vinnie/localgreenchain
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
localgreenchain/lib/security/index.ts
Claude 5ea8bab5c3
Add production deployment infrastructure (Agent 4) 
- Docker: Multi-stage Dockerfile with security hardening, docker-compose
  for production and development environments
- Environment: Comprehensive .env.example with all config options,
  lib/config/env.ts for typed environment validation
- Logging: Structured JSON logging with request/response middleware
- Monitoring: Prometheus metrics endpoint, Grafana dashboard, health
  checks (liveness/readiness probes)
- Security: Security headers, rate limiting, CORS middleware
- CI/CD: GitHub Actions workflows for CI, production deploy, and
  preview deployments
- Error tracking: Sentry integration foundation

Files created:
- Docker: Dockerfile, docker-compose.yml, docker-compose.dev.yml, .dockerignore
- Config: lib/config/env.ts, lib/config/index.ts
- Logging: lib/logging/logger.ts, lib/logging/middleware.ts
- Monitoring: lib/monitoring/sentry.ts, lib/monitoring/metrics.ts,
  lib/monitoring/health.ts
- Security: lib/security/headers.ts, lib/security/rateLimit.ts,
  lib/security/cors.ts
- API: pages/api/health/*, pages/api/metrics.ts
- Infra: infra/prometheus/prometheus.yml, infra/grafana/*
2025-11-23 03:54:03 +00:00

71 lines
1.7 KiB
TypeScript
Raw Blame History

/**
* Security Module
* Agent 4: Production Deployment
*
* Central export for security utilities.
*/
export { withSecurityHeaders, applySecurityHeaders } from './headers';
export type { SecurityHeadersConfig } from './headers';
export {
withRateLimit,
createRateLimiter,
authRateLimiter,
apiRateLimiter,
} from './rateLimit';
export type { RateLimitConfig, RateLimitEntry } from './rateLimit';
export { withCors, applyCorsHeaders, strictCors, openCors } from './cors';
export type { CorsConfig } from './cors';
/**
* Compose multiple security middlewares
*/
import type { NextApiHandler } from 'next';
import { withSecurityHeaders } from './headers';
import { withRateLimit } from './rateLimit';
import { withCors } from './cors';
import { withLogging } from '../logging';
/**
* Apply all security middlewares to an API handler
* Order: CORS -> Security Headers -> Rate Limit -> Logging -> Handler
*/
export function withSecurity(handler: NextApiHandler): NextApiHandler {
return withCors(
withSecurityHeaders(
withRateLimit(
withLogging(handler)
)
)
);
}
/**
* Apply security middlewares for public APIs
* Less restrictive for external access
*/
export function withPublicSecurity(handler: NextApiHandler): NextApiHandler {
return withCors(
withSecurityHeaders(
withLogging(handler)
),
{ origins: ['*'], credentials: false }
);
}
/**
* Apply security middlewares for authenticated APIs
* Stricter rate limiting
*/
export function withAuthSecurity(handler: NextApiHandler): NextApiHandler {
return withCors(
withSecurityHeaders(
withRateLimit(
withLogging(handler),
{ maxRequests: 30, windowMs: 60000 }
)
)
);
}
Reference in a new issue View git blame Copy permalink