@ordojs/security/dist/csrf/session-manager.d.ts

Security package for OrdoJS with XSS, CSRF, and injection protection

/**
 * CSRF Session Manager
 * Manages CSRF sessions and token storage
 */
import type { CSRFConfig, CSRFSession, CSRFToken } from './types';
export declare class CSRFSessionManager {
    private sessions;
    private config;
    private cleanupInterval;
    constructor(config: Required<CSRFConfig>);
    /**
     * Create a new CSRF session
     */
    createSession(sessionId: string): CSRFSession;
    /**
     * Get an existing session or create a new one
     */
    getOrCreateSession(sessionId: string): CSRFSession;
    /**
     * Add a token to a session
     */
    addToken(sessionId: string, token: CSRFToken): void;
    /**
     * Validate a token for a session
     */
    validateSessionToken(sessionId: string, tokenValue: string): {
        valid: boolean;
        error?: string;
        expired?: boolean;
    };
    /**
     * Remove a token from a session (for one-time use tokens)
     */
    consumeToken(sessionId: string, tokenValue: string): boolean;
    /**
     * Get all active tokens for a session
     */
    getSessionTokens(sessionId: string): CSRFToken[];
    /**
     * Remove a session and all its tokens
     */
    removeSession(sessionId: string): boolean;
    /**
     * Clean up expired tokens for a specific session
     */
    private cleanupSessionTokens;
    /**
     * Clean up expired sessions and tokens
     */
    private cleanup;
    /**
     * Start automatic cleanup timer
     */
    private startCleanupTimer;
    /**
     * Stop cleanup timer
     */
    destroy(): void;
    /**
     * Get session statistics
     */
    getStats(): {
        totalSessions: number;
        totalTokens: number;
        activeSessions: number;
    };
}
//# sourceMappingURL=session-manager.d.ts.map