@almadar/server 2.1.1 → 2.1.2

package/dist/middleware/index.js

@@ -0,0 +1,284 @@
+import { z, ZodError } from 'zod';
+import dotenv from 'dotenv';
+import admin from 'firebase-admin';
+
+// src/middleware/errorHandler.ts
+dotenv.config();
+var envSchema = z.object({
+  NODE_ENV: z.enum(["development", "production", "test"]).default("development"),
+  PORT: z.string().default("3030").transform((val) => parseInt(val, 10)),
+  CORS_ORIGIN: z.string().default("http://localhost:5173").transform((val) => val.includes(",") ? val.split(",").map((s) => s.trim()) : val),
+  // Database (Prisma/SQL) - optional
+  DATABASE_URL: z.string().optional(),
+  // Firebase/Firestore configuration
+  FIREBASE_PROJECT_ID: z.string().optional(),
+  FIREBASE_CLIENT_EMAIL: z.string().optional(),
+  FIREBASE_PRIVATE_KEY: z.string().optional(),
+  FIREBASE_SERVICE_ACCOUNT_PATH: z.string().optional(),
+  FIRESTORE_EMULATOR_HOST: z.string().optional(),
+  FIREBASE_AUTH_EMULATOR_HOST: z.string().optional(),
+  // API configuration
+  API_PREFIX: z.string().default("/api"),
+  // Mock data configuration
+  USE_MOCK_DATA: z.string().default("true").transform((v) => v === "true"),
+  MOCK_SEED: z.string().optional().transform((v) => v ? parseInt(v, 10) : void 0)
+});
+var parsed = envSchema.safeParse(process.env);
+if (!parsed.success) {
+  console.error("\u274C Invalid environment variables:", parsed.error.flatten().fieldErrors);
+  throw new Error("Invalid environment variables");
+}
+var env = parsed.data;
+
+// src/lib/logger.ts
+var colors = {
+  debug: "\x1B[36m",
+  // Cyan
+  info: "\x1B[32m",
+  // Green
+  warn: "\x1B[33m",
+  // Yellow
+  error: "\x1B[31m",
+  // Red
+  reset: "\x1B[0m"
+};
+var shouldLog = (level) => {
+  const levels = ["debug", "info", "warn", "error"];
+  const minLevel = env.NODE_ENV === "production" ? "info" : "debug";
+  return levels.indexOf(level) >= levels.indexOf(minLevel);
+};
+var formatMessage = (level, message, meta) => {
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  const color = colors[level];
+  const prefix = `${color}[${level.toUpperCase()}]${colors.reset}`;
+  const metaStr = meta ? ` ${JSON.stringify(meta)}` : "";
+  return `${timestamp} ${prefix} ${message}${metaStr}`;
+};
+var logger = {
+  debug: (message, meta) => {
+    if (shouldLog("debug")) {
+      console.log(formatMessage("debug", message, meta));
+    }
+  },
+  info: (message, meta) => {
+    if (shouldLog("info")) {
+      console.log(formatMessage("info", message, meta));
+    }
+  },
+  warn: (message, meta) => {
+    if (shouldLog("warn")) {
+      console.warn(formatMessage("warn", message, meta));
+    }
+  },
+  error: (message, meta) => {
+    if (shouldLog("error")) {
+      console.error(formatMessage("error", message, meta));
+    }
+  }
+};
+
+// src/middleware/errorHandler.ts
+var AppError = class extends Error {
+  constructor(statusCode, message, code) {
+    super(message);
+    this.statusCode = statusCode;
+    this.message = message;
+    this.code = code;
+    this.name = "AppError";
+  }
+};
+var NotFoundError = class extends AppError {
+  constructor(message = "Resource not found") {
+    super(404, message, "NOT_FOUND");
+  }
+};
+var ValidationError = class extends AppError {
+  constructor(message = "Validation failed") {
+    super(400, message, "VALIDATION_ERROR");
+  }
+};
+var UnauthorizedError = class extends AppError {
+  constructor(message = "Unauthorized") {
+    super(401, message, "UNAUTHORIZED");
+  }
+};
+var ForbiddenError = class extends AppError {
+  constructor(message = "Forbidden") {
+    super(403, message, "FORBIDDEN");
+  }
+};
+var ConflictError = class extends AppError {
+  constructor(message = "Resource conflict") {
+    super(409, message, "CONFLICT");
+  }
+};
+var errorHandler = (err, _req, res, _next) => {
+  logger.error("Error:", { name: err.name, message: err.message, stack: err.stack });
+  if (err instanceof ZodError) {
+    res.status(400).json({
+      success: false,
+      error: "Validation failed",
+      code: "VALIDATION_ERROR",
+      details: err.errors.map((e) => ({
+        path: e.path.join("."),
+        message: e.message
+      }))
+    });
+    return;
+  }
+  if (err instanceof AppError) {
+    res.status(err.statusCode).json({
+      success: false,
+      error: err.message,
+      code: err.code
+    });
+    return;
+  }
+  if (err.name === "FirebaseError" || err.name === "FirestoreError") {
+    res.status(500).json({
+      success: false,
+      error: "Database error",
+      code: "DATABASE_ERROR"
+    });
+    return;
+  }
+  res.status(500).json({
+    success: false,
+    error: "Internal server error",
+    code: "INTERNAL_ERROR"
+  });
+};
+var asyncHandler = (fn) => (req, res, next) => {
+  Promise.resolve(fn(req, res, next)).catch(next);
+};
+var notFoundHandler = (req, res) => {
+  res.status(404).json({
+    success: false,
+    error: `Route ${req.method} ${req.path} not found`,
+    code: "ROUTE_NOT_FOUND"
+  });
+};
+var validateBody = (schema) => async (req, res, next) => {
+  try {
+    req.body = await schema.parseAsync(req.body);
+    next();
+  } catch (error) {
+    if (error instanceof ZodError) {
+      res.status(400).json({
+        success: false,
+        error: "Validation failed",
+        code: "VALIDATION_ERROR",
+        details: error.errors.map((e) => ({
+          path: e.path.join("."),
+          message: e.message
+        }))
+      });
+      return;
+    }
+    next(error);
+  }
+};
+var validateQuery = (schema) => async (req, res, next) => {
+  try {
+    req.query = await schema.parseAsync(req.query);
+    next();
+  } catch (error) {
+    if (error instanceof ZodError) {
+      res.status(400).json({
+        success: false,
+        error: "Invalid query parameters",
+        code: "VALIDATION_ERROR",
+        details: error.errors.map((e) => ({
+          path: e.path.join("."),
+          message: e.message
+        }))
+      });
+      return;
+    }
+    next(error);
+  }
+};
+var validateParams = (schema) => async (req, res, next) => {
+  try {
+    req.params = await schema.parseAsync(req.params);
+    next();
+  } catch (error) {
+    if (error instanceof ZodError) {
+      res.status(400).json({
+        success: false,
+        error: "Invalid path parameters",
+        code: "VALIDATION_ERROR",
+        details: error.errors.map((e) => ({
+          path: e.path.join("."),
+          message: e.message
+        }))
+      });
+      return;
+    }
+    next(error);
+  }
+};
+function getApp() {
+  if (admin.apps.length === 0) {
+    throw new Error(
+      "@almadar/server: Firebase Admin SDK is not initialized. Call initializeFirebase() or admin.initializeApp() before using @almadar/server."
+    );
+  }
+  return admin.app();
+}
+function getFirestore() {
+  return getApp().firestore();
+}
+function getAuth() {
+  return getApp().auth();
+}
+new Proxy({}, {
+  get(_target, prop, receiver) {
+    const firestore = getFirestore();
+    const value = Reflect.get(firestore, prop, receiver);
+    return typeof value === "function" ? value.bind(firestore) : value;
+  }
+});
+
+// src/middleware/authenticateFirebase.ts
+var BEARER_PREFIX = "Bearer ";
+var DEV_USER = {
+  uid: "dev-user-001",
+  email: "dev@localhost",
+  email_verified: true,
+  aud: "dev-project",
+  auth_time: Math.floor(Date.now() / 1e3),
+  exp: Math.floor(Date.now() / 1e3) + 3600,
+  iat: Math.floor(Date.now() / 1e3),
+  iss: "https://securetoken.google.com/dev-project",
+  sub: "dev-user-001",
+  firebase: {
+    identities: {},
+    sign_in_provider: "custom"
+  }
+};
+async function authenticateFirebase(req, res, next) {
+  const authorization = req.headers.authorization;
+  if (env.NODE_ENV === "development" && (!authorization || !authorization.startsWith(BEARER_PREFIX))) {
+    req.firebaseUser = DEV_USER;
+    res.locals.firebaseUser = DEV_USER;
+    return next();
+  }
+  try {
+    if (!authorization || !authorization.startsWith(BEARER_PREFIX)) {
+      return res.status(401).json({ error: "Authorization header missing or malformed" });
+    }
+    const token = authorization.slice(BEARER_PREFIX.length);
+    const decodedToken = await getAuth().verifyIdToken(token);
+    req.firebaseUser = decodedToken;
+    res.locals.firebaseUser = decodedToken;
+    return next();
+  } catch (error) {
+    console.error("Firebase authentication failed:", error);
+    return res.status(401).json({ error: "Unauthorized" });
+  }
+}
+
+export { AppError, ConflictError, ForbiddenError, NotFoundError, UnauthorizedError, ValidationError, asyncHandler, authenticateFirebase, errorHandler, notFoundHandler, validateBody, validateParams, validateQuery };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/lib/env.ts","../../src/lib/logger.ts","../../src/middleware/errorHandler.ts","../../src/middleware/validation.ts","../../src/lib/db.ts","../../src/middleware/authenticateFirebase.ts"],"names":["ZodError"],"mappings":";;;;;AAIA,MAAA,CAAO,MAAA,EAAO;AAEd,IAAM,SAAA,GAAY,EAAE,MAAA,CAAO;AAAA,EACzB,QAAA,EAAU,CAAA,CAAE,IAAA,CAAK,CAAC,aAAA,EAAe,cAAc,MAAM,CAAC,CAAA,CAAE,OAAA,CAAQ,aAAa,CAAA;AAAA,EAC7E,IAAA,EAAM,CAAA,CACH,MAAA,EAAO,CACP,OAAA,CAAQ,MAAM,CAAA,CACd,SAAA,CAAU,CAAC,GAAA,KAAQ,QAAA,CAAS,GAAA,EAAK,EAAE,CAAC,CAAA;AAAA,EACvC,WAAA,EAAa,CAAA,CACV,MAAA,EAAO,CACP,OAAA,CAAQ,uBAAuB,CAAA,CAC/B,SAAA,CAAU,CAAC,GAAA,KAAS,GAAA,CAAI,QAAA,CAAS,GAAG,CAAA,GAAI,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA,CAAE,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,IAAA,EAAM,CAAA,GAAI,GAAI,CAAA;AAAA;AAAA,EAGrF,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAGlC,mBAAA,EAAqB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACzC,qBAAA,EAAuB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3C,oBAAA,EAAsB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1C,6BAAA,EAA+B,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnD,uBAAA,EAAyB,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7C,2BAAA,EAA6B,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAGjD,UAAA,EAAY,CAAA,CAAE,MAAA,EAAO,CAAE,QAAQ,MAAM,CAAA;AAAA;AAAA,EAGrC,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,OAAA,CAAQ,MAAM,CAAA,CAAE,SAAA,CAAU,CAAC,CAAA,KAAM,CAAA,KAAM,MAAM,CAAA;AAAA,EACvE,SAAA,EAAW,CAAA,CACR,MAAA,EAAO,CACP,UAAS,CACT,SAAA,CAAU,CAAC,CAAA,KAAO,CAAA,GAAI,QAAA,CAAS,CAAA,EAAG,EAAE,IAAI,MAAU;AACvD,CAAC,CAAA;AAED,IAAM,MAAA,GAAS,SAAA,CAAU,SAAA,CAAU,OAAA,CAAQ,GAAG,CAAA;AAE9C,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,EAAA,OAAA,CAAQ,MAAM,uCAAA,EAAoC,MAAA,CAAO,KAAA,CAAM,OAAA,GAAU,WAAW,CAAA;AACpF,EAAA,MAAM,IAAI,MAAM,+BAA+B,CAAA;AACjD;AAEO,IAAM,MAAM,MAAA,CAAO,IAAA;;;AC1C1B,IAAM,MAAA,GAAS;AAAA,EACb,KAAA,EAAO,UAAA;AAAA;AAAA,EACP,IAAA,EAAM,UAAA;AAAA;AAAA,EACN,IAAA,EAAM,UAAA;AAAA;AAAA,EACN,KAAA,EAAO,UAAA;AAAA;AAAA,EACP,KAAA,EAAO;AACT,CAAA;AAEA,IAAM,SAAA,GAAY,CAAC,KAAA,KAA6B;AAC9C,EAAA,MAAM,MAAA,GAAqB,CAAC,OAAA,EAAS,MAAA,EAAQ,QAAQ,OAAO,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAW,GAAA,CAAI,QAAA,KAAa,YAAA,GAAe,MAAA,GAAS,OAAA;AAC1D,EAAA,OAAO,OAAO,OAAA,CAAQ,KAAK,CAAA,IAAK,MAAA,CAAO,QAAQ,QAAQ,CAAA;AACzD,CAAA;AAEA,IAAM,aAAA,GAAgB,CAAC,KAAA,EAAiB,OAAA,EAAiB,IAAA,KAA2B;AAClF,EAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,EAAA,MAAM,KAAA,GAAQ,OAAO,KAAK,CAAA;AAC1B,EAAA,MAAM,MAAA,GAAS,GAAG,KAAK,CAAA,CAAA,EAAI,MAAM,WAAA,EAAa,CAAA,CAAA,EAAI,MAAA,CAAO,KAAK,CAAA,CAAA;AAC9D,EAAA,MAAM,UAAU,IAAA,GAAO,CAAA,CAAA,EAAI,KAAK,SAAA,CAAU,IAAI,CAAC,CAAA,CAAA,GAAK,EAAA;AACpD,EAAA,OAAO,GAAG,SAAS,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,EAAI,OAAO,GAAG,OAAO,CAAA,CAAA;AACpD,CAAA;AAEO,IAAM,MAAA,GAAS;AAAA,EACpB,KAAA,EAAO,CAAC,OAAA,EAAiB,IAAA,KAAmB;AAC1C,IAAA,IAAI,SAAA,CAAU,OAAO,CAAA,EAAG;AACtB,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAc,OAAA,EAAS,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACnD;AAAA,EACF,CAAA;AAAA,EACA,IAAA,EAAM,CAAC,OAAA,EAAiB,IAAA,KAAmB;AACzC,IAAA,IAAI,SAAA,CAAU,MAAM,CAAA,EAAG;AACrB,MAAA,OAAA,CAAQ,GAAA,CAAI,aAAA,CAAc,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IAClD;AAAA,EACF,CAAA;AAAA,EACA,IAAA,EAAM,CAAC,OAAA,EAAiB,IAAA,KAAmB;AACzC,IAAA,IAAI,SAAA,CAAU,MAAM,CAAA,EAAG;AACrB,MAAA,OAAA,CAAQ,IAAA,CAAK,aAAA,CAAc,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACnD;AAAA,EACF,CAAA;AAAA,EACA,KAAA,EAAO,CAAC,OAAA,EAAiB,IAAA,KAAmB;AAC1C,IAAA,IAAI,SAAA,CAAU,OAAO,CAAA,EAAG;AACtB,MAAA,OAAA,CAAQ,KAAA,CAAM,aAAA,CAAc,OAAA,EAAS,OAAA,EAAS,IAAI,CAAC,CAAA;AAAA,IACrD;AAAA,EACF;AACF,CAAA;;;ACxCO,IAAM,QAAA,GAAN,cAAuB,KAAA,CAAM;AAAA,EAClC,WAAA,CACS,UAAA,EACA,OAAA,EACA,IAAA,EACP;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJN,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAGP,IAAA,IAAA,CAAK,IAAA,GAAO,UAAA;AAAA,EACd;AACF;AAKO,IAAM,aAAA,GAAN,cAA4B,QAAA,CAAS;AAAA,EAC1C,WAAA,CAAY,UAAkB,oBAAA,EAAsB;AAClD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,WAAW,CAAA;AAAA,EACjC;AACF;AAKO,IAAM,eAAA,GAAN,cAA8B,QAAA,CAAS;AAAA,EAC5C,WAAA,CAAY,UAAkB,mBAAA,EAAqB;AACjD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,kBAAkB,CAAA;AAAA,EACxC;AACF;AAKO,IAAM,iBAAA,GAAN,cAAgC,QAAA,CAAS;AAAA,EAC9C,WAAA,CAAY,UAAkB,cAAA,EAAgB;AAC5C,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,cAAc,CAAA;AAAA,EACpC;AACF;AAKO,IAAM,cAAA,GAAN,cAA6B,QAAA,CAAS;AAAA,EAC3C,WAAA,CAAY,UAAkB,WAAA,EAAa;AACzC,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,WAAW,CAAA;AAAA,EACjC;AACF;AAKO,IAAM,aAAA,GAAN,cAA4B,QAAA,CAAS;AAAA,EAC1C,WAAA,CAAY,UAAkB,mBAAA,EAAqB;AACjD,IAAA,KAAA,CAAM,GAAA,EAAK,SAAS,UAAU,CAAA;AAAA,EAChC;AACF;AAKO,IAAM,YAAA,GAAe,CAC1B,GAAA,EACA,IAAA,EACA,KACA,KAAA,KACS;AACT,EAAA,MAAA,CAAO,KAAA,CAAM,QAAA,EAAU,EAAE,IAAA,EAAM,GAAA,CAAI,IAAA,EAAM,OAAA,EAAS,GAAA,CAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAO,CAAA;AAGjF,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,MACnB,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,kBAAA;AAAA,MACN,OAAA,EAAS,GAAA,CAAI,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,QAC9B,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,QACrB,SAAS,CAAA,CAAE;AAAA,OACb,CAAE;AAAA,KACH,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,IAAI,eAAe,QAAA,EAAU;AAC3B,IAAA,GAAA,CAAI,MAAA,CAAO,GAAA,CAAI,UAAU,CAAA,CAAE,IAAA,CAAK;AAAA,MAC9B,OAAA,EAAS,KAAA;AAAA,MACT,OAAO,GAAA,CAAI,OAAA;AAAA,MACX,MAAM,GAAA,CAAI;AAAA,KACX,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,eAAA,IAAmB,GAAA,CAAI,SAAS,gBAAA,EAAkB;AACjE,IAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,MACnB,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM;AAAA,KACP,CAAA;AACD,IAAA;AAAA,EACF;AAGA,EAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,IACnB,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO,uBAAA;AAAA,IACP,IAAA,EAAM;AAAA,GACP,CAAA;AACH;AAKO,IAAM,eACX,CAAC,EAAA,KACD,CAAC,GAAA,EAAc,KAAe,IAAA,KAAuB;AACnD,EAAA,OAAA,CAAQ,OAAA,CAAQ,GAAG,GAAA,EAAK,GAAA,EAAK,IAAI,CAAC,CAAA,CAAE,MAAM,IAAI,CAAA;AAChD;AAKK,IAAM,eAAA,GAAkB,CAAC,GAAA,EAAc,GAAA,KAAwB;AACpE,EAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,IACnB,OAAA,EAAS,KAAA;AAAA,IACT,OAAO,CAAA,MAAA,EAAS,GAAA,CAAI,MAAM,CAAA,CAAA,EAAI,IAAI,IAAI,CAAA,UAAA,CAAA;AAAA,IACtC,IAAA,EAAM;AAAA,GACP,CAAA;AACH;AChIO,IAAM,eACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,IAAA,GAAO,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,IAAI,CAAA;AAC3C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,mBAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;AAKK,IAAM,gBACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,KAAA,GAAQ,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,KAAK,CAAA;AAC7C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,0BAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;AAKK,IAAM,iBACX,CAAC,MAAA,KAAyB,OAAO,GAAA,EAAc,KAAe,IAAA,KAAsC;AAClG,EAAA,IAAI;AACF,IAAA,GAAA,CAAI,MAAA,GAAS,MAAM,MAAA,CAAO,UAAA,CAAW,IAAI,MAAM,CAAA;AAC/C,IAAA,IAAA,EAAK;AAAA,EACP,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiBA,QAAAA,EAAU;AAC7B,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,QACnB,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,yBAAA;AAAA,QACP,IAAA,EAAM,kBAAA;AAAA,QACN,OAAA,EAAS,KAAA,CAAM,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,UAChC,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA;AAAA,UACrB,SAAS,CAAA,CAAE;AAAA,SACb,CAAE;AAAA,OACH,CAAA;AACD,MAAA;AAAA,IACF;AACA,IAAA,IAAA,CAAK,KAAK,CAAA;AAAA,EACZ;AACF;ACQF,SAAS,MAAA,GAAwB;AAC/B,EAAA,IAAI,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,KAAA;AAAA,MACR;AAAA,KAEF;AAAA,EACF;AACA,EAAA,OAAO,MAAM,GAAA,EAAI;AACnB;AAKO,SAAS,YAAA,GAA0C;AACxD,EAAA,OAAO,MAAA,GAAS,SAAA,EAAU;AAC5B;AAKO,SAAS,OAAA,GAA2B;AACzC,EAAA,OAAO,MAAA,GAAS,IAAA,EAAK;AACvB;AASkB,IAAI,KAAA,CAAM,EAAC,EAAgC;AAAA,EAC3D,GAAA,CAAI,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU;AAC3B,IAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,MAAM,QAAQ,CAAA;AACnD,IAAA,OAAO,OAAO,KAAA,KAAU,UAAA,GAAa,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA,GAAI,KAAA;AAAA,EAC/D;AACF,CAAC;;;ACpHD,IAAM,aAAA,GAAgB,SAAA;AAGtB,IAAM,QAAA,GAA2B;AAAA,EAC/B,GAAA,EAAK,cAAA;AAAA,EACL,KAAA,EAAO,eAAA;AAAA,EACP,cAAA,EAAgB,IAAA;AAAA,EAChB,GAAA,EAAK,aAAA;AAAA,EACL,WAAW,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,EACvC,KAAK,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAA,GAAI,IAAA;AAAA,EACrC,KAAK,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,EACjC,GAAA,EAAK,4CAAA;AAAA,EACL,GAAA,EAAK,cAAA;AAAA,EACL,QAAA,EAAU;AAAA,IACR,YAAY,EAAC;AAAA,IACb,gBAAA,EAAkB;AAAA;AAEtB,CAAA;AAEA,eAAsB,oBAAA,CAAqB,GAAA,EAAc,GAAA,EAAe,IAAA,EAAoB;AAC1F,EAAA,MAAM,aAAA,GAAgB,IAAI,OAAA,CAAQ,aAAA;AAGlC,EAAA,IAAI,GAAA,CAAI,aAAa,aAAA,KAAkB,CAAC,iBAAiB,CAAC,aAAA,CAAc,UAAA,CAAW,aAAa,CAAA,CAAA,EAAI;AAClG,IAAA,GAAA,CAAI,YAAA,GAAe,QAAA;AACnB,IAAA,GAAA,CAAI,OAAO,YAAA,GAAe,QAAA;AAC1B,IAAA,OAAO,IAAA,EAAK;AAAA,EACd;AAEA,EAAA,IAAI;AACF,IAAA,IAAI,CAAC,aAAA,IAAiB,CAAC,aAAA,CAAc,UAAA,CAAW,aAAa,CAAA,EAAG;AAC9D,MAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,6CAA6C,CAAA;AAAA,IACpF;AAEA,IAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,KAAA,CAAM,aAAA,CAAc,MAAM,CAAA;AACtD,IAAA,MAAM,YAAA,GAAe,MAAM,OAAA,EAAQ,CAAE,cAAc,KAAK,CAAA;AAExD,IAAA,GAAA,CAAI,YAAA,GAAe,YAAA;AACnB,IAAA,GAAA,CAAI,OAAO,YAAA,GAAe,YAAA;AAE1B,IAAA,OAAO,IAAA,EAAK;AAAA,EACd,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,mCAAmC,KAAK,CAAA;AACtD,IAAA,OAAO,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,gBAAgB,CAAA;AAAA,EACvD;AACF","file":"index.js","sourcesContent":["import { z } from 'zod';\nimport dotenv from 'dotenv';\n\n// Load environment variables\ndotenv.config();\n\nconst envSchema = z.object({\n  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),\n  PORT: z\n    .string()\n    .default('3030')\n    .transform((val) => parseInt(val, 10)),\n  CORS_ORIGIN: z\n    .string()\n    .default('http://localhost:5173')\n    .transform((val) => (val.includes(',') ? val.split(',').map((s) => s.trim()) : val)),\n  \n  // Database (Prisma/SQL) - optional\n  DATABASE_URL: z.string().optional(),\n  \n  // Firebase/Firestore configuration\n  FIREBASE_PROJECT_ID: z.string().optional(),\n  FIREBASE_CLIENT_EMAIL: z.string().optional(),\n  FIREBASE_PRIVATE_KEY: z.string().optional(),\n  FIREBASE_SERVICE_ACCOUNT_PATH: z.string().optional(),\n  FIRESTORE_EMULATOR_HOST: z.string().optional(),\n  FIREBASE_AUTH_EMULATOR_HOST: z.string().optional(),\n  \n  // API configuration\n  API_PREFIX: z.string().default('/api'),\n\n  // Mock data configuration\n  USE_MOCK_DATA: z.string().default('true').transform((v) => v === 'true'),\n  MOCK_SEED: z\n    .string()\n    .optional()\n    .transform((v) => (v ? parseInt(v, 10) : undefined)),\n});\n\nconst parsed = envSchema.safeParse(process.env);\n\nif (!parsed.success) {\n  console.error('❌ Invalid environment variables:', parsed.error.flatten().fieldErrors);\n  throw new Error('Invalid environment variables');\n}\n\nexport const env = parsed.data;\n","import { env } from './env.js';\n\ntype LogLevel = 'debug' | 'info' | 'warn' | 'error';\n\nconst colors = {\n  debug: '\\x1b[36m', // Cyan\n  info: '\\x1b[32m', // Green\n  warn: '\\x1b[33m', // Yellow\n  error: '\\x1b[31m', // Red\n  reset: '\\x1b[0m',\n};\n\nconst shouldLog = (level: LogLevel): boolean => {\n  const levels: LogLevel[] = ['debug', 'info', 'warn', 'error'];\n  const minLevel = env.NODE_ENV === 'production' ? 'info' : 'debug';\n  return levels.indexOf(level) >= levels.indexOf(minLevel);\n};\n\nconst formatMessage = (level: LogLevel, message: string, meta?: unknown): string => {\n  const timestamp = new Date().toISOString();\n  const color = colors[level];\n  const prefix = `${color}[${level.toUpperCase()}]${colors.reset}`;\n  const metaStr = meta ? ` ${JSON.stringify(meta)}` : '';\n  return `${timestamp} ${prefix} ${message}${metaStr}`;\n};\n\nexport const logger = {\n  debug: (message: string, meta?: unknown) => {\n    if (shouldLog('debug')) {\n      console.log(formatMessage('debug', message, meta));\n    }\n  },\n  info: (message: string, meta?: unknown) => {\n    if (shouldLog('info')) {\n      console.log(formatMessage('info', message, meta));\n    }\n  },\n  warn: (message: string, meta?: unknown) => {\n    if (shouldLog('warn')) {\n      console.warn(formatMessage('warn', message, meta));\n    }\n  },\n  error: (message: string, meta?: unknown) => {\n    if (shouldLog('error')) {\n      console.error(formatMessage('error', message, meta));\n    }\n  },\n};\n","import { Request, Response, NextFunction } from 'express';\nimport { ZodError } from 'zod';\nimport { logger } from '../lib/logger.js';\n\n/**\n * Base application error class\n */\nexport class AppError extends Error {\n  constructor(\n    public statusCode: number,\n    public message: string,\n    public code?: string\n  ) {\n    super(message);\n    this.name = 'AppError';\n  }\n}\n\n/**\n * 404 Not Found error\n */\nexport class NotFoundError extends AppError {\n  constructor(message: string = 'Resource not found') {\n    super(404, message, 'NOT_FOUND');\n  }\n}\n\n/**\n * 400 Bad Request / Validation error\n */\nexport class ValidationError extends AppError {\n  constructor(message: string = 'Validation failed') {\n    super(400, message, 'VALIDATION_ERROR');\n  }\n}\n\n/**\n * 401 Unauthorized error\n */\nexport class UnauthorizedError extends AppError {\n  constructor(message: string = 'Unauthorized') {\n    super(401, message, 'UNAUTHORIZED');\n  }\n}\n\n/**\n * 403 Forbidden error\n */\nexport class ForbiddenError extends AppError {\n  constructor(message: string = 'Forbidden') {\n    super(403, message, 'FORBIDDEN');\n  }\n}\n\n/**\n * 409 Conflict error\n */\nexport class ConflictError extends AppError {\n  constructor(message: string = 'Resource conflict') {\n    super(409, message, 'CONFLICT');\n  }\n}\n\n/**\n * Global error handler middleware\n */\nexport const errorHandler = (\n  err: Error,\n  _req: Request,\n  res: Response,\n  _next: NextFunction\n): void => {\n  logger.error('Error:', { name: err.name, message: err.message, stack: err.stack });\n\n  // Zod validation errors\n  if (err instanceof ZodError) {\n    res.status(400).json({\n      success: false,\n      error: 'Validation failed',\n      code: 'VALIDATION_ERROR',\n      details: err.errors.map((e) => ({\n        path: e.path.join('.'),\n        message: e.message,\n      })),\n    });\n    return;\n  }\n\n  // Custom application errors\n  if (err instanceof AppError) {\n    res.status(err.statusCode).json({\n      success: false,\n      error: err.message,\n      code: err.code,\n    });\n    return;\n  }\n\n  // Firebase/Firestore errors\n  if (err.name === 'FirebaseError' || err.name === 'FirestoreError') {\n    res.status(500).json({\n      success: false,\n      error: 'Database error',\n      code: 'DATABASE_ERROR',\n    });\n    return;\n  }\n\n  // Unknown errors\n  res.status(500).json({\n    success: false,\n    error: 'Internal server error',\n    code: 'INTERNAL_ERROR',\n  });\n};\n\n/**\n * Async handler wrapper to catch errors in async route handlers\n */\nexport const asyncHandler =\n  (fn: (req: Request, res: Response, next: NextFunction) => Promise<unknown>) =>\n  (req: Request, res: Response, next: NextFunction) => {\n    Promise.resolve(fn(req, res, next)).catch(next);\n  };\n\n/**\n * 404 handler for unmatched routes\n */\nexport const notFoundHandler = (req: Request, res: Response): void => {\n  res.status(404).json({\n    success: false,\n    error: `Route ${req.method} ${req.path} not found`,\n    code: 'ROUTE_NOT_FOUND',\n  });\n};\n","import { Request, Response, NextFunction } from 'express';\nimport { AnyZodObject, ZodError } from 'zod';\n\n/**\n * Middleware to validate request body against a Zod schema\n */\nexport const validateBody =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.body = await schema.parseAsync(req.body);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Validation failed',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n\n/**\n * Middleware to validate request query parameters against a Zod schema\n */\nexport const validateQuery =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.query = await schema.parseAsync(req.query);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Invalid query parameters',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n\n/**\n * Middleware to validate request params against a Zod schema\n */\nexport const validateParams =\n  (schema: AnyZodObject) => async (req: Request, res: Response, next: NextFunction): Promise<void> => {\n    try {\n      req.params = await schema.parseAsync(req.params);\n      next();\n    } catch (error) {\n      if (error instanceof ZodError) {\n        res.status(400).json({\n          success: false,\n          error: 'Invalid path parameters',\n          code: 'VALIDATION_ERROR',\n          details: error.errors.map((e) => ({\n            path: e.path.join('.'),\n            message: e.message,\n          })),\n        });\n        return;\n      }\n      next(error);\n    }\n  };\n","/**\n * Database Accessors & Initialization\n *\n * This module provides:\n * - `initializeFirebase()` — convenience function to init Firebase from env vars\n * - `getFirestore()`, `getAuth()` — accessors for Firebase services\n * - `db` — lazy Firestore proxy (no eager initialization)\n *\n * The consuming application MUST call `initializeFirebase()` or\n * `admin.initializeApp()` before using any Firebase-dependent features.\n */\n\nimport admin from 'firebase-admin';\n\n/**\n * Initialize Firebase Admin SDK from environment variables.\n *\n * Reads: FIREBASE_PROJECT_ID, FIREBASE_CLIENT_EMAIL, FIREBASE_PRIVATE_KEY,\n *        FIREBASE_SERVICE_ACCOUNT_PATH, FIRESTORE_EMULATOR_HOST\n *\n * Safe to call multiple times — returns existing app if already initialized.\n */\nexport function initializeFirebase(): admin.app.App {\n  // Already initialized — return existing app\n  if (admin.apps.length > 0) {\n    return admin.app();\n  }\n\n  const projectId = process.env.FIREBASE_PROJECT_ID;\n  const emulatorHost = process.env.FIRESTORE_EMULATOR_HOST;\n\n  // Emulator mode — no credentials needed\n  if (emulatorHost) {\n    const app = admin.initializeApp({\n      projectId: projectId || 'demo-project',\n    });\n    console.log(`Firebase Admin initialized for emulator: ${emulatorHost}`);\n    return app;\n  }\n\n  // Service account file\n  const serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH;\n  if (serviceAccountPath) {\n    // Dynamic require for JSON service account file at runtime\n    const serviceAccount = require(serviceAccountPath) as Record<string, unknown>;\n    return admin.initializeApp({\n      credential: admin.credential.cert(serviceAccount),\n      projectId,\n    });\n  }\n\n  // Inline credentials\n  const clientEmail = process.env.FIREBASE_CLIENT_EMAIL;\n  const privateKey = process.env.FIREBASE_PRIVATE_KEY;\n  if (projectId && clientEmail && privateKey) {\n    return admin.initializeApp({\n      credential: admin.credential.cert({\n        projectId,\n        clientEmail,\n        privateKey: privateKey.replace(/\\\\n/g, '\\n'),\n      }),\n      projectId,\n    });\n  }\n\n  // Application default credentials (Cloud Run, etc.)\n  if (projectId) {\n    return admin.initializeApp({\n      credential: admin.credential.applicationDefault(),\n      projectId,\n    });\n  }\n\n  throw new Error(\n    '@almadar/server: Cannot initialize Firebase — no credentials found. ' +\n    'Set FIREBASE_PROJECT_ID + FIREBASE_CLIENT_EMAIL + FIREBASE_PRIVATE_KEY, ' +\n    'or FIREBASE_SERVICE_ACCOUNT_PATH, or FIRESTORE_EMULATOR_HOST.'\n  );\n}\n\n/**\n * Get the initialized Firebase app.\n * Throws if Firebase Admin SDK has not been initialized.\n */\nfunction getApp(): admin.app.App {\n  if (admin.apps.length === 0) {\n    throw new Error(\n      '@almadar/server: Firebase Admin SDK is not initialized. ' +\n      'Call initializeFirebase() or admin.initializeApp() before using @almadar/server.'\n    );\n  }\n  return admin.app();\n}\n\n/**\n * Get Firestore instance from the pre-initialized Firebase app.\n */\nexport function getFirestore(): admin.firestore.Firestore {\n  return getApp().firestore();\n}\n\n/**\n * Get Firebase Auth instance from the pre-initialized Firebase app.\n */\nexport function getAuth(): admin.auth.Auth {\n  return getApp().auth();\n}\n\n// Re-export admin for convenience\nexport { admin };\n\n/**\n * Lazy Firestore proxy — resolves on first property access, not at import time.\n * This prevents the \"Firebase not initialized\" error during module loading.\n */\nexport const db = new Proxy({} as admin.firestore.Firestore, {\n  get(_target, prop, receiver) {\n    const firestore = getFirestore();\n    const value = Reflect.get(firestore, prop, receiver);\n    return typeof value === 'function' ? value.bind(firestore) : value;\n  },\n});\n","import { NextFunction, Request, Response } from 'express';\nimport type { DecodedIdToken } from 'firebase-admin/auth';\nimport { getAuth } from '../lib/db.js';\nimport { env } from '../lib/env.js';\n\nconst BEARER_PREFIX = 'Bearer ';\n\n/** Fake dev user injected when NODE_ENV=development and no auth header is present */\nconst DEV_USER: DecodedIdToken = {\n  uid: 'dev-user-001',\n  email: 'dev@localhost',\n  email_verified: true,\n  aud: 'dev-project',\n  auth_time: Math.floor(Date.now() / 1000),\n  exp: Math.floor(Date.now() / 1000) + 3600,\n  iat: Math.floor(Date.now() / 1000),\n  iss: 'https://securetoken.google.com/dev-project',\n  sub: 'dev-user-001',\n  firebase: {\n    identities: {},\n    sign_in_provider: 'custom',\n  },\n};\n\nexport async function authenticateFirebase(req: Request, res: Response, next: NextFunction) {\n  const authorization = req.headers.authorization;\n\n  // Dev bypass: in development mode, skip auth if no token is provided\n  if (env.NODE_ENV === 'development' && (!authorization || !authorization.startsWith(BEARER_PREFIX))) {\n    req.firebaseUser = DEV_USER;\n    res.locals.firebaseUser = DEV_USER;\n    return next();\n  }\n\n  try {\n    if (!authorization || !authorization.startsWith(BEARER_PREFIX)) {\n      return res.status(401).json({ error: 'Authorization header missing or malformed' });\n    }\n\n    const token = authorization.slice(BEARER_PREFIX.length);\n    const decodedToken = await getAuth().verifyIdToken(token);\n\n    req.firebaseUser = decodedToken;\n    res.locals.firebaseUser = decodedToken;\n\n    return next();\n  } catch (error) {\n    console.error('Firebase authentication failed:', error);\n    return res.status(401).json({ error: 'Unauthorized' });\n  }\n}\n\nexport default authenticateFirebase;\n\n\n"]}

package/dist/middleware/multi-user.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Multi-User Middleware
+ *
+ * Provides user isolation and session ownership using Firebase Auth.
+ *
+ * @packageDocumentation
+ */
+import type { Request, Response, NextFunction } from 'express';
+declare global {
+    namespace Express {
+        interface Request {
+            user?: {
+                uid: string;
+                email?: string;
+                roles?: string[];
+                orgId?: string;
+            };
+            userContext?: {
+                userId: string;
+                orgId?: string;
+                roles?: string[];
+            };
+        }
+    }
+}
+/**
+ * Middleware to set up user context from Firebase Auth
+ */
+export declare function multiUserMiddleware(req: Request, res: Response, next: NextFunction): Promise<void>;
+/**
+ * Verify Firebase Auth token from Authorization header
+ */
+export declare function verifyFirebaseAuth(req: Request, res: Response, next: NextFunction): Promise<void>;
+//# sourceMappingURL=multi-user.d.ts.map

package/dist/middleware/multi-user.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"multi-user.d.ts","sourceRoot":"","sources":["../../src/middleware/multi-user.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAOH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAG/D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,IAAI,CAAC,EAAE;gBACL,GAAG,EAAE,MAAM,CAAC;gBACZ,KAAK,CAAC,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;gBACjB,KAAK,CAAC,EAAE,MAAM,CAAC;aAChB,CAAC;YACF,WAAW,CAAC,EAAE;gBACZ,MAAM,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,CAAC;gBACf,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;aAClB,CAAC;SACH;KACF;CACF;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CA6Bf;AAED;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CA4Bf"}

package/dist/middleware/validation.d.ts

@@ -0,0 +1,15 @@
+import { Request, Response, NextFunction } from 'express';
+import { AnyZodObject } from 'zod';
+/**
+ * Middleware to validate request body against a Zod schema
+ */
+export declare const validateBody: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+/**
+ * Middleware to validate request query parameters against a Zod schema
+ */
+export declare const validateQuery: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+/**
+ * Middleware to validate request params against a Zod schema
+ */
+export declare const validateParams: (schema: AnyZodObject) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=validation.d.ts.map

package/dist/middleware/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/middleware/validation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAY,MAAM,KAAK,CAAC;AAE7C;;GAEG;AACH,eAAO,MAAM,YAAY,GACtB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,aAAa,GACvB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,cAAc,GACxB,QAAQ,YAAY,MAAY,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,OAAO,CAAC,IAAI,CAmB9F,CAAC"}

package/dist/routes/__tests__/observability.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * @fileoverview Unit tests for observability routes
+ * @module @almadar/server/routes/observability.test
+ */
+export {};
+//# sourceMappingURL=observability.test.d.ts.map

package/dist/routes/__tests__/observability.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"observability.test.d.ts","sourceRoot":"","sources":["../../../src/routes/__tests__/observability.test.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/routes/observability.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Observability Routes
+ *
+ * Provides endpoints for metrics, health checks, and telemetry.
+ *
+ * @packageDocumentation
+ */
+import { Router } from 'express';
+declare const router: ReturnType<typeof Router>;
+export default router;
+//# sourceMappingURL=observability.d.ts.map

package/dist/routes/observability.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"observability.d.ts","sourceRoot":"","sources":["../../src/routes/observability.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAOjC,QAAA,MAAM,MAAM,EAAE,UAAU,CAAC,OAAO,MAAM,CAAY,CAAC;AAyEnD,eAAe,MAAM,CAAC"}

package/dist/services/DataService.d.ts

@@ -0,0 +1,70 @@
+/**
+ * DataService - Unified data access abstraction
+ *
+ * Provides a common interface for data operations that can be backed by
+ * either MockDataService (for development) or Firebase (for production).
+ *
+ * @packageDocumentation
+ */
+import type { StoreContract, StoreFilter } from '@almadar/core';
+import { type FieldSchema } from './MockDataService.js';
+import { type ParsedFilter } from '../utils/queryFilters.js';
+interface BaseEntity {
+    id: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * Pagination options for list queries
+ */
+export interface PaginationOptions {
+    /** Page number (1-indexed) */
+    page?: number;
+    /** Number of items per page */
+    pageSize?: number;
+    /** Search term to filter results */
+    search?: string;
+    /** Fields to search in (defaults to all string fields) */
+    searchFields?: string[];
+    /** Sort field */
+    sortBy?: string;
+    /** Sort direction */
+    sortOrder?: 'asc' | 'desc';
+    /** Filters parsed from query params */
+    filters?: ParsedFilter[];
+}
+/**
+ * Paginated response structure
+ */
+export interface PaginatedResult<T> {
+    data: T[];
+    total: number;
+    page: number;
+    pageSize: number;
+    totalPages: number;
+}
+export interface DataService {
+    list<T>(collection: string): Promise<T[]>;
+    listPaginated<T>(collection: string, options?: PaginationOptions): Promise<PaginatedResult<T>>;
+    getById<T>(collection: string, id: string): Promise<T | null>;
+    create<T extends BaseEntity>(collection: string, data: Partial<T>): Promise<T>;
+    update<T extends BaseEntity>(collection: string, id: string, data: Partial<T>): Promise<T | null>;
+    delete(collection: string, id: string): Promise<boolean>;
+    query<T>(collection: string, filters: StoreFilter<T>[]): Promise<T[]>;
+    /** Get a typed StoreContract<T> bound to a specific collection. */
+    getStore<T extends BaseEntity>(collection: string): StoreContract<T>;
+}
+export declare function getDataService(): DataService;
+export declare function resetDataService(): void;
+export interface EntitySeedConfig {
+    name: string;
+    fields: FieldSchema[];
+    seedCount: number;
+}
+/**
+ * Seed mock data for multiple entities.
+ * Only works when USE_MOCK_DATA is enabled.
+ */
+export declare function seedMockData(entities: EntitySeedConfig[]): void;
+export {};
+//# sourceMappingURL=DataService.d.ts.map

package/dist/services/DataService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"DataService.d.ts","sourceRoot":"","sources":["../../src/services/DataService.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAIhE,OAAO,EAAsB,KAAK,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAGL,KAAK,YAAY,EAClB,MAAM,0BAA0B,CAAC;AAMlC,UAAU,UAAU;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,8BAA8B;IAC9B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,oCAAoC;IACpC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,iBAAiB;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qBAAqB;IACrB,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;IAC3B,uCAAuC;IACvC,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe,CAAC,CAAC;IAChC,IAAI,EAAE,CAAC,EAAE,CAAC;IACV,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1C,aAAa,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/F,OAAO,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC9D,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAClG,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzD,KAAK,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;IACtE,mEAAmE;IACnE,QAAQ,CAAC,CAAC,SAAS,UAAU,EAAE,UAAU,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;CACtE;AAyYD,wBAAgB,cAAc,IAAI,WAAW,CAK5C;AAED,wBAAgB,gBAAgB,IAAI,IAAI,CAEvC;AAMD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,gBAAgB,EAAE,GAAG,IAAI,CAa/D"}

package/dist/services/MockDataService.d.ts

@@ -0,0 +1,110 @@
+/**
+ * MockDataService - In-memory data store with faker-based mock generation
+ *
+ * Provides a stateful mock data layer that supports all CRUD operations.
+ * Uses @faker-js/faker for realistic data generation based on field types.
+ *
+ * @packageDocumentation
+ */
+export interface FieldSchema {
+    name: string;
+    type: 'string' | 'number' | 'boolean' | 'date' | 'enum' | 'relation' | 'array';
+    required?: boolean;
+    enumValues?: string[];
+    min?: number;
+    max?: number;
+    fakerMethod?: string;
+    relatedEntity?: string;
+}
+export interface EntitySchema {
+    fields: FieldSchema[];
+    seedCount?: number;
+}
+interface BaseEntity {
+    id: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * In-memory mock data store with CRUD operations and faker-based seeding.
+ */
+export declare class MockDataService {
+    private stores;
+    private schemas;
+    private idCounters;
+    constructor();
+    /**
+     * Initialize store for an entity.
+     */
+    private getStore;
+    /**
+     * Generate next ID for an entity.
+     */
+    private nextId;
+    /**
+     * Register an entity schema.
+     */
+    registerSchema(entityName: string, schema: EntitySchema): void;
+    /**
+     * Seed an entity with mock data.
+     */
+    seed(entityName: string, fields: FieldSchema[], count?: number): void;
+    /**
+     * Generate a single mock item based on field schemas.
+     */
+    private generateMockItem;
+    /**
+     * Generate a mock value for a field based on its schema.
+     */
+    private generateFieldValue;
+    /**
+     * Generate a string value based on field name heuristics.
+     * Generic name/title fields use a clean readable format (e.g., "Title 1").
+     * Specific fields (email, phone, etc.) use faker.
+     */
+    private generateStringValue;
+    /**
+     * Capitalize first letter of a string.
+     */
+    private capitalizeFirst;
+    /**
+     * Generate a date value based on field name heuristics.
+     */
+    private generateDateValue;
+    /**
+     * List all items of an entity.
+     */
+    list<T>(entityName: string): T[];
+    /**
+     * Get a single item by ID.
+     */
+    getById<T>(entityName: string, id: string): T | null;
+    /**
+     * Create a new item.
+     */
+    create<T extends BaseEntity>(entityName: string, data: Partial<T>): T;
+    /**
+     * Update an existing item.
+     */
+    update<T extends BaseEntity>(entityName: string, id: string, data: Partial<T>): T | null;
+    /**
+     * Delete an item.
+     */
+    delete(entityName: string, id: string): boolean;
+    /**
+     * Clear all data for an entity.
+     */
+    clear(entityName: string): void;
+    /**
+     * Clear all data.
+     */
+    clearAll(): void;
+    /**
+     * Get count of items for an entity.
+     */
+    count(entityName: string): number;
+}
+export declare function getMockDataService(): MockDataService;
+export declare function resetMockDataService(): void;
+export {};
+//# sourceMappingURL=MockDataService.d.ts.map

package/dist/services/MockDataService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"MockDataService.d.ts","sourceRoot":"","sources":["../../src/services/MockDataService.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAUH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC;IAC/E,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,UAAU,UAAU;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAMD;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAgD;IAC9D,OAAO,CAAC,OAAO,CAAwC;IACvD,OAAO,CAAC,UAAU,CAAkC;;IAcpD;;OAEG;IACH,OAAO,CAAC,QAAQ;IAShB;;OAEG;IACH,OAAO,CAAC,MAAM;IAWd;;OAEG;IACH,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,GAAG,IAAI;IAI9D;;OAEG;IACH,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,EAAE,KAAK,GAAE,MAAW,GAAG,IAAI;IAYzE;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAmBxB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAgD1B;;;;OAIG;IACH,OAAO,CAAC,mBAAmB;IA4F3B;;OAEG;IACH,OAAO,CAAC,eAAe;IAIvB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAoBzB;;OAEG;IACH,IAAI,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,GAAG,CAAC,EAAE;IAKhC;;OAEG;IACH,OAAO,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,CAAC,GAAG,IAAI;IAMpD;;OAEG;IACH,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC;IAgBrE;;OAEG;IACH,MAAM,CAAC,CAAC,SAAS,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI;IAmBxF;;OAEG;IACH,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO;IAa/C;;OAEG;IACH,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAM/B;;OAEG;IACH,QAAQ,IAAI,IAAI;IAKhB;;OAEG;IACH,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;CAIlC;AAKD,wBAAgB,kBAAkB,IAAI,eAAe,CAKpD;AAED,wBAAgB,oBAAoB,IAAI,IAAI,CAG3C"}

package/dist/services/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Services barrel export
+ *
+ * @packageDocumentation
+ */
+export { MockDataService, getMockDataService, resetMockDataService, type FieldSchema, type EntitySchema } from './MockDataService.js';
+export { getDataService, resetDataService, seedMockData, type DataService, type EntitySeedConfig } from './DataService.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/services/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,oBAAoB,EAAE,KAAK,WAAW,EAAE,KAAK,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACtI,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,YAAY,EAAE,KAAK,WAAW,EAAE,KAAK,gBAAgB,EAAE,MAAM,kBAAkB,CAAC"}