npm - hi-secure - Versions diffs - 1.0.3 → 1.0.5 - Mend

hi-secure 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "hi-secure",
-    "version": "1.0.3",
+    "version": "1.0.5",
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
     "scripts": {

package/src/core/HiSecure.ts CHANGED Viewed

@@ -1,3 +1,6 @@
+/* The `HiSecure` class is a security library in TypeScript that provides various security features
+such as hashing, rate limiting, validation, sanitization, and authentication through a fluent API
+and global middleware setup. */
 // // // src/core/HiSecure.ts
 // // import { HiSecureConfig } from "./types/HiSecureConfig.js";
@@ -238,7 +241,7 @@
-// // src/core/HiSecure.ts - COMPLETE FIXED
+// src/core/HiSecure.ts - COMPLETE FIXED
 // import { HiSecureConfig } from "./types/HiSecureConfig.js";
 // import { defaultConfig } from "./config.js";
 // import { LIB_NAME, LIB_VERSION } from "./constants.js";
@@ -595,9 +598,376 @@
 // }
 // =================
-// // src/core/HiSecure.ts - COMPLETELY FIXED
+// src/core/HiSecure.ts - COMPLETELY FIXED
+import { HiSecureConfig } from "./types/HiSecureConfig.js";
+import { defaultConfig } from "./config.js";
+import { LIB_NAME, LIB_VERSION } from "./constants.js";
+import { deepMerge } from "../utils/deepMerge.js";
+import { deepFreeze } from "../utils/deepFreeze.js";
+import { logger } from "../logging/index.js";
+// Adapters
+import { ArgonAdapter } from "../adapters/ArgonAdapter.js";
+import { BcryptAdapter } from "../adapters/BcryptAdapter.js";
+import { RLFlexibleAdapter } from "../adapters/RLFlexibleAdapter.js";
+import { ExpressRLAdapter } from "../adapters/ExpressRLAdapter.js";
+import { ZodAdapter } from "../adapters/ZodAdapter.js";
+import { ExpressValidatorAdapter } from "../adapters/ExpressValidatorAdapter.js";
+import { SanitizeHtmlAdapter } from "../adapters/SanitizeHtmlAdapter.js";
+import { XSSAdapter } from "../adapters/XSSAdapter.js";
+// Managers
+import { HashManager } from "../managers/HashManager.js";
+import { RateLimitManager } from "../managers/RateLimitManager.js";
+import { ValidatorManager } from "../managers/ValidatorManager.js";
+import { SanitizerManager } from "../managers/SanitizerManager.js";
+import { JsonManager } from "../managers/JsonManager.js";
+import { CorsManager } from "../managers/CorsManager.js";
+import { AuthManager } from "../managers/AuthManager.js";
+// Middlewares
+import helmet from "helmet";
+import hpp from "hpp";
+import compression from "compression";
+import { errorHandler } from "../middlewares/errorHandler.js";
+// Types
+import { SecureOptions, ValidationSchema, RateLimitOptions } from "./types/SecureOptions.js";
+export class HiSecure {
+    private static instance: HiSecure | null = null;
+    private config: HiSecureConfig;
+    private initialized = false;
+    // Managers
+    public hashManager!: HashManager;
+    public rateLimitManager!: RateLimitManager;
+    public validatorManager!: ValidatorManager;
+    public sanitizerManager!: SanitizerManager;
+    public jsonManager!: JsonManager;
+    public corsManager!: CorsManager;
+    public authManager?: AuthManager;
+    // Internal adapters
+    private hashingPrimary: any;
+    private hashingFallback: any;
+    private rateLimiterPrimary: any;
+    private rateLimiterFallback: any;
+    private validatorPrimary: any;
+    private validatorFallback: any;
+    private sanitizerPrimary: any;
+    private sanitizerFallback: any;
+    // Private constructor for singleton
+    private constructor(userConfig: Partial<HiSecureConfig> = {}) {
+        this.config = deepMerge(defaultConfig, userConfig);
+    }
+    // =====================================================
+    // SINGLETON & INITIALIZATION
+    // =====================================================
+    static getInstance(config?: Partial<HiSecureConfig>): HiSecure {
+        if (!HiSecure.instance) {
+            HiSecure.instance = new HiSecure(config);
+            HiSecure.instance.init();
+        }
+        return HiSecure.instance;
+    }
+    static resetInstance(): void {
+        HiSecure.instance = null;
+    }
+    init(): void {
+        if (this.initialized) {
+            logger.warn("⚠ HiSecure already initialized");
+            return;
+        }
+        logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);
+        this.setupAdapters();
+        this.setupManagers();
+        this.setupDynamicManagers();
+        // Make everything immutable
+        deepFreeze(this.config);
+        // deepFreeze(this.hashManager);
+        // deepFreeze(this.rateLimitManager);
+        // deepFreeze(this.validatorManager);
+        // deepFreeze(this.sanitizerManager);
+        // deepFreeze(this.jsonManager);
+        // deepFreeze(this.corsManager);
+        // if (this.authManager) deepFreeze(this.authManager);
+        this.initialized = true;
+        logger.info("✅ HiSecure initialized successfully");
+    }
+    isInitialized(): boolean {
+        return this.initialized;
+    }
+    // =====================================================
+    // FLUENT API METHODS (Route-level security)
+    // =====================================================
+    static auth(options?: { required?: boolean; roles?: string[] }) {
+        const instance = this.getInstance();
+        if (!instance.authManager) {
+            throw new Error("Auth not enabled. Set auth.enabled=true in config.");
+        }
+        return instance.authManager.protect(options);
+    }
+    static validate(schema: ValidationSchema) {
+        return this.getInstance().validatorManager.validate(schema);
+    }
+    static sanitize(options?: any) {
+        return this.getInstance().sanitizerManager.middleware(options);
+    }
+    static rateLimit(preset: "strict" | "relaxed" | "api" | object) {
+        const instance = this.getInstance();
+        if (typeof preset === "string") {
+            const presets: Record<string, { mode?: "strict" | "relaxed" | "api"; options?: any }> = {
+                strict: { mode: "strict" },
+                relaxed: { mode: "relaxed" },
+                api: { mode: "api", options: { max: 100, windowMs: 60000 } }
+            };
+            return instance.rateLimitManager.middleware(presets[preset] || {});
+        }
+        return instance.rateLimitManager.middleware({ options: preset });
+    }
+    static cors(options?: any) {
+        return this.getInstance().corsManager.middleware(options);
+    }
+    static json(options?: any) {
+        const instance = this.getInstance();
+        const chain = [];
+        chain.push(instance.jsonManager.middleware(options));
+        chain.push(instance.jsonManager.urlencoded());
+        return chain;
+    }
+    // =====================================================
+    // UTILITY METHODS (Direct usage)
+    // =====================================================
+    static async hash(password: string): Promise<string> {
+        const instance = this.getInstance();
+        const result = await instance.hashManager.hash(password, { allowFallback: true });
+        return result.hash;
+    }
+    static async verify(password: string, hash: string): Promise<boolean> {
+        return this.getInstance().hashManager.verify(password, hash);
+    }
+    static jwt = {
+        sign: (payload: object, options?: any) => {
+            const instance = HiSecure.getInstance();
+            if (!instance.authManager) {
+                throw new Error("Auth not enabled");
+            }
+            return instance.authManager.sign(payload, options);
+        },
+        verify: (token: string) => {
+            const instance = HiSecure.getInstance();
+            if (!instance.authManager) {
+                throw new Error("Auth not enabled");
+            }
+            return instance.authManager.verify(token);
+        },
+        google: {
+            verifyIdToken: (idToken: string) => {
+                const instance = HiSecure.getInstance();
+                if (!instance.authManager) {
+                    throw new Error("Auth not enabled");
+                }
+                return instance.authManager.verifyGoogleIdToken(idToken);
+            }
+        }
+    };
+    // =====================================================
+    // GLOBAL MIDDLEWARE (app.use())
+    // =====================================================
+    static middleware(options?: SecureOptions | "api" | "strict" | "public") {
+        const instance = this.getInstance();
+        // Handle preset strings
+        if (typeof options === "string") {
+            const presets: Record<string, SecureOptions> = {
+                api: { cors: true, rateLimit: "relaxed" as any, sanitize: true },
+                strict: { cors: true, rateLimit: "strict" as any, sanitize: true, auth: true },
+                public: { cors: true, rateLimit: true as any, sanitize: false }
+            };
+            const presetOptions = presets[options];
+            if (presetOptions) {
+                return instance.createMiddlewareChain(presetOptions);
+            }
+            return instance.createMiddlewareChain({});
+        }
+        return instance.createMiddlewareChain(options || {});
+    }
+    // =====================================================
+    // INTERNAL METHODS
+    // =====================================================
+    private setupAdapters(): void {
+        logger.info("🧩 Setting up adapters...");
+        // Hashing
+        this.hashingPrimary = this.config.hashing.primary === "argon2"
+            ? new ArgonAdapter()
+            : new BcryptAdapter(this.config.hashing.saltRounds);
+        this.hashingFallback = this.config.hashing.fallback === "bcrypt"
+            ? new BcryptAdapter(this.config.hashing.saltRounds)
+            : null;
+        // Rate limiting
+        this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode
+            ? new RLFlexibleAdapter()
+            : new ExpressRLAdapter();
+        this.rateLimiterFallback = new ExpressRLAdapter();
+        // Validation
+        this.validatorPrimary = this.config.validation.mode === "zod"
+            ? new ZodAdapter()
+            : new ExpressValidatorAdapter();
+        this.validatorFallback = this.config.validation.fallback === "express-validator"
+            ? new ExpressValidatorAdapter()
+            : null;
+        // Sanitization
+        this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);
+        this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);
+        logger.info("✅ Adapters ready");
+    }
+    private setupManagers(): void {
+        this.hashManager = new HashManager(
+            this.config.hashing,
+            this.hashingPrimary,
+            this.hashingFallback
+        );
+        this.rateLimitManager = new RateLimitManager(
+            this.config.rateLimiter,
+            this.rateLimiterPrimary,
+            this.rateLimiterFallback
+        );
+        this.validatorManager = new ValidatorManager(
+            // this.config.validation,
+            // this.validatorPrimary,
+            // this.validatorFallback
+            new ZodAdapter(),
+            new ExpressValidatorAdapter()
+        );
+        this.sanitizerManager = new SanitizerManager(
+            this.sanitizerPrimary,
+            this.sanitizerFallback
+        );
+    }
+    private setupDynamicManagers(): void {
+        this.jsonManager = new JsonManager();
+        this.corsManager = new CorsManager();
+        // Auth manager (only if enabled)
+        if (this.config.auth.enabled) {
+            const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;
+            if (!jwtSecret) {
+                throw new Error("JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true");
+            }
+            this.authManager = new AuthManager({
+                jwtSecret,
+                jwtExpiresIn: this.config.auth.jwtExpiresIn,
+                googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId
+                // Removed algorithm - handled in AuthManager
+            });
+        }
+    }
+    private createMiddlewareChain(options: SecureOptions): any[] {
+        const chain: any[] = [];
+        // JSON parsing
+        chain.push(this.jsonManager.middleware(this.config.json));
+        chain.push(this.jsonManager.urlencoded(this.config.urlencoded));
+        // Security headers
+        if (this.config.enableHelmet) chain.push(helmet());
+        if (this.config.enableHPP) chain.push(hpp());
+        // Compression (check if compression config exists)
+        if (this.config.enableCompression && this.config.compression) {
+            chain.push(compression(this.config.compression));
+        } else if (this.config.enableCompression) {
+            chain.push(compression()); // Use defaults
+        }
+        // CORS
+        if (this.config.enableCORS || options.cors) {
+            const corsOptions = options.cors === true ? this.config.cors :
+                              (typeof options.cors === 'object' ? options.cors : this.config.cors);
+            chain.push(this.corsManager.middleware(corsOptions));
+        }
+        // Sanitization
+        if (this.config.enableSanitizer || options.sanitize) {
+            const sanitizeOptions = options.sanitize === true ? undefined :
+                                  (typeof options.sanitize === 'object' ? options.sanitize : undefined);
+            chain.push(this.sanitizerManager.middleware(sanitizeOptions));
+        }
+        // Rate limiting
+        if (this.config.enableRateLimiter || options.rateLimit) {
+            const rateLimitOpts = typeof options.rateLimit === 'object' ?
+                                { options: options.rateLimit } : {};
+            chain.push(this.rateLimitManager.middleware(rateLimitOpts));
+        }
+        // Authentication
+        if (options.auth && this.authManager) {
+            const authOpts = options.auth === true ? undefined :
+                           (typeof options.auth === 'object' ? options.auth : undefined);
+            chain.push(this.authManager.protect(authOpts));
+        }
+        // Error handler (always last)
+        chain.push(errorHandler);
+        return chain;
+    }
+}
+// ===================
+// // src/core/HiSecure.ts - FINAL VERSION
 // import { HiSecureConfig } from "./types/HiSecureConfig.js";
 // import { defaultConfig } from "./config.js";
 // import { LIB_NAME, LIB_VERSION } from "./constants.js";
@@ -631,7 +1001,7 @@
 // import { errorHandler } from "../middlewares/errorHandler.js";
 // // Types
-// import { SecureOptions, ValidationSchema, RateLimitOptions } from "./types/SecureOptions.js";
+// import { SecureOptions, ValidationSchema } from "./types/SecureOptions.js";
 // export class HiSecure {
 //     private static instance: HiSecure | null = null;
@@ -652,20 +1022,14 @@
 //     private hashingFallback: any;
 //     private rateLimiterPrimary: any;
 //     private rateLimiterFallback: any;
-//     private validatorPrimary: any;
-//     private validatorFallback: any;
-//     private sanitizerPrimary: any;
-//     private sanitizerFallback: any;
-//     // Private constructor for singleton
 //     private constructor(userConfig: Partial<HiSecureConfig> = {}) {
 //         this.config = deepMerge(defaultConfig, userConfig);
 //     }
 //     // =====================================================
-//     // SINGLETON & INITIALIZATION
+//     // SINGLETON
 //     // =====================================================
 //     static getInstance(config?: Partial<HiSecureConfig>): HiSecure {
 //         if (!HiSecure.instance) {
 //             HiSecure.instance = new HiSecure(config);
@@ -679,10 +1043,7 @@
 //     }
 //     init(): void {
-//         if (this.initialized) {
-//             logger.warn("⚠ HiSecure already initialized");
-//             return;
-//         }
+//         if (this.initialized) return;
 //         logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);
@@ -690,34 +1051,20 @@
 //         this.setupManagers();
 //         this.setupDynamicManagers();
-//         // Make everything immutable
+//         // ❌ DO NOT FREEZE MANAGERS
+//         // ✔ Only freeze config
 //         deepFreeze(this.config);
-//         deepFreeze(this.hashManager);
-//         deepFreeze(this.rateLimitManager);
-//         deepFreeze(this.validatorManager);
-//         deepFreeze(this.sanitizerManager);
-//         deepFreeze(this.jsonManager);
-//         deepFreeze(this.corsManager);
-//         if (this.authManager) deepFreeze(this.authManager);
 //         this.initialized = true;
 //         logger.info("✅ HiSecure initialized successfully");
 //     }
-//     isInitialized(): boolean {
-//         return this.initialized;
-//     }
 //     // =====================================================
-//     // FLUENT API METHODS (Route-level security)
+//     // FLUENT API (Route-level)
 //     // =====================================================
 //     static auth(options?: { required?: boolean; roles?: string[] }) {
-//         const instance = this.getInstance();
-//         if (!instance.authManager) {
-//             throw new Error("Auth not enabled. Set auth.enabled=true in config.");
-//         }
-//         return instance.authManager.protect(options);
+//         return this.getInstance().authManager!.protect(options);
 //     }
 //     static validate(schema: ValidationSchema) {
@@ -728,107 +1075,39 @@
 //         return this.getInstance().sanitizerManager.middleware(options);
 //     }
+//     static cors(options?: any) {
+//         return this.getInstance().corsManager.middleware(options);
+//     }
 //     static rateLimit(preset: "strict" | "relaxed" | "api" | object) {
 //         const instance = this.getInstance();
 //         if (typeof preset === "string") {
-//             const presets: Record<string, { mode?: "strict" | "relaxed" | "api"; options?: any }> = {
+//             const presets: any = {
 //                 strict: { mode: "strict" },
 //                 relaxed: { mode: "relaxed" },
 //                 api: { mode: "api", options: { max: 100, windowMs: 60000 } }
 //             };
 //             return instance.rateLimitManager.middleware(presets[preset] || {});
 //         }
 //         return instance.rateLimitManager.middleware({ options: preset });
 //     }
-//     static cors(options?: any) {
-//         return this.getInstance().corsManager.middleware(options);
-//     }
 //     static json(options?: any) {
 //         const instance = this.getInstance();
-//         const chain = [];
-//         chain.push(instance.jsonManager.middleware(options));
-//         chain.push(instance.jsonManager.urlencoded());
-//         return chain;
+//         return [
+//             instance.jsonManager.middleware(options),
+//             instance.jsonManager.urlencoded()
+//         ];
 //     }
 //     // =====================================================
-//     // UTILITY METHODS (Direct usage)
+//     // INTERNAL SETUP
 //     // =====================================================
-//     static async hash(password: string): Promise<string> {
-//         const instance = this.getInstance();
-//         const result = await instance.hashManager.hash(password, { allowFallback: true });
-//         return result.hash;
-//     }
-//     static async verify(password: string, hash: string): Promise<boolean> {
-//         return this.getInstance().hashManager.verify(password, hash);
-//     }
-//     static jwt = {
-//         sign: (payload: object, options?: any) => {
-//             const instance = HiSecure.getInstance();
-//             if (!instance.authManager) {
-//                 throw new Error("Auth not enabled");
-//             }
-//             return instance.authManager.sign(payload, options);
-//         },
-//         verify: (token: string) => {
-//             const instance = HiSecure.getInstance();
-//             if (!instance.authManager) {
-//                 throw new Error("Auth not enabled");
-//             }
-//             return instance.authManager.verify(token);
-//         },
-//         google: {
-//             verifyIdToken: (idToken: string) => {
-//                 const instance = HiSecure.getInstance();
-//                 if (!instance.authManager) {
-//                     throw new Error("Auth not enabled");
-//                 }
-//                 return instance.authManager.verifyGoogleIdToken(idToken);
-//             }
-//         }
-//     };
-//     // =====================================================
-//     // GLOBAL MIDDLEWARE (app.use())
-//     // =====================================================
-//     static middleware(options?: SecureOptions | "api" | "strict" | "public") {
-//         const instance = this.getInstance();
-//         // Handle preset strings
-//         if (typeof options === "string") {
-//             const presets: Record<string, SecureOptions> = {
-//                 api: { cors: true, rateLimit: "relaxed" as any, sanitize: true },
-//                 strict: { cors: true, rateLimit: "strict" as any, sanitize: true, auth: true },
-//                 public: { cors: true, rateLimit: true as any, sanitize: false }
-//             };
-//             const presetOptions = presets[options];
-//             if (presetOptions) {
-//                 return instance.createMiddlewareChain(presetOptions);
-//             }
-//             return instance.createMiddlewareChain({});
-//         }
-//         return instance.createMiddlewareChain(options || {});
-//     }
-//     // =====================================================
-//     // INTERNAL METHODS
-//     // =====================================================
 //     private setupAdapters(): void {
 //         logger.info("🧩 Setting up adapters...");
-//         // Hashing
 //         this.hashingPrimary = this.config.hashing.primary === "argon2"
 //             ? new ArgonAdapter()
 //             : new BcryptAdapter(this.config.hashing.saltRounds);
@@ -837,33 +1116,17 @@
 //             ? new BcryptAdapter(this.config.hashing.saltRounds)
 //             : null;
-//         // Rate limiting
 //         this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode
 //             ? new RLFlexibleAdapter()
 //             : new ExpressRLAdapter();
-//         this.rateLimiterFallback = new ExpressRLAdapter();
-//         // Validation
-//         this.validatorPrimary = this.config.validation.mode === "zod"
-//             ? new ZodAdapter()
-//             : new ExpressValidatorAdapter();
-//         this.validatorFallback = this.config.validation.fallback === "express-validator"
-//             ? new ExpressValidatorAdapter()
-//             : null;
-//         // Sanitization
-//         this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);
-//         this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);
+//         this.rateLimiterFallback = new ExpressRLAdapter();
 //         logger.info("✅ Adapters ready");
 //     }
 //     private setupManagers(): void {
-//         this.hashManager = new HashManager(
-//             this.config.hashing,
-//             this.hashingPrimary,
-//             this.hashingFallback
-//         );
+//         this.hashManager = new HashManager(this.config.hashing, this.hashingPrimary, this.hashingFallback);
 //         this.rateLimitManager = new RateLimitManager(
 //             this.config.rateLimiter,
@@ -871,17 +1134,15 @@
 //             this.rateLimiterFallback
 //         );
+//         // ✔ AUTO-DETECT VALIDATION (ZOD + EXPRESS-VALIDATOR)
 //         this.validatorManager = new ValidatorManager(
-//             // this.config.validation,
-//             // this.validatorPrimary,
-//             // this.validatorFallback
 //             new ZodAdapter(),
 //             new ExpressValidatorAdapter()
 //         );
 //         this.sanitizerManager = new SanitizerManager(
-//             this.sanitizerPrimary,
-//             this.sanitizerFallback
+//             new SanitizeHtmlAdapter(this.config.sanitizer),
+//             new XSSAdapter(this.config.sanitizer)
 //         );
 //     }
@@ -889,306 +1150,56 @@
 //         this.jsonManager = new JsonManager();
 //         this.corsManager = new CorsManager();
-//         // Auth manager (only if enabled)
 //         if (this.config.auth.enabled) {
 //             const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;
-//             if (!jwtSecret) {
-//                 throw new Error("JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true");
-//             }
+//             if (!jwtSecret) throw new Error("JWT_SECRET is required when auth.enabled=true");
 //             this.authManager = new AuthManager({
 //                 jwtSecret,
 //                 jwtExpiresIn: this.config.auth.jwtExpiresIn,
-//                 googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId
-//                 // Removed algorithm - handled in AuthManager
+//                 googleClientId: this.config.auth.googleClientId
 //             });
 //         }
 //     }
 //     private createMiddlewareChain(options: SecureOptions): any[] {
 //         const chain: any[] = [];
-//         // JSON parsing
 //         chain.push(this.jsonManager.middleware(this.config.json));
 //         chain.push(this.jsonManager.urlencoded(this.config.urlencoded));
-//         // Security headers
 //         if (this.config.enableHelmet) chain.push(helmet());
 //         if (this.config.enableHPP) chain.push(hpp());
-//         // Compression (check if compression config exists)
-//         if (this.config.enableCompression && this.config.compression) {
-//             chain.push(compression(this.config.compression));
-//         } else if (this.config.enableCompression) {
-//             chain.push(compression()); // Use defaults
-//         }
-//         // CORS
+//         if (this.config.enableCompression) chain.push(compression(this.config.compression));
 //         if (this.config.enableCORS || options.cors) {
-//             const corsOptions = options.cors === true ? this.config.cors :
-//                               (typeof options.cors === 'object' ? options.cors : this.config.cors);
-//             chain.push(this.corsManager.middleware(corsOptions));
+//             const opts = typeof options.cors === "object" ? options.cors : this.config.cors;
+//             chain.push(this.corsManager.middleware(opts));
 //         }
-//         // Sanitization
 //         if (this.config.enableSanitizer || options.sanitize) {
-//             const sanitizeOptions = options.sanitize === true ? undefined :
-//                                   (typeof options.sanitize === 'object' ? options.sanitize : undefined);
-//             chain.push(this.sanitizerManager.middleware(sanitizeOptions));
+//             const opts = typeof options.sanitize === "object" ? options.sanitize : undefined;
+//             chain.push(this.sanitizerManager.middleware(opts));
 //         }
-//         // Rate limiting
 //         if (this.config.enableRateLimiter || options.rateLimit) {
-//             const rateLimitOpts = typeof options.rateLimit === 'object' ?
-//                                 { options: options.rateLimit } : {};
-//             chain.push(this.rateLimitManager.middleware(rateLimitOpts));
+//             const opts = typeof options.rateLimit === "object" ? { options: options.rateLimit } : {};
+//             chain.push(this.rateLimitManager.middleware(opts));
 //         }
-//         // Authentication
 //         if (options.auth && this.authManager) {
-//             const authOpts = options.auth === true ? undefined :
-//                            (typeof options.auth === 'object' ? options.auth : undefined);
-//             chain.push(this.authManager.protect(authOpts));
+//             const opts = typeof options.auth === "object" ? options.auth : undefined;
+//             chain.push(this.authManager.protect(opts));
 //         }
-//         // Error handler (always last)
 //         chain.push(errorHandler);
 //         return chain;
 //     }
 // }
-// ===================
-// src/core/HiSecure.ts - FINAL VERSION
-import { HiSecureConfig } from "./types/HiSecureConfig.js";
-import { defaultConfig } from "./config.js";
-import { LIB_NAME, LIB_VERSION } from "./constants.js";
-import { deepMerge } from "../utils/deepMerge.js";
-import { deepFreeze } from "../utils/deepFreeze.js";
-import { logger } from "../logging/index.js";
-// Adapters
-import { ArgonAdapter } from "../adapters/ArgonAdapter.js";
-import { BcryptAdapter } from "../adapters/BcryptAdapter.js";
-import { RLFlexibleAdapter } from "../adapters/RLFlexibleAdapter.js";
-import { ExpressRLAdapter } from "../adapters/ExpressRLAdapter.js";
-import { ZodAdapter } from "../adapters/ZodAdapter.js";
-import { ExpressValidatorAdapter } from "../adapters/ExpressValidatorAdapter.js";
-import { SanitizeHtmlAdapter } from "../adapters/SanitizeHtmlAdapter.js";
-import { XSSAdapter } from "../adapters/XSSAdapter.js";
-// Managers
-import { HashManager } from "../managers/HashManager.js";
-import { RateLimitManager } from "../managers/RateLimitManager.js";
-import { ValidatorManager } from "../managers/ValidatorManager.js";
-import { SanitizerManager } from "../managers/SanitizerManager.js";
-import { JsonManager } from "../managers/JsonManager.js";
-import { CorsManager } from "../managers/CorsManager.js";
-import { AuthManager } from "../managers/AuthManager.js";
-// Middlewares
-import helmet from "helmet";
-import hpp from "hpp";
-import compression from "compression";
-import { errorHandler } from "../middlewares/errorHandler.js";
-// Types
-import { SecureOptions, ValidationSchema } from "./types/SecureOptions.js";
-export class HiSecure {
-    private static instance: HiSecure | null = null;
-    private config: HiSecureConfig;
-    private initialized = false;
-    // Managers
-    public hashManager!: HashManager;
-    public rateLimitManager!: RateLimitManager;
-    public validatorManager!: ValidatorManager;
-    public sanitizerManager!: SanitizerManager;
-    public jsonManager!: JsonManager;
-    public corsManager!: CorsManager;
-    public authManager?: AuthManager;
-    // Internal adapters
-    private hashingPrimary: any;
-    private hashingFallback: any;
-    private rateLimiterPrimary: any;
-    private rateLimiterFallback: any;
-    private constructor(userConfig: Partial<HiSecureConfig> = {}) {
-        this.config = deepMerge(defaultConfig, userConfig);
-    }
-    // =====================================================
-    // SINGLETON
-    // =====================================================
-    static getInstance(config?: Partial<HiSecureConfig>): HiSecure {
-        if (!HiSecure.instance) {
-            HiSecure.instance = new HiSecure(config);
-            HiSecure.instance.init();
-        }
-        return HiSecure.instance;
-    }
-    static resetInstance(): void {
-        HiSecure.instance = null;
-    }
-    init(): void {
-        if (this.initialized) return;
-        logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);
-        this.setupAdapters();
-        this.setupManagers();
-        this.setupDynamicManagers();
-        // ❌ DO NOT FREEZE MANAGERS
-        // ✔ Only freeze config
-        deepFreeze(this.config);
-        this.initialized = true;
-        logger.info("✅ HiSecure initialized successfully");
-    }
-    // =====================================================
-    // FLUENT API (Route-level)
-    // =====================================================
-    static auth(options?: { required?: boolean; roles?: string[] }) {
-        return this.getInstance().authManager!.protect(options);
-    }
-    static validate(schema: ValidationSchema) {
-        return this.getInstance().validatorManager.validate(schema);
-    }
-    static sanitize(options?: any) {
-        return this.getInstance().sanitizerManager.middleware(options);
-    }
-    static cors(options?: any) {
-        return this.getInstance().corsManager.middleware(options);
-    }
-    static rateLimit(preset: "strict" | "relaxed" | "api" | object) {
-        const instance = this.getInstance();
-        if (typeof preset === "string") {
-            const presets: any = {
-                strict: { mode: "strict" },
-                relaxed: { mode: "relaxed" },
-                api: { mode: "api", options: { max: 100, windowMs: 60000 } }
-            };
-            return instance.rateLimitManager.middleware(presets[preset] || {});
-        }
-        return instance.rateLimitManager.middleware({ options: preset });
-    }
-    static json(options?: any) {
-        const instance = this.getInstance();
-        return [
-            instance.jsonManager.middleware(options),
-            instance.jsonManager.urlencoded()
-        ];
-    }
-    // =====================================================
-    // INTERNAL SETUP
-    // =====================================================
-    private setupAdapters(): void {
-        logger.info("🧩 Setting up adapters...");
-        this.hashingPrimary = this.config.hashing.primary === "argon2"
-            ? new ArgonAdapter()
-            : new BcryptAdapter(this.config.hashing.saltRounds);
-        this.hashingFallback = this.config.hashing.fallback === "bcrypt"
-            ? new BcryptAdapter(this.config.hashing.saltRounds)
-            : null;
-        this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode
-            ? new RLFlexibleAdapter()
-            : new ExpressRLAdapter();
-        this.rateLimiterFallback = new ExpressRLAdapter();
-        logger.info("✅ Adapters ready");
-    }
-    private setupManagers(): void {
-        this.hashManager = new HashManager(this.config.hashing, this.hashingPrimary, this.hashingFallback);
-        this.rateLimitManager = new RateLimitManager(
-            this.config.rateLimiter,
-            this.rateLimiterPrimary,
-            this.rateLimiterFallback
-        );
-        // ✔ AUTO-DETECT VALIDATION (ZOD + EXPRESS-VALIDATOR)
-        this.validatorManager = new ValidatorManager(
-            new ZodAdapter(),
-            new ExpressValidatorAdapter()
-        );
-        this.sanitizerManager = new SanitizerManager(
-            new SanitizeHtmlAdapter(this.config.sanitizer),
-            new XSSAdapter(this.config.sanitizer)
-        );
-    }
-    private setupDynamicManagers(): void {
-        this.jsonManager = new JsonManager();
-        this.corsManager = new CorsManager();
-        if (this.config.auth.enabled) {
-            const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;
-            if (!jwtSecret) throw new Error("JWT_SECRET is required when auth.enabled=true");
-            this.authManager = new AuthManager({
-                jwtSecret,
-                jwtExpiresIn: this.config.auth.jwtExpiresIn,
-                googleClientId: this.config.auth.googleClientId
-            });
-        }
-    }
-    private createMiddlewareChain(options: SecureOptions): any[] {
-        const chain: any[] = [];
-        chain.push(this.jsonManager.middleware(this.config.json));
-        chain.push(this.jsonManager.urlencoded(this.config.urlencoded));
-        if (this.config.enableHelmet) chain.push(helmet());
-        if (this.config.enableHPP) chain.push(hpp());
-        if (this.config.enableCompression) chain.push(compression(this.config.compression));
-        if (this.config.enableCORS || options.cors) {
-            const opts = typeof options.cors === "object" ? options.cors : this.config.cors;
-            chain.push(this.corsManager.middleware(opts));
-        }
-        if (this.config.enableSanitizer || options.sanitize) {
-            const opts = typeof options.sanitize === "object" ? options.sanitize : undefined;
-            chain.push(this.sanitizerManager.middleware(opts));
-        }
-        if (this.config.enableRateLimiter || options.rateLimit) {
-            const opts = typeof options.rateLimit === "object" ? { options: options.rateLimit } : {};
-            chain.push(this.rateLimitManager.middleware(opts));
-        }
-        if (options.auth && this.authManager) {
-            const opts = typeof options.auth === "object" ? options.auth : undefined;
-            chain.push(this.authManager.protect(opts));
-        }
-        chain.push(errorHandler);
-        return chain;
-    }
-}

package/src/core/useSecure.ts CHANGED Viewed

@@ -62,105 +62,105 @@
 // This is now optional since HiSecure class has fluent API
-// import { HiSecure } from "./HiSecure.js";
-// import { SecureOptions } from "./types/SecureOptions.js";
+import { HiSecure } from "./HiSecure.js";
+import { SecureOptions } from "./types/SecureOptions.js";
-// /**
-//  * @deprecated Use HiSecure.middleware() or fluent API instead
-//  */
-// export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
-//     console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
-//     return HiSecure.middleware(options);
-// }
+/**
+ * @deprecated Use HiSecure.middleware() or fluent API instead
+ */
+export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
+    console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
+    return HiSecure.middleware(options);
+}
-// /**
-//  * Legacy support - route-level security
-//  */
-// export function secureRoute(options?: SecureOptions) {
-//     const chain: any[] = [];
+/**
+ * Legacy support - route-level security
+ */
+export function secureRoute(options?: SecureOptions) {
+    const chain: any[] = [];
-//     if (options?.cors) {
-//         chain.push(HiSecure.cors(
-//             typeof options.cors === 'object' ? options.cors : undefined
-//         ));
-//     }
+    if (options?.cors) {
+        chain.push(HiSecure.cors(
+            typeof options.cors === 'object' ? options.cors : undefined
+        ));
+    }
-//     if (options?.rateLimit) {
-//         chain.push(HiSecure.rateLimit(
-//             typeof options.rateLimit === 'object' ? options.rateLimit :
-//             options.rateLimit === "strict" ? "strict" : "relaxed"
-//         ));
-//     }
+    if (options?.rateLimit) {
+        chain.push(HiSecure.rateLimit(
+            typeof options.rateLimit === 'object' ? options.rateLimit :
+            options.rateLimit === "strict" ? "strict" : "relaxed"
+        ));
+    }
-//     if (options?.sanitize) {
-//         chain.push(HiSecure.sanitize(
-//             typeof options.sanitize === 'object' ? options.sanitize : undefined
-//         ));
-//     }
+    if (options?.sanitize) {
+        chain.push(HiSecure.sanitize(
+            typeof options.sanitize === 'object' ? options.sanitize : undefined
+        ));
+    }
-//     if (options?.validate) {
-//         chain.push(HiSecure.validate(options.validate));
-//     }
+    if (options?.validate) {
+        chain.push(HiSecure.validate(options.validate));
+    }
-//     if (options?.auth) {
-//         chain.push(HiSecure.auth(
-//             typeof options.auth === 'object' ? options.auth : undefined
-//         ));
-//     }
+    if (options?.auth) {
+        chain.push(HiSecure.auth(
+            typeof options.auth === 'object' ? options.auth : undefined
+        ));
+    }
-//     return chain;
-// }
+    return chain;
+}
-import { HiSecure } from "./HiSecure.js";
-import { SecureOptions } from "./types/SecureOptions.js";
+// import { HiSecure } from "./HiSecure.js";
+// import { SecureOptions } from "./types/SecureOptions.js";
-export function secureRoute(options?: SecureOptions) {
-    if (!options) return [];
+// export function secureRoute(options?: SecureOptions) {
+//     if (!options) return [];
-    const chain: any[] = [];
+//     const chain: any[] = [];
-    // 🔥 1. CORS
-    if (options.cors !== undefined) {
-        chain.push(
-            HiSecure.cors(typeof options.cors === "object" ? options.cors : undefined)
-        );
-    }
+//     // 🔥 1. CORS
+//     if (options.cors !== undefined) {
+//         chain.push(
+//             HiSecure.cors(typeof options.cors === "object" ? options.cors : undefined)
+//         );
+//     }
-    // 🔥 2. Rate Limiting (auto strict / relaxed detection)
-    if (options.rateLimit !== undefined) {
-        const rl = options.rateLimit;
-        if (rl === "strict" || rl === "relaxed") {
-            chain.push(HiSecure.rateLimit(rl));
-        } else if (typeof rl === "object") {
-            chain.push(HiSecure.rateLimit(rl));
-        } else {
-            chain.push(HiSecure.rateLimit("relaxed"));
-        }
-    }
+//     // 🔥 2. Rate Limiting (auto strict / relaxed detection)
+//     if (options.rateLimit !== undefined) {
+//         const rl = options.rateLimit;
+//         if (rl === "strict" || rl === "relaxed") {
+//             chain.push(HiSecure.rateLimit(rl));
+//         } else if (typeof rl === "object") {
+//             chain.push(HiSecure.rateLimit(rl));
+//         } else {
+//             chain.push(HiSecure.rateLimit("relaxed"));
+//         }
+//     }
-    // 🔥 3. Sanitization
-    if (options.sanitize !== undefined) {
-        chain.push(
-            HiSecure.sanitize(typeof options.sanitize === "object" ? options.sanitize : undefined)
-        );
-    }
+//     // 🔥 3. Sanitization
+//     if (options.sanitize !== undefined) {
+//         chain.push(
+//             HiSecure.sanitize(typeof options.sanitize === "object" ? options.sanitize : undefined)
+//         );
+//     }
-    // 🔥 4. Validation — smart auto-detection
-    if (options.validate) {
-        chain.push(HiSecure.validate(options.validate));
-    }
+//     // 🔥 4. Validation — smart auto-detection
+//     if (options.validate) {
+//         chain.push(HiSecure.validate(options.validate));
+//     }
-    // 🔥 5. Auth (roles included)
-    if (options.auth) {
-        chain.push(
-            HiSecure.auth(
-                typeof options.auth === "object" ? options.auth : undefined
-            )
-        );
-    }
+//     // 🔥 5. Auth (roles included)
+//     if (options.auth) {
+//         chain.push(
+//             HiSecure.auth(
+//                 typeof options.auth === "object" ? options.auth : undefined
+//             )
+//         );
+//     }
-    return chain;
-}
+//     return chain;
+// }

package/src/index.ts CHANGED Viewed

@@ -1,33 +1,33 @@
-// // src/index.ts - MAIN ENTRY POINT
-// import { HiSecure } from "./core/HiSecure.js";
-// import { useSecure, secureRoute } from "./core/useSecure.js";
+// src/index.ts - MAIN ENTRY POINT
+import { HiSecure } from "./core/HiSecure.js";
+import { useSecure, secureRoute } from "./core/useSecure.js";
-// // Export the singleton instance for quick usage
-// const hiSecure = HiSecure.getInstance();
+// Export the singleton instance for quick usage
+const hiSecure = HiSecure.getInstance();
-// // Export everything
-// export {
-//     HiSecure,        // Class for advanced usage
-//     hiSecure,        // Singleton instance
-//     useSecure,       // Legacy function (deprecated)
-//     secureRoute      // Route-level security helper
-// };
+// Export everything
+export {
+    HiSecure,        // Class for advanced usage
+    hiSecure,        // Singleton instance
+    useSecure,       // Legacy function (deprecated)
+    secureRoute      // Route-level security helper
+};
-// // Default export is the singleton instance
-// export default hiSecure;
+// Default export is the singleton instance
+export default hiSecure;
-// src/index.ts
-import { HiSecure } from "./core/HiSecure.js";
-import { secureRoute } from "./core/useSecure.js"; // Only if kept
+// // src/index.ts
+// import { HiSecure } from "./core/HiSecure.js";
+// import { secureRoute } from "./core/useSecure.js"; // Only if kept
-// DON'T auto-init here
-export {
-    HiSecure,         // Class
-    secureRoute       // Optional sugar API
-};
+// // DON'T auto-init here
+// export {
+//     HiSecure,         // Class
+//     secureRoute       // Optional sugar API
+// };
-// Default export: class itself (NOT instance)
-export default HiSecure;
+// // Default export: class itself (NOT instance)
+// export default HiSecure;