ts-packages 2.0.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/packages/cache/README.md +105 -9
- package/packages/cache/dist/cjs/adapters/memcache/MemcacheCache.d.ts +1 -54
- package/packages/cache/dist/cjs/adapters/memcache/MemcacheCache.js +75 -281
- package/packages/cache/dist/cjs/adapters/memory/MemoryCache.js +76 -22
- package/packages/cache/dist/cjs/adapters/redis/RedisCache.js +84 -26
- package/packages/cache/dist/cjs/core/BaseCache.js +13 -4
- package/packages/cache/dist/cjs/core/factory.js +26 -4
- package/packages/cache/dist/cjs/errors/CacheError.d.ts +10 -7
- package/packages/cache/dist/cjs/errors/CacheError.js +6 -11
- package/packages/cache/dist/cjs/errors/cacheErrorCodes.d.ts +22 -0
- package/packages/cache/dist/cjs/errors/cacheErrorCodes.js +24 -0
- package/packages/cache/dist/cjs/errors/index.js +3 -0
- package/packages/cache/dist/cjs/middleware/express/cacheMiddleware.js +8 -8
- package/packages/cache/dist/cjs/session/SessionStore.js +84 -28
- package/packages/cache/dist/esm/adapters/memcache/MemcacheCache.d.ts +1 -54
- package/packages/cache/dist/esm/adapters/memcache/MemcacheCache.js +75 -281
- package/packages/cache/dist/esm/adapters/memory/MemoryCache.js +76 -22
- package/packages/cache/dist/esm/adapters/redis/RedisCache.js +84 -26
- package/packages/cache/dist/esm/core/BaseCache.js +13 -4
- package/packages/cache/dist/esm/core/factory.js +26 -4
- package/packages/cache/dist/esm/errors/CacheError.d.ts +10 -7
- package/packages/cache/dist/esm/errors/CacheError.js +6 -11
- package/packages/cache/dist/esm/errors/cacheErrorCodes.d.ts +22 -0
- package/packages/cache/dist/esm/errors/cacheErrorCodes.js +21 -0
- package/packages/cache/dist/esm/errors/index.js +3 -0
- package/packages/cache/dist/esm/middleware/express/cacheMiddleware.js +8 -8
- package/packages/cache/dist/esm/session/SessionStore.js +84 -28
- package/packages/cache/dist/types/adapters/memcache/MemcacheCache.d.ts +1 -54
- package/packages/cache/dist/types/errors/CacheError.d.ts +10 -7
- package/packages/cache/dist/types/errors/cacheErrorCodes.d.ts +22 -0
- package/packages/cache/package.json +8 -6
- package/packages/cache/src/adapters/memcache/MemcacheCache.ts +79 -352
- package/packages/cache/src/adapters/memory/MemoryCache.ts +76 -77
- package/packages/cache/src/adapters/redis/RedisCache.ts +84 -86
- package/packages/cache/src/core/BaseCache.ts +13 -14
- package/packages/cache/src/core/factory.ts +27 -16
- package/packages/cache/src/errors/CacheError.ts +16 -17
- package/packages/cache/src/errors/cacheErrorCodes.ts +24 -0
- package/packages/cache/src/errors/index.ts +5 -0
- package/packages/cache/src/middleware/express/cacheMiddleware.ts +8 -8
- package/packages/cache/src/session/SessionStore.ts +84 -84
- package/packages/errors-utils/README.md +54 -57
- package/packages/errors-utils/dist/cjs/constants/errorCodes.d.ts +28 -23
- package/packages/errors-utils/dist/cjs/constants/errorCodes.js +57 -22
- package/packages/errors-utils/dist/cjs/constants/errorMessages.d.ts +8 -1
- package/packages/errors-utils/dist/cjs/constants/errorMessages.js +72 -29
- package/packages/errors-utils/dist/cjs/error/AppError.d.ts +2 -2
- package/packages/errors-utils/dist/cjs/error/AppError.js +2 -2
- package/packages/errors-utils/dist/cjs/error/ServiceUnavailableError.d.ts +4 -0
- package/packages/errors-utils/dist/cjs/error/ServiceUnavailableError.js +11 -0
- package/packages/errors-utils/dist/cjs/error/TokenExpiredError.d.ts +2 -2
- package/packages/errors-utils/dist/cjs/error/TokenExpiredError.js +2 -2
- package/packages/errors-utils/dist/cjs/error/TokenMalformedError.d.ts +2 -2
- package/packages/errors-utils/dist/cjs/error/TokenMalformedError.js +2 -2
- package/packages/errors-utils/dist/cjs/error/UnauthorizedError.d.ts +1 -2
- package/packages/errors-utils/dist/cjs/error/UnauthorizedError.js +2 -2
- package/packages/errors-utils/dist/cjs/error/index.d.ts +14 -0
- package/packages/errors-utils/dist/cjs/error/index.js +39 -0
- package/packages/errors-utils/dist/cjs/errorRegistry/errorRegistry.d.ts +19 -0
- package/packages/errors-utils/dist/cjs/errorRegistry/errorRegistry.js +63 -0
- package/packages/errors-utils/dist/cjs/errorRegistry/index.d.ts +3 -0
- package/packages/errors-utils/dist/cjs/errorRegistry/index.js +6 -0
- package/packages/errors-utils/dist/cjs/index.d.ts +3 -9
- package/packages/errors-utils/dist/cjs/index.js +12 -9
- package/packages/errors-utils/dist/cjs/middleware/express/{errorHandler.js → errorHandler.middleware.js} +4 -4
- package/packages/errors-utils/dist/cjs/middleware/express/index.d.ts +2 -2
- package/packages/errors-utils/dist/cjs/middleware/express/index.js +2 -2
- package/packages/errors-utils/dist/esm/constants/errorCodes.d.ts +28 -23
- package/packages/errors-utils/dist/esm/constants/errorCodes.js +57 -22
- package/packages/errors-utils/dist/esm/constants/errorMessages.d.ts +8 -1
- package/packages/errors-utils/dist/esm/constants/errorMessages.js +72 -29
- package/packages/errors-utils/dist/esm/error/AppError.d.ts +2 -2
- package/packages/errors-utils/dist/esm/error/AppError.js +2 -2
- package/packages/errors-utils/dist/esm/error/ServiceUnavailableError.d.ts +4 -0
- package/packages/errors-utils/dist/esm/error/ServiceUnavailableError.js +7 -0
- package/packages/errors-utils/dist/esm/error/TokenExpiredError.d.ts +2 -2
- package/packages/errors-utils/dist/esm/error/TokenExpiredError.js +2 -2
- package/packages/errors-utils/dist/esm/error/TokenMalformedError.d.ts +2 -2
- package/packages/errors-utils/dist/esm/error/TokenMalformedError.js +2 -2
- package/packages/errors-utils/dist/esm/error/UnauthorizedError.d.ts +1 -2
- package/packages/errors-utils/dist/esm/error/UnauthorizedError.js +2 -2
- package/packages/errors-utils/dist/esm/error/index.d.ts +14 -0
- package/packages/errors-utils/dist/esm/error/index.js +23 -0
- package/packages/errors-utils/dist/esm/errorRegistry/errorRegistry.d.ts +19 -0
- package/packages/errors-utils/dist/esm/errorRegistry/errorRegistry.js +59 -0
- package/packages/errors-utils/dist/esm/errorRegistry/index.d.ts +3 -0
- package/packages/errors-utils/dist/esm/errorRegistry/index.js +3 -0
- package/packages/errors-utils/dist/esm/index.d.ts +3 -9
- package/packages/errors-utils/dist/esm/index.js +12 -9
- package/packages/errors-utils/dist/esm/middleware/express/{errorHandler.js → errorHandler.middleware.js} +5 -5
- package/packages/errors-utils/dist/esm/middleware/express/index.d.ts +2 -2
- package/packages/errors-utils/dist/esm/middleware/express/index.js +2 -2
- package/packages/errors-utils/dist/types/constants/errorCodes.d.ts +28 -23
- package/packages/errors-utils/dist/types/constants/errorMessages.d.ts +8 -1
- package/packages/errors-utils/dist/types/error/AppError.d.ts +2 -2
- package/packages/errors-utils/dist/types/error/ServiceUnavailableError.d.ts +4 -0
- package/packages/errors-utils/dist/types/error/TokenExpiredError.d.ts +2 -2
- package/packages/errors-utils/dist/types/error/TokenMalformedError.d.ts +2 -2
- package/packages/errors-utils/dist/types/error/UnauthorizedError.d.ts +1 -2
- package/packages/errors-utils/dist/types/error/index.d.ts +14 -0
- package/packages/errors-utils/dist/types/errorRegistry/errorRegistry.d.ts +19 -0
- package/packages/errors-utils/dist/types/errorRegistry/index.d.ts +3 -0
- package/packages/errors-utils/dist/types/index.d.ts +3 -9
- package/packages/errors-utils/dist/types/middleware/express/index.d.ts +2 -2
- package/packages/errors-utils/package.json +4 -4
- package/packages/errors-utils/src/constants/errorCodes.ts +64 -23
- package/packages/errors-utils/src/constants/errorMessages.ts +91 -34
- package/packages/errors-utils/src/error/AppError.ts +3 -2
- package/packages/errors-utils/src/error/ServiceUnavailableError.ts +8 -0
- package/packages/errors-utils/src/error/TokenExpiredError.ts +2 -2
- package/packages/errors-utils/src/error/TokenMalformedError.ts +2 -2
- package/packages/errors-utils/src/error/UnauthorizedError.ts +8 -8
- package/packages/errors-utils/src/error/index.ts +26 -0
- package/packages/errors-utils/src/errorRegistry/errorRegistry.ts +74 -0
- package/packages/errors-utils/src/errorRegistry/index.ts +4 -0
- package/packages/errors-utils/src/index.ts +12 -10
- package/packages/errors-utils/src/middleware/express/{errorHandler.ts → errorHandler.middleware.ts} +5 -5
- package/packages/errors-utils/src/middleware/express/index.ts +2 -2
- package/packages/js-extensions/README.md +174 -425
- package/packages/js-extensions/dist/cjs/array/array-extensions.js +84 -50
- package/packages/js-extensions/dist/cjs/core/performance.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/core/performance.js +6 -0
- package/packages/js-extensions/dist/cjs/core/version.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/core/version.js +9 -0
- package/packages/js-extensions/dist/cjs/index.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/index.js +1 -0
- package/packages/js-extensions/dist/cjs/number/number-extensions.js +85 -97
- package/packages/js-extensions/dist/cjs/object/object-extensions.js +102 -103
- package/packages/js-extensions/dist/cjs/string/string-extensions.js +66 -43
- package/packages/js-extensions/dist/cjs/types/global-augmentations.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/utils/defineExtension.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/utils/defineExtension.js +13 -0
- package/packages/js-extensions/dist/cjs/utils/index.d.ts +1 -0
- package/packages/js-extensions/dist/cjs/utils/index.js +1 -0
- package/packages/js-extensions/dist/esm/array/array-extensions.js +84 -50
- package/packages/js-extensions/dist/esm/core/performance.d.ts +1 -0
- package/packages/js-extensions/dist/esm/core/performance.js +5 -0
- package/packages/js-extensions/dist/esm/core/version.d.ts +1 -0
- package/packages/js-extensions/dist/esm/core/version.js +5 -0
- package/packages/js-extensions/dist/esm/index.d.ts +1 -0
- package/packages/js-extensions/dist/esm/index.js +1 -0
- package/packages/js-extensions/dist/esm/number/number-extensions.js +86 -98
- package/packages/js-extensions/dist/esm/object/object-extensions.js +102 -103
- package/packages/js-extensions/dist/esm/string/string-extensions.js +66 -43
- package/packages/js-extensions/dist/esm/types/global-augmentations.d.ts +1 -0
- package/packages/js-extensions/dist/esm/utils/defineExtension.d.ts +1 -0
- package/packages/js-extensions/dist/esm/utils/defineExtension.js +10 -0
- package/packages/js-extensions/dist/esm/utils/index.d.ts +1 -0
- package/packages/js-extensions/dist/esm/utils/index.js +1 -0
- package/packages/js-extensions/dist/types/core/performance.d.ts +1 -0
- package/packages/js-extensions/dist/types/core/version.d.ts +1 -0
- package/packages/js-extensions/dist/types/index.d.ts +1 -0
- package/packages/js-extensions/dist/types/types/global-augmentations.d.ts +1 -0
- package/packages/js-extensions/dist/types/utils/defineExtension.d.ts +1 -0
- package/packages/js-extensions/dist/types/utils/index.d.ts +1 -0
- package/packages/js-extensions/package.json +8 -4
- package/packages/js-extensions/src/array/array-extensions.ts +268 -150
- package/packages/js-extensions/src/core/performance.ts +11 -0
- package/packages/js-extensions/src/core/version.ts +7 -0
- package/packages/js-extensions/src/index.ts +2 -0
- package/packages/js-extensions/src/number/number-extensions.ts +90 -123
- package/packages/js-extensions/src/object/object-extensions.ts +102 -130
- package/packages/js-extensions/src/string/string-extensions.ts +80 -76
- package/packages/js-extensions/src/types/global-augmentations.ts +2 -1
- package/packages/js-extensions/src/utils/defineExtension.ts +14 -0
- package/packages/js-extensions/src/utils/index.ts +1 -0
- package/packages/response-utils/README.md +156 -198
- package/packages/response-utils/dist/cjs/core/BaseResponder.js +20 -4
- package/packages/response-utils/dist/cjs/index.d.ts +0 -1
- package/packages/response-utils/dist/cjs/index.js +1 -25
- package/packages/response-utils/dist/esm/core/BaseResponder.js +20 -4
- package/packages/response-utils/dist/esm/index.d.ts +0 -1
- package/packages/response-utils/dist/esm/index.js +0 -2
- package/packages/response-utils/dist/types/index.d.ts +0 -1
- package/packages/response-utils/package.json +1 -1
- package/packages/response-utils/src/core/BaseResponder.ts +25 -4
- package/packages/response-utils/src/index.ts +0 -3
- package/packages/response-utils/src/middleware/express/expressMiddleware.ts +1 -1
- package/packages/security/README.md +153 -355
- package/packages/security/dist/cjs/core/crypto/cryptoManager.js +34 -17
- package/packages/security/dist/cjs/core/jwt/decode.js +4 -1
- package/packages/security/dist/cjs/core/jwt/generateTokens.js +4 -1
- package/packages/security/dist/cjs/core/jwt/jwtManager.d.ts +19 -43
- package/packages/security/dist/cjs/core/jwt/jwtManager.js +84 -199
- package/packages/security/dist/cjs/core/jwt/parseDuration.js +3 -2
- package/packages/security/dist/cjs/core/jwt/signToken.js +2 -1
- package/packages/security/dist/cjs/core/jwt/validateToken.d.ts +10 -7
- package/packages/security/dist/cjs/core/jwt/validateToken.js +19 -10
- package/packages/security/dist/cjs/core/jwt/verify.d.ts +8 -9
- package/packages/security/dist/cjs/core/jwt/verify.js +59 -14
- package/packages/security/dist/cjs/core/password/hash.js +4 -4
- package/packages/security/dist/cjs/core/password/passwordManager.d.ts +1 -1
- package/packages/security/dist/cjs/core/password/passwordManager.js +36 -80
- package/packages/security/dist/cjs/core/password/strength.js +12 -6
- package/packages/security/dist/cjs/core/password/utils.d.ts +12 -0
- package/packages/security/dist/cjs/core/password/utils.js +16 -1
- package/packages/security/dist/cjs/core/password/verify.js +4 -4
- package/packages/security/dist/cjs/index.d.ts +2 -7
- package/packages/security/dist/esm/core/crypto/cryptoManager.js +34 -17
- package/packages/security/dist/esm/core/jwt/decode.js +4 -1
- package/packages/security/dist/esm/core/jwt/generateTokens.js +4 -1
- package/packages/security/dist/esm/core/jwt/jwtManager.d.ts +19 -43
- package/packages/security/dist/esm/core/jwt/jwtManager.js +85 -200
- package/packages/security/dist/esm/core/jwt/parseDuration.js +3 -2
- package/packages/security/dist/esm/core/jwt/signToken.js +2 -1
- package/packages/security/dist/esm/core/jwt/validateToken.d.ts +10 -7
- package/packages/security/dist/esm/core/jwt/validateToken.js +19 -10
- package/packages/security/dist/esm/core/jwt/verify.d.ts +8 -9
- package/packages/security/dist/esm/core/jwt/verify.js +58 -13
- package/packages/security/dist/esm/core/password/hash.js +4 -4
- package/packages/security/dist/esm/core/password/passwordManager.d.ts +1 -1
- package/packages/security/dist/esm/core/password/passwordManager.js +36 -80
- package/packages/security/dist/esm/core/password/strength.js +12 -6
- package/packages/security/dist/esm/core/password/utils.d.ts +12 -0
- package/packages/security/dist/esm/core/password/utils.js +16 -1
- package/packages/security/dist/esm/core/password/verify.js +4 -4
- package/packages/security/dist/esm/index.d.ts +2 -7
- package/packages/security/dist/types/core/jwt/jwtManager.d.ts +19 -43
- package/packages/security/dist/types/core/jwt/validateToken.d.ts +10 -7
- package/packages/security/dist/types/core/jwt/verify.d.ts +8 -9
- package/packages/security/dist/types/core/password/passwordManager.d.ts +1 -1
- package/packages/security/dist/types/core/password/utils.d.ts +12 -0
- package/packages/security/dist/types/index.d.ts +2 -7
- package/packages/security/package.json +3 -3
- package/packages/security/src/core/crypto/cryptoManager.ts +53 -21
- package/packages/security/src/core/jwt/decode.ts +4 -1
- package/packages/security/src/core/jwt/generateTokens.ts +4 -1
- package/packages/security/src/core/jwt/jwtManager.ts +105 -257
- package/packages/security/src/core/jwt/parseDuration.ts +4 -2
- package/packages/security/src/core/jwt/signToken.ts +2 -1
- package/packages/security/src/core/jwt/validateToken.ts +21 -13
- package/packages/security/src/core/jwt/verify.ts +82 -20
- package/packages/security/src/core/password/hash.ts +10 -4
- package/packages/security/src/core/password/passwordManager.ts +38 -108
- package/packages/security/src/core/password/strength.ts +13 -8
- package/packages/security/src/core/password/utils.ts +19 -3
- package/packages/security/src/core/password/verify.ts +6 -4
- package/packages/server-utils/README.md +1 -1
- package/packages/server-utils/dist/cjs/core/server.js +6 -6
- package/packages/server-utils/dist/cjs/middleware/auth.middleware.d.ts +1 -2
- package/packages/server-utils/dist/cjs/middleware/auth.middleware.js +17 -14
- package/packages/server-utils/dist/cjs/middleware/cache.middleware.js +2 -2
- package/packages/server-utils/dist/cjs/middleware/errorHandler.middleware.d.ts +1 -1
- package/packages/server-utils/dist/cjs/middleware/errorHandler.middleware.js +34 -17
- package/packages/server-utils/dist/cjs/middleware/session.middleware.js +8 -8
- package/packages/server-utils/dist/cjs/middleware/validation.middleware.js +2 -2
- package/packages/server-utils/dist/esm/core/server.js +6 -6
- package/packages/server-utils/dist/esm/middleware/auth.middleware.d.ts +1 -2
- package/packages/server-utils/dist/esm/middleware/auth.middleware.js +18 -15
- package/packages/server-utils/dist/esm/middleware/cache.middleware.js +2 -2
- package/packages/server-utils/dist/esm/middleware/errorHandler.middleware.d.ts +1 -1
- package/packages/server-utils/dist/esm/middleware/errorHandler.middleware.js +34 -17
- package/packages/server-utils/dist/esm/middleware/session.middleware.js +8 -8
- package/packages/server-utils/dist/esm/middleware/validation.middleware.js +2 -2
- package/packages/server-utils/dist/types/middleware/auth.middleware.d.ts +1 -2
- package/packages/server-utils/dist/types/middleware/errorHandler.middleware.d.ts +1 -1
- package/packages/server-utils/package.json +4 -4
- package/packages/server-utils/src/core/server.ts +6 -6
- package/packages/server-utils/src/middleware/auth.middleware.ts +40 -27
- package/packages/server-utils/src/middleware/cache.middleware.ts +2 -2
- package/packages/server-utils/src/middleware/errorHandler.middleware.ts +39 -24
- package/packages/server-utils/src/middleware/session.middleware.ts +11 -8
- package/packages/server-utils/src/middleware/validation.middleware.ts +2 -3
- package/packages/errors-utils/dist/cjs/error/RateLimitError.d.ts +0 -4
- package/packages/errors-utils/dist/cjs/error/RateLimitError.js +0 -11
- package/packages/errors-utils/dist/cjs/utils/mapAppErrorToResponder.d.ts +0 -3
- package/packages/errors-utils/dist/cjs/utils/mapAppErrorToResponder.js +0 -27
- package/packages/errors-utils/dist/esm/error/RateLimitError.d.ts +0 -4
- package/packages/errors-utils/dist/esm/error/RateLimitError.js +0 -7
- package/packages/errors-utils/dist/esm/utils/mapAppErrorToResponder.d.ts +0 -3
- package/packages/errors-utils/dist/esm/utils/mapAppErrorToResponder.js +0 -24
- package/packages/errors-utils/dist/types/error/RateLimitError.d.ts +0 -4
- package/packages/errors-utils/dist/types/utils/mapAppErrorToResponder.d.ts +0 -3
- package/packages/errors-utils/src/error/RateLimitError.ts +0 -8
- package/packages/errors-utils/src/utils/mapAppErrorToResponder.ts +0 -38
- package/packages/response-utils/src/legacy.ts +0 -30
- /package/packages/errors-utils/dist/cjs/middleware/express/{errorConverter.d.ts → errorConverter.middleware.d.ts} +0 -0
- /package/packages/errors-utils/dist/cjs/middleware/express/{errorConverter.js → errorConverter.middleware.js} +0 -0
- /package/packages/errors-utils/dist/cjs/middleware/express/{errorHandler.d.ts → errorHandler.middleware.d.ts} +0 -0
- /package/packages/errors-utils/dist/esm/middleware/express/{errorConverter.d.ts → errorConverter.middleware.d.ts} +0 -0
- /package/packages/errors-utils/dist/esm/middleware/express/{errorConverter.js → errorConverter.middleware.js} +0 -0
- /package/packages/errors-utils/dist/esm/middleware/express/{errorHandler.d.ts → errorHandler.middleware.d.ts} +0 -0
- /package/packages/errors-utils/dist/types/middleware/express/{errorConverter.d.ts → errorConverter.middleware.d.ts} +0 -0
- /package/packages/errors-utils/dist/types/middleware/express/{errorHandler.d.ts → errorHandler.middleware.d.ts} +0 -0
- /package/packages/errors-utils/src/middleware/express/{errorConverter.ts → errorConverter.middleware.ts} +0 -0
|
@@ -1,59 +1,77 @@
|
|
|
1
|
-
|
|
1
|
+
```bash
|
|
2
|
+
@naman_deep_singh/security
|
|
2
3
|
|
|
3
|
-
|
|
4
|
+
Version: 1.5.1
|
|
4
5
|
|
|
5
6
|
A complete, lightweight security toolkit for Node.js & TypeScript providing:
|
|
6
7
|
|
|
7
|
-
🔐
|
|
8
|
-
🔑
|
|
9
|
-
🧮
|
|
10
|
-
🪪
|
|
11
|
-
♻️
|
|
12
|
-
🧰
|
|
13
|
-
🧩
|
|
14
|
-
🔒
|
|
15
|
-
🚨
|
|
16
|
-
|
|
17
|
-
✔
|
|
18
|
-
✔
|
|
19
|
-
✔
|
|
20
|
-
✔
|
|
21
|
-
✔
|
|
22
|
-
✔
|
|
23
|
-
✔
|
|
24
|
-
✔
|
|
8
|
+
🔐 Password hashing & validation with bcrypt (async/sync, peppered variants)
|
|
9
|
+
🔑 JWT signing & verification (safe, strict, and cached)
|
|
10
|
+
🧮 Duration parser ("15m", "7d", etc.)
|
|
11
|
+
🪪 Token generator (access + refresh pair with branded types)
|
|
12
|
+
♻️ Refresh token rotation helper
|
|
13
|
+
🧰 Robust token extraction (Headers, Cookies, Query, Body, WebSocket)
|
|
14
|
+
🧩 Safe & strict JWT decode utilities
|
|
15
|
+
🔒 AES-256-GCM encryption/decryption with HMAC and random utilities
|
|
16
|
+
🚨 Standardized error handling with @naman_deep_singh/errors-utils
|
|
17
|
+
|
|
18
|
+
✔ Fully typed with TypeScript
|
|
19
|
+
✔ Branded token types for compile-time safety (AccessToken/RefreshToken)
|
|
20
|
+
✔ Class-based managers for advanced features (PasswordManager, JWTManager, CryptoManager)
|
|
21
|
+
✔ Functional exports for simple use cases
|
|
22
|
+
✔ Password strength checking and validation
|
|
23
|
+
✔ Token caching for performance
|
|
24
|
+
✔ Consistent errors across your application ecosystem
|
|
25
|
+
✔ Works in both ESM and CommonJS
|
|
25
26
|
|
|
26
|
-
```bash
|
|
27
27
|
📦 Installation
|
|
28
28
|
npm install @naman_deep_singh/security
|
|
29
|
-
```
|
|
30
29
|
|
|
31
30
|
🔧 Features
|
|
31
|
+
Password Security
|
|
32
32
|
|
|
33
|
-
|
|
34
|
-
🔥 Password Validation & Strength Checking
|
|
35
|
-
🔥 Password Generation with configurable requirements
|
|
36
|
-
🔥 Peppered hashing variants
|
|
37
|
-
🔥 Synchronous & asynchronous versions
|
|
33
|
+
Async & sync bcrypt hashing
|
|
38
34
|
|
|
39
|
-
|
|
40
|
-
🔥 Token Pair Generation (accessToken + refreshToken)
|
|
41
|
-
🔥 Refresh Token Rotation
|
|
42
|
-
🔥 Safe & Unsafe JWT Verification
|
|
43
|
-
🔥 Strict vs Flexible Decoding
|
|
44
|
-
🔥 Universal Token Extraction (Headers, Cookies, Query, Body, WebSocket)
|
|
45
|
-
🔥 Token caching for performance
|
|
35
|
+
Peppered hashing variants
|
|
46
36
|
|
|
47
|
-
|
|
48
|
-
🔥 HMAC signing and verification
|
|
49
|
-
🔥 Cryptographically secure random generation
|
|
37
|
+
Password validation & strength checking
|
|
50
38
|
|
|
51
|
-
|
|
39
|
+
Configurable complexity requirements
|
|
52
40
|
|
|
53
|
-
|
|
41
|
+
Secure password generation
|
|
42
|
+
|
|
43
|
+
JWT Security
|
|
44
|
+
|
|
45
|
+
Custom expiry using duration strings
|
|
46
|
+
|
|
47
|
+
Token pair generation (access + refresh)
|
|
48
|
+
|
|
49
|
+
Refresh token rotation
|
|
50
|
+
|
|
51
|
+
Safe & unsafe JWT verification
|
|
52
|
+
|
|
53
|
+
Strict vs flexible decoding
|
|
54
|
+
|
|
55
|
+
Token caching for performance
|
|
56
|
+
|
|
57
|
+
Cryptography
|
|
58
|
+
|
|
59
|
+
AES-256-GCM encryption/decryption
|
|
60
|
+
|
|
61
|
+
HMAC signing and verification
|
|
62
|
+
|
|
63
|
+
Cryptographically secure random generation
|
|
64
|
+
|
|
65
|
+
Utilities
|
|
54
66
|
|
|
55
|
-
|
|
56
|
-
|
|
67
|
+
Duration parsing (e.g., "15m" → 900 seconds)
|
|
68
|
+
|
|
69
|
+
Token extraction from headers, cookies, query, body, and WebSocket messages
|
|
70
|
+
|
|
71
|
+
Fully typed interfaces and branded token types
|
|
72
|
+
|
|
73
|
+
📘 Quick Start
|
|
74
|
+
Functional Approach (Simple)
|
|
57
75
|
import {
|
|
58
76
|
hashPassword,
|
|
59
77
|
verifyPassword,
|
|
@@ -62,7 +80,10 @@ import {
|
|
|
62
80
|
safeVerifyToken,
|
|
63
81
|
extractToken,
|
|
64
82
|
encrypt,
|
|
65
|
-
decrypt
|
|
83
|
+
decrypt,
|
|
84
|
+
parseDuration,
|
|
85
|
+
decodeToken,
|
|
86
|
+
decodeTokenStrict,
|
|
66
87
|
} from "@naman_deep_singh/security";
|
|
67
88
|
|
|
68
89
|
// Password operations
|
|
@@ -78,196 +99,77 @@ const tokens = generateTokens(
|
|
|
78
99
|
"7d"
|
|
79
100
|
);
|
|
80
101
|
|
|
102
|
+
// Safe verification
|
|
81
103
|
const result = safeVerifyToken(tokens.accessToken, process.env.ACCESS_SECRET!);
|
|
82
|
-
|
|
83
|
-
//
|
|
84
|
-
const encrypted = encrypt("sensitive data", "secret-key");
|
|
85
|
-
const decrypted = decrypt(encrypted, "secret-key");
|
|
86
|
-
```
|
|
87
|
-
|
|
88
|
-
### Class-Based Approach (Advanced)
|
|
89
|
-
```typescript
|
|
90
|
-
import { PasswordManager, JWTManager, CryptoManager } from "@naman_deep_singh/security";
|
|
91
|
-
|
|
92
|
-
// Password Manager with validation
|
|
93
|
-
const passwordManager = new PasswordManager({
|
|
94
|
-
minLength: 12,
|
|
95
|
-
requireUppercase: true,
|
|
96
|
-
requireNumbers: true,
|
|
97
|
-
requireSpecialChars: true
|
|
98
|
-
});
|
|
99
|
-
|
|
100
|
-
const validation = passwordManager.validate("MySecurePass123!");
|
|
101
|
-
if (validation.isValid) {
|
|
102
|
-
const hashed = await passwordManager.hash("MySecurePass123!");
|
|
104
|
+
if (!result.valid) {
|
|
105
|
+
console.log(result.error.message); // UnauthorizedError instance
|
|
103
106
|
}
|
|
104
107
|
|
|
105
|
-
//
|
|
106
|
-
const
|
|
107
|
-
|
|
108
|
-
refreshSecret: process.env.REFRESH_SECRET!,
|
|
109
|
-
accessExpiry: "15m",
|
|
110
|
-
refreshExpiry: "7d",
|
|
111
|
-
enableCaching: true
|
|
112
|
-
});
|
|
113
|
-
|
|
114
|
-
const tokens = await jwtManager.generateTokens({ userId: 42 });
|
|
115
|
-
const payload = await jwtManager.verifyAccessToken(tokens.accessToken);
|
|
116
|
-
|
|
117
|
-
// Crypto Manager
|
|
118
|
-
const cryptoManager = new CryptoManager("your-secret-key");
|
|
119
|
-
const encrypted = cryptoManager.encrypt("data");
|
|
120
|
-
const decrypted = cryptoManager.decrypt(encrypted);
|
|
121
|
-
```
|
|
122
|
-
|
|
123
|
-
📚 API Documentation
|
|
124
|
-
|
|
125
|
-
Below is a complete reference with full usage examples.
|
|
126
|
-
|
|
127
|
-
## 🧂 1. Password Utilities
|
|
128
|
-
|
|
129
|
-
### Functional Exports
|
|
130
|
-
```typescript
|
|
131
|
-
// Async hashing
|
|
132
|
-
const hashed = await hashPassword("mypassword"); // Uses 10 salt rounds by default
|
|
133
|
-
const hashed = await hashPassword("mypassword", 12); // Custom salt rounds
|
|
108
|
+
// Decode without verification
|
|
109
|
+
const decoded = decodeToken(tokens.accessToken); // null | string | JwtPayload
|
|
110
|
+
const strictPayload = decodeTokenStrict(tokens.accessToken); // throws if invalid
|
|
134
111
|
|
|
135
|
-
//
|
|
136
|
-
const
|
|
137
|
-
const hashedSync = hashPasswordSync("mypassword", 12);
|
|
112
|
+
// Parse duration
|
|
113
|
+
const seconds = parseDuration("15m"); // 900
|
|
138
114
|
|
|
139
|
-
//
|
|
140
|
-
const
|
|
141
|
-
|
|
115
|
+
// Token extraction
|
|
116
|
+
const token = extractToken({
|
|
117
|
+
header: req.headers.authorization,
|
|
118
|
+
cookies: req.cookies,
|
|
119
|
+
query: req.query,
|
|
120
|
+
body: req.body,
|
|
121
|
+
wsMessage: message, // string or { token: "..." }
|
|
122
|
+
});
|
|
142
123
|
|
|
143
|
-
//
|
|
144
|
-
const
|
|
145
|
-
const
|
|
124
|
+
// Crypto operations
|
|
125
|
+
const encrypted = encrypt("sensitive data", "secret-key");
|
|
126
|
+
const decrypted = decrypt(encrypted, "secret-key");
|
|
146
127
|
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
```
|
|
128
|
+
Class-Based Approach (Advanced)
|
|
129
|
+
PasswordManager
|
|
130
|
+
import { PasswordManager } from "@naman_deep_singh/security";
|
|
151
131
|
|
|
152
|
-
### PasswordManager Class
|
|
153
|
-
```typescript
|
|
154
132
|
const passwordManager = new PasswordManager({
|
|
155
|
-
|
|
156
|
-
minLength: 8,
|
|
157
|
-
maxLength: 128,
|
|
133
|
+
minLength: 12,
|
|
158
134
|
requireUppercase: true,
|
|
159
|
-
requireLowercase: true,
|
|
160
135
|
requireNumbers: true,
|
|
161
|
-
requireSpecialChars:
|
|
136
|
+
requireSpecialChars: true,
|
|
162
137
|
customRules: [
|
|
163
|
-
{ test: (pwd) => !pwd.includes(
|
|
138
|
+
{ test: (pwd) => !pwd.includes("password"), message: 'Cannot contain "password"' }
|
|
164
139
|
]
|
|
165
140
|
});
|
|
166
141
|
|
|
167
|
-
// Hash with validation
|
|
168
|
-
const result = await passwordManager.hash("MySecurePass123!");
|
|
169
|
-
// Returns: { hash: "$2a$...", salt: "..." }
|
|
170
|
-
|
|
171
|
-
// Verify
|
|
172
|
-
const isValid = await passwordManager.verify("MySecurePass123!", result.hash, result.salt);
|
|
173
|
-
|
|
174
142
|
// Validate password
|
|
175
143
|
const validation = passwordManager.validate("MySecurePass123!");
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
144
|
+
if (!validation.isValid) console.log(validation.errors);
|
|
145
|
+
|
|
146
|
+
// Hash password
|
|
147
|
+
const { hash, salt } = await passwordManager.hash("MySecurePass123!");
|
|
148
|
+
|
|
149
|
+
// Verify password
|
|
150
|
+
const isValid = await passwordManager.verify("MySecurePass123!", hash, salt);
|
|
183
151
|
|
|
184
152
|
// Generate secure password
|
|
185
|
-
const
|
|
153
|
+
const generated = passwordManager.generate(16, {
|
|
186
154
|
requireUppercase: true,
|
|
187
155
|
requireNumbers: true,
|
|
188
156
|
requireSpecialChars: true
|
|
189
157
|
});
|
|
190
158
|
|
|
191
|
-
// Check strength
|
|
159
|
+
// Check password strength
|
|
192
160
|
const strength = passwordManager.checkStrength("MySecurePass123!");
|
|
193
|
-
|
|
194
|
-
Returns: {
|
|
195
|
-
score: 4,
|
|
196
|
-
label: 'strong',
|
|
197
|
-
feedback: [],
|
|
198
|
-
suggestions: ["Your password is very secure"]
|
|
199
|
-
}
|
|
200
|
-
*/
|
|
201
|
-
```
|
|
202
|
-
|
|
203
|
-
## 🔑 2. JWT Utilities
|
|
204
|
-
|
|
205
|
-
### Functional Exports
|
|
206
|
-
```typescript
|
|
207
|
-
// Sign token with duration string
|
|
208
|
-
const token = signToken(
|
|
209
|
-
{ userId: 1, role: "admin" },
|
|
210
|
-
process.env.JWT_SECRET!,
|
|
211
|
-
"1h" // Duration string: "15m", "2h", "7d", "30s"
|
|
212
|
-
);
|
|
213
|
-
|
|
214
|
-
// Parse duration to seconds
|
|
215
|
-
parseDuration("15m"); // 900
|
|
216
|
-
parseDuration("2h"); // 7200
|
|
217
|
-
parseDuration("7d"); // 604800
|
|
218
|
-
|
|
219
|
-
// Generate token pair
|
|
220
|
-
const tokens = generateTokens(
|
|
221
|
-
{ userId: 42 },
|
|
222
|
-
process.env.ACCESS_SECRET!,
|
|
223
|
-
process.env.REFRESH_SECRET!,
|
|
224
|
-
"15m",
|
|
225
|
-
"7d"
|
|
226
|
-
);
|
|
227
|
-
// Returns: { accessToken: AccessToken, refreshToken: RefreshToken }
|
|
228
|
-
|
|
229
|
-
// Rotate refresh token
|
|
230
|
-
const newRefreshToken = rotateRefreshToken(
|
|
231
|
-
oldRefreshToken,
|
|
232
|
-
process.env.REFRESH_SECRET!
|
|
233
|
-
);
|
|
234
|
-
|
|
235
|
-
// Verify token (throws on error)
|
|
236
|
-
const payload = verifyToken(token, process.env.ACCESS_SECRET!);
|
|
237
|
-
|
|
238
|
-
// Safe verify (never throws)
|
|
239
|
-
const result = safeVerifyToken(token, process.env.ACCESS_SECRET!);
|
|
240
|
-
/*
|
|
241
|
-
Returns: {
|
|
242
|
-
valid: true,
|
|
243
|
-
payload: { userId: 1, ... },
|
|
244
|
-
error?: undefined
|
|
245
|
-
}
|
|
246
|
-
*/
|
|
161
|
+
console.log(strength);
|
|
247
162
|
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
const payload = decodeTokenStrict(token); // Throws if not object
|
|
163
|
+
JWTManager
|
|
164
|
+
import { JWTManager } from "@naman_deep_singh/security";
|
|
251
165
|
|
|
252
|
-
// Extract token from various sources
|
|
253
|
-
const token = extractToken({
|
|
254
|
-
header: req.headers.authorization, // "Bearer <token>"
|
|
255
|
-
cookies: req.cookies, // { token: "...", accessToken: "..." }
|
|
256
|
-
query: req.query, // { token: "..." }
|
|
257
|
-
body: req.body, // { token: "..." }
|
|
258
|
-
wsMessage: message // string or { token: "..." }
|
|
259
|
-
});
|
|
260
|
-
```
|
|
261
|
-
|
|
262
|
-
### JWTManager Class
|
|
263
|
-
```typescript
|
|
264
166
|
const jwtManager = new JWTManager({
|
|
265
167
|
accessSecret: process.env.ACCESS_SECRET!,
|
|
266
168
|
refreshSecret: process.env.REFRESH_SECRET!,
|
|
267
169
|
accessExpiry: "15m",
|
|
268
170
|
refreshExpiry: "7d",
|
|
269
|
-
enableCaching: true,
|
|
270
|
-
maxCacheSize: 100
|
|
171
|
+
enableCaching: true,
|
|
172
|
+
maxCacheSize: 100
|
|
271
173
|
});
|
|
272
174
|
|
|
273
175
|
// Generate tokens
|
|
@@ -278,49 +180,29 @@ const accessPayload = await jwtManager.verifyAccessToken(tokens.accessToken);
|
|
|
278
180
|
const refreshPayload = await jwtManager.verifyRefreshToken(tokens.refreshToken);
|
|
279
181
|
|
|
280
182
|
// Rotate refresh token
|
|
281
|
-
const
|
|
183
|
+
const rotatedRefreshToken = await jwtManager.rotateRefreshToken(tokens.refreshToken);
|
|
282
184
|
|
|
283
|
-
// Decode
|
|
284
|
-
const decoded = jwtManager.decodeToken(
|
|
185
|
+
// Decode without verification
|
|
186
|
+
const decoded = jwtManager.decodeToken(tokens.accessToken);
|
|
187
|
+
const strictPayload = jwtManager.decodeTokenStrict(tokens.accessToken);
|
|
285
188
|
|
|
286
|
-
// Extract from header
|
|
189
|
+
// Extract token from header
|
|
287
190
|
const token = jwtManager.extractTokenFromHeader("Bearer eyJ...");
|
|
288
191
|
|
|
289
|
-
// Validate without throwing
|
|
290
|
-
const isValid = jwtManager.validateToken(
|
|
192
|
+
// Validate token without throwing
|
|
193
|
+
const isValid = jwtManager.validateToken(tokens.accessToken, process.env.ACCESS_SECRET!);
|
|
291
194
|
|
|
292
|
-
// Check expiration
|
|
293
|
-
const isExpired = jwtManager.isTokenExpired(
|
|
294
|
-
const expiresAt = jwtManager.getTokenExpiration(
|
|
195
|
+
// Check token expiration
|
|
196
|
+
const isExpired = jwtManager.isTokenExpired(tokens.accessToken);
|
|
197
|
+
const expiresAt = jwtManager.getTokenExpiration(tokens.accessToken);
|
|
295
198
|
|
|
296
199
|
// Cache management
|
|
297
200
|
jwtManager.clearCache();
|
|
298
|
-
const stats = jwtManager.getCacheStats(); // { size:
|
|
299
|
-
```
|
|
300
|
-
|
|
301
|
-
## 🔒 3. Crypto Utilities
|
|
302
|
-
|
|
303
|
-
### Functional Exports
|
|
304
|
-
```typescript
|
|
305
|
-
// AES-256-GCM Encryption
|
|
306
|
-
const encrypted = encrypt("sensitive data", "your-secret-key");
|
|
307
|
-
// Returns: "iv:encrypted_data"
|
|
201
|
+
const stats = jwtManager.getCacheStats(); // { size: -1, maxSize: 100 }
|
|
308
202
|
|
|
309
|
-
|
|
310
|
-
|
|
203
|
+
CryptoManager
|
|
204
|
+
import { CryptoManager } from "@naman_deep_singh/security";
|
|
311
205
|
|
|
312
|
-
// HMAC
|
|
313
|
-
const hmac = createHMAC("data", "secret-key");
|
|
314
|
-
const isValidHMAC = verifyHMAC("data", hmac, "secret-key");
|
|
315
|
-
|
|
316
|
-
// Random generation
|
|
317
|
-
const randomBytes = generateRandomBytes(32); // Buffer
|
|
318
|
-
const randomString = generateRandomString(16); // Base64 string
|
|
319
|
-
const randomHex = generateRandomHex(32); // Hex string
|
|
320
|
-
```
|
|
321
|
-
|
|
322
|
-
### CryptoManager Class
|
|
323
|
-
```typescript
|
|
324
206
|
const cryptoManager = new CryptoManager("your-secret-key");
|
|
325
207
|
|
|
326
208
|
// Encryption
|
|
@@ -331,19 +213,16 @@ const decrypted = cryptoManager.decrypt(encrypted);
|
|
|
331
213
|
const hmac = cryptoManager.createHMAC("data");
|
|
332
214
|
const isValid = cryptoManager.verifyHMAC("data", hmac);
|
|
333
215
|
|
|
334
|
-
// Random
|
|
216
|
+
// Random generation
|
|
335
217
|
const randomBytes = cryptoManager.generateRandomBytes(32);
|
|
336
218
|
const randomString = cryptoManager.generateRandomString(16);
|
|
337
|
-
|
|
219
|
+
const randomHex = cryptoManager.generateRandomHex(32);
|
|
338
220
|
|
|
339
|
-
|
|
221
|
+
🚨 Error Handling
|
|
340
222
|
|
|
341
|
-
This package uses standardized errors from
|
|
223
|
+
This package uses standardized errors from @naman_deep_singh/errors-utils:
|
|
342
224
|
|
|
343
|
-
```typescript
|
|
344
225
|
import {
|
|
345
|
-
hashPassword,
|
|
346
|
-
verifyPassword,
|
|
347
226
|
BadRequestError,
|
|
348
227
|
UnauthorizedError,
|
|
349
228
|
ValidationError,
|
|
@@ -353,105 +232,59 @@ import {
|
|
|
353
232
|
try {
|
|
354
233
|
const hash = await hashPassword('mypassword');
|
|
355
234
|
} catch (error) {
|
|
356
|
-
if (error instanceof BadRequestError)
|
|
357
|
-
|
|
358
|
-
console.log('Invalid password provided');
|
|
359
|
-
} else if (error instanceof InternalServerError) {
|
|
360
|
-
// Hashing failed (500)
|
|
361
|
-
console.log('Server error during hashing');
|
|
362
|
-
}
|
|
235
|
+
if (error instanceof BadRequestError) console.log("Invalid password input");
|
|
236
|
+
if (error instanceof InternalServerError) console.log("Server error during hashing");
|
|
363
237
|
}
|
|
364
238
|
|
|
365
239
|
try {
|
|
366
240
|
const isValid = await verifyPassword('password', hash);
|
|
367
241
|
} catch (error) {
|
|
368
|
-
if (error instanceof UnauthorizedError)
|
|
369
|
-
// Password verification failed (401)
|
|
370
|
-
console.log('Invalid credentials');
|
|
371
|
-
}
|
|
242
|
+
if (error instanceof UnauthorizedError) console.log("Invalid credentials");
|
|
372
243
|
}
|
|
373
|
-
```
|
|
374
244
|
|
|
375
|
-
**Error Types:**
|
|
376
|
-
- `BadRequestError` (400) - Invalid input data
|
|
377
|
-
- `UnauthorizedError` (401) - Authentication failures
|
|
378
|
-
- `ValidationError` (422) - Password strength validation
|
|
379
|
-
- `InternalServerError` (500) - Server-side processing errors
|
|
380
245
|
|
|
381
|
-
|
|
246
|
+
Error Types:
|
|
382
247
|
|
|
383
|
-
|
|
384
|
-
```typescript
|
|
385
|
-
import { PasswordManager, JWTManager } from '@naman_deep_singh/security';
|
|
248
|
+
BadRequestError (400) — invalid input
|
|
386
249
|
|
|
387
|
-
|
|
388
|
-
minLength: 12,
|
|
389
|
-
requireUppercase: true,
|
|
390
|
-
requireNumbers: true,
|
|
391
|
-
requireSpecialChars: true
|
|
392
|
-
});
|
|
250
|
+
UnauthorizedError (401) — authentication failures
|
|
393
251
|
|
|
394
|
-
|
|
395
|
-
accessSecret: process.env.ACCESS_SECRET!,
|
|
396
|
-
refreshSecret: process.env.REFRESH_SECRET!,
|
|
397
|
-
accessExpiry: "15m",
|
|
398
|
-
refreshExpiry: "7d"
|
|
399
|
-
});
|
|
252
|
+
ValidationError (422) — password strength validation
|
|
400
253
|
|
|
254
|
+
InternalServerError (500) — server-side errors
|
|
255
|
+
|
|
256
|
+
🧩 Authentication Example
|
|
257
|
+
Registration
|
|
401
258
|
async function registerUser(email: string, password: string) {
|
|
402
|
-
// Validate password strength
|
|
403
259
|
const validation = passwordManager.validate(password);
|
|
404
260
|
if (!validation.isValid) {
|
|
405
261
|
throw new ValidationError(`Password validation failed: ${validation.errors.join(', ')}`);
|
|
406
262
|
}
|
|
407
263
|
|
|
408
|
-
// Hash password
|
|
409
264
|
const { hash, salt } = await passwordManager.hash(password);
|
|
410
265
|
|
|
411
|
-
|
|
412
|
-
return {
|
|
413
|
-
email,
|
|
414
|
-
passwordHash: hash,
|
|
415
|
-
passwordSalt: salt
|
|
416
|
-
};
|
|
266
|
+
return { email, passwordHash: hash, passwordSalt: salt };
|
|
417
267
|
}
|
|
418
|
-
```
|
|
419
268
|
|
|
420
|
-
|
|
421
|
-
```typescript
|
|
269
|
+
Login
|
|
422
270
|
async function loginUser(email: string, password: string, storedHash: string, storedSalt: string) {
|
|
423
|
-
// Verify password
|
|
424
271
|
const isValid = await passwordManager.verify(password, storedHash, storedSalt);
|
|
425
|
-
if (!isValid)
|
|
426
|
-
throw new UnauthorizedError("Invalid credentials");
|
|
427
|
-
}
|
|
272
|
+
if (!isValid) throw new UnauthorizedError("Invalid credentials");
|
|
428
273
|
|
|
429
|
-
// Generate tokens
|
|
430
274
|
return jwtManager.generateTokens({ email });
|
|
431
275
|
}
|
|
432
|
-
```
|
|
433
276
|
|
|
434
|
-
|
|
435
|
-
```typescript
|
|
277
|
+
Token Refresh
|
|
436
278
|
async function refreshTokens(oldRefreshToken: string) {
|
|
437
|
-
// Verify old refresh token
|
|
438
279
|
const decoded = await jwtManager.verifyRefreshToken(oldRefreshToken);
|
|
439
280
|
|
|
440
|
-
// Generate new token pair
|
|
441
281
|
const newTokens = await jwtManager.generateTokens(decoded);
|
|
442
|
-
|
|
443
|
-
// Rotate refresh token
|
|
444
282
|
const rotatedRefreshToken = await jwtManager.rotateRefreshToken(oldRefreshToken);
|
|
445
283
|
|
|
446
|
-
return {
|
|
447
|
-
accessToken: newTokens.accessToken,
|
|
448
|
-
refreshToken: rotatedRefreshToken
|
|
449
|
-
};
|
|
284
|
+
return { accessToken: newTokens.accessToken, refreshToken: rotatedRefreshToken };
|
|
450
285
|
}
|
|
451
|
-
```
|
|
452
286
|
|
|
453
|
-
|
|
454
|
-
```typescript
|
|
287
|
+
Express Middleware
|
|
455
288
|
import { extractToken, safeVerifyToken } from '@naman_deep_singh/security';
|
|
456
289
|
|
|
457
290
|
export function authMiddleware(req, res, next) {
|
|
@@ -462,69 +295,34 @@ export function authMiddleware(req, res, next) {
|
|
|
462
295
|
body: req.body
|
|
463
296
|
});
|
|
464
297
|
|
|
465
|
-
if (!token) {
|
|
466
|
-
return res.status(401).json({ error: "Token missing" });
|
|
467
|
-
}
|
|
298
|
+
if (!token) return res.status(401).json({ error: "Token missing" });
|
|
468
299
|
|
|
469
300
|
const result = safeVerifyToken(token, process.env.ACCESS_SECRET!);
|
|
470
|
-
|
|
471
|
-
if (!result.valid) {
|
|
472
|
-
return res.status(401).json({ error: "Invalid token" });
|
|
473
|
-
}
|
|
301
|
+
if (!result.valid) return res.status(401).json({ error: result.error.message });
|
|
474
302
|
|
|
475
303
|
req.user = result.payload;
|
|
476
304
|
next();
|
|
477
305
|
}
|
|
478
|
-
```
|
|
479
306
|
|
|
480
307
|
🔐 Security Best Practices
|
|
481
308
|
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
✔ Regularly rotate secrets and tokens
|
|
492
|
-
✔ Use secure random generation for all cryptographic operations
|
|
493
|
-
|
|
494
|
-
🔗 Integration with Other Packages
|
|
495
|
-
|
|
496
|
-
### With @naman_deep_singh/server-utils
|
|
497
|
-
|
|
498
|
-
```typescript
|
|
499
|
-
import { createServer } from '@naman_deep_singh/server-utils';
|
|
500
|
-
import { PasswordManager } from '@naman_deep_singh/security';
|
|
501
|
-
|
|
502
|
-
const server = createServer('Auth API', '1.0.0');
|
|
503
|
-
const passwordManager = new PasswordManager();
|
|
504
|
-
|
|
505
|
-
server.app.post('/register', async (req, res) => {
|
|
506
|
-
try {
|
|
507
|
-
const { password } = req.body;
|
|
508
|
-
const hash = await passwordManager.hash(password);
|
|
509
|
-
// Save user with hash...
|
|
510
|
-
res.json({ success: true });
|
|
511
|
-
} catch (error) {
|
|
512
|
-
// Errors automatically handled by server-utils middleware
|
|
513
|
-
throw error;
|
|
514
|
-
}
|
|
515
|
-
});
|
|
516
|
-
```
|
|
309
|
+
Use 32+ character secrets for JWT and encryption
|
|
310
|
+
|
|
311
|
+
Store secrets in environment variables
|
|
312
|
+
|
|
313
|
+
Always use HTTPS in production
|
|
314
|
+
|
|
315
|
+
Keep refresh tokens secure (HttpOnly cookie recommended)
|
|
316
|
+
|
|
317
|
+
Never store passwords in plain text
|
|
517
318
|
|
|
518
|
-
|
|
319
|
+
Use password peppering for extra security
|
|
519
320
|
|
|
520
|
-
|
|
521
|
-
import { expressErrorHandler } from '@naman_deep_singh/errors-utils';
|
|
522
|
-
import { responderMiddleware } from '@naman_deep_singh/response-utils';
|
|
321
|
+
Enable JWT caching carefully, monitor memory
|
|
523
322
|
|
|
524
|
-
|
|
525
|
-
server.app.use(expressErrorHandler); // Handles security errors consistently
|
|
526
|
-
```
|
|
323
|
+
Handle errors with proper HTTP status codes
|
|
527
324
|
|
|
528
|
-
|
|
325
|
+
Rotate secrets and tokens regularly
|
|
529
326
|
|
|
530
|
-
|
|
327
|
+
Use secure random generation for cryptographic operations
|
|
328
|
+
```
|