michaelschiemer/resources/js/modules/security/index.js

/**
 * Security Module
 * 
 * Provides security-related utilities including CSRF, XSS protection, and CSP helpers.
 * 
 * Usage:
 * - Add data-module="security" to enable global security features
 * - Or import and use directly: import { SecurityManager } from './modules/security/index.js'
 * 
 * Features:
 * - CSRF token management and auto-refresh
 * - XSS protection helpers
 * - Content Security Policy helpers
 * - Security headers validation
 */

import { Logger } from '../../core/logger.js';
import { SecurityManager } from './SecurityManager.js';
import { CsrfManager } from './CsrfManager.js';

const SecurityModule = {
    name: 'security',
    securityManager: null,
    
    init(config = {}, state = null) {
        Logger.info('[SecurityModule] Module initialized');
        
        // Create security manager
        this.securityManager = SecurityManager.create(config);
        
        // Expose globally for easy access
        if (typeof window !== 'undefined') {
            window.SecurityManager = this.securityManager;
            window.CsrfManager = this.securityManager.csrfManager;
        }
        
        return this;
    },
    
    /**
     * Get security manager instance
     */
    getSecurityManager() {
        return this.securityManager || SecurityManager.create();
    },
    
    /**
     * Get CSRF token
     */
    getCsrfToken() {
        return this.securityManager?.getCsrfToken() || null;
    },
    
    /**
     * Refresh CSRF token
     */
    async refreshCsrfToken() {
        if (this.securityManager) {
            return await this.securityManager.refreshCsrfToken();
        }
    },
    
    destroy() {
        if (this.securityManager) {
            this.securityManager.destroy();
            this.securityManager = null;
        }
        
        if (typeof window !== 'undefined') {
            delete window.SecurityManager;
            delete window.CsrfManager;
        }
        
        Logger.info('[SecurityModule] Module destroyed');
    }
};

// Export for direct usage
export { SecurityManager, CsrfManager };

// Export as default for module system
export default SecurityModule;

// Export init function for module system
export const init = SecurityModule.init.bind(SecurityModule);