xypriss 1.3.8 → 2.1.0

package/README.md

@@ -1,9 +1,9 @@
 <div align="center">
   <img src="https://sdk.nehonix.space/assets/xypriss/mode/transparent/logo.png" alt="XyPriss Logo" width="200" height="200">
 
-# XyPriss
+# XyPriss (Beta)
 
-A Node.js framework extending Express.js with performance, security, and scalability features
+A powerful Node.js web framework with built-in security, clustering, and performance optimizations for modern web applications.
 
 [![npm version](https://badge.fury.io/js/xypriss.svg)](https://badge.fury.io/js/xypriss)
 [![TypeScript](https://img.shields.io/badge/TypeScript-007ACC?style=flat&logo=typescript&logoColor=white)](https://www.typescriptlang.org/)
@@ -14,311 +14,285 @@ A Node.js framework extending Express.js with performance, security, and scalabi
 
 ---
 
-## About XyPriss
+## Overview
 
-XyPriss is a Node.js framework that extends Express.js with additional performance, security, and scalability features. Built with TypeScript, it maintains full Express.js compatibility while adding enterprise-level capabilities for production applications.
+XyPriss is a powerful, TypeScript-first, open-source Node.js web framework that enhances your development experience with built-in security middleware, clustering, and performance optimizations. Whether you're building new applications or enhancing existing ones, XyPriss provides the tools you need for scalable, secure web development. Join our community and contribute on GitHub!
 
-### Key Benefits
+### Key Features
 
--   Optimized for high-performance applications
--   Built-in security modules and best practices
--   Intelligent clustering and load balancing
--   Full Express.js compatibility with TypeScript support
+-   **Familiar API**: Intuitive syntax for defining routes and middleware that feels natural to Node.js developers.
+-   **Built-in Security**: Includes 12+ security middleware modules for common protections like CSRF, XSS, and rate limiting.
+-   **Flexible Routing**: Supports parameters, wildcards, and modular routers.
+-   **TypeScript Support**: Full type definitions for a better developer experience.
+-   **Performance**: Advanced clustering, caching, and performance optimizations built-in.
 
-> **Migration Notice**: This library is the evolved version of FortifyJS. The FortifyJS library will be deprecated soon - migrate to XyPriss for continued support and new features. [Learn more](https://github.com/nehonix/FortifyJS)
+> **Note**: XyPriss is the successor to FortifyJS, which will be deprecated. Migrate to XyPriss for continued support and new features. [Migration Guide](https://github.com/nehonix/FortifyJS).
 
 ---
 
-## Quick Start
+## Installation
+
+Install XyPriss via npm or yarn:
 
 ```bash
-# Install XyPriss
 npm install xypriss
-
-# Or with yarn
+# or
 yarn add xypriss
 ```
 
+For additional security features, install the security module:
+
+```bash
+npm install xypriss-security
+```
+
+---
+
+## Quick Start
+
+Create a basic server with XyPriss:
+
 ```typescript
 import { createServer } from "xypriss";
 
-// Create a server with enhanced features
 const server = createServer({
     server: { port: 3000 },
     security: { enabled: true },
     performance: { clustering: true },
 });
 
-// Use it like Express.js
 server.get("/", (req, res) => {
-    res.json({
-        message: "Hello from XyPriss!",
-        powered: "Nehonix",
-    });
+    res.json({ message: "Hello from XyPriss!", powered: "Nehonix" });
 });
 
-// Start the server
-server.start();
+server.start(() => {
+    console.log(`Server running at http://localhost:${server.getPort()}`);
+});
 ```
 
-Your server is now running with enhanced performance and security features.
+This sets up a server with security middleware and clustering enabled, listening on port 3000.
+
+### Works Great With Express
+
+XyPriss is designed to complement the Node.js ecosystem, not replace it. You can:
+
+-   **Use XyPriss standalone** for new projects that need built-in security and clustering
+-   **Enhance existing Express apps** by integrating XyPriss security modules
+-   **Run both frameworks** side by side for different services
+-   **Migrate gradually** by moving specific routes or services to XyPriss
+
+```typescript
+// Example: Using XyPriss security with Express
+import express from "express";
+import { XyPrissSecurity } from "xypriss-security";
+
+const app = express();
+
+// Add XyPriss security to your Express app
+app.use(
+    XyPrissSecurity.middleware({
+        csrf: true,
+        xss: true,
+        rateLimit: { windowMs: 15 * 60 * 1000, max: 100 },
+    })
+);
+
+app.listen(3000);
+```
 
 ---
 
 ## Table of Contents
 
--   [About XyPriss](#about-xypriss)
--   [Quick Start](#quick-start)
--   [Key Features](#key-features)
-    -   [Performance and Scalability](#performance-and-scalability)
-    -   [Security and Reliability](#security-and-reliability)
-    -   [Developer Experience](#developer-experience)
-    -   [Network Plugins](#network-plugins)
+-   [Overview](#overview)
 -   [Installation](#installation)
--   [Basic Usage](#basic-usage)
+-   [Quick Start](#quick-start)
+-   [Routing](#routing)
+-   [Security](#security)
+-   [Performance](#performance)
 -   [Configuration](#configuration)
--   [Plugins](#plugins)
--   [Documentation](#documentation)
+-   [Modules](#modules)
 -   [Contributing](#contributing)
 -   [License](#license)
 -   [Support](#support)
 
 ---
 
-## Key Features
+## Routing
 
-### Performance and Scalability
+XyPriss provides a flexible routing system with support for parameters, wildcards, and modular routers.
 
--   Fast server initialization with minimal overhead
--   Multi-tier caching system supporting memory, Redis, and hybrid strategies
--   Automatic port detection and switching with configurable port ranges
--   Built-in clustering with automatic scaling based on system load
--   Advanced request management including timeouts and concurrency controls
+### Basic Routes
 
-### Security and Reliability
-
--   Integration with XyPriss Security module for cryptographic operations
--   Built-in security middleware including Helmet, CORS, rate limiting, and CSRF protection
--   Tamper-evident logging with cryptographic verification
--   Input validation and sanitization utilities
+```typescript
+import { createServer } from "xypriss";
 
-### Developer Experience
+const app = createServer();
 
--   Full compatibility with existing Express.js applications
--   Complete TypeScript support with type definitions
--   Extensible plugin system for custom functionality
--   Comprehensive documentation and examples
+app.get("/", (req, res) => {
+    res.json({ message: "Welcome to XyPriss" });
+});
 
-## Installation
+app.post("/users", (req, res) => {
+    res.json({ message: "User created", data: req.body });
+});
 
-```bash
-npm install xypriss
-npm i --save-dev @types/express
+app.put("/users/:id", (req, res) => {
+    res.json({ message: "User updated", id: req.params.id });
+});
 ```
 
-For security features:
+### Route Parameters
 
-```bash
-npm install xypriss xypriss-security
-npm i --save-dev @types/express
+Extract dynamic segments from URLs:
+
+```typescript
+app.get("/users/:id", (req, res) => {
+    res.json({ userId: req.params.id });
+});
+
+app.get("/users/:userId/posts/:postId", (req, res) => {
+    res.json({ userId: req.params.userId, postId: req.params.postId });
+});
 ```
 
-## Quick Start
+### Wildcard Routes
 
-### Basic Server Setup
+-   **Single Wildcard (`*`)**: Matches one path segment.
+-   **Multi-segment Wildcard (`**`)\*\*: Matches multiple path segments.
 
 ```typescript
-import { createServer } from "xypriss";
-
-// Create a new XyPriss server
-const app = createServer({
-    server: {
-        port: 3000,
-        host: "localhost",
-        autoPortSwitch: {
-            enabled: true,
-            portRange: [8086, 3010],
-        },
-    },
-    cache: {
-        strategy: "memory",
-        maxSize: 100 * 1024 * 1024, // 100MB
-        ttl: 3600, // 1 hour
-    },
+app.get("/files/*", (req, res) => {
+    res.json({ filename: req.params["*"] }); // e.g., "document.pdf"
 });
 
-// Define routes using standard Express.js syntax
-app.get("/", (req, res) => {
-    res.json({ message: "Hello from XyPriss!" });
+app.get("/api/**", (req, res) => {
+    res.json({ path: req.params["**"] }); // e.g., "v1/users/123"
 });
+```
 
-app.get("/api/users/:id", (req, res) => {
-    const userId = req.params.id;
-    res.json({ userId, data: "User data" });
+### Modular Routers
+
+Organize routes with routers:
+
+```typescript
+import { createServer, Router } from "xypriss";
+
+const app = createServer();
+const userRouter = Router();
+
+userRouter.get("/", (req, res) => {
+    res.json({ message: "List users" });
 });
 
-// Start the server
-app.start(undefined, () => {
-    console.log(
-        "Secure XyPriss server running at http://localhost:" + app.getPort()
-    );
+userRouter.get("/:id", (req, res) => {
+    res.json({ message: "Get user", id: req.params.id });
 });
+
+app.use("/api/users", userRouter);
 ```
 
-### Advanced Configuration
+### Middleware
 
-```typescript
-import { createServer } from "xypriss";
+Apply middleware globally, per route, or per router:
 
-const server = createServer({
-    env: "production",
+```typescript
+// Global middleware
+app.use((req, res, next) => {
+    console.log(`${req.method} ${req.path}`);
+    next();
+});
 
-    server: {
-        port: 8080,
-        host: "0.0.0.0",
-        autoPortSwitch: {
-            enabled: true,
-            maxAttempts: 5,
-            portRange: [8080, 8090],
-            strategy: "increment",
-        },
+// Route-specific middleware
+app.get(
+    "/protected",
+    (req, res, next) => {
+        if (!req.headers.authorization) {
+            return res.status(401).json({ error: "Unauthorized" });
+        }
+        next();
     },
+    (req, res) => {
+        res.json({ message: "Protected resource" });
+    }
+);
+```
 
-    cache: {
-        strategy: "hybrid", // Memory + Redis
-        maxSize: 500 * 1024 * 1024, // 500MB
-        ttl: 7200, // 2 hours
-        redis: {
-            host: "localhost",
-            port: 6379,
-            cluster: true,
-            nodes: [
-                { host: "redis-1", port: 6379 },
-                { host: "redis-2", port: 6379 },
-            ],
-        },
-    },
+---
 
-    requestManagement: {
-        timeout: {
-            enabled: true,
-            defaultTimeout: 30000, // 30 seconds
-            routes: {
-                "/api/upload": 300000, // 5 minutes for uploads
-                "/api/quick": 5000, // 5 seconds for quick endpoints
-            },
-        },
-        concurrency: {
-            maxConcurrentRequests: 1000,
-            maxPerIP: 50,
-        },
-    },
+## Security
 
-    cluster: {
-        enabled: true,
-        workers: "auto", // Auto-detect CPU cores
-        autoScale: {
-            enabled: true,
-            minWorkers: 2,
-            maxWorkers: 8,
-            cpuThreshold: 80,
-        },
-    },
-});
-```
+XyPriss includes 12 built-in security middleware modules to protect your application:
+
+-   **CSRF Protection**: Via the `csrf-csrf` library.
+-   **Security Headers**: Powered by Helmet for secure HTTP headers.
+-   **CORS**: Configurable cross-origin resource sharing.
+-   **Rate Limiting**: Prevents abuse by limiting requests per IP.
+-   **Input Validation**: Sanitizes inputs to prevent XSS and injection attacks.
+-   **Request Logging**: Monitors and logs incoming requests.
 
-### With XyPriss Security Integration
+Enable security features:
 
 ```typescript
 import { createServer } from "xypriss";
-import { XyPrissSecurity as security, fString, fArray } from "xypriss-security";
 
 const server = createServer({
-    server: {
-        port: 3000,
-        host: "localhost",
+    security: {
+        enabled: true,
+        csrf: { enabled: true },
+        rateLimit: { max: 100, windowMs: 15 * 60 * 1000 }, // 100 requests per 15 minutes
     },
 });
+```
 
-// Secure route with encryption
-server.post("/api/secure-data", async (req, res) => {
-    try {
-        // Use secure data structures
-        const secureData = fArray(req.body.sensitiveArray);
-        const securePassword = fString(req.body.password, {
-            protectionLevel: "maximum",
-            enableEncryption: true,
-        });
-
-        // Generate secure token
-        const token = security.generateSecureToken({
-            length: 32,
-            entropy: "maximum",
-        });
-
-        res.json({
-            success: true,
-            token,
-            dataLength: secureData.length,
-        });
-    } catch (error) {
-        res.status(500).json({ error: "Security operation failed" });
-    }
-});
+For advanced security, use the `xypriss-security` module:
+
+```typescript
+import { createServer } from "xypriss";
+import { fString, generateSecureToken } from "xypriss-security";
 
-server.start(undefined, () => {
-    console.log(
-        "Secure XyPriss server running at http://localhost:" + server.getPort()
-    );
+const server = createServer();
+
+server.post("/api/secure", async (req, res) => {
+    const secureData = fString(req.body.data, { enableEncryption: true });
+    const token = generateSecureToken({ length: 32 });
+    res.json({ token, data: secureData });
 });
 ```
 
-## Architecture
-
-### Core Framework (`xypriss`)
+---
 
--   Server Factory: Enhanced Express.js server creation with `createServer()`
--   Cache Engine: Multi-tier caching system with intelligent invalidation
--   Cluster Manager: Process management and auto-scaling
--   Plugin System: Extensible plugin architecture
--   Request Management: Advanced timeout and concurrency controls
+## Performance
 
-### Security Module (`xypriss-security`)
+XyPriss is designed for efficiency and scalability:
 
-XyPriss integrates with the XyPriss Security toolkit, providing:
+-   **Independent HTTP Server**: No Express dependency, reducing overhead.
+-   **Clustering**: Automatic scaling based on CPU cores.
+-   **Caching**: Supports memory, Redis, or hybrid caching strategies.
+-   **Auto Port Switching**: Detects and switches ports if conflicts arise.
 
--   Secure Data Structures: `fArray`, `fString`, `fObject` with encryption
--   Cryptographic Functions: Token generation, hashing, key derivation
--   Advanced Security: Post-quantum cryptography, tamper-evident logging
--   Performance: Fortified functions with security monitoring
+Example configuration:
 
 ```typescript
-import { createServer } from "xypriss";
-import {
-    XyPrissSecurity as security, // or just import XyPriss
-    fArray,
-    fString,
-    fObject,
-    generateSecureToken,
-} from "xypriss-security";
-
-// Use both together
 const server = createServer({
-    /* config */
+    server: {
+        port: 3000,
+        autoPortSwitch: { enabled: true, portRange: [3000, 3100] },
+    },
+    cache: {
+        strategy: "memory",
+        maxSize: 100 * 1024 * 1024, // 100MB
+        ttl: 3600, // 1 hour
+    },
+    cluster: { enabled: true, workers: "auto" },
 });
 ```
 
-## Documentation
-
--   [Getting Started Guide](./docs/getting-started.md)
--   [API Reference](./docs/api-reference.md)
--   [Security Guide](./docs/security.md)
--   [Configuration Options](./docs/configuration.md)
--   [Plugin Development](./docs/plugins.md)
+---
 
 ## Configuration
 
-XyPriss supports extensive configuration through the `ServerOptions` interface:
+Customize XyPriss with the `ServerOptions` interface:
 
 ```typescript
 interface ServerOptions {
@@ -327,90 +301,94 @@ interface ServerOptions {
         port?: number;
         host?: string;
         autoPortSwitch?: {
-            enabled?: boolean;
+            enabled: boolean;
             portRange?: [number, number];
-            strategy?: "increment" | "random" | "predefined";
+            strategy?: "increment" | "random";
         };
     };
     cache?: {
-        strategy?: "auto" | "memory" | "redis" | "hybrid";
+        strategy?: "memory" | "redis" | "hybrid";
         maxSize?: number;
         ttl?: number;
-        redis?: RedisConfig;
+        redis?: { host: string; port: number; cluster?: boolean };
+    };
+    security?: {
+        enabled?: boolean;
+        csrf?: { enabled: boolean };
+        rateLimit?: { max: number; windowMs: number };
+    };
+    cluster?: {
+        enabled: boolean;
+        workers?: number | "auto";
     };
-    requestManagement?: RequestManagementConfig;
-    cluster?: ClusterConfig;
-    // ... and many more options
 }
 ```
 
-## Performance
-
-XyPriss is optimized for production use:
+Example:
 
--   Fast server initialization with minimal overhead
--   High-throughput request handling
--   Efficient memory usage with automatic cleanup
--   Low-latency cache access
--   Horizontal scaling through clustering
+```typescript
+const server = createServer({
+    env: "production",
+    server: { port: 8080, host: "0.0.0.0" },
+    cache: { strategy: "redis", redis: { host: "localhost", port: 6379 } },
+});
+```
 
-## Available Modules
+---
 
-XyPriss includes several specialized modules for enhanced functionality:
+## Modules
 
-### ACPES - Advanced Cross-Platform Encrypted Storage
+### ACPES (Advanced Cross-Platform Encrypted Storage)
 
 **Location**: `mods/ACPES/`
 
-A secure, cross-platform storage solution that works seamlessly across Web, Mobile (React Native), and Node.js environments.
+A secure storage solution for web, mobile, and Node.js environments.
 
-**Features:**
+**Features**:
 
--   Cross-platform compatibility (Web, Mobile, Node.js)
--   Double AES-256 encryption with PBKDF2 key derivation
--   Integrity verification with HMAC-SHA256 checksums
--   Device fingerprinting for unique encryption keys
--   Automatic lockout protection against brute force attacks
--   TTL support for automatic data expiration
--   LZ-string compression for large data
+-   AES-256 encryption with PBKDF2 key derivation.
+-   HMAC-SHA256 for integrity verification.
+-   TTL for automatic data expiration.
+-   LZ-string compression for large data.
 
-**Quick Usage:**
+**Usage**:
 
 ```typescript
 import { Storage, STORAGE_KEYS } from "xypriss-acpes";
- 
-// Store sensitive data
-await Storage.setItem(STORAGE_KEYS.SESSION_TOKEN, "your-token");
 
-// Retrieve data
+await Storage.setItem(STORAGE_KEYS.SESSION_TOKEN, "secure-token");
 const token = await Storage.getItem(STORAGE_KEYS.SESSION_TOKEN);
 ```
 
-**Documentation**: [ACPES Documentation](./mods/ACPES/docs/)
+**Docs**: [ACPES Documentation](./mods/ACPES/docs/)
 
 ### Security Module
 
 **Location**: `mods/security/`
 
-Comprehensive security utilities and middleware for XyPriss applications.
+Provides utilities for secure data handling and request protection.
+
+**Features**:
 
-**Features:**
+-   Input sanitization and validation.
+-   Cryptographic functions (e.g., secure token generation).
+-   Rate limiting and DDoS protection.
 
--   Request validation and sanitization
--   Rate limiting and DDoS protection
--   Security headers management
--   Authentication and authorization utilities
--   Cryptographic functions and secure random generation
+**Docs**: [Security Documentation](./mods/security/docs/)
 
-**Documentation**: [Security Module Documentation](./mods/security/docs/)
+---
 
 ## Contributing
 
-Contributions are welcome. Please see our [Contributing Guide](./CONTRIBUTING.md).
+We welcome contributions! See the [Contributing Guide](./CONTRIBUTING.md) for details on how to get started.
+
+---
 
 ## License
 
-MIT License - see [LICENSE](./LICENSE) file for details.
+XyPriss is licensed under the [MIT License](./LICENSE).
+
+---
 
 ## Support
 
@@ -422,7 +400,7 @@ MIT License - see [LICENSE](./LICENSE) file for details.
 
 ### Powered by Nehonix
 
-XyPriss is developed and maintained by the Nehonix Team.
+Developed and maintained by the Nehonix Team.
 
 [![Website](https://img.shields.io/badge/Website-nehonix.space-blue?style=for-the-badge&logo=globe)](https://nehonix.space)
 [![GitHub](https://img.shields.io/badge/GitHub-Nehonix--Team-black?style=for-the-badge&logo=github)](https://github.com/Nehonix-Team)

package/dist/cjs/mods/security/src/algorithms/hash-algorithms.js

@@ -16,6 +16,16 @@ require('../core/random/random-types.js');
 require('../core/random/random-sources.js');
 require('nehonix-uri-processor');
 require('../utils/memory/index.js');
+require('helmet');
+require('cors');
+require('express-rate-limit');
+require('csrf-csrf');
+require('express-mongo-sanitize');
+require('xss');
+require('hpp');
+require('compression');
+require('xypriss-security');
+require('../../../../shared/logger/Logger.js');
 require('argon2');
 require('child_process');
 require('../types/secure-memory.js');