npm - hi-secure - Versions diffs - 1.0.4 → 1.0.6 - Mend

hi-secure 1.0.4 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json +1 -1
package/src/core/HiSecure.ts +12 -849
package/src/core/useSecure.ts +37 -149
package/src/index.ts +11 -27
package/src/managers/ValidatorManager.ts +138 -138
package/src/utils/normalizeOptions.ts +13 -12

package/src/core/useSecure.ts CHANGED Viewed

@@ -1,166 +1,54 @@
-// import { normalizeOptions } from "../utils/normalizeOptions.js";
-// import { HiSecure } from "./HiSecure.js";
-// export function useSecure(engine: HiSecure, input?: any) {
-//     if (!engine.isInitialized()) {
-//         throw new Error("HiSecure must be initialized before using .use()");
-//     }
-//     const options = normalizeOptions(input);
-//     const chain: any[] = [];
-//     // JSON
-//     if (options.json.enabled) {
-//         chain.push(engine.jsonManager.middleware(options.json.options));
-//         chain.push(engine.jsonManager.urlencoded());
-//     }
-//     // CORS
-//     if (options.cors.enabled) {
-//         chain.push(engine.corsManager.middleware(options.cors.options));
-//     }
-//     // Sanitize
-//     if (options.sanitize.enabled) {
-//         chain.push(engine.sanitizerManager.middleware());
-//     }
-//     // Validate
-//     if (options.validate.enabled && options.validate.schema) {
-//         chain.push(engine.validatorManager.validate(options.validate.schema));
-//     }
-//     // Rate Limit
-//     if (options.rateLimit.enabled) {
-//         chain.push(
-//             engine.rateLimitManager.middleware({
-//                 mode: options.rateLimit.mode ?? undefined,
-//                 options: options.rateLimit.options ?? undefined
-//             })
-//         );
-//     }
-//     // AUTH
-//     if (options.auth.enabled) {
-//         if (!engine.authManager) {
-//             throw new Error("AuthManager not initialized. Enable auth in config.");
-//         }
-//         chain.push(
-//             engine.authManager.protect({
-//                 required: options.auth.required
-//             })
-//         );
-//     }
-//     return chain;
-// }
 // src/core/useSecure.ts - SIMPLER VERSION
 // This is now optional since HiSecure class has fluent API
-// import { HiSecure } from "./HiSecure.js";
-// import { SecureOptions } from "./types/SecureOptions.js";
-// /**
-//  * @deprecated Use HiSecure.middleware() or fluent API instead
-//  */
-// export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
-//     console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
-//     return HiSecure.middleware(options);
-// }
-// /**
-//  * Legacy support - route-level security
-//  */
-// export function secureRoute(options?: SecureOptions) {
-//     const chain: any[] = [];
-//     if (options?.cors) {
-//         chain.push(HiSecure.cors(
-//             typeof options.cors === 'object' ? options.cors : undefined
-//         ));
-//     }
-//     if (options?.rateLimit) {
-//         chain.push(HiSecure.rateLimit(
-//             typeof options.rateLimit === 'object' ? options.rateLimit :
-//             options.rateLimit === "strict" ? "strict" : "relaxed"
-//         ));
-//     }
-//     if (options?.sanitize) {
-//         chain.push(HiSecure.sanitize(
-//             typeof options.sanitize === 'object' ? options.sanitize : undefined
-//         ));
-//     }
-//     if (options?.validate) {
-//         chain.push(HiSecure.validate(options.validate));
-//     }
-//     if (options?.auth) {
-//         chain.push(HiSecure.auth(
-//             typeof options.auth === 'object' ? options.auth : undefined
-//         ));
-//     }
-//     return chain;
-// }
 import { HiSecure } from "./HiSecure.js";
 import { SecureOptions } from "./types/SecureOptions.js";
-export function secureRoute(options?: SecureOptions) {
-    if (!options) return [];
+/**
+ * @deprecated Use HiSecure.middleware() or fluent API instead
+ */
+export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
+    console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
+    return HiSecure.middleware(options);
+}
+/**
+ * Legacy support - route-level security
+ */
+export function secureRoute(options?: SecureOptions) {
     const chain: any[] = [];
-    // 🔥 1. CORS
-    if (options.cors !== undefined) {
-        chain.push(
-            HiSecure.cors(typeof options.cors === "object" ? options.cors : undefined)
-        );
+    if (options?.cors) {
+        chain.push(HiSecure.cors(
+            typeof options.cors === 'object' ? options.cors : undefined
+        ));
     }
-    // 🔥 2. Rate Limiting (auto strict / relaxed detection)
-    if (options.rateLimit !== undefined) {
-        const rl = options.rateLimit;
-        if (rl === "strict" || rl === "relaxed") {
-            chain.push(HiSecure.rateLimit(rl));
-        } else if (typeof rl === "object") {
-            chain.push(HiSecure.rateLimit(rl));
-        } else {
-            chain.push(HiSecure.rateLimit("relaxed"));
-        }
+    if (options?.rateLimit) {
+        chain.push(HiSecure.rateLimit(
+            typeof options.rateLimit === 'object' ? options.rateLimit :
+            options.rateLimit === "strict" ? "strict" : "relaxed"
+        ));
     }
-    // 🔥 3. Sanitization
-    if (options.sanitize !== undefined) {
-        chain.push(
-            HiSecure.sanitize(typeof options.sanitize === "object" ? options.sanitize : undefined)
-        );
+    if (options?.sanitize) {
+        chain.push(HiSecure.sanitize(
+            typeof options.sanitize === 'object' ? options.sanitize : undefined
+        ));
     }
-    // 🔥 4. Validation — smart auto-detection
-    if (options.validate) {
+    if (options?.validate) {
         chain.push(HiSecure.validate(options.validate));
     }
-    // 🔥 5. Auth (roles included)
-    if (options.auth) {
-        chain.push(
-            HiSecure.auth(
-                typeof options.auth === "object" ? options.auth : undefined
-            )
-        );
+    if (options?.auth) {
+        chain.push(HiSecure.auth(
+            typeof options.auth === 'object' ? options.auth : undefined
+        ));
     }
     return chain;
 }

package/src/index.ts CHANGED Viewed

@@ -1,33 +1,17 @@
-// // src/index.ts - MAIN ENTRY POINT
-// import { HiSecure } from "./core/HiSecure.js";
-// import { useSecure, secureRoute } from "./core/useSecure.js";
-// // Export the singleton instance for quick usage
-// const hiSecure = HiSecure.getInstance();
-// // Export everything
-// export {
-//     HiSecure,        // Class for advanced usage
-//     hiSecure,        // Singleton instance
-//     useSecure,       // Legacy function (deprecated)
-//     secureRoute      // Route-level security helper
-// };
-// // Default export is the singleton instance
-// export default hiSecure;
+// src/index.ts - MAIN ENTRY POINT
+import { HiSecure } from "./core/HiSecure.js";
+import { useSecure, secureRoute } from "./core/useSecure.js";
+const hiSecure = HiSecure.getInstance();
+export {
+    HiSecure,        // Class for advanced usage
+    hiSecure,        // Singleton instance
+    useSecure,       // Legacy function (deprecated)
+    secureRoute      // Route-level security helper
+};
+export default hiSecure;
-// src/index.ts
-import { HiSecure } from "./core/HiSecure.js";
-import { secureRoute } from "./core/useSecure.js"; // Only if kept
-// DON'T auto-init here
-export {
-    HiSecure,         // Class
-    secureRoute       // Optional sugar API
-};
-// Default export: class itself (NOT instance)
-export default HiSecure;

package/src/managers/ValidatorManager.ts CHANGED Viewed

@@ -1,74 +1,74 @@
-// // src/managers/ValidatorManager.ts - COMPLETE FIXED
-// import { logger } from "../logging";
-// import { ValidationError } from "../core/errors/ValidationError.js";
-// import { HiSecureConfig } from "../core/types/HiSecureConfig.js"; // ✅ FIXED IMPORT
-// interface ValidatorAdapter {
-//     validate: (schema?: any) => any;
-// }
+// src/managers/ValidatorManager.ts - COMPLETE FIXED
+import { logger } from "../logging";
+import { ValidationError } from "../core/errors/ValidationError.js";
+import { HiSecureConfig } from "../core/types/HiSecureConfig.js"; // ✅ FIXED IMPORT
-// export class ValidatorManager {
-//     private config: HiSecureConfig["validation"];
-//     private primaryAdapter: ValidatorAdapter;
-//     private fallbackAdapter: ValidatorAdapter | null;
+interface ValidatorAdapter {
+    validate: (schema?: any) => any;
+}
-//     constructor(
-//         config: HiSecureConfig["validation"],
-//         primaryAdapter: ValidatorAdapter,
-//         fallbackAdapter: ValidatorAdapter | null
-//     ) {
-//         this.config = config;
-//         this.primaryAdapter = primaryAdapter;
-//         this.fallbackAdapter = fallbackAdapter;
-//     }
+export class ValidatorManager {
+    private config: HiSecureConfig["validation"];
+    private primaryAdapter: ValidatorAdapter;
+    private fallbackAdapter: ValidatorAdapter | null;
+    constructor(
+        config: HiSecureConfig["validation"],
+        primaryAdapter: ValidatorAdapter,
+        fallbackAdapter: ValidatorAdapter | null
+    ) {
+        this.config = config;
+        this.primaryAdapter = primaryAdapter;
+        this.fallbackAdapter = fallbackAdapter;
+    }
-//     validate(schema?: any) {
-//         return (req: any, res: any, next: any) => {
-//             // Execute primary adapter middleware
-//             const primaryMiddleware = this.primaryAdapter.validate(schema);
+    validate(schema?: any) {
+        return (req: any, res: any, next: any) => {
+            // Execute primary adapter middleware
+            const primaryMiddleware = this.primaryAdapter.validate(schema);
-//             // Run middleware and handle errors properly
-//             primaryMiddleware(req, res, (err?: any) => {
-//                 if (!err) {
-//                     return next(); // Validation passed
-//                 }
+            // Run middleware and handle errors properly
+            primaryMiddleware(req, res, (err?: any) => {
+                if (!err) {
+                    return next(); // Validation passed
+                }
-//                 // If error is a ValidationError, pass it through (don't fallback!)
-//                 if (err instanceof ValidationError) {
-//                     logger.warn("⚠ Validation failed", {
-//                         path: req.path,
-//                         method: req.method,
-//                         error: err.message
-//                     });
-//                     return next(err);
-//                 }
+                // If error is a ValidationError, pass it through (don't fallback!)
+                if (err instanceof ValidationError) {
+                    logger.warn("⚠ Validation failed", {
+                        path: req.path,
+                        method: req.method,
+                        error: err.message
+                    });
+                    return next(err);
+                }
-//                 // Only use fallback for ADAPTER errors, not validation errors
-//                 logger.warn("⚠ Primary validator adapter failed", {
-//                     error: err?.message,
-//                     path: req.path,
-//                     method: req.method
-//                 });
-//                 if (!this.fallbackAdapter) {
-//                     return next(new ValidationError("Validation system error"));
-//                 }
+                // Only use fallback for ADAPTER errors, not validation errors
+                logger.warn("⚠ Primary validator adapter failed", {
+                    error: err?.message,
+                    path: req.path,
+                    method: req.method
+                });
-//                 // Try fallback adapter
-//                 const fallbackMiddleware = this.fallbackAdapter.validate(schema);
-//                 fallbackMiddleware(req, res, (fallbackErr?: any) => {
-//                     if (fallbackErr) {
-//                         logger.error("❌ Fallback validator also failed", {
-//                             error: fallbackErr?.message
-//                         });
-//                         return next(new ValidationError("Validation system unavailable"));
-//                     }
-//                     next(); // Fallback validation passed
-//                 });
-//             });
-//         };
-//     }
-// }
+                if (!this.fallbackAdapter) {
+                    return next(new ValidationError("Validation system error"));
+                }
+                // Try fallback adapter
+                const fallbackMiddleware = this.fallbackAdapter.validate(schema);
+                fallbackMiddleware(req, res, (fallbackErr?: any) => {
+                    if (fallbackErr) {
+                        logger.error("❌ Fallback validator also failed", {
+                            error: fallbackErr?.message
+                        });
+                        return next(new ValidationError("Validation system unavailable"));
+                    }
+                    next(); // Fallback validation passed
+                });
+            });
+        };
+    }
+}
@@ -130,78 +130,78 @@
-// src/managers/ValidatorManager.ts
-import { logger } from "../logging";
-import { ValidationError } from "../core/errors/ValidationError.js";
-interface ValidatorAdapter {
-    validate: (schema?: any) => any;
-}
-export class ValidatorManager {
-    private zodAdapter: ValidatorAdapter;
-    private expressAdapter: ValidatorAdapter;
-    constructor(zodAdapter: ValidatorAdapter, expressAdapter: ValidatorAdapter) {
-        this.zodAdapter = zodAdapter;
-        this.expressAdapter = expressAdapter;
-    }
-    validate(schema?: any) {
-        // const isZod = schema && typeof schema.safeParse === "function";
-        const isZod =
-    schema &&
-    typeof schema === "object" &&
-    typeof schema._def === "object" &&
-    typeof schema.safeParse === "function";
-        const isExpressValidator = Array.isArray(schema);
-        return (req: any, res: any, next: any) => {
-            let middleware;
-            if (isZod) {
-                logger.debug("📌 Using Zod adapter");
-                middleware = this.zodAdapter.validate(schema);
-            }
-            else if (isExpressValidator) {
-                logger.debug("📌 Using express-validator adapter");
-                middleware = this.expressAdapter.validate(schema);
-            }
-            else {
-                return next(); // no schema found
-            }
-            // CASE 1 — express-validator returns ARRAY
-            if (Array.isArray(middleware)) {
-                let idx = 0;
-                const run = (err?: any) => {
-                    if (err) return next(err);
-                    const fn = middleware[idx++];
-                    if (!fn) return next(); // done
-                    try {
-                        fn(req, res, run);
-                    } catch (error: any) {
-                        next(new ValidationError(error.message));
-                    }
-                };
-                return run();
-            }
-            // CASE 2 — Zod returns SINGLE MIDDLEWARE
-            try {
-                middleware(req, res, (err?: any) => {
-                    if (err) return next(err);
-                    next();
-                });
-            } catch (err: any) {
-                next(new ValidationError(err.message));
-            }
-        };
-    }
-}
+// // // src/managers/ValidatorManager.ts
+// // import { logger } from "../logging";
+// // import { ValidationError } from "../core/errors/ValidationError.js";
+// // interface ValidatorAdapter {
+// //     validate: (schema?: any) => any;
+// // }
+// // export class ValidatorManager {
+// //     private zodAdapter: ValidatorAdapter;
+// //     private expressAdapter: ValidatorAdapter;
+// //     constructor(zodAdapter: ValidatorAdapter, expressAdapter: ValidatorAdapter) {
+// //         this.zodAdapter = zodAdapter;
+// //         this.expressAdapter = expressAdapter;
+// //     }
+// //     validate(schema?: any) {
+// //         // const isZod = schema && typeof schema.safeParse === "function";
+// //         const isZod =
+// //     schema &&
+// //     typeof schema === "object" &&
+// //     typeof schema._def === "object" &&
+// //     typeof schema.safeParse === "function";
+// //         const isExpressValidator = Array.isArray(schema);
+// //         return (req: any, res: any, next: any) => {
+// //             let middleware;
+// //             if (isZod) {
+// //                 logger.debug("📌 Using Zod adapter");
+// //                 middleware = this.zodAdapter.validate(schema);
+// //             }
+// //             else if (isExpressValidator) {
+// //                 logger.debug("📌 Using express-validator adapter");
+// //                 middleware = this.expressAdapter.validate(schema);
+// //             }
+// //             else {
+// //                 return next(); // no schema found
+// //             }
+// //             // CASE 1 — express-validator returns ARRAY
+// //             if (Array.isArray(middleware)) {
+// //                 let idx = 0;
+// //                 const run = (err?: any) => {
+// //                     if (err) return next(err);
+// //                     const fn = middleware[idx++];
+// //                     if (!fn) return next(); // done
+// //                     try {
+// //                         fn(req, res, run);
+// //                     } catch (error: any) {
+// //                         next(new ValidationError(error.message));
+// //                     }
+// //                 };
+// //                 return run();
+// //             }
+// //             // CASE 2 — Zod returns SINGLE MIDDLEWARE
+// //             try {
+// //                 middleware(req, res, (err?: any) => {
+// //                     if (err) return next(err);
+// //                     next();
+// //                 });
+// //             } catch (err: any) {
+// //                 next(new ValidationError(err.message));
+// //             }
+// //         };
+// //     }
+// // }

package/src/utils/normalizeOptions.ts CHANGED Viewed

@@ -218,21 +218,22 @@ function normalizeRateLimit(value: SecureOptions["rateLimit"]): NormalizedOption
 }
 function normalizeAuth(value: SecureOptions["auth"]): NormalizedOptions["auth"] {
-    // if (value === false) {
-    //     return { enabled: false, required: false };
-    // }
-    // if (value === true || value === undefined) {
-    //     return { enabled: true, required: true };
-    // }
+    if (value === false) {
+        return { enabled: false, required: false };
+    }
+    if (value === true || value === undefined) {
+        return { enabled: true, required: true };
+    }
-    if (value === undefined) {
-    return { enabled: false, required: false };
-}
-if (value === true) {
-    return { enabled: true, required: true };
-}
+//     if (value === undefined) {
+//     return { enabled: false, required: false };
+// }
+// if (value === true) {
+//     return { enabled: true, required: true };
+// }
     const authOptions = value as AuthOptions;