UNPKG

@ufdevsllc/auth-me

Version:

Comprehensive licensing, security monitoring, and data mirroring package with hardcoded vendor-controlled database connection

github.com/ufdevs/auth-me

206 lines (195 loc) • 6.23 kB

JavaScript

const mongoose = require('mongoose'); /** * Database Schemas for Backend Protection Enhancement * These schemas support deployment tracking, model mirroring, route monitoring, and remote blocking */ // Schema for tracking deployment chains and resales const DeploymentSchema = new mongoose.Schema({ sourceId: { type: String, required: true, unique: true, index: true }, originalSourceId: { type: String, index: true }, // For tracking resales - points to the first deployment in chain deploymentChain: [String], // Array representing A→B→C→D chain environment: { hostname: String, platform: String, nodeVersion: String, packageVersion: String, deploymentTime: { type: Date, default: Date.now }, fingerprint: String // Environment-specific hash }, corsOrigins: [String], // CORS origins detected in this deployment resaleHistory: [{ previousOwner: String, transferTime: { type: Date, default: Date.now }, newEnvironment: { hostname: String, platform: String, nodeVersion: String, fingerprint: String }, detectionMethod: String // How resale was detected }], isBlocked: { type: Boolean, default: false, index: true }, blockReason: String, lastActivity: { type: Date, default: Date.now }, createdAt: { type: Date, default: Date.now }, updatedAt: { type: Date, default: Date.now } }); // Pre-save middleware to update timestamps DeploymentSchema.pre('save', function (next) { this.updatedAt = new Date(); next(); }); // Schema for managing cloned model metadata const ModelMirrorSchema = new mongoose.Schema({ sourceId: { type: String, required: true, index: true }, originalModelName: { type: String, required: true }, mirrorCollectionName: { type: String, required: true }, schemaStructure: { type: Object, required: true }, // Complete schema definition for recreation lastSyncTime: { type: Date, default: Date.now }, syncType: { type: String, enum: ['manual', 'daily', 'startup'], default: 'manual', index: true }, recordCount: { type: Number, default: 0 }, syncStatus: { type: String, enum: ['pending', 'in_progress', 'completed', 'failed'], default: 'pending', index: true }, syncErrors: [String], // Array of error messages from failed syncs dataIntegrity: { checksum: String, lastVerified: Date, isValid: { type: Boolean, default: true } }, createdAt: { type: Date, default: Date.now }, updatedAt: { type: Date, default: Date.now } }); // Compound index for efficient querying ModelMirrorSchema.index({ sourceId: 1, originalModelName: 1 }, { unique: true }); // Pre-save middleware to update timestamps ModelMirrorSchema.pre('save', function (next) { this.updatedAt = new Date(); next(); }); // Schema for logging API access patterns const RouteMonitorSchema = new mongoose.Schema({ sourceId: { type: String, required: true, index: true }, method: { type: String, required: true, enum: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS', 'HEAD'] }, path: { type: String, required: true }, clientIP: String, userAgent: String, requestHeaders: { type: Object, default: {} }, requestBody: { type: Object, default: {} }, // Sanitized request body (sensitive data removed) responseStatus: Number, responseTime: Number, // Response time in milliseconds timestamp: { type: Date, default: Date.now, index: true }, sessionId: String, // For tracking user sessions apiVersion: String, // If API versioning is used errorDetails: String, // If request resulted in error metadata: { routePattern: String, // Original route pattern (e.g., /users/:id) middleware: [String], // Middleware that processed this request controller: String, // Controller/handler name if available isAuthenticated: Boolean, userId: String // If user authentication is detected } }); // Compound indexes for efficient querying RouteMonitorSchema.index({ sourceId: 1, timestamp: -1 }); RouteMonitorSchema.index({ sourceId: 1, method: 1, path: 1 }); RouteMonitorSchema.index({ timestamp: -1 }); // For time-based queries // Schema for remote Source ID blocking const BlocklistSchema = new mongoose.Schema({ sourceId: { type: String, required: true, unique: true, index: true }, blockReason: { type: String, required: true }, blockedBy: { type: String, required: true }, // Vendor identifier who initiated the block blockTime: { type: Date, default: Date.now }, isActive: { type: Boolean, default: true, index: true }, lastChecked: { type: Date, default: Date.now }, blockType: { type: String, enum: ['temporary', 'permanent', 'investigation'], default: 'permanent' }, expirationTime: Date, // For temporary blocks escalationLevel: { type: String, enum: ['low', 'medium', 'high', 'critical'], default: 'medium' }, relatedIncidents: [String], // Related incident IDs or case numbers automaticBlock: { type: Boolean, default: false }, // If block was triggered automatically reviewStatus: { type: String, enum: ['pending', 'reviewed', 'appealed', 'resolved'], default: 'pending' }, notes: String, // Additional notes about the block createdAt: { type: Date, default: Date.now }, updatedAt: { type: Date, default: Date.now } }); // Pre-save middleware to update timestamps BlocklistSchema.pre('save', function (next) { this.updatedAt = new Date(); next(); }); // Export schemas for use in other modules module.exports = { DeploymentSchema, ModelMirrorSchema, RouteMonitorSchema, BlocklistSchema };