/**
 * Security Module
 * Agent 4: Production Deployment
 *
 * Central export for security utilities.
 */

export { withSecurityHeaders, applySecurityHeaders } from './headers';
export type { SecurityHeadersConfig } from './headers';

export {
  withRateLimit,
  createRateLimiter,
  authRateLimiter,
  apiRateLimiter,
} from './rateLimit';
export type { RateLimitConfig, RateLimitEntry } from './rateLimit';

export { withCors, applyCorsHeaders, strictCors, openCors } from './cors';
export type { CorsConfig } from './cors';

/**
 * Compose multiple security middlewares
 */
import type { NextApiHandler } from 'next';
import { withSecurityHeaders } from './headers';
import { withRateLimit } from './rateLimit';
import { withCors } from './cors';
import { withLogging } from '../logging';

/**
 * Apply all security middlewares to an API handler
 * Order: CORS -> Security Headers -> Rate Limit -> Logging -> Handler
 */
export function withSecurity(handler: NextApiHandler): NextApiHandler {
  return withCors(
    withSecurityHeaders(
      withRateLimit(
        withLogging(handler)
      )
    )
  );
}

/**
 * Apply security middlewares for public APIs
 * Less restrictive for external access
 */
export function withPublicSecurity(handler: NextApiHandler): NextApiHandler {
  return withCors(
    withSecurityHeaders(
      withLogging(handler)
    ),
    { origins: ['*'], credentials: false }
  );
}

/**
 * Apply security middlewares for authenticated APIs
 * Stricter rate limiting
 */
export function withAuthSecurity(handler: NextApiHandler): NextApiHandler {
  return withCors(
    withSecurityHeaders(
      withRateLimit(
        withLogging(handler),
        { maxRequests: 30, windowMs: 60000 }
      )
    )
  );
}