@trap_stevo/veripath
Version:
The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system. Empowering developers to secure every route with dynamic request decryption, intelligent session validation, and seamless encrypted
155 lines (110 loc) โข 6.71 kB
Markdown
# ๐ก๏ธ VeriPath ยท Legendary End-to-End Encrypted Routing Gateway
> The pinnacle of real-time encrypted routing and session-bound communication through a precision-crafted middleware system.
> Empower secure, scalable interactions โ from device APIs to private internal tools โ and redefine how encrypted paths are governed across every layer of your application.
> VeriPath handles dynamic decryption, encrypted response orchestration, and claim-aware routing โ all in one seamless drop-in router.
## ๐ Features
- ๐ Automatic request decryption & response encryption
- ๐ Real-time session validation with secure key pairing
- ๐ง Attestation-backed identity claims via session metadata
- ๐ Session key and ID persistence
- โ๏ธ Local key mutation for secure storage
- ๐ `.get()`, `.post()`, `.put()`, etc. with encrypted middleware stack
- ๐งฉ Built-in pairing via `VeriAuth`
- ๐ Compatible with `VeriLink` browser gateway clients
## ๐ฆ Installation
```bash
npm install @trap_stevo/veripath
```
## ๐ง Quick Start
```js
const { VeriPath } = require("@trap_stevo/veripath");
const express = require("express");
const app = express();
app.use(express.json());
const vp = new VeriPath({
persistSessionKey : false,
persistSessionID : false,
enablePairing : true,
mutator : "vlk",
vaultSGN : "vlx",
linkSGN : "vli"
});
vp.post("/create-user", async (req, res) => {
const { username, email } = req.vData;
res.vSend({ message : `User ${username} with email ${email} created.` });
});
vp.get("/fetch-profile", async (req, res) => {
const { userID } = req.vData;
res.vSend({ message : `Fetched profile for user ID: ${userID}` });
});
app.use("/", vp.router());
app.listen(12569, () => {
console.log("๐ VeriPath running at http://localhost:12569");
});
```
## ๐ API Specification
### ๐ Configuration Options
| Property | Type | Description |
|--------------------------|-------------------------|-----------------------------------------------------------------------------|
| `restoreSessionsPaths` | `boolean` | Restores previously stored session paths on startup. Default: `true` |
| `persistSessionKey` | `boolean` | Enables session key persistence across restarts. |
| `persistSessionID` | `boolean` | Enables session ID persistence across restarts. |
| `mutator` | `string` or `Uint8Array`| Mutator used for XOR obfuscation of session keys. Default: `"vlk"` |
| `vaultSGN` | `string` | Storage key name for the encrypted session key. Default: `"vlx"` |
| `linkSGN` | `string` | Storage key name for the session ID. Default: `"vli"` |
| `sessionIDExtractor` | `function(req)` | Optional custom extractor for session ID from the request. |
| `enablePairing` | `boolean` | Enables secure key-pairing route. |
| `pairingGuard` | `function(req,res,next)`| Optional middleware to guard the pairing route. |
| `pairingPath` | `string` | Path for the pairing route. Default: `"/device/pair"` |
| `veriAuthConfigurations` | `object` | Optional config passed to `VeriAuth` constructor. |
### ๐ Instance Methods
| Method | Description |
|------------------------------------------|-----------------------------------------------------------------------------|
| `.get(path, ...handlers)` | Registers encrypted GET route. |
| `.post(path, ...handlers)` | Registers encrypted POST route. |
| `.put(path, ...handlers)` | Registers encrypted PUT route. |
| `.patch(path, ...handlers)` | Registers encrypted PATCH route. |
| `.delete(path, ...handlers)` | Registers encrypted DELETE route. |
| `.router()` | Returns the internal `express.Router()` instance. |
| `.enablePairingRoute(path, guard, conf)` | Registers a pairing route manually using `VeriAuth`. |
### ๐ Request Helpers
These are injected into route handlers:
| Helper | Type | Description |
|----------------|------------|---------------------------------------------------------------|
| `req.vData` | `object` | Decrypted payload from the request (JSON body or query). |
| `res.vSend()` | `function` | Sends an encrypted response. Accepts a JSON-serializable object. |
## ๐ค Pairing Behavior
When `enablePairing = true`, VeriPath automatically adds a POST route (default: `/device/pair`) using [VeriAuth](https://www.npmjs.com/package/@trap_stevo/veriauth).
- Accepts a session key associated with a session ID.
- You may optionally guard this route with `pairingGuard` middleware.
- Pairing keys are stored in the vault and used to decrypt subsequent requests.
Example guard:
```js
(req, res, next) => {
if (req.headers["x-admin-key"] !== "expected") return res.status(403).end();
next();
}
```
## ๐ Compatible Clients
| Client | Purpose |
|--------------|-----------------------------------------|
| `VeriLink` | Encrypted browser/client-side communication |
| `VeriAuth` | Handles session key registration and pairing |
## ๐งฑ Use Cases
- ๐ Encrypted device-to-server communication
- ๐ก๏ธ Internal dashboards secured by session-based identity
- ๐ Stateless APIs with stateful encrypted identity handling
- ๐ง Claim-aware route control with seamless integration
## ๐ License
See [LICENSE.md](./LICENSE.md)
_Every path protected. Every byte encrypted. Every client verified._ ๐