hi-secure 1.0.27 → 1.0.32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/HiSecure.d.ts +7 -0
- package/dist/core/HiSecure.d.ts.map +1 -1
- package/dist/core/HiSecure.js +29 -4
- package/dist/core/HiSecure.js.map +1 -1
- package/dist/core/useSecure.d.ts.map +1 -1
- package/dist/core/useSecure.js.map +1 -1
- package/package.json +1 -1
- package/src/core/HiSecure.ts +41 -17
- package/src/core/useSecure.ts +0 -1
package/dist/core/HiSecure.d.ts
CHANGED
|
@@ -20,6 +20,13 @@ export declare class HiSecure {
|
|
|
20
20
|
required?: boolean;
|
|
21
21
|
roles?: string[];
|
|
22
22
|
}): (req: import("express").Request, _res: import("express").Response, next: import("express").NextFunction) => void;
|
|
23
|
+
static jwt: {
|
|
24
|
+
sign(payload: object, options?: any): string;
|
|
25
|
+
verify(token: string): string | import("jsonwebtoken").Jwt | import("jsonwebtoken").JwtPayload;
|
|
26
|
+
google: {
|
|
27
|
+
verifyIdToken(idToken: string): Promise<import("../adapters/GoogleAdapter.js").GoogleTokenPayload>;
|
|
28
|
+
};
|
|
29
|
+
};
|
|
23
30
|
static validate(schema: ValidationSchema): (req: any, res: any, next: any) => any;
|
|
24
31
|
static sanitize(options?: any): (req: any, _res: any, next: any) => void;
|
|
25
32
|
static rateLimit(preset: "strict" | "relaxed" | "api" | object): any;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAwUA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAiC3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAE3E,KAAK,gBAAgB,GAAG,QAAQ,GAAG,KAAK,GAAG,QAAQ,CAAC;AAEpD,qBAAa,QAAQ;IACnB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAyB;IAEhD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiB;IACxC,OAAO,CAAC,WAAW,CAAS;IAE5B,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAC,CAAc;IAElC,OAAO;IAKP,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,QAAQ;IAU3D,OAAO,CAAC,MAAM,CAAC,GAAG;IAOlB,OAAO,CAAC,SAAS;
|
|
1
|
+
{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAwUA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAiC3D,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAE3E,KAAK,gBAAgB,GAAG,QAAQ,GAAG,KAAK,GAAG,QAAQ,CAAC;AAEpD,qBAAa,QAAQ;IACnB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAyB;IAEhD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiB;IACxC,OAAO,CAAC,WAAW,CAAS;IAE5B,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,gBAAgB,CAAoB;IAC5C,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAe;IAClC,OAAO,CAAC,WAAW,CAAC,CAAc;IAElC,OAAO;IAKP,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,QAAQ;IAU3D,OAAO,CAAC,MAAM,CAAC,GAAG;IAOlB,OAAO,CAAC,SAAS;IAgEjB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE;IAO9D,MAAM,CAAC,GAAG;sBACM,MAAM,YAAY,GAAG;sBAMrB,MAAM;;mCAOK,MAAM;;MAO/B;IAGF,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAIxC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG;IAI7B,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,KAAK,GAAG,MAAM;IAgB9D,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;kBA7eV,CAAA;;;iBAGY,CAAC;IA8e5B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;WAKZ,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAOjD,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,gBAAgB;IAe5D,OAAO,CAAC,WAAW;CAqBpB"}
|
package/dist/core/HiSecure.js
CHANGED
|
@@ -42,7 +42,7 @@ class HiSecure {
|
|
|
42
42
|
this.initialized = false;
|
|
43
43
|
this.config = config;
|
|
44
44
|
}
|
|
45
|
-
//
|
|
45
|
+
// ================= INIT (ONLY ONCE) =================
|
|
46
46
|
static init(userConfig) {
|
|
47
47
|
if (HiSecure.instance)
|
|
48
48
|
return HiSecure.instance;
|
|
@@ -66,7 +66,7 @@ class HiSecure {
|
|
|
66
66
|
lib: constants_js_1.LIB_NAME,
|
|
67
67
|
version: constants_js_1.LIB_VERSION
|
|
68
68
|
});
|
|
69
|
-
// Core
|
|
69
|
+
// ===== Core Managers =====
|
|
70
70
|
this.hashManager = new HashManager_js_1.HashManager(this.config.hashing, this.config.hashing.primary === "argon2"
|
|
71
71
|
? new ArgonAdapter_js_1.ArgonAdapter()
|
|
72
72
|
: new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds), this.config.hashing.fallback
|
|
@@ -79,7 +79,7 @@ class HiSecure {
|
|
|
79
79
|
this.sanitizerManager = new SanitizerManager_js_1.SanitizerManager(new SanitizeHtmlAdapter_js_1.SanitizeHtmlAdapter(this.config.sanitizer), new XSSAdapter_js_1.XSSAdapter(this.config.sanitizer));
|
|
80
80
|
this.jsonManager = new JsonManager_js_1.JsonManager();
|
|
81
81
|
this.corsManager = new CorsManager_js_1.CorsManager();
|
|
82
|
-
//
|
|
82
|
+
// ===== AUTH (OPTIONAL) =====
|
|
83
83
|
if (this.config.auth?.enabled) {
|
|
84
84
|
this.authManager = new AuthManager_js_1.AuthManager({
|
|
85
85
|
jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret,
|
|
@@ -97,13 +97,14 @@ class HiSecure {
|
|
|
97
97
|
layer: "hisecure-core"
|
|
98
98
|
});
|
|
99
99
|
}
|
|
100
|
-
//
|
|
100
|
+
// ================= AUTH =================
|
|
101
101
|
static auth(options) {
|
|
102
102
|
const i = HiSecure.get();
|
|
103
103
|
if (!i.authManager)
|
|
104
104
|
throw new Error("Auth not enabled");
|
|
105
105
|
return i.authManager.protect(options);
|
|
106
106
|
}
|
|
107
|
+
// ================= OTHER UTILS =================
|
|
107
108
|
static validate(schema) {
|
|
108
109
|
return HiSecure.get().validatorManager.validate(schema);
|
|
109
110
|
}
|
|
@@ -138,6 +139,7 @@ class HiSecure {
|
|
|
138
139
|
static verify(value, hash) {
|
|
139
140
|
return HiSecure.get().hashManager.verify(value, hash);
|
|
140
141
|
}
|
|
142
|
+
// ================= GLOBAL MIDDLEWARE =================
|
|
141
143
|
static middleware(options) {
|
|
142
144
|
const i = HiSecure.get();
|
|
143
145
|
const presets = {
|
|
@@ -172,4 +174,27 @@ class HiSecure {
|
|
|
172
174
|
}
|
|
173
175
|
exports.HiSecure = HiSecure;
|
|
174
176
|
HiSecure.instance = null;
|
|
177
|
+
// ================= JWT =================
|
|
178
|
+
HiSecure.jwt = {
|
|
179
|
+
sign(payload, options) {
|
|
180
|
+
const i = HiSecure.get();
|
|
181
|
+
if (!i.authManager)
|
|
182
|
+
throw new Error("Auth not enabled");
|
|
183
|
+
return i.authManager.sign(payload, options);
|
|
184
|
+
},
|
|
185
|
+
verify(token) {
|
|
186
|
+
const i = HiSecure.get();
|
|
187
|
+
if (!i.authManager)
|
|
188
|
+
throw new Error("Auth not enabled");
|
|
189
|
+
return i.authManager.verify(token);
|
|
190
|
+
},
|
|
191
|
+
google: {
|
|
192
|
+
verifyIdToken(idToken) {
|
|
193
|
+
const i = HiSecure.get();
|
|
194
|
+
if (!i.authManager)
|
|
195
|
+
throw new Error("Auth not enabled (Google)");
|
|
196
|
+
return i.authManager.verifyGoogleIdToken(idToken);
|
|
197
|
+
}
|
|
198
|
+
}
|
|
199
|
+
};
|
|
175
200
|
//# sourceMappingURL=HiSecure.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";AAAA,8DAA8D;AAC9D,+CAA+C;AAC/C,0DAA0D;AAC1D,qDAAqD;AACrD,uDAAuD;AACvD,uCAAuC;;;;;;AAoUvC,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,wCAAoC;AAEpC,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAO9D,MAAa,QAAQ;IAcnB,YAAoB,MAAsB;QAVlC,gBAAW,GAAG,KAAK,CAAC;QAW1B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,+BAA+B;IAC/B,MAAM,CAAC,IAAI,CAAC,UAAoC;QAC9C,IAAI,QAAQ,CAAC,QAAQ;YAAE,OAAO,QAAQ,CAAC,QAAQ,CAAC;QAEhD,MAAM,WAAW,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC;QAC/D,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC3C,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,SAAS,EAAE,CAAC;QACrB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,MAAM,CAAC,GAAG;QAChB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC3B,CAAC;IAEO,SAAS;QACf,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;YAC9C,KAAK,EAAE,eAAe;YACtB,GAAG,EAAE,uBAAQ;YACb,OAAO,EAAE,0BAAW;SACrB,CAAC,CAAC;QAEH,gBAAgB;QAChB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAChC,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;YACtC,CAAC,CAAC,IAAI,8BAAY,EAAE;YACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EACrD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,IAAI,CACT,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YACrC,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,EAC1B,IAAI,sCAAgB,EAAE,CACvB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAC9B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAC9C,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CACtC,CAAC;QAEF,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBACjC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAU;gBAChE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EACZ,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAClE,CAAC,CAAC;YAEH,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,gBAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YAChD,KAAK,EAAE,eAAe;SACvB,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAEhC,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACtC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QAC3B,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC9D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;aACZ,CAAC;YAEX,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACxD,CAAC;QAED,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAGC,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAa;QAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE;YAC5D,aAAa,EAAE,IAAI;SACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,KAAa,EAAE,IAAY;QACvC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,UAAU,CAAC,OAA0C;QAC1D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,OAAO,GAA4C;YACvD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;YACvE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE;YACzD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE;SACxC,CAAC;QAEF,MAAM,YAAY,GAChB,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC;QAEjE,OAAO,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IACrC,CAAC;IAEO,WAAW,CAAC,OAAsB;QACxC,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAC/B,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QAEnD,IAAI,OAAO,CAAC,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5D,IAAI,OAAO,CAAC,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,IAAI,OAAO,CAAC,SAAS;YACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW;YAClC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;QAEzC,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;;AA3LH,4BA4LC;AA3LgB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB","sourcesContent":["// import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// import { defaultConfig } from \"./config.js\";\r\n// import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// import { deepMerge } from \"../utils/deepMerge.js\";\r\n// import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n// import { logger } from \"../logging\";\r\n\r\n// // Adapters\r\n// import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// import { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// // Managers\r\n// import { HashManager } from \"../managers/HashManager.js\";\r\n// import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// import { JsonManager } from \"../managers/JsonManager.js\";\r\n// import { CorsManager } from \"../managers/CorsManager.js\";\r\n// import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // Middlewares\r\n// import helmet from \"helmet\";\r\n// import hpp from \"hpp\";\r\n// import compression from \"compression\";\r\n// import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // Types\r\n// import { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\n// export class HiSecure {\r\n// private static instance: HiSecure | null = null;\r\n// private config: HiSecureConfig;\r\n// private initialized = false;\r\n\r\n// // Managers\r\n// public hashManager!: HashManager;\r\n// public rateLimitManager!: RateLimitManager;\r\n// public validatorManager!: ValidatorManager;\r\n// public sanitizerManager!: SanitizerManager;\r\n// public jsonManager!: JsonManager;\r\n// public corsManager!: CorsManager;\r\n// public authManager?: AuthManager;\r\n\r\n// // Internal adapters\r\n// private hashingPrimary: any;\r\n// private hashingFallback: any;\r\n// private rateLimiterPrimary: any;\r\n// private rateLimiterFallback: any;\r\n// private sanitizerPrimary: any;\r\n// private sanitizerFallback: any;\r\n\r\n// private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// this.config = deepMerge(defaultConfig, userConfig);\r\n// }\r\n\r\n// // Singleton & Init\r\n\r\n// static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n// if (!HiSecure.instance) {\r\n// logger.info(\"Creating HiSecure singleton\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// HiSecure.instance = new HiSecure(config);\r\n// HiSecure.instance.init();\r\n// }\r\n// return HiSecure.instance;\r\n// }\r\n\r\n// static resetInstance(): void {\r\n// HiSecure.instance = null;\r\n// }\r\n\r\n// init(): void {\r\n// if (this.initialized) {\r\n// logger.warn(\"Initialization skipped (already initialized)\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// return;\r\n// }\r\n\r\n// logger.info(\"Framework initialization started\", {\r\n// layer: \"hisecure-core\",\r\n// lib: LIB_NAME,\r\n// version: LIB_VERSION\r\n// });\r\n\r\n// this.setupAdapters();\r\n// this.setupManagers();\r\n// this.setupDynamicManagers();\r\n\r\n// deepFreeze(this.config);\r\n// this.initialized = true;\r\n\r\n// logger.info(\"Framework initialized successfully\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n\r\n// // Public Fluent API\r\n// static auth(options?: { required?: boolean; roles?: string[] }) {\r\n// const instance = this.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n// }\r\n// return instance.authManager.protect(options);\r\n// }\r\n\r\n// static validate(schema: ValidationSchema) {\r\n// return this.getInstance().validatorManager.validate(schema);\r\n// }\r\n\r\n// static sanitize(options?: any) {\r\n// return this.getInstance().sanitizerManager.middleware(options);\r\n// }\r\n\r\n// static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof preset === \"string\") {\r\n// logger.info(\"Rate limit preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset\r\n// });\r\n\r\n// const presets: any = {\r\n// strict: { mode: \"strict\" },\r\n// relaxed: { mode: \"relaxed\" },\r\n// api: { mode: \"api\" }\r\n// };\r\n// return instance.rateLimitManager.middleware(presets[preset]);\r\n// }\r\n\r\n// return instance.rateLimitManager.middleware({ options: preset });\r\n// }\r\n\r\n// static cors(options?: any) {\r\n// return this.getInstance().corsManager.middleware(options);\r\n// }\r\n\r\n// static json(options?: any) {\r\n// const instance = this.getInstance();\r\n// return [\r\n// instance.jsonManager.middleware(options),\r\n// instance.jsonManager.urlencoded()\r\n// ];\r\n// }\r\n\r\n// // Utilities\r\n\r\n// static async hash(value: string): Promise<string> {\r\n// const instance = this.getInstance();\r\n// const result = await instance.hashManager.hash(value, { allowFallback: true });\r\n// return result.hash;\r\n// }\r\n\r\n// static async verify(value: string, hash: string): Promise<boolean> {\r\n// return this.getInstance().hashManager.verify(value, hash);\r\n// }\r\n\r\n// static jwt = {\r\n// sign: (payload: object, options?: any) =>\r\n// HiSecure.getInstance().authManager!.sign(payload, options),\r\n\r\n// verify: (token: string) =>\r\n// HiSecure.getInstance().authManager!.verify(token),\r\n\r\n// google: {\r\n// verifyIdToken: (idToken: string) =>\r\n// HiSecure.getInstance().authManager!.verifyGoogleIdToken(idToken)\r\n// }\r\n// };\r\n\r\n// // Global Middleware - globalLevel\r\n// static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof options === \"string\") {\r\n// logger.info(\"Global middleware preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset: options\r\n// });\r\n\r\n// const presets: any = {\r\n// api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n// strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n// public: { cors: true, rateLimit: true, sanitize: false }\r\n// };\r\n\r\n// return instance.createMiddlewareChain(presets[options] || {});\r\n// }\r\n\r\n// return instance.createMiddlewareChain(options || {});\r\n// }\r\n\r\n// // Internal Setup\r\n\r\n// private setupAdapters() {\r\n// logger.info(\"Adapters setup started\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n\r\n// this.hashingPrimary =\r\n// this.config.hashing.primary === \"argon2\"\r\n// ? new ArgonAdapter()\r\n// : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// this.hashingFallback =\r\n// this.config.hashing.fallback === \"bcrypt\"\r\n// ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// : null;\r\n\r\n// logger.info(\"Hashing adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: this.config.hashing.primary,\r\n// fallback: this.config.hashing.fallback ?? null\r\n// });\r\n\r\n// this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n// ? new RLFlexibleAdapter()\r\n// : new ExpressRLAdapter();\r\n\r\n// this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// logger.info(\"Rate limiter adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// adaptive: this.config.rateLimiter.useAdaptiveMode\r\n// });\r\n\r\n// this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n// logger.info(\"Sanitizer adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: \"sanitize-html\",\r\n// fallback: \"xss\"\r\n// });\r\n// }\r\n\r\n// private setupManagers() {\r\n// this.hashManager = new HashManager(\r\n// this.config.hashing,\r\n// this.hashingPrimary,\r\n// this.hashingFallback\r\n// );\r\n\r\n// this.rateLimitManager = new RateLimitManager(\r\n// this.config.rateLimiter,\r\n// this.rateLimiterPrimary,\r\n// this.rateLimiterFallback\r\n// );\r\n\r\n// this.validatorManager = new ValidatorManager(\r\n// new ZodAdapter(),\r\n// new ExpressValidatorAdapter()\r\n// );\r\n\r\n// this.sanitizerManager = new SanitizerManager(\r\n// this.sanitizerPrimary,\r\n// this.sanitizerFallback\r\n// );\r\n\r\n// logger.info(\"Core managers initialized\", {\r\n// layer: \"hisecure-core\",\r\n// managers: [\"hash\", \"rate-limit\", \"validator\", \"sanitizer\"]\r\n// });\r\n// }\r\n\r\n// private setupDynamicManagers() {\r\n// this.jsonManager = new JsonManager();\r\n// this.corsManager = new CorsManager();\r\n\r\n// if (this.config.auth.enabled) {\r\n// this.authManager = new AuthManager({\r\n// jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n// jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// googleClientId:\r\n// process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n// });\r\n\r\n// logger.info(\"Authentication enabled\", {\r\n// layer: \"hisecure-core\",\r\n// google: !!this.config.auth.googleClientId\r\n// });\r\n// } else {\r\n// logger.info(\"Authentication disabled\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n// }\r\n\r\n// private createMiddlewareChain(options: SecureOptions): any[] {\r\n// const chain: any[] = [];\r\n\r\n// chain.push(this.jsonManager.middleware(this.config.json));\r\n// chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n// if (this.config.enableHelmet) chain.push(helmet());\r\n// if (this.config.enableHPP) chain.push(hpp());\r\n\r\n// if (this.config.enableCompression)\r\n// chain.push(compression(this.config.compression));\r\n\r\n// if (options.cors) chain.push(this.corsManager.middleware(this.config.cors));\r\n// if (options.sanitize)\r\n// chain.push(this.sanitizerManager.middleware());\r\n\r\n// if (options.rateLimit)\r\n// chain.push(this.rateLimitManager.middleware({}));\r\n\r\n// if (options.auth && this.authManager)\r\n// chain.push(this.authManager.protect());\r\n\r\n// chain.push(errorHandler);\r\n// return chain;\r\n// }\r\n// }\r\n\r\n\r\n\r\n\r\n\r\n\r\nimport { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\ntype MiddlewarePreset = \"strict\" | \"api\" | \"public\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n\r\n private readonly config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n private hashManager!: HashManager;\r\n private rateLimitManager!: RateLimitManager;\r\n private validatorManager!: ValidatorManager;\r\n private sanitizerManager!: SanitizerManager;\r\n private jsonManager!: JsonManager;\r\n private corsManager!: CorsManager;\r\n private authManager?: AuthManager;\r\n\r\n private constructor(config: HiSecureConfig) {\r\n this.config = config;\r\n }\r\n\r\n // ===== INIT (ONLY ONCE) =====\r\n static init(userConfig?: Partial<HiSecureConfig>): HiSecure {\r\n if (HiSecure.instance) return HiSecure.instance;\r\n\r\n const finalConfig = deepMerge(defaultConfig, userConfig ?? {});\r\n const instance = new HiSecure(finalConfig);\r\n HiSecure.instance = instance;\r\n instance.bootstrap();\r\n return instance;\r\n }\r\n\r\n private static get(): HiSecure {\r\n if (!HiSecure.instance) {\r\n throw new Error(\"HiSecure not initialized. Call HiSecure.init() first.\");\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n private bootstrap(): void {\r\n if (this.initialized) return;\r\n\r\n logger.info(\"Framework initialization started\", {\r\n layer: \"hisecure-core\",\r\n lib: LIB_NAME,\r\n version: LIB_VERSION\r\n });\r\n\r\n // Core managers\r\n this.hashManager = new HashManager(\r\n this.config.hashing,\r\n this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds),\r\n this.config.hashing.fallback\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null\r\n );\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter(),\r\n new ExpressRLAdapter()\r\n );\r\n\r\n this.validatorManager = new ValidatorManager(\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n new SanitizeHtmlAdapter(this.config.sanitizer),\r\n new XSSAdapter(this.config.sanitizer)\r\n );\r\n\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n // Auth (optional)\r\n if (this.config.auth?.enabled) {\r\n this.authManager = new AuthManager({\r\n jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId:\r\n process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n });\r\n\r\n logger.info(\"Authentication enabled\", { layer: \"hisecure-core\" });\r\n } else {\r\n logger.info(\"Authentication disabled\", { layer: \"hisecure-core\" });\r\n }\r\n\r\n deepFreeze(this.config);\r\n this.initialized = true;\r\n\r\n logger.info(\"Framework initialized successfully\", {\r\n layer: \"hisecure-core\"\r\n });\r\n }\r\n\r\n // ===== PUBLIC STATIC API =====\r\n\r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n const i = HiSecure.get();\r\n if (!i.authManager) throw new Error(\"Auth not enabled\");\r\n return i.authManager.protect(options);\r\n }\r\n\r\n static validate(schema: ValidationSchema) {\r\n return HiSecure.get().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return HiSecure.get().sanitizerManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const i = HiSecure.get();\r\n\r\n if (typeof preset === \"string\") {\r\n const presets = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\" }\r\n } as const;\r\n\r\n return i.rateLimitManager.middleware(presets[preset]);\r\n }\r\n\r\n return i.rateLimitManager.middleware({ options: preset });\r\n}\r\n\r\n\r\n static cors(options?: any) {\r\n return HiSecure.get().corsManager.middleware(options);\r\n }\r\n\r\n static json(options?: any) {\r\n const i = HiSecure.get();\r\n return [i.jsonManager.middleware(options), i.jsonManager.urlencoded()];\r\n }\r\n\r\n static async hash(value: string): Promise<string> {\r\n const { hash } = await HiSecure.get().hashManager.hash(value, {\r\n allowFallback: true\r\n });\r\n return hash;\r\n }\r\n\r\n static verify(value: string, hash: string): Promise<boolean> {\r\n return HiSecure.get().hashManager.verify(value, hash);\r\n }\r\n\r\n static middleware(options?: SecureOptions | MiddlewarePreset) {\r\n const i = HiSecure.get();\r\n\r\n const presets: Record<MiddlewarePreset, SecureOptions> = {\r\n strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n public: { cors: true, rateLimit: true }\r\n };\r\n\r\n const finalOptions =\r\n typeof options === \"string\" ? presets[options] : options ?? {};\r\n\r\n return i.createChain(finalOptions);\r\n }\r\n\r\n private createChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n if (this.config.enableCompression)\r\n chain.push(compression(this.config.compression));\r\n\r\n if (options.cors) chain.push(this.corsManager.middleware());\r\n if (options.sanitize) chain.push(this.sanitizerManager.middleware());\r\n if (options.rateLimit)\r\n chain.push(this.rateLimitManager.middleware({}));\r\n if (options.auth && this.authManager)\r\n chain.push(this.authManager.protect());\r\n\r\n chain.push(errorHandler);\r\n return chain;\r\n }\r\n}\r\n"]}
|
|
1
|
+
{"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";AAAA,8DAA8D;AAC9D,+CAA+C;AAC/C,0DAA0D;AAC1D,qDAAqD;AACrD,uDAAuD;AACvD,uCAAuC;;;;;;AAoUvC,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,wCAAoC;AAEpC,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAO9D,MAAa,QAAQ;IAcnB,YAAoB,MAAsB;QAVlC,gBAAW,GAAG,KAAK,CAAC;QAW1B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,uDAAuD;IACvD,MAAM,CAAC,IAAI,CAAC,UAAoC;QAC9C,IAAI,QAAQ,CAAC,QAAQ;YAAE,OAAO,QAAQ,CAAC,QAAQ,CAAC;QAEhD,MAAM,WAAW,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC;QAC/D,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;QAC3C,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,SAAS,EAAE,CAAC;QACrB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,MAAM,CAAC,GAAG;QAChB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC3B,CAAC;IAEO,SAAS;QACf,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,gBAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;YAC9C,KAAK,EAAE,eAAe;YACtB,GAAG,EAAE,uBAAQ;YACb,OAAO,EAAE,0BAAW;SACrB,CAAC,CAAC;QAEH,4BAA4B;QAC5B,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAChC,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;YACtC,CAAC,CAAC,IAAI,8BAAY,EAAE;YACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EACrD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ;YAC1B,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,IAAI,CACT,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YACrC,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,EAC1B,IAAI,sCAAgB,EAAE,CACvB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAC9B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CAC1C,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAC9C,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CACtC,CAAC;QAEF,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,8BAA8B;QAC9B,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBACjC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAU;gBAChE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EACZ,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAClE,CAAC,CAAC;YAEH,gBAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,gBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,gBAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YAChD,KAAK,EAAE,eAAe;SACvB,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IA0BD,kDAAkD;IAClD,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACtC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QAC3B,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC5D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;aACZ,CAAC;YAEX,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACxD,CAAC;QAED,OAAO,CAAC,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACvB,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAa;QAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE;YAC5D,aAAa,EAAE,IAAI;SACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,KAAa,EAAE,IAAY;QACvC,OAAO,QAAQ,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC;IAED,wDAAwD;IACxD,MAAM,CAAC,UAAU,CAAC,OAA0C;QAC1D,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,OAAO,GAA4C;YACvD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;YACvE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE;YACzD,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE;SACxC,CAAC;QAEF,MAAM,YAAY,GAChB,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC;QAEjE,OAAO,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IACrC,CAAC;IAEO,WAAW,CAAC,OAAsB;QACxC,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAC/B,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QAEnD,IAAI,OAAO,CAAC,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5D,IAAI,OAAO,CAAC,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,IAAI,OAAO,CAAC,SAAS;YACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW;YAClC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;QAEzC,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;;AAnNH,4BAoNC;AAnNgB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB;AAyGhD,0CAA0C;AACnC,YAAG,GAAG;IACX,IAAI,CAAC,OAAe,EAAE,OAAa;QACjC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED,MAAM,EAAE;QACN,aAAa,CAAC,OAAe;YAC3B,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,CAAC,WAAW;gBAChB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC/C,OAAO,CAAC,CAAC,WAAW,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QACpD,CAAC;KACF;CACF,AArBS,CAqBR","sourcesContent":["// import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// import { defaultConfig } from \"./config.js\";\r\n// import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// import { deepMerge } from \"../utils/deepMerge.js\";\r\n// import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n// import { logger } from \"../logging\";\r\n\r\n// // Adapters\r\n// import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// import { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// // Managers\r\n// import { HashManager } from \"../managers/HashManager.js\";\r\n// import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// import { JsonManager } from \"../managers/JsonManager.js\";\r\n// import { CorsManager } from \"../managers/CorsManager.js\";\r\n// import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // Middlewares\r\n// import helmet from \"helmet\";\r\n// import hpp from \"hpp\";\r\n// import compression from \"compression\";\r\n// import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // Types\r\n// import { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\n// export class HiSecure {\r\n// private static instance: HiSecure | null = null;\r\n// private config: HiSecureConfig;\r\n// private initialized = false;\r\n\r\n// // Managers\r\n// public hashManager!: HashManager;\r\n// public rateLimitManager!: RateLimitManager;\r\n// public validatorManager!: ValidatorManager;\r\n// public sanitizerManager!: SanitizerManager;\r\n// public jsonManager!: JsonManager;\r\n// public corsManager!: CorsManager;\r\n// public authManager?: AuthManager;\r\n\r\n// // Internal adapters\r\n// private hashingPrimary: any;\r\n// private hashingFallback: any;\r\n// private rateLimiterPrimary: any;\r\n// private rateLimiterFallback: any;\r\n// private sanitizerPrimary: any;\r\n// private sanitizerFallback: any;\r\n\r\n// private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// this.config = deepMerge(defaultConfig, userConfig);\r\n// }\r\n\r\n// // Singleton & Init\r\n\r\n// static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n// if (!HiSecure.instance) {\r\n// logger.info(\"Creating HiSecure singleton\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// HiSecure.instance = new HiSecure(config);\r\n// HiSecure.instance.init();\r\n// }\r\n// return HiSecure.instance;\r\n// }\r\n\r\n// static resetInstance(): void {\r\n// HiSecure.instance = null;\r\n// }\r\n\r\n// init(): void {\r\n// if (this.initialized) {\r\n// logger.warn(\"Initialization skipped (already initialized)\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// return;\r\n// }\r\n\r\n// logger.info(\"Framework initialization started\", {\r\n// layer: \"hisecure-core\",\r\n// lib: LIB_NAME,\r\n// version: LIB_VERSION\r\n// });\r\n\r\n// this.setupAdapters();\r\n// this.setupManagers();\r\n// this.setupDynamicManagers();\r\n\r\n// deepFreeze(this.config);\r\n// this.initialized = true;\r\n\r\n// logger.info(\"Framework initialized successfully\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n\r\n// // Public Fluent API\r\n// static auth(options?: { required?: boolean; roles?: string[] }) {\r\n// const instance = this.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n// }\r\n// return instance.authManager.protect(options);\r\n// }\r\n\r\n// static validate(schema: ValidationSchema) {\r\n// return this.getInstance().validatorManager.validate(schema);\r\n// }\r\n\r\n// static sanitize(options?: any) {\r\n// return this.getInstance().sanitizerManager.middleware(options);\r\n// }\r\n\r\n// static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof preset === \"string\") {\r\n// logger.info(\"Rate limit preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset\r\n// });\r\n\r\n// const presets: any = {\r\n// strict: { mode: \"strict\" },\r\n// relaxed: { mode: \"relaxed\" },\r\n// api: { mode: \"api\" }\r\n// };\r\n// return instance.rateLimitManager.middleware(presets[preset]);\r\n// }\r\n\r\n// return instance.rateLimitManager.middleware({ options: preset });\r\n// }\r\n\r\n// static cors(options?: any) {\r\n// return this.getInstance().corsManager.middleware(options);\r\n// }\r\n\r\n// static json(options?: any) {\r\n// const instance = this.getInstance();\r\n// return [\r\n// instance.jsonManager.middleware(options),\r\n// instance.jsonManager.urlencoded()\r\n// ];\r\n// }\r\n\r\n// // Utilities\r\n\r\n// static async hash(value: string): Promise<string> {\r\n// const instance = this.getInstance();\r\n// const result = await instance.hashManager.hash(value, { allowFallback: true });\r\n// return result.hash;\r\n// }\r\n\r\n// static async verify(value: string, hash: string): Promise<boolean> {\r\n// return this.getInstance().hashManager.verify(value, hash);\r\n// }\r\n\r\n// static jwt = {\r\n// sign: (payload: object, options?: any) =>\r\n// HiSecure.getInstance().authManager!.sign(payload, options),\r\n\r\n// verify: (token: string) =>\r\n// HiSecure.getInstance().authManager!.verify(token),\r\n\r\n// google: {\r\n// verifyIdToken: (idToken: string) =>\r\n// HiSecure.getInstance().authManager!.verifyGoogleIdToken(idToken)\r\n// }\r\n// };\r\n\r\n// // Global Middleware - globalLevel\r\n// static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// const instance = this.getInstance();\r\n\r\n// if (typeof options === \"string\") {\r\n// logger.info(\"Global middleware preset applied\", {\r\n// layer: \"hisecure-core\",\r\n// preset: options\r\n// });\r\n\r\n// const presets: any = {\r\n// api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n// strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n// public: { cors: true, rateLimit: true, sanitize: false }\r\n// };\r\n\r\n// return instance.createMiddlewareChain(presets[options] || {});\r\n// }\r\n\r\n// return instance.createMiddlewareChain(options || {});\r\n// }\r\n\r\n// // Internal Setup\r\n\r\n// private setupAdapters() {\r\n// logger.info(\"Adapters setup started\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n\r\n// this.hashingPrimary =\r\n// this.config.hashing.primary === \"argon2\"\r\n// ? new ArgonAdapter()\r\n// : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// this.hashingFallback =\r\n// this.config.hashing.fallback === \"bcrypt\"\r\n// ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// : null;\r\n\r\n// logger.info(\"Hashing adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: this.config.hashing.primary,\r\n// fallback: this.config.hashing.fallback ?? null\r\n// });\r\n\r\n// this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n// ? new RLFlexibleAdapter()\r\n// : new ExpressRLAdapter();\r\n\r\n// this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// logger.info(\"Rate limiter adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// adaptive: this.config.rateLimiter.useAdaptiveMode\r\n// });\r\n\r\n// this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n// logger.info(\"Sanitizer adapters configured\", {\r\n// layer: \"hisecure-core\",\r\n// primary: \"sanitize-html\",\r\n// fallback: \"xss\"\r\n// });\r\n// }\r\n\r\n// private setupManagers() {\r\n// this.hashManager = new HashManager(\r\n// this.config.hashing,\r\n// this.hashingPrimary,\r\n// this.hashingFallback\r\n// );\r\n\r\n// this.rateLimitManager = new RateLimitManager(\r\n// this.config.rateLimiter,\r\n// this.rateLimiterPrimary,\r\n// this.rateLimiterFallback\r\n// );\r\n\r\n// this.validatorManager = new ValidatorManager(\r\n// new ZodAdapter(),\r\n// new ExpressValidatorAdapter()\r\n// );\r\n\r\n// this.sanitizerManager = new SanitizerManager(\r\n// this.sanitizerPrimary,\r\n// this.sanitizerFallback\r\n// );\r\n\r\n// logger.info(\"Core managers initialized\", {\r\n// layer: \"hisecure-core\",\r\n// managers: [\"hash\", \"rate-limit\", \"validator\", \"sanitizer\"]\r\n// });\r\n// }\r\n\r\n// private setupDynamicManagers() {\r\n// this.jsonManager = new JsonManager();\r\n// this.corsManager = new CorsManager();\r\n\r\n// if (this.config.auth.enabled) {\r\n// this.authManager = new AuthManager({\r\n// jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n// jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// googleClientId:\r\n// process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n// });\r\n\r\n// logger.info(\"Authentication enabled\", {\r\n// layer: \"hisecure-core\",\r\n// google: !!this.config.auth.googleClientId\r\n// });\r\n// } else {\r\n// logger.info(\"Authentication disabled\", {\r\n// layer: \"hisecure-core\"\r\n// });\r\n// }\r\n// }\r\n\r\n// private createMiddlewareChain(options: SecureOptions): any[] {\r\n// const chain: any[] = [];\r\n\r\n// chain.push(this.jsonManager.middleware(this.config.json));\r\n// chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n// if (this.config.enableHelmet) chain.push(helmet());\r\n// if (this.config.enableHPP) chain.push(hpp());\r\n\r\n// if (this.config.enableCompression)\r\n// chain.push(compression(this.config.compression));\r\n\r\n// if (options.cors) chain.push(this.corsManager.middleware(this.config.cors));\r\n// if (options.sanitize)\r\n// chain.push(this.sanitizerManager.middleware());\r\n\r\n// if (options.rateLimit)\r\n// chain.push(this.rateLimitManager.middleware({}));\r\n\r\n// if (options.auth && this.authManager)\r\n// chain.push(this.authManager.protect());\r\n\r\n// chain.push(errorHandler);\r\n// return chain;\r\n// }\r\n// }\r\n\r\n\r\n\r\n\r\n\r\n\r\nimport { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\ntype MiddlewarePreset = \"strict\" | \"api\" | \"public\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n\r\n private readonly config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n private hashManager!: HashManager;\r\n private rateLimitManager!: RateLimitManager;\r\n private validatorManager!: ValidatorManager;\r\n private sanitizerManager!: SanitizerManager;\r\n private jsonManager!: JsonManager;\r\n private corsManager!: CorsManager;\r\n private authManager?: AuthManager;\r\n\r\n private constructor(config: HiSecureConfig) {\r\n this.config = config;\r\n }\r\n\r\n // ================= INIT (ONLY ONCE) =================\r\n static init(userConfig?: Partial<HiSecureConfig>): HiSecure {\r\n if (HiSecure.instance) return HiSecure.instance;\r\n\r\n const finalConfig = deepMerge(defaultConfig, userConfig ?? {});\r\n const instance = new HiSecure(finalConfig);\r\n HiSecure.instance = instance;\r\n instance.bootstrap();\r\n return instance;\r\n }\r\n\r\n private static get(): HiSecure {\r\n if (!HiSecure.instance) {\r\n throw new Error(\"HiSecure not initialized. Call HiSecure.init() first.\");\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n private bootstrap(): void {\r\n if (this.initialized) return;\r\n\r\n logger.info(\"Framework initialization started\", {\r\n layer: \"hisecure-core\",\r\n lib: LIB_NAME,\r\n version: LIB_VERSION\r\n });\r\n\r\n // ===== Core Managers =====\r\n this.hashManager = new HashManager(\r\n this.config.hashing,\r\n this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds),\r\n this.config.hashing.fallback\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null\r\n );\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter(),\r\n new ExpressRLAdapter()\r\n );\r\n\r\n this.validatorManager = new ValidatorManager(\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n new SanitizeHtmlAdapter(this.config.sanitizer),\r\n new XSSAdapter(this.config.sanitizer)\r\n );\r\n\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n // ===== AUTH (OPTIONAL) =====\r\n if (this.config.auth?.enabled) {\r\n this.authManager = new AuthManager({\r\n jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId:\r\n process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n });\r\n\r\n logger.info(\"Authentication enabled\", { layer: \"hisecure-core\" });\r\n } else {\r\n logger.info(\"Authentication disabled\", { layer: \"hisecure-core\" });\r\n }\r\n\r\n deepFreeze(this.config);\r\n this.initialized = true;\r\n\r\n logger.info(\"Framework initialized successfully\", {\r\n layer: \"hisecure-core\"\r\n });\r\n }\r\n\r\n // ================= AUTH =================\r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n const i = HiSecure.get();\r\n if (!i.authManager) throw new Error(\"Auth not enabled\");\r\n return i.authManager.protect(options);\r\n }\r\n\r\n // ================= JWT =================\r\n static jwt = {\r\n sign(payload: object, options?: any) {\r\n const i = HiSecure.get();\r\n if (!i.authManager) throw new Error(\"Auth not enabled\");\r\n return i.authManager.sign(payload, options);\r\n },\r\n\r\n verify(token: string) {\r\n const i = HiSecure.get();\r\n if (!i.authManager) throw new Error(\"Auth not enabled\");\r\n return i.authManager.verify(token);\r\n },\r\n\r\n google: {\r\n verifyIdToken(idToken: string) {\r\n const i = HiSecure.get();\r\n if (!i.authManager)\r\n throw new Error(\"Auth not enabled (Google)\");\r\n return i.authManager.verifyGoogleIdToken(idToken);\r\n }\r\n }\r\n };\r\n\r\n // ================= OTHER UTILS =================\r\n static validate(schema: ValidationSchema) {\r\n return HiSecure.get().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return HiSecure.get().sanitizerManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const i = HiSecure.get();\r\n\r\n if (typeof preset === \"string\") {\r\n const presets = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\" }\r\n } as const;\r\n\r\n return i.rateLimitManager.middleware(presets[preset]);\r\n }\r\n\r\n return i.rateLimitManager.middleware({ options: preset });\r\n }\r\n\r\n static cors(options?: any) {\r\n return HiSecure.get().corsManager.middleware(options);\r\n }\r\n\r\n static json(options?: any) {\r\n const i = HiSecure.get();\r\n return [i.jsonManager.middleware(options), i.jsonManager.urlencoded()];\r\n }\r\n\r\n static async hash(value: string): Promise<string> {\r\n const { hash } = await HiSecure.get().hashManager.hash(value, {\r\n allowFallback: true\r\n });\r\n return hash;\r\n }\r\n\r\n static verify(value: string, hash: string): Promise<boolean> {\r\n return HiSecure.get().hashManager.verify(value, hash);\r\n }\r\n\r\n // ================= GLOBAL MIDDLEWARE =================\r\n static middleware(options?: SecureOptions | MiddlewarePreset) {\r\n const i = HiSecure.get();\r\n\r\n const presets: Record<MiddlewarePreset, SecureOptions> = {\r\n strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n public: { cors: true, rateLimit: true }\r\n };\r\n\r\n const finalOptions =\r\n typeof options === \"string\" ? presets[options] : options ?? {};\r\n\r\n return i.createChain(finalOptions);\r\n }\r\n\r\n private createChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n if (this.config.enableCompression)\r\n chain.push(compression(this.config.compression));\r\n\r\n if (options.cors) chain.push(this.corsManager.middleware());\r\n if (options.sanitize) chain.push(this.sanitizerManager.middleware());\r\n if (options.rateLimit)\r\n chain.push(this.rateLimitManager.middleware({}));\r\n if (options.auth && this.authManager)\r\n chain.push(this.authManager.protect());\r\n\r\n chain.push(errorHandler);\r\n return chain;\r\n }\r\n}\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"AAoDA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AACH,wBAAgB,SAAS,CACvB,OAAO,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ,SAItD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,aAAa,SAsClD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useSecure.js","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":";AAAA,4CAA4C;AAC5C,4DAA4D;;
|
|
1
|
+
{"version":3,"file":"useSecure.js","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":";AAAA,4CAA4C;AAC5C,4DAA4D;;AAwD5D,8BAKC;AAKD,kCAsCC;AAtGD,MAAM;AACN,iEAAiE;AACjE,MAAM;AAEN,qFAAqF;AACrF,mGAAmG;AACnG,2CAA2C;AAC3C,IAAI;AAGJ,4CAA4C;AAE5C,yDAAyD;AACzD,+BAA+B;AAE/B,2BAA2B;AAC3B,oCAAoC;AACpC,0EAA0E;AAC1E,cAAc;AACd,QAAQ;AAER,gCAAgC;AAChC,yCAAyC;AACzC,2EAA2E;AAC3E,oEAAoE;AACpE,cAAc;AACd,QAAQ;AAER,+BAA+B;AAC/B,wCAAwC;AACxC,kFAAkF;AAClF,cAAc;AACd,QAAQ;AAER,+BAA+B;AAC/B,2DAA2D;AAC3D,QAAQ;AAER,2BAA2B;AAC3B,oCAAoC;AACpC,0EAA0E;AAC1E,cAAc;AACd,QAAQ;AACR,oBAAoB;AACpB,IAAI;AAIJ,+CAAyC;AAGzC;;GAEG;AACH,SAAgB,SAAS,CACvB,OAAqD;IAErD,OAAO,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAC;IAC9E,OAAO,sBAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,OAAuB;IACjD,MAAM,KAAK,GAAU,EAAE,CAAC;IAExB,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAE3B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CACR,sBAAQ,CAAC,SAAS,CAChB,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ;YACnC,CAAC,CAAC,OAAO,CAAC,SAAS;YACnB,CAAC,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ;gBAChC,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,SAAS,CACd,CACF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CACR,sBAAQ,CAAC,IAAI,CACX,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAC5D,CACF,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC","sourcesContent":["// import { HiSecure } from \"./HiSecure.js\";\r\n// import { SecureOptions } from \"./types/SecureOptions.js\";\r\n\r\n// /**\r\n// * @deprecated Use HiSecure.middleware() or fluent API instead\r\n// */\r\n\r\n// export function useSecure(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// console.warn(\"useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.\");\r\n// return HiSecure.middleware(options);\r\n// }\r\n\r\n\r\n// // Legacy support - route-level security\r\n\r\n// export function secureRoute(options?: SecureOptions) {\r\n// const chain: any[] = [];\r\n \r\n// if (options?.cors) {\r\n// chain.push(HiSecure.cors(\r\n// typeof options.cors === 'object' ? options.cors : undefined\r\n// ));\r\n// }\r\n \r\n// if (options?.rateLimit) {\r\n// chain.push(HiSecure.rateLimit(\r\n// typeof options.rateLimit === 'object' ? options.rateLimit : \r\n// options.rateLimit === \"strict\" ? \"strict\" : \"relaxed\"\r\n// ));\r\n// }\r\n \r\n// if (options?.sanitize) {\r\n// chain.push(HiSecure.sanitize(\r\n// typeof options.sanitize === 'object' ? options.sanitize : undefined\r\n// ));\r\n// }\r\n \r\n// if (options?.validate) {\r\n// chain.push(HiSecure.validate(options.validate));\r\n// }\r\n \r\n// if (options?.auth) {\r\n// chain.push(HiSecure.auth(\r\n// typeof options.auth === 'object' ? options.auth : undefined\r\n// ));\r\n// }\r\n// return chain;\r\n// }\r\n\r\n\r\n\r\nimport { HiSecure } from \"./HiSecure.js\";\r\nimport { SecureOptions } from \"./types/SecureOptions.js\";\r\n\r\n/**\r\n * @deprecated Use HiSecure.middleware()\r\n */\r\nexport function useSecure(\r\n options?: SecureOptions | \"api\" | \"strict\" | \"public\"\r\n) {\r\n console.warn(\"useSecure() is deprecated. Use HiSecure.middleware() instead.\");\r\n return HiSecure.middleware(options);\r\n}\r\n\r\n/**\r\n * Legacy route-level security\r\n */\r\nexport function secureRoute(options?: SecureOptions) {\r\n const chain: any[] = [];\r\n\r\n if (!options) return chain;\r\n\r\n if (options.cors) {\r\n chain.push(HiSecure.cors());\r\n }\r\n\r\n if (options.rateLimit) {\r\n chain.push(\r\n HiSecure.rateLimit(\r\n typeof options.rateLimit === \"object\"\r\n ? options.rateLimit\r\n : options.rateLimit === \"strict\"\r\n ? \"strict\"\r\n : \"relaxed\"\r\n )\r\n );\r\n }\r\n\r\n if (options.sanitize) {\r\n chain.push(HiSecure.sanitize());\r\n }\r\n\r\n if (options.validate) {\r\n chain.push(HiSecure.validate(options.validate));\r\n }\r\n\r\n if (options.auth) {\r\n chain.push(\r\n HiSecure.auth(\r\n typeof options.auth === \"object\" ? options.auth : undefined\r\n )\r\n );\r\n }\r\n\r\n return chain;\r\n}\r\n"]}
|
package/package.json
CHANGED
package/src/core/HiSecure.ts
CHANGED
|
@@ -381,7 +381,7 @@ export class HiSecure {
|
|
|
381
381
|
this.config = config;
|
|
382
382
|
}
|
|
383
383
|
|
|
384
|
-
//
|
|
384
|
+
// ================= INIT (ONLY ONCE) =================
|
|
385
385
|
static init(userConfig?: Partial<HiSecureConfig>): HiSecure {
|
|
386
386
|
if (HiSecure.instance) return HiSecure.instance;
|
|
387
387
|
|
|
@@ -408,7 +408,7 @@ export class HiSecure {
|
|
|
408
408
|
version: LIB_VERSION
|
|
409
409
|
});
|
|
410
410
|
|
|
411
|
-
// Core
|
|
411
|
+
// ===== Core Managers =====
|
|
412
412
|
this.hashManager = new HashManager(
|
|
413
413
|
this.config.hashing,
|
|
414
414
|
this.config.hashing.primary === "argon2"
|
|
@@ -440,7 +440,7 @@ export class HiSecure {
|
|
|
440
440
|
this.jsonManager = new JsonManager();
|
|
441
441
|
this.corsManager = new CorsManager();
|
|
442
442
|
|
|
443
|
-
//
|
|
443
|
+
// ===== AUTH (OPTIONAL) =====
|
|
444
444
|
if (this.config.auth?.enabled) {
|
|
445
445
|
this.authManager = new AuthManager({
|
|
446
446
|
jwtSecret: process.env.JWT_SECRET || this.config.auth.jwtSecret!,
|
|
@@ -462,14 +462,38 @@ export class HiSecure {
|
|
|
462
462
|
});
|
|
463
463
|
}
|
|
464
464
|
|
|
465
|
-
//
|
|
466
|
-
|
|
465
|
+
// ================= AUTH =================
|
|
467
466
|
static auth(options?: { required?: boolean; roles?: string[] }) {
|
|
468
467
|
const i = HiSecure.get();
|
|
469
468
|
if (!i.authManager) throw new Error("Auth not enabled");
|
|
470
469
|
return i.authManager.protect(options);
|
|
471
470
|
}
|
|
472
471
|
|
|
472
|
+
// ================= JWT =================
|
|
473
|
+
static jwt = {
|
|
474
|
+
sign(payload: object, options?: any) {
|
|
475
|
+
const i = HiSecure.get();
|
|
476
|
+
if (!i.authManager) throw new Error("Auth not enabled");
|
|
477
|
+
return i.authManager.sign(payload, options);
|
|
478
|
+
},
|
|
479
|
+
|
|
480
|
+
verify(token: string) {
|
|
481
|
+
const i = HiSecure.get();
|
|
482
|
+
if (!i.authManager) throw new Error("Auth not enabled");
|
|
483
|
+
return i.authManager.verify(token);
|
|
484
|
+
},
|
|
485
|
+
|
|
486
|
+
google: {
|
|
487
|
+
verifyIdToken(idToken: string) {
|
|
488
|
+
const i = HiSecure.get();
|
|
489
|
+
if (!i.authManager)
|
|
490
|
+
throw new Error("Auth not enabled (Google)");
|
|
491
|
+
return i.authManager.verifyGoogleIdToken(idToken);
|
|
492
|
+
}
|
|
493
|
+
}
|
|
494
|
+
};
|
|
495
|
+
|
|
496
|
+
// ================= OTHER UTILS =================
|
|
473
497
|
static validate(schema: ValidationSchema) {
|
|
474
498
|
return HiSecure.get().validatorManager.validate(schema);
|
|
475
499
|
}
|
|
@@ -479,21 +503,20 @@ export class HiSecure {
|
|
|
479
503
|
}
|
|
480
504
|
|
|
481
505
|
static rateLimit(preset: "strict" | "relaxed" | "api" | object) {
|
|
482
|
-
|
|
506
|
+
const i = HiSecure.get();
|
|
483
507
|
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
508
|
+
if (typeof preset === "string") {
|
|
509
|
+
const presets = {
|
|
510
|
+
strict: { mode: "strict" },
|
|
511
|
+
relaxed: { mode: "relaxed" },
|
|
512
|
+
api: { mode: "api" }
|
|
513
|
+
} as const;
|
|
490
514
|
|
|
491
|
-
|
|
492
|
-
|
|
493
|
-
|
|
494
|
-
return i.rateLimitManager.middleware({ options: preset });
|
|
495
|
-
}
|
|
515
|
+
return i.rateLimitManager.middleware(presets[preset]);
|
|
516
|
+
}
|
|
496
517
|
|
|
518
|
+
return i.rateLimitManager.middleware({ options: preset });
|
|
519
|
+
}
|
|
497
520
|
|
|
498
521
|
static cors(options?: any) {
|
|
499
522
|
return HiSecure.get().corsManager.middleware(options);
|
|
@@ -515,6 +538,7 @@ export class HiSecure {
|
|
|
515
538
|
return HiSecure.get().hashManager.verify(value, hash);
|
|
516
539
|
}
|
|
517
540
|
|
|
541
|
+
// ================= GLOBAL MIDDLEWARE =================
|
|
518
542
|
static middleware(options?: SecureOptions | MiddlewarePreset) {
|
|
519
543
|
const i = HiSecure.get();
|
|
520
544
|
|