UNPKG

@pulzar/core

Version:

Next-generation Node.js framework for ultra-fast web applications with zero-reflection DI, GraphQL, WebSockets, events, and edge runtime support

github.com/pulzar-framework

pulzar-framework/pulzar

104 lines 3.23 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
import { FastifyRequest, FastifyReply, FastifyPluginAsync, preHandlerHookHandler } from "fastify"; import { SessionData } from "./types"; export interface SessionStore { get(sessionId: string): Promise<SessionData | null>; set(sessionId: string, data: SessionData): Promise<void>; delete(sessionId: string): Promise<void>; touch(sessionId: string): Promise<void>; clear(): Promise<void>; cleanup?(): Promise<void>; } export interface SessionOptions { store: SessionStore; name: string; secret: string; maxAge: number; secure: boolean; httpOnly: boolean; sameSite: "strict" | "lax" | "none"; domain?: string; path: string; rolling: boolean; touchInterval?: number; cleanupInterval?: number; } export declare class MemorySessionStore implements SessionStore { private sessions; private cleanupTimer?; constructor(cleanupInterval?: number); get(sessionId: string): Promise<SessionData | null>; set(sessionId: string, data: SessionData): Promise<void>; delete(sessionId: string): Promise<void>; touch(sessionId: string): Promise<void>; clear(): Promise<void>; cleanup(): Promise<void>; destroy(): void; } export declare class SessionGuard { private options; private lastTouchTimes; constructor(options: SessionOptions); /** * Create a new session with crypto-safe ID */ createSession(userId: string, data?: Record<string, any>): Promise<string>; /** * Get session data */ getSession(sessionId: string): Promise<SessionData | null>; /** * Update session data */ updateSession(sessionId: string, data: Record<string, any>): Promise<void>; /** * Destroy session */ destroySession(sessionId: string): Promise<void>; /** * Touch session with interval throttling */ touchSession(sessionId: string): Promise<void>; /** * Extract session ID from Fastify request with XSRF protection */ extractSessionId(req: FastifyRequest): string | null; /** * Check if request requires XSRF protection */ private requiresXSRFCheck; /** * Simple XSRF token validation (should be enhanced with proper crypto) */ private validateXSRFToken; /** * Generate XSRF token for session */ generateXSRFToken(sessionId: string): string; /** * Set session cookie with security validation */ setSessionCookie(reply: FastifyReply, sessionId: string): void; /** * Clear session cookie */ clearSessionCookie(reply: FastifyReply): void; /** * Fastify preHandler hook to authenticate session */ authenticate(required?: boolean): preHandlerHookHandler; /** * Generate crypto-safe session ID */ private generateSessionId; /** * Convert session to user object */ private sessionToUser; } /** * Fastify plugin for session authentication */ export declare function createSessionPlugin(options: SessionOptions): FastifyPluginAsync; export declare const sessionGuard: SessionGuard; export declare function RequireSession(required?: boolean): preHandlerHookHandler; //# sourceMappingURL=session.guard.d.ts.map