hi-secure 1.0.26 → 1.0.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/JWTAdapter.js.map +1 -1
- package/dist/core/HiSecure.d.ts +15 -36
- package/dist/core/HiSecure.d.ts.map +1 -1
- package/dist/core/HiSecure.js +78 -138
- package/dist/core/HiSecure.js.map +1 -1
- package/dist/core/useSecure.d.ts +4 -1
- package/dist/core/useSecure.d.ts.map +1 -1
- package/dist/core/useSecure.js +58 -13
- package/dist/core/useSecure.js.map +1 -1
- package/dist/index.d.ts +1 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +13 -4
- package/dist/index.js.map +1 -1
- package/dist/managers/AuthManager.js.map +1 -1
- package/package.json +1 -1
- package/src/core/HiSecure.ts +490 -258
- package/src/core/useSecure.ts +94 -37
- package/src/index.ts +25 -11
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JWTAdapter.js","sourceRoot":"","sources":["../../src/adapters/JWTAdapter.ts"],"names":[],"mappings":";;;;;;AAAA,gEAA+B;AAC/B,mCAAoC;AACpC,8DAA2D;AAC3D,wCAAoC;AAkBpC,MAAa,UAAU;IAOnB,YAAY,OAA0B;QAClC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YAClB,MAAM,IAAI,2BAAY,CAAC,wBAAwB,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC7B,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBACpC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,MAAM;gBACjB,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM;aACtC,CAAC,CAAC;QACP,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC;QAC9C,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IACrC,CAAC;IAED,IAAI,CAAC,OAAe,EAAE,OAAqB;QACvC,IAAI,CAAC;YACD,MAAM,UAAU,GAAoB;gBAChC,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC,MAAM;gBACtC,QAAQ,EAAE,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ;gBAC5C,KAAK,EAAE,OAAO,EAAE,GAAG,IAAI,IAAA,mBAAU,GAAE;gBACnC,OAAO,EAAE,OAAO,EAAE,OAAO;aAC5B,CAAC;YAEF,IAAI,OAAO,EAAE,SAAS,KAAK,SAAS,EAAE,CAAC;gBACnC,UAAU,CAAC,SAAS,GAAG,OAAO,CAAC,SAAgB,CAAC;YACpD,CAAC;iBAAM,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBACtC,UAAU,CAAC,SAAS,GAAG,IAAI,CAAC,SAAgB,CAAC;YACjD,CAAC;YAED,OAAO,sBAAG,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAEtD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE;gBAC/B,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,iBAAiB,CAAC,CAAC;QAC9C,CAAC;IACL,CAAC;IAED,MAAM,CAAC,KAAa,EAAE,OAA0C;QAC5D,IAAI,CAAC;YACD,MAAM,aAAa,GAAsB;gBACrC,UAAU,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC;gBAC5B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAW;aAC3D,CAAC;YAEF,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAEzD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACpC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,QAAQ;gBACnB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,GAAG,EAAE,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACpC,MAAM,IAAI,2BAAY,CAAC,uBAAuB,CAAC,CAAC;YACpD,CAAC;YAED,IAAI,GAAG,EAAE,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACpC,MAAM,IAAI,2BAAY,CAAC,mBAAmB,CAAC,CAAC;YAChD,CAAC;YAED,MAAM,IAAI,2BAAY,CAAC,yBAAyB,CAAC,CAAC;QACtD,CAAC;IACL,CAAC;CACJ;AApFD,gCAoFC","sourcesContent":["import jwt from \"jsonwebtoken\";\r\nimport { randomUUID } from \"crypto\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { logger } from \"../logging\";\r\n\r\nexport interface JWTAdapterOptions {\r\n secret: string;\r\n expiresIn?: string | number;\r\n algorithm?: jwt.Algorithm;\r\n issuer?: string;\r\n audience?: string | string[];\r\n}\r\n\r\nexport interface SignOptions {\r\n expiresIn?: string | number;\r\n jti?: string;\r\n subject?: string;\r\n issuer?: string;\r\n audience?: string | string[];\r\n}\r\n\r\nexport class JWTAdapter {\r\n private secret: string;\r\n private expiresIn?: string | number;\r\n private algorithm: jwt.Algorithm;\r\n private issuer?: string;\r\n private audience?: string | string[];\r\n\r\n constructor(options: JWTAdapterOptions) {\r\n if (!options.secret) {\r\n throw new AdapterError(\"JWT secret is required\");\r\n }\r\n\r\n if (options.secret.length < 32) {\r\n logger.warn(\"Weak JWT secret detected\", {\r\n adapter: \"jwt\",\r\n operation: \"init\",\r\n secretLength: options.secret.length\r\n });\r\n }\r\n\r\n this.secret = options.secret;\r\n this.expiresIn = options.expiresIn;\r\n this.algorithm = options.algorithm || \"HS256\";\r\n this.issuer = options.issuer;\r\n this.audience = options.audience;\r\n }\r\n\r\n sign(payload: object, options?: SignOptions) {\r\n try {\r\n const jwtOptions: jwt.SignOptions = {\r\n algorithm: this.algorithm,\r\n issuer: options?.issuer || this.issuer,\r\n audience: options?.audience || this.audience,\r\n jwtid: options?.jti || randomUUID(),\r\n subject: options?.subject\r\n };\r\n\r\n if (options?.expiresIn !== undefined) {\r\n jwtOptions.expiresIn = options.expiresIn as any;\r\n } else if (this.expiresIn !== undefined) {\r\n jwtOptions.expiresIn = this.expiresIn as any;\r\n }\r\n\r\n return jwt.sign(payload, this.secret, jwtOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JWT signing failed\", {\r\n adapter: \"jwt\",\r\n operation: \"sign\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"JWT sign failed\");\r\n }\r\n }\r\n\r\n verify(token: string, options?: { audience?: string | string[] }) {\r\n try {\r\n const verifyOptions: jwt.VerifyOptions = {\r\n algorithms: [this.algorithm],\r\n issuer: this.issuer,\r\n audience: (options?.audience || this.audience) as string\r\n };\r\n\r\n return jwt.verify(token, this.secret, verifyOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JWT verification failed\", {\r\n adapter: \"jwt\",\r\n operation: \"verify\",\r\n reason: err?.message\r\n });\r\n\r\n if (err?.name === \"TokenExpiredError\") {\r\n throw new AdapterError(\"JWT token has expired\");\r\n }\r\n\r\n if (err?.name === \"JsonWebTokenError\") {\r\n throw new AdapterError(\"Invalid JWT token\");\r\n }\r\n\r\n throw new AdapterError(\"JWT verification failed\");\r\n }\r\n }\r\n}"]}
|
|
1
|
+
{"version":3,"file":"JWTAdapter.js","sourceRoot":"","sources":["../../src/adapters/JWTAdapter.ts"],"names":[],"mappings":";;;;;;AAAA,gEAA+B;AAC/B,mCAAoC;AACpC,8DAA2D;AAC3D,wCAAoC;AAkBpC,MAAa,UAAU;IAOnB,YAAY,OAA0B;QAClC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YAClB,MAAM,IAAI,2BAAY,CAAC,wBAAwB,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC7B,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBACpC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,MAAM;gBACjB,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM;aACtC,CAAC,CAAC;QACP,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC;QAC9C,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IACrC,CAAC;IAED,IAAI,CAAC,OAAe,EAAE,OAAqB;QACvC,IAAI,CAAC;YACD,MAAM,UAAU,GAAoB;gBAChC,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC,MAAM;gBACtC,QAAQ,EAAE,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ;gBAC5C,KAAK,EAAE,OAAO,EAAE,GAAG,IAAI,IAAA,mBAAU,GAAE;gBACnC,OAAO,EAAE,OAAO,EAAE,OAAO;aAC5B,CAAC;YAEF,IAAI,OAAO,EAAE,SAAS,KAAK,SAAS,EAAE,CAAC;gBACnC,UAAU,CAAC,SAAS,GAAG,OAAO,CAAC,SAAgB,CAAC;YACpD,CAAC;iBAAM,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBACtC,UAAU,CAAC,SAAS,GAAG,IAAI,CAAC,SAAgB,CAAC;YACjD,CAAC;YAED,OAAO,sBAAG,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAEtD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE;gBAC/B,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,MAAM,IAAI,2BAAY,CAAC,iBAAiB,CAAC,CAAC;QAC9C,CAAC;IACL,CAAC;IAED,MAAM,CAAC,KAAa,EAAE,OAA0C;QAC5D,IAAI,CAAC;YACD,MAAM,aAAa,GAAsB;gBACrC,UAAU,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC;gBAC5B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAW;aAC3D,CAAC;YAEF,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAEzD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACpC,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,QAAQ;gBACnB,MAAM,EAAE,GAAG,EAAE,OAAO;aACvB,CAAC,CAAC;YAEH,IAAI,GAAG,EAAE,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACpC,MAAM,IAAI,2BAAY,CAAC,uBAAuB,CAAC,CAAC;YACpD,CAAC;YAED,IAAI,GAAG,EAAE,IAAI,KAAK,mBAAmB,EAAE,CAAC;gBACpC,MAAM,IAAI,2BAAY,CAAC,mBAAmB,CAAC,CAAC;YAChD,CAAC;YAED,MAAM,IAAI,2BAAY,CAAC,yBAAyB,CAAC,CAAC;QACtD,CAAC;IACL,CAAC;CACJ;AApFD,gCAoFC","sourcesContent":["import jwt from \"jsonwebtoken\";\r\nimport { randomUUID } from \"crypto\";\r\nimport { AdapterError } from \"../core/errors/AdapterError\";\r\nimport { logger } from \"../logging\";\r\n\r\nexport interface JWTAdapterOptions {\r\n secret: string;\r\n expiresIn?: string | number;\r\n algorithm?: jwt.Algorithm;\r\n issuer?: string;\r\n audience?: string | string[];\r\n}\r\n\r\nexport interface SignOptions {\r\n expiresIn?: string | number;\r\n jti?: string;\r\n subject?: string;\r\n issuer?: string;\r\n audience?: string | string[];\r\n}\r\n\r\nexport class JWTAdapter {\r\n private secret: string;\r\n private expiresIn?: string | number;\r\n private algorithm: jwt.Algorithm;\r\n private issuer?: string;\r\n private audience?: string | string[];\r\n\r\n constructor(options: JWTAdapterOptions) {\r\n if (!options.secret) {\r\n throw new AdapterError(\"JWT secret is required\");\r\n }\r\n\r\n if (options.secret.length < 32) {\r\n logger.warn(\"Weak JWT secret detected\", {\r\n adapter: \"jwt\",\r\n operation: \"init\",\r\n secretLength: options.secret.length\r\n });\r\n }\r\n\r\n this.secret = options.secret;\r\n this.expiresIn = options.expiresIn;\r\n this.algorithm = options.algorithm || \"HS256\";\r\n this.issuer = options.issuer;\r\n this.audience = options.audience;\r\n }\r\n\r\n sign(payload: object, options?: SignOptions) {\r\n try {\r\n const jwtOptions: jwt.SignOptions = {\r\n algorithm: this.algorithm,\r\n issuer: options?.issuer || this.issuer,\r\n audience: options?.audience || this.audience,\r\n jwtid: options?.jti || randomUUID(),\r\n subject: options?.subject\r\n };\r\n\r\n if (options?.expiresIn !== undefined) {\r\n jwtOptions.expiresIn = options.expiresIn as any;\r\n } else if (this.expiresIn !== undefined) {\r\n jwtOptions.expiresIn = this.expiresIn as any;\r\n }\r\n\r\n return jwt.sign(payload, this.secret, jwtOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JWT signing failed\", {\r\n adapter: \"jwt\",\r\n operation: \"sign\",\r\n reason: err?.message\r\n });\r\n\r\n throw new AdapterError(\"JWT sign failed\");\r\n }\r\n }\r\n\r\n verify(token: string, options?: { audience?: string | string[] }) {\r\n try {\r\n const verifyOptions: jwt.VerifyOptions = {\r\n algorithms: [this.algorithm],\r\n issuer: this.issuer,\r\n audience: (options?.audience || this.audience) as string\r\n };\r\n\r\n return jwt.verify(token, this.secret, verifyOptions);\r\n\r\n } catch (err: any) {\r\n logger.error(\"JWT verification failed\", {\r\n adapter: \"jwt\",\r\n operation: \"verify\",\r\n reason: err?.message\r\n });\r\n\r\n if (err?.name === \"TokenExpiredError\") {\r\n throw new AdapterError(\"JWT token has expired\");\r\n }\r\n\r\n if (err?.name === \"JsonWebTokenError\") {\r\n throw new AdapterError(\"Invalid JWT token\");\r\n }\r\n\r\n throw new AdapterError(\"JWT verification failed\");\r\n }\r\n }\r\n}\r\n"]}
|
package/dist/core/HiSecure.d.ts
CHANGED
|
@@ -1,33 +1,21 @@
|
|
|
1
1
|
import { HiSecureConfig } from "./types/HiSecureConfig.js";
|
|
2
|
-
import { HashManager } from "../managers/HashManager.js";
|
|
3
|
-
import { RateLimitManager } from "../managers/RateLimitManager.js";
|
|
4
|
-
import { ValidatorManager } from "../managers/ValidatorManager.js";
|
|
5
|
-
import { SanitizerManager } from "../managers/SanitizerManager.js";
|
|
6
|
-
import { JsonManager } from "../managers/JsonManager.js";
|
|
7
|
-
import { CorsManager } from "../managers/CorsManager.js";
|
|
8
|
-
import { AuthManager } from "../managers/AuthManager.js";
|
|
9
2
|
import { SecureOptions, ValidationSchema } from "./types/SecureOptions.js";
|
|
3
|
+
type MiddlewarePreset = "strict" | "api" | "public";
|
|
10
4
|
export declare class HiSecure {
|
|
11
5
|
private static instance;
|
|
12
|
-
private config;
|
|
6
|
+
private readonly config;
|
|
13
7
|
private initialized;
|
|
14
|
-
hashManager
|
|
15
|
-
rateLimitManager
|
|
16
|
-
validatorManager
|
|
17
|
-
sanitizerManager
|
|
18
|
-
jsonManager
|
|
19
|
-
corsManager
|
|
20
|
-
authManager
|
|
21
|
-
private hashingPrimary;
|
|
22
|
-
private hashingFallback;
|
|
23
|
-
private rateLimiterPrimary;
|
|
24
|
-
private rateLimiterFallback;
|
|
25
|
-
private sanitizerPrimary;
|
|
26
|
-
private sanitizerFallback;
|
|
8
|
+
private hashManager;
|
|
9
|
+
private rateLimitManager;
|
|
10
|
+
private validatorManager;
|
|
11
|
+
private sanitizerManager;
|
|
12
|
+
private jsonManager;
|
|
13
|
+
private corsManager;
|
|
14
|
+
private authManager?;
|
|
27
15
|
private constructor();
|
|
28
|
-
static
|
|
29
|
-
static
|
|
30
|
-
|
|
16
|
+
static init(userConfig?: Partial<HiSecureConfig>): HiSecure;
|
|
17
|
+
private static get;
|
|
18
|
+
private bootstrap;
|
|
31
19
|
static auth(options?: {
|
|
32
20
|
required?: boolean;
|
|
33
21
|
roles?: string[];
|
|
@@ -43,17 +31,8 @@ export declare class HiSecure {
|
|
|
43
31
|
static json(options?: any): import("connect").NextHandleFunction[];
|
|
44
32
|
static hash(value: string): Promise<string>;
|
|
45
33
|
static verify(value: string, hash: string): Promise<boolean>;
|
|
46
|
-
static
|
|
47
|
-
|
|
48
|
-
verify: (token: string) => string | import("jsonwebtoken").Jwt | import("jsonwebtoken").JwtPayload;
|
|
49
|
-
google: {
|
|
50
|
-
verifyIdToken: (idToken: string) => Promise<import("../adapters/GoogleAdapter.js").GoogleTokenPayload>;
|
|
51
|
-
};
|
|
52
|
-
};
|
|
53
|
-
static middleware(options?: SecureOptions | "api" | "strict" | "public"): any[];
|
|
54
|
-
private setupAdapters;
|
|
55
|
-
private setupManagers;
|
|
56
|
-
private setupDynamicManagers;
|
|
57
|
-
private createMiddlewareChain;
|
|
34
|
+
static middleware(options?: SecureOptions | MiddlewarePreset): any[];
|
|
35
|
+
private createChain;
|
|
58
36
|
}
|
|
37
|
+
export {};
|
|
59
38
|
//# sourceMappingURL=HiSecure.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAwUA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAiC3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAE3E,KAAK,gBAAgB,GAAG,QAAQ,GAAG,KAAK,GAAG,QAAQ,CAAC;AAEpD,qBAAa,QAAQ;IACnB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAyB;IAEhD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiB;IACxC,OAAO,CAAC,WAAW,CAAS;IAE5B,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAC,CAAc;IAElC,OAAO;IAKP,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,QAAQ;IAU3D,OAAO,CAAC,MAAM,CAAC,GAAG;IAOlB,OAAO,CAAC,SAAS;IAiEjB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE;IAM9D,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAIxC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG;IAI7B,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,KAAK,GAAG,MAAM;IAiB9D,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;kBAtdV,CAAA;;;iBAGY,CAAC;IAud5B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;WAKZ,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAOjD,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5D,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,gBAAgB;IAe5D,OAAO,CAAC,WAAW;CAqBpB"}
|
package/dist/core/HiSecure.js
CHANGED
|
@@ -1,4 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
// import { HiSecureConfig } from "./types/HiSecureConfig.js";
|
|
3
|
+
// import { defaultConfig } from "./config.js";
|
|
4
|
+
// import { LIB_NAME, LIB_VERSION } from "./constants.js";
|
|
5
|
+
// import { deepMerge } from "../utils/deepMerge.js";
|
|
6
|
+
// import { deepFreeze } from "../utils/deepFreeze.js";
|
|
7
|
+
// import { logger } from "../logging";
|
|
2
8
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
9
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
10
|
};
|
|
@@ -32,176 +38,117 @@ const hpp_1 = __importDefault(require("hpp"));
|
|
|
32
38
|
const compression_1 = __importDefault(require("compression"));
|
|
33
39
|
const errorHandler_js_1 = require("../middlewares/errorHandler.js");
|
|
34
40
|
class HiSecure {
|
|
35
|
-
constructor(
|
|
41
|
+
constructor(config) {
|
|
36
42
|
this.initialized = false;
|
|
37
|
-
this.config =
|
|
38
|
-
}
|
|
39
|
-
//
|
|
40
|
-
static
|
|
43
|
+
this.config = config;
|
|
44
|
+
}
|
|
45
|
+
// ===== INIT (ONLY ONCE) =====
|
|
46
|
+
static init(userConfig) {
|
|
47
|
+
if (HiSecure.instance)
|
|
48
|
+
return HiSecure.instance;
|
|
49
|
+
const finalConfig = (0, deepMerge_js_1.deepMerge)(config_js_1.defaultConfig, userConfig ?? {});
|
|
50
|
+
const instance = new HiSecure(finalConfig);
|
|
51
|
+
HiSecure.instance = instance;
|
|
52
|
+
instance.bootstrap();
|
|
53
|
+
return instance;
|
|
54
|
+
}
|
|
55
|
+
static get() {
|
|
41
56
|
if (!HiSecure.instance) {
|
|
42
|
-
|
|
43
|
-
layer: "hisecure-core"
|
|
44
|
-
});
|
|
45
|
-
HiSecure.instance = new HiSecure(config);
|
|
46
|
-
HiSecure.instance.init();
|
|
57
|
+
throw new Error("HiSecure not initialized. Call HiSecure.init() first.");
|
|
47
58
|
}
|
|
48
59
|
return HiSecure.instance;
|
|
49
60
|
}
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
}
|
|
53
|
-
init() {
|
|
54
|
-
if (this.initialized) {
|
|
55
|
-
logging_1.logger.warn("Initialization skipped (already initialized)", {
|
|
56
|
-
layer: "hisecure-core"
|
|
57
|
-
});
|
|
61
|
+
bootstrap() {
|
|
62
|
+
if (this.initialized)
|
|
58
63
|
return;
|
|
59
|
-
}
|
|
60
64
|
logging_1.logger.info("Framework initialization started", {
|
|
61
65
|
layer: "hisecure-core",
|
|
62
66
|
lib: constants_js_1.LIB_NAME,
|
|
63
67
|
version: constants_js_1.LIB_VERSION
|
|
64
68
|
});
|
|
65
|
-
|
|
66
|
-
this.
|
|
67
|
-
|
|
69
|
+
// Core managers
|
|
70
|
+
this.hashManager = new HashManager_js_1.HashManager(this.config.hashing, this.config.hashing.primary === "argon2"
|
|
71
|
+
? new ArgonAdapter_js_1.ArgonAdapter()
|
|
72
|
+
: new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds), this.config.hashing.fallback
|
|
73
|
+
? new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds)
|
|
74
|
+
: null);
|
|
75
|
+
this.rateLimitManager = new RateLimitManager_js_1.RateLimitManager(this.config.rateLimiter, this.config.rateLimiter.useAdaptiveMode
|
|
76
|
+
? new RLFlexibleAdapter_js_1.RLFlexibleAdapter()
|
|
77
|
+
: new ExpressRLAdapter_js_1.ExpressRLAdapter(), new ExpressRLAdapter_js_1.ExpressRLAdapter());
|
|
78
|
+
this.validatorManager = new ValidatorManager_js_1.ValidatorManager(new ZodAdapter_js_1.ZodAdapter(), new ExpressValidatorAdapter_js_1.ExpressValidatorAdapter());
|
|
79
|
+
this.sanitizerManager = new SanitizerManager_js_1.SanitizerManager(new SanitizeHtmlAdapter_js_1.SanitizeHtmlAdapter(this.config.sanitizer), new XSSAdapter_js_1.XSSAdapter(this.config.sanitizer));
|
|
80
|
+
this.jsonManager = new JsonManager_js_1.JsonManager();
|
|
81
|
+
this.corsManager = new CorsManager_js_1.CorsManager();
|
|
82
|
+
// Auth (optional)
|
|
83
|
+
if (this.config.auth?.enabled) {
|
|
84
|
+
this.authManager = new AuthManager_js_1.AuthManager({
|
|
85
|
+
jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret,
|
|
86
|
+
jwtExpiresIn: this.config.auth.jwtExpiresIn,
|
|
87
|
+
googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId
|
|
88
|
+
});
|
|
89
|
+
logging_1.logger.info("Authentication enabled", { layer: "hisecure-core" });
|
|
90
|
+
}
|
|
91
|
+
else {
|
|
92
|
+
logging_1.logger.info("Authentication disabled", { layer: "hisecure-core" });
|
|
93
|
+
}
|
|
68
94
|
(0, deepFreeze_js_1.deepFreeze)(this.config);
|
|
69
95
|
this.initialized = true;
|
|
70
96
|
logging_1.logger.info("Framework initialized successfully", {
|
|
71
97
|
layer: "hisecure-core"
|
|
72
98
|
});
|
|
73
99
|
}
|
|
74
|
-
//
|
|
100
|
+
// ===== PUBLIC STATIC API =====
|
|
75
101
|
static auth(options) {
|
|
76
|
-
const
|
|
77
|
-
if (!
|
|
78
|
-
throw new Error("Auth not enabled
|
|
79
|
-
|
|
80
|
-
return instance.authManager.protect(options);
|
|
102
|
+
const i = HiSecure.get();
|
|
103
|
+
if (!i.authManager)
|
|
104
|
+
throw new Error("Auth not enabled");
|
|
105
|
+
return i.authManager.protect(options);
|
|
81
106
|
}
|
|
82
107
|
static validate(schema) {
|
|
83
|
-
return
|
|
108
|
+
return HiSecure.get().validatorManager.validate(schema);
|
|
84
109
|
}
|
|
85
110
|
static sanitize(options) {
|
|
86
|
-
return
|
|
111
|
+
return HiSecure.get().sanitizerManager.middleware(options);
|
|
87
112
|
}
|
|
88
113
|
static rateLimit(preset) {
|
|
89
|
-
const
|
|
114
|
+
const i = HiSecure.get();
|
|
90
115
|
if (typeof preset === "string") {
|
|
91
|
-
logging_1.logger.info("Rate limit preset applied", {
|
|
92
|
-
layer: "hisecure-core",
|
|
93
|
-
preset
|
|
94
|
-
});
|
|
95
116
|
const presets = {
|
|
96
117
|
strict: { mode: "strict" },
|
|
97
118
|
relaxed: { mode: "relaxed" },
|
|
98
119
|
api: { mode: "api" }
|
|
99
120
|
};
|
|
100
|
-
return
|
|
121
|
+
return i.rateLimitManager.middleware(presets[preset]);
|
|
101
122
|
}
|
|
102
|
-
return
|
|
123
|
+
return i.rateLimitManager.middleware({ options: preset });
|
|
103
124
|
}
|
|
104
125
|
static cors(options) {
|
|
105
|
-
return
|
|
126
|
+
return HiSecure.get().corsManager.middleware(options);
|
|
106
127
|
}
|
|
107
128
|
static json(options) {
|
|
108
|
-
const
|
|
109
|
-
return [
|
|
110
|
-
instance.jsonManager.middleware(options),
|
|
111
|
-
instance.jsonManager.urlencoded()
|
|
112
|
-
];
|
|
129
|
+
const i = HiSecure.get();
|
|
130
|
+
return [i.jsonManager.middleware(options), i.jsonManager.urlencoded()];
|
|
113
131
|
}
|
|
114
|
-
// Utilities
|
|
115
132
|
static async hash(value) {
|
|
116
|
-
const
|
|
117
|
-
|
|
118
|
-
return result.hash;
|
|
119
|
-
}
|
|
120
|
-
static async verify(value, hash) {
|
|
121
|
-
return this.getInstance().hashManager.verify(value, hash);
|
|
122
|
-
}
|
|
123
|
-
// Global Middleware - globalLevel
|
|
124
|
-
static middleware(options) {
|
|
125
|
-
const instance = this.getInstance();
|
|
126
|
-
if (typeof options === "string") {
|
|
127
|
-
logging_1.logger.info("Global middleware preset applied", {
|
|
128
|
-
layer: "hisecure-core",
|
|
129
|
-
preset: options
|
|
130
|
-
});
|
|
131
|
-
const presets = {
|
|
132
|
-
api: { cors: true, rateLimit: "relaxed", sanitize: true },
|
|
133
|
-
strict: { cors: true, rateLimit: "strict", sanitize: true, auth: true },
|
|
134
|
-
public: { cors: true, rateLimit: true, sanitize: false }
|
|
135
|
-
};
|
|
136
|
-
return instance.createMiddlewareChain(presets[options] || {});
|
|
137
|
-
}
|
|
138
|
-
return instance.createMiddlewareChain(options || {});
|
|
139
|
-
}
|
|
140
|
-
// Internal Setup
|
|
141
|
-
setupAdapters() {
|
|
142
|
-
logging_1.logger.info("Adapters setup started", {
|
|
143
|
-
layer: "hisecure-core"
|
|
144
|
-
});
|
|
145
|
-
this.hashingPrimary =
|
|
146
|
-
this.config.hashing.primary === "argon2"
|
|
147
|
-
? new ArgonAdapter_js_1.ArgonAdapter()
|
|
148
|
-
: new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds);
|
|
149
|
-
this.hashingFallback =
|
|
150
|
-
this.config.hashing.fallback === "bcrypt"
|
|
151
|
-
? new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds)
|
|
152
|
-
: null;
|
|
153
|
-
logging_1.logger.info("Hashing adapters configured", {
|
|
154
|
-
layer: "hisecure-core",
|
|
155
|
-
primary: this.config.hashing.primary,
|
|
156
|
-
fallback: this.config.hashing.fallback ?? null
|
|
157
|
-
});
|
|
158
|
-
this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode
|
|
159
|
-
? new RLFlexibleAdapter_js_1.RLFlexibleAdapter()
|
|
160
|
-
: new ExpressRLAdapter_js_1.ExpressRLAdapter();
|
|
161
|
-
this.rateLimiterFallback = new ExpressRLAdapter_js_1.ExpressRLAdapter();
|
|
162
|
-
logging_1.logger.info("Rate limiter adapters configured", {
|
|
163
|
-
layer: "hisecure-core",
|
|
164
|
-
adaptive: this.config.rateLimiter.useAdaptiveMode
|
|
165
|
-
});
|
|
166
|
-
this.sanitizerPrimary = new SanitizeHtmlAdapter_js_1.SanitizeHtmlAdapter(this.config.sanitizer);
|
|
167
|
-
this.sanitizerFallback = new XSSAdapter_js_1.XSSAdapter(this.config.sanitizer);
|
|
168
|
-
logging_1.logger.info("Sanitizer adapters configured", {
|
|
169
|
-
layer: "hisecure-core",
|
|
170
|
-
primary: "sanitize-html",
|
|
171
|
-
fallback: "xss"
|
|
133
|
+
const { hash } = await HiSecure.get().hashManager.hash(value, {
|
|
134
|
+
allowFallback: true
|
|
172
135
|
});
|
|
136
|
+
return hash;
|
|
173
137
|
}
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
this.rateLimitManager = new RateLimitManager_js_1.RateLimitManager(this.config.rateLimiter, this.rateLimiterPrimary, this.rateLimiterFallback);
|
|
177
|
-
this.validatorManager = new ValidatorManager_js_1.ValidatorManager(new ZodAdapter_js_1.ZodAdapter(), new ExpressValidatorAdapter_js_1.ExpressValidatorAdapter());
|
|
178
|
-
this.sanitizerManager = new SanitizerManager_js_1.SanitizerManager(this.sanitizerPrimary, this.sanitizerFallback);
|
|
179
|
-
logging_1.logger.info("Core managers initialized", {
|
|
180
|
-
layer: "hisecure-core",
|
|
181
|
-
managers: ["hash", "rate-limit", "validator", "sanitizer"]
|
|
182
|
-
});
|
|
138
|
+
static verify(value, hash) {
|
|
139
|
+
return HiSecure.get().hashManager.verify(value, hash);
|
|
183
140
|
}
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
google: !!this.config.auth.googleClientId
|
|
196
|
-
});
|
|
197
|
-
}
|
|
198
|
-
else {
|
|
199
|
-
logging_1.logger.info("Authentication disabled", {
|
|
200
|
-
layer: "hisecure-core"
|
|
201
|
-
});
|
|
202
|
-
}
|
|
203
|
-
}
|
|
204
|
-
createMiddlewareChain(options) {
|
|
141
|
+
static middleware(options) {
|
|
142
|
+
const i = HiSecure.get();
|
|
143
|
+
const presets = {
|
|
144
|
+
strict: { cors: true, rateLimit: "strict", sanitize: true, auth: true },
|
|
145
|
+
api: { cors: true, rateLimit: "relaxed", sanitize: true },
|
|
146
|
+
public: { cors: true, rateLimit: true }
|
|
147
|
+
};
|
|
148
|
+
const finalOptions = typeof options === "string" ? presets[options] : options ?? {};
|
|
149
|
+
return i.createChain(finalOptions);
|
|
150
|
+
}
|
|
151
|
+
createChain(options) {
|
|
205
152
|
const chain = [];
|
|
206
153
|
chain.push(this.jsonManager.middleware(this.config.json));
|
|
207
154
|
chain.push(this.jsonManager.urlencoded(this.config.urlencoded));
|
|
@@ -212,7 +159,7 @@ class HiSecure {
|
|
|
212
159
|
if (this.config.enableCompression)
|
|
213
160
|
chain.push((0, compression_1.default)(this.config.compression));
|
|
214
161
|
if (options.cors)
|
|
215
|
-
chain.push(this.corsManager.middleware(
|
|
162
|
+
chain.push(this.corsManager.middleware());
|
|
216
163
|
if (options.sanitize)
|
|
217
164
|
chain.push(this.sanitizerManager.middleware());
|
|
218
165
|
if (options.rateLimit)
|
|
@@ -225,11 +172,4 @@ class HiSecure {
|
|
|
225
172
|
}
|
|
226
173
|
exports.HiSecure = HiSecure;
|
|
227
174
|
HiSecure.instance = null;
|
|
228
|
-
HiSecure.jwt = {
|
|
229
|
-
sign: (payload, options) => HiSecure.getInstance().authManager.sign(payload, options),
|
|
230
|
-
verify: (token) => HiSecure.getInstance().authManager.verify(token),
|
|
231
|
-
google: {
|
|
232
|
-
verifyIdToken: (idToken) => HiSecure.getInstance().authManager.verifyGoogleIdToken(idToken)
|
|
233
|
-
}
|
|
234
|
-
};
|
|
235
175
|
//# sourceMappingURL=HiSecure.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";;;;;;AACA,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,wCAAoC;AAEpC,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAK9D,MAAa,QAAQ;IAsBjB,YAAoB,aAAsC,EAAE;QAnBpD,gBAAW,GAAG,KAAK,CAAC;QAoBxB,IAAI,CAAC,MAAM,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,CAAC,CAAC;IACvD,CAAC;IAED,mBAAmB;IAEnB,MAAM,CAAC,WAAW,CAAC,MAAgC;QAC/C,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACrB,gBAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACvC,KAAK,EAAE,eAAe;aACzB,CAAC,CAAC;YACH,QAAQ,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC7B,CAAC;IAED,MAAM,CAAC,aAAa;QAChB,QAAQ,CAAC,QAAQ,GAAG,IAAI,CAAC;IAC7B,CAAC;IAED,IAAI;QACA,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACnB,gBAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;gBACxD,KAAK,EAAE,eAAe;aACzB,CAAC,CAAC;YACH,OAAO;QACX,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;YAC5C,KAAK,EAAE,eAAe;YACtB,GAAG,EAAE,uBAAQ;YACb,OAAO,EAAE,0BAAW;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAE5B,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,gBAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YAC9C,KAAK,EAAE,eAAe;SACzB,CAAC,CAAC;IACP,CAAC;IAED,oBAAoB;IACpB,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACpC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QACzB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAEpC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,gBAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;gBACrC,KAAK,EAAE,eAAe;gBACtB,MAAM;aACT,CAAC,CAAC;YAEH,MAAM,OAAO,GAAQ;gBACjB,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;aACvB,CAAC;YACF,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,OAAO;YACH,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC;YACxC,QAAQ,CAAC,WAAW,CAAC,UAAU,EAAE;SACpC,CAAC;IACN,CAAC;IAED,YAAY;IAEZ,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAa;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/E,OAAO,MAAM,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAa,EAAE,IAAY;QAC3C,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAC9D,CAAC;IAeD,kCAAkC;IAClC,MAAM,CAAC,UAAU,CAAC,OAAqD;QACnE,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAEpC,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC9B,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;gBAC5C,KAAK,EAAE,eAAe;gBACtB,MAAM,EAAE,OAAO;aAClB,CAAC,CAAC;YAEH,MAAM,OAAO,GAAQ;gBACjB,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE;gBACzD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;gBACvE,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE;aAC3D,CAAC;YAEF,OAAO,QAAQ,CAAC,qBAAqB,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,QAAQ,CAAC,qBAAqB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,iBAAiB;IAET,aAAa;QACjB,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;YAClC,KAAK,EAAE,eAAe;SACzB,CAAC,CAAC;QAEH,IAAI,CAAC,cAAc;YACf,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;gBACpC,CAAC,CAAC,IAAI,8BAAY,EAAE;gBACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE5D,IAAI,CAAC,eAAe;YAChB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ;gBACrC,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;gBACnD,CAAC,CAAC,IAAI,CAAC;QAEf,gBAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;YACvC,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO;YACpC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,IAAI,IAAI;SACjD,CAAC,CAAC;QAEH,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YAC7D,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,CAAC;QAE7B,IAAI,CAAC,mBAAmB,GAAG,IAAI,sCAAgB,EAAE,CAAC;QAElD,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;YAC5C,KAAK,EAAE,eAAe;YACtB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;SACpD,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,GAAG,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACvE,IAAI,CAAC,iBAAiB,GAAG,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE/D,gBAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;YACzC,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,eAAe;YACxB,QAAQ,EAAE,KAAK;SAClB,CAAC,CAAC;IACP,CAAC;IAEO,aAAa;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAC9B,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,eAAe,CACvB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,mBAAmB,CAC3B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAChC,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,iBAAiB,CACzB,CAAC;QAEF,gBAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;YACrC,KAAK,EAAE,eAAe;YACtB,QAAQ,EAAE,CAAC,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,WAAW,CAAC;SAC7D,CAAC,CAAC;IACP,CAAC;IAEO,oBAAoB;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3B,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBAC/B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAU;gBAChE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EACV,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aACtE,CAAC,CAAC;YAEH,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBAClC,KAAK,EAAE,eAAe;gBACtB,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAC5C,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACJ,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBACnC,KAAK,EAAE,eAAe;aACzB,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAEO,qBAAqB,CAAC,OAAsB;QAChD,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAE7C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAC7B,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QAErD,IAAI,OAAO,CAAC,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC5E,IAAI,OAAO,CAAC,QAAQ;YAChB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC;QAEnD,IAAI,OAAO,CAAC,SAAS;YACjB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QAErD,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW;YAChC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;QAE3C,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QACzB,OAAO,KAAK,CAAC;IACjB,CAAC;;AA7RL,4BA8RC;AA7RkB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB;AAiIzC,YAAG,GAAG;IACT,IAAI,EAAE,CAAC,OAAe,EAAE,OAAa,EAAE,EAAE,CACrC,QAAQ,CAAC,WAAW,EAAE,CAAC,WAAY,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC;IAE9D,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CACtB,QAAQ,CAAC,WAAW,EAAE,CAAC,WAAY,CAAC,MAAM,CAAC,KAAK,CAAC;IAErD,MAAM,EAAE;QACJ,aAAa,EAAE,CAAC,OAAe,EAAE,EAAE,CAC/B,QAAQ,CAAC,WAAW,EAAE,CAAC,WAAY,CAAC,mBAAmB,CAAC,OAAO,CAAC;KACvE;CACJ,AAXS,CAWR","sourcesContent":["import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n private config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n // Managers\r\n public hashManager!: HashManager;\r\n public rateLimitManager!: RateLimitManager;\r\n public validatorManager!: ValidatorManager;\r\n public sanitizerManager!: SanitizerManager;\r\n public jsonManager!: JsonManager;\r\n public corsManager!: CorsManager;\r\n public authManager?: AuthManager;\r\n\r\n // Internal adapters\r\n private hashingPrimary: any;\r\n private hashingFallback: any;\r\n private rateLimiterPrimary: any;\r\n private rateLimiterFallback: any;\r\n private sanitizerPrimary: any;\r\n private sanitizerFallback: any;\r\n\r\n private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n this.config = deepMerge(defaultConfig, userConfig);\r\n }\r\n\r\n // Singleton & Init\r\n\r\n static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n if (!HiSecure.instance) {\r\n logger.info(\"Creating HiSecure singleton\", {\r\n layer: \"hisecure-core\"\r\n });\r\n HiSecure.instance = new HiSecure(config);\r\n HiSecure.instance.init();\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n static resetInstance(): void {\r\n HiSecure.instance = null;\r\n }\r\n\r\n init(): void {\r\n if (this.initialized) {\r\n logger.warn(\"Initialization skipped (already initialized)\", {\r\n layer: \"hisecure-core\"\r\n });\r\n return;\r\n }\r\n\r\n logger.info(\"Framework initialization started\", {\r\n layer: \"hisecure-core\",\r\n lib: LIB_NAME,\r\n version: LIB_VERSION\r\n });\r\n\r\n this.setupAdapters();\r\n this.setupManagers();\r\n this.setupDynamicManagers();\r\n\r\n deepFreeze(this.config);\r\n this.initialized = true;\r\n\r\n logger.info(\"Framework initialized successfully\", {\r\n layer: \"hisecure-core\"\r\n });\r\n }\r\n\r\n // Public Fluent API\r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n const instance = this.getInstance();\r\n if (!instance.authManager) {\r\n throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n }\r\n return instance.authManager.protect(options);\r\n }\r\n\r\n static validate(schema: ValidationSchema) {\r\n return this.getInstance().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return this.getInstance().sanitizerManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const instance = this.getInstance();\r\n\r\n if (typeof preset === \"string\") {\r\n logger.info(\"Rate limit preset applied\", {\r\n layer: \"hisecure-core\",\r\n preset\r\n });\r\n\r\n const presets: any = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\" }\r\n };\r\n return instance.rateLimitManager.middleware(presets[preset]);\r\n }\r\n\r\n return instance.rateLimitManager.middleware({ options: preset });\r\n }\r\n\r\n static cors(options?: any) {\r\n return this.getInstance().corsManager.middleware(options);\r\n }\r\n\r\n static json(options?: any) {\r\n const instance = this.getInstance();\r\n return [\r\n instance.jsonManager.middleware(options),\r\n instance.jsonManager.urlencoded()\r\n ];\r\n }\r\n\r\n // Utilities\r\n\r\n static async hash(value: string): Promise<string> {\r\n const instance = this.getInstance();\r\n const result = await instance.hashManager.hash(value, { allowFallback: true });\r\n return result.hash;\r\n }\r\n\r\n static async verify(value: string, hash: string): Promise<boolean> {\r\n return this.getInstance().hashManager.verify(value, hash);\r\n }\r\n\r\n static jwt = {\r\n sign: (payload: object, options?: any) =>\r\n HiSecure.getInstance().authManager!.sign(payload, options),\r\n\r\n verify: (token: string) =>\r\n HiSecure.getInstance().authManager!.verify(token),\r\n\r\n google: {\r\n verifyIdToken: (idToken: string) =>\r\n HiSecure.getInstance().authManager!.verifyGoogleIdToken(idToken)\r\n }\r\n };\r\n\r\n // Global Middleware - globalLevel\r\n static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n const instance = this.getInstance();\r\n\r\n if (typeof options === \"string\") {\r\n logger.info(\"Global middleware preset applied\", {\r\n layer: \"hisecure-core\",\r\n preset: options\r\n });\r\n\r\n const presets: any = {\r\n api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n public: { cors: true, rateLimit: true, sanitize: false }\r\n };\r\n\r\n return instance.createMiddlewareChain(presets[options] || {});\r\n }\r\n\r\n return instance.createMiddlewareChain(options || {});\r\n }\r\n\r\n // Internal Setup\r\n\r\n private setupAdapters() {\r\n logger.info(\"Adapters setup started\", {\r\n layer: \"hisecure-core\"\r\n });\r\n\r\n this.hashingPrimary =\r\n this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n this.hashingFallback =\r\n this.config.hashing.fallback === \"bcrypt\"\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null;\r\n\r\n logger.info(\"Hashing adapters configured\", {\r\n layer: \"hisecure-core\",\r\n primary: this.config.hashing.primary,\r\n fallback: this.config.hashing.fallback ?? null\r\n });\r\n\r\n this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter();\r\n\r\n this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n logger.info(\"Rate limiter adapters configured\", {\r\n layer: \"hisecure-core\",\r\n adaptive: this.config.rateLimiter.useAdaptiveMode\r\n });\r\n\r\n this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n logger.info(\"Sanitizer adapters configured\", {\r\n layer: \"hisecure-core\",\r\n primary: \"sanitize-html\",\r\n fallback: \"xss\"\r\n });\r\n }\r\n\r\n private setupManagers() {\r\n this.hashManager = new HashManager(\r\n this.config.hashing,\r\n this.hashingPrimary,\r\n this.hashingFallback\r\n );\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.rateLimiterPrimary,\r\n this.rateLimiterFallback\r\n );\r\n\r\n this.validatorManager = new ValidatorManager(\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n this.sanitizerPrimary,\r\n this.sanitizerFallback\r\n );\r\n\r\n logger.info(\"Core managers initialized\", {\r\n layer: \"hisecure-core\",\r\n managers: [\"hash\", \"rate-limit\", \"validator\", \"sanitizer\"]\r\n });\r\n }\r\n\r\n private setupDynamicManagers() {\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n if (this.config.auth.enabled) {\r\n this.authManager = new AuthManager({\r\n jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId:\r\n process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n });\r\n\r\n logger.info(\"Authentication enabled\", {\r\n layer: \"hisecure-core\",\r\n google: !!this.config.auth.googleClientId\r\n });\r\n } else {\r\n logger.info(\"Authentication disabled\", {\r\n layer: \"hisecure-core\"\r\n });\r\n }\r\n }\r\n\r\n private createMiddlewareChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n\r\n if (this.config.enableCompression)\r\n chain.push(compression(this.config.compression));\r\n\r\n if (options.cors) chain.push(this.corsManager.middleware(this.config.cors));\r\n if (options.sanitize)\r\n chain.push(this.sanitizerManager.middleware());\r\n\r\n if (options.rateLimit)\r\n chain.push(this.rateLimitManager.middleware({}));\r\n\r\n if (options.auth && this.authManager)\r\n chain.push(this.authManager.protect());\r\n\r\n chain.push(errorHandler);\r\n return chain;\r\n }\r\n}"]}
|
|
1
|
+
{"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";AAAA,8DAA8D;AAC9D,+CAA+C;AAC/C,0DAA0D;AAC1D,qDAAqD;AACrD,uDAAuD;AACvD,uCAAuC;;;;;;AAoUvC,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,wCAAoC;AAEpC,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAO9D,MAAa,QAAQ;IAcnB,YAAoB,MAAsB;QAVlC,gBAAW,GAAG,KAAK,CAAC;QAW1B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,+BAA+B;IAC/B,MAAM,CAAC,IAAI,CAAC,UAAoC;QAC9C,IAAI,QAAQ,CAAC,QAAQ;YAAE,OAAO,QAAQ,CAAC,QAAQ,CAAC;QAEhD,MAAM,WAAW,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC;QAC/D,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC3C,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,SAAS,EAAE,CAAC;QACrB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,MAAM,CAAC,GAAG;QAChB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC3B,CAAC;IAEO,SAAS;QACf,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;YAC9C,KAAK,EAAE,eAAe;YACtB,GAAG,EAAE,uBAAQ;YACb,OAAO,EAAE,0BAAW;SACrB,CAAC,CAAC;QAEH,gBAAgB;QAChB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAChC,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;YACtC,CAAC,CAAC,IAAI,8BAAY,EAAE;YACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EACrD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,IAAI,CACT,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YACrC,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,EAC1B,IAAI,sCAAgB,EAAE,CACvB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAC9B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAC9C,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CACtC,CAAC;QAEF,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBACjC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAU;gBAChE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EACZ,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAClE,CAAC,CAAC;YAEH,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,gBAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YAChD,KAAK,EAAE,eAAe;SACvB,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAEhC,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACtC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QAC3B,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC9D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;aACZ,CAAC;YAEX,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACxD,CAAC;QAED,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAGC,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAa;QAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE;YAC5D,aAAa,EAAE,IAAI;SACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,KAAa,EAAE,IAAY;QACvC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAA0C;QAC1D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,OAAO,GAA4C;YACvD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;YACvE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE;YACzD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE;SACxC,CAAC;QAEF,MAAM,YAAY,GAChB,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC;QAEjE,OAAO,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IACrC,CAAC;IAEO,WAAW,CAAC,OAAsB;QACxC,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAC/B,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QAEnD,IAAI,OAAO,CAAC,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5D,IAAI,OAAO,CAAC,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,IAAI,OAAO,CAAC,SAAS;YACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW;YAClC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;QAEzC,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;;AA3LH,4BA4LC;AA3LgB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB","sourcesContent":["// import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// import { defaultConfig } from \"./config.js\";\r\n// import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// import { deepMerge } from \"../utils/deepMerge.js\";\r\n// import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n// import { logger } from \"../logging\";\r\n\r\n// // Adapters\r\n// import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// import { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// // Managers\r\n// import { HashManager } from \"../managers/HashManager.js\";\r\n// import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// import { JsonManager } from \"../managers/JsonManager.js\";\r\n// import { CorsManager } from \"../managers/CorsManager.js\";\r\n// import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // Middlewares\r\n// import helmet from \"helmet\";\r\n// import hpp from \"hpp\";\r\n// import compression from \"compression\";\r\n// import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // Types\r\n// import { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\n// export class HiSecure {\r\n// private static instance: HiSecure | null = null;\r\n// private config: HiSecureConfig;\r\n// private initialized = false;\r\n\r\n// // Managers\r\n// public hashManager!: HashManager;\r\n// public rateLimitManager!: RateLimitManager;\r\n// public validatorManager!: ValidatorManager;\r\n// public sanitizerManager!: SanitizerManager;\r\n// public jsonManager!: JsonManager;\r\n// public corsManager!: CorsManager;\r\n// public authManager?: AuthManager;\r\n\r\n// // Internal adapters\r\n// private hashingPrimary: any;\r\n// private hashingFallback: any;\r\n// private rateLimiterPrimary: any;\r\n// private rateLimiterFallback: any;\r\n// private sanitizerPrimary: any;\r\n// private sanitizerFallback: any;\r\n\r\n// private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// this.config = deepMerge(defaultConfig, userConfig);\r\n// }\r\n\r\n// // Singleton & Init\r\n\r\n// static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n// if (!HiSecure.instance) {\r\n// logger.info(\"Creating HiSecure singleton\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// HiSecure.instance = new HiSecure(config);\r\n// HiSecure.instance.init();\r\n// }\r\n// return HiSecure.instance;\r\n// }\r\n\r\n// static resetInstance(): void {\r\n// HiSecure.instance = null;\r\n// }\r\n\r\n// init(): void {\r\n// if (this.initialized) {\r\n// logger.warn(\"Initialization skipped (already initialized)\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// return;\r\n// }\r\n\r\n// logger.info(\"Framework initialization started\", {\r\n// layer: \"hisecure-core\",\r\n// lib: LIB_NAME,\r\n// version: LIB_VERSION\r\n// });\r\n\r\n// this.setupAdapters();\r\n// this.setupManagers();\r\n// this.setupDynamicManagers();\r\n\r\n// deepFreeze(this.config);\r\n// this.initialized = true;\r\n\r\n// logger.info(\"Framework initialized successfully\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n\r\n// // Public Fluent API\r\n// static auth(options?: { required?: boolean; roles?: string[] }) {\r\n// const instance = this.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n// }\r\n// return instance.authManager.protect(options);\r\n// }\r\n\r\n// static validate(schema: ValidationSchema) {\r\n// return this.getInstance().validatorManager.validate(schema);\r\n// }\r\n\r\n// static sanitize(options?: any) {\r\n// return this.getInstance().sanitizerManager.middleware(options);\r\n// }\r\n\r\n// static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof preset === \"string\") {\r\n// logger.info(\"Rate limit preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset\r\n// });\r\n\r\n// const presets: any = {\r\n// strict: { mode: \"strict\" },\r\n// relaxed: { mode: \"relaxed\" },\r\n// api: { mode: \"api\" }\r\n// };\r\n// return instance.rateLimitManager.middleware(presets[preset]);\r\n// }\r\n\r\n// return instance.rateLimitManager.middleware({ options: preset });\r\n// }\r\n\r\n// static cors(options?: any) {\r\n// return this.getInstance().corsManager.middleware(options);\r\n// }\r\n\r\n// static json(options?: any) {\r\n// const instance = this.getInstance();\r\n// return [\r\n// instance.jsonManager.middleware(options),\r\n// instance.jsonManager.urlencoded()\r\n// ];\r\n// }\r\n\r\n// // Utilities\r\n\r\n// static async hash(value: string): Promise<string> {\r\n// const instance = this.getInstance();\r\n// const result = await instance.hashManager.hash(value, { allowFallback: true });\r\n// return result.hash;\r\n// }\r\n\r\n// static async verify(value: string, hash: string): Promise<boolean> {\r\n// return this.getInstance().hashManager.verify(value, hash);\r\n// }\r\n\r\n// static jwt = {\r\n// sign: (payload: object, options?: any) =>\r\n// HiSecure.getInstance().authManager!.sign(payload, options),\r\n\r\n// verify: (token: string) =>\r\n// HiSecure.getInstance().authManager!.verify(token),\r\n\r\n// google: {\r\n// verifyIdToken: (idToken: string) =>\r\n// HiSecure.getInstance().authManager!.verifyGoogleIdToken(idToken)\r\n// }\r\n// };\r\n\r\n// // Global Middleware - globalLevel\r\n// static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof options === \"string\") {\r\n// logger.info(\"Global middleware preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset: options\r\n// });\r\n\r\n// const presets: any = {\r\n// api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n// strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n// public: { cors: true, rateLimit: true, sanitize: false }\r\n// };\r\n\r\n// return instance.createMiddlewareChain(presets[options] || {});\r\n// }\r\n\r\n// return instance.createMiddlewareChain(options || {});\r\n// }\r\n\r\n// // Internal Setup\r\n\r\n// private setupAdapters() {\r\n// logger.info(\"Adapters setup started\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n\r\n// this.hashingPrimary =\r\n// this.config.hashing.primary === \"argon2\"\r\n// ? new ArgonAdapter()\r\n// : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// this.hashingFallback =\r\n// this.config.hashing.fallback === \"bcrypt\"\r\n// ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// : null;\r\n\r\n// logger.info(\"Hashing adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: this.config.hashing.primary,\r\n// fallback: this.config.hashing.fallback ?? null\r\n// });\r\n\r\n// this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n// ? new RLFlexibleAdapter()\r\n// : new ExpressRLAdapter();\r\n\r\n// this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// logger.info(\"Rate limiter adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// adaptive: this.config.rateLimiter.useAdaptiveMode\r\n// });\r\n\r\n// this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n// logger.info(\"Sanitizer adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: \"sanitize-html\",\r\n// fallback: \"xss\"\r\n// });\r\n// }\r\n\r\n// private setupManagers() {\r\n// this.hashManager = new HashManager(\r\n// this.config.hashing,\r\n// this.hashingPrimary,\r\n// this.hashingFallback\r\n// );\r\n\r\n// this.rateLimitManager = new RateLimitManager(\r\n// this.config.rateLimiter,\r\n// this.rateLimiterPrimary,\r\n// this.rateLimiterFallback\r\n// );\r\n\r\n// this.validatorManager = new ValidatorManager(\r\n// new ZodAdapter(),\r\n// new ExpressValidatorAdapter()\r\n// );\r\n\r\n// this.sanitizerManager = new SanitizerManager(\r\n// this.sanitizerPrimary,\r\n// this.sanitizerFallback\r\n// );\r\n\r\n// logger.info(\"Core managers initialized\", {\r\n// layer: \"hisecure-core\",\r\n// managers: [\"hash\", \"rate-limit\", \"validator\", \"sanitizer\"]\r\n// });\r\n// }\r\n\r\n// private setupDynamicManagers() {\r\n// this.jsonManager = new JsonManager();\r\n// this.corsManager = new CorsManager();\r\n\r\n// if (this.config.auth.enabled) {\r\n// this.authManager = new AuthManager({\r\n// jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n// jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// googleClientId:\r\n// process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n// });\r\n\r\n// logger.info(\"Authentication enabled\", {\r\n// layer: \"hisecure-core\",\r\n// google: !!this.config.auth.googleClientId\r\n// });\r\n// } else {\r\n// logger.info(\"Authentication disabled\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n// }\r\n\r\n// private createMiddlewareChain(options: SecureOptions): any[] {\r\n// const chain: any[] = [];\r\n\r\n// chain.push(this.jsonManager.middleware(this.config.json));\r\n// chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n// if (this.config.enableHelmet) chain.push(helmet());\r\n// if (this.config.enableHPP) chain.push(hpp());\r\n\r\n// if (this.config.enableCompression)\r\n// chain.push(compression(this.config.compression));\r\n\r\n// if (options.cors) chain.push(this.corsManager.middleware(this.config.cors));\r\n// if (options.sanitize)\r\n// chain.push(this.sanitizerManager.middleware());\r\n\r\n// if (options.rateLimit)\r\n// chain.push(this.rateLimitManager.middleware({}));\r\n\r\n// if (options.auth && this.authManager)\r\n// chain.push(this.authManager.protect());\r\n\r\n// chain.push(errorHandler);\r\n// return chain;\r\n// }\r\n// }\r\n\r\n\r\n\r\n\r\n\r\n\r\nimport { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\ntype MiddlewarePreset = \"strict\" | \"api\" | \"public\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n\r\n private readonly config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n private hashManager!: HashManager;\r\n private rateLimitManager!: RateLimitManager;\r\n private validatorManager!: ValidatorManager;\r\n private sanitizerManager!: SanitizerManager;\r\n private jsonManager!: JsonManager;\r\n private corsManager!: CorsManager;\r\n private authManager?: AuthManager;\r\n\r\n private constructor(config: HiSecureConfig) {\r\n this.config = config;\r\n }\r\n\r\n // ===== INIT (ONLY ONCE) =====\r\n static init(userConfig?: Partial<HiSecureConfig>): HiSecure {\r\n if (HiSecure.instance) return HiSecure.instance;\r\n\r\n const finalConfig = deepMerge(defaultConfig, userConfig ?? {});\r\n const instance = new HiSecure(finalConfig);\r\n HiSecure.instance = instance;\r\n instance.bootstrap();\r\n return instance;\r\n }\r\n\r\n private static get(): HiSecure {\r\n if (!HiSecure.instance) {\r\n throw new Error(\"HiSecure not initialized. Call HiSecure.init() first.\");\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n private bootstrap(): void {\r\n if (this.initialized) return;\r\n\r\n logger.info(\"Framework initialization started\", {\r\n layer: \"hisecure-core\",\r\n lib: LIB_NAME,\r\n version: LIB_VERSION\r\n });\r\n\r\n // Core managers\r\n this.hashManager = new HashManager(\r\n this.config.hashing,\r\n this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds),\r\n this.config.hashing.fallback\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null\r\n );\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter(),\r\n new ExpressRLAdapter()\r\n );\r\n\r\n this.validatorManager = new ValidatorManager(\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n new SanitizeHtmlAdapter(this.config.sanitizer),\r\n new XSSAdapter(this.config.sanitizer)\r\n );\r\n\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n // Auth (optional)\r\n if (this.config.auth?.enabled) {\r\n this.authManager = new AuthManager({\r\n jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId:\r\n process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n });\r\n\r\n logger.info(\"Authentication enabled\", { layer: \"hisecure-core\" });\r\n } else {\r\n logger.info(\"Authentication disabled\", { layer: \"hisecure-core\" });\r\n }\r\n\r\n deepFreeze(this.config);\r\n this.initialized = true;\r\n\r\n logger.info(\"Framework initialized successfully\", {\r\n layer: \"hisecure-core\"\r\n });\r\n }\r\n\r\n // ===== PUBLIC STATIC API =====\r\n\r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n const i = HiSecure.get();\r\n if (!i.authManager) throw new Error(\"Auth not enabled\");\r\n return i.authManager.protect(options);\r\n }\r\n\r\n static validate(schema: ValidationSchema) {\r\n return HiSecure.get().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return HiSecure.get().sanitizerManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const i = HiSecure.get();\r\n\r\n if (typeof preset === \"string\") {\r\n const presets = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\" }\r\n } as const;\r\n\r\n return i.rateLimitManager.middleware(presets[preset]);\r\n }\r\n\r\n return i.rateLimitManager.middleware({ options: preset });\r\n}\r\n\r\n\r\n static cors(options?: any) {\r\n return HiSecure.get().corsManager.middleware(options);\r\n }\r\n\r\n static json(options?: any) {\r\n const i = HiSecure.get();\r\n return [i.jsonManager.middleware(options), i.jsonManager.urlencoded()];\r\n }\r\n\r\n static async hash(value: string): Promise<string> {\r\n const { hash } = await HiSecure.get().hashManager.hash(value, {\r\n allowFallback: true\r\n });\r\n return hash;\r\n }\r\n\r\n static verify(value: string, hash: string): Promise<boolean> {\r\n return HiSecure.get().hashManager.verify(value, hash);\r\n }\r\n\r\n static middleware(options?: SecureOptions | MiddlewarePreset) {\r\n const i = HiSecure.get();\r\n\r\n const presets: Record<MiddlewarePreset, SecureOptions> = {\r\n strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n public: { cors: true, rateLimit: true }\r\n };\r\n\r\n const finalOptions =\r\n typeof options === \"string\" ? presets[options] : options ?? {};\r\n\r\n return i.createChain(finalOptions);\r\n }\r\n\r\n private createChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n if (this.config.enableCompression)\r\n chain.push(compression(this.config.compression));\r\n\r\n if (options.cors) chain.push(this.corsManager.middleware());\r\n if (options.sanitize) chain.push(this.sanitizerManager.middleware());\r\n if (options.rateLimit)\r\n chain.push(this.rateLimitManager.middleware({}));\r\n if (options.auth && this.authManager)\r\n chain.push(this.authManager.protect());\r\n\r\n chain.push(errorHandler);\r\n return chain;\r\n }\r\n}\r\n"]}
|
package/dist/core/useSecure.d.ts
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
import { SecureOptions } from "./types/SecureOptions.js";
|
|
2
2
|
/**
|
|
3
|
-
* @deprecated Use HiSecure.middleware()
|
|
3
|
+
* @deprecated Use HiSecure.middleware()
|
|
4
4
|
*/
|
|
5
5
|
export declare function useSecure(options?: SecureOptions | "api" | "strict" | "public"): any[];
|
|
6
|
+
/**
|
|
7
|
+
* Legacy route-level security
|
|
8
|
+
*/
|
|
6
9
|
export declare function secureRoute(options?: SecureOptions): any[];
|
|
7
10
|
//# sourceMappingURL=useSecure.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"AAqDA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AACH,wBAAgB,SAAS,CACvB,OAAO,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ,SAItD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,aAAa,SAsClD"}
|
package/dist/core/useSecure.js
CHANGED
|
@@ -1,33 +1,78 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
// import { HiSecure } from "./HiSecure.js";
|
|
3
|
+
// import { SecureOptions } from "./types/SecureOptions.js";
|
|
2
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
5
|
exports.useSecure = useSecure;
|
|
4
6
|
exports.secureRoute = secureRoute;
|
|
7
|
+
// /**
|
|
8
|
+
// * @deprecated Use HiSecure.middleware() or fluent API instead
|
|
9
|
+
// */
|
|
10
|
+
// export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
|
|
11
|
+
// console.warn("useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
|
|
12
|
+
// return HiSecure.middleware(options);
|
|
13
|
+
// }
|
|
14
|
+
// // Legacy support - route-level security
|
|
15
|
+
// export function secureRoute(options?: SecureOptions) {
|
|
16
|
+
// const chain: any[] = [];
|
|
17
|
+
// if (options?.cors) {
|
|
18
|
+
// chain.push(HiSecure.cors(
|
|
19
|
+
// typeof options.cors === 'object' ? options.cors : undefined
|
|
20
|
+
// ));
|
|
21
|
+
// }
|
|
22
|
+
// if (options?.rateLimit) {
|
|
23
|
+
// chain.push(HiSecure.rateLimit(
|
|
24
|
+
// typeof options.rateLimit === 'object' ? options.rateLimit :
|
|
25
|
+
// options.rateLimit === "strict" ? "strict" : "relaxed"
|
|
26
|
+
// ));
|
|
27
|
+
// }
|
|
28
|
+
// if (options?.sanitize) {
|
|
29
|
+
// chain.push(HiSecure.sanitize(
|
|
30
|
+
// typeof options.sanitize === 'object' ? options.sanitize : undefined
|
|
31
|
+
// ));
|
|
32
|
+
// }
|
|
33
|
+
// if (options?.validate) {
|
|
34
|
+
// chain.push(HiSecure.validate(options.validate));
|
|
35
|
+
// }
|
|
36
|
+
// if (options?.auth) {
|
|
37
|
+
// chain.push(HiSecure.auth(
|
|
38
|
+
// typeof options.auth === 'object' ? options.auth : undefined
|
|
39
|
+
// ));
|
|
40
|
+
// }
|
|
41
|
+
// return chain;
|
|
42
|
+
// }
|
|
5
43
|
const HiSecure_js_1 = require("./HiSecure.js");
|
|
6
44
|
/**
|
|
7
|
-
* @deprecated Use HiSecure.middleware()
|
|
45
|
+
* @deprecated Use HiSecure.middleware()
|
|
8
46
|
*/
|
|
9
47
|
function useSecure(options) {
|
|
10
|
-
console.warn("useSecure() is deprecated. Use HiSecure.middleware()
|
|
48
|
+
console.warn("useSecure() is deprecated. Use HiSecure.middleware() instead.");
|
|
11
49
|
return HiSecure_js_1.HiSecure.middleware(options);
|
|
12
50
|
}
|
|
13
|
-
|
|
51
|
+
/**
|
|
52
|
+
* Legacy route-level security
|
|
53
|
+
*/
|
|
14
54
|
function secureRoute(options) {
|
|
15
55
|
const chain = [];
|
|
16
|
-
if (options
|
|
17
|
-
chain
|
|
56
|
+
if (!options)
|
|
57
|
+
return chain;
|
|
58
|
+
if (options.cors) {
|
|
59
|
+
chain.push(HiSecure_js_1.HiSecure.cors());
|
|
18
60
|
}
|
|
19
|
-
if (options
|
|
20
|
-
chain.push(HiSecure_js_1.HiSecure.rateLimit(typeof options.rateLimit ===
|
|
21
|
-
options.rateLimit
|
|
61
|
+
if (options.rateLimit) {
|
|
62
|
+
chain.push(HiSecure_js_1.HiSecure.rateLimit(typeof options.rateLimit === "object"
|
|
63
|
+
? options.rateLimit
|
|
64
|
+
: options.rateLimit === "strict"
|
|
65
|
+
? "strict"
|
|
66
|
+
: "relaxed"));
|
|
22
67
|
}
|
|
23
|
-
if (options
|
|
24
|
-
chain.push(HiSecure_js_1.HiSecure.sanitize(
|
|
68
|
+
if (options.sanitize) {
|
|
69
|
+
chain.push(HiSecure_js_1.HiSecure.sanitize());
|
|
25
70
|
}
|
|
26
|
-
if (options
|
|
71
|
+
if (options.validate) {
|
|
27
72
|
chain.push(HiSecure_js_1.HiSecure.validate(options.validate));
|
|
28
73
|
}
|
|
29
|
-
if (options
|
|
30
|
-
chain.push(HiSecure_js_1.HiSecure.auth(typeof options.auth ===
|
|
74
|
+
if (options.auth) {
|
|
75
|
+
chain.push(HiSecure_js_1.HiSecure.auth(typeof options.auth === "object" ? options.auth : undefined));
|
|
31
76
|
}
|
|
32
77
|
return chain;
|
|
33
78
|
}
|