hi-secure 1.0.15 → 1.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/ArgonAdapter.d.ts +1 -1
- package/dist/adapters/ArgonAdapter.d.ts.map +1 -1
- package/dist/adapters/ArgonAdapter.js +7 -5
- package/dist/adapters/ArgonAdapter.js.map +1 -1
- package/dist/adapters/BcryptAdapter.d.ts.map +1 -1
- package/dist/adapters/BcryptAdapter.js +7 -3
- package/dist/adapters/BcryptAdapter.js.map +1 -1
- package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressRLAdapter.js +10 -6
- package/dist/adapters/ExpressRLAdapter.js.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.js +14 -10
- package/dist/adapters/ExpressValidatorAdapter.js.map +1 -1
- package/dist/adapters/GoogleAdapter.d.ts.map +1 -1
- package/dist/adapters/GoogleAdapter.js +19 -16
- package/dist/adapters/GoogleAdapter.js.map +1 -1
- package/dist/adapters/JWTAdapter.d.ts.map +1 -1
- package/dist/adapters/JWTAdapter.js +25 -15
- package/dist/adapters/JWTAdapter.js.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.js +23 -12
- package/dist/adapters/RLFlexibleAdapter.js.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.js +17 -13
- package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -1
- package/dist/adapters/XSSAdapter.d.ts +1 -1
- package/dist/adapters/XSSAdapter.d.ts.map +1 -1
- package/dist/adapters/XSSAdapter.js +21 -20
- package/dist/adapters/XSSAdapter.js.map +1 -1
- package/dist/adapters/ZodAdapter.d.ts +1 -1
- package/dist/adapters/ZodAdapter.d.ts.map +1 -1
- package/dist/adapters/ZodAdapter.js +10 -8
- package/dist/adapters/ZodAdapter.js.map +1 -1
- package/dist/core/HiSecure.d.ts +3 -4
- package/dist/core/HiSecure.d.ts.map +1 -1
- package/dist/core/HiSecure.js +91 -120
- package/dist/core/HiSecure.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +8 -1
- package/dist/index.js.map +1 -1
- package/dist/logging/morganSetup.d.ts.map +1 -1
- package/dist/logging/morganSetup.js +8 -1
- package/dist/logging/morganSetup.js.map +1 -1
- package/dist/logging/winstonSetup.d.ts.map +1 -1
- package/dist/logging/winstonSetup.js +17 -3
- package/dist/logging/winstonSetup.js.map +1 -1
- package/dist/managers/AuthManager.d.ts +2 -2
- package/dist/managers/AuthManager.d.ts.map +1 -1
- package/dist/managers/AuthManager.js +59 -31
- package/dist/managers/AuthManager.js.map +1 -1
- package/dist/managers/CorsManager.d.ts.map +1 -1
- package/dist/managers/CorsManager.js +18 -11
- package/dist/managers/CorsManager.js.map +1 -1
- package/dist/managers/HashManager.d.ts +1 -1
- package/dist/managers/HashManager.d.ts.map +1 -1
- package/dist/managers/HashManager.js +35 -17
- package/dist/managers/HashManager.js.map +1 -1
- package/dist/managers/JsonManager.d.ts +1 -1
- package/dist/managers/JsonManager.d.ts.map +1 -1
- package/dist/managers/JsonManager.js +44 -16
- package/dist/managers/JsonManager.js.map +1 -1
- package/dist/managers/RateLimitManager.d.ts +1 -1
- package/dist/managers/RateLimitManager.d.ts.map +1 -1
- package/dist/managers/RateLimitManager.js +43 -22
- package/dist/managers/RateLimitManager.js.map +1 -1
- package/dist/managers/SanitizerManager.d.ts.map +1 -1
- package/dist/managers/SanitizerManager.js +32 -15
- package/dist/managers/SanitizerManager.js.map +1 -1
- package/dist/managers/ValidatorManager.d.ts.map +1 -1
- package/dist/managers/ValidatorManager.js +31 -7
- package/dist/managers/ValidatorManager.js.map +1 -1
- package/package.json +2 -6
- package/readme.md +3 -6
- package/src/adapters/ArgonAdapter.ts +10 -6
- package/src/adapters/BcryptAdapter.ts +7 -8
- package/src/adapters/ExpressRLAdapter.ts +14 -9
- package/src/adapters/ExpressValidatorAdapter.ts +17 -11
- package/src/adapters/GoogleAdapter.ts +24 -21
- package/src/adapters/JWTAdapter.ts +33 -21
- package/src/adapters/RLFlexibleAdapter.ts +31 -16
- package/src/adapters/SanitizeHtmlAdapter.ts +28 -18
- package/src/adapters/XSSAdapter.ts +33 -38
- package/src/adapters/ZodAdapter.ts +10 -10
- package/src/core/HiSecure.ts +127 -161
- package/src/index.ts +4 -0
- package/src/logging/morganSetup.ts +11 -1
- package/src/logging/winstonSetup.ts +35 -8
- package/src/managers/AuthManager.ts +64 -34
- package/src/managers/CorsManager.ts +23 -16
- package/src/managers/HashManager.ts +48 -19
- package/src/managers/JsonManager.ts +57 -15
- package/src/managers/RateLimitManager.ts +61 -29
- package/src/managers/SanitizerManager.ts +47 -25
- package/src/managers/ValidatorManager.ts +40 -15
|
@@ -5,8 +5,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.SanitizeHtmlAdapter = void 0;
|
|
7
7
|
const sanitize_html_1 = __importDefault(require("sanitize-html"));
|
|
8
|
-
const
|
|
9
|
-
const
|
|
8
|
+
const AdapterError_1 = require("../core/errors/AdapterError");
|
|
9
|
+
const logging_1 = require("../logging");
|
|
10
10
|
class SanitizeHtmlAdapter {
|
|
11
11
|
constructor(options = {}) {
|
|
12
12
|
this.globalOptions = options;
|
|
@@ -18,26 +18,26 @@ class SanitizeHtmlAdapter {
|
|
|
18
18
|
return typeof clean === "string" ? clean : String(clean);
|
|
19
19
|
}
|
|
20
20
|
catch (err) {
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
21
|
+
logging_1.logger.error("HTML sanitization failed", {
|
|
22
|
+
adapter: "sanitize-html",
|
|
23
|
+
operation: "sanitize",
|
|
24
|
+
reason: err?.message
|
|
24
25
|
});
|
|
25
|
-
throw new
|
|
26
|
+
throw new AdapterError_1.AdapterError("sanitize-html adapter failed.");
|
|
26
27
|
}
|
|
27
28
|
}
|
|
28
|
-
// Deep Sanitization -
|
|
29
|
+
// Deep Sanitization - recursively
|
|
29
30
|
deepSanitize(obj, dynamicOptions, visited = new WeakSet()) {
|
|
30
31
|
if (obj && typeof obj === "object") {
|
|
31
|
-
if (visited.has(obj))
|
|
32
|
+
if (visited.has(obj))
|
|
32
33
|
return obj;
|
|
33
|
-
}
|
|
34
34
|
visited.add(obj);
|
|
35
35
|
}
|
|
36
36
|
if (typeof obj === "string") {
|
|
37
37
|
return this.sanitize(obj, dynamicOptions);
|
|
38
38
|
}
|
|
39
39
|
if (Array.isArray(obj)) {
|
|
40
|
-
return obj.map(
|
|
40
|
+
return obj.map(item => this.deepSanitize(item, dynamicOptions, visited));
|
|
41
41
|
}
|
|
42
42
|
if (obj && typeof obj === "object") {
|
|
43
43
|
const result = {};
|
|
@@ -53,15 +53,19 @@ class SanitizeHtmlAdapter {
|
|
|
53
53
|
try {
|
|
54
54
|
if (req.body) {
|
|
55
55
|
req.body = this.deepSanitize(req.body, dynamicOptions);
|
|
56
|
-
|
|
56
|
+
logging_1.logger.info("HTML sanitization applied", {
|
|
57
|
+
adapter: "sanitize-html",
|
|
58
|
+
operation: "middleware",
|
|
57
59
|
keys: Object.keys(req.body)
|
|
58
60
|
});
|
|
59
61
|
}
|
|
60
62
|
next();
|
|
61
63
|
}
|
|
62
64
|
catch (err) {
|
|
63
|
-
|
|
64
|
-
|
|
65
|
+
logging_1.logger.error("HTML sanitization middleware failed", {
|
|
66
|
+
adapter: "sanitize-html",
|
|
67
|
+
operation: "middleware",
|
|
68
|
+
reason: err?.message
|
|
65
69
|
});
|
|
66
70
|
next(err);
|
|
67
71
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SanitizeHtmlAdapter.js","sourceRoot":"","sources":["../../src/adapters/SanitizeHtmlAdapter.ts"],"names":[],"mappings":";;;;;;AAAA,kEAAyC;AACzC,
|
|
1
|
+
{"version":3,"file":"SanitizeHtmlAdapter.js","sourceRoot":"","sources":["../../src/adapters/SanitizeHtmlAdapter.ts"],"names":[],"mappings":";;;;;;AAAA,kEAAyC;AACzC,8DAA2D;AAC3D,wCAAoC;AAEpC,MAAa,mBAAmB;IAG5B,YAAY,UAAiC,EAAE;QAC3C,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;IACjC,CAAC;IAED,QAAQ,CAAC,KAAa,EAAE,cAAoB;QACxC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,CAAC;YAClE,MAAM,KAAK,GAAG,IAAA,uBAAY,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAExC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE7D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;gBACrC,OAAO,EAAE,eAAe;gBACxB,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,+BAA+B,CAAC,CAAC;QAC5D,CAAC;IACL,CAAC;IAED,kCAAkC;IAC1B,YAAY,CAAC,GAAQ,EAAE,cAAoB,EAAE,OAAO,GAAG,IAAI,OAAO,EAAE;QACxE,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,OAAO,GAAG,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAClB,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,CACnD,CAAC;QACN,CAAC;QAED,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAC3B,GAAG,CAAC,GAAG,CAAC,EACR,cAAc,EACd,OAAO,CACV,CAAC;YACN,CAAC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,OAAO,GAAG,CAAC;IACf,CAAC;IAED,UAAU,CAAC,cAAoB;QAC3B,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACX,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBAGvD,gBAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;wBACrC,OAAO,EAAE,eAAe;wBACxB,SAAS,EAAE,YAAY;wBACvB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;qBAC9B,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;oBAChD,OAAO,EAAE,eAAe;oBACxB,SAAS,EAAE,YAAY;oBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;iBACvB,CAAC,CAAC;gBAEH,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AAnFD,kDAmFC","sourcesContent":["import sanitizeHtml from \"sanitize-html\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { logger } from \"../logging\";\r\n\r\nexport class SanitizeHtmlAdapter {\r\n private globalOptions: sanitizeHtml.IOptions;\r\n\r\n constructor(options: sanitizeHtml.IOptions = {}) {\r\n this.globalOptions = options;\r\n }\r\n\r\n sanitize(input: string, dynamicOptions?: any): string {\r\n try {\r\n const opts = { ...this.globalOptions, ...(dynamicOptions || {}) };\r\n const clean = sanitizeHtml(input, opts);\r\n\r\n return typeof clean === \"string\" ? clean : String(clean);\r\n\r\n } catch (err: any) {\r\n logger.error(\"HTML sanitization failed\", {\r\n adapter: \"sanitize-html\",\r\n operation: \"sanitize\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"sanitize-html adapter failed.\");\r\n }\r\n }\r\n\r\n // Deep Sanitization - recursively\r\n private deepSanitize(obj: any, dynamicOptions?: any, visited = new WeakSet()): any {\r\n if (obj && typeof obj === \"object\") {\r\n if (visited.has(obj)) return obj;\r\n visited.add(obj);\r\n }\r\n\r\n if (typeof obj === \"string\") {\r\n return this.sanitize(obj, dynamicOptions);\r\n }\r\n\r\n if (Array.isArray(obj)) {\r\n return obj.map(item =>\r\n this.deepSanitize(item, dynamicOptions, visited)\r\n );\r\n }\r\n\r\n if (obj && typeof obj === \"object\") {\r\n const result: any = {};\r\n for (const key of Object.keys(obj)) {\r\n result[key] = this.deepSanitize(\r\n obj[key],\r\n dynamicOptions,\r\n visited\r\n );\r\n }\r\n return result;\r\n }\r\n\r\n return obj;\r\n }\r\n\r\n middleware(dynamicOptions?: any) {\r\n return (req: any, _res: any, next: any) => {\r\n try {\r\n if (req.body) {\r\n req.body = this.deepSanitize(req.body, dynamicOptions);\r\n\r\n \r\n logger.info(\"HTML sanitization applied\", {\r\n adapter: \"sanitize-html\",\r\n operation: \"middleware\",\r\n keys: Object.keys(req.body)\r\n });\r\n }\r\n\r\n next();\r\n } catch (err: any) {\r\n logger.error(\"HTML sanitization middleware failed\", {\r\n adapter: \"sanitize-html\",\r\n operation: \"middleware\",\r\n reason: err?.message\r\n });\r\n\r\n next(err);\r\n }\r\n };\r\n }\r\n}\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"XSSAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkC,SAAS,EAAE,MAAM,KAAK,CAAC;AAIhE,MAAM,WAAW,UAAU;IACvB,SAAS,CAAC,EAAE,OAAO,SAAS,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC;IAC3C,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAC5D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,KAAK,MAAM,CAAC;IACvF,WAAW,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAClE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,qBAAa,UAAU;IACnB,OAAO,CAAC,aAAa,CAAa;IAClC,OAAO,CAAC,aAAa,CAAY;gBAErB,OAAO,GAAE,UAAe;IAwBpC,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,UAAU,GAAG,MAAM;
|
|
1
|
+
{"version":3,"file":"XSSAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkC,SAAS,EAAE,MAAM,KAAK,CAAC;AAIhE,MAAM,WAAW,UAAU;IACvB,SAAS,CAAC,EAAE,OAAO,SAAS,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC;IAC3C,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAC5D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,KAAK,MAAM,CAAC;IACvF,WAAW,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAClE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,qBAAa,UAAU;IACnB,OAAO,CAAC,aAAa,CAAa;IAClC,OAAO,CAAC,aAAa,CAAY;gBAErB,OAAO,GAAE,UAAe;IAwBpC,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,UAAU,GAAG,MAAM;IAwB5D,UAAU,CAAC,cAAc,CAAC,EAAE,UAAU,IAC1B,KAAK,GAAG,EAAE,MAAM,GAAG,EAAE,MAAM,GAAG;IA8C1C,OAAO,CAAC,YAAY;CAwBvB"}
|
|
@@ -2,20 +2,19 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.XSSAdapter = void 0;
|
|
4
4
|
const xss_1 = require("xss");
|
|
5
|
-
const
|
|
6
|
-
const
|
|
5
|
+
const AdapterError_1 = require("../core/errors/AdapterError");
|
|
6
|
+
const logging_1 = require("../logging");
|
|
7
7
|
class XSSAdapter {
|
|
8
8
|
constructor(options = {}) {
|
|
9
9
|
this.globalOptions = options;
|
|
10
|
-
// Default safe configuration
|
|
11
10
|
const defaultOptions = {
|
|
12
11
|
whiteList: (0, xss_1.getDefaultWhiteList)(),
|
|
13
12
|
stripIgnoreTag: true,
|
|
14
|
-
stripIgnoreTagBody: [
|
|
13
|
+
stripIgnoreTagBody: ["script", "style", "iframe", "object", "embed"],
|
|
15
14
|
allowCommentTag: false,
|
|
16
15
|
css: false,
|
|
17
|
-
onTag: (tag, html
|
|
18
|
-
if (tag ===
|
|
16
|
+
onTag: (tag, html) => {
|
|
17
|
+
if (tag === "a") {
|
|
19
18
|
return html.replace(/<a /i, '<a target="_blank" rel="noopener noreferrer" ');
|
|
20
19
|
}
|
|
21
20
|
return html;
|
|
@@ -26,9 +25,8 @@ class XSSAdapter {
|
|
|
26
25
|
}
|
|
27
26
|
sanitize(input, dynamicOptions) {
|
|
28
27
|
try {
|
|
29
|
-
if (typeof input !== "string")
|
|
28
|
+
if (typeof input !== "string")
|
|
30
29
|
return input;
|
|
31
|
-
}
|
|
32
30
|
if (!dynamicOptions || Object.keys(dynamicOptions).length === 0) {
|
|
33
31
|
return this.defaultFilter.process(input);
|
|
34
32
|
}
|
|
@@ -37,11 +35,12 @@ class XSSAdapter {
|
|
|
37
35
|
return customFilter.process(input);
|
|
38
36
|
}
|
|
39
37
|
catch (err) {
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
38
|
+
logging_1.logger.error("XSS sanitization failed", {
|
|
39
|
+
adapter: "xss",
|
|
40
|
+
operation: "sanitize",
|
|
41
|
+
reason: err?.message
|
|
43
42
|
});
|
|
44
|
-
throw new
|
|
43
|
+
throw new AdapterError_1.AdapterError("XSS sanitizer failed.");
|
|
45
44
|
}
|
|
46
45
|
}
|
|
47
46
|
middleware(dynamicOptions) {
|
|
@@ -56,7 +55,7 @@ class XSSAdapter {
|
|
|
56
55
|
sanitizedBody[key] = this.sanitize(val, dynamicOptions);
|
|
57
56
|
}
|
|
58
57
|
else if (Array.isArray(val)) {
|
|
59
|
-
sanitizedBody[key] = val.map(
|
|
58
|
+
sanitizedBody[key] = val.map(v => typeof v === "string"
|
|
60
59
|
? this.sanitize(v, dynamicOptions)
|
|
61
60
|
: v);
|
|
62
61
|
}
|
|
@@ -68,16 +67,19 @@ class XSSAdapter {
|
|
|
68
67
|
}
|
|
69
68
|
}
|
|
70
69
|
req.sanitizedBody = sanitizedBody;
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
70
|
+
logging_1.logger.info("XSS sanitization applied", {
|
|
71
|
+
adapter: "xss",
|
|
72
|
+
operation: "middleware",
|
|
73
|
+
keys: Object.keys(sanitizedBody)
|
|
74
74
|
});
|
|
75
75
|
}
|
|
76
76
|
next();
|
|
77
77
|
}
|
|
78
78
|
catch (err) {
|
|
79
|
-
|
|
80
|
-
|
|
79
|
+
logging_1.logger.error("XSS middleware failed", {
|
|
80
|
+
adapter: "xss",
|
|
81
|
+
operation: "middleware",
|
|
82
|
+
reason: err?.message
|
|
81
83
|
});
|
|
82
84
|
next(err);
|
|
83
85
|
}
|
|
@@ -85,9 +87,8 @@ class XSSAdapter {
|
|
|
85
87
|
}
|
|
86
88
|
deepSanitize(obj, options, visited = new WeakSet()) {
|
|
87
89
|
if (obj && typeof obj === "object") {
|
|
88
|
-
if (visited.has(obj))
|
|
90
|
+
if (visited.has(obj))
|
|
89
91
|
return obj;
|
|
90
|
-
}
|
|
91
92
|
visited.add(obj);
|
|
92
93
|
}
|
|
93
94
|
if (typeof obj === "string") {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"XSSAdapter.js","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":";;;AAAA,6BAAgE;AAChE,
|
|
1
|
+
{"version":3,"file":"XSSAdapter.js","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":";;;AAAA,6BAAgE;AAChE,8DAA2D;AAC3D,wCAAoC;AAcpC,MAAa,UAAU;IAInB,YAAY,UAAsB,EAAE;QAChC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;QAE7B,MAAM,cAAc,GAAe;YAC/B,SAAS,EAAE,IAAA,yBAAmB,GAAE;YAChC,cAAc,EAAE,IAAI;YACpB,kBAAkB,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC;YACpE,eAAe,EAAE,KAAK;YACtB,GAAG,EAAE,KAAK;YACV,KAAK,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;gBACjB,IAAI,GAAG,KAAK,GAAG,EAAE,CAAC;oBACd,OAAO,IAAI,CAAC,OAAO,CACf,MAAM,EACN,+CAA+C,CAClD,CAAC;gBACN,CAAC;gBACD,OAAO,IAAI,CAAC;YAChB,CAAC;SACJ,CAAC;QAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC;QACvD,IAAI,CAAC,aAAa,GAAG,IAAI,eAAS,CAAC,YAAY,CAAC,CAAC;IACrD,CAAC;IAED,QAAQ,CAAC,KAAa,EAAE,cAA2B;QAC/C,IAAI,CAAC;YACD,IAAI,OAAO,KAAK,KAAK,QAAQ;gBAAE,OAAO,KAAY,CAAC;YAEnD,IAAI,CAAC,cAAc,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAC7C,CAAC;YAED,MAAM,aAAa,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,cAAc,EAAE,CAAC;YACnE,MAAM,YAAY,GAAG,IAAI,eAAS,CAAC,aAAa,CAAC,CAAC;YAElD,OAAO,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAEvC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACpC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,uBAAuB,CAAC,CAAC;QACpD,CAAC;IACL,CAAC;IAED,UAAU,CAAC,cAA2B;QAClC,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;oBAC9B,MAAM,aAAa,GAAQ,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAEjE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC1C,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;wBAE9B,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;4BAC1B,aAAa,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;wBAC5D,CAAC;6BAAM,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;4BAC5B,aAAa,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAC7B,OAAO,CAAC,KAAK,QAAQ;gCACjB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC;gCAClC,CAAC,CAAC,CAAC,CACV,CAAC;wBACN,CAAC;6BAAM,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;4BACxC,aAAa,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;wBAChE,CAAC;6BAAM,CAAC;4BACJ,aAAa,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;wBAC7B,CAAC;oBACL,CAAC;oBAED,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;oBAGlC,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;wBACpC,OAAO,EAAE,KAAK;wBACd,SAAS,EAAE,YAAY;wBACvB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC;qBACnC,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;oBAClC,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,YAAY;oBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;iBACvB,CAAC,CAAC;gBACH,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACL,CAAC,CAAC;IACN,CAAC;IAEO,YAAY,CAAC,GAAQ,EAAE,OAAoB,EAAE,OAAO,GAAG,IAAI,OAAO,EAAE;QACxE,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,OAAO,GAAG,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAChE,CAAC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,OAAO,GAAG,CAAC;IACf,CAAC;CACJ;AA3HD,gCA2HC","sourcesContent":["import { FilterXSS, getDefaultWhiteList, whiteList } from \"xss\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { logger } from \"../logging\";\r\n\r\nexport interface XSSOptions {\r\n whiteList?: typeof whiteList;\r\n stripIgnoreTag?: boolean;\r\n stripIgnoreTagBody?: string[];\r\n allowCommentTag?: boolean;\r\n css?: boolean | { [key: string]: boolean };\r\n onTag?: (tag: string, html: string, options: any) => string;\r\n onTagAttr?: (tag: string, name: string, value: string, isWhiteAttr: boolean) => string;\r\n onIgnoreTag?: (tag: string, html: string, options: any) => string;\r\n [key: string]: any;\r\n}\r\n\r\nexport class XSSAdapter {\r\n private globalOptions: XSSOptions;\r\n private defaultFilter: FilterXSS;\r\n\r\n constructor(options: XSSOptions = {}) {\r\n this.globalOptions = options;\r\n\r\n const defaultOptions: XSSOptions = {\r\n whiteList: getDefaultWhiteList(),\r\n stripIgnoreTag: true,\r\n stripIgnoreTagBody: [\"script\", \"style\", \"iframe\", \"object\", \"embed\"],\r\n allowCommentTag: false,\r\n css: false,\r\n onTag: (tag, html) => {\r\n if (tag === \"a\") {\r\n return html.replace(\r\n /<a /i,\r\n '<a target=\"_blank\" rel=\"noopener noreferrer\" '\r\n );\r\n }\r\n return html;\r\n }\r\n };\r\n\r\n const finalOptions = { ...defaultOptions, ...options };\r\n this.defaultFilter = new FilterXSS(finalOptions);\r\n }\r\n\r\n sanitize(input: string, dynamicOptions?: XSSOptions): string {\r\n try {\r\n if (typeof input !== \"string\") return input as any;\r\n\r\n if (!dynamicOptions || Object.keys(dynamicOptions).length === 0) {\r\n return this.defaultFilter.process(input);\r\n }\r\n\r\n const mergedOptions = { ...this.globalOptions, ...dynamicOptions };\r\n const customFilter = new FilterXSS(mergedOptions);\r\n\r\n return customFilter.process(input);\r\n\r\n } catch (err: any) {\r\n logger.error(\"XSS sanitization failed\", {\r\n adapter: \"xss\",\r\n operation: \"sanitize\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"XSS sanitizer failed.\");\r\n }\r\n }\r\n\r\n middleware(dynamicOptions?: XSSOptions) {\r\n return (req: any, _res: any, next: any) => {\r\n try {\r\n if (req.body && typeof req.body === \"object\") {\r\n const originalBody = req.body;\r\n const sanitizedBody: any = Array.isArray(originalBody) ? [] : {};\r\n\r\n for (const key of Object.keys(originalBody)) {\r\n const val = originalBody[key];\r\n\r\n if (typeof val === \"string\") {\r\n sanitizedBody[key] = this.sanitize(val, dynamicOptions);\r\n } else if (Array.isArray(val)) {\r\n sanitizedBody[key] = val.map(v =>\r\n typeof v === \"string\"\r\n ? this.sanitize(v, dynamicOptions)\r\n : v\r\n );\r\n } else if (val && typeof val === \"object\") {\r\n sanitizedBody[key] = this.deepSanitize(val, dynamicOptions);\r\n } else {\r\n sanitizedBody[key] = val;\r\n }\r\n }\r\n\r\n req.sanitizedBody = sanitizedBody;\r\n\r\n \r\n logger.info(\"XSS sanitization applied\", {\r\n adapter: \"xss\",\r\n operation: \"middleware\",\r\n keys: Object.keys(sanitizedBody)\r\n });\r\n }\r\n\r\n next();\r\n } catch (err: any) {\r\n logger.error(\"XSS middleware failed\", {\r\n adapter: \"xss\",\r\n operation: \"middleware\",\r\n reason: err?.message\r\n });\r\n next(err);\r\n }\r\n };\r\n }\r\n\r\n private deepSanitize(obj: any, options?: XSSOptions, visited = new WeakSet()): any {\r\n if (obj && typeof obj === \"object\") {\r\n if (visited.has(obj)) return obj;\r\n visited.add(obj);\r\n }\r\n\r\n if (typeof obj === \"string\") {\r\n return this.sanitize(obj, options);\r\n }\r\n\r\n if (Array.isArray(obj)) {\r\n return obj.map(item => this.deepSanitize(item, options, visited));\r\n }\r\n\r\n if (obj && typeof obj === \"object\") {\r\n const result: any = {};\r\n for (const key of Object.keys(obj)) {\r\n result[key] = this.deepSanitize(obj[key], options, visited);\r\n }\r\n return result;\r\n }\r\n\r\n return obj;\r\n }\r\n}\r\n"]}
|
|
@@ -2,6 +2,6 @@ import { ZodSchema } from "zod";
|
|
|
2
2
|
export declare class ZodAdapter {
|
|
3
3
|
private globalSchema?;
|
|
4
4
|
constructor(globalSchema?: ZodSchema);
|
|
5
|
-
validate(dynamicSchema?: ZodSchema): (req: any,
|
|
5
|
+
validate(dynamicSchema?: ZodSchema): (req: any, _res: any, next: any) => any;
|
|
6
6
|
}
|
|
7
7
|
//# sourceMappingURL=ZodAdapter.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ZodAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAY,MAAM,KAAK,CAAC;AAI1C,qBAAa,UAAU;IACnB,OAAO,CAAC,YAAY,CAAC,CAAY;gBAErB,YAAY,CAAC,EAAE,SAAS;IAIpC,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,IACtB,KAAK,GAAG,EAAE,
|
|
1
|
+
{"version":3,"file":"ZodAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAY,MAAM,KAAK,CAAC;AAI1C,qBAAa,UAAU;IACnB,OAAO,CAAC,YAAY,CAAC,CAAY;gBAErB,YAAY,CAAC,EAAE,SAAS;IAIpC,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,IACtB,KAAK,GAAG,EAAE,MAAM,GAAG,EAAE,MAAM,GAAG;CA6B7C"}
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.ZodAdapter = void 0;
|
|
4
|
-
const
|
|
5
|
-
const
|
|
4
|
+
const ValidationError_1 = require("../core/errors/ValidationError");
|
|
5
|
+
const logging_1 = require("../logging");
|
|
6
6
|
class ZodAdapter {
|
|
7
7
|
constructor(globalSchema) {
|
|
8
8
|
this.globalSchema = globalSchema;
|
|
9
9
|
}
|
|
10
10
|
validate(dynamicSchema) {
|
|
11
|
-
return (req,
|
|
11
|
+
return (req, _res, next) => {
|
|
12
12
|
const schema = dynamicSchema || this.globalSchema;
|
|
13
13
|
if (!schema)
|
|
14
14
|
return next();
|
|
@@ -21,13 +21,15 @@ class ZodAdapter {
|
|
|
21
21
|
path: issue.path.join("."),
|
|
22
22
|
code: issue.code
|
|
23
23
|
}));
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
logging_1.logger.warn("Zod validation failed", {
|
|
25
|
+
adapter: "zod",
|
|
26
|
+
operation: "validate",
|
|
26
27
|
method: req.method,
|
|
27
|
-
|
|
28
|
-
|
|
28
|
+
path: req.path,
|
|
29
|
+
issueCount: issues.length,
|
|
30
|
+
issues
|
|
29
31
|
});
|
|
30
|
-
return next(new
|
|
32
|
+
return next(new ValidationError_1.ValidationError("Validation failed.", issues));
|
|
31
33
|
};
|
|
32
34
|
}
|
|
33
35
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ZodAdapter.js","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"ZodAdapter.js","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":";;;AACA,oEAAiE;AACjE,wCAAoC;AAEpC,MAAa,UAAU;IAGnB,YAAY,YAAwB;QAChC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACrC,CAAC;IAED,QAAQ,CAAC,aAAyB;QAC9B,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC;YAClD,IAAI,CAAC,MAAM;gBAAE,OAAO,IAAI,EAAE,CAAC;YAE3B,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1C,IAAI,MAAM,CAAC,OAAO;gBAAE,OAAO,IAAI,EAAE,CAAC;YAElC,MAAM,MAAM,GAAa,MAAM,CAAC,KAAK,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBACvC,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;aACnB,CAAC,CAAC,CAAC;YAEJ,gBAAM,CAAC,IAAI,CAAC,uBAAuB,EAAE;gBACjC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,UAAU,EAAE,MAAM,CAAC,MAAM;gBACzB,MAAM;aACT,CAAC,CAAC;YAEH,OAAO,IAAI,CACP,IAAI,iCAAe,CAAC,oBAAoB,EAAE,MAAa,CAAC,CAC3D,CAAC;QACN,CAAC,CAAC;IACN,CAAC;CACJ;AArCD,gCAqCC","sourcesContent":["import { ZodSchema, ZodError } from \"zod\";\r\nimport { ValidationError } from \"../core/errors/ValidationError\";\r\nimport { logger } from \"../logging\";\r\n\r\nexport class ZodAdapter {\r\n private globalSchema?: ZodSchema;\r\n\r\n constructor(globalSchema?: ZodSchema) {\r\n this.globalSchema = globalSchema;\r\n }\r\n\r\n validate(dynamicSchema?: ZodSchema) {\r\n return (req: any, _res: any, next: any) => {\r\n const schema = dynamicSchema || this.globalSchema;\r\n if (!schema) return next();\r\n\r\n const result = schema.safeParse(req.body);\r\n if (result.success) return next();\r\n\r\n const zodErr: ZodError = result.error;\r\n\r\n const issues = zodErr.issues.map(issue => ({\r\n message: issue.message,\r\n path: issue.path.join(\".\"),\r\n code: issue.code\r\n }));\r\n\r\n logger.warn(\"Zod validation failed\", {\r\n adapter: \"zod\",\r\n operation: \"validate\",\r\n method: req.method,\r\n path: req.path,\r\n issueCount: issues.length,\r\n issues\r\n });\r\n\r\n return next(\r\n new ValidationError(\"Validation failed.\", issues as any)\r\n );\r\n };\r\n }\r\n}\r\n"]}
|
package/dist/core/HiSecure.d.ts
CHANGED
|
@@ -28,11 +28,10 @@ export declare class HiSecure {
|
|
|
28
28
|
static getInstance(config?: Partial<HiSecureConfig>): HiSecure;
|
|
29
29
|
static resetInstance(): void;
|
|
30
30
|
init(): void;
|
|
31
|
-
isInitialized(): boolean;
|
|
32
31
|
static auth(options?: {
|
|
33
32
|
required?: boolean;
|
|
34
33
|
roles?: string[];
|
|
35
|
-
}): (req: import("express").Request,
|
|
34
|
+
}): (req: import("express").Request, _res: import("express").Response, next: import("express").NextFunction) => void;
|
|
36
35
|
static validate(schema: ValidationSchema): (req: any, res: any, next: any) => any;
|
|
37
36
|
static sanitize(options?: any): (req: any, _res: any, next: any) => void;
|
|
38
37
|
static rateLimit(preset: "strict" | "relaxed" | "api" | object): any;
|
|
@@ -42,8 +41,8 @@ export declare class HiSecure {
|
|
|
42
41
|
end(): any;
|
|
43
42
|
}, next: (err?: any) => any) => void;
|
|
44
43
|
static json(options?: any): import("connect").NextHandleFunction[];
|
|
45
|
-
static hash(
|
|
46
|
-
static verify(
|
|
44
|
+
static hash(value: string): Promise<string>;
|
|
45
|
+
static verify(value: string, hash: string): Promise<boolean>;
|
|
47
46
|
static jwt: {
|
|
48
47
|
sign: (payload: object, options?: any) => string;
|
|
49
48
|
verify: (token: string) => string | import("jsonwebtoken").Jwt | import("jsonwebtoken").JwtPayload;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAkB3D,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AASzD,OAAO,EAAE,aAAa,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAkB3D,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AASzD,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAE3E,qBAAa,QAAQ;IACjB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAyB;IAChD,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,WAAW,CAAS;IAGrB,WAAW,EAAG,WAAW,CAAC;IAC1B,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,WAAW,EAAG,WAAW,CAAC;IAC1B,WAAW,EAAG,WAAW,CAAC;IAC1B,WAAW,CAAC,EAAE,WAAW,CAAC;IAGjC,OAAO,CAAC,cAAc,CAAM;IAC5B,OAAO,CAAC,eAAe,CAAM;IAC7B,OAAO,CAAC,kBAAkB,CAAM;IAChC,OAAO,CAAC,mBAAmB,CAAM;IACjC,OAAO,CAAC,gBAAgB,CAAM;IAC9B,OAAO,CAAC,iBAAiB,CAAM;IAE/B,OAAO;IAMP,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,QAAQ;IAW9D,MAAM,CAAC,aAAa,IAAI,IAAI;IAI5B,IAAI,IAAI,IAAI;IA6BZ,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE;IAQ9D,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAIxC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG;IAI7B,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,KAAK,GAAG,MAAM;IAoB9D,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;kBAlHK,CAAC;;;iBAID,CAAC;IAkH/B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;WAUZ,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;WAMpC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIlE,MAAM,CAAC,GAAG;wBACU,MAAM,YAAY,GAAG;wBAGrB,MAAM;;qCAIO,MAAM;;MAGrC;IAIF,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ;IAuBvE,OAAO,CAAC,aAAa;IA0CrB,OAAO,CAAC,aAAa;IA6BrB,OAAO,CAAC,oBAAoB;IAuB5B,OAAO,CAAC,qBAAqB;CAyBhC"}
|