Package Exports
- xypriss
- xypriss/package.json
Readme
XyPriss (Beta)
A Node.js web framework with Express-like API, built-in security middleware, and routing system
About XyPriss
XyPriss is a Node.js web framework with an Express-like API, built from the ground up with TypeScript. It provides built-in security middleware, a flexible routing system, and performance optimizations without depending on Express.
Key Benefits
- Independent web framework with Express-like API
- Built-in security middleware (12 security modules)
- Flexible routing system with wildcard and parameter support
- TypeScript support with full type definitions
Migration Notice: This library is the evolved version of FortifyJS. The FortifyJS library will be deprecated soon - migrate to XyPriss for continued support and new features. Learn more
Quick Start
# Install XyPriss
npm install xypriss
# Or with yarn
yarn add xyprissimport { createServer } from "xypriss";
// Create a XyPriss server
const server = createServer({
server: { port: 3000 },
security: { enabled: true },
performance: { clustering: true },
});
// Use Express-like API
server.get("/", (req, res) => {
res.json({
message: "Hello from XyPriss!",
powered: "Nehonix",
});
});
// Start the server
server.start();Your server is now running with built-in security middleware and routing capabilities.
Table of Contents
- About XyPriss
- Quick Start
- Key Features
- Routing Documentation
- Installation
- Basic Usage
- Configuration
- Documentation
- Contributing
- License
- Support
Key Features
Routing System
- Express-like API for familiar development experience
- Advanced route patterns with parameter support (
:id,:name) - Wildcard routing with single (
*) and multi-segment (**) support - Router mounting and middleware support
- Route-specific middleware and parameter extraction
Security and Reliability
- 12 built-in security middleware modules
- CSRF protection with csrf-csrf library
- Security headers (Helmet), CORS, rate limiting
- Input validation and sanitization (XSS, MongoDB injection protection)
- Request logging and monitoring
Performance and Scalability
- Independent HTTP server implementation
- Fast server initialization with minimal overhead
- Multi-tier caching system supporting memory, Redis, and hybrid strategies
- Automatic port detection and switching with configurable port ranges
- Built-in clustering with automatic scaling based on system load
Developer Experience
- Complete TypeScript support with type definitions
- Extensible plugin system for custom functionality
- Comprehensive documentation and examples
Routing Documentation
XyPriss provides a flexible routing system with Express-like API but without Express dependency.
Basic Routing
import { createServer } from "xypriss";
const app = createServer();
// Basic routes
app.get("/", (req, res) => {
res.json({ message: "Hello World" });
});
app.post("/users", (req, res) => {
res.json({ message: "User created", data: req.body });
});
app.put("/users/:id", (req, res) => {
res.json({ message: "User updated", id: req.params.id });
});
app.delete("/users/:id", (req, res) => {
res.json({ message: "User deleted", id: req.params.id });
});Route Parameters
// Single parameter
app.get("/users/:id", (req, res) => {
const userId = req.params.id;
res.json({ userId });
});
// Multiple parameters
app.get("/users/:userId/posts/:postId", (req, res) => {
const { userId, postId } = req.params;
res.json({ userId, postId });
});Wildcard Routes
XyPriss supports two types of wildcards:
Single Wildcard (*) - Matches one path segment
// Matches: /files/document.pdf, /files/image.jpg
// Does NOT match: /files/folder/document.pdf
app.get("/files/*", (req, res) => {
const filename = req.params["*"];
res.json({ filename });
});Double Wildcard (**) - Matches multiple path segments
// Matches: /api/v1/users, /api/v1/users/123/posts
app.get("/api/**", (req, res) => {
const path = req.params["**"];
res.json({ capturedPath: path });
});Router System
Create modular routes using the Router system:
import { createServer, Router } from "xypriss"; // import XyPrissRouter for full control
const app = createServer();
// Create a router
const userRouter = Router();
// Add routes to router
userRouter.get("/", (req, res) => {
res.json({ message: "Get all users" });
});
userRouter.get("/:id", (req, res) => {
res.json({ message: "Get user", id: req.params.id });
});
userRouter.post("/", (req, res) => {
res.json({ message: "Create user", data: req.body });
});
// Mount router at /api/users
app.use("/api/users", userRouter);
// Router with middleware
const adminRouter = Router();
adminRouter.use((req, res, next) => {
// Admin authentication middleware
console.log("Admin route accessed");
next();
});
adminRouter.get("/dashboard", (req, res) => {
res.json({ message: "Admin dashboard" });
});
app.use("/admin", adminRouter);Middleware
Add middleware to routes or routers:
// Global middleware
app.use((req, res, next) => {
console.log(`${req.method} ${req.path}`);
next();
});
// Route-specific middleware
app.get(
"/protected",
(req, res, next) => {
// Authentication middleware
if (!req.headers.authorization) {
return res.status(401).json({ error: "Unauthorized" });
}
next();
},
(req, res) => {
res.json({ message: "Protected resource" });
}
);
// Router middleware
const apiRouter = Router();
apiRouter.use((req, res, next) => {
// API-specific middleware
res.setHeader("X-API-Version", "1.0");
next();
});Route Examples
// Combined parameters and wildcards
app.get("/users/:id/files/*", (req, res) => {
const { id } = req.params;
const filename = req.params["*"];
res.json({ userId: id, filename });
});
// Deep wildcard routing
app.get("/docs/**", (req, res) => {
const docPath = req.params["**"];
res.json({ documentPath: docPath });
});
// API versioning with routers
const v1Router = Router();
const v2Router = Router();
v1Router.get("/users", (req, res) => {
res.json({ version: "v1", users: [] });
});
v2Router.get("/users", (req, res) => {
res.json({ version: "v2", users: [], pagination: {} });
});
app.use("/api/v1", v1Router);
app.use("/api/v2", v2Router);Installation
npm install xyprissFor security features:
npm install xypriss xypriss-securityQuick Start
Basic Server Setup
import { createServer } from "xypriss";
// Create a new XyPriss server
const app = createServer({
server: {
port: 3000,
host: "localhost",
autoPortSwitch: {
enabled: true,
portRange: [8086, 3010],
},
},
cache: {
strategy: "memory",
maxSize: 100 * 1024 * 1024, // 100MB
ttl: 3600, // 1 hour
},
});
// Define routes using Express-like syntax
app.get("/", (req, res) => {
res.json({ message: "Hello from XyPriss!" });
});
app.get("/api/users/:id", (req, res) => {
const userId = req.params.id;
res.json({ userId, data: "User data" });
});
// Start the server
app.start(undefined, () => {
console.log(
"Secure XyPriss server running at http://localhost:" + app.getPort()
);
});Advanced Configuration
import { createServer } from "xypriss";
const server = createServer({
env: "production",
server: {
port: 8080,
host: "0.0.0.0",
autoPortSwitch: {
enabled: true,
maxAttempts: 5,
portRange: [8080, 8090],
strategy: "increment",
},
},
cache: {
strategy: "hybrid", // Memory + Redis
maxSize: 500 * 1024 * 1024, // 500MB
ttl: 7200, // 2 hours
redis: {
host: "localhost",
port: 6379,
cluster: true,
nodes: [
{ host: "redis-1", port: 6379 },
{ host: "redis-2", port: 6379 },
],
},
},
requestManagement: {
timeout: {
enabled: true,
defaultTimeout: 30000, // 30 seconds
routes: {
"/api/upload": 300000, // 5 minutes for uploads
"/api/quick": 5000, // 5 seconds for quick endpoints
},
},
concurrency: {
maxConcurrentRequests: 1000,
maxPerIP: 50,
},
},
cluster: {
enabled: true,
workers: "auto", // Auto-detect CPU cores
autoScale: {
enabled: true,
minWorkers: 2,
maxWorkers: 8,
cpuThreshold: 80,
},
},
});With XyPriss Security Integration
import { createServer } from "xypriss";
import { XyPrissSecurity as security, fString, fArray } from "xypriss-security";
const server = createServer({
server: {
port: 3000,
host: "localhost",
},
});
// Secure route with encryption
server.post("/api/secure-data", async (req, res) => {
try {
// Use secure data structures
const secureData = fArray(req.body.sensitiveArray);
const securePassword = fString(req.body.password, {
protectionLevel: "maximum",
enableEncryption: true,
});
// Generate secure token
const token = security.generateSecureToken({
length: 32,
entropy: "maximum",
});
res.json({
success: true,
token,
dataLength: secureData.length,
});
} catch (error) {
res.status(500).json({ error: "Security operation failed" });
}
});
server.start(undefined, () => {
console.log(
"Secure XyPriss server running at http://localhost:" + server.getPort()
);
});Architecture
Core Framework (xypriss)
- Server Factory: Independent HTTP server creation with
createServer() - Routing System: Express-like API with advanced pattern matching
- Security Middleware: 12 built-in security modules
- Cache Engine: Multi-tier caching system with intelligent invalidation
- Plugin System: Extensible plugin architecture
Security Module (xypriss-security)
XyPriss integrates with the XyPriss Security toolkit, providing:
- Secure Data Structures:
fArray,fString,fObjectwith encryption - Cryptographic Functions: Token generation, hashing, key derivation
- Advanced Security: Post-quantum cryptography, tamper-evident logging
- Performance: Fortified functions with security monitoring
import { createServer } from "xypriss";
import {
XyPrissSecurity as security, // or just import XyPriss
fArray,
fString,
fObject,
generateSecureToken,
} from "xypriss-security";
// Use both together
const server = createServer({
/* config */
});Documentation
- Getting Started Guide
- Routing System
- Security Guide
- API Reference
- Configuration Options
- Plugin Development
Configuration
XyPriss supports extensive configuration through the ServerOptions interface:
interface ServerOptions {
env?: "development" | "production" | "test";
server?: {
port?: number;
host?: string;
autoPortSwitch?: {
enabled?: boolean;
portRange?: [number, number];
strategy?: "increment" | "random" | "predefined";
};
};
cache?: {
strategy?: "auto" | "memory" | "redis" | "hybrid";
maxSize?: number;
ttl?: number;
redis?: RedisConfig;
};
requestManagement?: RequestManagementConfig;
cluster?: ClusterConfig;
// ... and many more options
}Performance
XyPriss is optimized for production use:
- Fast server initialization with minimal overhead
- High-throughput request handling
- Efficient memory usage with automatic cleanup
- Low-latency cache access
- Horizontal scaling through clustering
Available Modules
XyPriss includes several specialized modules for enhanced functionality:
ACPES - Advanced Cross-Platform Encrypted Storage
Location: mods/ACPES/
A secure, cross-platform storage solution that works seamlessly across Web, Mobile (React Native), and Node.js environments.
Features:
- Cross-platform compatibility (Web, Mobile, Node.js)
- Double AES-256 encryption with PBKDF2 key derivation
- Integrity verification with HMAC-SHA256 checksums
- Device fingerprinting for unique encryption keys
- Automatic lockout protection against brute force attacks
- TTL support for automatic data expiration
- LZ-string compression for large data
Quick Usage:
import { Storage, STORAGE_KEYS } from "xypriss-acpes";
// Store sensitive data
await Storage.setItem(STORAGE_KEYS.SESSION_TOKEN, "your-token");
// Retrieve data
const token = await Storage.getItem(STORAGE_KEYS.SESSION_TOKEN);Documentation: ACPES Documentation
Security Module
Location: mods/security/
Comprehensive security utilities and middleware for XyPriss applications.
Features:
- Request validation and sanitization
- Rate limiting and DDoS protection
- Security headers management
- Authentication and authorization utilities
- Cryptographic functions and secure random generation
Documentation: Security Module Documentation
Contributing
Contributions are welcome. Please see our Contributing Guide.
License
MIT License - see LICENSE file for details.
Support
Powered by Nehonix
XyPriss is developed and maintained by the Nehonix Team.
