;
+    /**
+     * Valida que el valor no contenga patrones de inyección (SQL, XSS, etc.)
+     */
+    private validateNoInjection;
     /**
      * Valida con función personalizada
      */
@@ -942,6 +1023,68 @@ declare const PREDEFINED_MASKS: Record<PredefinedMask, CustomMask>;
  */
 declare function getPredefinedMask(type: PredefinedMask): CustomMask;
+/**
+ * Validación contra patrones de inyección (SQL, XSS, command injection, etc.)
+ */
+/** Mensaje de error por defecto para validación de inyección */
+declare const INJECTION_VALIDATION_MESSAGE = "El valor contiene caracteres o patrones no permitidos";
+/**
+ * Verifica si un valor string contiene patrones de inyección
+ */
+declare function containsInjection(value: string): boolean;
+/**
+ * Valida recursivamente un valor (string, array de strings, objetos con strings)
+ * Retorna true si NO contiene inyección (válido), false si contiene (inválido)
+ */
+declare function isSafeFromInjection(value: unknown): boolean;
+/**
+ * Utilidad para bloquear formularios después de N intentos fallidos
+ */
+interface AttemptsLockOptions {
+    maxAttempts: number;
+    blockDurationMinutes?: number;
+    storageKey?: string;
+    onLocked?: (remainingMs: number) => void;
+    onUnlocked?: () => void;
+}
+declare class AttemptsLock {
+    private maxAttempts;
+    private blockDurationMs;
+    private storageKey?;
+    private attempts;
+    private lockedUntil;
+    private onLocked?;
+    private onUnlocked?;
+    private unlockCheckInterval;
+    constructor(options: AttemptsLockOptions);
+    private loadFromStorage;
+    private saveToStorage;
+    private checkExpiration;
+    private startUnlockCheck;
+    private stopUnlockCheck;
+    /**
+     * Incrementa el contador de intentos. Si alcanza maxAttempts, bloquea.
+     */
+    incrementAttempts(): void;
+    /**
+     * Retorna true si el lock está activo (aún dentro del período de bloqueo)
+     */
+    isLocked(): boolean;
+    /**
+     * Retorna los milisegundos restantes del bloqueo, o 0 si no está bloqueado
+     */
+    getRemainingBlockTimeMs(): number;
+    /**
+     * Resetea el contador de intentos y el bloqueo
+     */
+    reset(): void;
+    /**
+     * Retorna el número actual de intentos
+     */
+    getAttempts(): number;
+}
 /**
  * Utilidades generales
  */
@@ -1014,4 +1157,4 @@ declare function getAvailableTemplates(): TemplateName[];
  */
 declare function extendTemplate(templateName: string, additionalFields: Field[]): FormSchema;
-export { type AccordionSelectField, type ArrayField, type BaseField, type BaseValidation, type ChangeEventDetail, type CheckboxField, type ComponentRegistry, ConditionEngine, type ConditionOperator, type CustomComponent, type CustomField, type CustomMask, type CustomValidation, type DateField, EasyForm, type EmailValidation, type ErrorEventDetail, type Field, type FieldCondition, type FieldDependencies, type FieldType, type FileField, type FormColors, type FormSchema, type FormState, type FormTheme, type GroupField, type ImageGridSelectField, type MaskConfig, MaskEngine, type MaxLengthValidation, type MaxValidation, type MinLengthValidation, type MinValidation, type NumberField, type OTPField, PREDEFINED_MASKS, type PatternValidation, type PredefinedMask, type QuantityField, type RadioField, type RequiredValidation, type RowField, SchemaParser, type SelectField, StateManager, type Step, type StepChangeEventDetail, type SubmitEventDetail, type SwitchField, type TemplateName, type TextField, type TextareaField, type Validation, ValidationEngine, type ValidationType, type WizardState, attributeValue, createInput, extendTemplate, generateId, getAvailableTemplates, getColors, getCustomComponent, getNestedValue, getPredefinedMask, getTemplate, getThemeStyles, isValidEmail, parseAttributeValue, registerComponent, registerComponents, sanitizeId, setNestedValue, templates };
+export { type AccordionSelectField, type ArrayField, AttemptsLock, type AttemptsLockOptions, type BaseField, type BaseValidation, type ChangeEventDetail, type CheckboxField, type ComponentRegistry, ConditionEngine, type ConditionOperator, type CustomComponent, type CustomField, type CustomMask, type CustomValidation, type DateField, EasyForm, type EmailValidation, type ErrorEventDetail, type Field, type FieldCondition, type FieldDependencies, type FieldType, type FileField, type FormColors, type FormSchema, type FormState, type FormTheme, type GroupField, INJECTION_VALIDATION_MESSAGE, type ImageGridSelectField, type MaskConfig, MaskEngine, type MaxLengthValidation, type MaxValidation, type MinLengthValidation, type MinValidation, type NoInjectionValidation, type NumberField, type OTPField, PREDEFINED_MASKS, type PatternValidation, type PredefinedMask, type QuantityField, type RadioField, type RequiredValidation, type RowField, SchemaParser, type SelectField, StateManager, type Step, type StepChangeEventDetail, type SubmitButtonConfig, type SubmitEventDetail, type SwitchField, type TemplateName, type TextField, type TextareaField, type Validation, ValidationEngine, type ValidationType, type WizardState, attributeValue, containsInjection, createInput, extendTemplate, generateId, getAvailableTemplates, getColors, getCustomComponent, getNestedValue, getPredefinedMask, getTemplate, getThemeStyles, isSafeFromInjection, isValidEmail, parseAttributeValue, registerComponent, registerComponents, sanitizeId, setNestedValue, templates };