const manual = `

                AISYAH - SECURITY TOOLKIT

================================================================

[ KEGUNAAN ] Paket ini adalah "All-in-One Security Suite" untuk aplikasi Node.js. Dirancang untuk berjalan di berbagai lingkungan termasuk Android (Termux) karena menggunakan library "pure javascript" (Jimp) untuk pemrosesan gambar, bukan binary native yang sering bermasalah di mobile.

Fitur Utama:

1. Enkripsi Data & 2FA (Google Authenticator)
2. Proteksi Jaringan (Rate Limit, Bot Detect, CORS, Proxy Detect)
3. Keamanan File (MIME Sniffing, EXIF Remover, Zip Bomb Defend)
4. Sanitasi Input (XSS, SQL Injection)
5. Manajemen Autentikasi (Password Strength, Session, Magic Link)
6. Logging & Database (Integrasi MongoDB otomatis)

[ CARA INSTALL ] Pastikan Node.js sudah terinstall, lalu jalankan:

$ npm install aisyah

Dependency yang akan terinstall otomatis:

• mongoose (Database)
• jimp (Gambar/Android support)
• speakeasy, qrcode (2FA)
• file-type, adm-zip (File checking)
• uuid (ID generation)

[ CARA PENGGUNAAN (INIT) ] Import dan jalankan konfigurasi awal. Pastikan MongoDB local/cloud siap.

const Aisyah = require('aisyah');

const security = new Aisyah({ secretKey: 'kunci_rahasia_aplikasi_anda', // Wajib diganti mongoUri: 'mongodb://localhost:27017/aisyah_security', // Otomatis connect maxUploadSize: 5 * 1024 * 1024, // 5MB tempDir: './temp_uploads' });

[ 1. ENKRIPSI & 2FA ]

// Enkripsi String const rahasia = security.encryption.encrypt("Data Penting"); const asli = security.encryption.decrypt(rahasia);

// 2 Factor Auth (Google Auth) const secret = security.twoFactor.generateSecret(); const qrCode = await security.twoFactor.generateQRCode(secret.otpauth_url); // Verifikasi const isValid = security.twoFactor.verifyToken(secret.base32, '123456');

[ 2. NETWORK GUARD (Express/Fastify Middleware) ]

// Rate Limiter (Cegah Spam Request) // Cek IP pengguna, max 100 request per menit if (!security.network.checkRateLimit('192.168.1.1', 100)) { return 'Too Many Requests'; }

// Bot Detection if (security.network.isBot(req.headers['user-agent'])) { return 'Bot Detected'; }

// Secure Headers const headers = security.network.getSecureHeaders(); // Gunakan: res.set(headers);

[ 3. FILE SECURITY (Support Android/Jimp) ]

const fs = require('fs');

// Cek Zip Bomb const buffer = fs.readFileSync('upload.zip'); if (security.fileGuard.checkZipBomb(buffer)) { throw new Error('Zip Bomb Detected!'); }

// Bersihkan Metadata Foto (GPS/EXIF) - Aman untuk Android const cleanImageBuffer = await security.fileGuard.stripImageMetadata(imageBuffer);

// Cek Tipe File Asli (MIME Sniffing) const mime = await security.fileGuard.getMimeType(buffer); // ex: 'image/png'

[ 4. INPUT SANITIZER & VALIDATOR ]

// XSS & SQL Injection const cleanInput = security.sanitizer.xssFilter("alert(1)"); // <script>... const isSqli = security.sanitizer.checkSqlInjection("' OR '1'='1"); // true

// Email & URL Scanner const isEmailValid = await security.validator.validateEmail('[email protected]'); // Cek MX Record const urlCheck = await security.validator.scanUrl('http://malicious-site.com'); // Cek Blacklist DB

[ 5. AUTH MANAGER ]

// Cek Password const passCheck = security.auth.checkPasswordStrength('admin123'); // Output: { score: 2, isStrong: false }

// Generate API Key const apiKey = security.auth.generateApiKey('sk_prod_');

// Session Encryption const sessId = security.auth.createSession({ userId: 1, role: 'admin' }); const sessData = security.auth.getSession(sessId);

[ CATATAN PENTING ] Paket ini menggunakan 'mongoose'. Saat di-instantiate: new Aisyah({ ... }) Koneksi ke MongoDB akan berjalan otomatis di background. Pastikan service MongoDB (mongod) sudah berjalan.

================================================================ `;

console.log(manual);

module.exports = manual;