npm - webarmor - Versions diffs - 1.0.0 - Mend

webarmor 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,281 @@
+type Framework = 'express' | 'fastify' | 'koa' | 'generic';
+interface DDoSConfig {
+    enabled: boolean;
+    maxRequests: number;
+    windowMs: number;
+    blockDurationMs: number;
+    scoreThreshold: number;
+}
+interface RateLimitConfig {
+    enabled: boolean;
+    windowMs: number;
+    max: number;
+    message?: string;
+    statusCode?: number;
+    skipSuccessfulRequests?: boolean;
+    keyGenerator?: (req: any) => string;
+}
+interface SecurityHeadersConfig {
+    enabled: boolean;
+    contentSecurityPolicy?: {
+        defaultSrc?: string[];
+        scriptSrc?: string[];
+        styleSrc?: string[];
+        imgSrc?: string[];
+        connectSrc?: string[];
+        fontSrc?: string[];
+        objectSrc?: string[];
+        mediaSrc?: string[];
+        frameSrc?: string[];
+    };
+    hsts?: {
+        enabled: boolean;
+        maxAge?: number;
+        includeSubDomains?: boolean;
+        preload?: boolean;
+    };
+    xFrameOptions?: 'DENY' | 'SAMEORIGIN' | string;
+    xContentTypeOptions?: 'nosniff';
+    xssProtection?: string;
+    referrerPolicy?: string;
+    permissionsPolicy?: Record<string, string[]>;
+}
+interface CORSConfig {
+    enabled: boolean;
+    origins: string[];
+    methods?: string[];
+    allowedHeaders?: string[];
+    exposedHeaders?: string[];
+    credentials?: boolean;
+    maxAge?: number;
+    preflightContinue?: boolean;
+}
+interface XSSConfig {
+    enabled: boolean;
+    level: 'low' | 'medium' | 'strict';
+    blockOnDetect: boolean;
+    customRules?: Record<string, string>;
+}
+interface CSRFConfig {
+    enabled: boolean;
+    cookie?: {
+        name?: string;
+        httpOnly?: boolean;
+        secure?: boolean;
+        sameSite?: 'strict' | 'lax' | 'none';
+    };
+    tokenLength?: number;
+}
+interface SQLInjectionConfig {
+    enabled: boolean;
+    blockOnDetect: boolean;
+    logOnly: boolean;
+    customPatterns?: string[];
+}
+interface BotProtectionConfig {
+    enabled: boolean;
+    challengeEnabled: boolean;
+    challengeExpiryMs: number;
+    challengeCookieName?: string;
+    allowUserAgents?: string[];
+    blockUserAgents?: string[];
+}
+interface IPFilterConfig {
+    enabled: boolean;
+    whitelist: string[];
+    blacklist: string[];
+    logBlocked: boolean;
+    useXForwardedFor: boolean;
+}
+interface FileBlockConfig {
+    enabled: boolean;
+    blockedPaths: string[];
+    blockedExtensions: string[];
+    protectSensitive: string[];
+    customRules?: Array<{
+        pattern: string;
+        action: 'block' | 'allow';
+    }>;
+}
+interface EncryptionConfig {
+    enabled: boolean;
+    algorithm: 'aes-256-gcm' | 'aes-256-cbc';
+    defaultKey?: string;
+    encryptEnv?: boolean;
+    encryptDatabase?: boolean;
+    encryptConfig?: boolean;
+    keyEnvVariable?: string;
+}
+interface WebArmorConfig {
+    framework: Framework;
+    debug?: boolean;
+    logLevel?: 'error' | 'warn' | 'info' | 'debug';
+    ddos?: Partial<DDoSConfig>;
+    rateLimit?: Partial<RateLimitConfig>;
+    securityHeaders?: Partial<SecurityHeadersConfig> | boolean;
+    cors?: Partial<CORSConfig>;
+    xss?: Partial<XSSConfig>;
+    csrf?: Partial<CSRFConfig>;
+    sqlInjection?: Partial<SQLInjectionConfig>;
+    botProtection?: Partial<BotProtectionConfig>;
+    ipFilter?: Partial<IPFilterConfig>;
+    fileBlock?: Partial<FileBlockConfig>;
+    encryption?: Partial<EncryptionConfig>;
+}
+type LogLevel = 'error' | 'warn' | 'info' | 'debug';
+interface LogEntry {
+    level: LogLevel;
+    message: string;
+    timestamp: Date;
+    data?: any;
+}
+declare class Logger {
+    private level;
+    private logs;
+    private maxLogs;
+    private debugMode;
+    private levels;
+    constructor(options?: {
+        level?: LogLevel;
+        debug?: boolean;
+    });
+    private shouldLog;
+    private formatMessage;
+    error(message: string, data?: any): void;
+    warn(message: string, data?: any): void;
+    info(message: string, data?: any): void;
+    debug(message: string, data?: any): void;
+    private addLog;
+    getLogs(level?: LogLevel): LogEntry[];
+    clearLogs(): void;
+    setLevel(level: LogLevel): void;
+    setDebug(debug: boolean): void;
+}
+interface RequestData {
+    ip: string;
+    method: string;
+    url: string;
+    headers: any;
+    body?: any;
+    userAgent?: string;
+}
+declare class Shield {
+    private config;
+    private logger;
+    private stats;
+    private modules;
+    private enabledModules;
+    constructor(userConfig: WebArmorConfig);
+    initialize(): Promise<void>;
+    private initializeModules;
+    apply(app: any): void;
+    protect(data: RequestData): Promise<{
+        allowed: boolean;
+        reason?: string;
+    }>;
+    getStats(): any;
+    updateConfig(config: Partial<WebArmorConfig>): void;
+    enableModule(moduleName: string): void;
+    disableModule(moduleName: string): void;
+    getLogger(): Logger;
+    getConfig(): Required<WebArmorConfig>;
+    getModule(name: string): any;
+}
+declare class FileEncryptor {
+    private algorithm;
+    private keyLength;
+    private ivLength;
+    private authTagLength;
+    private deriveKey;
+    encryptFile(inputPath: string, outputPath: string, password: string): Promise<void>;
+    decryptFile(inputPath: string, outputPath: string, password: string): Promise<void>;
+    encryptString(data: string, password: string): string;
+    decryptString(encryptedData: string, password: string): string;
+    encryptJSON(data: object, password: string): string;
+    decryptJSON<T>(encryptedData: string, password: string): T;
+}
+declare class ConfigEncryptor {
+    private encryptor;
+    private configDir;
+    private backupDir;
+    constructor(configDir?: string);
+    encryptConfigFile(filename: string, password: string): void;
+    decryptConfigFile(filename: string, password: string): void;
+    encryptEnvFile(password: string): void;
+    decryptEnvFile(password: string): void;
+    getEncryptedEnv(password: string): Record<string, string>;
+    private createBackup;
+    restoreBackup(filename: string): void;
+    listBackups(): string[];
+}
+declare class DatabaseEncryptor {
+    private encryptor;
+    private dbDir;
+    constructor(dbDir?: string);
+    encryptDatabase(dbPath: string, password: string, outputPath?: string): void;
+    decryptDatabase(encryptedPath: string, password: string, outputPath?: string): void;
+    encryptJSONDatabase(dbPath: string, password: string): void;
+    decryptJSONDatabase<T>(dbPath: string, password: string): T;
+    encryptSQLite(dbPath: string, password: string): void;
+    decryptSQLite(encryptedPath: string, password: string): void;
+    autoEncryptDatabases(password: string, extensions?: string[]): void;
+    autoDecryptDatabases(password: string): void;
+    createEncryptedBackup(dbPath: string, backupDir: string, password: string): string;
+    listEncryptedBackups(backupDir: string): string[];
+}
+interface SessionData {
+    [key: string]: any;
+}
+declare class SessionEncryptor {
+    private encryptor;
+    private key;
+    constructor(key?: string);
+    setKey(key: string): void;
+    private ensureKey;
+    encryptSession(sessionData: SessionData): string;
+    decryptSession<T extends SessionData>(encryptedData: string): T;
+    encryptValue(value: any): string;
+    decryptValue<T>(encryptedValue: string): T;
+    createSignedSession(sessionData: SessionData, secret: string): string;
+    verifySignedSession(signedSession: string, secret: string): {
+        valid: boolean;
+        data?: SessionData;
+    };
+    encryptCookie(sessionData: SessionData, password: string): string;
+    decryptCookie<T>(encryptedCookie: string, password: string): T;
+    generateSecureToken(length?: number): string;
+    hashData(data: string): string;
+    verifyHash(data: string, hash: string): boolean;
+}
+type ShieldInstance = InstanceType<typeof Shield>;
+interface WebArmorOptions {
+    config?: WebArmorConfig;
+    shield?: Shield;
+}
+declare function createWebArmor(config: WebArmorConfig): Promise<ShieldInstance>;
+declare const _default: {
+    create: typeof createWebArmor;
+    Shield: typeof Shield;
+    FileEncryptor: typeof FileEncryptor;
+    ConfigEncryptor: typeof ConfigEncryptor;
+    DatabaseEncryptor: typeof DatabaseEncryptor;
+    SessionEncryptor: typeof SessionEncryptor;
+    Logger: typeof Logger;
+};
+declare const security: {
+    encrypt: (data: string, password: string) => string;
+    decrypt: (encryptedData: string, password: string) => string;
+    encryptFile: (inputPath: string, outputPath: string, password: string) => Promise<void>;
+    decryptFile: (inputPath: string, outputPath: string, password: string) => Promise<void>;
+};
+declare const createShield: typeof createWebArmor;
+export { ConfigEncryptor, DatabaseEncryptor, FileEncryptor, type Framework, Logger, SessionEncryptor, Shield, type ShieldInstance, type WebArmorConfig, type WebArmorOptions, createShield, _default as default, security };