hi-secure 1.0.15 → 1.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/ArgonAdapter.d.ts +1 -1
- package/dist/adapters/ArgonAdapter.d.ts.map +1 -1
- package/dist/adapters/ArgonAdapter.js +43 -5
- package/dist/adapters/ArgonAdapter.js.map +1 -1
- package/dist/adapters/BcryptAdapter.d.ts.map +1 -1
- package/dist/adapters/BcryptAdapter.js +43 -3
- package/dist/adapters/BcryptAdapter.js.map +1 -1
- package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressRLAdapter.js +48 -6
- package/dist/adapters/ExpressRLAdapter.js.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.js +50 -10
- package/dist/adapters/ExpressValidatorAdapter.js.map +1 -1
- package/dist/adapters/GoogleAdapter.d.ts.map +1 -1
- package/dist/adapters/GoogleAdapter.js +82 -16
- package/dist/adapters/GoogleAdapter.js.map +1 -1
- package/dist/adapters/JWTAdapter.d.ts.map +1 -1
- package/dist/adapters/JWTAdapter.js +104 -15
- package/dist/adapters/JWTAdapter.js.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.js +87 -12
- package/dist/adapters/RLFlexibleAdapter.js.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.js +81 -13
- package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -1
- package/dist/adapters/XSSAdapter.d.ts +1 -1
- package/dist/adapters/XSSAdapter.d.ts.map +1 -1
- package/dist/adapters/XSSAdapter.js +137 -20
- package/dist/adapters/XSSAdapter.js.map +1 -1
- package/dist/adapters/ZodAdapter.d.ts +1 -1
- package/dist/adapters/ZodAdapter.d.ts.map +1 -1
- package/dist/adapters/ZodAdapter.js +13 -8
- package/dist/adapters/ZodAdapter.js.map +1 -1
- package/dist/core/HiSecure.d.ts +3 -4
- package/dist/core/HiSecure.d.ts.map +1 -1
- package/dist/core/HiSecure.js +108 -121
- package/dist/core/HiSecure.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +8 -1
- package/dist/index.js.map +1 -1
- package/dist/logging/index.d.ts.map +1 -1
- package/dist/logging/index.js +2 -0
- package/dist/logging/index.js.map +1 -1
- package/dist/logging/morganSetup.d.ts.map +1 -1
- package/dist/logging/morganSetup.js +22 -1
- package/dist/logging/morganSetup.js.map +1 -1
- package/dist/logging/winstonSetup.d.ts.map +1 -1
- package/dist/logging/winstonSetup.js +61 -3
- package/dist/logging/winstonSetup.js.map +1 -1
- package/dist/managers/AuthManager.d.ts +2 -2
- package/dist/managers/AuthManager.d.ts.map +1 -1
- package/dist/managers/AuthManager.js +167 -31
- package/dist/managers/AuthManager.js.map +1 -1
- package/dist/managers/CorsManager.d.ts.map +1 -1
- package/dist/managers/CorsManager.js +46 -11
- package/dist/managers/CorsManager.js.map +1 -1
- package/dist/managers/HashManager.d.ts +1 -1
- package/dist/managers/HashManager.d.ts.map +1 -1
- package/dist/managers/HashManager.js +127 -17
- package/dist/managers/HashManager.js.map +1 -1
- package/dist/managers/JsonManager.d.ts +1 -1
- package/dist/managers/JsonManager.d.ts.map +1 -1
- package/dist/managers/JsonManager.js +99 -16
- package/dist/managers/JsonManager.js.map +1 -1
- package/dist/managers/RateLimitManager.d.ts +1 -1
- package/dist/managers/RateLimitManager.d.ts.map +1 -1
- package/dist/managers/RateLimitManager.js +46 -22
- package/dist/managers/RateLimitManager.js.map +1 -1
- package/dist/managers/SanitizerManager.d.ts.map +1 -1
- package/dist/managers/SanitizerManager.js +112 -15
- package/dist/managers/SanitizerManager.js.map +1 -1
- package/dist/managers/ValidatorManager.d.ts.map +1 -1
- package/dist/managers/ValidatorManager.js +90 -7
- package/dist/managers/ValidatorManager.js.map +1 -1
- package/package.json +2 -6
- package/readme.md +3 -6
- package/src/adapters/ArgonAdapter.ts +55 -6
- package/src/adapters/BcryptAdapter.ts +56 -8
- package/src/adapters/ExpressRLAdapter.ts +62 -9
- package/src/adapters/ExpressValidatorAdapter.ts +67 -11
- package/src/adapters/GoogleAdapter.ts +106 -21
- package/src/adapters/JWTAdapter.ts +129 -21
- package/src/adapters/RLFlexibleAdapter.ts +113 -16
- package/src/adapters/SanitizeHtmlAdapter.ts +111 -18
- package/src/adapters/XSSAdapter.ts +183 -39
- package/src/adapters/ZodAdapter.ts +56 -10
- package/src/core/HiSecure.ts +496 -162
- package/src/index.ts +4 -0
- package/src/logging/index.ts +6 -0
- package/src/logging/morganSetup.ts +36 -1
- package/src/logging/winstonSetup.ts +97 -8
- package/src/managers/AuthManager.ts +205 -34
- package/src/managers/CorsManager.ts +63 -16
- package/src/managers/HashManager.ts +156 -19
- package/src/managers/JsonManager.ts +119 -15
- package/src/managers/RateLimitManager.ts +174 -29
- package/src/managers/SanitizerManager.ts +150 -25
- package/src/managers/ValidatorManager.ts +115 -15
|
@@ -1,13 +1,110 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
// import { AdapterError } from "../core/errors/AdapterError.js";
|
|
3
|
+
// import { HiSecureConfig } from "../core/types/HiSecureConfig.js";
|
|
4
|
+
// import { logger } from "../logging";
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
exports.HashManager = void 0;
|
|
4
|
-
|
|
7
|
+
// interface HashAdapter {
|
|
8
|
+
// hash(value: string): Promise<string>;
|
|
9
|
+
// verify(value: string, hashed: string): Promise<boolean>;
|
|
10
|
+
// }
|
|
11
|
+
// export interface HashResult {
|
|
12
|
+
// hash: string;
|
|
13
|
+
// algorithm: string;
|
|
14
|
+
// usedFallback: boolean;
|
|
15
|
+
// }
|
|
16
|
+
// export class HashManager {
|
|
17
|
+
// private config: HiSecureConfig["hashing"];
|
|
18
|
+
// private primaryAdapter: HashAdapter;
|
|
19
|
+
// private fallbackAdapter: HashAdapter | null;
|
|
20
|
+
// constructor(
|
|
21
|
+
// config: HiSecureConfig["hashing"],
|
|
22
|
+
// primaryAdapter: HashAdapter,
|
|
23
|
+
// fallbackAdapter: HashAdapter | null
|
|
24
|
+
// ) {
|
|
25
|
+
// this.config = config;
|
|
26
|
+
// this.primaryAdapter = primaryAdapter;
|
|
27
|
+
// this.fallbackAdapter = fallbackAdapter;
|
|
28
|
+
// }
|
|
29
|
+
// async hash(value: string, options?: { allowFallback?: boolean }): Promise<HashResult> {
|
|
30
|
+
// try {
|
|
31
|
+
// const hash = await this.primaryAdapter.hash(value);
|
|
32
|
+
// return {
|
|
33
|
+
// hash,
|
|
34
|
+
// algorithm: this.config.primary,
|
|
35
|
+
// usedFallback: false
|
|
36
|
+
// };
|
|
37
|
+
// } catch (err: any) {
|
|
38
|
+
// logger.warn("Primary hashing failed", {
|
|
39
|
+
// error: err.message,
|
|
40
|
+
// algorithm: this.config.primary
|
|
41
|
+
// });
|
|
42
|
+
// if (!options?.allowFallback || !this.fallbackAdapter) {
|
|
43
|
+
// throw new AdapterError(
|
|
44
|
+
// `Primary hashing (${this.config.primary}) failed. Fallback not allowed.`
|
|
45
|
+
// );
|
|
46
|
+
// }
|
|
47
|
+
// try {
|
|
48
|
+
// const hash = await this.fallbackAdapter.hash(value);
|
|
49
|
+
// // Log security downgrade warning
|
|
50
|
+
// logger.warn("SECURITY DOWNGRADE: Using fallback hashing", {
|
|
51
|
+
// from: this.config.primary,
|
|
52
|
+
// to: this.config.fallback
|
|
53
|
+
// });
|
|
54
|
+
// return {
|
|
55
|
+
// hash,
|
|
56
|
+
// algorithm: this.config.fallback || 'bcrypt',
|
|
57
|
+
// usedFallback: true
|
|
58
|
+
// };
|
|
59
|
+
// } catch (fallbackErr: any) {
|
|
60
|
+
// logger.error("Fallback hashing failed", {
|
|
61
|
+
// error: fallbackErr?.message,
|
|
62
|
+
// });
|
|
63
|
+
// throw new AdapterError(
|
|
64
|
+
// "Both primary and fallback hashing failed."
|
|
65
|
+
// );
|
|
66
|
+
// }
|
|
67
|
+
// }
|
|
68
|
+
// }
|
|
69
|
+
// async verify(value: string, hashed: string): Promise<boolean> {
|
|
70
|
+
// // primary adapter - first
|
|
71
|
+
// try {
|
|
72
|
+
// return await this.primaryAdapter.verify(value, hashed);
|
|
73
|
+
// } catch (primaryErr: any) {
|
|
74
|
+
// logger.warn("Primary verify failed", {
|
|
75
|
+
// error: primaryErr?.message,
|
|
76
|
+
// });
|
|
77
|
+
// // fallback exists - try it
|
|
78
|
+
// if (this.fallbackAdapter) {
|
|
79
|
+
// try {
|
|
80
|
+
// return await this.fallbackAdapter.verify(value, hashed);
|
|
81
|
+
// } catch (fallbackErr: any) {
|
|
82
|
+
// logger.error(" Fallback verify failed", {
|
|
83
|
+
// error: fallbackErr?.message,
|
|
84
|
+
// });
|
|
85
|
+
// throw new AdapterError(
|
|
86
|
+
// "Both primary and fallback verify failed."
|
|
87
|
+
// );
|
|
88
|
+
// }
|
|
89
|
+
// }
|
|
90
|
+
// throw new AdapterError(
|
|
91
|
+
// "Primary verify failed and no fallback adapter configured."
|
|
92
|
+
// );
|
|
93
|
+
// }
|
|
94
|
+
// }
|
|
95
|
+
// }
|
|
96
|
+
const AdapterError_1 = require("../core/errors/AdapterError");
|
|
5
97
|
const logging_1 = require("../logging");
|
|
6
98
|
class HashManager {
|
|
7
99
|
constructor(config, primaryAdapter, fallbackAdapter) {
|
|
8
100
|
this.config = config;
|
|
9
101
|
this.primaryAdapter = primaryAdapter;
|
|
10
102
|
this.fallbackAdapter = fallbackAdapter;
|
|
103
|
+
logging_1.logger.info("HashManager initialized", {
|
|
104
|
+
layer: "hash-manager",
|
|
105
|
+
primary: config.primary,
|
|
106
|
+
fallbackEnabled: !!fallbackAdapter
|
|
107
|
+
});
|
|
11
108
|
}
|
|
12
109
|
async hash(value, options) {
|
|
13
110
|
try {
|
|
@@ -20,55 +117,68 @@ class HashManager {
|
|
|
20
117
|
}
|
|
21
118
|
catch (err) {
|
|
22
119
|
logging_1.logger.warn("Primary hashing failed", {
|
|
23
|
-
|
|
24
|
-
|
|
120
|
+
layer: "hash-manager",
|
|
121
|
+
operation: "hash",
|
|
122
|
+
algorithm: this.config.primary,
|
|
123
|
+
reason: err?.message
|
|
25
124
|
});
|
|
26
125
|
if (!options?.allowFallback || !this.fallbackAdapter) {
|
|
27
|
-
throw new
|
|
126
|
+
throw new AdapterError_1.AdapterError(`Primary hashing (${this.config.primary}) failed. Fallback not allowed.`);
|
|
28
127
|
}
|
|
29
128
|
try {
|
|
30
129
|
const hash = await this.fallbackAdapter.hash(value);
|
|
31
|
-
//
|
|
32
|
-
logging_1.logger.warn("
|
|
130
|
+
// ⚠️ security downgrade log (VERY GOOD PRACTICE)
|
|
131
|
+
logging_1.logger.warn("Hashing fallback used (security downgrade)", {
|
|
132
|
+
layer: "hash-manager",
|
|
133
|
+
operation: "hash",
|
|
33
134
|
from: this.config.primary,
|
|
34
135
|
to: this.config.fallback
|
|
35
136
|
});
|
|
36
137
|
return {
|
|
37
138
|
hash,
|
|
38
|
-
algorithm: this.config.fallback ||
|
|
139
|
+
algorithm: this.config.fallback || "bcrypt",
|
|
39
140
|
usedFallback: true
|
|
40
141
|
};
|
|
41
142
|
}
|
|
42
143
|
catch (fallbackErr) {
|
|
43
144
|
logging_1.logger.error("Fallback hashing failed", {
|
|
44
|
-
|
|
145
|
+
layer: "hash-manager",
|
|
146
|
+
operation: "hash",
|
|
147
|
+
from: this.config.primary,
|
|
148
|
+
to: this.config.fallback,
|
|
149
|
+
reason: fallbackErr?.message
|
|
45
150
|
});
|
|
46
|
-
throw new
|
|
151
|
+
throw new AdapterError_1.AdapterError("Both primary and fallback hashing failed.");
|
|
47
152
|
}
|
|
48
153
|
}
|
|
49
154
|
}
|
|
50
155
|
async verify(value, hashed) {
|
|
51
|
-
// primary adapter - first
|
|
52
156
|
try {
|
|
53
157
|
return await this.primaryAdapter.verify(value, hashed);
|
|
54
158
|
}
|
|
55
159
|
catch (primaryErr) {
|
|
56
|
-
logging_1.logger.warn("Primary
|
|
57
|
-
|
|
160
|
+
logging_1.logger.warn("Primary hash verification failed", {
|
|
161
|
+
layer: "hash-manager",
|
|
162
|
+
operation: "verify",
|
|
163
|
+
algorithm: this.config.primary,
|
|
164
|
+
reason: primaryErr?.message
|
|
58
165
|
});
|
|
59
|
-
// fallback exists - try it
|
|
60
166
|
if (this.fallbackAdapter) {
|
|
61
167
|
try {
|
|
62
168
|
return await this.fallbackAdapter.verify(value, hashed);
|
|
63
169
|
}
|
|
64
170
|
catch (fallbackErr) {
|
|
65
|
-
logging_1.logger.error("
|
|
66
|
-
|
|
171
|
+
logging_1.logger.error("Fallback hash verification failed", {
|
|
172
|
+
layer: "hash-manager",
|
|
173
|
+
operation: "verify",
|
|
174
|
+
from: this.config.primary,
|
|
175
|
+
to: this.config.fallback,
|
|
176
|
+
reason: fallbackErr?.message
|
|
67
177
|
});
|
|
68
|
-
throw new
|
|
178
|
+
throw new AdapterError_1.AdapterError("Both primary and fallback verify failed.");
|
|
69
179
|
}
|
|
70
180
|
}
|
|
71
|
-
throw new
|
|
181
|
+
throw new AdapterError_1.AdapterError("Primary verify failed and no fallback adapter configured.");
|
|
72
182
|
}
|
|
73
183
|
}
|
|
74
184
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HashManager.js","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":";;;AAAA,oEAA8D;AAE9D,wCAAoC;AAapC,MAAa,WAAW;IAKpB,YACI,MAAiC,EACjC,cAA2B,EAC3B,eAAmC;QAEnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,KAAa,EAAE,OAAqC;QAC3D,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACnD,OAAO;gBACH,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,YAAY,EAAE,KAAK;aACtB,CAAC;QACN,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBAClC,KAAK,EAAE,GAAG,CAAC,OAAO;gBAClB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;aACjC,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,EAAE,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnD,MAAM,IAAI,8BAAY,CAClB,oBAAoB,IAAI,CAAC,MAAM,CAAC,OAAO,iCAAiC,CAC3E,CAAC;YACN,CAAC;YAED,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAEpD,iCAAiC;gBACjC,gBAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;oBACtD,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;oBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAC3B,CAAC,CAAC;gBAEH,OAAO;oBACH,IAAI;oBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ;oBAC3C,YAAY,EAAE,IAAI;iBACrB,CAAC;YACN,CAAC;YAAC,OAAO,WAAgB,EAAE,CAAC;gBACxB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;oBACpC,KAAK,EAAE,WAAW,EAAE,OAAO;iBAC9B,CAAC,CAAC;gBACH,MAAM,IAAI,8BAAY,CAClB,2CAA2C,CAC9C,CAAC;YACN,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,MAAc;QACtC,2BAA2B;QAC3B,IAAI,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,UAAe,EAAE,CAAC;YACvB,gBAAM,CAAC,IAAI,CAAC,uBAAuB,EAAE;gBACjC,KAAK,EAAE,UAAU,EAAE,OAAO;aAC7B,CAAC,CAAC;YAEH,6BAA6B;YAC7B,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACvB,IAAI,CAAC;oBACD,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAC5D,CAAC;gBAAC,OAAO,WAAgB,EAAE,CAAC;oBACxB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;wBACpC,KAAK,EAAE,WAAW,EAAE,OAAO;qBAC9B,CAAC,CAAC;oBACH,MAAM,IAAI,8BAAY,CAClB,0CAA0C,CAC7C,CAAC;gBACN,CAAC;YACL,CAAC;YAED,MAAM,IAAI,8BAAY,CAClB,2DAA2D,CAC9D,CAAC;QACN,CAAC;IACL,CAAC;CACJ;AAxFD,kCAwFC","sourcesContent":["import { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { HiSecureConfig } from \"../core/types/HiSecureConfig.js\";\r\nimport { logger } from \"../logging\";\r\n\r\ninterface HashAdapter {\r\n hash(value: string): Promise<string>;\r\n verify(value: string, hashed: string): Promise<boolean>;\r\n}\r\n\r\nexport interface HashResult {\r\n hash: string;\r\n algorithm: string;\r\n usedFallback: boolean;\r\n}\r\n\r\nexport class HashManager {\r\n private config: HiSecureConfig[\"hashing\"];\r\n private primaryAdapter: HashAdapter;\r\n private fallbackAdapter: HashAdapter | null;\r\n\r\n constructor(\r\n config: HiSecureConfig[\"hashing\"],\r\n primaryAdapter: HashAdapter,\r\n fallbackAdapter: HashAdapter | null\r\n ) {\r\n this.config = config;\r\n this.primaryAdapter = primaryAdapter;\r\n this.fallbackAdapter = fallbackAdapter;\r\n }\r\n\r\n async hash(value: string, options?: { allowFallback?: boolean }): Promise<HashResult> {\r\n try {\r\n const hash = await this.primaryAdapter.hash(value);\r\n return {\r\n hash,\r\n algorithm: this.config.primary,\r\n usedFallback: false\r\n };\r\n } catch (err: any) {\r\n logger.warn(\"Primary hashing failed\", {\r\n error: err.message,\r\n algorithm: this.config.primary\r\n });\r\n\r\n if (!options?.allowFallback || !this.fallbackAdapter) {\r\n throw new AdapterError(\r\n `Primary hashing (${this.config.primary}) failed. Fallback not allowed.`\r\n );\r\n }\r\n\r\n try {\r\n const hash = await this.fallbackAdapter.hash(value);\r\n \r\n // Log security downgrade warning\r\n logger.warn(\"SECURITY DOWNGRADE: Using fallback hashing\", {\r\n from: this.config.primary,\r\n to: this.config.fallback\r\n });\r\n \r\n return {\r\n hash,\r\n algorithm: this.config.fallback || 'bcrypt',\r\n usedFallback: true\r\n };\r\n } catch (fallbackErr: any) {\r\n logger.error(\"Fallback hashing failed\", {\r\n error: fallbackErr?.message,\r\n });\r\n throw new AdapterError(\r\n \"Both primary and fallback hashing failed.\"\r\n );\r\n }\r\n }\r\n }\r\n\r\n async verify(value: string, hashed: string): Promise<boolean> {\r\n // primary adapter - first\r\n try {\r\n return await this.primaryAdapter.verify(value, hashed);\r\n } catch (primaryErr: any) {\r\n logger.warn(\"Primary verify failed\", {\r\n error: primaryErr?.message,\r\n });\r\n\r\n // fallback exists - try it\r\n if (this.fallbackAdapter) {\r\n try {\r\n return await this.fallbackAdapter.verify(value, hashed);\r\n } catch (fallbackErr: any) {\r\n logger.error(\" Fallback verify failed\", {\r\n error: fallbackErr?.message,\r\n });\r\n throw new AdapterError(\r\n \"Both primary and fallback verify failed.\"\r\n );\r\n }\r\n }\r\n \r\n throw new AdapterError(\r\n \"Primary verify failed and no fallback adapter configured.\"\r\n );\r\n }\r\n }\r\n}"]}
|
|
1
|
+
{"version":3,"file":"HashManager.js","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":";AAAA,iEAAiE;AACjE,oEAAoE;AACpE,uCAAuC;;;AAEvC,0BAA0B;AAC1B,4CAA4C;AAC5C,+DAA+D;AAC/D,IAAI;AAEJ,gCAAgC;AAChC,oBAAoB;AACpB,yBAAyB;AACzB,6BAA6B;AAC7B,IAAI;AAEJ,6BAA6B;AAC7B,iDAAiD;AACjD,2CAA2C;AAC3C,mDAAmD;AAEnD,mBAAmB;AACnB,6CAA6C;AAC7C,uCAAuC;AACvC,8CAA8C;AAC9C,UAAU;AACV,gCAAgC;AAChC,gDAAgD;AAChD,kDAAkD;AAClD,QAAQ;AAER,8FAA8F;AAC9F,gBAAgB;AAChB,kEAAkE;AAClE,uBAAuB;AACvB,wBAAwB;AACxB,kDAAkD;AAClD,sCAAsC;AACtC,iBAAiB;AACjB,+BAA+B;AAC/B,sDAAsD;AACtD,sCAAsC;AACtC,iDAAiD;AACjD,kBAAkB;AAElB,sEAAsE;AACtE,0CAA0C;AAC1C,+FAA+F;AAC/F,qBAAqB;AACrB,gBAAgB;AAEhB,oBAAoB;AACpB,uEAAuE;AAEvE,oDAAoD;AACpD,8EAA8E;AAC9E,iDAAiD;AACjD,+CAA+C;AAC/C,sBAAsB;AAEtB,2BAA2B;AAC3B,4BAA4B;AAC5B,mEAAmE;AACnE,yCAAyC;AACzC,qBAAqB;AACrB,2CAA2C;AAC3C,4DAA4D;AAC5D,mDAAmD;AACnD,sBAAsB;AACtB,0CAA0C;AAC1C,kEAAkE;AAClE,qBAAqB;AACrB,gBAAgB;AAChB,YAAY;AACZ,QAAQ;AAER,sEAAsE;AACtE,sCAAsC;AACtC,gBAAgB;AAChB,sEAAsE;AACtE,sCAAsC;AACtC,qDAAqD;AACrD,8CAA8C;AAC9C,kBAAkB;AAElB,4CAA4C;AAC5C,0CAA0C;AAC1C,wBAAwB;AACxB,+EAA+E;AAC/E,+CAA+C;AAC/C,gEAAgE;AAChE,uDAAuD;AACvD,0BAA0B;AAC1B,8CAA8C;AAC9C,qEAAqE;AACrE,yBAAyB;AACzB,oBAAoB;AACpB,gBAAgB;AAEhB,sCAAsC;AACtC,8EAA8E;AAC9E,iBAAiB;AACjB,YAAY;AACZ,QAAQ;AACR,IAAI;AAKJ,8DAA2D;AAE3D,wCAAoC;AAapC,MAAa,WAAW;IAKpB,YACI,MAAiC,EACjC,cAA2B,EAC3B,eAAmC;QAEnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAEvC,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;YACnC,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,eAAe,EAAE,CAAC,CAAC,eAAe;SACrC,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,IAAI,CACN,KAAa,EACb,OAAqC;QAErC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEnD,OAAO;gBACH,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,YAAY,EAAE,KAAK;aACtB,CAAC;QAEN,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBAClC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,EAAE,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnD,MAAM,IAAI,2BAAY,CAClB,oBAAoB,IAAI,CAAC,MAAM,CAAC,OAAO,iCAAiC,CAC3E,CAAC;YACN,CAAC;YAED,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAEpD,iDAAiD;gBACjD,gBAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;oBACtD,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,MAAM;oBACjB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;oBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAC3B,CAAC,CAAC;gBAEH,OAAO;oBACH,IAAI;oBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ;oBAC3C,YAAY,EAAE,IAAI;iBACrB,CAAC;YAEN,CAAC;YAAC,OAAO,WAAgB,EAAE,CAAC;gBACxB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;oBACpC,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,MAAM;oBACjB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;oBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACxB,MAAM,EAAE,WAAW,EAAE,OAAO;iBAC/B,CAAC,CAAC;gBAEH,MAAM,IAAI,2BAAY,CAClB,2CAA2C,CAC9C,CAAC;YACN,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,MAAc;QACtC,IAAI,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAE3D,CAAC;QAAC,OAAO,UAAe,EAAE,CAAC;YACvB,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;gBAC5C,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,QAAQ;gBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,UAAU,EAAE,OAAO;aAC9B,CAAC,CAAC;YAEH,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBACvB,IAAI,CAAC;oBACD,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAE5D,CAAC;gBAAC,OAAO,WAAgB,EAAE,CAAC;oBACxB,gBAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;wBAC9C,KAAK,EAAE,cAAc;wBACrB,SAAS,EAAE,QAAQ;wBACnB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;wBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;wBACxB,MAAM,EAAE,WAAW,EAAE,OAAO;qBAC/B,CAAC,CAAC;oBAEH,MAAM,IAAI,2BAAY,CAClB,0CAA0C,CAC7C,CAAC;gBACN,CAAC;YACL,CAAC;YAED,MAAM,IAAI,2BAAY,CAClB,2DAA2D,CAC9D,CAAC;QACN,CAAC;IACL,CAAC;CACJ;AArHD,kCAqHC","sourcesContent":["// import { AdapterError } from \"../core/errors/AdapterError.js\";\r\n// import { HiSecureConfig } from \"../core/types/HiSecureConfig.js\";\r\n// import { logger } from \"../logging\";\r\n\r\n// interface HashAdapter {\r\n// hash(value: string): Promise<string>;\r\n// verify(value: string, hashed: string): Promise<boolean>;\r\n// }\r\n\r\n// export interface HashResult {\r\n// hash: string;\r\n// algorithm: string;\r\n// usedFallback: boolean;\r\n// }\r\n\r\n// export class HashManager {\r\n// private config: HiSecureConfig[\"hashing\"];\r\n// private primaryAdapter: HashAdapter;\r\n// private fallbackAdapter: HashAdapter | null;\r\n\r\n// constructor(\r\n// config: HiSecureConfig[\"hashing\"],\r\n// primaryAdapter: HashAdapter,\r\n// fallbackAdapter: HashAdapter | null\r\n// ) {\r\n// this.config = config;\r\n// this.primaryAdapter = primaryAdapter;\r\n// this.fallbackAdapter = fallbackAdapter;\r\n// }\r\n\r\n// async hash(value: string, options?: { allowFallback?: boolean }): Promise<HashResult> {\r\n// try {\r\n// const hash = await this.primaryAdapter.hash(value);\r\n// return {\r\n// hash,\r\n// algorithm: this.config.primary,\r\n// usedFallback: false\r\n// };\r\n// } catch (err: any) {\r\n// logger.warn(\"Primary hashing failed\", {\r\n// error: err.message,\r\n// algorithm: this.config.primary\r\n// });\r\n\r\n// if (!options?.allowFallback || !this.fallbackAdapter) {\r\n// throw new AdapterError(\r\n// `Primary hashing (${this.config.primary}) failed. Fallback not allowed.`\r\n// );\r\n// }\r\n\r\n// try {\r\n// const hash = await this.fallbackAdapter.hash(value);\r\n \r\n// // Log security downgrade warning\r\n// logger.warn(\"SECURITY DOWNGRADE: Using fallback hashing\", {\r\n// from: this.config.primary,\r\n// to: this.config.fallback\r\n// });\r\n \r\n// return {\r\n// hash,\r\n// algorithm: this.config.fallback || 'bcrypt',\r\n// usedFallback: true\r\n// };\r\n// } catch (fallbackErr: any) {\r\n// logger.error(\"Fallback hashing failed\", {\r\n// error: fallbackErr?.message,\r\n// });\r\n// throw new AdapterError(\r\n// \"Both primary and fallback hashing failed.\"\r\n// );\r\n// }\r\n// }\r\n// }\r\n\r\n// async verify(value: string, hashed: string): Promise<boolean> {\r\n// // primary adapter - first\r\n// try {\r\n// return await this.primaryAdapter.verify(value, hashed);\r\n// } catch (primaryErr: any) {\r\n// logger.warn(\"Primary verify failed\", {\r\n// error: primaryErr?.message,\r\n// });\r\n\r\n// // fallback exists - try it\r\n// if (this.fallbackAdapter) {\r\n// try {\r\n// return await this.fallbackAdapter.verify(value, hashed);\r\n// } catch (fallbackErr: any) {\r\n// logger.error(\" Fallback verify failed\", {\r\n// error: fallbackErr?.message,\r\n// });\r\n// throw new AdapterError(\r\n// \"Both primary and fallback verify failed.\"\r\n// );\r\n// }\r\n// }\r\n \r\n// throw new AdapterError(\r\n// \"Primary verify failed and no fallback adapter configured.\"\r\n// );\r\n// }\r\n// }\r\n// }\r\n\r\n\r\n\r\n\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { HiSecureConfig } from \"../core/types/HiSecureConfig\";\r\nimport { logger } from \"../logging\";\r\n\r\ninterface HashAdapter {\r\n hash(value: string): Promise<string>;\r\n verify(value: string, hashed: string): Promise<boolean>;\r\n}\r\n\r\nexport interface HashResult {\r\n hash: string;\r\n algorithm: string;\r\n usedFallback: boolean;\r\n}\r\n\r\nexport class HashManager {\r\n private config: HiSecureConfig[\"hashing\"];\r\n private primaryAdapter: HashAdapter;\r\n private fallbackAdapter: HashAdapter | null;\r\n\r\n constructor(\r\n config: HiSecureConfig[\"hashing\"],\r\n primaryAdapter: HashAdapter,\r\n fallbackAdapter: HashAdapter | null\r\n ) {\r\n this.config = config;\r\n this.primaryAdapter = primaryAdapter;\r\n this.fallbackAdapter = fallbackAdapter;\r\n\r\n logger.info(\"HashManager initialized\", {\r\n layer: \"hash-manager\",\r\n primary: config.primary,\r\n fallbackEnabled: !!fallbackAdapter\r\n });\r\n }\r\n\r\n async hash(\r\n value: string,\r\n options?: { allowFallback?: boolean }\r\n ): Promise<HashResult> {\r\n try {\r\n const hash = await this.primaryAdapter.hash(value);\r\n\r\n return {\r\n hash,\r\n algorithm: this.config.primary,\r\n usedFallback: false\r\n };\r\n\r\n } catch (err: any) {\r\n logger.warn(\"Primary hashing failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n algorithm: this.config.primary,\r\n reason: err?.message\r\n });\r\n\r\n if (!options?.allowFallback || !this.fallbackAdapter) {\r\n throw new AdapterError(\r\n `Primary hashing (${this.config.primary}) failed. Fallback not allowed.`\r\n );\r\n }\r\n\r\n try {\r\n const hash = await this.fallbackAdapter.hash(value);\r\n\r\n // ⚠️ security downgrade log (VERY GOOD PRACTICE)\r\n logger.warn(\"Hashing fallback used (security downgrade)\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n from: this.config.primary,\r\n to: this.config.fallback\r\n });\r\n\r\n return {\r\n hash,\r\n algorithm: this.config.fallback || \"bcrypt\",\r\n usedFallback: true\r\n };\r\n\r\n } catch (fallbackErr: any) {\r\n logger.error(\"Fallback hashing failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n from: this.config.primary,\r\n to: this.config.fallback,\r\n reason: fallbackErr?.message\r\n });\r\n\r\n throw new AdapterError(\r\n \"Both primary and fallback hashing failed.\"\r\n );\r\n }\r\n }\r\n }\r\n\r\n async verify(value: string, hashed: string): Promise<boolean> {\r\n try {\r\n return await this.primaryAdapter.verify(value, hashed);\r\n\r\n } catch (primaryErr: any) {\r\n logger.warn(\"Primary hash verification failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"verify\",\r\n algorithm: this.config.primary,\r\n reason: primaryErr?.message\r\n });\r\n\r\n if (this.fallbackAdapter) {\r\n try {\r\n return await this.fallbackAdapter.verify(value, hashed);\r\n\r\n } catch (fallbackErr: any) {\r\n logger.error(\"Fallback hash verification failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"verify\",\r\n from: this.config.primary,\r\n to: this.config.fallback,\r\n reason: fallbackErr?.message\r\n });\r\n\r\n throw new AdapterError(\r\n \"Both primary and fallback verify failed.\"\r\n );\r\n }\r\n }\r\n\r\n throw new AdapterError(\r\n \"Primary verify failed and no fallback adapter configured.\"\r\n );\r\n }\r\n }\r\n}\r\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export declare class JsonManager {
|
|
2
2
|
middleware(options?: any): import("connect").NextHandleFunction;
|
|
3
3
|
urlencoded(options?: any): import("connect").NextHandleFunction;
|
|
4
|
-
queryParser(options?: any): (req: any,
|
|
4
|
+
queryParser(options?: any): (req: any, _res: any, next: any) => void;
|
|
5
5
|
}
|
|
6
6
|
//# sourceMappingURL=JsonManager.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JsonManager.d.ts","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"JsonManager.d.ts","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":"AAmEA,qBAAa,WAAW;IACpB,UAAU,CAAC,OAAO,CAAC,EAAE,GAAG;IA8BxB,UAAU,CAAC,OAAO,CAAC,EAAE,GAAG;IA8BxB,WAAW,CAAC,OAAO,CAAC,EAAE,GAAG,IACb,KAAK,GAAG,EAAE,MAAM,GAAG,EAAE,MAAM,GAAG;CAiC7C"}
|
|
@@ -1,47 +1,123 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
// import express from "express";
|
|
3
|
+
// import qs from "qs";
|
|
4
|
+
// import { logger } from "../logging";
|
|
5
|
+
// import { AdapterError } from "../core/errors/AdapterError.js";
|
|
2
6
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
7
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
8
|
};
|
|
5
9
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
10
|
exports.JsonManager = void 0;
|
|
11
|
+
// export class JsonManager {
|
|
12
|
+
// middleware(options?: any) {
|
|
13
|
+
// try {
|
|
14
|
+
// const defaultOptions = {
|
|
15
|
+
// limit: '1mb',
|
|
16
|
+
// inflate: true,
|
|
17
|
+
// strict: true
|
|
18
|
+
// };
|
|
19
|
+
// return express.json({ ...defaultOptions, ...(options || {}) });
|
|
20
|
+
// } catch (err: any) {
|
|
21
|
+
// logger.error("JSON Manager: failed to create JSON parser");
|
|
22
|
+
// throw new AdapterError("JSON parser initialization failed.");
|
|
23
|
+
// }
|
|
24
|
+
// }
|
|
25
|
+
// urlencoded(options?: any) {
|
|
26
|
+
// try {
|
|
27
|
+
// const defaultOptions = {
|
|
28
|
+
// extended: true,
|
|
29
|
+
// limit: '1mb',
|
|
30
|
+
// parameterLimit: 1000
|
|
31
|
+
// };
|
|
32
|
+
// const opts = { ...defaultOptions, ...(options || {}) };
|
|
33
|
+
// return express.urlencoded(opts);
|
|
34
|
+
// } catch (err: any) {
|
|
35
|
+
// logger.error("URL-encoded parser failed");
|
|
36
|
+
// throw new AdapterError("URL-encoded parser initialization failed.");
|
|
37
|
+
// }
|
|
38
|
+
// }
|
|
39
|
+
// queryParser(options?: any) {
|
|
40
|
+
// return (req: any, res: any, next: any) => {
|
|
41
|
+
// try {
|
|
42
|
+
// if (!req.parsedQuery && req.url.includes('?')) {
|
|
43
|
+
// const queryString = req.url.split("?")[1] || "";
|
|
44
|
+
// const parsed = qs.parse(queryString, {
|
|
45
|
+
// depth: 5,
|
|
46
|
+
// parameterLimit: 100,
|
|
47
|
+
// ...options
|
|
48
|
+
// });
|
|
49
|
+
// req.parsedQuery = parsed;
|
|
50
|
+
// logger.debug(" Query parsed", {
|
|
51
|
+
// keys: Object.keys(parsed)
|
|
52
|
+
// });
|
|
53
|
+
// }
|
|
54
|
+
// next();
|
|
55
|
+
// } catch (err: any) {
|
|
56
|
+
// logger.error("Failed to parse query", { error: err?.message });
|
|
57
|
+
// next(new AdapterError("Query parsing failed."));
|
|
58
|
+
// }
|
|
59
|
+
// };
|
|
60
|
+
// }
|
|
61
|
+
// }
|
|
7
62
|
const express_1 = __importDefault(require("express"));
|
|
8
63
|
const qs_1 = __importDefault(require("qs"));
|
|
9
64
|
const logging_1 = require("../logging");
|
|
10
|
-
const
|
|
65
|
+
const AdapterError_1 = require("../core/errors/AdapterError");
|
|
11
66
|
class JsonManager {
|
|
12
67
|
middleware(options) {
|
|
13
68
|
try {
|
|
14
69
|
const defaultOptions = {
|
|
15
|
-
limit:
|
|
70
|
+
limit: "1mb",
|
|
16
71
|
inflate: true,
|
|
17
72
|
strict: true
|
|
18
73
|
};
|
|
19
|
-
|
|
74
|
+
const finalOptions = { ...defaultOptions, ...(options || {}) };
|
|
75
|
+
logging_1.logger.info("JSON body parser configured", {
|
|
76
|
+
layer: "json-manager",
|
|
77
|
+
operation: "json",
|
|
78
|
+
limit: finalOptions.limit,
|
|
79
|
+
strict: finalOptions.strict
|
|
80
|
+
});
|
|
81
|
+
return express_1.default.json(finalOptions);
|
|
20
82
|
}
|
|
21
83
|
catch (err) {
|
|
22
|
-
logging_1.logger.error("JSON
|
|
23
|
-
|
|
84
|
+
logging_1.logger.error("JSON body parser initialization failed", {
|
|
85
|
+
layer: "json-manager",
|
|
86
|
+
operation: "json",
|
|
87
|
+
reason: err?.message
|
|
88
|
+
});
|
|
89
|
+
throw new AdapterError_1.AdapterError("JSON parser initialization failed.");
|
|
24
90
|
}
|
|
25
91
|
}
|
|
26
92
|
urlencoded(options) {
|
|
27
93
|
try {
|
|
28
94
|
const defaultOptions = {
|
|
29
95
|
extended: true,
|
|
30
|
-
limit:
|
|
96
|
+
limit: "1mb",
|
|
31
97
|
parameterLimit: 1000
|
|
32
98
|
};
|
|
33
|
-
const
|
|
34
|
-
|
|
99
|
+
const finalOptions = { ...defaultOptions, ...(options || {}) };
|
|
100
|
+
logging_1.logger.info("URL-encoded parser configured", {
|
|
101
|
+
layer: "json-manager",
|
|
102
|
+
operation: "urlencoded",
|
|
103
|
+
limit: finalOptions.limit,
|
|
104
|
+
parameterLimit: finalOptions.parameterLimit
|
|
105
|
+
});
|
|
106
|
+
return express_1.default.urlencoded(finalOptions);
|
|
35
107
|
}
|
|
36
108
|
catch (err) {
|
|
37
|
-
logging_1.logger.error("URL-encoded parser failed"
|
|
38
|
-
|
|
109
|
+
logging_1.logger.error("URL-encoded parser initialization failed", {
|
|
110
|
+
layer: "json-manager",
|
|
111
|
+
operation: "urlencoded",
|
|
112
|
+
reason: err?.message
|
|
113
|
+
});
|
|
114
|
+
throw new AdapterError_1.AdapterError("URL-encoded parser initialization failed.");
|
|
39
115
|
}
|
|
40
116
|
}
|
|
41
117
|
queryParser(options) {
|
|
42
|
-
return (req,
|
|
118
|
+
return (req, _res, next) => {
|
|
43
119
|
try {
|
|
44
|
-
if (!req.parsedQuery && req.url.includes(
|
|
120
|
+
if (!req.parsedQuery && req.url.includes("?")) {
|
|
45
121
|
const queryString = req.url.split("?")[1] || "";
|
|
46
122
|
const parsed = qs_1.default.parse(queryString, {
|
|
47
123
|
depth: 5,
|
|
@@ -49,15 +125,22 @@ class JsonManager {
|
|
|
49
125
|
...options
|
|
50
126
|
});
|
|
51
127
|
req.parsedQuery = parsed;
|
|
52
|
-
|
|
53
|
-
|
|
128
|
+
// ✅ visible + safe info
|
|
129
|
+
logging_1.logger.info("Query parameters parsed", {
|
|
130
|
+
layer: "json-manager",
|
|
131
|
+
operation: "query-parse",
|
|
132
|
+
keyCount: Object.keys(parsed).length
|
|
54
133
|
});
|
|
55
134
|
}
|
|
56
135
|
next();
|
|
57
136
|
}
|
|
58
137
|
catch (err) {
|
|
59
|
-
logging_1.logger.error("
|
|
60
|
-
|
|
138
|
+
logging_1.logger.error("Query parsing failed", {
|
|
139
|
+
layer: "json-manager",
|
|
140
|
+
operation: "query-parse",
|
|
141
|
+
reason: err?.message
|
|
142
|
+
});
|
|
143
|
+
next(new AdapterError_1.AdapterError("Query parsing failed."));
|
|
61
144
|
}
|
|
62
145
|
};
|
|
63
146
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JsonManager.js","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"JsonManager.js","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":";AAAA,iCAAiC;AACjC,uBAAuB;AACvB,uCAAuC;AACvC,iEAAiE;;;;;;AAEjE,6BAA6B;AAC7B,kCAAkC;AAClC,gBAAgB;AAChB,uCAAuC;AACvC,gCAAgC;AAChC,iCAAiC;AACjC,+BAA+B;AAC/B,iBAAiB;AACjB,8EAA8E;AAC9E,+BAA+B;AAC/B,0EAA0E;AAC1E,4EAA4E;AAC5E,YAAY;AACZ,QAAQ;AAER,kCAAkC;AAClC,gBAAgB;AAChB,uCAAuC;AACvC,kCAAkC;AAClC,gCAAgC;AAChC,uCAAuC;AACvC,iBAAiB;AACjB,sEAAsE;AACtE,+CAA+C;AAC/C,+BAA+B;AAC/B,yDAAyD;AACzD,mFAAmF;AACnF,YAAY;AACZ,QAAQ;AAER,mCAAmC;AACnC,sDAAsD;AACtD,oBAAoB;AACpB,mEAAmE;AACnE,uEAAuE;AACvE,6DAA6D;AAC7D,oCAAoC;AACpC,+CAA+C;AAC/C,qCAAqC;AACrC,0BAA0B;AAE1B,gDAAgD;AAChD,sDAAsD;AACtD,oDAAoD;AACpD,0BAA0B;AAC1B,oBAAoB;AACpB,0BAA0B;AAC1B,mCAAmC;AACnC,kFAAkF;AAClF,mEAAmE;AACnE,gBAAgB;AAChB,aAAa;AACb,QAAQ;AACR,IAAI;AAIJ,sDAA8B;AAC9B,4CAAoB;AACpB,wCAAoC;AACpC,8DAA2D;AAE3D,MAAa,WAAW;IACpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,IAAI;aACf,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACvC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,YAAY,CAAC,MAAM;aAC9B,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAEtC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE;gBACnD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,oCAAoC,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAED,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,KAAK;gBACZ,cAAc,EAAE,IAAI;aACvB,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;gBACzC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,cAAc,EAAE,YAAY,CAAC,cAAc;aAC9C,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;QAE5C,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,0CAA0C,EAAE;gBACrD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,2CAA2C,CAAC,CAAC;QACxE,CAAC;IACL,CAAC;IAED,WAAW,CAAC,OAAa;QACrB,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC5C,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAEhD,MAAM,MAAM,GAAG,YAAE,CAAC,KAAK,CAAC,WAAW,EAAE;wBACjC,KAAK,EAAE,CAAC;wBACR,cAAc,EAAE,GAAG;wBACnB,GAAG,OAAO;qBACb,CAAC,CAAC;oBAEH,GAAG,CAAC,WAAW,GAAG,MAAM,CAAC;oBAEzB,wBAAwB;oBACxB,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;wBACnC,KAAK,EAAE,cAAc;wBACrB,SAAS,EAAE,aAAa;wBACxB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM;qBACvC,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE;oBACjC,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,aAAa;oBACxB,MAAM,EAAE,GAAG,EAAE,OAAO;iBACvB,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,2BAAY,CAAC,uBAAuB,CAAC,CAAC,CAAC;YACpD,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AA/FD,kCA+FC","sourcesContent":["// import express from \"express\";\r\n// import qs from \"qs\";\r\n// import { logger } from \"../logging\";\r\n// import { AdapterError } from \"../core/errors/AdapterError.js\";\r\n\r\n// export class JsonManager {\r\n// middleware(options?: any) {\r\n// try {\r\n// const defaultOptions = {\r\n// limit: '1mb',\r\n// inflate: true,\r\n// strict: true\r\n// };\r\n// return express.json({ ...defaultOptions, ...(options || {}) });\r\n// } catch (err: any) {\r\n// logger.error(\"JSON Manager: failed to create JSON parser\");\r\n// throw new AdapterError(\"JSON parser initialization failed.\");\r\n// }\r\n// }\r\n\r\n// urlencoded(options?: any) {\r\n// try {\r\n// const defaultOptions = {\r\n// extended: true,\r\n// limit: '1mb',\r\n// parameterLimit: 1000\r\n// };\r\n// const opts = { ...defaultOptions, ...(options || {}) };\r\n// return express.urlencoded(opts);\r\n// } catch (err: any) {\r\n// logger.error(\"URL-encoded parser failed\");\r\n// throw new AdapterError(\"URL-encoded parser initialization failed.\");\r\n// }\r\n// }\r\n\r\n// queryParser(options?: any) {\r\n// return (req: any, res: any, next: any) => {\r\n// try {\r\n// if (!req.parsedQuery && req.url.includes('?')) {\r\n// const queryString = req.url.split(\"?\")[1] || \"\";\r\n// const parsed = qs.parse(queryString, {\r\n// depth: 5,\r\n// parameterLimit: 100,\r\n// ...options\r\n// });\r\n \r\n// req.parsedQuery = parsed;\r\n// logger.debug(\" Query parsed\", {\r\n// keys: Object.keys(parsed)\r\n// });\r\n// }\r\n// next();\r\n// } catch (err: any) {\r\n// logger.error(\"Failed to parse query\", { error: err?.message });\r\n// next(new AdapterError(\"Query parsing failed.\"));\r\n// }\r\n// };\r\n// }\r\n// }\r\n\r\n\r\n\r\nimport express from \"express\";\r\nimport qs from \"qs\";\r\nimport { logger } from \"../logging\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\n\r\nexport class JsonManager {\r\n middleware(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n limit: \"1mb\",\r\n inflate: true,\r\n strict: true\r\n };\r\n\r\n const finalOptions = { ...defaultOptions, ...(options || {}) };\r\n\r\n logger.info(\"JSON body parser configured\", {\r\n layer: \"json-manager\",\r\n operation: \"json\",\r\n limit: finalOptions.limit,\r\n strict: finalOptions.strict\r\n });\r\n\r\n return express.json(finalOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JSON body parser initialization failed\", {\r\n layer: \"json-manager\",\r\n operation: \"json\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"JSON parser initialization failed.\");\r\n }\r\n }\r\n\r\n urlencoded(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n extended: true,\r\n limit: \"1mb\",\r\n parameterLimit: 1000\r\n };\r\n\r\n const finalOptions = { ...defaultOptions, ...(options || {}) };\r\n\r\n logger.info(\"URL-encoded parser configured\", {\r\n layer: \"json-manager\",\r\n operation: \"urlencoded\",\r\n limit: finalOptions.limit,\r\n parameterLimit: finalOptions.parameterLimit\r\n });\r\n\r\n return express.urlencoded(finalOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"URL-encoded parser initialization failed\", {\r\n layer: \"json-manager\",\r\n operation: \"urlencoded\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"URL-encoded parser initialization failed.\");\r\n }\r\n }\r\n\r\n queryParser(options?: any) {\r\n return (req: any, _res: any, next: any) => {\r\n try {\r\n if (!req.parsedQuery && req.url.includes(\"?\")) {\r\n const queryString = req.url.split(\"?\")[1] || \"\";\r\n\r\n const parsed = qs.parse(queryString, {\r\n depth: 5,\r\n parameterLimit: 100,\r\n ...options\r\n });\r\n\r\n req.parsedQuery = parsed;\r\n\r\n // ✅ visible + safe info\r\n logger.info(\"Query parameters parsed\", {\r\n layer: \"json-manager\",\r\n operation: \"query-parse\",\r\n keyCount: Object.keys(parsed).length\r\n });\r\n }\r\n\r\n next();\r\n } catch (err: any) {\r\n logger.error(\"Query parsing failed\", {\r\n layer: \"json-manager\",\r\n operation: \"query-parse\",\r\n reason: err?.message\r\n });\r\n\r\n next(new AdapterError(\"Query parsing failed.\"));\r\n }\r\n };\r\n }\r\n}\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RateLimitManager.d.ts","sourceRoot":"","sources":["../../src/managers/RateLimitManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"RateLimitManager.d.ts","sourceRoot":"","sources":["../../src/managers/RateLimitManager.ts"],"names":[],"mappings":"AAiHA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAI9D,UAAU,kBAAkB;IACxB,aAAa,EAAE,CAAC,OAAO,CAAC,EAAE,GAAG,KAAK,GAAG,CAAC;CACzC;AAED,qBAAa,gBAAgB;IACzB,OAAO,CAAC,MAAM,CAAgC;IAC9C,OAAO,CAAC,cAAc,CAAqB;IAC3C,OAAO,CAAC,eAAe,CAA4B;gBAG/C,MAAM,EAAE,cAAc,CAAC,aAAa,CAAC,EACrC,cAAc,EAAE,kBAAkB,EAClC,eAAe,EAAE,kBAAkB,GAAG,IAAI;IAa9C,UAAU,CAAC,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,KAAK,CAAC;QAAC,OAAO,CAAC,EAAE,GAAG,CAAA;KAAE;CA+G3E"}
|
|
@@ -1,31 +1,40 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
// import { HiSecureConfig } from "../core/types/HiSecureConfig.js";
|
|
3
|
+
// import { AdapterError } from "../core/errors/AdapterError.js";
|
|
4
|
+
// import { logger } from "../logging";
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
exports.RateLimitManager = void 0;
|
|
4
|
-
const
|
|
7
|
+
const AdapterError_1 = require("../core/errors/AdapterError");
|
|
5
8
|
const logging_1 = require("../logging");
|
|
6
9
|
class RateLimitManager {
|
|
7
10
|
constructor(config, primaryAdapter, fallbackAdapter) {
|
|
8
11
|
this.config = config;
|
|
9
12
|
this.primaryAdapter = primaryAdapter;
|
|
10
13
|
this.fallbackAdapter = fallbackAdapter;
|
|
14
|
+
logging_1.logger.info("RateLimitManager initialized", {
|
|
15
|
+
layer: "rate-limit-manager",
|
|
16
|
+
primaryConfigured: true,
|
|
17
|
+
fallbackConfigured: !!fallbackAdapter
|
|
18
|
+
});
|
|
11
19
|
}
|
|
12
20
|
middleware(opts) {
|
|
13
21
|
let finalOptions = {};
|
|
14
|
-
|
|
22
|
+
const mode = opts?.mode || "default";
|
|
23
|
+
if (mode === "strict") {
|
|
15
24
|
finalOptions = {
|
|
16
25
|
windowMs: 10000,
|
|
17
26
|
max: 5,
|
|
18
27
|
message: "Too many requests, please slow down."
|
|
19
28
|
};
|
|
20
29
|
}
|
|
21
|
-
else if (
|
|
30
|
+
else if (mode === "relaxed") {
|
|
22
31
|
finalOptions = {
|
|
23
32
|
windowMs: 60000,
|
|
24
33
|
max: 100,
|
|
25
34
|
message: "Rate limit exceeded."
|
|
26
35
|
};
|
|
27
36
|
}
|
|
28
|
-
else if (
|
|
37
|
+
else if (mode === "api") {
|
|
29
38
|
finalOptions = {
|
|
30
39
|
windowMs: 15 * 60 * 1000,
|
|
31
40
|
max: 100,
|
|
@@ -42,50 +51,65 @@ class RateLimitManager {
|
|
|
42
51
|
};
|
|
43
52
|
}
|
|
44
53
|
if (opts?.options) {
|
|
45
|
-
const allowedOverrides = [
|
|
54
|
+
const allowedOverrides = [
|
|
55
|
+
"message",
|
|
56
|
+
"skipFailedRequests",
|
|
57
|
+
"standardHeaders",
|
|
58
|
+
"legacyHeaders"
|
|
59
|
+
];
|
|
46
60
|
for (const key of allowedOverrides) {
|
|
47
61
|
if (opts.options[key] !== undefined) {
|
|
48
62
|
finalOptions[key] = opts.options[key];
|
|
49
63
|
}
|
|
50
64
|
}
|
|
51
|
-
const attemptedOverrides = Object.keys(opts.options).filter(k => !allowedOverrides.includes(k) && k !==
|
|
65
|
+
const attemptedOverrides = Object.keys(opts.options).filter(k => !allowedOverrides.includes(k) && k !== "mode");
|
|
52
66
|
if (attemptedOverrides.length > 0) {
|
|
53
67
|
logging_1.logger.warn("Rate limit overrides ignored", {
|
|
54
|
-
|
|
68
|
+
layer: "rate-limit-manager",
|
|
69
|
+
operation: "configure",
|
|
70
|
+
mode,
|
|
55
71
|
ignoredOptions: attemptedOverrides
|
|
56
72
|
});
|
|
57
73
|
}
|
|
58
74
|
}
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
}
|
|
62
|
-
if (finalOptions.legacyHeaders === undefined) {
|
|
63
|
-
finalOptions.legacyHeaders = false;
|
|
64
|
-
}
|
|
75
|
+
finalOptions.standardHeaders ?? (finalOptions.standardHeaders = true);
|
|
76
|
+
finalOptions.legacyHeaders ?? (finalOptions.legacyHeaders = false);
|
|
65
77
|
try {
|
|
66
|
-
logging_1.logger.info("
|
|
67
|
-
|
|
78
|
+
logging_1.logger.info("Rate limiting applied", {
|
|
79
|
+
layer: "rate-limit-manager",
|
|
80
|
+
operation: "apply",
|
|
81
|
+
mode,
|
|
68
82
|
windowMs: finalOptions.windowMs,
|
|
69
83
|
max: finalOptions.max
|
|
70
84
|
});
|
|
71
85
|
return this.primaryAdapter.getMiddleware(finalOptions);
|
|
72
86
|
}
|
|
73
87
|
catch (err) {
|
|
74
|
-
logging_1.logger.warn("Primary rate limiter failed
|
|
75
|
-
|
|
88
|
+
logging_1.logger.warn("Primary rate limiter failed", {
|
|
89
|
+
layer: "rate-limit-manager",
|
|
90
|
+
operation: "apply",
|
|
91
|
+
mode,
|
|
92
|
+
reason: err?.message
|
|
76
93
|
});
|
|
77
94
|
if (!this.fallbackAdapter) {
|
|
78
|
-
throw new
|
|
95
|
+
throw new AdapterError_1.AdapterError("Rate limiters failed; no fallback adapter configured.");
|
|
79
96
|
}
|
|
80
97
|
try {
|
|
81
|
-
logging_1.logger.
|
|
98
|
+
logging_1.logger.warn("Using fallback rate limiter", {
|
|
99
|
+
layer: "rate-limit-manager",
|
|
100
|
+
operation: "fallback",
|
|
101
|
+
mode
|
|
102
|
+
});
|
|
82
103
|
return this.fallbackAdapter.getMiddleware(finalOptions);
|
|
83
104
|
}
|
|
84
105
|
catch (fallbackErr) {
|
|
85
|
-
logging_1.logger.error("Fallback limiter
|
|
86
|
-
|
|
106
|
+
logging_1.logger.error("Fallback rate limiter failed", {
|
|
107
|
+
layer: "rate-limit-manager",
|
|
108
|
+
operation: "fallback",
|
|
109
|
+
mode,
|
|
110
|
+
reason: fallbackErr?.message
|
|
87
111
|
});
|
|
88
|
-
throw new
|
|
112
|
+
throw new AdapterError_1.AdapterError("Both primary and fallback rate limiters failed.");
|
|
89
113
|
}
|
|
90
114
|
}
|
|
91
115
|
}
|