hi-secure 1.0.0 → 1.0.3

package/src/core/useSecure.ts

@@ -61,51 +61,106 @@
 // src/core/useSecure.ts - SIMPLER VERSION
 // This is now optional since HiSecure class has fluent API
 
+
+// import { HiSecure } from "./HiSecure.js";
+// import { SecureOptions } from "./types/SecureOptions.js";
+
+// /**
+//  * @deprecated Use HiSecure.middleware() or fluent API instead
+//  */
+// export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
+//     console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
+//     return HiSecure.middleware(options);
+// }
+
+// /**
+//  * Legacy support - route-level security
+//  */
+// export function secureRoute(options?: SecureOptions) {
+//     const chain: any[] = [];
+    
+//     if (options?.cors) {
+//         chain.push(HiSecure.cors(
+//             typeof options.cors === 'object' ? options.cors : undefined
+//         ));
+//     }
+    
+//     if (options?.rateLimit) {
+//         chain.push(HiSecure.rateLimit(
+//             typeof options.rateLimit === 'object' ? options.rateLimit : 
+//             options.rateLimit === "strict" ? "strict" : "relaxed"
+//         ));
+//     }
+    
+//     if (options?.sanitize) {
+//         chain.push(HiSecure.sanitize(
+//             typeof options.sanitize === 'object' ? options.sanitize : undefined
+//         ));
+//     }
+    
+//     if (options?.validate) {
+//         chain.push(HiSecure.validate(options.validate));
+//     }
+    
+//     if (options?.auth) {
+//         chain.push(HiSecure.auth(
+//             typeof options.auth === 'object' ? options.auth : undefined
+//         ));
+//     }
+    
+//     return chain;
+// }
+
+
+
+
 import { HiSecure } from "./HiSecure.js";
 import { SecureOptions } from "./types/SecureOptions.js";
 
-/**
- * @deprecated Use HiSecure.middleware() or fluent API instead
- */
-export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
-    console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
-    return HiSecure.middleware(options);
-}
-
-/**
- * Legacy support - route-level security
- */
 export function secureRoute(options?: SecureOptions) {
+    if (!options) return [];
+
     const chain: any[] = [];
-    
-    if (options?.cors) {
-        chain.push(HiSecure.cors(
-            typeof options.cors === 'object' ? options.cors : undefined
-        ));
+
+    // 🔥 1. CORS
+    if (options.cors !== undefined) {
+        chain.push(
+            HiSecure.cors(typeof options.cors === "object" ? options.cors : undefined)
+        );
     }
-    
-    if (options?.rateLimit) {
-        chain.push(HiSecure.rateLimit(
-            typeof options.rateLimit === 'object' ? options.rateLimit : 
-            options.rateLimit === "strict" ? "strict" : "relaxed"
-        ));
+
+    // 🔥 2. Rate Limiting (auto strict / relaxed detection)
+    if (options.rateLimit !== undefined) {
+        const rl = options.rateLimit;
+        if (rl === "strict" || rl === "relaxed") {
+            chain.push(HiSecure.rateLimit(rl));
+        } else if (typeof rl === "object") {
+            chain.push(HiSecure.rateLimit(rl));
+        } else {
+            chain.push(HiSecure.rateLimit("relaxed"));
+        }
     }
-    
-    if (options?.sanitize) {
-        chain.push(HiSecure.sanitize(
-            typeof options.sanitize === 'object' ? options.sanitize : undefined
-        ));
+
+    // 🔥 3. Sanitization
+    if (options.sanitize !== undefined) {
+        chain.push(
+            HiSecure.sanitize(typeof options.sanitize === "object" ? options.sanitize : undefined)
+        );
     }
-    
-    if (options?.validate) {
+
+    // 🔥 4. Validation — smart auto-detection
+    if (options.validate) {
         chain.push(HiSecure.validate(options.validate));
     }
-    
-    if (options?.auth) {
-        chain.push(HiSecure.auth(
-            typeof options.auth === 'object' ? options.auth : undefined
-        ));
+
+    // 🔥 5. Auth (roles included)
+    if (options.auth) {
+        chain.push(
+            HiSecure.auth(
+                typeof options.auth === "object" ? options.auth : undefined
+            )
+        );
     }
-    
+
     return chain;
-}
+}

package/src/index.ts

@@ -1,17 +1,33 @@
-// src/index.ts - MAIN ENTRY POINT
-import { HiSecure } from "./core/HiSecure.js";
-import { useSecure, secureRoute } from "./core/useSecure.js";
+// // src/index.ts - MAIN ENTRY POINT
+// import { HiSecure } from "./core/HiSecure.js";
+// import { useSecure, secureRoute } from "./core/useSecure.js";
+
+// // Export the singleton instance for quick usage
+// const hiSecure = HiSecure.getInstance();
+
+// // Export everything
+// export { 
+//     HiSecure,        // Class for advanced usage
+//     hiSecure,        // Singleton instance
+//     useSecure,       // Legacy function (deprecated)
+//     secureRoute      // Route-level security helper
+// };
+
+// // Default export is the singleton instance
+// export default hiSecure;
 
-// Export the singleton instance for quick usage
-const hiSecure = HiSecure.getInstance();
 
-// Export everything
+
+
+// src/index.ts
+import { HiSecure } from "./core/HiSecure.js";
+import { secureRoute } from "./core/useSecure.js"; // Only if kept
+
+// DON'T auto-init here
 export { 
-    HiSecure,        // Class for advanced usage
-    hiSecure,        // Singleton instance
-    useSecure,       // Legacy function (deprecated)
-    secureRoute      // Route-level security helper
+    HiSecure,         // Class
+    secureRoute       // Optional sugar API
 };
 
-// Default export is the singleton instance
-export default hiSecure;
+// Default export: class itself (NOT instance)
+export default HiSecure;

package/src/managers/AuthManager.ts

@@ -105,9 +105,11 @@
 import { JWTAdapter } from "../adapters/JWTAdapter.js";
 import { GoogleAdapter } from "../adapters/GoogleAdapter.js";
 import { AdapterError } from "../core/errors/AdapterError.js";
-import { HttpError } from "../core/errors/HttpErrror.js";
+import { HttpError } from "../core/errors/HttpError.js";
 import { Request, Response, NextFunction } from "express";
-import { logError, logWarn, logInfo } from "../logging";
+// import { logError, logWarn, logInfo } from "../logging";
+import { logger } from "../logging";
+
 
 export interface AuthOptions {
     jwtSecret: string;
@@ -130,10 +132,10 @@ export class AuthManager {
         }
 
         if (opts.jwtSecret.length < 32) {
-            logWarn("⚠ JWT secret is less than 32 characters - consider using a stronger secret");
+            logger.warn("⚠ JWT secret is less than 32 characters - consider using a stronger secret");
         }
 
-        logInfo("AuthManager initialized");
+        logger.info("AuthManager initialized");
 
         this.jwtAdapter = new JWTAdapter({
             secret: opts.jwtSecret,
@@ -142,17 +144,17 @@ export class AuthManager {
 
         if (opts.googleClientId) {
             this.googleAdapter = new GoogleAdapter(opts.googleClientId);
-            logInfo("GoogleAdapter enabled");
+            logger.info("GoogleAdapter enabled");
         }
     }
 
     sign(payload: object, options?: { expiresIn?: string | number, jti?: string }) {
-        logInfo("JWT Sign called");
+        logger.info("JWT Sign called");
         return this.jwtAdapter.sign(payload, options);
     }
 
     verify(token: string) {
-        logInfo("JWT Verify called");
+        logger.info("JWT Verify called");
         return this.jwtAdapter.verify(token);
     }
 
@@ -161,12 +163,12 @@ export class AuthManager {
             throw new AdapterError("GoogleAdapter not configured.");
         }
 
-        logInfo("Google ID Token verify called");
+        logger.info("Google ID Token verify called");
 
         try {
             return await this.googleAdapter.verifyIdToken(idToken);
         } catch (err: any) {
-            logError("Google ID Token verification failed", { error: err?.message });
+            logger.error("Google ID Token verification failed", { error: err?.message });
             throw HttpError.Unauthorized("Invalid Google ID token");
         }
     }
@@ -185,7 +187,7 @@ export class AuthManager {
 
             // If auth is required but no header
             if (!header) {
-                logWarn("Missing Authorization header", {
+                logger.warn("Missing Authorization header", {
                     path: req.path,
                     method: req.method
                 });
@@ -195,7 +197,7 @@ export class AuthManager {
             // Parse Bearer token
             const [type, token] = String(header).split(" ");
             if (type !== "Bearer" || !token) {
-                logWarn("Invalid Authorization header", {
+                logger.warn("Invalid Authorization header", {
                     path: req.path,
                     method: req.method
                 });
@@ -214,7 +216,7 @@ export class AuthManager {
                 if (roles && roles.length > 0) {
                     const userRole = (decoded as any).role || (decoded as any).roles?.[0];
                     if (!userRole || !roles.includes(userRole)) {
-                        logWarn("Insufficient permissions", {
+                        logger.warn("Insufficient permissions", {
                             path: req.path,
                             requiredRoles: roles,
                             userRole
@@ -225,7 +227,7 @@ export class AuthManager {
                 
                 return next();
             } catch (err: any) {
-                logError("JWT verify failed", {
+                logger.error("JWT verify failed", {
                     error: err?.message,
                     path: req.path,
                     method: req.method

package/src/managers/ValidatorManager.ts

@@ -1,132 +1,7 @@
-// // // import { HiSecureConfig } from "../core/config";
-// // // import { logger } from "../logging";
-// // // import { ValidationError } from "../core/errors/ValidationError";
-
-// // // export class ValidatorManager {
-// // //     private config: HiSecureConfig["validation"];
-// // //     private primaryAdapter: any;
-// // //     private fallbackAdapter: any;
-
-// // //     constructor(
-// // //         config: HiSecureConfig["validation"],
-// // //         primaryAdapter: any,
-// // //         fallbackAdapter: any
-// // //     ) {
-// // //         this.config = config;
-// // //         this.primaryAdapter = primaryAdapter;
-// // //         this.fallbackAdapter = fallbackAdapter;
-// // //     }
-
-// // //     /**
-// // //      * Validate request body using primary adapter (Zod/express-validator).
-// // //      * Fallback is only used if the adapter implementation itself throws.
-// // //      */
-// // //     validate(schema: any) {
-// // //         return (req: any, res: any, next: any) => {
-// // //             try {
-// // //                 const middleware = this.primaryAdapter.validate(schema);
-// // //                 return middleware(req, res, next);
-
-// // //             } catch (err: any) {
-// // //                 logger.warn("⚠ Primary validator failed", {
-// // //                     error: err?.message,
-// // //                     path: req.path,
-// // //                     method: req.method
-// // //                 });
-
-// // //                 if (!this.fallbackAdapter) {
-// // //                     return next(new ValidationError("Validation failed."));
-// // //                 }
-
-// // //                 try {
-// // //                     logger.info("📌 Using fallback validator");
-// // //                     const fallbackMiddleware = this.fallbackAdapter.validate(schema);
-// // //                     return fallbackMiddleware(req, res, next);
-
-// // //                 } catch (fallbackErr: any) {
-// // //                     logger.error("❌ Fallback validation also failed", {
-// // //                         error: fallbackErr?.message
-// // //                     });
-
-// // //                     return next(new ValidationError("Both validators failed."));
-// // //                 }
-// // //             }
-// // //         };
-// // //     }
-// // // }
-
-
-
-// // import { HiSecureConfig } from "../core/config.js";
-// // import { logger } from "../logging";
-// // import { ValidationError } from "../core/errors/ValidationError.js";
-
-// // interface ValidatorAdapter {
-// //     validate: (schema?: any) => any;
-// // }
-
-// // export class ValidatorManager {
-// //     private config: HiSecureConfig["validation"];
-// //     private primaryAdapter: ValidatorAdapter;
-// //     private fallbackAdapter: ValidatorAdapter | null;
-
-// //     constructor(
-// //         config: HiSecureConfig["validation"],
-// //         primaryAdapter: ValidatorAdapter,
-// //         fallbackAdapter: ValidatorAdapter | null
-// //     ) {
-// //         this.config = config;
-// //         this.primaryAdapter = primaryAdapter;
-// //         this.fallbackAdapter = fallbackAdapter;
-// //     }
-
-// //     /**
-// //      * MAIN DYNAMIC VALIDATOR ENTRY
-// //      * schema = per-route schema
-// //      * If schema is undefined → use global schema
-// //      */
-// //     validate(schema?: any) {
-// //         return (req: any, res: any, next: any) => {
-// //             try {
-// //                 const middleware = this.primaryAdapter.validate(schema);
-// //                 return middleware(req, res, next);
-
-// //             } catch (err: any) {
-// //                 logger.warn("⚠ Primary validator failed", {
-// //                     error: err?.message,
-// //                     path: req.path,
-// //                     method: req.method
-// //                 });
-
-// //                 if (!this.fallbackAdapter) {
-// //                     return next(new ValidationError("Validation failed"));
-// //                 }
-
-// //                 try {
-// //                     logger.info("📌 Using fallback validator");
-// //                     const fallbackMiddleware = this.fallbackAdapter.validate(schema);
-// //                     return fallbackMiddleware(req, res, next);
-
-// //                 } catch (fallbackErr: any) {
-// //                     logger.error("❌ Fallback validator also failed", {
-// //                         error: fallbackErr?.message
-// //                     });
-
-// //                     return next(new ValidationError("Both validators failed"));
-// //                 }
-// //             }
-// //         };
-// //     }
-// // }
-
-
-
-
-
-// // src/managers/ValidatorManager.ts - FIXED
+// // src/managers/ValidatorManager.ts - COMPLETE FIXED
 // import { logger } from "../logging";
 // import { ValidationError } from "../core/errors/ValidationError.js";
-// import { HiSecureConfig } from "../core/types/HiSecureConfig";
+// import { HiSecureConfig } from "../core/types/HiSecureConfig.js"; // ✅ FIXED IMPORT
 
 // interface ValidatorAdapter {
 //     validate: (schema?: any) => any;
@@ -196,74 +71,137 @@
 // }
 
 
-// src/managers/ValidatorManager.ts - COMPLETE FIXED
+
+
+// // src/managers/ValidatorManager.ts
+// import { logger } from "../logging";
+// import { ValidationError } from "../core/errors/ValidationError.js";
+
+// interface ValidatorAdapter {
+//     validate: (schema?: any) => any;
+// }
+
+// export class ValidatorManager {
+//     private primaryAdapter: ValidatorAdapter;
+//     private fallbackAdapter: ValidatorAdapter | null;
+
+//     constructor(primaryAdapter: ValidatorAdapter, fallbackAdapter: ValidatorAdapter | null) {
+//         this.primaryAdapter = primaryAdapter;
+//         this.fallbackAdapter = fallbackAdapter;
+//     }
+
+//     validate(schema?: any) {
+//         return (req: any, res: any, next: any) => {
+//             const isZod = schema && typeof schema === "object" && typeof schema.safeParse === "function";
+//             const isExpressValidator = Array.isArray(schema);
+
+//             let adapter: ValidatorAdapter;
+
+//             if (isZod) {
+//                 adapter = this.primaryAdapter; // ZodAdapter
+//                 logger.debug("📌 Using Zod adapter for validation");
+//             } 
+//             else if (isExpressValidator) {
+//                 adapter = this.fallbackAdapter!; // ExpressValidatorAdapter
+//                 logger.debug("📌 Using express-validator adapter for validation");
+//             } 
+//             else {
+//                 return next(); // nothing to validate
+//             }
+
+//             const middleware = adapter.validate(schema);
+
+//             // Execute validation chain
+//             middleware(req, res, (err?: any) => {
+//                 if (err instanceof ValidationError) {
+//                     return next(err);
+//                 }
+//                 if (err) {
+//                     logger.error("❌ Validator internal error", { error: err.message });
+//                     return next(new ValidationError("Validation failed internally."));
+//                 }
+//                 next();
+//             });
+//         };
+//     }
+// }
+
+
+
+
+
+// src/managers/ValidatorManager.ts
 import { logger } from "../logging";
 import { ValidationError } from "../core/errors/ValidationError.js";
-import { HiSecureConfig } from "../core/types/HiSecureConfig.js"; // ✅ FIXED IMPORT
 
 interface ValidatorAdapter {
     validate: (schema?: any) => any;
 }
 
 export class ValidatorManager {
-    private config: HiSecureConfig["validation"];
-    private primaryAdapter: ValidatorAdapter;
-    private fallbackAdapter: ValidatorAdapter | null;
-
-    constructor(
-        config: HiSecureConfig["validation"],
-        primaryAdapter: ValidatorAdapter,
-        fallbackAdapter: ValidatorAdapter | null
-    ) {
-        this.config = config;
-        this.primaryAdapter = primaryAdapter;
-        this.fallbackAdapter = fallbackAdapter;
+    private zodAdapter: ValidatorAdapter;
+    private expressAdapter: ValidatorAdapter;
+
+    constructor(zodAdapter: ValidatorAdapter, expressAdapter: ValidatorAdapter) {
+        this.zodAdapter = zodAdapter;
+        this.expressAdapter = expressAdapter;
     }
 
     validate(schema?: any) {
-        return (req: any, res: any, next: any) => {
-            // Execute primary adapter middleware
-            const primaryMiddleware = this.primaryAdapter.validate(schema);
-            
-            // Run middleware and handle errors properly
-            primaryMiddleware(req, res, (err?: any) => {
-                if (!err) {
-                    return next(); // Validation passed
-                }
-                
-                // If error is a ValidationError, pass it through (don't fallback!)
-                if (err instanceof ValidationError) {
-                    logger.warn("⚠ Validation failed", {
-                        path: req.path,
-                        method: req.method,
-                        error: err.message
-                    });
-                    return next(err);
-                }
-                
-                // Only use fallback for ADAPTER errors, not validation errors
-                logger.warn("⚠ Primary validator adapter failed", {
-                    error: err?.message,
-                    path: req.path,
-                    method: req.method
-                });
+        // const isZod = schema && typeof schema.safeParse === "function";
+        const isZod =
+    schema &&
+    typeof schema === "object" &&
+    typeof schema._def === "object" && 
+    typeof schema.safeParse === "function";
+
+        const isExpressValidator = Array.isArray(schema);
 
-                if (!this.fallbackAdapter) {
-                    return next(new ValidationError("Validation system error"));
-                }
-
-                // Try fallback adapter
-                const fallbackMiddleware = this.fallbackAdapter.validate(schema);
-                fallbackMiddleware(req, res, (fallbackErr?: any) => {
-                    if (fallbackErr) {
-                        logger.error("❌ Fallback validator also failed", {
-                            error: fallbackErr?.message
-                        });
-                        return next(new ValidationError("Validation system unavailable"));
+        return (req: any, res: any, next: any) => {
+            let middleware;
+
+            if (isZod) {
+                logger.debug("📌 Using Zod adapter");
+                middleware = this.zodAdapter.validate(schema);
+            } 
+            else if (isExpressValidator) {
+                logger.debug("📌 Using express-validator adapter");
+                middleware = this.expressAdapter.validate(schema);
+            } 
+            else {
+                return next(); // no schema found
+            }
+
+            // CASE 1 — express-validator returns ARRAY
+            if (Array.isArray(middleware)) {
+                let idx = 0;
+
+                const run = (err?: any) => {
+                    if (err) return next(err);
+
+                    const fn = middleware[idx++];
+                    if (!fn) return next(); // done
+
+                    try {
+                        fn(req, res, run);
+                    } catch (error: any) {
+                        next(new ValidationError(error.message));
                     }
-                    next(); // Fallback validation passed
+                };
+
+                return run();
+            }
+
+            // CASE 2 — Zod returns SINGLE MIDDLEWARE
+            try {
+                middleware(req, res, (err?: any) => {
+                    if (err) return next(err);
+                    next();
                 });
-            });
+            } catch (err: any) {
+                next(new ValidationError(err.message));
+            }
         };
     }
-}
+}
+

package/src/middlewares/errorHandler.ts

@@ -168,7 +168,7 @@ import { AdapterError } from "../core/errors/AdapterError.js";
 import { ValidationError } from "../core/errors/ValidationError.js";
 import { SanitizerError } from "../core/errors/SanitizerError.js";
 import { SecurityError } from "../core/errors/SecurityError.js";
-import { HttpError } from "../core/errors/HttpErrror.js";
+import { HttpError } from "../core/errors/HttpError.js";
 
 export function errorHandler(
     err: any,

package/src/utils/normalizeOptions.ts

@@ -160,10 +160,16 @@ export function normalizeOptions(input?: SecureOptions | false): NormalizedOptio
             options: typeof opts.sanitize === "object" ? opts.sanitize : undefined
         },
 
+        // validate: {
+        //     enabled: !!opts.validate,
+        //     schema: opts.validate || undefined
+        // },
+
         validate: {
-            enabled: !!opts.validate,
-            schema: opts.validate || undefined
-        },
+    enabled: opts.validate !== undefined,
+    schema: opts.validate
+},
+
 
         json: {
             enabled: opts.json === undefined ? true : opts.json !== false,
@@ -212,13 +218,22 @@ function normalizeRateLimit(value: SecureOptions["rateLimit"]): NormalizedOption
 }
 
 function normalizeAuth(value: SecureOptions["auth"]): NormalizedOptions["auth"] {
-    if (value === false) {
-        return { enabled: false, required: false };
-    }
+    // if (value === false) {
+    //     return { enabled: false, required: false };
+    // }
     
-    if (value === true || value === undefined) {
-        return { enabled: true, required: true };
-    }
+    // if (value === true || value === undefined) {
+    //     return { enabled: true, required: true };
+    // }
+
+
+    if (value === undefined) {
+    return { enabled: false, required: false };
+}
+if (value === true) {
+    return { enabled: true, required: true };
+}
+
     
     const authOptions = value as AuthOptions;
     const enabled = authOptions.required !== false;