hi-secure 1.0.6 → 1.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/ArgonAdapter.js +1 -1
- package/dist/adapters/ArgonAdapter.js.map +1 -1
- package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressRLAdapter.js +1 -2
- package/dist/adapters/ExpressRLAdapter.js.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -1
- package/dist/adapters/ExpressValidatorAdapter.js +1 -39
- package/dist/adapters/ExpressValidatorAdapter.js.map +1 -1
- package/dist/adapters/GoogleAdapter.d.ts.map +1 -1
- package/dist/adapters/GoogleAdapter.js +0 -101
- package/dist/adapters/GoogleAdapter.js.map +1 -1
- package/dist/adapters/JWTAdapter.d.ts.map +1 -1
- package/dist/adapters/JWTAdapter.js +3 -210
- package/dist/adapters/JWTAdapter.js.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -1
- package/dist/adapters/RLFlexibleAdapter.js +0 -52
- package/dist/adapters/RLFlexibleAdapter.js.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.d.ts +0 -3
- package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -1
- package/dist/adapters/SanitizeHtmlAdapter.js +2 -71
- package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -1
- package/dist/adapters/XSSAdapter.d.ts +0 -10
- package/dist/adapters/XSSAdapter.d.ts.map +1 -1
- package/dist/adapters/XSSAdapter.js +2 -19
- package/dist/adapters/XSSAdapter.js.map +1 -1
- package/dist/adapters/ZodAdapter.d.ts.map +1 -1
- package/dist/adapters/ZodAdapter.js +2 -6
- package/dist/adapters/ZodAdapter.js.map +1 -1
- package/dist/core/HiSecure.d.ts +15 -2
- package/dist/core/HiSecure.d.ts.map +1 -1
- package/dist/core/HiSecure.js +130 -37
- package/dist/core/HiSecure.js.map +1 -1
- package/dist/core/useSecure.d.ts +4 -0
- package/dist/core/useSecure.d.ts.map +1 -1
- package/dist/core/useSecure.js +19 -114
- package/dist/core/useSecure.js.map +1 -1
- package/dist/index.d.ts +4 -4
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -19
- package/dist/index.js.map +1 -1
- package/dist/managers/AuthManager.d.ts.map +1 -1
- package/dist/managers/AuthManager.js +1 -89
- package/dist/managers/AuthManager.js.map +1 -1
- package/dist/managers/CorsManager.d.ts.map +1 -1
- package/dist/managers/CorsManager.js +1 -19
- package/dist/managers/CorsManager.js.map +1 -1
- package/dist/managers/HashManager.d.ts.map +1 -1
- package/dist/managers/HashManager.js +0 -243
- package/dist/managers/HashManager.js.map +1 -1
- package/dist/managers/JsonManager.d.ts.map +1 -1
- package/dist/managers/JsonManager.js +1 -77
- package/dist/managers/JsonManager.js.map +1 -1
- package/dist/managers/RateLimitManager.d.ts.map +1 -1
- package/dist/managers/RateLimitManager.js +3 -17
- package/dist/managers/RateLimitManager.js.map +1 -1
- package/dist/managers/SanitizerManager.d.ts +0 -6
- package/dist/managers/SanitizerManager.d.ts.map +1 -1
- package/dist/managers/SanitizerManager.js +1 -213
- package/dist/managers/SanitizerManager.js.map +1 -1
- package/dist/managers/ValidatorManager.d.ts.map +1 -1
- package/dist/managers/ValidatorManager.js +1 -109
- package/dist/managers/ValidatorManager.js.map +1 -1
- package/dist/middlewares/errorHandler.d.ts.map +1 -1
- package/dist/middlewares/errorHandler.js +0 -19
- package/dist/middlewares/errorHandler.js.map +1 -1
- package/dist/utils/deepFreeze.d.ts.map +1 -1
- package/dist/utils/deepFreeze.js +0 -25
- package/dist/utils/deepFreeze.js.map +1 -1
- package/dist/utils/deepMerge.d.ts.map +1 -1
- package/dist/utils/deepMerge.js +0 -26
- package/dist/utils/deepMerge.js.map +1 -1
- package/dist/utils/normalizeOptions.d.ts +1 -3
- package/dist/utils/normalizeOptions.d.ts.map +1 -1
- package/dist/utils/normalizeOptions.js +0 -1
- package/dist/utils/normalizeOptions.js.map +1 -1
- package/package.json +1 -1
- package/src/adapters/ArgonAdapter.ts +1 -1
- package/src/adapters/ExpressRLAdapter.ts +1 -2
- package/src/adapters/ExpressValidatorAdapter.ts +1 -54
- package/src/adapters/GoogleAdapter.ts +0 -129
- package/src/adapters/JWTAdapter.ts +5 -259
- package/src/adapters/RLFlexibleAdapter.ts +2 -65
- package/src/adapters/SanitizeHtmlAdapter.ts +3 -87
- package/src/adapters/XSSAdapter.ts +11 -19
- package/src/adapters/ZodAdapter.ts +2 -51
- package/src/core/HiSecure.ts +25 -36
- package/src/core/useSecure.ts +5 -7
- package/src/index.ts +4 -5
- package/src/managers/AuthManager.ts +5 -109
- package/src/managers/CorsManager.ts +1 -25
- package/src/managers/HashManager.ts +0 -286
- package/src/managers/JsonManager.ts +1 -91
- package/src/managers/RateLimitManager.ts +3 -262
- package/src/managers/SanitizerManager.ts +4 -263
- package/src/managers/ValidatorManager.ts +53 -187
- package/src/middlewares/errorHandler.ts +1 -176
- package/src/utils/deepFreeze.ts +0 -32
- package/src/utils/deepMerge.ts +0 -35
- package/src/utils/normalizeOptions.ts +16 -133
- package/src/examples/e1.ts +0 -1
- package/src/test/t1.ts +0 -1
package/dist/core/useSecure.js
CHANGED
|
@@ -1,128 +1,33 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
// import { normalizeOptions } from "../utils/normalizeOptions.js";
|
|
3
|
-
// import { HiSecure } from "./HiSecure.js";
|
|
4
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.useSecure = useSecure;
|
|
5
4
|
exports.secureRoute = secureRoute;
|
|
6
|
-
// export function useSecure(engine: HiSecure, input?: any) {
|
|
7
|
-
// if (!engine.isInitialized()) {
|
|
8
|
-
// throw new Error("HiSecure must be initialized before using .use()");
|
|
9
|
-
// }
|
|
10
|
-
// const options = normalizeOptions(input);
|
|
11
|
-
// const chain: any[] = [];
|
|
12
|
-
// // JSON
|
|
13
|
-
// if (options.json.enabled) {
|
|
14
|
-
// chain.push(engine.jsonManager.middleware(options.json.options));
|
|
15
|
-
// chain.push(engine.jsonManager.urlencoded());
|
|
16
|
-
// }
|
|
17
|
-
// // CORS
|
|
18
|
-
// if (options.cors.enabled) {
|
|
19
|
-
// chain.push(engine.corsManager.middleware(options.cors.options));
|
|
20
|
-
// }
|
|
21
|
-
// // Sanitize
|
|
22
|
-
// if (options.sanitize.enabled) {
|
|
23
|
-
// chain.push(engine.sanitizerManager.middleware());
|
|
24
|
-
// }
|
|
25
|
-
// // Validate
|
|
26
|
-
// if (options.validate.enabled && options.validate.schema) {
|
|
27
|
-
// chain.push(engine.validatorManager.validate(options.validate.schema));
|
|
28
|
-
// }
|
|
29
|
-
// // Rate Limit
|
|
30
|
-
// if (options.rateLimit.enabled) {
|
|
31
|
-
// chain.push(
|
|
32
|
-
// engine.rateLimitManager.middleware({
|
|
33
|
-
// mode: options.rateLimit.mode ?? undefined,
|
|
34
|
-
// options: options.rateLimit.options ?? undefined
|
|
35
|
-
// })
|
|
36
|
-
// );
|
|
37
|
-
// }
|
|
38
|
-
// // AUTH
|
|
39
|
-
// if (options.auth.enabled) {
|
|
40
|
-
// if (!engine.authManager) {
|
|
41
|
-
// throw new Error("AuthManager not initialized. Enable auth in config.");
|
|
42
|
-
// }
|
|
43
|
-
// chain.push(
|
|
44
|
-
// engine.authManager.protect({
|
|
45
|
-
// required: options.auth.required
|
|
46
|
-
// })
|
|
47
|
-
// );
|
|
48
|
-
// }
|
|
49
|
-
// return chain;
|
|
50
|
-
// }
|
|
51
|
-
// src/core/useSecure.ts - SIMPLER VERSION
|
|
52
|
-
// This is now optional since HiSecure class has fluent API
|
|
53
|
-
// import { HiSecure } from "./HiSecure.js";
|
|
54
|
-
// import { SecureOptions } from "./types/SecureOptions.js";
|
|
55
|
-
// /**
|
|
56
|
-
// * @deprecated Use HiSecure.middleware() or fluent API instead
|
|
57
|
-
// */
|
|
58
|
-
// export function useSecure(options?: SecureOptions | "api" | "strict" | "public") {
|
|
59
|
-
// console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
|
|
60
|
-
// return HiSecure.middleware(options);
|
|
61
|
-
// }
|
|
62
|
-
// /**
|
|
63
|
-
// * Legacy support - route-level security
|
|
64
|
-
// */
|
|
65
|
-
// export function secureRoute(options?: SecureOptions) {
|
|
66
|
-
// const chain: any[] = [];
|
|
67
|
-
// if (options?.cors) {
|
|
68
|
-
// chain.push(HiSecure.cors(
|
|
69
|
-
// typeof options.cors === 'object' ? options.cors : undefined
|
|
70
|
-
// ));
|
|
71
|
-
// }
|
|
72
|
-
// if (options?.rateLimit) {
|
|
73
|
-
// chain.push(HiSecure.rateLimit(
|
|
74
|
-
// typeof options.rateLimit === 'object' ? options.rateLimit :
|
|
75
|
-
// options.rateLimit === "strict" ? "strict" : "relaxed"
|
|
76
|
-
// ));
|
|
77
|
-
// }
|
|
78
|
-
// if (options?.sanitize) {
|
|
79
|
-
// chain.push(HiSecure.sanitize(
|
|
80
|
-
// typeof options.sanitize === 'object' ? options.sanitize : undefined
|
|
81
|
-
// ));
|
|
82
|
-
// }
|
|
83
|
-
// if (options?.validate) {
|
|
84
|
-
// chain.push(HiSecure.validate(options.validate));
|
|
85
|
-
// }
|
|
86
|
-
// if (options?.auth) {
|
|
87
|
-
// chain.push(HiSecure.auth(
|
|
88
|
-
// typeof options.auth === 'object' ? options.auth : undefined
|
|
89
|
-
// ));
|
|
90
|
-
// }
|
|
91
|
-
// return chain;
|
|
92
|
-
// }
|
|
93
5
|
const HiSecure_js_1 = require("./HiSecure.js");
|
|
6
|
+
/**
|
|
7
|
+
* @deprecated Use HiSecure.middleware() or fluent API instead
|
|
8
|
+
*/
|
|
9
|
+
function useSecure(options) {
|
|
10
|
+
console.warn("⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.");
|
|
11
|
+
return HiSecure_js_1.HiSecure.middleware(options);
|
|
12
|
+
}
|
|
13
|
+
// Legacy support - route-level security
|
|
94
14
|
function secureRoute(options) {
|
|
95
|
-
if (!options)
|
|
96
|
-
return [];
|
|
97
15
|
const chain = [];
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
chain.push(HiSecure_js_1.HiSecure.cors(typeof options.cors === "object" ? options.cors : undefined));
|
|
16
|
+
if (options?.cors) {
|
|
17
|
+
chain.push(HiSecure_js_1.HiSecure.cors(typeof options.cors === 'object' ? options.cors : undefined));
|
|
101
18
|
}
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
if (rl === "strict" || rl === "relaxed") {
|
|
106
|
-
chain.push(HiSecure_js_1.HiSecure.rateLimit(rl));
|
|
107
|
-
}
|
|
108
|
-
else if (typeof rl === "object") {
|
|
109
|
-
chain.push(HiSecure_js_1.HiSecure.rateLimit(rl));
|
|
110
|
-
}
|
|
111
|
-
else {
|
|
112
|
-
chain.push(HiSecure_js_1.HiSecure.rateLimit("relaxed"));
|
|
113
|
-
}
|
|
19
|
+
if (options?.rateLimit) {
|
|
20
|
+
chain.push(HiSecure_js_1.HiSecure.rateLimit(typeof options.rateLimit === 'object' ? options.rateLimit :
|
|
21
|
+
options.rateLimit === "strict" ? "strict" : "relaxed"));
|
|
114
22
|
}
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
chain.push(HiSecure_js_1.HiSecure.sanitize(typeof options.sanitize === "object" ? options.sanitize : undefined));
|
|
23
|
+
if (options?.sanitize) {
|
|
24
|
+
chain.push(HiSecure_js_1.HiSecure.sanitize(typeof options.sanitize === 'object' ? options.sanitize : undefined));
|
|
118
25
|
}
|
|
119
|
-
|
|
120
|
-
if (options.validate) {
|
|
26
|
+
if (options?.validate) {
|
|
121
27
|
chain.push(HiSecure_js_1.HiSecure.validate(options.validate));
|
|
122
28
|
}
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
chain.push(HiSecure_js_1.HiSecure.auth(typeof options.auth === "object" ? options.auth : undefined));
|
|
29
|
+
if (options?.auth) {
|
|
30
|
+
chain.push(HiSecure_js_1.HiSecure.auth(typeof options.auth === 'object' ? options.auth : undefined));
|
|
126
31
|
}
|
|
127
32
|
return chain;
|
|
128
33
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useSecure.js","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"useSecure.js","sourceRoot":"","sources":["../../src/core/useSecure.ts"],"names":[],"mappings":";;AAOA,8BAGC;AAMD,kCAiCC;AAjDD,+CAAyC;AAGzC;;GAEG;AAEH,SAAgB,SAAS,CAAC,OAAqD;IAC3E,OAAO,CAAC,IAAI,CAAC,+EAA+E,CAAC,CAAC;IAC9F,OAAO,sBAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;AACxC,CAAC;AAGD,yCAAyC;AAGzC,SAAgB,WAAW,CAAC,OAAuB;IAC/C,MAAM,KAAK,GAAU,EAAE,CAAC;IAExB,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,IAAI,CACpB,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAC9D,CAAC,CAAC;IACP,CAAC;IAED,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,SAAS,CACzB,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAC3D,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CACxD,CAAC,CAAC;IACP,CAAC;IAED,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,QAAQ,CACxB,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CACtE,CAAC,CAAC;IACP,CAAC;IAED,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpD,CAAC;IAED,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,sBAAQ,CAAC,IAAI,CACpB,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAC9D,CAAC,CAAC;IACP,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC","sourcesContent":["import { HiSecure } from \"./HiSecure.js\";\r\nimport { SecureOptions } from \"./types/SecureOptions.js\";\r\n\r\n/**\r\n * @deprecated Use HiSecure.middleware() or fluent API instead\r\n */\r\n\r\nexport function useSecure(options?: SecureOptions | \"api\" | \"strict\" | \"public\") {\r\n console.warn(\"⚠ useSecure() is deprecated. Use HiSecure.middleware() or fluent API methods.\");\r\n return HiSecure.middleware(options);\r\n}\r\n\r\n\r\n// Legacy support - route-level security\r\n\r\n\r\nexport function secureRoute(options?: SecureOptions) {\r\n const chain: any[] = [];\r\n \r\n if (options?.cors) {\r\n chain.push(HiSecure.cors(\r\n typeof options.cors === 'object' ? options.cors : undefined\r\n ));\r\n }\r\n \r\n if (options?.rateLimit) {\r\n chain.push(HiSecure.rateLimit(\r\n typeof options.rateLimit === 'object' ? options.rateLimit : \r\n options.rateLimit === \"strict\" ? \"strict\" : \"relaxed\"\r\n ));\r\n }\r\n \r\n if (options?.sanitize) {\r\n chain.push(HiSecure.sanitize(\r\n typeof options.sanitize === 'object' ? options.sanitize : undefined\r\n ));\r\n }\r\n \r\n if (options?.validate) {\r\n chain.push(HiSecure.validate(options.validate));\r\n }\r\n \r\n if (options?.auth) {\r\n chain.push(HiSecure.auth(\r\n typeof options.auth === 'object' ? options.auth : undefined\r\n ));\r\n }\r\n \r\n return chain;\r\n}\r\n\r\n\r\n"]}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { HiSecure } from "./core/HiSecure.js";
|
|
2
|
-
import { secureRoute } from "./core/useSecure.js";
|
|
3
|
-
|
|
4
|
-
secureRoute };
|
|
5
|
-
export default
|
|
2
|
+
import { useSecure, secureRoute } from "./core/useSecure.js";
|
|
3
|
+
declare const hiSecure: HiSecure;
|
|
4
|
+
export { HiSecure, hiSecure, useSecure, secureRoute };
|
|
5
|
+
export default hiSecure;
|
|
6
6
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAE7D,QAAA,MAAM,QAAQ,UAAyB,CAAC;AAExC,OAAO,EACH,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,WAAW,EACd,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,25 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
// // src/index.ts - MAIN ENTRY POINT
|
|
3
|
-
// import { HiSecure } from "./core/HiSecure.js";
|
|
4
|
-
// import { useSecure, secureRoute } from "./core/useSecure.js";
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.secureRoute = exports.HiSecure = void 0;
|
|
7
|
-
// // Export the singleton instance for quick usage
|
|
8
|
-
// const hiSecure = HiSecure.getInstance();
|
|
9
|
-
// // Export everything
|
|
10
|
-
// export {
|
|
11
|
-
// HiSecure, // Class for advanced usage
|
|
12
|
-
// hiSecure, // Singleton instance
|
|
13
|
-
// useSecure, // Legacy function (deprecated)
|
|
14
|
-
// secureRoute // Route-level security helper
|
|
15
|
-
// };
|
|
16
|
-
// // Default export is the singleton instance
|
|
17
|
-
// export default hiSecure;
|
|
18
|
-
// src/index.ts
|
|
3
|
+
exports.secureRoute = exports.useSecure = exports.hiSecure = exports.HiSecure = void 0;
|
|
19
4
|
const HiSecure_js_1 = require("./core/HiSecure.js");
|
|
20
5
|
Object.defineProperty(exports, "HiSecure", { enumerable: true, get: function () { return HiSecure_js_1.HiSecure; } });
|
|
21
|
-
const useSecure_js_1 = require("./core/useSecure.js");
|
|
6
|
+
const useSecure_js_1 = require("./core/useSecure.js");
|
|
7
|
+
Object.defineProperty(exports, "useSecure", { enumerable: true, get: function () { return useSecure_js_1.useSecure; } });
|
|
22
8
|
Object.defineProperty(exports, "secureRoute", { enumerable: true, get: function () { return useSecure_js_1.secureRoute; } });
|
|
23
|
-
|
|
24
|
-
exports.
|
|
9
|
+
const hiSecure = HiSecure_js_1.HiSecure.getInstance();
|
|
10
|
+
exports.hiSecure = hiSecure;
|
|
11
|
+
exports.default = hiSecure;
|
|
25
12
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,oDAA8C;AAM1C,yFANK,sBAAQ,OAML;AALZ,sDAA6D;AAOzD,0FAPK,wBAAS,OAOL;AACT,4FARgB,0BAAW,OAQhB;AANf,MAAM,QAAQ,GAAG,sBAAQ,CAAC,WAAW,EAAE,CAAC;AAIpC,4BAAQ;AAKZ,kBAAe,QAAQ,CAAC","sourcesContent":["import { HiSecure } from \"./core/HiSecure.js\";\r\nimport { useSecure, secureRoute } from \"./core/useSecure.js\";\r\n\r\nconst hiSecure = HiSecure.getInstance();\r\n\r\nexport { \r\n HiSecure, \r\n hiSecure, \r\n useSecure, \r\n secureRoute \r\n};\r\n\r\nexport default hiSecure;\r\n\r\n\r\n\r\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthManager.d.ts","sourceRoot":"","sources":["../../src/managers/AuthManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AuthManager.d.ts","sourceRoot":"","sources":["../../src/managers/AuthManager.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAI1D,MAAM,WAAW,WAAW;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC3B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,qBAAa,WAAW;IACpB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,aAAa,CAAC,CAAgB;gBAE1B,IAAI,EAAE,WAAW;IAsB7B,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE;IAK7E,MAAM,CAAC,KAAK,EAAE,MAAM;IAKd,mBAAmB,CAAC,OAAO,EAAE,MAAM;IAezC,OAAO,CAAC,OAAO,CAAC,EAAE,cAAc,IAIpB,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY;CA4D9D"}
|
|
@@ -1,95 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
// import { JWTAdapter } from "../adapters/JWTAdapter.js";
|
|
3
|
-
// import { GoogleAdapter } from "../adapters/GoggleAdapter.js";
|
|
4
|
-
// import { AdapterError } from "../core/errors/AdapterError.js";
|
|
5
|
-
// import { HttpError } from "../core/errors/HttpErrror.js";
|
|
6
|
-
// import { Request, Response, NextFunction } from "express";
|
|
7
|
-
// import { logError, logWarn, logInfo } from "../logging";
|
|
8
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
3
|
exports.AuthManager = void 0;
|
|
10
|
-
// export interface AuthOptions {
|
|
11
|
-
// jwtSecret: string;
|
|
12
|
-
// jwtExpiresIn?: string | number | undefined;
|
|
13
|
-
// googleClientId?: string | undefined;
|
|
14
|
-
// }
|
|
15
|
-
// export class AuthManager {
|
|
16
|
-
// private jwtAdapter: JWTAdapter;
|
|
17
|
-
// private googleAdapter?: GoogleAdapter;
|
|
18
|
-
// constructor(opts: AuthOptions) {
|
|
19
|
-
// if (!opts.jwtSecret)
|
|
20
|
-
// throw new AdapterError("jwtSecret required in AuthOptions");
|
|
21
|
-
// logInfo("AuthManager initialized");
|
|
22
|
-
// this.jwtAdapter = new JWTAdapter({
|
|
23
|
-
// secret: opts.jwtSecret,
|
|
24
|
-
// expiresIn: opts.jwtExpiresIn ?? undefined,
|
|
25
|
-
// });
|
|
26
|
-
// if (opts.googleClientId) {
|
|
27
|
-
// this.googleAdapter = new GoogleAdapter(opts.googleClientId);
|
|
28
|
-
// logInfo("GoogleAdapter enabled");
|
|
29
|
-
// }
|
|
30
|
-
// }
|
|
31
|
-
// sign(payload: object, options?: { expiresIn?: string | number }) {
|
|
32
|
-
// logInfo("JWT Sign called");
|
|
33
|
-
// return this.jwtAdapter.sign(payload, options);
|
|
34
|
-
// }
|
|
35
|
-
// verify(token: string) {
|
|
36
|
-
// logInfo("JWT Verify called");
|
|
37
|
-
// return this.jwtAdapter.verify(token);
|
|
38
|
-
// }
|
|
39
|
-
// async verifyGoogleIdToken(idToken: string) {
|
|
40
|
-
// if (!this.googleAdapter)
|
|
41
|
-
// throw new AdapterError("GoogleAdapter not configured.");
|
|
42
|
-
// logInfo("Google ID Token verify called");
|
|
43
|
-
// try {
|
|
44
|
-
// return await this.googleAdapter.verifyIdToken(idToken);
|
|
45
|
-
// } catch (err: any) {
|
|
46
|
-
// logError("Google ID Token verification failed", { error: err?.message });
|
|
47
|
-
// throw HttpError.Unauthorized("Invalid Google ID token");
|
|
48
|
-
// }
|
|
49
|
-
// }
|
|
50
|
-
// protect(options?: { required?: boolean }) {
|
|
51
|
-
// const required = options?.required ?? true;
|
|
52
|
-
// return (req: Request, res: Response, next: NextFunction) => {
|
|
53
|
-
// const header = req.headers["authorization"] || req.headers["Authorization"];
|
|
54
|
-
// if (!header) {
|
|
55
|
-
// if (required) {
|
|
56
|
-
// logWarn("Missing Authorization header", {
|
|
57
|
-
// path: req.path,
|
|
58
|
-
// method: req.method
|
|
59
|
-
// });
|
|
60
|
-
// return next(HttpError.Unauthorized("Missing Authorization header"));
|
|
61
|
-
// }
|
|
62
|
-
// return next();
|
|
63
|
-
// }
|
|
64
|
-
// const [type, token] = String(header).split(" ");
|
|
65
|
-
// if (type !== "Bearer" || !token) {
|
|
66
|
-
// logWarn("Invalid Authorization header", {
|
|
67
|
-
// path: req.path,
|
|
68
|
-
// method: req.method
|
|
69
|
-
// });
|
|
70
|
-
// return next(HttpError.Unauthorized("Invalid Authorization header"));
|
|
71
|
-
// }
|
|
72
|
-
// try {
|
|
73
|
-
// const decoded = this.verify(token);
|
|
74
|
-
// (req as any).auth = decoded;
|
|
75
|
-
// return next();
|
|
76
|
-
// } catch (err: any) {
|
|
77
|
-
// logError("JWT verify failed", {
|
|
78
|
-
// error: err?.message,
|
|
79
|
-
// path: req.path,
|
|
80
|
-
// method: req.method
|
|
81
|
-
// });
|
|
82
|
-
// return next(HttpError.Unauthorized("Invalid or expired token"));
|
|
83
|
-
// }
|
|
84
|
-
// };
|
|
85
|
-
// }
|
|
86
|
-
// }
|
|
87
|
-
// src/managers/AuthManager.ts - FIXED
|
|
88
4
|
const JWTAdapter_js_1 = require("../adapters/JWTAdapter.js");
|
|
89
5
|
const GoogleAdapter_js_1 = require("../adapters/GoogleAdapter.js");
|
|
90
6
|
const AdapterError_js_1 = require("../core/errors/AdapterError.js");
|
|
91
7
|
const HttpError_js_1 = require("../core/errors/HttpError.js");
|
|
92
|
-
// import { logError, logWarn, logInfo } from "../logging";
|
|
93
8
|
const logging_1 = require("../logging");
|
|
94
9
|
class AuthManager {
|
|
95
10
|
constructor(opts) {
|
|
@@ -135,11 +50,9 @@ class AuthManager {
|
|
|
135
50
|
const roles = options?.roles;
|
|
136
51
|
return (req, res, next) => {
|
|
137
52
|
const header = req.headers["authorization"];
|
|
138
|
-
// If auth is not required, skip authentication
|
|
139
53
|
if (!required && !header) {
|
|
140
54
|
return next();
|
|
141
55
|
}
|
|
142
|
-
// If auth is required but no header
|
|
143
56
|
if (!header) {
|
|
144
57
|
logging_1.logger.warn("Missing Authorization header", {
|
|
145
58
|
path: req.path,
|
|
@@ -147,7 +60,6 @@ class AuthManager {
|
|
|
147
60
|
});
|
|
148
61
|
return next(HttpError_js_1.HttpError.Unauthorized("Missing Authorization header"));
|
|
149
62
|
}
|
|
150
|
-
// Parse Bearer token
|
|
151
63
|
const [type, token] = String(header).split(" ");
|
|
152
64
|
if (type !== "Bearer" || !token) {
|
|
153
65
|
logging_1.logger.warn("Invalid Authorization header", {
|
|
@@ -161,7 +73,7 @@ class AuthManager {
|
|
|
161
73
|
const decoded = this.verify(token);
|
|
162
74
|
// Attach to request
|
|
163
75
|
req.auth = decoded;
|
|
164
|
-
req.user = decoded;
|
|
76
|
+
req.user = decoded;
|
|
165
77
|
// Role-based authorization
|
|
166
78
|
if (roles && roles.length > 0) {
|
|
167
79
|
const userRole = decoded.role || decoded.roles?.[0];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthManager.js","sourceRoot":"","sources":["../../src/managers/AuthManager.ts"],"names":[],"mappings":";AAAA,0DAA0D;AAC1D,gEAAgE;AAChE,iEAAiE;AACjE,4DAA4D;AAC5D,6DAA6D;AAC7D,2DAA2D;;;AAE3D,iCAAiC;AACjC,yBAAyB;AACzB,kDAAkD;AAClD,2CAA2C;AAC3C,IAAI;AAEJ,6BAA6B;AAC7B,sCAAsC;AACtC,6CAA6C;AAE7C,uCAAuC;AACvC,+BAA+B;AAC/B,2EAA2E;AAE3E,8CAA8C;AAE9C,6CAA6C;AAC7C,sCAAsC;AACtC,yDAAyD;AACzD,cAAc;AAEd,qCAAqC;AACrC,2EAA2E;AAC3E,gDAAgD;AAChD,YAAY;AACZ,QAAQ;AAER,yEAAyE;AACzE,sCAAsC;AACtC,yDAAyD;AACzD,QAAQ;AAER,8BAA8B;AAC9B,wCAAwC;AACxC,gDAAgD;AAChD,QAAQ;AAER,mDAAmD;AACnD,mCAAmC;AACnC,uEAAuE;AAEvE,oDAAoD;AAEpD,gBAAgB;AAChB,sEAAsE;AACtE,+BAA+B;AAC/B,wFAAwF;AACxF,uEAAuE;AACvE,YAAY;AACZ,QAAQ;AAER,kDAAkD;AAClD,sDAAsD;AAEtD,wEAAwE;AACxE,2FAA2F;AAE3F,6BAA6B;AAC7B,kCAAkC;AAClC,gEAAgE;AAChE,0CAA0C;AAC1C,6CAA6C;AAC7C,0BAA0B;AAC1B,2FAA2F;AAC3F,oBAAoB;AACpB,iCAAiC;AACjC,gBAAgB;AAEhB,+DAA+D;AAE/D,iDAAiD;AACjD,4DAA4D;AAC5D,sCAAsC;AACtC,yCAAyC;AACzC,sBAAsB;AACtB,uFAAuF;AACvF,gBAAgB;AAEhB,oBAAoB;AACpB,sDAAsD;AACtD,+CAA+C;AAC/C,iCAAiC;AACjC,mCAAmC;AACnC,kDAAkD;AAClD,2CAA2C;AAC3C,sCAAsC;AACtC,yCAAyC;AACzC,sBAAsB;AACtB,mFAAmF;AACnF,gBAAgB;AAChB,aAAa;AACb,QAAQ;AACR,IAAI;AAIJ,sCAAsC;AACtC,6DAAuD;AACvD,mEAA6D;AAC7D,oEAA8D;AAC9D,8DAAwD;AAExD,2DAA2D;AAC3D,wCAAoC;AAcpC,MAAa,WAAW;IAIpB,YAAY,IAAiB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YAClB,MAAM,IAAI,8BAAY,CAAC,mCAAmC,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC7B,gBAAM,CAAC,IAAI,CAAC,4EAA4E,CAAC,CAAC;QAC9F,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAEvC,IAAI,CAAC,UAAU,GAAG,IAAI,0BAAU,CAAC;YAC7B,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,SAAS,EAAE,IAAI,CAAC,YAAY,IAAI,IAAI;SACvC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,IAAI,CAAC,aAAa,GAAG,IAAI,gCAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAC5D,gBAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACzC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,OAAe,EAAE,OAAuD;QACzE,gBAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,CAAC,KAAa;QAChB,gBAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,OAAe;QACrC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACtB,MAAM,IAAI,8BAAY,CAAC,+BAA+B,CAAC,CAAC;QAC5D,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAE7C,IAAI,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;YAC7E,MAAM,wBAAS,CAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC;QAC5D,CAAC;IACL,CAAC;IAED,OAAO,CAAC,OAAwB;QAC5B,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC;QAC3C,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC;QAE7B,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;YAE5C,+CAA+C;YAC/C,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACvB,OAAO,IAAI,EAAE,CAAC;YAClB,CAAC;YAED,oCAAoC;YACpC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;oBACxC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,8BAA8B,CAAC,CAAC,CAAC;YACxE,CAAC;YAED,qBAAqB;YACrB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC9B,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;oBACxC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,8BAA8B,CAAC,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,CAAC;gBACD,aAAa;gBACb,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAEnC,oBAAoB;gBACnB,GAAW,CAAC,IAAI,GAAG,OAAO,CAAC;gBAC3B,GAAW,CAAC,IAAI,GAAG,OAAO,CAAC,CAAC,iBAAiB;gBAE9C,2BAA2B;gBAC3B,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,MAAM,QAAQ,GAAI,OAAe,CAAC,IAAI,IAAK,OAAe,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;oBACtE,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACzC,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;4BACpC,IAAI,EAAE,GAAG,CAAC,IAAI;4BACd,aAAa,EAAE,KAAK;4BACpB,QAAQ;yBACX,CAAC,CAAC;wBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC,CAAC;oBACjE,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,EAAE,CAAC;YAClB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;oBAC9B,KAAK,EAAE,GAAG,EAAE,OAAO;oBACnB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACpE,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AAlHD,kCAkHC","sourcesContent":["// import { JWTAdapter } from \"../adapters/JWTAdapter.js\";\r\n// import { GoogleAdapter } from \"../adapters/GoggleAdapter.js\";\r\n// import { AdapterError } from \"../core/errors/AdapterError.js\";\r\n// import { HttpError } from \"../core/errors/HttpErrror.js\";\r\n// import { Request, Response, NextFunction } from \"express\";\r\n// import { logError, logWarn, logInfo } from \"../logging\";\r\n\r\n// export interface AuthOptions {\r\n// jwtSecret: string;\r\n// jwtExpiresIn?: string | number | undefined;\r\n// googleClientId?: string | undefined;\r\n// }\r\n\r\n// export class AuthManager {\r\n// private jwtAdapter: JWTAdapter;\r\n// private googleAdapter?: GoogleAdapter;\r\n\r\n// constructor(opts: AuthOptions) {\r\n// if (!opts.jwtSecret)\r\n// throw new AdapterError(\"jwtSecret required in AuthOptions\");\r\n\r\n// logInfo(\"AuthManager initialized\");\r\n\r\n// this.jwtAdapter = new JWTAdapter({\r\n// secret: opts.jwtSecret,\r\n// expiresIn: opts.jwtExpiresIn ?? undefined,\r\n// });\r\n\r\n// if (opts.googleClientId) {\r\n// this.googleAdapter = new GoogleAdapter(opts.googleClientId);\r\n// logInfo(\"GoogleAdapter enabled\");\r\n// }\r\n// }\r\n\r\n// sign(payload: object, options?: { expiresIn?: string | number }) {\r\n// logInfo(\"JWT Sign called\");\r\n// return this.jwtAdapter.sign(payload, options);\r\n// }\r\n\r\n// verify(token: string) {\r\n// logInfo(\"JWT Verify called\");\r\n// return this.jwtAdapter.verify(token);\r\n// }\r\n\r\n// async verifyGoogleIdToken(idToken: string) {\r\n// if (!this.googleAdapter)\r\n// throw new AdapterError(\"GoogleAdapter not configured.\");\r\n\r\n// logInfo(\"Google ID Token verify called\");\r\n\r\n// try {\r\n// return await this.googleAdapter.verifyIdToken(idToken);\r\n// } catch (err: any) {\r\n// logError(\"Google ID Token verification failed\", { error: err?.message });\r\n// throw HttpError.Unauthorized(\"Invalid Google ID token\");\r\n// }\r\n// }\r\n\r\n// protect(options?: { required?: boolean }) {\r\n// const required = options?.required ?? true;\r\n\r\n// return (req: Request, res: Response, next: NextFunction) => {\r\n// const header = req.headers[\"authorization\"] || req.headers[\"Authorization\"];\r\n\r\n// if (!header) {\r\n// if (required) {\r\n// logWarn(\"Missing Authorization header\", {\r\n// path: req.path,\r\n// method: req.method\r\n// });\r\n// return next(HttpError.Unauthorized(\"Missing Authorization header\"));\r\n// }\r\n// return next();\r\n// }\r\n\r\n// const [type, token] = String(header).split(\" \");\r\n\r\n// if (type !== \"Bearer\" || !token) {\r\n// logWarn(\"Invalid Authorization header\", {\r\n// path: req.path,\r\n// method: req.method\r\n// });\r\n// return next(HttpError.Unauthorized(\"Invalid Authorization header\"));\r\n// }\r\n\r\n// try {\r\n// const decoded = this.verify(token);\r\n// (req as any).auth = decoded;\r\n// return next();\r\n// } catch (err: any) {\r\n// logError(\"JWT verify failed\", {\r\n// error: err?.message,\r\n// path: req.path,\r\n// method: req.method\r\n// });\r\n// return next(HttpError.Unauthorized(\"Invalid or expired token\"));\r\n// }\r\n// };\r\n// }\r\n// }\r\n\r\n\r\n\r\n// src/managers/AuthManager.ts - FIXED\r\nimport { JWTAdapter } from \"../adapters/JWTAdapter.js\";\r\nimport { GoogleAdapter } from \"../adapters/GoogleAdapter.js\";\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { HttpError } from \"../core/errors/HttpError.js\";\r\nimport { Request, Response, NextFunction } from \"express\";\r\n// import { logError, logWarn, logInfo } from \"../logging\";\r\nimport { logger } from \"../logging\";\r\n\r\n\r\nexport interface AuthOptions {\r\n jwtSecret: string;\r\n jwtExpiresIn?: string | number;\r\n googleClientId?: string;\r\n}\r\n\r\nexport interface ProtectOptions {\r\n required?: boolean;\r\n roles?: string[];\r\n}\r\n\r\nexport class AuthManager {\r\n private jwtAdapter: JWTAdapter;\r\n private googleAdapter?: GoogleAdapter;\r\n\r\n constructor(opts: AuthOptions) {\r\n if (!opts.jwtSecret) {\r\n throw new AdapterError(\"jwtSecret required in AuthOptions\");\r\n }\r\n\r\n if (opts.jwtSecret.length < 32) {\r\n logger.warn(\"⚠ JWT secret is less than 32 characters - consider using a stronger secret\");\r\n }\r\n\r\n logger.info(\"AuthManager initialized\");\r\n\r\n this.jwtAdapter = new JWTAdapter({\r\n secret: opts.jwtSecret,\r\n expiresIn: opts.jwtExpiresIn ?? \"1d\",\r\n });\r\n\r\n if (opts.googleClientId) {\r\n this.googleAdapter = new GoogleAdapter(opts.googleClientId);\r\n logger.info(\"GoogleAdapter enabled\");\r\n }\r\n }\r\n\r\n sign(payload: object, options?: { expiresIn?: string | number, jti?: string }) {\r\n logger.info(\"JWT Sign called\");\r\n return this.jwtAdapter.sign(payload, options);\r\n }\r\n\r\n verify(token: string) {\r\n logger.info(\"JWT Verify called\");\r\n return this.jwtAdapter.verify(token);\r\n }\r\n\r\n async verifyGoogleIdToken(idToken: string) {\r\n if (!this.googleAdapter) {\r\n throw new AdapterError(\"GoogleAdapter not configured.\");\r\n }\r\n\r\n logger.info(\"Google ID Token verify called\");\r\n\r\n try {\r\n return await this.googleAdapter.verifyIdToken(idToken);\r\n } catch (err: any) {\r\n logger.error(\"Google ID Token verification failed\", { error: err?.message });\r\n throw HttpError.Unauthorized(\"Invalid Google ID token\");\r\n }\r\n }\r\n\r\n protect(options?: ProtectOptions) {\r\n const required = options?.required ?? true;\r\n const roles = options?.roles;\r\n\r\n return (req: Request, res: Response, next: NextFunction) => {\r\n const header = req.headers[\"authorization\"];\r\n\r\n // If auth is not required, skip authentication\r\n if (!required && !header) {\r\n return next();\r\n }\r\n\r\n // If auth is required but no header\r\n if (!header) {\r\n logger.warn(\"Missing Authorization header\", {\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Missing Authorization header\"));\r\n }\r\n\r\n // Parse Bearer token\r\n const [type, token] = String(header).split(\" \");\r\n if (type !== \"Bearer\" || !token) {\r\n logger.warn(\"Invalid Authorization header\", {\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Invalid Authorization header\"));\r\n }\r\n\r\n try {\r\n // Verify JWT\r\n const decoded = this.verify(token);\r\n \r\n // Attach to request\r\n (req as any).auth = decoded;\r\n (req as any).user = decoded; // Common pattern\r\n \r\n // Role-based authorization\r\n if (roles && roles.length > 0) {\r\n const userRole = (decoded as any).role || (decoded as any).roles?.[0];\r\n if (!userRole || !roles.includes(userRole)) {\r\n logger.warn(\"Insufficient permissions\", {\r\n path: req.path,\r\n requiredRoles: roles,\r\n userRole\r\n });\r\n return next(HttpError.Forbidden(\"Insufficient permissions\"));\r\n }\r\n }\r\n \r\n return next();\r\n } catch (err: any) {\r\n logger.error(\"JWT verify failed\", {\r\n error: err?.message,\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Invalid or expired token\"));\r\n }\r\n };\r\n }\r\n}"]}
|
|
1
|
+
{"version":3,"file":"AuthManager.js","sourceRoot":"","sources":["../../src/managers/AuthManager.ts"],"names":[],"mappings":";;;AAAA,6DAAuD;AACvD,mEAA6D;AAC7D,oEAA8D;AAC9D,8DAAwD;AAExD,wCAAoC;AAcpC,MAAa,WAAW;IAIpB,YAAY,IAAiB;QACzB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YAClB,MAAM,IAAI,8BAAY,CAAC,mCAAmC,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC7B,gBAAM,CAAC,IAAI,CAAC,4EAA4E,CAAC,CAAC;QAC9F,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAEvC,IAAI,CAAC,UAAU,GAAG,IAAI,0BAAU,CAAC;YAC7B,MAAM,EAAE,IAAI,CAAC,SAAS;YACtB,SAAS,EAAE,IAAI,CAAC,YAAY,IAAI,IAAI;SACvC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,IAAI,CAAC,aAAa,GAAG,IAAI,gCAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAC5D,gBAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACzC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,OAAe,EAAE,OAAuD;QACzE,gBAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,CAAC,KAAa;QAChB,gBAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,OAAe;QACrC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACtB,MAAM,IAAI,8BAAY,CAAC,+BAA+B,CAAC,CAAC;QAC5D,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAE7C,IAAI,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;YAC7E,MAAM,wBAAS,CAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC;QAC5D,CAAC;IACL,CAAC;IAED,OAAO,CAAC,OAAwB;QAC5B,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC;QAC3C,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC;QAE7B,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;YAG5C,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACvB,OAAO,IAAI,EAAE,CAAC;YAClB,CAAC;YAGD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACV,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;oBACxC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,8BAA8B,CAAC,CAAC,CAAC;YACxE,CAAC;YAGD,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC9B,gBAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;oBACxC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,8BAA8B,CAAC,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,CAAC;gBAED,aAAa;gBACb,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAEnC,oBAAoB;gBACnB,GAAW,CAAC,IAAI,GAAG,OAAO,CAAC;gBAC3B,GAAW,CAAC,IAAI,GAAG,OAAO,CAAC;gBAE5B,2BAA2B;gBAC3B,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,MAAM,QAAQ,GAAI,OAAe,CAAC,IAAI,IAAK,OAAe,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;oBACtE,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACzC,gBAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE;4BACpC,IAAI,EAAE,GAAG,CAAC,IAAI;4BACd,aAAa,EAAE,KAAK;4BACpB,QAAQ;yBACX,CAAC,CAAC;wBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC,CAAC;oBACjE,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,EAAE,CAAC;YAClB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,gBAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;oBAC9B,KAAK,EAAE,GAAG,EAAE,OAAO;oBACnB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBACrB,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC,wBAAS,CAAC,YAAY,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACpE,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AAnHD,kCAmHC","sourcesContent":["import { JWTAdapter } from \"../adapters/JWTAdapter.js\";\r\nimport { GoogleAdapter } from \"../adapters/GoogleAdapter.js\";\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { HttpError } from \"../core/errors/HttpError.js\";\r\nimport { Request, Response, NextFunction } from \"express\";\r\nimport { logger } from \"../logging\";\r\n\r\n\r\nexport interface AuthOptions {\r\n jwtSecret: string;\r\n jwtExpiresIn?: string | number;\r\n googleClientId?: string;\r\n}\r\n\r\nexport interface ProtectOptions {\r\n required?: boolean;\r\n roles?: string[];\r\n}\r\n\r\nexport class AuthManager {\r\n private jwtAdapter: JWTAdapter;\r\n private googleAdapter?: GoogleAdapter;\r\n\r\n constructor(opts: AuthOptions) {\r\n if (!opts.jwtSecret) {\r\n throw new AdapterError(\"jwtSecret required in AuthOptions\");\r\n }\r\n\r\n if (opts.jwtSecret.length < 32) {\r\n logger.warn(\"⚠ JWT secret is less than 32 characters - consider using a stronger secret\");\r\n }\r\n\r\n logger.info(\"AuthManager initialized\");\r\n\r\n this.jwtAdapter = new JWTAdapter({\r\n secret: opts.jwtSecret,\r\n expiresIn: opts.jwtExpiresIn ?? \"1d\",\r\n });\r\n\r\n if (opts.googleClientId) {\r\n this.googleAdapter = new GoogleAdapter(opts.googleClientId);\r\n logger.info(\"GoogleAdapter enabled\");\r\n }\r\n }\r\n\r\n sign(payload: object, options?: { expiresIn?: string | number, jti?: string }) {\r\n logger.info(\"JWT Sign called\");\r\n return this.jwtAdapter.sign(payload, options);\r\n }\r\n\r\n verify(token: string) {\r\n logger.info(\"JWT Verify called\");\r\n return this.jwtAdapter.verify(token);\r\n }\r\n\r\n async verifyGoogleIdToken(idToken: string) {\r\n if (!this.googleAdapter) {\r\n throw new AdapterError(\"GoogleAdapter not configured.\");\r\n }\r\n\r\n logger.info(\"Google ID Token verify called\");\r\n\r\n try {\r\n return await this.googleAdapter.verifyIdToken(idToken);\r\n } catch (err: any) {\r\n logger.error(\"Google ID Token verification failed\", { error: err?.message });\r\n throw HttpError.Unauthorized(\"Invalid Google ID token\");\r\n }\r\n }\r\n\r\n protect(options?: ProtectOptions) {\r\n const required = options?.required ?? true;\r\n const roles = options?.roles;\r\n\r\n return (req: Request, res: Response, next: NextFunction) => {\r\n const header = req.headers[\"authorization\"];\r\n\r\n \r\n if (!required && !header) {\r\n return next();\r\n }\r\n\r\n \r\n if (!header) {\r\n logger.warn(\"Missing Authorization header\", {\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Missing Authorization header\"));\r\n }\r\n\r\n \r\n const [type, token] = String(header).split(\" \");\r\n if (type !== \"Bearer\" || !token) {\r\n logger.warn(\"Invalid Authorization header\", {\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Invalid Authorization header\"));\r\n }\r\n\r\n try {\r\n\r\n // Verify JWT\r\n const decoded = this.verify(token);\r\n \r\n // Attach to request\r\n (req as any).auth = decoded;\r\n (req as any).user = decoded; \r\n \r\n // Role-based authorization\r\n if (roles && roles.length > 0) {\r\n const userRole = (decoded as any).role || (decoded as any).roles?.[0];\r\n if (!userRole || !roles.includes(userRole)) {\r\n logger.warn(\"Insufficient permissions\", {\r\n path: req.path,\r\n requiredRoles: roles,\r\n userRole\r\n });\r\n return next(HttpError.Forbidden(\"Insufficient permissions\"));\r\n }\r\n }\r\n \r\n return next();\r\n } catch (err: any) {\r\n logger.error(\"JWT verify failed\", {\r\n error: err?.message,\r\n path: req.path,\r\n method: req.method\r\n });\r\n return next(HttpError.Unauthorized(\"Invalid or expired token\"));\r\n }\r\n };\r\n }\r\n}"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CorsManager.d.ts","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"CorsManager.d.ts","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB,qBAAa,WAAW;IAEpB,UAAU,CAAC,OAAO,CAAC,EAAE,GAAG;kBA2B6O,CAAC;;;iBAAmH,CAAC;CAA7X"}
|
|
@@ -1,27 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
// import cors from "cors";
|
|
3
|
-
// import { logger } from "../logging";
|
|
4
|
-
// import { AdapterError } from "../core/errors/AdapterError.js";
|
|
5
2
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
6
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
7
4
|
};
|
|
8
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
6
|
exports.CorsManager = void 0;
|
|
10
|
-
// export class CorsManager {
|
|
11
|
-
// middleware(options?: any) {
|
|
12
|
-
// try {
|
|
13
|
-
// // options = undefined → use default CORS
|
|
14
|
-
// return options ? cors(options) : cors();
|
|
15
|
-
// } catch (err: any) {
|
|
16
|
-
// logger.error("❌ CORS Manager: failed to create CORS middleware", {
|
|
17
|
-
// error: err?.message || err,
|
|
18
|
-
// options
|
|
19
|
-
// });
|
|
20
|
-
// throw new AdapterError("CORS middleware initialization failed.");
|
|
21
|
-
// }
|
|
22
|
-
// }
|
|
23
|
-
// }
|
|
24
|
-
// src/managers/CorsManager.ts - IMPROVED
|
|
25
7
|
const cors_1 = __importDefault(require("cors"));
|
|
26
8
|
const logging_1 = require("../logging");
|
|
27
9
|
const AdapterError_js_1 = require("../core/errors/AdapterError.js");
|
|
@@ -33,7 +15,7 @@ class CorsManager {
|
|
|
33
15
|
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
|
|
34
16
|
allowedHeaders: ['Content-Type', 'Authorization'],
|
|
35
17
|
credentials: false,
|
|
36
|
-
maxAge: 86400
|
|
18
|
+
maxAge: 86400
|
|
37
19
|
};
|
|
38
20
|
const finalOptions = options ? { ...defaultOptions, ...options } : defaultOptions;
|
|
39
21
|
logging_1.logger.debug("🔧 CORS configured", {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CorsManager.js","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"CorsManager.js","sourceRoot":"","sources":["../../src/managers/CorsManager.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,wCAAoC;AACpC,oEAA8D;AAE9D,MAAa,WAAW;IAEpB,UAAU,CAAC,OAAa;QACpB,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;gBAC7D,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,CAAC;gBACjD,WAAW,EAAE,KAAK;gBAClB,MAAM,EAAE,KAAK;aAChB,CAAC;YAEF,MAAM,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;YAElF,gBAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE;gBAC/B,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,OAAO,EAAE,YAAY,CAAC,OAAO;aAChC,CAAC,CAAC;YAEH,OAAO,IAAA,cAAI,EAAC,YAAY,CAAC,CAAC;QAE9B,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,gBAAM,CAAC,KAAK,CAAC,kDAAkD,EAAE;gBAC7D,KAAK,EAAE,GAAG,EAAE,OAAO,IAAI,GAAG;gBAC1B,OAAO;aACV,CAAC,CAAC;YACH,MAAM,IAAI,8BAAY,CAAC,wCAAwC,CAAC,CAAC;QACrE,CAAC;IACL,CAAC;CACJ;AA7BD,kCA6BC","sourcesContent":["import cors from \"cors\";\r\nimport { logger } from \"../logging\";\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\n\r\nexport class CorsManager {\r\n \r\n middleware(options?: any) {\r\n try {\r\n const defaultOptions = {\r\n origin: '*',\r\n methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],\r\n allowedHeaders: ['Content-Type', 'Authorization'],\r\n credentials: false,\r\n maxAge: 86400\r\n };\r\n \r\n const finalOptions = options ? { ...defaultOptions, ...options } : defaultOptions;\r\n \r\n logger.debug(\"🔧 CORS configured\", {\r\n origin: finalOptions.origin,\r\n methods: finalOptions.methods\r\n });\r\n \r\n return cors(finalOptions);\r\n \r\n } catch (err: any) {\r\n logger.error(\"❌ CORS Manager: failed to create CORS middleware\", {\r\n error: err?.message || err,\r\n options\r\n });\r\n throw new AdapterError(\"CORS middleware initialization failed.\");\r\n }\r\n }\r\n}"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HashManager.d.ts","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"HashManager.d.ts","sourceRoot":"","sources":["../../src/managers/HashManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAGjE,UAAU,WAAW;IACjB,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC3D;AAED,MAAM,WAAW,UAAU;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;CACzB;AAED,qBAAa,WAAW;IACpB,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,cAAc,CAAc;IACpC,OAAO,CAAC,eAAe,CAAqB;gBAGxC,MAAM,EAAE,cAAc,CAAC,SAAS,CAAC,EACjC,cAAc,EAAE,WAAW,EAC3B,eAAe,EAAE,WAAW,GAAG,IAAI;IAOjC,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,UAAU,CAAC;IA6C/E,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CA4BhE"}
|