UNPKG

@trap_stevo/veripath

Version:

The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system. Empowering developers to secure every route with dynamic request decryption, intelligent session validation, and seamless encrypted

155 lines (110 loc) โ€ข 6.71 kB
# ๐Ÿ›ก๏ธ VeriPath ยท Legendary End-to-End Encrypted Routing Gateway > The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system. > Empower secure, scalable interactions โ€” from device APIs to private internal tools โ€” and redefine how encrypted paths are governed across every layer of your application. > VeriPath handles dynamic decryption, encrypted response orchestration, and claim-aware routing โ€” all in one seamless drop-in router. --- ## ๐Ÿš€ Features - ๐Ÿ” Automatic request decryption & response encryption - ๐Ÿ”„ Real-time session validation with secure key pairing - ๐Ÿง  Attestation-backed identity claims via session metadata - ๐Ÿ—ƒ Session key and ID persistence - โš™๏ธ Local key mutation for secure storage - ๐Ÿ”Œ `.get()`, `.post()`, `.put()`, etc. with encrypted middleware stack - ๐Ÿงฉ Built-in pairing via `VeriAuth` - ๐ŸŒ Compatible with `VeriLink` browser gateway clients --- ## ๐Ÿ“ฆ Installation ```bash npm install @trap_stevo/veripath ``` --- ## ๐Ÿ”ง Quick Start ```js const { VeriPath } = require("@trap_stevo/veripath"); const express = require("express"); const app = express(); app.use(express.json()); const vp = new VeriPath({ persistSessionKey : false, persistSessionID : false, enablePairing : true, mutator : "vlk", vaultSGN : "vlx", linkSGN : "vli" }); vp.post("/create-user", async (req, res) => { const { username, email } = req.vData; res.vSend({ message : `User ${username} with email ${email} created.` }); }); vp.get("/fetch-profile", async (req, res) => { const { userID } = req.vData; res.vSend({ message : `Fetched profile for user ID: ${userID}` }); }); app.use("/", vp.router()); app.listen(12569, () => { console.log("๐Ÿ” VeriPath running at http://localhost:12569"); }); ``` --- ## ๐Ÿ“˜ API Specification ### ๐Ÿ›  Configuration Options | Property | Type | Description | |--------------------------|-------------------------|-----------------------------------------------------------------------------| | `restoreSessionsPaths` | `boolean` | Restores previously stored session paths on startup. Default: `true` | | `persistSessionKey` | `boolean` | Enables session key persistence across restarts. | | `persistSessionID` | `boolean` | Enables session ID persistence across restarts. | | `mutator` | `string` or `Uint8Array`| Mutator used for XOR obfuscation of session keys. Default: `"vlk"` | | `vaultSGN` | `string` | Storage key name for the encrypted session key. Default: `"vlx"` | | `linkSGN` | `string` | Storage key name for the session ID. Default: `"vli"` | | `sessionIDExtractor` | `function(req)` | Optional custom extractor for session ID from the request. | | `enablePairing` | `boolean` | Enables secure key-pairing route. | | `pairingGuard` | `function(req,res,next)`| Optional middleware to guard the pairing route. | | `pairingPath` | `string` | Path for the pairing route. Default: `"/device/pair"` | | `veriAuthConfigurations` | `object` | Optional config passed to `VeriAuth` constructor. | --- ### ๐Ÿ“š Instance Methods | Method | Description | |------------------------------------------|-----------------------------------------------------------------------------| | `.get(path, ...handlers)` | Registers encrypted GET route. | | `.post(path, ...handlers)` | Registers encrypted POST route. | | `.put(path, ...handlers)` | Registers encrypted PUT route. | | `.patch(path, ...handlers)` | Registers encrypted PATCH route. | | `.delete(path, ...handlers)` | Registers encrypted DELETE route. | | `.router()` | Returns the internal `express.Router()` instance. | | `.enablePairingRoute(path, guard, conf)` | Registers a pairing route manually using `VeriAuth`. | --- ### ๐Ÿ” Request Helpers These are injected into route handlers: | Helper | Type | Description | |----------------|------------|---------------------------------------------------------------| | `req.vData` | `object` | Decrypted payload from the request (JSON body or query). | | `res.vSend()` | `function` | Sends an encrypted response. Accepts a JSON-serializable object. | --- ## ๐Ÿค Pairing Behavior When `enablePairing = true`, VeriPath automatically adds a POST route (default: `/device/pair`) using [VeriAuth](https://www.npmjs.com/package/@trap_stevo/veriauth). - Accepts a session key associated with a session ID. - You may optionally guard this route with `pairingGuard` middleware. - Pairing keys are stored in the vault and used to decrypt subsequent requests. Example guard: ```js (req, res, next) => { if (req.headers["x-admin-key"] !== "expected") return res.status(403).end(); next(); } ``` --- ## ๐ŸŒ Compatible Clients | Client | Purpose | |--------------|-----------------------------------------| | `VeriLink` | Encrypted browser/client-side communication | | `VeriAuth` | Handles session key registration and pairing | --- ## ๐Ÿงฑ Use Cases - ๐Ÿ” Encrypted device-to-server communication - ๐Ÿ›ก๏ธ Internal dashboards secured by session-based identity - ๐Ÿ”„ Stateless APIs with stateful encrypted identity handling - ๐Ÿง  Claim-aware route control with seamless integration --- ## ๐Ÿ“œ License See [LICENSE.md](./LICENSE.md) _Every path protected. Every byte encrypted. Every client verified._ ๐Ÿ”