npm - hi-secure - Versions diffs - 1.0.0 - Mend

hi-secure 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (210) hide show

package/dist/adapters/ArgonAdapter.d.ts +8 -0
package/dist/adapters/ArgonAdapter.d.ts.map +1 -0
package/dist/adapters/ArgonAdapter.js +45 -0
package/dist/adapters/ArgonAdapter.js.map +1 -0
package/dist/adapters/BcryptAdapter.d.ts +7 -0
package/dist/adapters/BcryptAdapter.d.ts.map +1 -0
package/dist/adapters/BcryptAdapter.js +48 -0
package/dist/adapters/BcryptAdapter.js.map +1 -0
package/dist/adapters/DomPurifyAdapter.d.ts +13 -0
package/dist/adapters/DomPurifyAdapter.d.ts.map +1 -0
package/dist/adapters/DomPurifyAdapter.js +61 -0
package/dist/adapters/DomPurifyAdapter.js.map +1 -0
package/dist/adapters/ExpressRLAdapter.d.ts +13 -0
package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -0
package/dist/adapters/ExpressRLAdapter.js +68 -0
package/dist/adapters/ExpressRLAdapter.js.map +1 -0
package/dist/adapters/ExpressValidatorAdapter.d.ts +6 -0
package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -0
package/dist/adapters/ExpressValidatorAdapter.js +78 -0
package/dist/adapters/ExpressValidatorAdapter.js.map +1 -0
package/dist/adapters/GoggleAdapter.d.ts +15 -0
package/dist/adapters/GoggleAdapter.d.ts.map +1 -0
package/dist/adapters/GoggleAdapter.js +91 -0
package/dist/adapters/GoggleAdapter.js.map +1 -0
package/dist/adapters/GoogleAdapter.d.ts +15 -0
package/dist/adapters/GoogleAdapter.d.ts.map +1 -0
package/dist/adapters/GoogleAdapter.js +159 -0
package/dist/adapters/GoogleAdapter.js.map +1 -0
package/dist/adapters/JWTAdapter.d.ts +28 -0
package/dist/adapters/JWTAdapter.d.ts.map +1 -0
package/dist/adapters/JWTAdapter.js +276 -0
package/dist/adapters/JWTAdapter.js.map +1 -0
package/dist/adapters/RLFlexibleAdapter.d.ts +11 -0
package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -0
package/dist/adapters/RLFlexibleAdapter.js +115 -0
package/dist/adapters/RLFlexibleAdapter.js.map +1 -0
package/dist/adapters/SanitizeHtmlAdapter.d.ts +12 -0
package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -0
package/dist/adapters/SanitizeHtmlAdapter.js +141 -0
package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -0
package/dist/adapters/XSSAdapter.d.ts +33 -0
package/dist/adapters/XSSAdapter.d.ts.map +1 -0
package/dist/adapters/XSSAdapter.js +127 -0
package/dist/adapters/XSSAdapter.js.map +1 -0
package/dist/adapters/ZodAdapter.d.ts +7 -0
package/dist/adapters/ZodAdapter.d.ts.map +1 -0
package/dist/adapters/ZodAdapter.js +39 -0
package/dist/adapters/ZodAdapter.js.map +1 -0
package/dist/core/HiSecure.d.ts +62 -0
package/dist/core/HiSecure.d.ts.map +1 -0
package/dist/core/HiSecure.js +273 -0
package/dist/core/HiSecure.js.map +1 -0
package/dist/core/config.d.ts +3 -0
package/dist/core/config.d.ts.map +1 -0
package/dist/core/config.js +53 -0
package/dist/core/config.js.map +1 -0
package/dist/core/constants.d.ts +37 -0
package/dist/core/constants.d.ts.map +1 -0
package/dist/core/constants.js +67 -0
package/dist/core/constants.js.map +1 -0
package/dist/core/errors/AdapterError.d.ts +5 -0
package/dist/core/errors/AdapterError.d.ts.map +1 -0
package/dist/core/errors/AdapterError.js +15 -0
package/dist/core/errors/AdapterError.js.map +1 -0
package/dist/core/errors/HttpErrror.d.ts +17 -0
package/dist/core/errors/HttpErrror.d.ts.map +1 -0
package/dist/core/errors/HttpErrror.js +36 -0
package/dist/core/errors/HttpErrror.js.map +1 -0
package/dist/core/errors/SanitizerError.d.ts +5 -0
package/dist/core/errors/SanitizerError.d.ts.map +1 -0
package/dist/core/errors/SanitizerError.js +14 -0
package/dist/core/errors/SanitizerError.js.map +1 -0
package/dist/core/errors/SecurityError.d.ts +5 -0
package/dist/core/errors/SecurityError.d.ts.map +1 -0
package/dist/core/errors/SecurityError.js +14 -0
package/dist/core/errors/SecurityError.js.map +1 -0
package/dist/core/errors/ValidationError.d.ts +5 -0
package/dist/core/errors/ValidationError.d.ts.map +1 -0
package/dist/core/errors/ValidationError.js +14 -0
package/dist/core/errors/ValidationError.js.map +1 -0
package/dist/core/types/HiSecureConfig.d.ts +47 -0
package/dist/core/types/HiSecureConfig.d.ts.map +1 -0
package/dist/core/types/HiSecureConfig.js +3 -0
package/dist/core/types/HiSecureConfig.js.map +1 -0
package/dist/core/types/SecureOptions.d.ts +30 -0
package/dist/core/types/SecureOptions.d.ts.map +1 -0
package/dist/core/types/SecureOptions.js +4 -0
package/dist/core/types/SecureOptions.js.map +1 -0
package/dist/core/useSecure.d.ts +10 -0
package/dist/core/useSecure.d.ts.map +1 -0
package/dist/core/useSecure.js +85 -0
package/dist/core/useSecure.js.map +1 -0
package/dist/examples/e1.d.ts +1 -0
package/dist/examples/e1.d.ts.map +1 -0
package/dist/examples/e1.js +3 -0
package/dist/examples/e1.js.map +1 -0
package/dist/index.d.ts +9 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +15 -0
package/dist/index.js.map +1 -0
package/dist/logging/index.d.ts +3 -0
package/dist/logging/index.d.ts.map +1 -0
package/dist/logging/index.js +19 -0
package/dist/logging/index.js.map +1 -0
package/dist/logging/morganSetup.d.ts +2 -0
package/dist/logging/morganSetup.d.ts.map +1 -0
package/dist/logging/morganSetup.js +9 -0
package/dist/logging/morganSetup.js.map +1 -0
package/dist/logging/winstonSetup.d.ts +6 -0
package/dist/logging/winstonSetup.d.ts.map +1 -0
package/dist/logging/winstonSetup.js +22 -0
package/dist/logging/winstonSetup.js.map +1 -0
package/dist/managers/AuthManager.d.ts +23 -0
package/dist/managers/AuthManager.d.ts.map +1 -0
package/dist/managers/AuthManager.js +190 -0
package/dist/managers/AuthManager.js.map +1 -0
package/dist/managers/CorsManager.d.ts +9 -0
package/dist/managers/CorsManager.d.ts.map +1 -0
package/dist/managers/CorsManager.js +55 -0
package/dist/managers/CorsManager.js.map +1 -0
package/dist/managers/HashManager.d.ts +22 -0
package/dist/managers/HashManager.d.ts.map +1 -0
package/dist/managers/HashManager.js +319 -0
package/dist/managers/HashManager.js.map +1 -0
package/dist/managers/JsonManager.d.ts +6 -0
package/dist/managers/JsonManager.d.ts.map +1 -0
package/dist/managers/JsonManager.js +142 -0
package/dist/managers/JsonManager.js.map +1 -0
package/dist/managers/RateLimitManager.d.ts +16 -0
package/dist/managers/RateLimitManager.d.ts.map +1 -0
package/dist/managers/RateLimitManager.js +108 -0
package/dist/managers/RateLimitManager.js.map +1 -0
package/dist/managers/SanitizerManager.d.ts +18 -0
package/dist/managers/SanitizerManager.d.ts.map +1 -0
package/dist/managers/SanitizerManager.js +296 -0
package/dist/managers/SanitizerManager.js.map +1 -0
package/dist/managers/ValidatorManager.d.ts +13 -0
package/dist/managers/ValidatorManager.d.ts.map +1 -0
package/dist/managers/ValidatorManager.js +218 -0
package/dist/managers/ValidatorManager.js.map +1 -0
package/dist/middlewares/errorHandler.d.ts +3 -0
package/dist/middlewares/errorHandler.d.ts.map +1 -0
package/dist/middlewares/errorHandler.js +94 -0
package/dist/middlewares/errorHandler.js.map +1 -0
package/dist/middlewares/index.d.ts +3 -0
package/dist/middlewares/index.d.ts.map +1 -0
package/dist/middlewares/index.js +19 -0
package/dist/middlewares/index.js.map +1 -0
package/dist/middlewares/requestLogger.d.ts +2 -0
package/dist/middlewares/requestLogger.d.ts.map +1 -0
package/dist/middlewares/requestLogger.js +8 -0
package/dist/middlewares/requestLogger.js.map +1 -0
package/dist/test/t1.d.ts +1 -0
package/dist/test/t1.d.ts.map +1 -0
package/dist/test/t1.js +3 -0
package/dist/test/t1.js.map +1 -0
package/dist/utils/deepFreeze.d.ts +2 -0
package/dist/utils/deepFreeze.d.ts.map +1 -0
package/dist/utils/deepFreeze.js +69 -0
package/dist/utils/deepFreeze.js.map +1 -0
package/dist/utils/deepMerge.d.ts +5 -0
package/dist/utils/deepMerge.d.ts.map +1 -0
package/dist/utils/deepMerge.js +68 -0
package/dist/utils/deepMerge.js.map +1 -0
package/dist/utils/normalizeOptions.d.ts +38 -0
package/dist/utils/normalizeOptions.d.ts.map +1 -0
package/dist/utils/normalizeOptions.js +119 -0
package/dist/utils/normalizeOptions.js.map +1 -0
package/package.json +50 -0
package/src/adapters/ArgonAdapter.ts +41 -0
package/src/adapters/BcryptAdapter.ts +49 -0
package/src/adapters/ExpressRLAdapter.ts +84 -0
package/src/adapters/ExpressValidatorAdapter.ts +99 -0
package/src/adapters/GoogleAdapter.ts +206 -0
package/src/adapters/JWTAdapter.ts +346 -0
package/src/adapters/RLFlexibleAdapter.ts +139 -0
package/src/adapters/SanitizeHtmlAdapter.ts +162 -0
package/src/adapters/XSSAdapter.ts +153 -0
package/src/adapters/ZodAdapter.ts +91 -0
package/src/core/HiSecure.ts +955 -0
package/src/core/config.ts +156 -0
package/src/core/constants.ts +73 -0
package/src/core/errors/AdapterError.ts +14 -0
package/src/core/errors/HttpErrror.ts +46 -0
package/src/core/errors/SanitizerError.ts +13 -0
package/src/core/errors/SecurityError.ts +13 -0
package/src/core/errors/ValidationError.ts +13 -0
package/src/core/types/HiSecureConfig.ts +62 -0
package/src/core/types/SecureOptions.ts +61 -0
package/src/core/useSecure.ts +111 -0
package/src/examples/e1.ts +1 -0
package/src/index.ts +17 -0
package/src/logging/index.ts +2 -0
package/src/logging/morganSetup.ts +3 -0
package/src/logging/winstonSetup.ts +17 -0
package/src/managers/AuthManager.ts +237 -0
package/src/managers/CorsManager.ts +58 -0
package/src/managers/HashManager.ts +390 -0
package/src/managers/JsonManager.ts +149 -0
package/src/managers/RateLimitManager.ts +368 -0
package/src/managers/SanitizerManager.ts +359 -0
package/src/managers/ValidatorManager.ts +269 -0
package/src/middlewares/errorHandler.ts +265 -0
package/src/middlewares/index.ts +2 -0
package/src/middlewares/requestLogger.ts +5 -0
package/src/test/t1.ts +1 -0
package/src/utils/deepFreeze.ts +76 -0
package/src/utils/deepMerge.ts +87 -0
package/src/utils/normalizeOptions.ts +265 -0
package/tsconfig.json +30 -0

package/src/managers/JsonManager.ts ADDED Viewed

@@ -0,0 +1,149 @@
+// // import express from "express";
+// // import { logger } from "../logging";
+// // import { AdapterError } from "../core/errors/AdapterError";
+// // export class JsonManager {
+// //     /**
+// //      * JSON parser middleware — global + dynamic override
+// //      */
+// //     middleware(options?: any) {
+// //         try {
+// //             const opts = options || {};
+// //             return express.json(opts);
+// //         } catch (err: any) {
+// //             logger.error("❌ JSON Manager: failed to create JSON parser", {
+// //                 error: err?.message || err
+// //             });
+// //             throw new AdapterError("JSON parser initialization failed.");
+// //         }
+// //     }
+// //     /**
+// //      * URL-encoded parser — same global + dynamic style
+// //      */
+// //     urlencoded(options?: any) {
+// //         try {
+// //             const opts = options || { extended: true };
+// //             return express.urlencoded(opts);
+// //         } catch (err: any) {
+// //             logger.error("❌ JSON Manager: failed to create urlencoded parser", {
+// //                 error: err?.message || err
+// //             });
+// //             throw new AdapterError("URL-encoded parser initialization failed.");
+// //         }
+// //     }
+// // }
+// import express from "express";
+// import qs from "qs";
+// import { logger } from "../logging";
+// import { AdapterError } from "../core/errors/AdapterError.js";
+// export class JsonManager {
+//     // JSON parser
+//     middleware(options?: any) {
+//         try {
+//             return express.json(options || {});
+//         } catch (err: any) {
+//             logger.error("❌ JSON Manager: failed to create JSON parser");
+//             throw new AdapterError("JSON parser initialization failed.");
+//         }
+//     }
+//     // URL-encoded parser
+//     urlencoded(options?: any) {
+//         try {
+//             const opts = options || { extended: true };
+//             return express.urlencoded(opts);
+//         } catch (err: any) {
+//             logger.error("❌ URL-encoded parser failed");
+//             throw new AdapterError("URL-encoded parser initialization failed.");
+//         }
+//     }
+//     // NEW: Query-string parser
+//     queryParser() {
+//         return (req: any, res: any, next: any) => {
+//             try {
+//                 req.query = qs.parse(req.url.split("?")[1] || "");
+//             } catch (err: any) {
+//                 logger.error("❌ Failed to parse query", { error: err?.message });
+//                 throw new AdapterError("Query parsing failed.");
+//             }
+//             next();
+//         };
+//     }
+// }
+// src/managers/JsonManager.ts - FIXED
+import express from "express";
+import qs from "qs";
+import { logger } from "../logging";
+import { AdapterError } from "../core/errors/AdapterError.js";
+export class JsonManager {
+    // JSON parser
+    middleware(options?: any) {
+        try {
+            const defaultOptions = {
+                limit: '1mb',
+                inflate: true,
+                strict: true
+            };
+            return express.json({ ...defaultOptions, ...(options || {}) });
+        } catch (err: any) {
+            logger.error("❌ JSON Manager: failed to create JSON parser");
+            throw new AdapterError("JSON parser initialization failed.");
+        }
+    }
+    // URL-encoded parser
+    urlencoded(options?: any) {
+        try {
+            const defaultOptions = {
+                extended: true,
+                limit: '1mb',
+                parameterLimit: 1000
+            };
+            const opts = { ...defaultOptions, ...(options || {}) };
+            return express.urlencoded(opts);
+        } catch (err: any) {
+            logger.error("❌ URL-encoded parser failed");
+            throw new AdapterError("URL-encoded parser initialization failed.");
+        }
+    }
+    // Query-string parser (doesn't override Express's query)
+    queryParser(options?: any) {
+        return (req: any, res: any, next: any) => {
+            try {
+                // Only parse if not already parsed by Express
+                if (!req.parsedQuery && req.url.includes('?')) {
+                    const queryString = req.url.split("?")[1] || "";
+                    const parsed = qs.parse(queryString, {
+                        depth: 5, // Prevent deep nesting attacks
+                        parameterLimit: 100,
+                        ...options
+                    });
+                    // Store separately, don't override req.query
+                    req.parsedQuery = parsed;
+                    logger.debug("🔍 Query parsed", {
+                        keys: Object.keys(parsed)
+                    });
+                }
+                next();
+            } catch (err: any) {
+                logger.error("❌ Failed to parse query", { error: err?.message });
+                next(new AdapterError("Query parsing failed."));
+            }
+        };
+    }
+}

package/src/managers/RateLimitManager.ts ADDED Viewed

@@ -0,0 +1,368 @@
+// // // src/managers/RateLimitManager.ts - COMPLETE FIXED
+// // import { HiSecureConfig } from "../core/types/HiSecureConfig.js";
+// // import { AdapterError } from "../core/errors/AdapterError.js";
+// // import { logger } from "../logging";
+// // interface RateLimiterAdapter {
+// //     getMiddleware: (options?: any) => any;
+// // }
+// // export class RateLimitManager {
+// //     private config: HiSecureConfig["rateLimiter"];
+// //     private primaryAdapter: RateLimiterAdapter;
+// //     private fallbackAdapter: RateLimiterAdapter | null;
+// //     constructor(
+// //         config: HiSecureConfig["rateLimiter"],
+// //         primaryAdapter: RateLimiterAdapter,
+// //         fallbackAdapter: RateLimiterAdapter | null
+// //     ) {
+// //         this.config = config;
+// //         this.primaryAdapter = primaryAdapter;
+// //         this.fallbackAdapter = fallbackAdapter;
+// //     }
+// //     middleware(opts?: { mode?: "strict" | "relaxed" | "api"; options?: any }) {
+// //         let finalOptions: any = {};
+// //         // Handle presets (user cannot override these)
+// //         if (opts?.mode === "strict") {
+// //             finalOptions = {
+// //                 windowMs: 10_000,
+// //                 max: 5,
+// //                 points: 5,
+// //                 duration: 10,
+// //                 message: "Too many requests, please slow down."
+// //             };
+// //         } else if (opts?.mode === "relaxed") {
+// //             finalOptions = {
+// //                 windowMs: 60_000,
+// //                 max: 100,
+// //                 points: 100,
+// //                 duration: 60,
+// //                 message: "Rate limit exceeded."
+// //             };
+// //         } else if (opts?.mode === "api") {
+// //             finalOptions = {
+// //                 windowMs: 15 * 60 * 1000, // 15 minutes
+// //                 max: 100,
+// //                 points: 100,
+// //                 duration: 900,
+// //                 message: "API rate limit exceeded."
+// //             };
+// //         } else {
+// //             // Use defaults
+// //             finalOptions = {
+// //                 windowMs: this.config.windowMs,
+// //                 max: this.config.maxRequests,
+// //                 duration: this.config.windowMs / 1000,
+// //                 points: this.config.maxRequests,
+// //                 message: this.config.message
+// //             };
+// //         }
+// //         // Apply custom options WITHOUT overriding preset values
+// //         if (opts?.options) {
+// //             // Only allow specific overrides, not preset overrides
+// //             const allowedOverrides = ['message', 'skipFailedRequests', 'standardHeaders'];
+// //             for (const key of allowedOverrides) {
+// //                 if (opts.options[key] !== undefined) {
+// //                     finalOptions[key] = opts.options[key];
+// //                 }
+// //             }
+// //             // Log if user tried to override preset
+// //             const attemptedOverrides = Object.keys(opts.options).filter(
+// //                 k => !allowedOverrides.includes(k) && k !== 'mode'
+// //             );
+// //             if (attemptedOverrides.length > 0) {
+// //                 logger.warn("⚠ Rate limit overrides ignored", { // ✅ FIXED: Better message
+// //                     preset: opts?.mode || 'default', // ✅ FIXED: Handle undefined
+// //                     ignoredOptions: attemptedOverrides
+// //                 });
+// //             }
+// //         }
+// //         // Try primary adapter
+// //         try {
+// //             logger.info("📌 Applying rate limiting", {
+// //                 mode: opts?.mode || 'default',
+// //                 windowMs: finalOptions.windowMs,
+// //                 max: finalOptions.max
+// //             });
+// //             return this.primaryAdapter.getMiddleware(finalOptions);
+// //         } catch (err: any) {
+// //             logger.warn("⚠ Primary rate limiter failed → fallback", {
+// //                 error: err?.message
+// //             });
+// //             if (!this.fallbackAdapter) {
+// //                 throw new AdapterError("Rate limiters failed; no fallback adapter.");
+// //             }
+// //             try {
+// //                 logger.info("📌 Using fallback rate limiter");
+// //                 return this.fallbackAdapter.getMiddleware(finalOptions);
+// //             } catch (fallbackErr: any) {
+// //                 logger.error("❌ Fallback limiter also failed", {
+// //                     error: fallbackErr?.message
+// //                 });
+// //                 throw new AdapterError("Both primary and fallback limiters failed.");
+// //             }
+// //         }
+// //     }
+// // }
+// // src/managers/RateLimitManager.ts - FIXED
+// import { HiSecureConfig } from "../core/types/HiSecureConfig.js";
+// import { AdapterError } from "../core/errors/AdapterError.js";
+// import { logger } from "../logging";
+// interface RateLimiterAdapter {
+//     getMiddleware: (options?: any) => any;
+// }
+// export class RateLimitManager {
+//     private config: HiSecureConfig["rateLimiter"];
+//     private primaryAdapter: RateLimiterAdapter;
+//     private fallbackAdapter: RateLimiterAdapter | null;
+//     constructor(
+//         config: HiSecureConfig["rateLimiter"],
+//         primaryAdapter: RateLimiterAdapter,
+//         fallbackAdapter: RateLimiterAdapter | null
+//     ) {
+//         this.config = config;
+//         this.primaryAdapter = primaryAdapter;
+//         this.fallbackAdapter = fallbackAdapter;
+//     }
+//     middleware(opts?: { mode?: "strict" | "relaxed" | "api"; options?: any }) {
+//         let finalOptions: any = {};
+//         // Handle presets (user cannot override these)
+//         if (opts?.mode === "strict") {
+//             finalOptions = {
+//                 windowMs: 10_000,
+//                 max: 5,
+//                 points: 5,
+//                 // ❌ REMOVED: duration: 10,
+//                 message: "Too many requests, please slow down."
+//             };
+//         } else if (opts?.mode === "relaxed") {
+//             finalOptions = {
+//                 windowMs: 60_000,
+//                 max: 100,
+//                 points: 100,
+//                 // ❌ REMOVED: duration: 60,
+//                 message: "Rate limit exceeded."
+//             };
+//         } else if (opts?.mode === "api") {
+//             finalOptions = {
+//                 windowMs: 15 * 60 * 1000, // 15 minutes
+//                 max: 100,
+//                 points: 100,
+//                 // ❌ REMOVED: duration: 900,
+//                 message: "API rate limit exceeded."
+//             };
+//         } else {
+//             // Use defaults
+//             finalOptions = {
+//                 windowMs: this.config.windowMs,
+//                 max: this.config.maxRequests,
+//                 // ❌ REMOVED: duration: this.config.windowMs / 1000,
+//                 points: this.config.maxRequests,
+//                 message: this.config.message,
+//                 standardHeaders: true,      // ✅ ADD
+//                 legacyHeaders: false        // ✅ ADD
+//             };
+//         }
+//         // Apply custom options WITHOUT overriding preset values
+//         if (opts?.options) {
+//             // Only allow specific overrides, not preset overrides
+//             const allowedOverrides = ['message', 'skipFailedRequests', 'standardHeaders', 'legacyHeaders'];
+//             for (const key of allowedOverrides) {
+//                 if (opts.options[key] !== undefined) {
+//                     finalOptions[key] = opts.options[key];
+//                 }
+//             }
+//             // Log if user tried to override preset
+//             const attemptedOverrides = Object.keys(opts.options).filter(
+//                 k => !allowedOverrides.includes(k) && k !== 'mode'
+//             );
+//             if (attemptedOverrides.length > 0) {
+//                 logger.warn("⚠ Rate limit overrides ignored", {
+//                     preset: opts?.mode || 'default',
+//                     ignoredOptions: attemptedOverrides
+//                 });
+//             }
+//         }
+//         // Add v8+ options if not present
+//         if (finalOptions.standardHeaders === undefined) {
+//             finalOptions.standardHeaders = true;
+//         }
+//         if (finalOptions.legacyHeaders === undefined) {
+//             finalOptions.legacyHeaders = false;
+//         }
+//         // Try primary adapter
+//         try {
+//             logger.info("📌 Applying rate limiting", {
+//                 mode: opts?.mode || 'default',
+//                 windowMs: finalOptions.windowMs,
+//                 max: finalOptions.max
+//             });
+//             return this.primaryAdapter.getMiddleware(finalOptions);
+//         } catch (err: any) {
+//             logger.warn("⚠ Primary rate limiter failed → fallback", {
+//                 error: err?.message
+//             });
+//             if (!this.fallbackAdapter) {
+//                 throw new AdapterError("Rate limiters failed; no fallback adapter.");
+//             }
+//             try {
+//                 logger.info("📌 Using fallback rate limiter");
+//                 return this.fallbackAdapter.getMiddleware(finalOptions);
+//             } catch (fallbackErr: any) {
+//                 logger.error("❌ Fallback limiter also failed", {
+//                     error: fallbackErr?.message
+//                 });
+//                 throw new AdapterError("Both primary and fallback limiters failed.");
+//             }
+//         }
+//     }
+// }
+// src/managers/RateLimitManager.ts - COMPLETELY FIXED
+import { HiSecureConfig } from "../core/types/HiSecureConfig.js";
+import { AdapterError } from "../core/errors/AdapterError.js";
+import { logger } from "../logging";
+interface RateLimiterAdapter {
+    getMiddleware: (options?: any) => any;
+}
+export class RateLimitManager {
+    private config: HiSecureConfig["rateLimiter"];
+    private primaryAdapter: RateLimiterAdapter;
+    private fallbackAdapter: RateLimiterAdapter | null;
+    constructor(
+        config: HiSecureConfig["rateLimiter"],
+        primaryAdapter: RateLimiterAdapter,
+        fallbackAdapter: RateLimiterAdapter | null
+    ) {
+        this.config = config;
+        this.primaryAdapter = primaryAdapter;
+        this.fallbackAdapter = fallbackAdapter;
+    }
+    middleware(opts?: { mode?: "strict" | "relaxed" | "api"; options?: any }) {
+        let finalOptions: any = {};
+        // Handle presets (user cannot override these)
+        if (opts?.mode === "strict") {
+            finalOptions = {
+                windowMs: 10_000,
+                max: 5,
+                // ❌ REMOVED: points: 5,
+                message: "Too many requests, please slow down."
+            };
+        } else if (opts?.mode === "relaxed") {
+            finalOptions = {
+                windowMs: 60_000,
+                max: 100,
+                // ❌ REMOVED: points: 100,
+                message: "Rate limit exceeded."
+            };
+        } else if (opts?.mode === "api") {
+            finalOptions = {
+                windowMs: 15 * 60 * 1000, // 15 minutes
+                max: 100,
+                // ❌ REMOVED: points: 100,
+                message: "API rate limit exceeded."
+            };
+        } else {
+            // Use defaults
+            finalOptions = {
+                windowMs: this.config.windowMs,
+                max: this.config.maxRequests,
+                message: this.config.message,
+                standardHeaders: true,      // ✅ ADD
+                legacyHeaders: false        // ✅ ADD
+            };
+        }
+        // Apply custom options WITHOUT overriding preset values
+        if (opts?.options) {
+            // Only allow specific overrides, not preset overrides
+            const allowedOverrides = ['message', 'skipFailedRequests', 'standardHeaders', 'legacyHeaders'];
+            for (const key of allowedOverrides) {
+                if (opts.options[key] !== undefined) {
+                    finalOptions[key] = opts.options[key];
+                }
+            }
+            // Log if user tried to override preset
+            const attemptedOverrides = Object.keys(opts.options).filter(
+                k => !allowedOverrides.includes(k) && k !== 'mode'
+            );
+            if (attemptedOverrides.length > 0) {
+                logger.warn("⚠ Rate limit overrides ignored", {
+                    preset: opts?.mode || 'default',
+                    ignoredOptions: attemptedOverrides
+                });
+            }
+        }
+        // Add v8+ options if not present
+        if (finalOptions.standardHeaders === undefined) {
+            finalOptions.standardHeaders = true;
+        }
+        if (finalOptions.legacyHeaders === undefined) {
+            finalOptions.legacyHeaders = false;
+        }
+        // Try primary adapter
+        try {
+            logger.info("📌 Applying rate limiting", {
+                mode: opts?.mode || 'default',
+                windowMs: finalOptions.windowMs,
+                max: finalOptions.max
+            });
+            return this.primaryAdapter.getMiddleware(finalOptions);
+        } catch (err: any) {
+            logger.warn("⚠ Primary rate limiter failed → fallback", {
+                error: err?.message
+            });
+            if (!this.fallbackAdapter) {
+                throw new AdapterError("Rate limiters failed; no fallback adapter.");
+            }
+            try {
+                logger.info("📌 Using fallback rate limiter");
+                return this.fallbackAdapter.getMiddleware(finalOptions);
+            } catch (fallbackErr: any) {
+                logger.error("❌ Fallback limiter also failed", {
+                    error: fallbackErr?.message
+                });
+                throw new AdapterError("Both primary and fallback limiters failed.");
+            }
+        }
+    }
+}