hi-secure 1.0.24 → 1.0.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/managers/CorsManager.d.ts.map +1 -1
- package/dist/managers/CorsManager.js +0 -1
- package/dist/managers/CorsManager.js.map +1 -1
- package/dist/managers/HashManager.d.ts +1 -0
- package/dist/managers/HashManager.d.ts.map +1 -1
- package/dist/managers/HashManager.js +19 -23
- package/dist/managers/HashManager.js.map +1 -1
- package/dist/managers/JsonManager.js +0 -1
- package/dist/managers/JsonManager.js.map +1 -1
- package/dist/managers/SanitizerManager.js +0 -1
- package/dist/managers/SanitizerManager.js.map +1 -1
- package/package.json +1 -1
- package/readme.md +2 -2
- package/src/managers/CorsManager.ts +1 -1
- package/src/managers/HashManager.ts +31 -29
- package/src/managers/JsonManager.ts +1 -1
- package/src/managers/SanitizerManager.ts +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CorsManager.d.ts","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB,qBAAa,WAAW;IACpB,UAAU,CAAC,OAAO,CAAC,EAAE,GAAG;
|
|
1
|
+
{"version":3,"file":"CorsManager.d.ts","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB,qBAAa,WAAW;IACpB,UAAU,CAAC,OAAO,CAAC,EAAE,GAAG;kBAoCqE,CAAC;;;iBAAmH,CAAC;CADrN"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CorsManager.js","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,wCAAoC;AACpC,8DAA2D;AAE3D,MAAa,WAAW;IACpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;gBAC7D,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,CAAC;gBACjD,WAAW,EAAE,KAAK;gBAClB,MAAM,EAAE,KAAK;aAChB,CAAC;YAEF,MAAM,YAAY,GAAG,OAAO;gBACxB,CAAC,CAAC,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE;gBACnC,CAAC,CAAC,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"CorsManager.js","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,wCAAoC;AACpC,8DAA2D;AAE3D,MAAa,WAAW;IACpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;gBAC7D,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,CAAC;gBACjD,WAAW,EAAE,KAAK;gBAClB,MAAM,EAAE,KAAK;aAChB,CAAC;YAEF,MAAM,YAAY,GAAG,OAAO;gBACxB,CAAC,CAAC,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE;gBACnC,CAAC,CAAC,cAAc,CAAC;YAGrB,gBAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,OAAO,EAAE,YAAY,CAAC,OAAO;gBAC7B,WAAW,EAAE,YAAY,CAAC,WAAW;aACxC,CAAC,CAAC;YAEH,OAAO,IAAA,cAAI,EAAC,YAAY,CAAC,CAAC;QAE9B,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBAClD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,wCAAwC,CAAC,CAAC;QACrE,CAAC;IACL,CAAC;CACJ;AApCD,kCAoCC","sourcesContent":["import cors from \"cors\";\r\nimport { logger } from \"../logging\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\n\r\nexport class CorsManager {\r\n middleware(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n origin: \"*\",\r\n methods: [\"GET\", \"POST\", \"PUT\", \"DELETE\", \"PATCH\", \"OPTIONS\"],\r\n allowedHeaders: [\"Content-Type\", \"Authorization\"],\r\n credentials: false,\r\n maxAge: 86400\r\n };\r\n\r\n const finalOptions = options\r\n ? { ...defaultOptions, ...options }\r\n : defaultOptions;\r\n\r\n \r\n logger.info(\"CORS middleware configured\", {\r\n layer: \"cors-manager\",\r\n operation: \"init\",\r\n origin: finalOptions.origin,\r\n methods: finalOptions.methods,\r\n credentials: finalOptions.credentials\r\n });\r\n\r\n return cors(finalOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"CORS middleware initialization failed\", {\r\n layer: \"cors-manager\",\r\n operation: \"init\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"CORS middleware initialization failed.\");\r\n }\r\n }\r\n}\r\n"]}
|
|
@@ -13,6 +13,7 @@ export declare class HashManager {
|
|
|
13
13
|
private primaryAdapter;
|
|
14
14
|
private fallbackAdapter;
|
|
15
15
|
constructor(config: HiSecureConfig["hashing"], primaryAdapter: HashAdapter, fallbackAdapter: HashAdapter | null);
|
|
16
|
+
private detectAlgorithm;
|
|
16
17
|
hash(value: string, options?: {
|
|
17
18
|
allowFallback?: boolean;
|
|
18
19
|
}): Promise<HashResult>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HashManager.d.ts","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAG9D,UAAU,WAAW;IACjB,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC3D;AAED,MAAM,WAAW,UAAU;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;CACzB;AAED,qBAAa,WAAW;IACpB,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,cAAc,CAAc;IACpC,OAAO,CAAC,eAAe,CAAqB;gBAGxC,MAAM,EAAE,cAAc,CAAC,SAAS,CAAC,EACjC,cAAc,EAAE,WAAW,EAC3B,eAAe,EAAE,WAAW,GAAG,IAAI;
|
|
1
|
+
{"version":3,"file":"HashManager.d.ts","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAG9D,UAAU,WAAW;IACjB,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC3D;AAED,MAAM,WAAW,UAAU;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;CACzB;AAED,qBAAa,WAAW;IACpB,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,cAAc,CAAc;IACpC,OAAO,CAAC,eAAe,CAAqB;gBAGxC,MAAM,EAAE,cAAc,CAAC,SAAS,CAAC,EACjC,cAAc,EAAE,WAAW,EAC3B,eAAe,EAAE,WAAW,GAAG,IAAI;IAcvC,OAAO,CAAC,eAAe;IAajB,IAAI,CACN,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,OAAO,CAAA;KAAE,GACtC,OAAO,CAAC,UAAU,CAAC;IAyDhB,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAwBhE"}
|
|
@@ -14,6 +14,16 @@ class HashManager {
|
|
|
14
14
|
fallbackEnabled: !!fallbackAdapter
|
|
15
15
|
});
|
|
16
16
|
}
|
|
17
|
+
detectAlgorithm(hashed) {
|
|
18
|
+
if (hashed.startsWith("$argon2"))
|
|
19
|
+
return "argon2";
|
|
20
|
+
if (hashed.startsWith("$2a$") ||
|
|
21
|
+
hashed.startsWith("$2b$") ||
|
|
22
|
+
hashed.startsWith("$2y$")) {
|
|
23
|
+
return "bcrypt";
|
|
24
|
+
}
|
|
25
|
+
throw new AdapterError_1.AdapterError("Unknown hash algorithm");
|
|
26
|
+
}
|
|
17
27
|
async hash(value, options) {
|
|
18
28
|
try {
|
|
19
29
|
const hash = await this.primaryAdapter.hash(value);
|
|
@@ -35,7 +45,6 @@ class HashManager {
|
|
|
35
45
|
}
|
|
36
46
|
try {
|
|
37
47
|
const hash = await this.fallbackAdapter.hash(value);
|
|
38
|
-
// ⚠️ security downgrade log (VERY GOOD PRACTICE)
|
|
39
48
|
logging_1.logger.warn("Hashing fallback used (security downgrade)", {
|
|
40
49
|
layer: "hash-manager",
|
|
41
50
|
operation: "hash",
|
|
@@ -61,33 +70,20 @@ class HashManager {
|
|
|
61
70
|
}
|
|
62
71
|
}
|
|
63
72
|
async verify(value, hashed) {
|
|
64
|
-
|
|
65
|
-
|
|
73
|
+
const algorithm = this.detectAlgorithm(hashed);
|
|
74
|
+
if (algorithm === this.config.primary) {
|
|
75
|
+
return this.primaryAdapter.verify(value, hashed);
|
|
66
76
|
}
|
|
67
|
-
|
|
68
|
-
|
|
77
|
+
if (algorithm === this.config.fallback &&
|
|
78
|
+
this.fallbackAdapter) {
|
|
79
|
+
logging_1.logger.warn("Verifying legacy hash using fallback adapter", {
|
|
69
80
|
layer: "hash-manager",
|
|
70
81
|
operation: "verify",
|
|
71
|
-
algorithm
|
|
72
|
-
reason: primaryErr?.message
|
|
82
|
+
algorithm
|
|
73
83
|
});
|
|
74
|
-
|
|
75
|
-
try {
|
|
76
|
-
return await this.fallbackAdapter.verify(value, hashed);
|
|
77
|
-
}
|
|
78
|
-
catch (fallbackErr) {
|
|
79
|
-
logging_1.logger.error("Fallback hash verification failed", {
|
|
80
|
-
layer: "hash-manager",
|
|
81
|
-
operation: "verify",
|
|
82
|
-
from: this.config.primary,
|
|
83
|
-
to: this.config.fallback,
|
|
84
|
-
reason: fallbackErr?.message
|
|
85
|
-
});
|
|
86
|
-
throw new AdapterError_1.AdapterError("Both primary and fallback verify failed.");
|
|
87
|
-
}
|
|
88
|
-
}
|
|
89
|
-
throw new AdapterError_1.AdapterError("Primary verify failed and no fallback adapter configured.");
|
|
84
|
+
return this.fallbackAdapter.verify(value, hashed);
|
|
90
85
|
}
|
|
86
|
+
throw new AdapterError_1.AdapterError(`No adapter configured for detected hash algorithm: ${algorithm}`);
|
|
91
87
|
}
|
|
92
88
|
}
|
|
93
89
|
exports.HashManager = HashManager;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HashManager.js","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":";;;AAAA,8DAA2D;AAE3D,wCAAoC;AAapC,MAAa,WAAW;IAKpB,YACI,MAAiC,EACjC,cAA2B,EAC3B,eAAmC;QAEnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAEvC,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;YACnC,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,eAAe,EAAE,CAAC,CAAC,eAAe;SACrC,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,IAAI,CACN,KAAa,EACb,OAAqC;QAErC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEnD,OAAO;gBACH,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,YAAY,EAAE,KAAK;aACtB,CAAC;QAEN,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBAClC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,EAAE,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnD,MAAM,IAAI,2BAAY,CAClB,oBAAoB,IAAI,CAAC,MAAM,CAAC,OAAO,iCAAiC,CAC3E,CAAC;YACN,CAAC;YAED,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAEpD,
|
|
1
|
+
{"version":3,"file":"HashManager.js","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":";;;AAAA,8DAA2D;AAE3D,wCAAoC;AAapC,MAAa,WAAW;IAKpB,YACI,MAAiC,EACjC,cAA2B,EAC3B,eAAmC;QAEnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAEvC,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;YACnC,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,eAAe,EAAE,CAAC,CAAC,eAAe;SACrC,CAAC,CAAC;IACP,CAAC;IAGO,eAAe,CAAC,MAAc;QAClC,IAAI,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,QAAQ,CAAC;QAClD,IACI,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;YACzB,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;YACzB,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAC3B,CAAC;YACC,OAAO,QAAQ,CAAC;QACpB,CAAC;QAED,MAAM,IAAI,2BAAY,CAAC,wBAAwB,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,IAAI,CACN,KAAa,EACb,OAAqC;QAErC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEnD,OAAO;gBACH,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,YAAY,EAAE,KAAK;aACtB,CAAC;QAEN,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBAClC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,EAAE,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnD,MAAM,IAAI,2BAAY,CAClB,oBAAoB,IAAI,CAAC,MAAM,CAAC,OAAO,iCAAiC,CAC3E,CAAC;YACN,CAAC;YAED,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAEpD,gBAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;oBACtD,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,MAAM;oBACjB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;oBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAC3B,CAAC,CAAC;gBAEH,OAAO;oBACH,IAAI;oBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ;oBAC3C,YAAY,EAAE,IAAI;iBACrB,CAAC;YAEN,CAAC;YAAC,OAAO,WAAgB,EAAE,CAAC;gBACxB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;oBACpC,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,MAAM;oBACjB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;oBACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACxB,MAAM,EAAE,WAAW,EAAE,OAAO;iBAC/B,CAAC,CAAC;gBAEH,MAAM,IAAI,2BAAY,CAClB,2CAA2C,CAC9C,CAAC;YACN,CAAC;QACL,CAAC;IACL,CAAC;IAGD,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,MAAc;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,SAAS,KAAK,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QACrD,CAAC;QAED,IACI,SAAS,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ;YAClC,IAAI,CAAC,eAAe,EACtB,CAAC;YACC,gBAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;gBACxD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,QAAQ;gBACnB,SAAS;aACZ,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,IAAI,2BAAY,CAClB,sDAAsD,SAAS,EAAE,CACpE,CAAC;IACN,CAAC;CACJ;AAvHD,kCAuHC","sourcesContent":["import { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { HiSecureConfig } from \"../core/types/HiSecureConfig\";\r\nimport { logger } from \"../logging\";\r\n\r\ninterface HashAdapter {\r\n hash(value: string): Promise<string>;\r\n verify(value: string, hashed: string): Promise<boolean>;\r\n}\r\n\r\nexport interface HashResult {\r\n hash: string;\r\n algorithm: string;\r\n usedFallback: boolean;\r\n}\r\n\r\nexport class HashManager {\r\n private config: HiSecureConfig[\"hashing\"];\r\n private primaryAdapter: HashAdapter;\r\n private fallbackAdapter: HashAdapter | null;\r\n\r\n constructor(\r\n config: HiSecureConfig[\"hashing\"],\r\n primaryAdapter: HashAdapter,\r\n fallbackAdapter: HashAdapter | null\r\n ) {\r\n this.config = config;\r\n this.primaryAdapter = primaryAdapter;\r\n this.fallbackAdapter = fallbackAdapter;\r\n\r\n logger.info(\"HashManager initialized\", {\r\n layer: \"hash-manager\",\r\n primary: config.primary,\r\n fallbackEnabled: !!fallbackAdapter\r\n });\r\n }\r\n\r\n \r\n private detectAlgorithm(hashed: string): string {\r\n if (hashed.startsWith(\"$argon2\")) return \"argon2\";\r\n if (\r\n hashed.startsWith(\"$2a$\") ||\r\n hashed.startsWith(\"$2b$\") ||\r\n hashed.startsWith(\"$2y$\")\r\n ) {\r\n return \"bcrypt\";\r\n }\r\n\r\n throw new AdapterError(\"Unknown hash algorithm\");\r\n }\r\n\r\n async hash(\r\n value: string,\r\n options?: { allowFallback?: boolean }\r\n ): Promise<HashResult> {\r\n try {\r\n const hash = await this.primaryAdapter.hash(value);\r\n\r\n return {\r\n hash,\r\n algorithm: this.config.primary,\r\n usedFallback: false\r\n };\r\n\r\n } catch (err: any) {\r\n logger.warn(\"Primary hashing failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n algorithm: this.config.primary,\r\n reason: err?.message\r\n });\r\n\r\n if (!options?.allowFallback || !this.fallbackAdapter) {\r\n throw new AdapterError(\r\n `Primary hashing (${this.config.primary}) failed. Fallback not allowed.`\r\n );\r\n }\r\n\r\n try {\r\n const hash = await this.fallbackAdapter.hash(value);\r\n\r\n logger.warn(\"Hashing fallback used (security downgrade)\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n from: this.config.primary,\r\n to: this.config.fallback\r\n });\r\n\r\n return {\r\n hash,\r\n algorithm: this.config.fallback || \"bcrypt\",\r\n usedFallback: true\r\n };\r\n\r\n } catch (fallbackErr: any) {\r\n logger.error(\"Fallback hashing failed\", {\r\n layer: \"hash-manager\",\r\n operation: \"hash\",\r\n from: this.config.primary,\r\n to: this.config.fallback,\r\n reason: fallbackErr?.message\r\n });\r\n\r\n throw new AdapterError(\r\n \"Both primary and fallback hashing failed.\"\r\n );\r\n }\r\n }\r\n }\r\n\r\n \r\n async verify(value: string, hashed: string): Promise<boolean> {\r\n const algorithm = this.detectAlgorithm(hashed);\r\n\r\n if (algorithm === this.config.primary) {\r\n return this.primaryAdapter.verify(value, hashed);\r\n }\r\n\r\n if (\r\n algorithm === this.config.fallback &&\r\n this.fallbackAdapter\r\n ) {\r\n logger.warn(\"Verifying legacy hash using fallback adapter\", {\r\n layer: \"hash-manager\",\r\n operation: \"verify\",\r\n algorithm\r\n });\r\n\r\n return this.fallbackAdapter.verify(value, hashed);\r\n }\r\n\r\n throw new AdapterError(\r\n `No adapter configured for detected hash algorithm: ${algorithm}`\r\n );\r\n }\r\n}\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JsonManager.js","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":";;;;;;AAAA,sDAA8B;AAC9B,4CAAoB;AACpB,wCAAoC;AACpC,8DAA2D;AAE3D,MAAa,WAAW;IACpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,IAAI;aACf,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACvC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,YAAY,CAAC,MAAM;aAC9B,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAEtC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE;gBACnD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,oCAAoC,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAED,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,KAAK;gBACZ,cAAc,EAAE,IAAI;aACvB,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;gBACzC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,cAAc,EAAE,YAAY,CAAC,cAAc;aAC9C,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;QAE5C,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,0CAA0C,EAAE;gBACrD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,2CAA2C,CAAC,CAAC;QACxE,CAAC;IACL,CAAC;IAED,WAAW,CAAC,OAAa;QACrB,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC5C,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAEhD,MAAM,MAAM,GAAG,YAAE,CAAC,KAAK,CAAC,WAAW,EAAE;wBACjC,KAAK,EAAE,CAAC;wBACR,cAAc,EAAE,GAAG;wBACnB,GAAG,OAAO;qBACb,CAAC,CAAC;oBAEH,GAAG,CAAC,WAAW,GAAG,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"JsonManager.js","sourceRoot":"","sources":["../../src/managers/JsonManager.ts"],"names":[],"mappings":";;;;;;AAAA,sDAA8B;AAC9B,4CAAoB;AACpB,wCAAoC;AACpC,8DAA2D;AAE3D,MAAa,WAAW;IACpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,IAAI;aACf,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACvC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,MAAM,EAAE,YAAY,CAAC,MAAM;aAC9B,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAEtC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,wCAAwC,EAAE;gBACnD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,oCAAoC,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAED,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,KAAK;gBACZ,cAAc,EAAE,IAAI;aACvB,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;YAE/D,gBAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;gBACzC,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,cAAc,EAAE,YAAY,CAAC,cAAc;aAC9C,CAAC,CAAC;YAEH,OAAO,iBAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;QAE5C,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,0CAA0C,EAAE;gBACrD,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,YAAY;gBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,2CAA2C,CAAC,CAAC;QACxE,CAAC;IACL,CAAC;IAED,WAAW,CAAC,OAAa;QACrB,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC5C,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAEhD,MAAM,MAAM,GAAG,YAAE,CAAC,KAAK,CAAC,WAAW,EAAE;wBACjC,KAAK,EAAE,CAAC;wBACR,cAAc,EAAE,GAAG;wBACnB,GAAG,OAAO;qBACb,CAAC,CAAC;oBAEH,GAAG,CAAC,WAAW,GAAG,MAAM,CAAC;oBAGzB,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;wBACnC,KAAK,EAAE,cAAc;wBACrB,SAAS,EAAE,aAAa;wBACxB,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM;qBACvC,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE;oBACjC,KAAK,EAAE,cAAc;oBACrB,SAAS,EAAE,aAAa;oBACxB,MAAM,EAAE,GAAG,EAAE,OAAO;iBACvB,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,2BAAY,CAAC,uBAAuB,CAAC,CAAC,CAAC;YACpD,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AA/FD,kCA+FC","sourcesContent":["import express from \"express\";\r\nimport qs from \"qs\";\r\nimport { logger } from \"../logging\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\n\r\nexport class JsonManager {\r\n middleware(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n limit: \"1mb\",\r\n inflate: true,\r\n strict: true\r\n };\r\n\r\n const finalOptions = { ...defaultOptions, ...(options || {}) };\r\n\r\n logger.info(\"JSON body parser configured\", {\r\n layer: \"json-manager\",\r\n operation: \"json\",\r\n limit: finalOptions.limit,\r\n strict: finalOptions.strict\r\n });\r\n\r\n return express.json(finalOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JSON body parser initialization failed\", {\r\n layer: \"json-manager\",\r\n operation: \"json\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"JSON parser initialization failed.\");\r\n }\r\n }\r\n\r\n urlencoded(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n extended: true,\r\n limit: \"1mb\",\r\n parameterLimit: 1000\r\n };\r\n\r\n const finalOptions = { ...defaultOptions, ...(options || {}) };\r\n\r\n logger.info(\"URL-encoded parser configured\", {\r\n layer: \"json-manager\",\r\n operation: \"urlencoded\",\r\n limit: finalOptions.limit,\r\n parameterLimit: finalOptions.parameterLimit\r\n });\r\n\r\n return express.urlencoded(finalOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"URL-encoded parser initialization failed\", {\r\n layer: \"json-manager\",\r\n operation: \"urlencoded\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"URL-encoded parser initialization failed.\");\r\n }\r\n }\r\n\r\n queryParser(options?: any) {\r\n return (req: any, _res: any, next: any) => {\r\n try {\r\n if (!req.parsedQuery && req.url.includes(\"?\")) {\r\n const queryString = req.url.split(\"?\")[1] || \"\";\r\n\r\n const parsed = qs.parse(queryString, {\r\n depth: 5,\r\n parameterLimit: 100,\r\n ...options\r\n });\r\n\r\n req.parsedQuery = parsed;\r\n\r\n \r\n logger.info(\"Query parameters parsed\", {\r\n layer: \"json-manager\",\r\n operation: \"query-parse\",\r\n keyCount: Object.keys(parsed).length\r\n });\r\n }\r\n\r\n next();\r\n } catch (err: any) {\r\n logger.error(\"Query parsing failed\", {\r\n layer: \"json-manager\",\r\n operation: \"query-parse\",\r\n reason: err?.message\r\n });\r\n\r\n next(new AdapterError(\"Query parsing failed.\"));\r\n }\r\n };\r\n }\r\n}\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SanitizerManager.js","sourceRoot":"","sources":["../../src/managers/SanitizerManager.ts"],"names":[],"mappings":";;;AAAA,kEAA+D;AAC/D,wCAAoC;AAMpC,MAAa,gBAAgB;IAIzB,YAAY,OAAyB,EAAE,WAAoC,IAAI;QAC3E,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;YACxC,KAAK,EAAE,mBAAmB;YAC1B,eAAe,EAAE,CAAC,CAAC,QAAQ;SAC9B,CAAC,CAAC;IACP,CAAC;IAED,QAAQ,CAAC,KAAa,EAAE,OAAa;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,IAAI,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBACpC,KAAK,EAAE,mBAAmB;gBAC1B,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACjB,MAAM,IAAI,+BAAc,CACpB,qDAAqD,CACxD,CAAC;YACN,CAAC;YAED,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBACnC,KAAK,EAAE,mBAAmB;gBAC1B,SAAS,EAAE,UAAU;aACxB,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAClD,CAAC;IACL,CAAC;IAED,UAAU,CAAC,OAAa;QACpB,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,MAAM,YAAY,GAAG,CAAC,KAAa,EAAU,EAAE;gBAC3C,IAAI,iBAAiB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACrC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAClD,CAAC;gBAED,IAAI,CAAC;oBACD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACjD,CAAC;gBAAC,OAAO,GAAQ,EAAE,CAAC;oBAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACjB,MAAM,GAAG,CAAC;oBACd,CAAC;oBAED,iBAAiB,GAAG,IAAI,CAAC;oBAEzB,gBAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;wBACvD,KAAK,EAAE,mBAAmB;wBAC1B,SAAS,EAAE,YAAY;qBAC1B,CAAC,CAAC;oBAEH,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAClD,CAAC;YACL,CAAC,CAAC;YAEF,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;oBAC9B,MAAM,aAAa,GAAQ,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAEjE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC1C,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;wBAEhC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;4BAC5B,aAAa,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;wBAC7C,CAAC;6BAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAClC,OAAO,IAAI,KAAK,QAAQ;gCACpB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;gCACpB,CAAC,CAAC,IAAI,CACb,CAAC;wBACN,CAAC;6BAAM,CAAC;4BACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;wBAC/B,CAAC;oBACL,CAAC;oBAED,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"SanitizerManager.js","sourceRoot":"","sources":["../../src/managers/SanitizerManager.ts"],"names":[],"mappings":";;;AAAA,kEAA+D;AAC/D,wCAAoC;AAMpC,MAAa,gBAAgB;IAIzB,YAAY,OAAyB,EAAE,WAAoC,IAAI;QAC3E,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;YACxC,KAAK,EAAE,mBAAmB;YAC1B,eAAe,EAAE,CAAC,CAAC,QAAQ;SAC9B,CAAC,CAAC;IACP,CAAC;IAED,QAAQ,CAAC,KAAa,EAAE,OAAa;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,IAAI,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBACpC,KAAK,EAAE,mBAAmB;gBAC1B,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACjB,MAAM,IAAI,+BAAc,CACpB,qDAAqD,CACxD,CAAC;YACN,CAAC;YAED,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBACnC,KAAK,EAAE,mBAAmB;gBAC1B,SAAS,EAAE,UAAU;aACxB,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAClD,CAAC;IACL,CAAC;IAED,UAAU,CAAC,OAAa;QACpB,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,MAAM,YAAY,GAAG,CAAC,KAAa,EAAU,EAAE;gBAC3C,IAAI,iBAAiB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACrC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAClD,CAAC;gBAED,IAAI,CAAC;oBACD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACjD,CAAC;gBAAC,OAAO,GAAQ,EAAE,CAAC;oBAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACjB,MAAM,GAAG,CAAC;oBACd,CAAC;oBAED,iBAAiB,GAAG,IAAI,CAAC;oBAEzB,gBAAM,CAAC,IAAI,CAAC,6CAA6C,EAAE;wBACvD,KAAK,EAAE,mBAAmB;wBAC1B,SAAS,EAAE,YAAY;qBAC1B,CAAC,CAAC;oBAEH,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAClD,CAAC;YACL,CAAC,CAAC;YAEF,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;oBAC9B,MAAM,aAAa,GAAQ,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAEjE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC1C,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;wBAEhC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;4BAC5B,aAAa,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;wBAC7C,CAAC;6BAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;4BAC9B,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAClC,OAAO,IAAI,KAAK,QAAQ;gCACpB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC;gCACpB,CAAC,CAAC,IAAI,CACb,CAAC;wBACN,CAAC;6BAAM,CAAC;4BACJ,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;wBAC/B,CAAC;oBACL,CAAC;oBAED,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;oBAGlC,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;wBAClC,KAAK,EAAE,mBAAmB;wBAC1B,SAAS,EAAE,YAAY;wBACvB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,MAAM;wBAC7C,YAAY,EAAE,iBAAiB;qBAClC,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;oBACxC,KAAK,EAAE,mBAAmB;oBAC1B,SAAS,EAAE,YAAY;oBACvB,MAAM,EAAE,GAAG,EAAE,OAAO;iBACvB,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,+BAAc,CAAC,8BAA8B,CAAC,CAAC,CAAC;YAC7D,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AAlHD,4CAkHC","sourcesContent":["import { SanitizerError } from \"../core/errors/SanitizerError\";\r\nimport { logger } from \"../logging\";\r\n\r\ninterface SanitizerAdapter {\r\n sanitize: (value: string, options?: any) => string;\r\n}\r\n\r\nexport class SanitizerManager {\r\n private primary: SanitizerAdapter;\r\n private fallback: SanitizerAdapter | null;\r\n\r\n constructor(primary: SanitizerAdapter, fallback: SanitizerAdapter | null = null) {\r\n this.primary = primary;\r\n this.fallback = fallback;\r\n\r\n logger.info(\"SanitizerManager initialized\", {\r\n layer: \"sanitizer-manager\",\r\n fallbackEnabled: !!fallback\r\n });\r\n }\r\n\r\n sanitize(value: string, options?: any): string {\r\n if (typeof value !== \"string\") {\r\n return value;\r\n }\r\n\r\n try {\r\n return this.primary.sanitize(value, options);\r\n } catch (err: any) {\r\n logger.warn(\"Primary sanitizer failed\", {\r\n layer: \"sanitizer-manager\",\r\n operation: \"sanitize\",\r\n reason: err?.message\r\n });\r\n\r\n if (!this.fallback) {\r\n throw new SanitizerError(\r\n \"Primary sanitizer failed and no fallback available.\"\r\n );\r\n }\r\n\r\n logger.warn(\"Sanitizer fallback used\", {\r\n layer: \"sanitizer-manager\",\r\n operation: \"sanitize\"\r\n });\r\n\r\n return this.fallback.sanitize(value, options);\r\n }\r\n }\r\n\r\n middleware(options?: any) {\r\n return (req: any, _res: any, next: any) => {\r\n let fallbackTriggered = false;\r\n\r\n const safeSanitize = (value: string): string => {\r\n if (fallbackTriggered && this.fallback) {\r\n return this.fallback.sanitize(value, options);\r\n }\r\n\r\n try {\r\n return this.primary.sanitize(value, options);\r\n } catch (err: any) {\r\n if (!this.fallback) {\r\n throw err;\r\n }\r\n\r\n fallbackTriggered = true;\r\n\r\n logger.warn(\"Switching to fallback sanitizer for request\", {\r\n layer: \"sanitizer-manager\",\r\n operation: \"middleware\"\r\n });\r\n\r\n return this.fallback.sanitize(value, options);\r\n }\r\n };\r\n\r\n try {\r\n if (req.body && typeof req.body === \"object\") {\r\n const originalBody = req.body;\r\n const sanitizedBody: any = Array.isArray(originalBody) ? [] : {};\r\n\r\n for (const key of Object.keys(originalBody)) {\r\n const value = originalBody[key];\r\n\r\n if (typeof value === \"string\") {\r\n sanitizedBody[key] = safeSanitize(value);\r\n } else if (Array.isArray(value)) {\r\n sanitizedBody[key] = value.map(item =>\r\n typeof item === \"string\"\r\n ? safeSanitize(item)\r\n : item\r\n );\r\n } else {\r\n sanitizedBody[key] = value;\r\n }\r\n }\r\n\r\n req.sanitizedBody = sanitizedBody;\r\n\r\n \r\n logger.info(\"Request body sanitized\", {\r\n layer: \"sanitizer-manager\",\r\n operation: \"middleware\",\r\n fieldCount: Object.keys(sanitizedBody).length,\r\n usedFallback: fallbackTriggered\r\n });\r\n }\r\n\r\n next();\r\n } catch (err: any) {\r\n logger.error(\"Sanitizer middleware failed\", {\r\n layer: \"sanitizer-manager\",\r\n operation: \"middleware\",\r\n reason: err?.message\r\n });\r\n\r\n next(new SanitizerError(\"Sanitizer middleware failure\"));\r\n }\r\n };\r\n }\r\n}\r\n"]}
|
package/package.json
CHANGED
package/readme.md
CHANGED
|
@@ -97,7 +97,7 @@ Managing these separately leads to duplicated logic, configuration drift and sub
|
|
|
97
97
|
|
|
98
98
|
<tr>
|
|
99
99
|
<td>Logging</td>
|
|
100
|
-
<td>Improved
|
|
100
|
+
<td>Improved</td>
|
|
101
101
|
<td>
|
|
102
102
|
Structured, lifecycle-aware logs with adapter, manager and fallback visibility.
|
|
103
103
|
Designed for production debugging without leaking sensitive data.
|
|
@@ -112,7 +112,7 @@ Managing these separately leads to duplicated logic, configuration drift and sub
|
|
|
112
112
|
|
|
113
113
|
<hr/>
|
|
114
114
|
|
|
115
|
-
<h2>What’s New in
|
|
115
|
+
<h2>What’s New in latest version</h2>
|
|
116
116
|
|
|
117
117
|
<ul>
|
|
118
118
|
<li>Improved structured logging across core lifecycle</li>
|
|
@@ -34,6 +34,20 @@ export class HashManager {
|
|
|
34
34
|
});
|
|
35
35
|
}
|
|
36
36
|
|
|
37
|
+
|
|
38
|
+
private detectAlgorithm(hashed: string): string {
|
|
39
|
+
if (hashed.startsWith("$argon2")) return "argon2";
|
|
40
|
+
if (
|
|
41
|
+
hashed.startsWith("$2a$") ||
|
|
42
|
+
hashed.startsWith("$2b$") ||
|
|
43
|
+
hashed.startsWith("$2y$")
|
|
44
|
+
) {
|
|
45
|
+
return "bcrypt";
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
throw new AdapterError("Unknown hash algorithm");
|
|
49
|
+
}
|
|
50
|
+
|
|
37
51
|
async hash(
|
|
38
52
|
value: string,
|
|
39
53
|
options?: { allowFallback?: boolean }
|
|
@@ -64,7 +78,6 @@ export class HashManager {
|
|
|
64
78
|
try {
|
|
65
79
|
const hash = await this.fallbackAdapter.hash(value);
|
|
66
80
|
|
|
67
|
-
// ⚠️ security downgrade log (VERY GOOD PRACTICE)
|
|
68
81
|
logger.warn("Hashing fallback used (security downgrade)", {
|
|
69
82
|
layer: "hash-manager",
|
|
70
83
|
operation: "hash",
|
|
@@ -94,40 +107,29 @@ export class HashManager {
|
|
|
94
107
|
}
|
|
95
108
|
}
|
|
96
109
|
|
|
110
|
+
|
|
97
111
|
async verify(value: string, hashed: string): Promise<boolean> {
|
|
98
|
-
|
|
99
|
-
return await this.primaryAdapter.verify(value, hashed);
|
|
112
|
+
const algorithm = this.detectAlgorithm(hashed);
|
|
100
113
|
|
|
101
|
-
|
|
102
|
-
|
|
114
|
+
if (algorithm === this.config.primary) {
|
|
115
|
+
return this.primaryAdapter.verify(value, hashed);
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
if (
|
|
119
|
+
algorithm === this.config.fallback &&
|
|
120
|
+
this.fallbackAdapter
|
|
121
|
+
) {
|
|
122
|
+
logger.warn("Verifying legacy hash using fallback adapter", {
|
|
103
123
|
layer: "hash-manager",
|
|
104
124
|
operation: "verify",
|
|
105
|
-
algorithm
|
|
106
|
-
reason: primaryErr?.message
|
|
125
|
+
algorithm
|
|
107
126
|
});
|
|
108
127
|
|
|
109
|
-
|
|
110
|
-
try {
|
|
111
|
-
return await this.fallbackAdapter.verify(value, hashed);
|
|
112
|
-
|
|
113
|
-
} catch (fallbackErr: any) {
|
|
114
|
-
logger.error("Fallback hash verification failed", {
|
|
115
|
-
layer: "hash-manager",
|
|
116
|
-
operation: "verify",
|
|
117
|
-
from: this.config.primary,
|
|
118
|
-
to: this.config.fallback,
|
|
119
|
-
reason: fallbackErr?.message
|
|
120
|
-
});
|
|
121
|
-
|
|
122
|
-
throw new AdapterError(
|
|
123
|
-
"Both primary and fallback verify failed."
|
|
124
|
-
);
|
|
125
|
-
}
|
|
126
|
-
}
|
|
127
|
-
|
|
128
|
-
throw new AdapterError(
|
|
129
|
-
"Primary verify failed and no fallback adapter configured."
|
|
130
|
-
);
|
|
128
|
+
return this.fallbackAdapter.verify(value, hashed);
|
|
131
129
|
}
|
|
130
|
+
|
|
131
|
+
throw new AdapterError(
|
|
132
|
+
`No adapter configured for detected hash algorithm: ${algorithm}`
|
|
133
|
+
);
|
|
132
134
|
}
|
|
133
135
|
}
|