hi-secure 1.0.6 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. package/dist/adapters/ArgonAdapter.js +1 -1
  2. package/dist/adapters/ArgonAdapter.js.map +1 -1
  3. package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -1
  4. package/dist/adapters/ExpressRLAdapter.js +1 -2
  5. package/dist/adapters/ExpressRLAdapter.js.map +1 -1
  6. package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -1
  7. package/dist/adapters/ExpressValidatorAdapter.js +1 -39
  8. package/dist/adapters/ExpressValidatorAdapter.js.map +1 -1
  9. package/dist/adapters/GoogleAdapter.d.ts.map +1 -1
  10. package/dist/adapters/GoogleAdapter.js +0 -101
  11. package/dist/adapters/GoogleAdapter.js.map +1 -1
  12. package/dist/adapters/JWTAdapter.d.ts.map +1 -1
  13. package/dist/adapters/JWTAdapter.js +3 -210
  14. package/dist/adapters/JWTAdapter.js.map +1 -1
  15. package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -1
  16. package/dist/adapters/RLFlexibleAdapter.js +0 -52
  17. package/dist/adapters/RLFlexibleAdapter.js.map +1 -1
  18. package/dist/adapters/SanitizeHtmlAdapter.d.ts +0 -3
  19. package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -1
  20. package/dist/adapters/SanitizeHtmlAdapter.js +2 -71
  21. package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -1
  22. package/dist/adapters/XSSAdapter.d.ts +0 -10
  23. package/dist/adapters/XSSAdapter.d.ts.map +1 -1
  24. package/dist/adapters/XSSAdapter.js +2 -19
  25. package/dist/adapters/XSSAdapter.js.map +1 -1
  26. package/dist/adapters/ZodAdapter.d.ts.map +1 -1
  27. package/dist/adapters/ZodAdapter.js +2 -6
  28. package/dist/adapters/ZodAdapter.js.map +1 -1
  29. package/dist/core/HiSecure.d.ts +15 -2
  30. package/dist/core/HiSecure.d.ts.map +1 -1
  31. package/dist/core/HiSecure.js +130 -37
  32. package/dist/core/HiSecure.js.map +1 -1
  33. package/dist/core/useSecure.d.ts +4 -0
  34. package/dist/core/useSecure.d.ts.map +1 -1
  35. package/dist/core/useSecure.js +19 -114
  36. package/dist/core/useSecure.js.map +1 -1
  37. package/dist/index.d.ts +4 -4
  38. package/dist/index.d.ts.map +1 -1
  39. package/dist/index.js +6 -19
  40. package/dist/index.js.map +1 -1
  41. package/dist/managers/AuthManager.d.ts.map +1 -1
  42. package/dist/managers/AuthManager.js +1 -89
  43. package/dist/managers/AuthManager.js.map +1 -1
  44. package/dist/managers/CorsManager.d.ts.map +1 -1
  45. package/dist/managers/CorsManager.js +1 -19
  46. package/dist/managers/CorsManager.js.map +1 -1
  47. package/dist/managers/HashManager.d.ts.map +1 -1
  48. package/dist/managers/HashManager.js +0 -243
  49. package/dist/managers/HashManager.js.map +1 -1
  50. package/dist/managers/JsonManager.d.ts.map +1 -1
  51. package/dist/managers/JsonManager.js +1 -77
  52. package/dist/managers/JsonManager.js.map +1 -1
  53. package/dist/managers/RateLimitManager.d.ts.map +1 -1
  54. package/dist/managers/RateLimitManager.js +3 -17
  55. package/dist/managers/RateLimitManager.js.map +1 -1
  56. package/dist/managers/SanitizerManager.d.ts +0 -6
  57. package/dist/managers/SanitizerManager.d.ts.map +1 -1
  58. package/dist/managers/SanitizerManager.js +1 -213
  59. package/dist/managers/SanitizerManager.js.map +1 -1
  60. package/dist/managers/ValidatorManager.d.ts.map +1 -1
  61. package/dist/managers/ValidatorManager.js +1 -109
  62. package/dist/managers/ValidatorManager.js.map +1 -1
  63. package/dist/middlewares/errorHandler.d.ts.map +1 -1
  64. package/dist/middlewares/errorHandler.js +0 -19
  65. package/dist/middlewares/errorHandler.js.map +1 -1
  66. package/dist/utils/deepFreeze.d.ts.map +1 -1
  67. package/dist/utils/deepFreeze.js +0 -25
  68. package/dist/utils/deepFreeze.js.map +1 -1
  69. package/dist/utils/deepMerge.d.ts.map +1 -1
  70. package/dist/utils/deepMerge.js +0 -26
  71. package/dist/utils/deepMerge.js.map +1 -1
  72. package/dist/utils/normalizeOptions.d.ts +1 -3
  73. package/dist/utils/normalizeOptions.d.ts.map +1 -1
  74. package/dist/utils/normalizeOptions.js +0 -1
  75. package/dist/utils/normalizeOptions.js.map +1 -1
  76. package/package.json +1 -1
  77. package/src/adapters/ArgonAdapter.ts +1 -1
  78. package/src/adapters/ExpressRLAdapter.ts +1 -2
  79. package/src/adapters/ExpressValidatorAdapter.ts +1 -54
  80. package/src/adapters/GoogleAdapter.ts +0 -129
  81. package/src/adapters/JWTAdapter.ts +5 -259
  82. package/src/adapters/RLFlexibleAdapter.ts +2 -65
  83. package/src/adapters/SanitizeHtmlAdapter.ts +3 -87
  84. package/src/adapters/XSSAdapter.ts +11 -19
  85. package/src/adapters/ZodAdapter.ts +2 -51
  86. package/src/core/HiSecure.ts +25 -36
  87. package/src/core/useSecure.ts +5 -7
  88. package/src/index.ts +4 -5
  89. package/src/managers/AuthManager.ts +5 -109
  90. package/src/managers/CorsManager.ts +1 -25
  91. package/src/managers/HashManager.ts +0 -286
  92. package/src/managers/JsonManager.ts +1 -91
  93. package/src/managers/RateLimitManager.ts +3 -262
  94. package/src/managers/SanitizerManager.ts +4 -263
  95. package/src/managers/ValidatorManager.ts +53 -187
  96. package/src/middlewares/errorHandler.ts +1 -176
  97. package/src/utils/deepFreeze.ts +0 -32
  98. package/src/utils/deepMerge.ts +0 -35
  99. package/src/utils/normalizeOptions.ts +16 -133
  100. package/src/examples/e1.ts +0 -1
  101. package/src/test/t1.ts +0 -1
package/dist/core/HiSecure.js CHANGED
@@ -1,5 +1,4 @@
1
1
  "use strict";
2
- // // // src/core/HiSecure.ts
3
2
  var __importDefault = (this && this.__importDefault) || function (mod) {
4
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
5
4
  };
@@ -33,13 +32,12 @@ const hpp_1 = __importDefault(require("hpp"));
33
32
  const compression_1 = __importDefault(require("compression"));
34
33
  const errorHandler_js_1 = require("../middlewares/errorHandler.js");
35
34
  class HiSecure {
35
+ // Private constructor for singleton
36
36
  constructor(userConfig = {}) {
37
37
  this.initialized = false;
38
38
  this.config = (0, deepMerge_js_1.deepMerge)(config_js_1.defaultConfig, userConfig);
39
39
  }
40
- // =====================================================
41
- // SINGLETON
42
- // =====================================================
40
+ // SINGLETON & INITIALIZATION
43
41
  static getInstance(config) {
44
42
  if (!HiSecure.instance) {
45
43
  HiSecure.instance = new HiSecure(config);
@@ -51,23 +49,35 @@ class HiSecure {
51
49
  HiSecure.instance = null;
52
50
  }
53
51
  init() {
54
- if (this.initialized)
52
+ if (this.initialized) {
53
+ index_js_1.logger.warn("⚠ HiSecure already initialized");
55
54
  return;
55
+ }
56
56
  index_js_1.logger.info(`🔐 ${constants_js_1.LIB_NAME} v${constants_js_1.LIB_VERSION} initializing...`);
57
57
  this.setupAdapters();
58
58
  this.setupManagers();
59
59
  this.setupDynamicManagers();
60
- // ❌ DO NOT FREEZE MANAGERS
61
- // ✔ Only freeze config
62
60
  (0, deepFreeze_js_1.deepFreeze)(this.config);
61
+ // deepFreeze(this.hashManager);
62
+ // deepFreeze(this.rateLimitManager);
63
+ // deepFreeze(this.validatorManager);
64
+ // deepFreeze(this.sanitizerManager);
65
+ // deepFreeze(this.jsonManager);
66
+ // deepFreeze(this.corsManager);
67
+ // if (this.authManager) deepFreeze(this.authManager);
63
68
  this.initialized = true;
64
69
  index_js_1.logger.info("✅ HiSecure initialized successfully");
65
70
  }
66
- // =====================================================
67
- // FLUENT API (Route-level)
68
- // =====================================================
71
+ isInitialized() {
72
+ return this.initialized;
73
+ }
74
+ // FLUENT API METHODS (Route-level security)
69
75
  static auth(options) {
70
- return this.getInstance().authManager.protect(options);
76
+ const instance = this.getInstance();
77
+ if (!instance.authManager) {
78
+ throw new Error("Auth not enabled. Set auth.enabled=true in config.");
79
+ }
80
+ return instance.authManager.protect(options);
71
81
  }
72
82
  static validate(schema) {
73
83
  return this.getInstance().validatorManager.validate(schema);
@@ -75,9 +85,6 @@ class HiSecure {
75
85
  static sanitize(options) {
76
86
  return this.getInstance().sanitizerManager.middleware(options);
77
87
  }
78
- static cors(options) {
79
- return this.getInstance().corsManager.middleware(options);
80
- }
81
88
  static rateLimit(preset) {
82
89
  const instance = this.getInstance();
83
90
  if (typeof preset === "string") {
@@ -90,81 +97,167 @@ class HiSecure {
90
97
  }
91
98
  return instance.rateLimitManager.middleware({ options: preset });
92
99
  }
100
+ static cors(options) {
101
+ return this.getInstance().corsManager.middleware(options);
102
+ }
93
103
  static json(options) {
94
104
  const instance = this.getInstance();
95
- return [
96
- instance.jsonManager.middleware(options),
97
- instance.jsonManager.urlencoded()
98
- ];
99
- }
100
- // =====================================================
101
- // INTERNAL SETUP
102
- // =====================================================
105
+ const chain = [];
106
+ chain.push(instance.jsonManager.middleware(options));
107
+ chain.push(instance.jsonManager.urlencoded());
108
+ return chain;
109
+ }
110
+ // UTILITY METHODS (Direct usage)
111
+ static async hash(password) {
112
+ const instance = this.getInstance();
113
+ const result = await instance.hashManager.hash(password, { allowFallback: true });
114
+ return result.hash;
115
+ }
116
+ static async verify(password, hash) {
117
+ return this.getInstance().hashManager.verify(password, hash);
118
+ }
119
+ // GLOBAL MIDDLEWARE (app.use())
120
+ static middleware(options) {
121
+ const instance = this.getInstance();
122
+ // Handle preset strings
123
+ if (typeof options === "string") {
124
+ const presets = {
125
+ api: { cors: true, rateLimit: "relaxed", sanitize: true },
126
+ strict: { cors: true, rateLimit: "strict", sanitize: true, auth: true },
127
+ public: { cors: true, rateLimit: true, sanitize: false }
128
+ };
129
+ const presetOptions = presets[options];
130
+ if (presetOptions) {
131
+ return instance.createMiddlewareChain(presetOptions);
132
+ }
133
+ return instance.createMiddlewareChain({});
134
+ }
135
+ return instance.createMiddlewareChain(options || {});
136
+ }
137
+ // Internal Methods
103
138
  setupAdapters() {
104
139
  index_js_1.logger.info("🧩 Setting up adapters...");
140
+ // Hashing
105
141
  this.hashingPrimary = this.config.hashing.primary === "argon2"
106
142
  ? new ArgonAdapter_js_1.ArgonAdapter()
107
143
  : new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds);
108
144
  this.hashingFallback = this.config.hashing.fallback === "bcrypt"
109
145
  ? new BcryptAdapter_js_1.BcryptAdapter(this.config.hashing.saltRounds)
110
146
  : null;
147
+ // Rate limiting
111
148
  this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode
112
149
  ? new RLFlexibleAdapter_js_1.RLFlexibleAdapter()
113
150
  : new ExpressRLAdapter_js_1.ExpressRLAdapter();
114
151
  this.rateLimiterFallback = new ExpressRLAdapter_js_1.ExpressRLAdapter();
152
+ // // Validation
153
+ // this.validatorPrimary = this.config.validation.mode === "zod"
154
+ // ? new ZodAdapter()
155
+ // : new ExpressValidatorAdapter();
156
+ // this.validatorFallback = this.config.validation.fallback === "express-validator"
157
+ // ? new ExpressValidatorAdapter()
158
+ // : null;
159
+ // Sanitization
160
+ this.sanitizerPrimary = new SanitizeHtmlAdapter_js_1.SanitizeHtmlAdapter(this.config.sanitizer);
161
+ this.sanitizerFallback = new XSSAdapter_js_1.XSSAdapter(this.config.sanitizer);
115
162
  index_js_1.logger.info("✅ Adapters ready");
116
163
  }
117
164
  setupManagers() {
118
165
  this.hashManager = new HashManager_js_1.HashManager(this.config.hashing, this.hashingPrimary, this.hashingFallback);
119
166
  this.rateLimitManager = new RateLimitManager_js_1.RateLimitManager(this.config.rateLimiter, this.rateLimiterPrimary, this.rateLimiterFallback);
120
- // AUTO-DETECT VALIDATION (ZOD + EXPRESS-VALIDATOR)
121
- this.validatorManager = new ValidatorManager_js_1.ValidatorManager(new ZodAdapter_js_1.ZodAdapter(), new ExpressValidatorAdapter_js_1.ExpressValidatorAdapter());
122
- this.sanitizerManager = new SanitizerManager_js_1.SanitizerManager(new SanitizeHtmlAdapter_js_1.SanitizeHtmlAdapter(this.config.sanitizer), new XSSAdapter_js_1.XSSAdapter(this.config.sanitizer));
167
+ this.validatorManager = new ValidatorManager_js_1.ValidatorManager(
168
+ // this.config.validation,
169
+ // this.validatorPrimary,
170
+ // this.validatorFallback
171
+ new ZodAdapter_js_1.ZodAdapter(), new ExpressValidatorAdapter_js_1.ExpressValidatorAdapter());
172
+ this.sanitizerManager = new SanitizerManager_js_1.SanitizerManager(this.sanitizerPrimary, this.sanitizerFallback);
123
173
  }
124
174
  setupDynamicManagers() {
125
175
  this.jsonManager = new JsonManager_js_1.JsonManager();
126
176
  this.corsManager = new CorsManager_js_1.CorsManager();
177
+ // Auth manager (only if enabled)
127
178
  if (this.config.auth.enabled) {
128
179
  const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;
129
- if (!jwtSecret)
130
- throw new Error("JWT_SECRET is required when auth.enabled=true");
180
+ if (!jwtSecret) {
181
+ throw new Error("JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true");
182
+ }
131
183
  this.authManager = new AuthManager_js_1.AuthManager({
132
184
  jwtSecret,
133
185
  jwtExpiresIn: this.config.auth.jwtExpiresIn,
134
- googleClientId: this.config.auth.googleClientId
186
+ googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId
135
187
  });
136
188
  }
137
189
  }
138
190
  createMiddlewareChain(options) {
139
191
  const chain = [];
192
+ // JSON parsing
140
193
  chain.push(this.jsonManager.middleware(this.config.json));
141
194
  chain.push(this.jsonManager.urlencoded(this.config.urlencoded));
195
+ // Security headers
142
196
  if (this.config.enableHelmet)
143
197
  chain.push((0, helmet_1.default)());
144
198
  if (this.config.enableHPP)
145
199
  chain.push((0, hpp_1.default)());
146
- if (this.config.enableCompression)
200
+ // Compression (check if compression config exists)
201
+ if (this.config.enableCompression && this.config.compression) {
147
202
  chain.push((0, compression_1.default)(this.config.compression));
203
+ }
204
+ else if (this.config.enableCompression) {
205
+ chain.push((0, compression_1.default)()); // Use defaults
206
+ }
207
+ // CORS
148
208
  if (this.config.enableCORS || options.cors) {
149
- const opts = typeof options.cors === "object" ? options.cors : this.config.cors;
150
- chain.push(this.corsManager.middleware(opts));
209
+ const corsOptions = options.cors === true ? this.config.cors :
210
+ (typeof options.cors === 'object' ? options.cors : this.config.cors);
211
+ chain.push(this.corsManager.middleware(corsOptions));
151
212
  }
213
+ // Sanitization
152
214
  if (this.config.enableSanitizer || options.sanitize) {
153
- const opts = typeof options.sanitize === "object" ? options.sanitize : undefined;
154
- chain.push(this.sanitizerManager.middleware(opts));
215
+ const sanitizeOptions = options.sanitize === true ? undefined :
216
+ (typeof options.sanitize === 'object' ? options.sanitize : undefined);
217
+ chain.push(this.sanitizerManager.middleware(sanitizeOptions));
155
218
  }
219
+ // Rate limiting
156
220
  if (this.config.enableRateLimiter || options.rateLimit) {
157
- const opts = typeof options.rateLimit === "object" ? { options: options.rateLimit } : {};
158
- chain.push(this.rateLimitManager.middleware(opts));
221
+ const rateLimitOpts = typeof options.rateLimit === 'object' ?
222
+ { options: options.rateLimit } : {};
223
+ chain.push(this.rateLimitManager.middleware(rateLimitOpts));
159
224
  }
225
+ // Authentication
160
226
  if (options.auth && this.authManager) {
161
- const opts = typeof options.auth === "object" ? options.auth : undefined;
162
- chain.push(this.authManager.protect(opts));
227
+ const authOpts = options.auth === true ? undefined :
228
+ (typeof options.auth === 'object' ? options.auth : undefined);
229
+ chain.push(this.authManager.protect(authOpts));
163
230
  }
231
+ // Error handler (always last)
164
232
  chain.push(errorHandler_js_1.errorHandler);
165
233
  return chain;
166
234
  }
167
235
  }
168
236
  exports.HiSecure = HiSecure;
169
237
  HiSecure.instance = null;
238
+ HiSecure.jwt = {
239
+ sign: (payload, options) => {
240
+ const instance = HiSecure.getInstance();
241
+ if (!instance.authManager) {
242
+ throw new Error("Auth not enabled");
243
+ }
244
+ return instance.authManager.sign(payload, options);
245
+ },
246
+ verify: (token) => {
247
+ const instance = HiSecure.getInstance();
248
+ if (!instance.authManager) {
249
+ throw new Error("Auth not enabled");
250
+ }
251
+ return instance.authManager.verify(token);
252
+ },
253
+ google: {
254
+ verifyIdToken: (idToken) => {
255
+ const instance = HiSecure.getInstance();
256
+ if (!instance.authManager) {
257
+ throw new Error("Auth not enabled");
258
+ }
259
+ return instance.authManager.verifyGoogleIdToken(idToken);
260
+ }
261
+ }
262
+ };
170
263
  //# sourceMappingURL=HiSecure.js.map
package/dist/core/HiSecure.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";AAAA,6BAA6B;;;;;;AAq8B7B,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,kDAA6C;AAE7C,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAK9D,MAAa,QAAQ;IAoBjB,YAAoB,aAAsC,EAAE;QAjBpD,gBAAW,GAAG,KAAK,CAAC;QAkBxB,IAAI,CAAC,MAAM,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,CAAC,CAAC;IACvD,CAAC;IAED,wDAAwD;IACxD,YAAY;IACZ,wDAAwD;IACxD,MAAM,CAAC,WAAW,CAAC,MAAgC;QAC/C,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACrB,QAAQ,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC7B,CAAC;IAED,MAAM,CAAC,aAAa;QAChB,QAAQ,CAAC,QAAQ,GAAG,IAAI,CAAC;IAC7B,CAAC;IAED,IAAI;QACA,IAAI,IAAI,CAAC,WAAW;YAAE,OAAO;QAE7B,iBAAM,CAAC,IAAI,CAAC,MAAM,uBAAQ,KAAK,0BAAW,kBAAkB,CAAC,CAAC;QAE9D,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAE5B,2BAA2B;QAC3B,uBAAuB;QACvB,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAExB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,iBAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IACvD,CAAC;IAED,wDAAwD;IACxD,2BAA2B;IAC3B,wDAAwD;IAExD,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC1D,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACpC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QACzB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAEpC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAQ;gBACjB,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE;aAC/D,CAAC;YACF,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACvE,CAAC;QACD,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,OAAO;YACH,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC;YACxC,QAAQ,CAAC,WAAW,CAAC,UAAU,EAAE;SACpC,CAAC;IACN,CAAC;IAED,wDAAwD;IACxD,iBAAiB;IACjB,wDAAwD;IAEhD,aAAa;QACjB,iBAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAEzC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;YAC1D,CAAC,CAAC,IAAI,8BAAY,EAAE;YACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAC5D,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,IAAI,CAAC;QAEX,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YAC7D,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,CAAC;QAE7B,IAAI,CAAC,mBAAmB,GAAG,IAAI,sCAAgB,EAAE,CAAC;QAElD,iBAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACpC,CAAC;IAEO,aAAa;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QAEnG,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,mBAAmB,CAC3B,CAAC;QAEF,qDAAqD;QACrD,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAChC,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAC9C,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CACxC,CAAC;IACN,CAAC;IAEO,oBAAoB;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;YACvE,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAEjF,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBAC/B,SAAS;gBACT,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAClD,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAEO,qBAAqB,CAAC,OAAsB;QAChD,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAE7C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QAEpF,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;YAChF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YACjF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACrD,MAAM,IAAI,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACzF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACzE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/C,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QAEzB,OAAO,KAAK,CAAC;IACjB,CAAC;;AAjML,4BAkMC;AAjMkB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB","sourcesContent":["// // // src/core/HiSecure.ts\r\n\r\n// // import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// // import { defaultConfig } from \"./config.js\";\r\n// // import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// // import { deepMerge } from \"../utils/deepMerge.js\";\r\n// // import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n\r\n// // import { logger } from \"../logging\";\r\n\r\n// // // Adapters\r\n// // import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// // import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// // import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// // import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// // import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// // import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// // import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// // import { DomPurifyAdapter } from \"../adapters/DomPurifyAdapter.js\";\r\n\r\n// // // Managers\r\n// // import { HashManager } from \"../managers/HashManager.js\";\r\n// // import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// // import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// // import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// // import { JsonManager } from \"../managers/JsonManager.js\";\r\n// // import { CorsManager } from \"../managers/CorsManager.js\";\r\n// // import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // // 3rd-party express middlewares\r\n// // import helmet from \"helmet\";\r\n// // import hpp from \"hpp\";\r\n\r\n// // // Shared error handler\r\n// // import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // export class HiSecure {\r\n// // private config: HiSecureConfig;\r\n// // private initialized = false;\r\n\r\n// // // Managers exposed for user\r\n// // public hashManager!: HashManager;\r\n// // public rateLimitManager!: RateLimitManager;\r\n// // public validatorManager!: ValidatorManager;\r\n// // public sanitizerManager!: SanitizerManager;\r\n// // public jsonManager!: JsonManager;\r\n// // public corsManager!: CorsManager;\r\n// // public authManager?: AuthManager;\r\n\r\n// // // Internal adapters\r\n// // private hashingPrimary: any;\r\n// // private hashingFallback: any;\r\n// // private rateLimiterPrimary: any;\r\n// // private rateLimiterFallback: any;\r\n// // private validatorPrimary: any;\r\n// // private validatorFallback: any;\r\n// // private sanitizerPrimary: any;\r\n// // private sanitizerFallback: any;\r\n\r\n// // constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// // this.config = deepMerge(defaultConfig, userConfig);\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // INIT\r\n// // // ---------------------------------------------------------\r\n// // init() {\r\n// // if (this.initialized) {\r\n// // logger.warn(\"⚠ HiSecure.init() called twice → ignored.\");\r\n// // return;\r\n// // }\r\n\r\n// // logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initialized`);\r\n// // logger.info(\"⚙ Loaded configuration:\", this.config);\r\n\r\n// // this.setupAdapters();\r\n// // this.setupManagers();\r\n// // this.setupDynamicManagers();\r\n\r\n// // // IMMUTABLE — library cannot be modified at runtime\r\n// // deepFreeze(this.config);\r\n// // deepFreeze(this.hashManager);\r\n// // deepFreeze(this.rateLimitManager);\r\n// // deepFreeze(this.validatorManager);\r\n// // deepFreeze(this.sanitizerManager);\r\n// // deepFreeze(this.jsonManager);\r\n// // deepFreeze(this.corsManager);\r\n// // if (this.authManager) deepFreeze(this.authManager);\r\n\r\n// // this.initialized = true;\r\n\r\n// // logger.info(\"🔒 HiSecure locked — production-ready\");\r\n// // }\r\n\r\n// // isInitialized() {\r\n// // return this.initialized;\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // ADAPTER SETUP\r\n// // // ---------------------------------------------------------\r\n// // private setupAdapters() {\r\n// // logger.info(\"🧩 Setting up adapters...\");\r\n\r\n// // // Hashing\r\n// // this.hashingPrimary =\r\n// // this.config.hashing.primary === \"argon2\"\r\n// // ? new ArgonAdapter()\r\n// // : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// // this.hashingFallback =\r\n// // this.config.hashing.fallback === \"bcrypt\"\r\n// // ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// // : null;\r\n\r\n// // // Rate limiter\r\n// // this.rateLimiterPrimary =\r\n// // this.config.rateLimiter.useAdaptiveMode\r\n// // ? new RLFlexibleAdapter()\r\n// // : new ExpressRLAdapter();\r\n\r\n// // this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// // // Validator\r\n// // this.validatorPrimary =\r\n// // this.config.validation.mode === \"zod\"\r\n// // ? new ZodAdapter()\r\n// // : new ExpressValidatorAdapter();\r\n\r\n// // this.validatorFallback =\r\n// // this.config.validation.fallback === \"express-validator\"\r\n// // ? new ExpressValidatorAdapter()\r\n// // : null;\r\n\r\n// // // Sanitizer\r\n// // this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// // this.sanitizerFallback = new DomPurifyAdapter();\r\n\r\n// // logger.info(\"✔ Adapters ready\");\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // MANAGER SETUP\r\n// // // ---------------------------------------------------------\r\n// // private setupManagers() {\r\n// // this.hashManager = new HashManager(\r\n// // this.config.hashing,\r\n// // this.hashingPrimary,\r\n// // this.hashingFallback\r\n// // );\r\n\r\n// // this.rateLimitManager = new RateLimitManager(\r\n// // this.config.rateLimiter,\r\n// // this.rateLimiterPrimary,\r\n// // this.rateLimiterFallback\r\n// // );\r\n\r\n// // this.validatorManager = new ValidatorManager(\r\n// // this.config.validation,\r\n// // this.validatorPrimary,\r\n// // this.validatorFallback\r\n// // );\r\n\r\n// // this.sanitizerManager = new SanitizerManager(\r\n// // this.sanitizerPrimary,\r\n// // this.sanitizerFallback\r\n// // );\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // DYNAMIC MANAGERS (JSON, CORS, AUTH)\r\n// // // ---------------------------------------------------------\r\n// // private setupDynamicManagers() {\r\n// // this.jsonManager = new JsonManager();\r\n// // this.corsManager = new CorsManager();\r\n\r\n// // // AUTH SUPPORT\r\n// // if (this.config.auth?.enabled) {\r\n// // this.authManager = new AuthManager({\r\n// // jwtSecret: process.env.JWT_SECRET!,\r\n// // jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// // googleClientId: process.env.GOOGLE_CLIENT_ID\r\n// // });\r\n// // }\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // PUBLIC API METHODS\r\n// // // ---------------------------------------------------------\r\n// // hash(value: string) {\r\n// // return this.hashManager.hash(value);\r\n// // }\r\n\r\n// // verify(value: string, hashed: string) {\r\n// // return this.hashManager.verify(value, hashed);\r\n// // }\r\n\r\n// // sanitize(value: string) {\r\n// // return this.sanitizerManager.sanitize(value);\r\n// // }\r\n\r\n// // validate(schema: any) {\r\n// // return this.validatorManager.validate(schema);\r\n// // }\r\n\r\n// // // ---------------------------------------------------------\r\n// // // EXPRESS GLOBAL PIPELINE\r\n// // // ---------------------------------------------------------\r\n// // middleware() {\r\n// // const chain: any[] = [];\r\n\r\n// // // JSON + URL encoded\r\n// // chain.push(this.jsonManager.middleware(this.config.json));\r\n// // chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n// // // add qs\r\n// // chain.push(this.jsonManager.queryParser());\r\n\r\n// // // Core security\r\n// // if (this.config.enableHelmet) chain.push(helmet());\r\n// // if (this.config.enableHPP) chain.push(hpp());\r\n\r\n// // if (this.config.enableCORS)\r\n// // chain.push(this.corsManager.middleware(this.config.cors));\r\n\r\n// // if (this.config.enableSanitizer)\r\n// // chain.push(this.sanitizerManager.middleware());\r\n\r\n// // if (this.config.enableRateLimiter)\r\n// // chain.push(this.rateLimitManager.middleware());\r\n\r\n// // // Centralized error handling\r\n// // chain.push(errorHandler);\r\n\r\n// // return chain;\r\n// // }\r\n// // }\r\n\r\n\r\n\r\n// // src/core/HiSecure.ts - COMPLETE FIXED\r\n// import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// import { defaultConfig } from \"./config.js\";\r\n// import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// import { deepMerge } from \"../utils/deepMerge.js\";\r\n// import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n// import { logger } from \"../logging/index.js\";\r\n\r\n// // Adapters\r\n// import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// import { XSSAdapter } from \"../adapters/XSSAdapter.js\"; // ✅ FIXED IMPORT\r\n\r\n// // Managers\r\n// import { HashManager } from \"../managers/HashManager.js\";\r\n// import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// import { JsonManager } from \"../managers/JsonManager.js\";\r\n// import { CorsManager } from \"../managers/CorsManager.js\";\r\n// import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // Middlewares\r\n// import helmet from \"helmet\";\r\n// import hpp from \"hpp\";\r\n// import compression from \"compression\";\r\n// import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // Types\r\n// import { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\n// export class HiSecure {\r\n// private static instance: HiSecure | null = null;\r\n// private config: HiSecureConfig;\r\n// private initialized = false;\r\n\r\n// // Managers\r\n// public hashManager!: HashManager;\r\n// public rateLimitManager!: RateLimitManager;\r\n// public validatorManager!: ValidatorManager;\r\n// public sanitizerManager!: SanitizerManager;\r\n// public jsonManager!: JsonManager;\r\n// public corsManager!: CorsManager;\r\n// public authManager?: AuthManager;\r\n\r\n// // Internal adapters\r\n// private hashingPrimary: any;\r\n// private hashingFallback: any;\r\n// private rateLimiterPrimary: any;\r\n// private rateLimiterFallback: any;\r\n// private validatorPrimary: any;\r\n// private validatorFallback: any;\r\n// private sanitizerPrimary: any;\r\n// private sanitizerFallback: any;\r\n\r\n// // Private constructor for singleton\r\n// private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// this.config = deepMerge(defaultConfig, userConfig);\r\n// }\r\n\r\n// // =====================================================\r\n// // SINGLETON & INITIALIZATION\r\n// // =====================================================\r\n \r\n// static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n// if (!HiSecure.instance) {\r\n// HiSecure.instance = new HiSecure(config);\r\n// HiSecure.instance.init();\r\n// }\r\n// return HiSecure.instance;\r\n// }\r\n\r\n// static resetInstance(): void {\r\n// HiSecure.instance = null;\r\n// }\r\n\r\n// init(): void {\r\n// if (this.initialized) {\r\n// logger.warn(\"⚠ HiSecure already initialized\");\r\n// return;\r\n// }\r\n\r\n// logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);\r\n\r\n// this.setupAdapters();\r\n// this.setupManagers();\r\n// this.setupDynamicManagers();\r\n\r\n// // Make everything immutable\r\n// deepFreeze(this.config);\r\n// deepFreeze(this.hashManager);\r\n// deepFreeze(this.rateLimitManager);\r\n// deepFreeze(this.validatorManager);\r\n// deepFreeze(this.sanitizerManager);\r\n// deepFreeze(this.jsonManager);\r\n// deepFreeze(this.corsManager);\r\n// if (this.authManager) deepFreeze(this.authManager);\r\n\r\n// this.initialized = true;\r\n// logger.info(\"✅ HiSecure initialized successfully\");\r\n// }\r\n\r\n// isInitialized(): boolean {\r\n// return this.initialized;\r\n// }\r\n\r\n// // =====================================================\r\n// // FLUENT API METHODS (Route-level security)\r\n// // =====================================================\r\n \r\n// static auth(options?: { required?: boolean; roles?: string[] }) {\r\n// const instance = this.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n// }\r\n// return instance.authManager.protect(options);\r\n// }\r\n\r\n// static validate(schema: ValidationSchema) {\r\n// return this.getInstance().validatorManager.validate(schema);\r\n// }\r\n\r\n// static sanitize(options?: any) {\r\n// return this.getInstance().sanitizerManager.middleware(options);\r\n// }\r\n\r\n// static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n// const instance = this.getInstance();\r\n \r\n// if (typeof preset === \"string\") {\r\n// const presets = {\r\n// strict: { mode: \"strict\" as const },\r\n// relaxed: { mode: \"relaxed\" as const },\r\n// api: { max: 100, windowMs: 60000 }\r\n// };\r\n// return instance.rateLimitManager.middleware(presets[preset] || {});\r\n// }\r\n \r\n// return instance.rateLimitManager.middleware({ options: preset });\r\n// }\r\n\r\n// static cors(options?: any) {\r\n// return this.getInstance().corsManager.middleware(options);\r\n// }\r\n\r\n// static json(options?: any) {\r\n// const instance = this.getInstance();\r\n// const chain = [];\r\n// chain.push(instance.jsonManager.middleware(options));\r\n// chain.push(instance.jsonManager.urlencoded());\r\n// return chain;\r\n// }\r\n\r\n// // =====================================================\r\n// // UTILITY METHODS (Direct usage)\r\n// // =====================================================\r\n \r\n// static async hash(password: string): Promise<string> {\r\n// const instance = this.getInstance();\r\n// const result = await instance.hashManager.hash(password, { allowFallback: true });\r\n// return result.hash;\r\n// }\r\n\r\n// static async verify(password: string, hash: string): Promise<boolean> {\r\n// return this.getInstance().hashManager.verify(password, hash);\r\n// }\r\n\r\n// static jwt = {\r\n// sign: (payload: object, options?: any) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.sign(payload, options);\r\n// },\r\n \r\n// verify: (token: string) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.verify(token);\r\n// },\r\n \r\n// google: {\r\n// verifyIdToken: (idToken: string) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.verifyGoogleIdToken(idToken);\r\n// }\r\n// }\r\n// };\r\n\r\n// // =====================================================\r\n// // GLOBAL MIDDLEWARE (app.use())\r\n// // =====================================================\r\n \r\n// static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// const instance = this.getInstance();\r\n \r\n// // Handle preset strings\r\n// if (typeof options === \"string\") {\r\n// const presets = {\r\n// api: { cors: true, rateLimit: \"relaxed\", sanitize: true },\r\n// strict: { cors: true, rateLimit: \"strict\", sanitize: true, auth: true },\r\n// public: { cors: true, rateLimit: true }\r\n// };\r\n// options = presets[options] || {};\r\n// }\r\n \r\n// return instance.createMiddlewareChain(options || {});\r\n// }\r\n\r\n// // =====================================================\r\n// // INTERNAL METHODS\r\n// // =====================================================\r\n \r\n// private setupAdapters(): void {\r\n// logger.info(\"🧩 Setting up adapters...\");\r\n\r\n// // Hashing\r\n// this.hashingPrimary = this.config.hashing.primary === \"argon2\"\r\n// ? new ArgonAdapter()\r\n// : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// this.hashingFallback = this.config.hashing.fallback === \"bcrypt\"\r\n// ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// : null;\r\n\r\n// // Rate limiting\r\n// this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n// ? new RLFlexibleAdapter()\r\n// : new ExpressRLAdapter();\r\n// this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// // Validation\r\n// this.validatorPrimary = this.config.validation.mode === \"zod\"\r\n// ? new ZodAdapter()\r\n// : new ExpressValidatorAdapter();\r\n// this.validatorFallback = this.config.validation.fallback === \"express-validator\"\r\n// ? new ExpressValidatorAdapter()\r\n// : null;\r\n\r\n// // Sanitization\r\n// this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// this.sanitizerFallback = new XSSAdapter(this.config.sanitizer); // ✅ XSSAdapter, NOT DomPurifyAdapter\r\n\r\n// logger.info(\"✅ Adapters ready\");\r\n// }\r\n\r\n// private setupManagers(): void {\r\n// this.hashManager = new HashManager(\r\n// this.config.hashing,\r\n// this.hashingPrimary,\r\n// this.hashingFallback\r\n// );\r\n\r\n// this.rateLimitManager = new RateLimitManager(\r\n// this.config.rateLimiter,\r\n// this.rateLimiterPrimary,\r\n// this.rateLimiterFallback\r\n// );\r\n\r\n// this.validatorManager = new ValidatorManager(\r\n// this.config.validation,\r\n// this.validatorPrimary,\r\n// this.validatorFallback\r\n// );\r\n\r\n// this.sanitizerManager = new SanitizerManager(\r\n// this.sanitizerPrimary,\r\n// this.sanitizerFallback\r\n// );\r\n// }\r\n\r\n// private setupDynamicManagers(): void {\r\n// this.jsonManager = new JsonManager();\r\n// this.corsManager = new CorsManager();\r\n\r\n// // Auth manager (only if enabled)\r\n// if (this.config.auth.enabled) {\r\n// const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;\r\n// if (!jwtSecret) {\r\n// throw new Error(\"JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true\");\r\n// }\r\n\r\n// this.authManager = new AuthManager({\r\n// jwtSecret,\r\n// jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId,\r\n// // ✅ Add algorithm option for JWT security\r\n// algorithm: 'HS256'\r\n// });\r\n// }\r\n// }\r\n\r\n// private createMiddlewareChain(options: SecureOptions): any[] {\r\n// const chain: any[] = [];\r\n \r\n// // JSON parsing\r\n// chain.push(this.jsonManager.middleware(this.config.json));\r\n// chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n \r\n// // Security headers\r\n// if (this.config.enableHelmet) chain.push(helmet());\r\n// if (this.config.enableHPP) chain.push(hpp());\r\n \r\n// // Compression (check if compression config exists)\r\n// if (this.config.enableCompression && this.config.compression) {\r\n// chain.push(compression(this.config.compression));\r\n// } else if (this.config.enableCompression) {\r\n// chain.push(compression()); // Use defaults\r\n// }\r\n \r\n// // CORS\r\n// if (this.config.enableCORS || options.cors) {\r\n// const corsOptions = options.cors === true ? this.config.cors : \r\n// (typeof options.cors === 'object' ? options.cors : this.config.cors);\r\n// chain.push(this.corsManager.middleware(corsOptions));\r\n// }\r\n \r\n// // Sanitization\r\n// if (this.config.enableSanitizer || options.sanitize) {\r\n// const sanitizeOptions = options.sanitize === true ? undefined : \r\n// (typeof options.sanitize === 'object' ? options.sanitize : undefined);\r\n// chain.push(this.sanitizerManager.middleware(sanitizeOptions));\r\n// }\r\n \r\n// // Rate limiting\r\n// if (this.config.enableRateLimiter || options.rateLimit) {\r\n// const rateLimitOpts = typeof options.rateLimit === 'object' ? \r\n// { options: options.rateLimit } : {};\r\n// chain.push(this.rateLimitManager.middleware(rateLimitOpts));\r\n// }\r\n \r\n// // Authentication\r\n// if (options.auth && this.authManager) {\r\n// const authOpts = options.auth === true ? undefined : \r\n// (typeof options.auth === 'object' ? options.auth : undefined);\r\n// chain.push(this.authManager.protect(authOpts));\r\n// }\r\n \r\n// // Error handler (always last)\r\n// chain.push(errorHandler);\r\n \r\n// return chain;\r\n// }\r\n// }\r\n\r\n\r\n// =================\r\n\r\n// // src/core/HiSecure.ts - COMPLETELY FIXED\r\n// import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\n// import { defaultConfig } from \"./config.js\";\r\n// import { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\n// import { deepMerge } from \"../utils/deepMerge.js\";\r\n// import { deepFreeze } from \"../utils/deepFreeze.js\";\r\n// import { logger } from \"../logging/index.js\";\r\n\r\n// // Adapters\r\n// import { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\n// import { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\n// import { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\n// import { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\n// import { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\n// import { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\n// import { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\n// import { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// // Managers\r\n// import { HashManager } from \"../managers/HashManager.js\";\r\n// import { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\n// import { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\n// import { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\n// import { JsonManager } from \"../managers/JsonManager.js\";\r\n// import { CorsManager } from \"../managers/CorsManager.js\";\r\n// import { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// // Middlewares\r\n// import helmet from \"helmet\";\r\n// import hpp from \"hpp\";\r\n// import compression from \"compression\";\r\n// import { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// // Types\r\n// import { SecureOptions, ValidationSchema, RateLimitOptions } from \"./types/SecureOptions.js\";\r\n\r\n// export class HiSecure {\r\n// private static instance: HiSecure | null = null;\r\n// private config: HiSecureConfig;\r\n// private initialized = false;\r\n\r\n// // Managers\r\n// public hashManager!: HashManager;\r\n// public rateLimitManager!: RateLimitManager;\r\n// public validatorManager!: ValidatorManager;\r\n// public sanitizerManager!: SanitizerManager;\r\n// public jsonManager!: JsonManager;\r\n// public corsManager!: CorsManager;\r\n// public authManager?: AuthManager;\r\n\r\n// // Internal adapters\r\n// private hashingPrimary: any;\r\n// private hashingFallback: any;\r\n// private rateLimiterPrimary: any;\r\n// private rateLimiterFallback: any;\r\n// private validatorPrimary: any;\r\n// private validatorFallback: any;\r\n// private sanitizerPrimary: any;\r\n// private sanitizerFallback: any;\r\n\r\n// // Private constructor for singleton\r\n// private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n// this.config = deepMerge(defaultConfig, userConfig);\r\n// }\r\n\r\n// // =====================================================\r\n// // SINGLETON & INITIALIZATION\r\n// // =====================================================\r\n \r\n// static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n// if (!HiSecure.instance) {\r\n// HiSecure.instance = new HiSecure(config);\r\n// HiSecure.instance.init();\r\n// }\r\n// return HiSecure.instance;\r\n// }\r\n\r\n// static resetInstance(): void {\r\n// HiSecure.instance = null;\r\n// }\r\n\r\n// init(): void {\r\n// if (this.initialized) {\r\n// logger.warn(\"⚠ HiSecure already initialized\");\r\n// return;\r\n// }\r\n\r\n// logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);\r\n\r\n// this.setupAdapters();\r\n// this.setupManagers();\r\n// this.setupDynamicManagers();\r\n\r\n// // Make everything immutable\r\n// deepFreeze(this.config);\r\n// deepFreeze(this.hashManager);\r\n// deepFreeze(this.rateLimitManager);\r\n// deepFreeze(this.validatorManager);\r\n// deepFreeze(this.sanitizerManager);\r\n// deepFreeze(this.jsonManager);\r\n// deepFreeze(this.corsManager);\r\n// if (this.authManager) deepFreeze(this.authManager);\r\n\r\n// this.initialized = true;\r\n// logger.info(\"✅ HiSecure initialized successfully\");\r\n// }\r\n\r\n// isInitialized(): boolean {\r\n// return this.initialized;\r\n// }\r\n\r\n// // =====================================================\r\n// // FLUENT API METHODS (Route-level security)\r\n// // =====================================================\r\n \r\n// static auth(options?: { required?: boolean; roles?: string[] }) {\r\n// const instance = this.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n// }\r\n// return instance.authManager.protect(options);\r\n// }\r\n\r\n// static validate(schema: ValidationSchema) {\r\n// return this.getInstance().validatorManager.validate(schema);\r\n// }\r\n\r\n// static sanitize(options?: any) {\r\n// return this.getInstance().sanitizerManager.middleware(options);\r\n// }\r\n\r\n// static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n// const instance = this.getInstance();\r\n \r\n// if (typeof preset === \"string\") {\r\n// const presets: Record<string, { mode?: \"strict\" | \"relaxed\" | \"api\"; options?: any }> = {\r\n// strict: { mode: \"strict\" },\r\n// relaxed: { mode: \"relaxed\" },\r\n// api: { mode: \"api\", options: { max: 100, windowMs: 60000 } }\r\n// };\r\n// return instance.rateLimitManager.middleware(presets[preset] || {});\r\n// }\r\n \r\n// return instance.rateLimitManager.middleware({ options: preset });\r\n// }\r\n\r\n// static cors(options?: any) {\r\n// return this.getInstance().corsManager.middleware(options);\r\n// }\r\n\r\n// static json(options?: any) {\r\n// const instance = this.getInstance();\r\n// const chain = [];\r\n// chain.push(instance.jsonManager.middleware(options));\r\n// chain.push(instance.jsonManager.urlencoded());\r\n// return chain;\r\n// }\r\n\r\n// // =====================================================\r\n// // UTILITY METHODS (Direct usage)\r\n// // =====================================================\r\n \r\n// static async hash(password: string): Promise<string> {\r\n// const instance = this.getInstance();\r\n// const result = await instance.hashManager.hash(password, { allowFallback: true });\r\n// return result.hash;\r\n// }\r\n\r\n// static async verify(password: string, hash: string): Promise<boolean> {\r\n// return this.getInstance().hashManager.verify(password, hash);\r\n// }\r\n\r\n// static jwt = {\r\n// sign: (payload: object, options?: any) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.sign(payload, options);\r\n// },\r\n \r\n// verify: (token: string) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.verify(token);\r\n// },\r\n \r\n// google: {\r\n// verifyIdToken: (idToken: string) => {\r\n// const instance = HiSecure.getInstance();\r\n// if (!instance.authManager) {\r\n// throw new Error(\"Auth not enabled\");\r\n// }\r\n// return instance.authManager.verifyGoogleIdToken(idToken);\r\n// }\r\n// }\r\n// };\r\n\r\n// // =====================================================\r\n// // GLOBAL MIDDLEWARE (app.use())\r\n// // =====================================================\r\n \r\n// static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n// const instance = this.getInstance();\r\n \r\n// // Handle preset strings\r\n// if (typeof options === \"string\") {\r\n// const presets: Record<string, SecureOptions> = {\r\n// api: { cors: true, rateLimit: \"relaxed\" as any, sanitize: true },\r\n// strict: { cors: true, rateLimit: \"strict\" as any, sanitize: true, auth: true },\r\n// public: { cors: true, rateLimit: true as any, sanitize: false }\r\n// };\r\n// const presetOptions = presets[options];\r\n// if (presetOptions) {\r\n// return instance.createMiddlewareChain(presetOptions);\r\n// }\r\n// return instance.createMiddlewareChain({});\r\n// }\r\n \r\n// return instance.createMiddlewareChain(options || {});\r\n// }\r\n\r\n// // =====================================================\r\n// // INTERNAL METHODS\r\n// // =====================================================\r\n \r\n// private setupAdapters(): void {\r\n// logger.info(\"🧩 Setting up adapters...\");\r\n\r\n// // Hashing\r\n// this.hashingPrimary = this.config.hashing.primary === \"argon2\"\r\n// ? new ArgonAdapter()\r\n// : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n// this.hashingFallback = this.config.hashing.fallback === \"bcrypt\"\r\n// ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n// : null;\r\n\r\n// // Rate limiting\r\n// this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n// ? new RLFlexibleAdapter()\r\n// : new ExpressRLAdapter();\r\n// this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n// // Validation\r\n// this.validatorPrimary = this.config.validation.mode === \"zod\"\r\n// ? new ZodAdapter()\r\n// : new ExpressValidatorAdapter();\r\n// this.validatorFallback = this.config.validation.fallback === \"express-validator\"\r\n// ? new ExpressValidatorAdapter()\r\n// : null;\r\n\r\n// // Sanitization\r\n// this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n// this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n// logger.info(\"✅ Adapters ready\");\r\n// }\r\n\r\n// private setupManagers(): void {\r\n// this.hashManager = new HashManager(\r\n// this.config.hashing,\r\n// this.hashingPrimary,\r\n// this.hashingFallback\r\n// );\r\n\r\n// this.rateLimitManager = new RateLimitManager(\r\n// this.config.rateLimiter,\r\n// this.rateLimiterPrimary,\r\n// this.rateLimiterFallback\r\n// );\r\n\r\n// this.validatorManager = new ValidatorManager(\r\n// // this.config.validation,\r\n// // this.validatorPrimary,\r\n// // this.validatorFallback\r\n// new ZodAdapter(),\r\n// new ExpressValidatorAdapter()\r\n// );\r\n\r\n// this.sanitizerManager = new SanitizerManager(\r\n// this.sanitizerPrimary,\r\n// this.sanitizerFallback\r\n// );\r\n// }\r\n\r\n// private setupDynamicManagers(): void {\r\n// this.jsonManager = new JsonManager();\r\n// this.corsManager = new CorsManager();\r\n\r\n// // Auth manager (only if enabled)\r\n// if (this.config.auth.enabled) {\r\n// const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;\r\n// if (!jwtSecret) {\r\n// throw new Error(\"JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true\");\r\n// }\r\n\r\n// this.authManager = new AuthManager({\r\n// jwtSecret,\r\n// jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n// googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n// // Removed algorithm - handled in AuthManager\r\n// });\r\n// }\r\n// }\r\n\r\n// private createMiddlewareChain(options: SecureOptions): any[] {\r\n// const chain: any[] = [];\r\n \r\n// // JSON parsing\r\n// chain.push(this.jsonManager.middleware(this.config.json));\r\n// chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n \r\n// // Security headers\r\n// if (this.config.enableHelmet) chain.push(helmet());\r\n// if (this.config.enableHPP) chain.push(hpp());\r\n \r\n// // Compression (check if compression config exists)\r\n// if (this.config.enableCompression && this.config.compression) {\r\n// chain.push(compression(this.config.compression));\r\n// } else if (this.config.enableCompression) {\r\n// chain.push(compression()); // Use defaults\r\n// }\r\n \r\n// // CORS\r\n// if (this.config.enableCORS || options.cors) {\r\n// const corsOptions = options.cors === true ? this.config.cors : \r\n// (typeof options.cors === 'object' ? options.cors : this.config.cors);\r\n// chain.push(this.corsManager.middleware(corsOptions));\r\n// }\r\n \r\n// // Sanitization\r\n// if (this.config.enableSanitizer || options.sanitize) {\r\n// const sanitizeOptions = options.sanitize === true ? undefined : \r\n// (typeof options.sanitize === 'object' ? options.sanitize : undefined);\r\n// chain.push(this.sanitizerManager.middleware(sanitizeOptions));\r\n// }\r\n \r\n// // Rate limiting\r\n// if (this.config.enableRateLimiter || options.rateLimit) {\r\n// const rateLimitOpts = typeof options.rateLimit === 'object' ? \r\n// { options: options.rateLimit } : {};\r\n// chain.push(this.rateLimitManager.middleware(rateLimitOpts));\r\n// }\r\n \r\n// // Authentication\r\n// if (options.auth && this.authManager) {\r\n// const authOpts = options.auth === true ? undefined : \r\n// (typeof options.auth === 'object' ? options.auth : undefined);\r\n// chain.push(this.authManager.protect(authOpts));\r\n// }\r\n \r\n// // Error handler (always last)\r\n// chain.push(errorHandler);\r\n \r\n// return chain;\r\n// }\r\n// }\r\n\r\n\r\n// ===================\r\n\r\n// src/core/HiSecure.ts - FINAL VERSION\r\nimport { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging/index.js\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema } from \"./types/SecureOptions.js\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n private config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n // Managers\r\n public hashManager!: HashManager;\r\n public rateLimitManager!: RateLimitManager;\r\n public validatorManager!: ValidatorManager;\r\n public sanitizerManager!: SanitizerManager;\r\n public jsonManager!: JsonManager;\r\n public corsManager!: CorsManager;\r\n public authManager?: AuthManager;\r\n\r\n // Internal adapters\r\n private hashingPrimary: any;\r\n private hashingFallback: any;\r\n private rateLimiterPrimary: any;\r\n private rateLimiterFallback: any;\r\n\r\n private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n this.config = deepMerge(defaultConfig, userConfig);\r\n }\r\n\r\n // =====================================================\r\n // SINGLETON\r\n // =====================================================\r\n static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n if (!HiSecure.instance) {\r\n HiSecure.instance = new HiSecure(config);\r\n HiSecure.instance.init();\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n static resetInstance(): void {\r\n HiSecure.instance = null;\r\n }\r\n\r\n init(): void {\r\n if (this.initialized) return;\r\n\r\n logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);\r\n\r\n this.setupAdapters();\r\n this.setupManagers();\r\n this.setupDynamicManagers();\r\n\r\n // ❌ DO NOT FREEZE MANAGERS\r\n // ✔ Only freeze config\r\n deepFreeze(this.config);\r\n\r\n this.initialized = true;\r\n logger.info(\"✅ HiSecure initialized successfully\");\r\n }\r\n\r\n // =====================================================\r\n // FLUENT API (Route-level)\r\n // =====================================================\r\n\r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n return this.getInstance().authManager!.protect(options);\r\n }\r\n\r\n static validate(schema: ValidationSchema) {\r\n return this.getInstance().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return this.getInstance().sanitizerManager.middleware(options);\r\n }\r\n\r\n static cors(options?: any) {\r\n return this.getInstance().corsManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const instance = this.getInstance();\r\n\r\n if (typeof preset === \"string\") {\r\n const presets: any = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\", options: { max: 100, windowMs: 60000 } }\r\n };\r\n return instance.rateLimitManager.middleware(presets[preset] || {});\r\n }\r\n return instance.rateLimitManager.middleware({ options: preset });\r\n }\r\n\r\n static json(options?: any) {\r\n const instance = this.getInstance();\r\n return [\r\n instance.jsonManager.middleware(options),\r\n instance.jsonManager.urlencoded()\r\n ];\r\n }\r\n\r\n // =====================================================\r\n // INTERNAL SETUP\r\n // =====================================================\r\n\r\n private setupAdapters(): void {\r\n logger.info(\"🧩 Setting up adapters...\");\r\n\r\n this.hashingPrimary = this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n this.hashingFallback = this.config.hashing.fallback === \"bcrypt\"\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null;\r\n\r\n this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter();\r\n\r\n this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n logger.info(\"✅ Adapters ready\");\r\n }\r\n\r\n private setupManagers(): void {\r\n this.hashManager = new HashManager(this.config.hashing, this.hashingPrimary, this.hashingFallback);\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.rateLimiterPrimary,\r\n this.rateLimiterFallback\r\n );\r\n\r\n // ✔ AUTO-DETECT VALIDATION (ZOD + EXPRESS-VALIDATOR)\r\n this.validatorManager = new ValidatorManager(\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n new SanitizeHtmlAdapter(this.config.sanitizer),\r\n new XSSAdapter(this.config.sanitizer)\r\n );\r\n }\r\n\r\n private setupDynamicManagers(): void {\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n if (this.config.auth.enabled) {\r\n const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;\r\n if (!jwtSecret) throw new Error(\"JWT_SECRET is required when auth.enabled=true\");\r\n\r\n this.authManager = new AuthManager({\r\n jwtSecret,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId: this.config.auth.googleClientId\r\n });\r\n }\r\n }\r\n\r\n private createMiddlewareChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n\r\n if (this.config.enableCompression) chain.push(compression(this.config.compression));\r\n\r\n if (this.config.enableCORS || options.cors) {\r\n const opts = typeof options.cors === \"object\" ? options.cors : this.config.cors;\r\n chain.push(this.corsManager.middleware(opts));\r\n }\r\n\r\n if (this.config.enableSanitizer || options.sanitize) {\r\n const opts = typeof options.sanitize === \"object\" ? options.sanitize : undefined;\r\n chain.push(this.sanitizerManager.middleware(opts));\r\n }\r\n\r\n if (this.config.enableRateLimiter || options.rateLimit) {\r\n const opts = typeof options.rateLimit === \"object\" ? { options: options.rateLimit } : {};\r\n chain.push(this.rateLimitManager.middleware(opts));\r\n }\r\n\r\n if (options.auth && this.authManager) {\r\n const opts = typeof options.auth === \"object\" ? options.auth : undefined;\r\n chain.push(this.authManager.protect(opts));\r\n }\r\n\r\n chain.push(errorHandler);\r\n\r\n return chain;\r\n }\r\n}\r\n"]}
1
+ {"version":3,"file":"HiSecure.js","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":";;;;;;AACA,2CAA4C;AAC5C,iDAAuD;AACvD,wDAAkD;AAClD,0DAAoD;AACpD,kDAA6C;AAE7C,WAAW;AACX,iEAA2D;AAC3D,mEAA6D;AAC7D,2EAAqE;AACrE,yEAAmE;AACnE,6DAAuD;AACvD,uFAAiF;AACjF,+EAAyE;AACzE,6DAAuD;AAEvD,WAAW;AACX,+DAAyD;AACzD,yEAAmE;AACnE,yEAAmE;AACnE,yEAAmE;AACnE,+DAAyD;AACzD,+DAAyD;AACzD,+DAAyD;AAEzD,cAAc;AACd,oDAA4B;AAC5B,8CAAsB;AACtB,8DAAsC;AACtC,oEAA8D;AAK9D,MAAa,QAAQ;IAsBjB,oCAAoC;IACpC,YAAoB,aAAsC,EAAE;QApBpD,gBAAW,GAAG,KAAK,CAAC;QAqBxB,IAAI,CAAC,MAAM,GAAG,IAAA,wBAAS,EAAC,yBAAa,EAAE,UAAU,CAAC,CAAC;IACvD,CAAC;IAED,6BAA6B;IAE7B,MAAM,CAAC,WAAW,CAAC,MAAgC;QAC/C,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACrB,QAAQ,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;YACzC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC7B,CAAC;IAED,MAAM,CAAC,aAAa;QAChB,QAAQ,CAAC,QAAQ,GAAG,IAAI,CAAC;IAC7B,CAAC;IAED,IAAI;QACA,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACnB,iBAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YAC9C,OAAO;QACX,CAAC;QAED,iBAAM,CAAC,IAAI,CAAC,MAAM,uBAAQ,KAAK,0BAAW,kBAAkB,CAAC,CAAC;QAE9D,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAE5B,IAAA,0BAAU,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,gCAAgC;QAChC,qCAAqC;QACrC,qCAAqC;QACrC,qCAAqC;QACrC,gCAAgC;QAChC,gCAAgC;QAChC,sDAAsD;QAEtD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,iBAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IACvD,CAAC;IAED,aAAa;QACT,OAAO,IAAI,CAAC,WAAW,CAAC;IAC5B,CAAC;IAED,4CAA4C;IAE5C,MAAM,CAAC,IAAI,CAAC,OAAkD;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,MAAwB;QACpC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAa;QACzB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,MAA6C;QAC1D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAEpC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,OAAO,GAA2E;gBACpF,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;gBAC1B,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;gBAC5B,GAAG,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE;aAC/D,CAAC;YACF,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,OAAa;QACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;QACrD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,iCAAiC;IAEjC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAgB;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAClF,OAAO,MAAM,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAY;QAC9C,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjE,CAAC;IA8BD,gCAAgC;IAEhC,MAAM,CAAC,UAAU,CAAC,OAAqD;QACnE,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAEpC,wBAAwB;QACxB,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAkC;gBAC3C,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,SAAgB,EAAE,QAAQ,EAAE,IAAI,EAAE;gBAChE,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,QAAe,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;gBAC9E,MAAM,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAW,EAAE,QAAQ,EAAE,KAAK,EAAE;aAClE,CAAC;YACF,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;YACvC,IAAI,aAAa,EAAE,CAAC;gBAChB,OAAO,QAAQ,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,QAAQ,CAAC,qBAAqB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAGD,mBAAmB;IAEX,aAAa;QACjB,iBAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAEzC,UAAU;QACV,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,KAAK,QAAQ;YAC1D,CAAC,CAAC,IAAI,8BAAY,EAAE;YACpB,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAC5D,CAAC,CAAC,IAAI,gCAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YACnD,CAAC,CAAC,IAAI,CAAC;QAEX,gBAAgB;QAChB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,eAAe;YAC7D,CAAC,CAAC,IAAI,wCAAiB,EAAE;YACzB,CAAC,CAAC,IAAI,sCAAgB,EAAE,CAAC;QAC7B,IAAI,CAAC,mBAAmB,GAAG,IAAI,sCAAgB,EAAE,CAAC;QAIlD,gBAAgB;QAChB,gEAAgE;QAChE,yBAAyB;QACzB,uCAAuC;QACvC,mFAAmF;QACnF,sCAAsC;QACtC,cAAc;QAGd,eAAe;QACf,IAAI,CAAC,gBAAgB,GAAG,IAAI,4CAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACvE,IAAI,CAAC,iBAAiB,GAAG,IAAI,0BAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE/D,iBAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACpC,CAAC;IAEO,aAAa;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAC9B,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,eAAe,CACvB,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,MAAM,CAAC,WAAW,EACvB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,mBAAmB,CAC3B,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB;QACxC,0BAA0B;QAC1B,yBAAyB;QACzB,yBAAyB;QACzB,IAAI,0BAAU,EAAE,EAChB,IAAI,oDAAuB,EAAE,CAChC,CAAC;QAEF,IAAI,CAAC,gBAAgB,GAAG,IAAI,sCAAgB,CACxC,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,iBAAiB,CACzB,CAAC;IACN,CAAC;IAEO,oBAAoB;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,EAAE,CAAC;QAErC,iCAAiC;QACjC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC;YACvE,IAAI,CAAC,SAAS,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,2FAA2F,CAAC,CAAC;YACjH,CAAC;YAED,IAAI,CAAC,WAAW,GAAG,IAAI,4BAAW,CAAC;gBAC/B,SAAS;gBACT,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;gBAC3C,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc;aAClF,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAEO,qBAAqB,CAAC,OAAsB;QAChD,MAAM,KAAK,GAAU,EAAE,CAAC;QAExB,eAAe;QACf,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,mBAAmB;QACnB,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,gBAAM,GAAE,CAAC,CAAC;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,KAAK,CAAC,IAAI,CAAC,IAAA,aAAG,GAAE,CAAC,CAAC;QAE7C,mDAAmD;QACnD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QACrD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YACvC,KAAK,CAAC,IAAI,CAAC,IAAA,qBAAW,GAAE,CAAC,CAAC,CAAC,eAAe;QAC9C,CAAC;QAED,OAAO;QACP,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACvF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC;QACzD,CAAC;QAED,eAAe;QACf,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClD,MAAM,eAAe,GAAG,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;gBACzC,CAAC,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;YAC5F,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,gBAAgB;QAChB,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACrD,MAAM,aAAa,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC;gBACzC,EAAE,OAAO,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC;QAChE,CAAC;QAED,iBAAiB;QACjB,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;gBACrC,CAAC,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;YAC7E,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QACnD,CAAC;QAED,8BAA8B;QAC9B,KAAK,CAAC,IAAI,CAAC,8BAAY,CAAC,CAAC;QAEzB,OAAO,KAAK,CAAC;IACjB,CAAC;;AAxTL,4BAyTC;AAxTkB,iBAAQ,GAAoB,IAAI,AAAxB,CAAyB;AA8HzC,YAAG,GAAG;IACT,IAAI,EAAE,CAAC,OAAe,EAAE,OAAa,EAAE,EAAE;QACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACxC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvD,CAAC;IAED,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;QACtB,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACxC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED,MAAM,EAAE;QACJ,aAAa,EAAE,CAAC,OAAe,EAAE,EAAE;YAC/B,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YACxC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;YACxC,CAAC;YACD,OAAO,QAAQ,CAAC,WAAW,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAC7D,CAAC;KACJ;CACJ,AA1BS,CA0BR","sourcesContent":["import { HiSecureConfig } from \"./types/HiSecureConfig.js\";\r\nimport { defaultConfig } from \"./config.js\";\r\nimport { LIB_NAME, LIB_VERSION } from \"./constants.js\";\r\nimport { deepMerge } from \"../utils/deepMerge.js\";\r\nimport { deepFreeze } from \"../utils/deepFreeze.js\";\r\nimport { logger } from \"../logging/index.js\";\r\n\r\n// Adapters\r\nimport { ArgonAdapter } from \"../adapters/ArgonAdapter.js\";\r\nimport { BcryptAdapter } from \"../adapters/BcryptAdapter.js\";\r\nimport { RLFlexibleAdapter } from \"../adapters/RLFlexibleAdapter.js\";\r\nimport { ExpressRLAdapter } from \"../adapters/ExpressRLAdapter.js\";\r\nimport { ZodAdapter } from \"../adapters/ZodAdapter.js\";\r\nimport { ExpressValidatorAdapter } from \"../adapters/ExpressValidatorAdapter.js\";\r\nimport { SanitizeHtmlAdapter } from \"../adapters/SanitizeHtmlAdapter.js\";\r\nimport { XSSAdapter } from \"../adapters/XSSAdapter.js\";\r\n\r\n// Managers\r\nimport { HashManager } from \"../managers/HashManager.js\";\r\nimport { RateLimitManager } from \"../managers/RateLimitManager.js\";\r\nimport { ValidatorManager } from \"../managers/ValidatorManager.js\";\r\nimport { SanitizerManager } from \"../managers/SanitizerManager.js\";\r\nimport { JsonManager } from \"../managers/JsonManager.js\";\r\nimport { CorsManager } from \"../managers/CorsManager.js\";\r\nimport { AuthManager } from \"../managers/AuthManager.js\";\r\n\r\n// Middlewares\r\nimport helmet from \"helmet\";\r\nimport hpp from \"hpp\";\r\nimport compression from \"compression\";\r\nimport { errorHandler } from \"../middlewares/errorHandler.js\";\r\n\r\n// Types\r\nimport { SecureOptions, ValidationSchema} from \"./types/SecureOptions.js\";\r\n\r\nexport class HiSecure {\r\n private static instance: HiSecure | null = null;\r\n private config: HiSecureConfig;\r\n private initialized = false;\r\n\r\n // Managers\r\n public hashManager!: HashManager;\r\n public rateLimitManager!: RateLimitManager;\r\n public validatorManager!: ValidatorManager;\r\n public sanitizerManager!: SanitizerManager;\r\n public jsonManager!: JsonManager;\r\n public corsManager!: CorsManager;\r\n public authManager?: AuthManager;\r\n\r\n // Internal adapters\r\n private hashingPrimary: any;\r\n private hashingFallback: any;\r\n private rateLimiterPrimary: any;\r\n private rateLimiterFallback: any;\r\n private sanitizerPrimary: any;\r\n private sanitizerFallback: any;\r\n\r\n // Private constructor for singleton\r\n private constructor(userConfig: Partial<HiSecureConfig> = {}) {\r\n this.config = deepMerge(defaultConfig, userConfig);\r\n }\r\n\r\n // SINGLETON & INITIALIZATION\r\n \r\n static getInstance(config?: Partial<HiSecureConfig>): HiSecure {\r\n if (!HiSecure.instance) {\r\n HiSecure.instance = new HiSecure(config);\r\n HiSecure.instance.init();\r\n }\r\n return HiSecure.instance;\r\n }\r\n\r\n static resetInstance(): void {\r\n HiSecure.instance = null;\r\n }\r\n\r\n init(): void {\r\n if (this.initialized) {\r\n logger.warn(\"⚠ HiSecure already initialized\");\r\n return;\r\n }\r\n\r\n logger.info(`🔐 ${LIB_NAME} v${LIB_VERSION} initializing...`);\r\n\r\n this.setupAdapters();\r\n this.setupManagers();\r\n this.setupDynamicManagers();\r\n\r\n deepFreeze(this.config);\r\n // deepFreeze(this.hashManager);\r\n // deepFreeze(this.rateLimitManager);\r\n // deepFreeze(this.validatorManager);\r\n // deepFreeze(this.sanitizerManager);\r\n // deepFreeze(this.jsonManager);\r\n // deepFreeze(this.corsManager);\r\n // if (this.authManager) deepFreeze(this.authManager);\r\n\r\n this.initialized = true;\r\n logger.info(\"✅ HiSecure initialized successfully\");\r\n }\r\n\r\n isInitialized(): boolean {\r\n return this.initialized;\r\n }\r\n\r\n // FLUENT API METHODS (Route-level security)\r\n \r\n static auth(options?: { required?: boolean; roles?: string[] }) {\r\n const instance = this.getInstance();\r\n if (!instance.authManager) {\r\n throw new Error(\"Auth not enabled. Set auth.enabled=true in config.\");\r\n }\r\n return instance.authManager.protect(options);\r\n }\r\n\r\n static validate(schema: ValidationSchema) {\r\n return this.getInstance().validatorManager.validate(schema);\r\n }\r\n\r\n static sanitize(options?: any) {\r\n return this.getInstance().sanitizerManager.middleware(options);\r\n }\r\n\r\n static rateLimit(preset: \"strict\" | \"relaxed\" | \"api\" | object) {\r\n const instance = this.getInstance();\r\n \r\n if (typeof preset === \"string\") {\r\n const presets: Record<string, { mode?: \"strict\" | \"relaxed\" | \"api\"; options?: any }> = {\r\n strict: { mode: \"strict\" },\r\n relaxed: { mode: \"relaxed\" },\r\n api: { mode: \"api\", options: { max: 100, windowMs: 60000 } }\r\n };\r\n return instance.rateLimitManager.middleware(presets[preset] || {});\r\n }\r\n \r\n return instance.rateLimitManager.middleware({ options: preset });\r\n }\r\n\r\n static cors(options?: any) {\r\n return this.getInstance().corsManager.middleware(options);\r\n }\r\n\r\n static json(options?: any) {\r\n const instance = this.getInstance();\r\n const chain = [];\r\n chain.push(instance.jsonManager.middleware(options));\r\n chain.push(instance.jsonManager.urlencoded());\r\n return chain;\r\n }\r\n\r\n // UTILITY METHODS (Direct usage)\r\n \r\n static async hash(password: string): Promise<string> {\r\n const instance = this.getInstance();\r\n const result = await instance.hashManager.hash(password, { allowFallback: true });\r\n return result.hash;\r\n }\r\n\r\n static async verify(password: string, hash: string): Promise<boolean> {\r\n return this.getInstance().hashManager.verify(password, hash);\r\n }\r\n\r\n static jwt = {\r\n sign: (payload: object, options?: any) => {\r\n const instance = HiSecure.getInstance();\r\n if (!instance.authManager) {\r\n throw new Error(\"Auth not enabled\");\r\n }\r\n return instance.authManager.sign(payload, options);\r\n },\r\n \r\n verify: (token: string) => {\r\n const instance = HiSecure.getInstance();\r\n if (!instance.authManager) {\r\n throw new Error(\"Auth not enabled\");\r\n }\r\n return instance.authManager.verify(token);\r\n },\r\n \r\n google: {\r\n verifyIdToken: (idToken: string) => {\r\n const instance = HiSecure.getInstance();\r\n if (!instance.authManager) {\r\n throw new Error(\"Auth not enabled\");\r\n }\r\n return instance.authManager.verifyGoogleIdToken(idToken);\r\n }\r\n }\r\n };\r\n\r\n // GLOBAL MIDDLEWARE (app.use())\r\n \r\n static middleware(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n const instance = this.getInstance();\r\n \r\n // Handle preset strings\r\n if (typeof options === \"string\") {\r\n const presets: Record<string, SecureOptions> = {\r\n api: { cors: true, rateLimit: \"relaxed\" as any, sanitize: true },\r\n strict: { cors: true, rateLimit: \"strict\" as any, sanitize: true, auth: true },\r\n public: { cors: true, rateLimit: true as any, sanitize: false }\r\n };\r\n const presetOptions = presets[options];\r\n if (presetOptions) {\r\n return instance.createMiddlewareChain(presetOptions);\r\n }\r\n return instance.createMiddlewareChain({});\r\n }\r\n \r\n return instance.createMiddlewareChain(options || {});\r\n }\r\n\r\n \r\n // Internal Methods\r\n \r\n private setupAdapters(): void {\r\n logger.info(\"🧩 Setting up adapters...\");\r\n\r\n // Hashing\r\n this.hashingPrimary = this.config.hashing.primary === \"argon2\"\r\n ? new ArgonAdapter()\r\n : new BcryptAdapter(this.config.hashing.saltRounds);\r\n\r\n this.hashingFallback = this.config.hashing.fallback === \"bcrypt\"\r\n ? new BcryptAdapter(this.config.hashing.saltRounds)\r\n : null;\r\n\r\n // Rate limiting\r\n this.rateLimiterPrimary = this.config.rateLimiter.useAdaptiveMode\r\n ? new RLFlexibleAdapter()\r\n : new ExpressRLAdapter();\r\n this.rateLimiterFallback = new ExpressRLAdapter();\r\n\r\n\r\n\r\n // // Validation\r\n // this.validatorPrimary = this.config.validation.mode === \"zod\"\r\n // ? new ZodAdapter()\r\n // : new ExpressValidatorAdapter();\r\n // this.validatorFallback = this.config.validation.fallback === \"express-validator\"\r\n // ? new ExpressValidatorAdapter()\r\n // : null;\r\n\r\n\r\n // Sanitization\r\n this.sanitizerPrimary = new SanitizeHtmlAdapter(this.config.sanitizer);\r\n this.sanitizerFallback = new XSSAdapter(this.config.sanitizer);\r\n\r\n logger.info(\"✅ Adapters ready\");\r\n }\r\n\r\n private setupManagers(): void {\r\n this.hashManager = new HashManager(\r\n this.config.hashing,\r\n this.hashingPrimary,\r\n this.hashingFallback\r\n );\r\n\r\n this.rateLimitManager = new RateLimitManager(\r\n this.config.rateLimiter,\r\n this.rateLimiterPrimary,\r\n this.rateLimiterFallback\r\n );\r\n\r\n this.validatorManager = new ValidatorManager(\r\n // this.config.validation,\r\n // this.validatorPrimary,\r\n // this.validatorFallback\r\n new ZodAdapter(),\r\n new ExpressValidatorAdapter()\r\n );\r\n\r\n this.sanitizerManager = new SanitizerManager(\r\n this.sanitizerPrimary,\r\n this.sanitizerFallback\r\n );\r\n }\r\n\r\n private setupDynamicManagers(): void {\r\n this.jsonManager = new JsonManager();\r\n this.corsManager = new CorsManager();\r\n\r\n // Auth manager (only if enabled)\r\n if (this.config.auth.enabled) {\r\n const jwtSecret = process.env.JWT_SECRET || this.config.auth.jwtSecret;\r\n if (!jwtSecret) {\r\n throw new Error(\"JWT_SECRET environment variable or jwtSecret in config is required when auth.enabled=true\");\r\n }\r\n\r\n this.authManager = new AuthManager({\r\n jwtSecret,\r\n jwtExpiresIn: this.config.auth.jwtExpiresIn,\r\n googleClientId: process.env.GOOGLE_CLIENT_ID || this.config.auth.googleClientId\r\n });\r\n }\r\n }\r\n\r\n private createMiddlewareChain(options: SecureOptions): any[] {\r\n const chain: any[] = [];\r\n \r\n // JSON parsing\r\n chain.push(this.jsonManager.middleware(this.config.json));\r\n chain.push(this.jsonManager.urlencoded(this.config.urlencoded));\r\n \r\n // Security headers\r\n if (this.config.enableHelmet) chain.push(helmet());\r\n if (this.config.enableHPP) chain.push(hpp());\r\n \r\n // Compression (check if compression config exists)\r\n if (this.config.enableCompression && this.config.compression) {\r\n chain.push(compression(this.config.compression));\r\n } else if (this.config.enableCompression) {\r\n chain.push(compression()); // Use defaults\r\n }\r\n \r\n // CORS\r\n if (this.config.enableCORS || options.cors) {\r\n const corsOptions = options.cors === true ? this.config.cors : \r\n (typeof options.cors === 'object' ? options.cors : this.config.cors);\r\n chain.push(this.corsManager.middleware(corsOptions));\r\n }\r\n \r\n // Sanitization\r\n if (this.config.enableSanitizer || options.sanitize) {\r\n const sanitizeOptions = options.sanitize === true ? undefined : \r\n (typeof options.sanitize === 'object' ? options.sanitize : undefined);\r\n chain.push(this.sanitizerManager.middleware(sanitizeOptions));\r\n }\r\n \r\n // Rate limiting\r\n if (this.config.enableRateLimiter || options.rateLimit) {\r\n const rateLimitOpts = typeof options.rateLimit === 'object' ? \r\n { options: options.rateLimit } : {};\r\n chain.push(this.rateLimitManager.middleware(rateLimitOpts));\r\n }\r\n \r\n // Authentication\r\n if (options.auth && this.authManager) {\r\n const authOpts = options.auth === true ? undefined : \r\n (typeof options.auth === 'object' ? options.auth : undefined);\r\n chain.push(this.authManager.protect(authOpts));\r\n }\r\n \r\n // Error handler (always last)\r\n chain.push(errorHandler);\r\n \r\n return chain;\r\n }\r\n}\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n"]}
package/dist/core/useSecure.d.ts CHANGED
@@ -1,3 +1,7 @@
1
1
  import { SecureOptions } from "./types/SecureOptions.js";
2
+ /**
3
+ * @deprecated Use HiSecure.middleware() or fluent API instead
4
+ */
5
+ export declare function useSecure(options?: SecureOptions | "api" | "strict" | "public"): any[];
2
6
  export declare function secureRoute(options?: SecureOptions): any[];
3
7
  //# sourceMappingURL=useSecure.d.ts.map
package/dist/core/useSecure.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"AAqHA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,aAAa,SA8ClD"}
1
+ {"version":3,"file":"useSecure.d.ts","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AAEH,wBAAgB,SAAS,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ,SAG9E;AAMD,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,aAAa,SAiClD"}