@alteran/astro 0.3.9 → 0.6.1

package/src/pages/xrpc/com.atproto.server.refreshSession.ts

@@ -1,90 +1,48 @@
 import type { APIContext } from 'astro';
 import { bearerToken } from '../../lib/util';
 import { lazyCleanupExpiredTokens } from '../../lib/token-cleanup';
-import { getRuntimeString } from '../../lib/secrets';
-import { getAccountByIdentifier, getRefreshToken, markRefreshTokenRotated, storeRefreshToken } from '../../db/account';
-import { verifyRefreshToken, issueSessionTokens, computeGraceExpiry } from '../../lib/session-tokens';
+import { attemptRefresh, type RefreshOutcome } from '../../lib/refresh-session';
+import { buildDidDocument } from '../../lib/did-document';
+import { getAccountState } from '../../db/dal';
+import { getAccountByIdentifier } from '../../db/account';
+import { toWireStatus } from '../../lib/account-state';
 
 export const prerender = false;
 
 export async function POST({ locals, request }: APIContext) {
   const { env } = locals.runtime;
   const token = bearerToken(request);
-  if (!token) {
-    return new Response(
-      JSON.stringify({ error: 'AuthRequired', message: 'No authorization token provided' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
-
-  const verification = await verifyRefreshToken(env, token).catch(() => null);
-  if (!verification) {
-    return new Response(
-      JSON.stringify({ error: 'InvalidToken', message: 'Invalid or expired refresh token' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
-
   const nowSec = Math.floor(Date.now() / 1000);
-  const { decoded } = verification;
 
-  if (!decoded || typeof decoded.jti !== 'string') {
-    return new Response(
-      JSON.stringify({ error: 'InvalidToken', message: 'Malformed refresh token' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
-
-  if (typeof decoded.exp !== 'number' || decoded.exp <= nowSec) {
-    return new Response(
-      JSON.stringify({ error: 'ExpiredToken', message: 'Refresh token expired' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
+  const outcome: RefreshOutcome = await attemptRefresh({ env, token, nowSec });
 
-  const stored = await getRefreshToken(env, decoded.jti);
-  if (!stored) {
-    return new Response(
-      JSON.stringify({ error: 'InvalidToken', message: 'Refresh token has been revoked' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
-
-  if (stored.expiresAt <= nowSec) {
-    return new Response(
-      JSON.stringify({ error: 'ExpiredToken', message: 'Refresh token expired' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
-    );
-  }
+  // Cleanup is best-effort and runs ~1% of the time regardless of outcome.
+  lazyCleanupExpiredTokens(env).catch(console.error);
 
-  if (stored.did !== decoded.sub) {
+  if (outcome.tag === 'failure') {
     return new Response(
-      JSON.stringify({ error: 'InvalidToken', message: 'Token subject mismatch' }),
-      { status: 401, headers: { 'Content-Type': 'application/json' } }
+      JSON.stringify({ error: outcome.code, message: outcome.message }),
+      { status: outcome.status, headers: { 'Content-Type': 'application/json' } },
     );
   }
 
-  const account = await getAccountByIdentifier(env, stored.did);
-  const did = stored.did;
-  const handle = account?.handle ?? (await getRuntimeString(env, 'PDS_HANDLE', 'user.example'));
-
-  // Rotate: generate new token pair with new JTI
-  const { accessJwt, refreshJwt, refreshPayload, refreshExpiry } = await issueSessionTokens(env, did, { jti: stored.nextId ?? undefined });
-
-  await storeRefreshToken(env, {
-    id: refreshPayload.jti,
-    did,
-    expiresAt: refreshExpiry,
-    appPasswordName: stored.appPasswordName ?? null,
-  });
-
-  const graceExpiry = computeGraceExpiry(stored.expiresAt, nowSec);
-  await markRefreshTokenRotated(env, decoded.jti, refreshPayload.jti, graceExpiry);
-
-  // Lazy cleanup of expired tokens (runs 1% of the time)
-  lazyCleanupExpiredTokens(env).catch(console.error);
-
-  return new Response(JSON.stringify({ did, handle, accessJwt, refreshJwt }), {
-    headers: { 'Content-Type': 'application/json' },
-  });
+  const didDoc = await buildDidDocument(env, outcome.did, outcome.handle);
+  const accountState = await getAccountState(env, outcome.did);
+  const wire = accountState ? toWireStatus(accountState) : { active: true };
+  const account = await getAccountByIdentifier(env, outcome.did);
+  const email = account?.email ?? (env.PDS_EMAIL as string | undefined);
+
+  return new Response(
+    JSON.stringify({
+      did: outcome.did,
+      didDoc,
+      handle: outcome.handle,
+      accessJwt: outcome.accessJwt,
+      refreshJwt: outcome.refreshJwt,
+      active: wire.active,
+      ...(wire.status ? { status: wire.status } : {}),
+      ...(email ? { email, emailConfirmed: true, emailAuthFactor: false } : {}),
+    }),
+    { headers: { 'Content-Type': 'application/json' } },
+  );
 }

package/src/pages/xrpc/com.atproto.sync.getBlob.ts

@@ -2,6 +2,10 @@ import type { APIContext } from 'astro';
 import { getDb } from '../../db/client';
 import { blob_ref } from '../../db/schema';
 import { eq } from 'drizzle-orm';
+import { CID } from 'multiformats/cid';
+import { sha256 } from 'multiformats/hashes/sha2';
+import { putBlobRef } from '../../db/dal';
+import { isAccountActive } from '../../db/dal';
 
 export const prerender = false;
 
@@ -19,66 +23,111 @@ export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
   try {
+    const configuredDid = typeof env.PDS_DID === 'string' ? env.PDS_DID : undefined;
+    const did = url.searchParams.get('did') ?? configuredDid;
     const cid = url.searchParams.get('cid');
-    if (!cid) {
+    if (!did || !cid) {
       return new Response(
         JSON.stringify({
           error: 'InvalidRequest',
-          message: 'cid parameter is required'
+          message: 'did and cid parameters are required'
         }),
         { status: 400, headers: { 'Content-Type': 'application/json' } }
       );
     }
 
+    const active = await isAccountActive(env, did);
+    if (!active) {
+      return new Response(
+        JSON.stringify({ error: 'AccountInactive', message: 'Account is not active' }),
+        { status: 403, headers: { 'Content-Type': 'application/json' } }
+      );
+    }
+
     const db = getDb(env);
 
     // Look up blob metadata by CID
-    const blobMeta = await db
+    let blobMeta = await db
       .select()
       .from(blob_ref)
       .where(eq(blob_ref.cid, cid))
       .get();
 
-    if (!blobMeta) {
+    let key: string | null = blobMeta?.key ?? null;
+    let mime: string = blobMeta?.mime ?? 'application/octet-stream';
+    let size: number | null = blobMeta?.size ?? null;
+
+    // Fallback for older uploads: derive R2 key from CID (raw/sha256) if DB row missing
+    if (!key) {
+      try {
+        const link = CID.parse(cid);
+        // blob CIDs are raw (0x55) with sha256 multihash
+        if (link.multihash.code !== sha256.code) {
+          return new Response(
+            JSON.stringify({ error: 'InvalidRequest', message: 'Unsupported multihash' }),
+            { status: 400, headers: { 'Content-Type': 'application/json' } }
+          );
+        }
+        // Recreate legacy R2 key scheme used by store.put()
+        const digest = link.multihash.digest; // Uint8Array
+        // base64url encode
+        let s = '';
+        for (const b of digest) s += String.fromCharCode(b);
+        const b64url = btoa(s).replaceAll('+', '-').replaceAll('/', '_').replace(/=+$/, '');
+        key = `blobs/by-cid/${b64url}`;
+      } catch {
+        key = null;
+      }
+    }
+
+    if (!key) {
       return new Response(
-        JSON.stringify({
-          error: 'BlobNotFound',
-          message: 'Blob not found'
-        }),
-        { status: 404, headers: { 'Content-Type': 'application/json' } }
+        JSON.stringify({ error: 'InvalidRequest', message: 'Blob not found' }),
+        { status: 400, headers: { 'Content-Type': 'application/json' } }
       );
     }
 
     // Fetch blob from R2
-    const r2 = env.BLOBS;
-    const object = await r2.get(blobMeta.key);
+    const r2 = env.ALTERAN_BLOBS;
+    const object = await r2.get(key);
 
     if (!object) {
       return new Response(
-        JSON.stringify({
-          error: 'BlobNotFound',
-          message: 'Blob not found in storage'
-        }),
-        { status: 404, headers: { 'Content-Type': 'application/json' } }
+        JSON.stringify({ error: 'InvalidRequest', message: 'Blob not found' }),
+        { status: 400, headers: { 'Content-Type': 'application/json' } }
       );
     }
 
-    // Stream the blob with appropriate content type
-    return new Response(object.body as any, {
+    if (!blobMeta) {
+      try {
+        size = object.size ?? size ?? 0;
+        await putBlobRef(env, did, cid, key, mime, Number(size ?? 0));
+      } catch (backfillError) {
+        // Backfill is opportunistic; serving the blob is the priority.
+        console.warn('getBlob backfill failed:', backfillError);
+      }
+    }
+
+    // workers-types' ReadableStream lacks the DOM-types readMany member; the
+    // shapes are wire-compatible at runtime, so widen through unknown.
+    return new Response(object.body as unknown as ReadableStream<Uint8Array>, {
       status: 200,
       headers: {
-        'Content-Type': blobMeta.mime,
-        'Content-Length': blobMeta.size.toString(),
+        'Content-Type': mime,
+        ...(size != null ? { 'Content-Length': String(size) } : {}),
         'Cache-Control': 'public, max-age=31536000, immutable',
+        'x-content-type-options': 'nosniff',
+        'content-security-policy': "default-src 'none'; sandbox",
       },
     });
-  } catch (error: any) {
+  } catch (error) {
+    const message = error instanceof Error ? error.message : 'Failed to retrieve blob';
     return new Response(
       JSON.stringify({
         error: 'InternalServerError',
-        message: error.message || 'Failed to retrieve blob'
+        message,
       }),
       { status: 500, headers: { 'Content-Type': 'application/json' } }
     );
   }
-}
+}

package/src/pages/xrpc/com.atproto.sync.getCheckout.json.ts

@@ -8,7 +8,7 @@ export const prerender = false;
 export async function GET({ locals, request }: APIContext) {
   const { env } = locals.runtime;
   const url = new URL(request.url);
-  const did = url.searchParams.get('did') ?? (env.PDS_DID ?? 'did:example:single-user');
+  const did = url.searchParams.get('did') ?? (env.PDS_DID as string);
   const head = await getRepoRoot(env);
   const rows = await dalListRecords(env);
   const records = rows

package/src/pages/xrpc/com.atproto.sync.getCheckout.ts

@@ -6,7 +6,7 @@ export const prerender = false;
 export async function GET({ locals, request }: APIContext) {
   const { env } = locals.runtime;
   const url = new URL(request.url);
-  const did = url.searchParams.get('did') ?? (env.PDS_DID ?? 'did:example:single-user');
+  const did = url.searchParams.get('did') ?? (env.PDS_DID as string);
 
   // Support commit range queries
   const fromParam = url.searchParams.get('from');

package/src/pages/xrpc/com.atproto.sync.getHead.ts

@@ -6,6 +6,11 @@ export const prerender = false;
 export async function GET({ locals }: APIContext) {
   const { env } = locals.runtime;
   const root = await getRepoRoot(env);
-  if (!root) return new Response(JSON.stringify({ root: null, rev: 0 }), { headers: { 'Content-Type': 'application/json' } });
-  return new Response(JSON.stringify({ root: root.commitCid, rev: root.rev }), { headers: { 'Content-Type': 'application/json' } });
+  if (!root) {
+    return new Response(
+      JSON.stringify({ error: 'HeadNotFound', message: 'Head not found' }),
+      { status: 404, headers: { 'Content-Type': 'application/json' } }
+    );
+  }
+  return new Response(JSON.stringify({ root: root.commitCid }), { headers: { 'Content-Type': 'application/json' } });
 }

package/src/pages/xrpc/com.atproto.sync.getLatestCommit.ts

@@ -10,7 +10,7 @@ export const prerender = false;
 export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
-  const did = url.searchParams.get('did') || env.PDS_DID || 'did:example:single-user';
+  const did = url.searchParams.get('did') || (env.PDS_DID as string);
 
   try {
     const root = await getRoot(env);

package/src/pages/xrpc/com.atproto.sync.getRecord.ts

@@ -1,9 +1,6 @@
 import type { APIContext } from 'astro';
 import { RepoManager } from '../../services/repo-manager';
-import { encodeRecordBlock } from '../../services/car';
-import * as dagCbor from '@ipld/dag-cbor';
-import { CID } from 'multiformats/cid';
-import { sha256 } from 'multiformats/hashes/sha2';
+import { buildRecordProofCar } from '../../services/car';
 
 export const prerender = false;
 
@@ -14,7 +11,7 @@ export const prerender = false;
 export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
-  const did = url.searchParams.get('did') || env.PDS_DID || 'did:example:single-user';
+  const did = url.searchParams.get('did') || (env.PDS_DID as string);
   const collection = url.searchParams.get('collection');
   const rkey = url.searchParams.get('rkey');
 
@@ -26,31 +23,12 @@ export async function GET({ locals, url }: APIContext) {
   }
 
   try {
-    const repoManager = new RepoManager(env);
-    const record = await repoManager.getRecord(collection, rkey);
-
-    if (!record) {
-      return new Response(
-        JSON.stringify({ error: 'RecordNotFound' }),
-        { status: 404, headers: { 'Content-Type': 'application/json' } }
-      );
-    }
-
-    // Encode the record as a single-block CAR snapshot (root = record CID)
-    const { cid, bytes } = await encodeRecordBlock(record);
-
-    // Minimal CAR encoding (header + single block)
-    const header = dagCbor.encode({ version: 1, roots: [cid] });
-    const varint = (n: number) => { const a:number[]=[]; while(n>=0x80){a.push((n&0x7f)|0x80); n>>>=7;} a.push(n); return new Uint8Array(a); };
-    const concat = (parts: Uint8Array[]) => { const len = parts.reduce((n,p)=>n+p.byteLength,0); const out = new Uint8Array(len); let o=0; for(const p of parts){out.set(p,o); o+=p.byteLength;} return out; };
-    const block = concat([cid.bytes, bytes]);
-    const carBytes = concat([varint(header.byteLength), header, varint(block.byteLength), block]);
-
-    return new Response(carBytes as any, {
+    const { bytes } = await buildRecordProofCar(env as any, did, collection, rkey);
+    return new Response(bytes as any, {
       status: 200,
       headers: {
         'Content-Type': 'application/vnd.ipld.car; version=1',
-        'Content-Disposition': 'inline; filename="record.car"',
+        'Content-Disposition': 'inline; filename="record-proof.car"',
       },
     });
   } catch (error) {

package/src/pages/xrpc/com.atproto.sync.getRepo.json.ts

@@ -8,7 +8,7 @@ export const prerender = false;
 export async function GET({ locals, request }: APIContext) {
   const { env } = locals.runtime;
   const url = new URL(request.url);
-  const did = url.searchParams.get('did') ?? (env.PDS_DID ?? 'did:example:single-user');
+  const did = url.searchParams.get('did') ?? (env.PDS_DID as string);
   const head = await getRepoRoot(env);
   const rows = await dalListRecords(env);
   const records = rows

package/src/pages/xrpc/com.atproto.sync.getRepo.ts

@@ -1,17 +1,62 @@
 import type { APIContext } from 'astro';
+import { errorMessage } from '../../lib/errors';
 import { buildRepoCar } from '../../services/car';
 
 export const prerender = false;
 
+/**
+ * com.atproto.sync.getRepo
+ * Returns a CAR snapshot of the repo for initial crawl/index.
+ */
 export async function GET({ locals, request }: APIContext) {
   const { env } = locals.runtime;
   const url = new URL(request.url);
-  const did = url.searchParams.get('did') ?? (env.PDS_DID ?? 'did:example:single-user');
-  const car = await buildRepoCar(env, did);
-  return new Response(car.bytes as any, {
+  const did = url.searchParams.get('did') ?? (env.PDS_DID as string);
+  // Phase 1: accept but ignore since param (diff to be implemented later)
+  const _since = url.searchParams.get('since');
+
+  try {
+    const { bytes } = await buildRepoCar(env, did);
+    const stream = new ReadableStream<Uint8Array>({
+      start(controller) {
+        controller.enqueue(bytes);
+        controller.close();
+      },
+    });
+    return new Response(stream as any, {
+      status: 200,
+      headers: {
+        // Official content type for CAR v1
+        'Content-Type': 'application/vnd.ipld.car',
+        'Cache-Control': 'no-store',
+      },
+    });
+  } catch (error) {
+    const msg = String(errorMessage(error) || error);
+    // Map to lexicon-specified errors
+    const known = ['RepoNotFound', 'RepoTakendown', 'RepoSuspended', 'RepoDeactivated'];
+    const name = known.find((n) => msg.includes(n)) || (msg.includes('HeadNotFound') ? 'RepoNotFound' : null);
+    if (name) {
+      return new Response(JSON.stringify({ error: name, message: msg }), {
+        status: 400,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    }
+    console.error('getRepo (CAR) error:', error);
+    return new Response(JSON.stringify({ error: 'InternalServerError', message: msg }), {
+      status: 500,
+      headers: { 'Content-Type': 'application/json' },
+    });
+  }
+}
+
+// Avoid heavy CAR construction for HEAD. Respond with headers only.
+export async function HEAD() {
+  return new Response(null, {
+    status: 200,
     headers: {
-      'content-type': 'application/vnd.ipld.car; version=1',
-      'content-disposition': 'inline; filename="repo.car"',
+      'Content-Type': 'application/vnd.ipld.car',
+      'Cache-Control': 'no-store',
     },
   });
 }

package/src/pages/xrpc/com.atproto.sync.getRepoStatus.ts

@@ -0,0 +1,58 @@
+import type { APIContext } from 'astro';
+import { getRoot as getRepoRoot } from '../../db/repo';
+import { getAccountState } from '../../db/dal';
+import { toWireStatus } from '../../lib/account-state';
+
+export const prerender = false;
+
+/**
+ * com.atproto.sync.getRepoStatus
+ * Mirrors upstream PDS: returns did, active, optional status, and rev if active.
+ */
+export async function GET({ locals, request }: APIContext) {
+  const { env } = locals.runtime;
+  const url = new URL(request.url);
+  const configuredDid = typeof env.PDS_DID === 'string' ? env.PDS_DID : '';
+  const did = url.searchParams.get('did') ?? configuredDid;
+
+  try {
+    // Best-effort FSM lookup: an unmigrated row or a transient DB error both
+    // fall through to active=true so reads aren't blocked by an internal hiccup.
+    let active = true;
+    let status: string | undefined;
+    try {
+      const state = await getAccountState(env, did);
+      if (state) {
+        const wire = toWireStatus(state);
+        active = wire.active;
+        status = wire.status;
+      }
+    } catch (stateError) {
+      console.warn('getAccountState failed:', stateError);
+    }
+
+    let rev: string | undefined;
+    if (active) {
+      const head = await getRepoRoot(env);
+      if (head?.rev) rev = String(head.rev);
+    }
+
+    return new Response(
+      JSON.stringify({ did, active, ...(status ? { status } : {}), ...(rev ? { rev } : {}) }),
+      { status: 200, headers: { 'Content-Type': 'application/json' } },
+    );
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes('RepoNotFound')) {
+      return new Response(JSON.stringify({ error: 'RepoNotFound', message }), {
+        status: 400,
+        headers: { 'Content-Type': 'application/json' },
+      });
+    }
+    return new Response(JSON.stringify({ error: 'InternalServerError', message }), {
+      status: 500,
+      headers: { 'Content-Type': 'application/json' },
+    });
+  }
+}
+

package/src/pages/xrpc/com.atproto.sync.listBlobs.ts

@@ -12,12 +12,12 @@ export const prerender = false;
 export async function GET({ locals, url }: APIContext) {
   const { env } = locals.runtime;
 
-  const did = url.searchParams.get('did') || env.PDS_DID || 'did:example:single-user';
+  const did = url.searchParams.get('did') || (env.PDS_DID as string);
   const since = url.searchParams.get('since') || '';
   const limit = parseInt(url.searchParams.get('limit') || '500', 10);
 
   try {
-    const db = drizzle(env.DB);
+    const db = drizzle(env.ALTERAN_DB);
 
     const blobs = since
       ? await db

package/src/pages/xrpc/com.atproto.sync.listRepos.ts

@@ -1,4 +1,5 @@
 import type { APIContext } from 'astro';
+import { getRoot as getRepoRoot } from '../../db/repo';
 
 export const prerender = false;
 
@@ -11,14 +12,15 @@ export async function GET({ locals, url }: APIContext) {
 
   const did = env.PDS_DID || 'did:example:single-user';
   const handle = env.PDS_HANDLE || 'user.example.com';
+  const head = await getRepoRoot(env);
 
   return new Response(
     JSON.stringify({
       repos: [
         {
           did,
-          head: '', // TODO: Get from repo_root
-          rev: '', // TODO: Get from repo_root
+          head: head?.commitCid ?? null,
+          rev: head?.rev ?? null,
           active: true,
         },
       ],
@@ -28,4 +30,4 @@ export async function GET({ locals, url }: APIContext) {
       headers: { 'Content-Type': 'application/json' },
     }
   );
-}
+}