qapinterface
Version:
Comprehensive API utilities for Node.js applications including authentication, security, request processing, and response handling with zero external dependencies
179 lines (153 loc) • 5.99 kB
JavaScript
/**
* Library Index - Main exports for the qapi module
* Single Responsibility: Provide a clean API surface for all library functionality
*/
// Core utilities
const dataSanitizer = require('./core/data-sanitizer');
// Validation utilities
const emailValidator = require('./validation/email-validator');
const apiPathValidator = require('./validation/api-path-validator');
const stringValidatorFactory = require('./validation/string-validator-factory');
const { createValidator, validators } = require(`./utility/validation`); // generic validator factory & schema helpers
// ID generation utilities
const uniqueGenerator = require('./id/unique-generator');
const syncGenerator = require('./id/sync-generator');
const apiKeyGenerator = require('./id/api-key-generator');
const idNonceGenerator = require('./id/nonce-generator');
// Versioning modules
const versionFormatter = require('./versioning/formatter'); // exposes API version formatting utilities
// Security modules
const middlewareFactory = require('./security/middleware-factory');
const cspHeaderBuilder = require('./security/csp-header-builder');
const httpsEnforcer = require('./security/https-enforcer');
const cspNonceGenerator = require('./security/csp-nonce-generator');
const nonceMiddleware = require('./security/nonce-middleware');
const nonceValidator = require('./security/nonce-validator');
const sqlInjectionDetector = require('./security/sql-injection-detector');
const nosqlInjectionDetector = require('./security/nosql-injection-detector');
const xssDetector = require('./security/xss-detector');
const pathTraversalDetector = require('./security/path-traversal-detector');
const patternAnalyzer = require('./security/pattern-analyzer');
const userAgentAnalyzer = require('./security/user-agent-analyzer');
const eventLogger = require('./security/event-logger');
const monitoringMiddleware = require('./security/monitoring-middleware');
const incidentTracker = require('./security/incident-tracker');
// Request handling modules
const contextExtractor = require('./request/context-extractor');
const requestIdGenerator = require('./request/id-generator');
const requestIdMiddleware = require(`./request/id-middleware`); // middleware adding unique request IDs to requests
const requestValidation = require('./request/validation');
const requestLogging = require('./request/logging');
// Timing utilities
const timer = require('./timing/timer');
// Service modules
const healthCheck = require('./services/health-check');
const retryHandler = require('./services/retry-handler');
const asyncValidator = require('./services/async-validator');
const multiValidator = require('./services/multi-validator');
const errorClassifier = require('./services/error-classifier');
// Authentication modules
const apiKeyExtractor = require('./authentication/api-key-extractor');
const passportStrategy = require('./authentication/passport-strategy');
// Utility modules
const consoleLogger = require('./utility/console-logger');
// Logging utilities
const { logError } = require(`./http/error-logger`); // simple error logger for non-middleware contexts
// Legacy modules (still in use)
const http = require('./http');
const asyncLogger = require('./asyncLogger');
const rateLimiter = require('./rateLimiter');
const url = require('./url');
const memoryMonitor = require('./utility/memoryMonitor'); // memory monitoring utilities
const utils = require('./utils'); // generic utility helpers
/**
* Security middleware stack combining multiple security middlewares.
* @param {object} [options={}] - Security options.
* @returns {Array<function>} - Array of middleware functions.
*/
function securityMiddlewareStack(options = {}) {
return [
nonceMiddleware.nonceGenerator,
middlewareFactory.createSecurityMiddleware(options),
];
}
module.exports = {
// Core utilities
...dataSanitizer,
// Validation utilities
...emailValidator,
...apiPathValidator,
...stringValidatorFactory,
createValidator,
validators,
// ID generation utilities
...uniqueGenerator,
...syncGenerator,
...apiKeyGenerator,
...idNonceGenerator,
// Versioning
...versionFormatter,
// Security
...middlewareFactory,
...cspHeaderBuilder,
...httpsEnforcer,
...cspNonceGenerator,
...nonceMiddleware,
...nonceValidator,
...sqlInjectionDetector,
...nosqlInjectionDetector,
...xssDetector,
...pathTraversalDetector,
...patternAnalyzer,
...userAgentAnalyzer,
...eventLogger,
...monitoringMiddleware,
...incidentTracker,
securityMiddlewareStack,
// Request handling
...contextExtractor,
...requestIdGenerator,
...requestIdMiddleware, // exposes addRequestId middleware for tracing
...requestValidation,
...requestLogging,
// Timing utilities
...timer,
// Services
...healthCheck,
...retryHandler,
...asyncValidator,
...multiValidator,
...errorClassifier,
// Authentication
...apiKeyExtractor,
...passportStrategy,
// Utility functions
...consoleLogger,
// Logging utilities
logError,
// Legacy exports (for backwards compatibility)
...utils, // export generic utilities to maintain backwards compatibility
...http,
...asyncLogger,
...rateLimiter,
...url,
...memoryMonitor,
// Convenience aliases for common functions
createSuccessResponse: http.createSuccessResponse,
createErrorResponse: http.createErrorResponse,
errorHandlerMiddleware: http.errorHandlerMiddleware,
sendJsonResponse: http.sendJsonResponse,
handleControllerError: http.handleControllerError,
throwIfResNotOk: http.throwIfResNotOk,
validateAndReturnResponse: http.validateAndReturnResponse,
isResponseOk: http.isResponseOk,
getResponseError: http.getResponseError,
apiRequest: http.apiRequest,
apiGet: http.apiGet,
apiPost: http.apiPost,
apiPut: http.apiPut,
apiDelete: http.apiDelete,
apiPatch: http.apiPatch,
logger: asyncLogger.logger,
createRateLimiterMiddleware: rateLimiter.createRateLimiterMiddleware,
};