@almadar/server 2.0.9 → 2.1.1

package/dist/middleware/index.js

@@ -1,284 +0,0 @@
-import { z, ZodError } from 'zod';
-import dotenv from 'dotenv';
-import admin from 'firebase-admin';
-
-// src/middleware/errorHandler.ts
-dotenv.config();
-var envSchema = z.object({
-  NODE_ENV: z.enum(["development", "production", "test"]).default("development"),
-  PORT: z.string().default("3030").transform((val) => parseInt(val, 10)),
-  CORS_ORIGIN: z.string().default("http://localhost:5173").transform((val) => val.includes(",") ? val.split(",").map((s) => s.trim()) : val),
-  // Database (Prisma/SQL) - optional
-  DATABASE_URL: z.string().optional(),
-  // Firebase/Firestore configuration
-  FIREBASE_PROJECT_ID: z.string().optional(),
-  FIREBASE_CLIENT_EMAIL: z.string().optional(),
-  FIREBASE_PRIVATE_KEY: z.string().optional(),
-  FIREBASE_SERVICE_ACCOUNT_PATH: z.string().optional(),
-  FIRESTORE_EMULATOR_HOST: z.string().optional(),
-  FIREBASE_AUTH_EMULATOR_HOST: z.string().optional(),
-  // API configuration
-  API_PREFIX: z.string().default("/api"),
-  // Mock data configuration
-  USE_MOCK_DATA: z.string().default("true").transform((v) => v === "true"),
-  MOCK_SEED: z.string().optional().transform((v) => v ? parseInt(v, 10) : void 0)
-});
-var parsed = envSchema.safeParse(process.env);
-if (!parsed.success) {
-  console.error("\u274C Invalid environment variables:", parsed.error.flatten().fieldErrors);
-  throw new Error("Invalid environment variables");
-}
-var env = parsed.data;
-
-// src/lib/logger.ts
-var colors = {
-  debug: "\x1B[36m",
-  // Cyan
-  info: "\x1B[32m",
-  // Green
-  warn: "\x1B[33m",
-  // Yellow
-  error: "\x1B[31m",
-  // Red
-  reset: "\x1B[0m"
-};
-var shouldLog = (level) => {
-  const levels = ["debug", "info", "warn", "error"];
-  const minLevel = env.NODE_ENV === "production" ? "info" : "debug";
-  return levels.indexOf(level) >= levels.indexOf(minLevel);
-};
-var formatMessage = (level, message, meta) => {
-  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
-  const color = colors[level];
-  const prefix = `${color}[${level.toUpperCase()}]${colors.reset}`;
-  const metaStr = meta ? ` ${JSON.stringify(meta)}` : "";
-  return `${timestamp} ${prefix} ${message}${metaStr}`;
-};
-var logger = {
-  debug: (message, meta) => {
-    if (shouldLog("debug")) {
-      console.log(formatMessage("debug", message, meta));
-    }
-  },
-  info: (message, meta) => {
-    if (shouldLog("info")) {
-      console.log(formatMessage("info", message, meta));
-    }
-  },
-  warn: (message, meta) => {
-    if (shouldLog("warn")) {
-      console.warn(formatMessage("warn", message, meta));
-    }
-  },
-  error: (message, meta) => {
-    if (shouldLog("error")) {
-      console.error(formatMessage("error", message, meta));
-    }
-  }
-};
-
-// src/middleware/errorHandler.ts
-var AppError = class extends Error {
-  constructor(statusCode, message, code) {
-    super(message);
-    this.statusCode = statusCode;
-    this.message = message;
-    this.code = code;
-    this.name = "AppError";
-  }
-};
-var NotFoundError = class extends AppError {
-  constructor(message = "Resource not found") {
-    super(404, message, "NOT_FOUND");
-  }
-};
-var ValidationError = class extends AppError {
-  constructor(message = "Validation failed") {
-    super(400, message, "VALIDATION_ERROR");
-  }
-};
-var UnauthorizedError = class extends AppError {
-  constructor(message = "Unauthorized") {
-    super(401, message, "UNAUTHORIZED");
-  }
-};
-var ForbiddenError = class extends AppError {
-  constructor(message = "Forbidden") {
-    super(403, message, "FORBIDDEN");
-  }
-};
-var ConflictError = class extends AppError {
-  constructor(message = "Resource conflict") {
-    super(409, message, "CONFLICT");
-  }
-};
-var errorHandler = (err, _req, res, _next) => {
-  logger.error("Error:", { name: err.name, message: err.message, stack: err.stack });
-  if (err instanceof ZodError) {
-    res.status(400).json({
-      success: false,
-      error: "Validation failed",
-      code: "VALIDATION_ERROR",
-      details: err.errors.map((e) => ({
-        path: e.path.join("."),
-        message: e.message
-      }))
-    });
-    return;
-  }
-  if (err instanceof AppError) {
-    res.status(err.statusCode).json({
-      success: false,
-      error: err.message,
-      code: err.code
-    });
-    return;
-  }
-  if (err.name === "FirebaseError" || err.name === "FirestoreError") {
-    res.status(500).json({
-      success: false,
-      error: "Database error",
-      code: "DATABASE_ERROR"
-    });
-    return;
-  }
-  res.status(500).json({
-    success: false,
-    error: "Internal server error",
-    code: "INTERNAL_ERROR"
-  });
-};
-var asyncHandler = (fn) => (req, res, next) => {
-  Promise.resolve(fn(req, res, next)).catch(next);
-};
-var notFoundHandler = (req, res) => {
-  res.status(404).json({
-    success: false,
-    error: `Route ${req.method} ${req.path} not found`,
-    code: "ROUTE_NOT_FOUND"
-  });
-};
-var validateBody = (schema) => async (req, res, next) => {
-  try {
-    req.body = await schema.parseAsync(req.body);
-    next();
-  } catch (error) {
-    if (error instanceof ZodError) {
-      res.status(400).json({
-        success: false,
-        error: "Validation failed",
-        code: "VALIDATION_ERROR",
-        details: error.errors.map((e) => ({
-          path: e.path.join("."),
-          message: e.message
-        }))
-      });
-      return;
-    }
-    next(error);
-  }
-};
-var validateQuery = (schema) => async (req, res, next) => {
-  try {
-    req.query = await schema.parseAsync(req.query);
-    next();
-  } catch (error) {
-    if (error instanceof ZodError) {
-      res.status(400).json({
-        success: false,
-        error: "Invalid query parameters",
-        code: "VALIDATION_ERROR",
-        details: error.errors.map((e) => ({
-          path: e.path.join("."),
-          message: e.message
-        }))
-      });
-      return;
-    }
-    next(error);
-  }
-};
-var validateParams = (schema) => async (req, res, next) => {
-  try {
-    req.params = await schema.parseAsync(req.params);
-    next();
-  } catch (error) {
-    if (error instanceof ZodError) {
-      res.status(400).json({
-        success: false,
-        error: "Invalid path parameters",
-        code: "VALIDATION_ERROR",
-        details: error.errors.map((e) => ({
-          path: e.path.join("."),
-          message: e.message
-        }))
-      });
-      return;
-    }
-    next(error);
-  }
-};
-function getApp() {
-  if (admin.apps.length === 0) {
-    throw new Error(
-      "@almadar/server: Firebase Admin SDK is not initialized. Call initializeFirebase() or admin.initializeApp() before using @almadar/server."
-    );
-  }
-  return admin.app();
-}
-function getFirestore() {
-  return getApp().firestore();
-}
-function getAuth() {
-  return getApp().auth();
-}
-new Proxy({}, {
-  get(_target, prop, receiver) {
-    const firestore = getFirestore();
-    const value = Reflect.get(firestore, prop, receiver);
-    return typeof value === "function" ? value.bind(firestore) : value;
-  }
-});
-
-// src/middleware/authenticateFirebase.ts
-var BEARER_PREFIX = "Bearer ";
-var DEV_USER = {
-  uid: "dev-user-001",
-  email: "dev@localhost",
-  email_verified: true,
-  aud: "dev-project",
-  auth_time: Math.floor(Date.now() / 1e3),
-  exp: Math.floor(Date.now() / 1e3) + 3600,
-  iat: Math.floor(Date.now() / 1e3),
-  iss: "https://securetoken.google.com/dev-project",
-  sub: "dev-user-001",
-  firebase: {
-    identities: {},
-    sign_in_provider: "custom"
-  }
-};
-async function authenticateFirebase(req, res, next) {
-  const authorization = req.headers.authorization;
-  if (env.NODE_ENV === "development" && (!authorization || !authorization.startsWith(BEARER_PREFIX))) {
-    req.firebaseUser = DEV_USER;
-    res.locals.firebaseUser = DEV_USER;
-    return next();
-  }
-  try {
-    if (!authorization || !authorization.startsWith(BEARER_PREFIX)) {
-      return res.status(401).json({ error: "Authorization header missing or malformed" });
-    }
-    const token = authorization.slice(BEARER_PREFIX.length);
-    const decodedToken = await getAuth().verifyIdToken(token);
-    req.firebaseUser = decodedToken;
-    res.locals.firebaseUser = decodedToken;
-    return next();
-  } catch (error) {
-    console.error("Firebase authentication failed:", error);
-    return res.status(401).json({ error: "Unauthorized" });
-  }
-}
-
-export { AppError, ConflictError, ForbiddenError, NotFoundError, UnauthorizedError, ValidationError, asyncHandler, authenticateFirebase, errorHandler, notFoundHandler, validateBody, validateParams, validateQuery };
-//# sourceMappingURL=index.js.map
-//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/lib/env.ts","../../src/lib/logger.ts","../../src/middleware/errorHandler.ts","../../src/middleware/validation.ts","../../src/lib/db.ts","../../src/middleware/authenticateFirebase.ts"],"names":["ZodError"],"mappings":";;;;;AAIA,MAAA,CAAO,MAAA,EAAO;AAEd,IAAM,SAAA,GAAY,EAAE,MAAA,CAAO;AAAA,EACzB,QAAA,EAAU,CAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAM,CAAA,CACH,MAAA,EAAO,CACP,OAAA,CAAQ,MAAM,CAAA,CACd,SAAA,CAAU,CAAC,GAAA,KAAQ,QAAA,CAAS,GAAA,EAAK,EAAE,CAAC,CAAA;AAAA,EACvC,WAAA,EAAa,CAAA,CACV,MAAA,EAAO,CACP,OAAA,CAAQ,uBAAuB,CAAA,CAC/B,SAAA,CAAU,CAAC,GAAA,KAAS,GAAA,CAAI,QAAA,CAAS,GAAG,CAAA,GAAI,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA,CAAE,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,IAAA,EAAM,CAAA,GAAI,GAAI,CAAA;AAAA;AAAA,EAGrF,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAGlC,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,qBAAA,EAAuB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,oBAAA,EAAsB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,6BAAA,EAA+B,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnD,uBAAA,EAAyB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7C,2BAAA,EAA6B,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAGjD,UAAA,EAAY,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA;AAAA,EAGrC,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,OAAA,CAAQ,MAAM,CAAA,CAAE,SAAA,CAAU,CAAC,CAAA,KAAM,CAAA,KAAM,MAAM,CAAA;AAAA,EACvE,SAAA,EAAW,CAAA,CACR,MAAA,EAAO,CACP,UAAS,CACT,SAAA,CAAU,CAAC,CAAA,KAAO,CAAA,GAAI,QAAA,CAAS,CAAA,EAAG,EAAE,IAAI,MAAU;AACvD,CAAC,CAAA;AAED,IAAM,MAAA,GAAS,SAAA,CAAU,SAAA,CAAU,OAAA,CAAQ,GAAG,CAAA;AAE9C,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,EAAA,OAAA,CAAQ,MAAM,uCAAA,EAAoC,MAAA,CAAO,KAAA,CAAM,OAAA,GAAU,WAAW,CAAA;AACpF,EAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AACjD;AAEO,IAAM,MAAM,MAAA,CAAO,IAAA;;;AC1C1B,IAAM,MAAA,GAAS;AAAA,EACb,KAAA,EAAO,UAAA;AAAA;AAAA,EACP,IAAA,EAAM,UAAA;AAAA;AAAA,EACN,IAAA,EAAM,UAAA;AAAA;AAAA,EACN,KAAA,EAAO,UAAA;AAAA;AAAA,EACP,KAAA,EAAO;AACT,CAAA;AAEA,IAAM,SAAA,GAAY,CAAC,KAAA,KAA6B;AAC9C,EAAA,MAAM,MAAA,GAAqB,CAAC,OAAA,EAAS,MAAA,EAAQ,QAAQ,OAAO,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAW,GAAA,CAAI,QAAA,KAAa,YAAA,GAAe,MAAA,GAAS,OAAA;AAC1D,EAAA,OAAO,OAAO,OAAA,CAAQ,KAAK,CAAA,IAAK,MAAA,CAAO,QAAQ,QAAQ,CAAA;AACzD,CAAA;AAEA,IAAM,aAAA,GAAgB,CAAC,KAAA,EAAiB,OAAA,EAAiB,IAAA,KAA2B;AAClF,EAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAK,CAAA;AAC1B,EAAA,MAAM,MAAA,GAAS,GAAG,KAAK,CAAA,CAAA,EAAI,MAAM,WAAA,EAAa,CAAA,CAAA,EAAI,MAAA,CAAO,KAAK,CAAA,CAAA;AAC9D,EAAA,MAAM,UAAU,IAAA,GAAO,CAAA,CAAA,EAAI,KAAK,SAAA,CAAU,IAAI,CAAC,CAAA,CAAA,GAAK,EAAA;AACpD,EAAA,OAAO,GAAG,SAAS,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,EAAI,OAAO,GAAG,OAAO,CAAA,CAAA;AACpD,CAAA;AAEO,IAAM,MAAA,GAAS;AAAA,EACpB,KAAA,EAAO,CAAC,OAAA,EAAiB,IAAA,KAAmB;AAC1C,IAAA,IAAI,SAAA,CAAU,OAAO,CAAA,EAAG;AACtB,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAc,OAAA,EAAS,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACnD;AAAA,EACF,CAAA;AAAA,EACA,IAAA,EAAM,CAAC,OAAA,EAAiB,IAAA,KAAmB;AACzC,IAAA,IAAI,SAAA,CAAU,MAAM,CAAA,EAAG;AACrB,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAc,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IAClD;AAAA,EACF,CAAA;AAAA,EACA,IAAA,EAAM,CAAC,OAAA,EAAiB,IAAA,KAAmB;AACzC,IAAA,IAAI,SAAA,CAAU,MAAM,CAAA,EAAG;AACrB,MAAA,OAAA,CAAQ,IAAA,CAAK,aAAA,CAAc,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACnD;AAAA,EACF,CAAA;AAAA,EACA,KAAA,EAAO,CAAC,OAAA,EAAiB,IAAA,KAAmB;AAC1C,IAAA,IAAI,SAAA,CAAU,OAAO,CAAA,EAAG;AACtB,MAAA,OAAA,CAAQ,KAAA,CAAM,aAAA,CAAc,OAAA,EAAS,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACrD;AAAA,EACF;AACF,CAAA;;;ACxCO,IAAM,QAAA,GAAN,cAAuB,KAAA,CAAM;AAAA,EAClC,WAAA,CACS,UAAA,EACA,OAAA,EACA,IAAA,EACP;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJN,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAGP,IAAA,IAAA,CAAK,IAAA,GAAO,UAAA;AAAA,EACd;AACF;AAKO,IAAM,aAAA,GAAN,cAA4B,QAAA,CAAS;AAAA,EAC1C,WAAA,CAAY,UAAkB,oBAAA,EAAsB;AAClD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,WAAW,CAAA;AAAA,EACjC;AACF;AAKO,IAAM,eAAA,GAAN,cAA8B,QAAA,CAAS;AAAA,EAC5C,WAAA,CAAY,UAAkB,mBAAA,EAAqB;AACjD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,kBAAkB,CAAA;AAAA,EACxC;AACF;AAKO,IAAM,iBAAA,GAAN,cAAgC,QAAA,CAAS;AAAA,EAC9C,WAAA,CAAY,UAAkB,cAAA,EAAgB;AAC5C,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,cAAc,CAAA;AAAA,EACpC;AACF;AAKO,IAAM,cAAA,GAAN,cAA6B,QAAA,CAAS;AAAA,EAC3C,WAAA,CAAY,UAAkB,WAAA,EAAa;AACzC,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,WAAW,CAAA;AAAA,EACjC;AACF;AAKO,IAAM,aAAA,GAAN,cAA4B,QAAA,CAAS;AAAA,EAC1C,WAAA,CAAY,UAAkB,mBAAA,EAAqB;AACjD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,UAAU,CAAA;AAAA,EAChC;AACF;AAKO,IAAM,YAAA,GAAe,CAC1B,GAAA,EACA,IAAA,EACA,KACA,KAAA,KACS;AACT,EAAA,MAAA,CAAO,KAAA,CAAM,QAAA,EAAU,EAAE,IAAA,EAAM,GAAA,CAAI,IAAA,EAAM,OAAA,EAAS,GAAA,CAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAO,CAAA;AAGjF,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,MACnB,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,kBAAA;AAAA,MACN,OAAA,EAAS,GAAA,CAAI,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,QAC9B,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,QACrB,SAAS,CAAA,CAAE;AAAA,OACb,CAAE;AAAA,KACH,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,GAAA,CAAI,MAAA,CAAO,GAAA,CAAI,UAAU,CAAA,CAAE,IAAA,CAAK;AAAA,MAC9B,OAAA,EAAS,KAAA;AAAA,MACT,OAAO,GAAA,CAAI,OAAA;AAAA,MACX,MAAM,GAAA,CAAI;AAAA,KACX,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,eAAA,IAAmB,GAAA,CAAI,SAAS,gBAAA,EAAkB;AACjE,IAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,MACnB,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,IACnB,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO,uBAAA;AAAA,IACP,IAAA,EAAM;AAAA,GACP,CAAA;AACH;AAKO,IAAM,eACX,CAAC,EAAA,KACD,CAAC,GAAA,EAAc,KAAe,IAAA,KAAuB;AACnD,EAAA,OAAA,CAAQ,OAAA,CAAQ,GAAG,GAAA,EAAK,GAAA,EAAK,IAAI,CAAC,CAAA,CAAE,MAAM,IAAI,CAAA;AAChD;AAKK,IAAM,eAAA,GAAkB,CAAC,GAAA,EAAc,GAAA,KAAwB;AACpE,EAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,IACnB,OAAA,EAAS,KAAA;AAAA,IACT,OAAO,CAAA,MAAA,EAAS,GAAA,CAAI,MAAM,CAAA,CAAA,EAAI,IAAI,IAAI,CAAA,UAAA,CAAA;AAAA,IACtC,IAAA,EAAM;AAAA,GACP,CAAA;AACH;AChIO,IAAM,eACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,IAAA,GAAO,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,IAAI,CAAA;AAC3C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,mBAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;AAKK,IAAM,gBACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,KAAA,GAAQ,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,KAAK,CAAA;AAC7C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,0BAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;AAKK,IAAM,iBACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,MAAA,GAAS,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,MAAM,CAAA;AAC/C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,yBAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;ACQF,SAAS,MAAA,GAAwB;AAC/B,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAEF;AAAA,EACF;AACA,EAAA,OAAO,MAAM,GAAA,EAAI;AACnB;AAKO,SAAS,YAAA,GAA0C;AACxD,EAAA,OAAO,MAAA,GAAS,SAAA,EAAU;AAC5B;AAKO,SAAS,OAAA,GAA2B;AACzC,EAAA,OAAO,MAAA,GAAS,IAAA,EAAK;AACvB;AASkB,IAAI,KAAA,CAAM,EAAC,EAAgC;AAAA,EAC3D,GAAA,CAAI,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU;AAC3B,IAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,MAAM,QAAQ,CAAA;AACnD,IAAA,OAAO,OAAO,KAAA,KAAU,UAAA,GAAa,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA,GAAI,KAAA;AAAA,EAC/D;AACF,CAAC;;;ACpHD,IAAM,aAAA,GAAgB,SAAA;AAGtB,IAAM,QAAA,GAA2B;AAAA,EAC/B,GAAA,EAAK,cAAA;AAAA,EACL,KAAA,EAAO,eAAA;AAAA,EACP,cAAA,EAAgB,IAAA;AAAA,EAChB,GAAA,EAAK,aAAA;AAAA,EACL,WAAW,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,EACvC,KAAK,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAA,GAAI,IAAA;AAAA,EACrC,KAAK,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,EACjC,GAAA,EAAK,4CAAA;AAAA,EACL,GAAA,EAAK,cAAA;AAAA,EACL,QAAA,EAAU;AAAA,IACR,YAAY,EAAC;AAAA,IACb,gBAAA,EAAkB;AAAA;AAEtB,CAAA;AAEA,eAAsB,oBAAA,CAAqB,GAAA,EAAc,GAAA,EAAe,IAAA,EAAoB;AAC1F,EAAA,MAAM,aAAA,GAAgB,IAAI,OAAA,CAAQ,aAAA;AAGlC,EAAA,IAAI,GAAA,CAAI,aAAa,aAAA,KAAkB,CAAC,iBAAiB,CAAC,aAAA,CAAc,UAAA,CAAW,aAAa,CAAA,CAAA,EAAI;AAClG,IAAA,GAAA,CAAI,YAAA,GAAe,QAAA;AACnB,IAAA,GAAA,CAAI,OAAO,YAAA,GAAe,QAAA;AAC1B,IAAA,OAAO,IAAA,EAAK;AAAA,EACd;AAEA,EAAA,IAAI;AACF,IAAA,IAAI,CAAC,aAAA,IAAiB,CAAC,aAAA,CAAc,UAAA,CAAW,aAAa,CAAA,EAAG;AAC9D,MAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,6CAA6C,CAAA;AAAA,IACpF;AAEA,IAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,KAAA,CAAM,aAAA,CAAc,MAAM,CAAA;AACtD,IAAA,MAAM,YAAA,GAAe,MAAM,OAAA,EAAQ,CAAE,cAAc,KAAK,CAAA;AAExD,IAAA,GAAA,CAAI,YAAA,GAAe,YAAA;AACnB,IAAA,GAAA,CAAI,OAAO,YAAA,GAAe,YAAA;AAE1B,IAAA,OAAO,IAAA,EAAK;AAAA,EACd,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,mCAAmC,KAAK,CAAA;AACtD,IAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,gBAAgB,CAAA;AAAA,EACvD;AACF","file":"index.js","sourcesContent":["import { z } from 'zod';\nimport dotenv from 'dotenv';\n\n// Load environment variables\ndotenv.config();\n\nconst envSchema = z.object({\n  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n  PORT: z\n    .string()\n    .default('3030')\n    .transform((val) => parseInt(val, 10)),\n  CORS_ORIGIN: z\n    .string()\n    .default('http://localhost:5173')\n    .transform((val) => (val.includes(',') ? val.split(',').map((s) => s.trim()) : val)),\n  \n  // Database (Prisma/SQL) - optional\n  DATABASE_URL: z.string().optional(),\n  \n  // Firebase/Firestore configuration\n  FIREBASE_PROJECT_ID: z.string().optional(),\n  FIREBASE_CLIENT_EMAIL: z.string().optional(),\n  FIREBASE_PRIVATE_KEY: z.string().optional(),\n  FIREBASE_SERVICE_ACCOUNT_PATH: z.string().optional(),\n  FIRESTORE_EMULATOR_HOST: z.string().optional(),\n  FIREBASE_AUTH_EMULATOR_HOST: z.string().optional(),\n  \n  // API configuration\n  API_PREFIX: z.string().default('/api'),\n\n  // Mock data configuration\n  USE_MOCK_DATA: z.string().default('true').transform((v) => v === 'true'),\n  MOCK_SEED: z\n    .string()\n    .optional()\n    .transform((v) => (v ? parseInt(v, 10) : undefined)),\n});\n\nconst parsed = envSchema.safeParse(process.env);\n\nif (!parsed.success) {\n  console.error('❌ Invalid environment variables:', parsed.error.flatten().fieldErrors);\n  throw new Error('Invalid environment variables');\n}\n\nexport const env = parsed.data;\n","import { env } from './env.js';\n\ntype LogLevel = 'debug' | 'info' | 'warn' | 'error';\n\nconst colors = {\n  debug: '\\x1b[36m', // Cyan\n  info: '\\x1b[32m', // Green\n  warn: '\\x1b[33m', // Yellow\n  error: '\\x1b[31m', // Red\n  reset: '\\x1b[0m',\n};\n\nconst shouldLog = (level: LogLevel): boolean => {\n  const levels: LogLevel[] = ['debug', 'info', 'warn', 'error'];\n  const minLevel = env.NODE_ENV === 'production' ? 'info' : 'debug';\n  return levels.indexOf(level) >= levels.indexOf(minLevel);\n};\n\nconst formatMessage = (level: LogLevel, message: string, meta?: unknown): string => {\n  const timestamp = new Date().toISOString();\n  const color = colors[level];\n  const prefix = `${color}[${level.toUpperCase()}]${colors.reset}`;\n  const metaStr = meta ? ` ${JSON.stringify(meta)}` : '';\n  return `${timestamp} ${prefix} ${message}${metaStr}`;\n};\n\nexport const logger = {\n  debug: (message: string, meta?: unknown) => {\n    if (shouldLog('debug')) {\n      console.log(formatMessage('debug', message, meta));\n    }\n  },\n  info: (message: string, meta?: unknown) => {\n    if (shouldLog('info')) {\n      console.log(formatMessage('info', message, meta));\n    }\n  },\n  warn: (message: string, meta?: unknown) => {\n    if (shouldLog('warn')) {\n      console.warn(formatMessage('warn', message, meta));\n    }\n  },\n  error: (message: string, meta?: unknown) => {\n    if (shouldLog('error')) {\n      console.error(formatMessage('error', message, meta));\n    }\n  },\n};\n","import { Request, Response, NextFunction } from 'express';\nimport { ZodError } from 'zod';\nimport { logger } from '../lib/logger.js';\n\n/**\n * Base application error class\n */\nexport class AppError extends Error {\n  constructor(\n    public statusCode: number,\n    public message: string,\n    public code?: string\n  ) {\n    super(message);\n    this.name = 'AppError';\n  }\n}\n\n/**\n * 404 Not Found error\n */\nexport class NotFoundError extends AppError {\n  constructor(message: string = 'Resource not found') {\n    super(404, message, 'NOT_FOUND');\n  }\n}\n\n/**\n * 400 Bad Request / Validation error\n */\nexport class ValidationError extends AppError {\n  constructor(message: string = 'Validation failed') {\n    super(400, message, 'VALIDATION_ERROR');\n  }\n}\n\n/**\n * 401 Unauthorized error\n */\nexport class UnauthorizedError extends AppError {\n  constructor(message: string = 'Unauthorized') {\n    super(401, message, 'UNAUTHORIZED');\n  }\n}\n\n/**\n * 403 Forbidden error\n */\nexport class ForbiddenError extends AppError {\n  constructor(message: string = 'Forbidden') {\n    super(403, message, 'FORBIDDEN');\n  }\n}\n\n/**\n * 409 Conflict error\n */\nexport class ConflictError extends AppError {\n  constructor(message: string = 'Resource conflict') {\n    super(409, message, 'CONFLICT');\n  }\n}\n\n/**\n * Global error handler middleware\n */\nexport const errorHandler = (\n  err: Error,\n  _req: Request,\n  res: Response,\n  _next: NextFunction\n): void => {\n  logger.error('Error:', { name: err.name, message: err.message, stack: err.stack });\n\n  // Zod validation errors\n  if (err instanceof ZodError) {\n    res.status(400).json({\n      success: false,\n      error: 'Validation failed',\n      code: 'VALIDATION_ERROR',\n      details: err.errors.map((e) => ({\n        path: e.path.join('.'),\n        message: e.message,\n      })),\n    });\n    return;\n  }\n\n  // Custom application errors\n  if (err instanceof AppError) {\n    res.status(err.statusCode).json({\n      success: false,\n      error: err.message,\n      code: err.code,\n    });\n    return;\n  }\n\n  // Firebase/Firestore errors\n  if (err.name === 'FirebaseError' || err.name === 'FirestoreError') {\n    res.status(500).json({\n      success: false,\n      error: 'Database error',\n      code: 'DATABASE_ERROR',\n    });\n    return;\n  }\n\n  // Unknown errors\n  res.status(500).json({\n    success: false,\n    error: 'Internal server error',\n    code: 'INTERNAL_ERROR',\n  });\n};\n\n/**\n * Async handler wrapper to catch errors in async route handlers\n */\nexport const asyncHandler =\n  (fn: (req: Request, res: Response, next: NextFunction) => Promise<unknown>) =>\n  (req: Request, res: Response, next: NextFunction) => {\n    Promise.resolve(fn(req, res, next)).catch(next);\n  };\n\n/**\n * 404 handler for unmatched routes\n */\nexport const notFoundHandler = (req: Request, res: Response): void => {\n  res.status(404).json({\n    success: false,\n    error: `Route ${req.method} ${req.path} not found`,\n    code: 'ROUTE_NOT_FOUND',\n  });\n};\n","import { Request, Response, NextFunction } from 'express';\nimport { AnyZodObject, ZodError } from 'zod';\n\n/**\n * Middleware to validate request body against a Zod schema\n */\nexport const validateBody =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.body = await schema.parseAsync(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Validation failed',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n\n/**\n * Middleware to validate request query parameters against a Zod schema\n */\nexport const validateQuery =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.query = await schema.parseAsync(req.query);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Invalid query parameters',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n\n/**\n * Middleware to validate request params against a Zod schema\n */\nexport const validateParams =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.params = await schema.parseAsync(req.params);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Invalid path parameters',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n","/**\n * Database Accessors & Initialization\n *\n * This module provides:\n * - `initializeFirebase()` — convenience function to init Firebase from env vars\n * - `getFirestore()`, `getAuth()` — accessors for Firebase services\n * - `db` — lazy Firestore proxy (no eager initialization)\n *\n * The consuming application MUST call `initializeFirebase()` or\n * `admin.initializeApp()` before using any Firebase-dependent features.\n */\n\nimport admin from 'firebase-admin';\n\n/**\n * Initialize Firebase Admin SDK from environment variables.\n *\n * Reads: FIREBASE_PROJECT_ID, FIREBASE_CLIENT_EMAIL, FIREBASE_PRIVATE_KEY,\n *        FIREBASE_SERVICE_ACCOUNT_PATH, FIRESTORE_EMULATOR_HOST\n *\n * Safe to call multiple times — returns existing app if already initialized.\n */\nexport function initializeFirebase(): admin.app.App {\n  // Already initialized — return existing app\n  if (admin.apps.length > 0) {\n    return admin.app();\n  }\n\n  const projectId = process.env.FIREBASE_PROJECT_ID;\n  const emulatorHost = process.env.FIRESTORE_EMULATOR_HOST;\n\n  // Emulator mode — no credentials needed\n  if (emulatorHost) {\n    const app = admin.initializeApp({\n      projectId: projectId || 'demo-project',\n    });\n    console.log(`Firebase Admin initialized for emulator: ${emulatorHost}`);\n    return app;\n  }\n\n  // Service account file\n  const serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH;\n  if (serviceAccountPath) {\n    // Dynamic require for JSON service account file at runtime\n    const serviceAccount = require(serviceAccountPath) as Record<string, unknown>;\n    return admin.initializeApp({\n      credential: admin.credential.cert(serviceAccount),\n      projectId,\n    });\n  }\n\n  // Inline credentials\n  const clientEmail = process.env.FIREBASE_CLIENT_EMAIL;\n  const privateKey = process.env.FIREBASE_PRIVATE_KEY;\n  if (projectId && clientEmail && privateKey) {\n    return admin.initializeApp({\n      credential: admin.credential.cert({\n        projectId,\n        clientEmail,\n        privateKey: privateKey.replace(/\\\\n/g, '\\n'),\n      }),\n      projectId,\n    });\n  }\n\n  // Application default credentials (Cloud Run, etc.)\n  if (projectId) {\n    return admin.initializeApp({\n      credential: admin.credential.applicationDefault(),\n      projectId,\n    });\n  }\n\n  throw new Error(\n    '@almadar/server: Cannot initialize Firebase — no credentials found. ' +\n    'Set FIREBASE_PROJECT_ID + FIREBASE_CLIENT_EMAIL + FIREBASE_PRIVATE_KEY, ' +\n    'or FIREBASE_SERVICE_ACCOUNT_PATH, or FIRESTORE_EMULATOR_HOST.'\n  );\n}\n\n/**\n * Get the initialized Firebase app.\n * Throws if Firebase Admin SDK has not been initialized.\n */\nfunction getApp(): admin.app.App {\n  if (admin.apps.length === 0) {\n    throw new Error(\n      '@almadar/server: Firebase Admin SDK is not initialized. ' +\n      'Call initializeFirebase() or admin.initializeApp() before using @almadar/server.'\n    );\n  }\n  return admin.app();\n}\n\n/**\n * Get Firestore instance from the pre-initialized Firebase app.\n */\nexport function getFirestore(): admin.firestore.Firestore {\n  return getApp().firestore();\n}\n\n/**\n * Get Firebase Auth instance from the pre-initialized Firebase app.\n */\nexport function getAuth(): admin.auth.Auth {\n  return getApp().auth();\n}\n\n// Re-export admin for convenience\nexport { admin };\n\n/**\n * Lazy Firestore proxy — resolves on first property access, not at import time.\n * This prevents the \"Firebase not initialized\" error during module loading.\n */\nexport const db = new Proxy({} as admin.firestore.Firestore, {\n  get(_target, prop, receiver) {\n    const firestore = getFirestore();\n    const value = Reflect.get(firestore, prop, receiver);\n    return typeof value === 'function' ? value.bind(firestore) : value;\n  },\n});\n","import { NextFunction, Request, Response } from 'express';\nimport type { DecodedIdToken } from 'firebase-admin/auth';\nimport { getAuth } from '../lib/db.js';\nimport { env } from '../lib/env.js';\n\nconst BEARER_PREFIX = 'Bearer ';\n\n/** Fake dev user injected when NODE_ENV=development and no auth header is present */\nconst DEV_USER: DecodedIdToken = {\n  uid: 'dev-user-001',\n  email: 'dev@localhost',\n  email_verified: true,\n  aud: 'dev-project',\n  auth_time: Math.floor(Date.now() / 1000),\n  exp: Math.floor(Date.now() / 1000) + 3600,\n  iat: Math.floor(Date.now() / 1000),\n  iss: 'https://securetoken.google.com/dev-project',\n  sub: 'dev-user-001',\n  firebase: {\n    identities: {},\n    sign_in_provider: 'custom',\n  },\n};\n\nexport async function authenticateFirebase(req: Request, res: Response, next: NextFunction) {\n  const authorization = req.headers.authorization;\n\n  // Dev bypass: in development mode, skip auth if no token is provided\n  if (env.NODE_ENV === 'development' && (!authorization || !authorization.startsWith(BEARER_PREFIX))) {\n    req.firebaseUser = DEV_USER;\n    res.locals.firebaseUser = DEV_USER;\n    return next();\n  }\n\n  try {\n    if (!authorization || !authorization.startsWith(BEARER_PREFIX)) {\n      return res.status(401).json({ error: 'Authorization header missing or malformed' });\n    }\n\n    const token = authorization.slice(BEARER_PREFIX.length);\n    const decodedToken = await getAuth().verifyIdToken(token);\n\n    req.firebaseUser = decodedToken;\n    res.locals.firebaseUser = decodedToken;\n\n    return next();\n  } catch (error) {\n    console.error('Firebase authentication failed:', error);\n    return res.status(401).json({ error: 'Unauthorized' });\n  }\n}\n\nexport default authenticateFirebase;\n\n\n"]}

package/dist/middleware/multi-user.d.ts

@@ -1,34 +0,0 @@
-/**
- * Multi-User Middleware
- *
- * Provides user isolation and session ownership using Firebase Auth.
- *
- * @packageDocumentation
- */
-import type { Request, Response, NextFunction } from 'express';
-declare global {
-    namespace Express {
-        interface Request {
-            user?: {
-                uid: string;
-                email?: string;
-                roles?: string[];
-                orgId?: string;
-            };
-            userContext?: {
-                userId: string;
-                orgId?: string;
-                roles?: string[];
-            };
-        }
-    }
-}
-/**
- * Middleware to set up user context from Firebase Auth
- */
-export declare function multiUserMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;
-/**
- * Verify Firebase Auth token from Authorization header
- */
-export declare function verifyFirebaseAuth(req: Request, res: Response, next: NextFunction): Promise<void>;
-//# sourceMappingURL=multi-user.d.ts.map

package/dist/middleware/multi-user.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"multi-user.d.ts","sourceRoot":"","sources":["../../src/middleware/multi-user.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG/D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,IAAI,CAAC,EAAE;gBACL,GAAG,EAAE,MAAM,CAAC;gBACZ,KAAK,CAAC,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;gBACjB,KAAK,CAAC,EAAE,MAAM,CAAC;aAChB,CAAC;YACF,WAAW,CAAC,EAAE;gBACZ,MAAM,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;aAClB,CAAC;SACH;KACF;CACF;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CA4Bf;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CA4Bf"}

package/dist/middleware/multi-user.js

@@ -1,76 +0,0 @@
-import { createUserContext, getMultiUserManager } from '@almadar/agent';
-import admin from 'firebase-admin';
-
-// src/middleware/multi-user.ts
-function getApp() {
-  if (admin.apps.length === 0) {
-    throw new Error(
-      "@almadar/server: Firebase Admin SDK is not initialized. Call initializeFirebase() or admin.initializeApp() before using @almadar/server."
-    );
-  }
-  return admin.app();
-}
-function getFirestore() {
-  return getApp().firestore();
-}
-function getAuth() {
-  return getApp().auth();
-}
-new Proxy({}, {
-  get(_target, prop, receiver) {
-    const firestore = getFirestore();
-    const value = Reflect.get(firestore, prop, receiver);
-    return typeof value === "function" ? value.bind(firestore) : value;
-  }
-});
-
-// src/middleware/multi-user.ts
-async function multiUserMiddleware(req, res, next) {
-  const userId = req.user?.uid;
-  if (!userId) {
-    res.status(401).json({ error: "Authentication required" });
-    return;
-  }
-  req.userContext = createUserContext(userId, {
-    orgId: req.user?.orgId,
-    roles: req.user?.roles ?? ["user"]
-  });
-  const originalJson = res.json.bind(res);
-  res.json = (body) => {
-    if (body && typeof body === "object" && "threadId" in body) {
-      const multiUser = getMultiUserManager();
-      multiUser.assignSessionOwnership(
-        body.threadId,
-        userId
-      );
-    }
-    return originalJson(body);
-  };
-  next();
-}
-async function verifyFirebaseAuth(req, res, next) {
-  const authHeader = req.headers.authorization;
-  if (!authHeader?.startsWith("Bearer ")) {
-    res.status(401).json({ error: "No token provided" });
-    return;
-  }
-  const token = authHeader.split("Bearer ")[1];
-  try {
-    const decodedToken = await getAuth().verifyIdToken(token);
-    const user = await getAuth().getUser(decodedToken.uid);
-    req.user = {
-      uid: decodedToken.uid,
-      email: decodedToken.email,
-      roles: user.customClaims?.roles ?? ["user"],
-      orgId: user.customClaims?.orgId
-    };
-    next();
-  } catch (error) {
-    console.error("Token verification failed:", error);
-    res.status(401).json({ error: "Invalid token" });
-  }
-}
-
-export { multiUserMiddleware, verifyFirebaseAuth };
-//# sourceMappingURL=multi-user.js.map
-//# sourceMappingURL=multi-user.js.map

package/dist/middleware/multi-user.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/lib/db.ts","../../src/middleware/multi-user.ts"],"names":[],"mappings":";;;;AAoFA,SAAS,MAAA,GAAwB;AAC/B,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAEF;AAAA,EACF;AACA,EAAA,OAAO,MAAM,GAAA,EAAI;AACnB;AAKO,SAAS,YAAA,GAA0C;AACxD,EAAA,OAAO,MAAA,GAAS,SAAA,EAAU;AAC5B;AAKO,SAAS,OAAA,GAA2B;AACzC,EAAA,OAAO,MAAA,GAAS,IAAA,EAAK;AACvB;AASkB,IAAI,KAAA,CAAM,EAAC,EAAgC;AAAA,EAC3D,GAAA,CAAI,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU;AAC3B,IAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,MAAM,QAAQ,CAAA;AACnD,IAAA,OAAO,OAAO,KAAA,KAAU,UAAA,GAAa,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA,GAAI,KAAA;AAAA,EAC/D;AACF,CAAC;;;ACvFD,eAAsB,mBAAA,CACpB,GAAA,EACA,GAAA,EACA,IAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,IAAI,IAAA,EAAM,GAAA;AAEzB,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AACzD,IAAA;AAAA,EACF;AAGA,EAAA,GAAA,CAAI,WAAA,GAAc,kBAAkB,MAAA,EAAQ;AAAA,IAC1C,KAAA,EAAO,IAAI,IAAA,EAAM,KAAA;AAAA,IACjB,KAAA,EAAO,GAAA,CAAI,IAAA,EAAM,KAAA,IAAS,CAAC,MAAM;AAAA,GAClC,CAAA;AAGD,EAAA,MAAM,YAAA,GAAe,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AACtC,EAAA,GAAA,CAAI,IAAA,GAAO,CAAC,IAAA,KAAkB;AAC5B,IAAA,IAAI,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,IAAY,cAAc,IAAA,EAAM;AAC1D,MAAA,MAAM,YAAY,mBAAA,EAAoB;AACtC,MAAA,SAAA,CAAU,sBAAA;AAAA,QACP,IAAA,CAA8B,QAAA;AAAA,QAC/B;AAAA,OACF;AAAA,IACF;AACA,IAAA,OAAO,aAAa,IAAI,CAAA;AAAA,EAC1B,CAAA;AAEA,EAAA,IAAA,EAAK;AACP;AAKA,eAAsB,kBAAA,CACpB,GAAA,EACA,GAAA,EACA,IAAA,EACe;AACf,EAAA,MAAM,UAAA,GAAa,IAAI,OAAA,CAAQ,aAAA;AAE/B,EAAA,IAAI,CAAC,UAAA,EAAY,UAAA,CAAW,SAAS,CAAA,EAAG;AACtC,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AACnD,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,SAAS,EAAE,CAAC,CAAA;AAE3C,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,OAAA,EAAQ,CAAE,cAAc,KAAK,CAAA;AAGxD,IAAA,MAAM,OAAO,MAAM,OAAA,EAAQ,CAAE,OAAA,CAAQ,aAAa,GAAG,CAAA;AAErD,IAAA,GAAA,CAAI,IAAA,GAAO;AAAA,MACT,KAAK,YAAA,CAAa,GAAA;AAAA,MAClB,OAAO,YAAA,CAAa,KAAA;AAAA,MACpB,KAAA,EAAQ,IAAA,CAAK,YAAA,EAAc,KAAA,IAAsB,CAAC,MAAM,CAAA;AAAA,MACxD,KAAA,EAAO,KAAK,YAAA,EAAc;AAAA,KAC5B;AAEA,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iBAAiB,CAAA;AAAA,EACjD;AACF","file":"multi-user.js","sourcesContent":["/**\n * Database Accessors & Initialization\n *\n * This module provides:\n * - `initializeFirebase()` — convenience function to init Firebase from env vars\n * - `getFirestore()`, `getAuth()` — accessors for Firebase services\n * - `db` — lazy Firestore proxy (no eager initialization)\n *\n * The consuming application MUST call `initializeFirebase()` or\n * `admin.initializeApp()` before using any Firebase-dependent features.\n */\n\nimport admin from 'firebase-admin';\n\n/**\n * Initialize Firebase Admin SDK from environment variables.\n *\n * Reads: FIREBASE_PROJECT_ID, FIREBASE_CLIENT_EMAIL, FIREBASE_PRIVATE_KEY,\n *        FIREBASE_SERVICE_ACCOUNT_PATH, FIRESTORE_EMULATOR_HOST\n *\n * Safe to call multiple times — returns existing app if already initialized.\n */\nexport function initializeFirebase(): admin.app.App {\n  // Already initialized — return existing app\n  if (admin.apps.length > 0) {\n    return admin.app();\n  }\n\n  const projectId = process.env.FIREBASE_PROJECT_ID;\n  const emulatorHost = process.env.FIRESTORE_EMULATOR_HOST;\n\n  // Emulator mode — no credentials needed\n  if (emulatorHost) {\n    const app = admin.initializeApp({\n      projectId: projectId || 'demo-project',\n    });\n    console.log(`Firebase Admin initialized for emulator: ${emulatorHost}`);\n    return app;\n  }\n\n  // Service account file\n  const serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH;\n  if (serviceAccountPath) {\n    // Dynamic require for JSON service account file at runtime\n    const serviceAccount = require(serviceAccountPath) as Record<string, unknown>;\n    return admin.initializeApp({\n      credential: admin.credential.cert(serviceAccount),\n      projectId,\n    });\n  }\n\n  // Inline credentials\n  const clientEmail = process.env.FIREBASE_CLIENT_EMAIL;\n  const privateKey = process.env.FIREBASE_PRIVATE_KEY;\n  if (projectId && clientEmail && privateKey) {\n    return admin.initializeApp({\n      credential: admin.credential.cert({\n        projectId,\n        clientEmail,\n        privateKey: privateKey.replace(/\\\\n/g, '\\n'),\n      }),\n      projectId,\n    });\n  }\n\n  // Application default credentials (Cloud Run, etc.)\n  if (projectId) {\n    return admin.initializeApp({\n      credential: admin.credential.applicationDefault(),\n      projectId,\n    });\n  }\n\n  throw new Error(\n    '@almadar/server: Cannot initialize Firebase — no credentials found. ' +\n    'Set FIREBASE_PROJECT_ID + FIREBASE_CLIENT_EMAIL + FIREBASE_PRIVATE_KEY, ' +\n    'or FIREBASE_SERVICE_ACCOUNT_PATH, or FIRESTORE_EMULATOR_HOST.'\n  );\n}\n\n/**\n * Get the initialized Firebase app.\n * Throws if Firebase Admin SDK has not been initialized.\n */\nfunction getApp(): admin.app.App {\n  if (admin.apps.length === 0) {\n    throw new Error(\n      '@almadar/server: Firebase Admin SDK is not initialized. ' +\n      'Call initializeFirebase() or admin.initializeApp() before using @almadar/server.'\n    );\n  }\n  return admin.app();\n}\n\n/**\n * Get Firestore instance from the pre-initialized Firebase app.\n */\nexport function getFirestore(): admin.firestore.Firestore {\n  return getApp().firestore();\n}\n\n/**\n * Get Firebase Auth instance from the pre-initialized Firebase app.\n */\nexport function getAuth(): admin.auth.Auth {\n  return getApp().auth();\n}\n\n// Re-export admin for convenience\nexport { admin };\n\n/**\n * Lazy Firestore proxy — resolves on first property access, not at import time.\n * This prevents the \"Firebase not initialized\" error during module loading.\n */\nexport const db = new Proxy({} as admin.firestore.Firestore, {\n  get(_target, prop, receiver) {\n    const firestore = getFirestore();\n    const value = Reflect.get(firestore, prop, receiver);\n    return typeof value === 'function' ? value.bind(firestore) : value;\n  },\n});\n","/**\n * Multi-User Middleware\n *\n * Provides user isolation and session ownership using Firebase Auth.\n *\n * @packageDocumentation\n */\n\nimport { getMultiUserManager, createUserContext } from '@almadar/agent';\nimport { getAuth } from '../lib/db.js';\nimport type { Request, Response, NextFunction } from 'express';\n\n// Extend Express Request to include Firebase user\ndeclare global {\n  namespace Express {\n    interface Request {\n      user?: {\n        uid: string;\n        email?: string;\n        roles?: string[];\n        orgId?: string;\n      };\n      userContext?: {\n        userId: string;\n        orgId?: string;\n        roles?: string[];\n      };\n    }\n  }\n}\n\n/**\n * Middleware to set up user context from Firebase Auth\n */\nexport async function multiUserMiddleware(\n  req: Request,\n  res: Response,\n  next: NextFunction,\n): Promise<void> {\n  const userId = req.user?.uid;\n\n  if (!userId) {\n    res.status(401).json({ error: 'Authentication required' });\n    return;\n  }\n\n  // Create user context\n  req.userContext = createUserContext(userId, {\n    orgId: req.user?.orgId,\n    roles: req.user?.roles ?? ['user'],\n  });\n\n  // Assign session ownership when creating new sessions\n  const originalJson = res.json.bind(res);\n  res.json = (body: unknown) => {\n    if (body && typeof body === 'object' && 'threadId' in body) {\n      const multiUser = getMultiUserManager();\n      multiUser.assignSessionOwnership(\n        (body as { threadId: string }).threadId,\n        userId,\n      );\n    }\n    return originalJson(body);\n  };\n\n  next();\n}\n\n/**\n * Verify Firebase Auth token from Authorization header\n */\nexport async function verifyFirebaseAuth(\n  req: Request,\n  res: Response,\n  next: NextFunction,\n): Promise<void> {\n  const authHeader = req.headers.authorization;\n\n  if (!authHeader?.startsWith('Bearer ')) {\n    res.status(401).json({ error: 'No token provided' });\n    return;\n  }\n\n  const token = authHeader.split('Bearer ')[1];\n\n  try {\n    const decodedToken = await getAuth().verifyIdToken(token);\n\n    // Get custom claims for roles/org\n    const user = await getAuth().getUser(decodedToken.uid);\n\n    req.user = {\n      uid: decodedToken.uid,\n      email: decodedToken.email,\n      roles: (user.customClaims?.roles as string[]) ?? ['user'],\n      orgId: user.customClaims?.orgId as string,\n    };\n\n    next();\n  } catch (error) {\n    console.error('Token verification failed:', error);\n    res.status(401).json({ error: 'Invalid token' });\n  }\n}\n"]}

package/dist/middleware/validation.d.ts

@@ -1,15 +0,0 @@
-import { Request, Response, NextFunction } from 'express';
-import { AnyZodObject } from 'zod';
-/**
- * Middleware to validate request body against a Zod schema
- */
-export declare const validateBody: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
-/**
- * Middleware to validate request query parameters against a Zod schema
- */
-export declare const validateQuery: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
-/**
- * Middleware to validate request params against a Zod schema
- */
-export declare const validateParams: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
-//# sourceMappingURL=validation.d.ts.map

package/dist/middleware/validation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/middleware/validation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAY,MAAM,KAAK,CAAC;AAE7C;;GAEG;AACH,eAAO,MAAM,YAAY,GACtB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,aAAa,GACvB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,cAAc,GACxB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC"}

package/dist/routes/__tests__/observability.test.d.ts

@@ -1,6 +0,0 @@
-/**
- * @fileoverview Unit tests for observability routes
- * @module @almadar/server/routes/observability.test
- */
-export {};
-//# sourceMappingURL=observability.test.d.ts.map

package/dist/routes/__tests__/observability.test.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"observability.test.d.ts","sourceRoot":"","sources":["../../../src/routes/__tests__/observability.test.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/routes/observability.d.ts

@@ -1,11 +0,0 @@
-/**
- * Observability Routes
- *
- * Provides endpoints for metrics, health checks, and telemetry.
- *
- * @packageDocumentation
- */
-import { Router } from 'express';
-declare const router: ReturnType<typeof Router>;
-export default router;
-//# sourceMappingURL=observability.d.ts.map

package/dist/routes/observability.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"observability.d.ts","sourceRoot":"","sources":["../../src/routes/observability.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGjC,QAAA,MAAM,MAAM,EAAE,UAAU,CAAC,OAAO,MAAM,CAAY,CAAC;AAyEnD,eAAe,MAAM,CAAC"}

package/dist/routes/observability.js

@@ -1,62 +0,0 @@
-import { Router } from 'express';
-import { getObservabilityCollector } from '@almadar/agent';
-
-// src/routes/observability.ts
-var router = Router();
-router.get("/metrics", async (req, res) => {
-  try {
-    const collector = getObservabilityCollector();
-    const snapshot = collector.getPerformanceSnapshot();
-    res.json(snapshot);
-  } catch (error) {
-    console.error("Metrics error:", error);
-    res.status(500).json({ error: "Failed to get metrics" });
-  }
-});
-router.get("/health", async (req, res) => {
-  try {
-    const collector = getObservabilityCollector();
-    const health = await collector.healthCheck();
-    const allHealthy = health.every((h) => h.status === "healthy");
-    res.status(allHealthy ? 200 : 503).json({
-      status: allHealthy ? "healthy" : "degraded",
-      timestamp: Date.now(),
-      checks: health
-    });
-  } catch (error) {
-    console.error("Health check error:", error);
-    res.status(500).json({
-      status: "unhealthy",
-      error: "Health check failed"
-    });
-  }
-});
-router.get("/sessions/:threadId/telemetry", async (req, res) => {
-  try {
-    const collector = getObservabilityCollector();
-    const telemetry = collector.getSessionTelemetry(req.params.threadId);
-    if (!telemetry) {
-      res.status(404).json({ error: "Session not found" });
-      return;
-    }
-    res.json(telemetry);
-  } catch (error) {
-    console.error("Telemetry error:", error);
-    res.status(500).json({ error: "Failed to get telemetry" });
-  }
-});
-router.get("/active-sessions", async (req, res) => {
-  try {
-    const collector = getObservabilityCollector();
-    const sessions = collector.getActiveSessions();
-    res.json(sessions);
-  } catch (error) {
-    console.error("Active sessions error:", error);
-    res.status(500).json({ error: "Failed to get active sessions" });
-  }
-});
-var observability_default = router;
-
-export { observability_default as default };
-//# sourceMappingURL=observability.js.map
-//# sourceMappingURL=observability.js.map

package/dist/routes/observability.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../src/routes/observability.ts"],"names":[],"mappings":";;;;AAWA,IAAM,SAAoC,MAAA,EAAO;AAKjD,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,OAAO,GAAA,EAAK,GAAA,KAAQ;AACzC,EAAA,IAAI;AACF,IAAA,MAAM,YAAY,yBAAA,EAA0B;AAC5C,IAAA,MAAM,QAAA,GAAW,UAAU,sBAAA,EAAuB;AAClD,IAAA,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,EACnB,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,kBAAkB,KAAK,CAAA;AACrC,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,yBAAyB,CAAA;AAAA,EACzD;AACF,CAAC,CAAA;AAKD,MAAA,CAAO,GAAA,CAAI,SAAA,EAAW,OAAO,GAAA,EAAK,GAAA,KAAQ;AACxC,EAAA,IAAI;AACF,IAAA,MAAM,YAAY,yBAAA,EAA0B;AAC5C,IAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,WAAA,EAAY;AAC3C,IAAA,MAAM,aAAa,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA,KAAM,CAAA,CAAE,WAAW,SAAS,CAAA;AAE7D,IAAA,GAAA,CAAI,MAAA,CAAO,UAAA,GAAa,GAAA,GAAM,GAAG,EAAE,IAAA,CAAK;AAAA,MACtC,MAAA,EAAQ,aAAa,SAAA,GAAY,UAAA;AAAA,MACjC,SAAA,EAAW,KAAK,GAAA,EAAI;AAAA,MACpB,MAAA,EAAQ;AAAA,KACT,CAAA;AAAA,EACH,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAC1C,IAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,MACnB,MAAA,EAAQ,WAAA;AAAA,MACR,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AACF,CAAC,CAAA;AAKD,MAAA,CAAO,GAAA,CAAI,+BAAA,EAAiC,OAAO,GAAA,EAAK,GAAA,KAAQ;AAC9D,EAAA,IAAI;AACF,IAAA,MAAM,YAAY,yBAAA,EAA0B;AAC5C,IAAA,MAAM,SAAA,GAAY,SAAA,CAAU,mBAAA,CAAoB,GAAA,CAAI,OAAO,QAAQ,CAAA;AAEnE,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,qBAAqB,CAAA;AACnD,MAAA;AAAA,IACF;AAEA,IAAA,GAAA,CAAI,KAAK,SAAS,CAAA;AAAA,EACpB,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,oBAAoB,KAAK,CAAA;AACvC,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,2BAA2B,CAAA;AAAA,EAC3D;AACF,CAAC,CAAA;AAKD,MAAA,CAAO,GAAA,CAAI,kBAAA,EAAoB,OAAO,GAAA,EAAK,GAAA,KAAQ;AACjD,EAAA,IAAI;AACF,IAAA,MAAM,YAAY,yBAAA,EAA0B;AAC5C,IAAA,MAAM,QAAA,GAAW,UAAU,iBAAA,EAAkB;AAC7C,IAAA,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,EACnB,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,0BAA0B,KAAK,CAAA;AAC7C,IAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,iCAAiC,CAAA;AAAA,EACjE;AACF,CAAC,CAAA;AAED,IAAO,qBAAA,GAAQ","file":"observability.js","sourcesContent":["/**\n * Observability Routes\n *\n * Provides endpoints for metrics, health checks, and telemetry.\n *\n * @packageDocumentation\n */\n\nimport { Router } from 'express';\nimport { getObservabilityCollector } from '@almadar/agent';\n\nconst router: ReturnType<typeof Router> = Router();\n\n/**\n * GET /metrics - Get performance snapshot\n */\nrouter.get('/metrics', async (req, res) => {\n  try {\n    const collector = getObservabilityCollector();\n    const snapshot = collector.getPerformanceSnapshot();\n    res.json(snapshot);\n  } catch (error) {\n    console.error('Metrics error:', error);\n    res.status(500).json({ error: 'Failed to get metrics' });\n  }\n});\n\n/**\n * GET /health - Get health check\n */\nrouter.get('/health', async (req, res) => {\n  try {\n    const collector = getObservabilityCollector();\n    const health = await collector.healthCheck();\n    const allHealthy = health.every((h) => h.status === 'healthy');\n\n    res.status(allHealthy ? 200 : 503).json({\n      status: allHealthy ? 'healthy' : 'degraded',\n      timestamp: Date.now(),\n      checks: health,\n    });\n  } catch (error) {\n    console.error('Health check error:', error);\n    res.status(500).json({\n      status: 'unhealthy',\n      error: 'Health check failed',\n    });\n  }\n});\n\n/**\n * GET /sessions/:threadId/telemetry - Get session telemetry\n */\nrouter.get('/sessions/:threadId/telemetry', async (req, res) => {\n  try {\n    const collector = getObservabilityCollector();\n    const telemetry = collector.getSessionTelemetry(req.params.threadId);\n\n    if (!telemetry) {\n      res.status(404).json({ error: 'Session not found' });\n      return;\n    }\n\n    res.json(telemetry);\n  } catch (error) {\n    console.error('Telemetry error:', error);\n    res.status(500).json({ error: 'Failed to get telemetry' });\n  }\n});\n\n/**\n * GET /active-sessions - Get active sessions\n */\nrouter.get('/active-sessions', async (req, res) => {\n  try {\n    const collector = getObservabilityCollector();\n    const sessions = collector.getActiveSessions();\n    res.json(sessions);\n  } catch (error) {\n    console.error('Active sessions error:', error);\n    res.status(500).json({ error: 'Failed to get active sessions' });\n  }\n});\n\nexport default router;\n"]}