@arcote.tech/arc-host 0.1.4 → 0.1.6

package/dist/host.d.ts

@@ -15,6 +15,10 @@ declare class RTCHost implements RealTimeCommunicationAdapter {
      * Convert JWT payload to AuthContext
      */
     private tokenToAuthContext;
+    /**
+     * Extract client IP address from request headers
+     */
+    private getClientIpAddress;
     /**
      * Get default auth context for anonymous users
      */
@@ -29,6 +33,7 @@ declare class RTCHost implements RealTimeCommunicationAdapter {
     private setNestedProperty;
     private handleCommand;
     private handleQuery;
+    private handleRoute;
     private setupServer;
     private isPublicEndpoint;
     private handleSync;

package/dist/host.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"host.d.ts","sourceRoot":"","sources":["../host.ts"],"names":[],"mappings":"AAAA,OAAO,EAOL,KAAK,aAAa,EAElB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EAGvB,KAAK,4BAA4B,EAClC,MAAM,kBAAkB,CAAC;AAI1B,cAAM,OAAQ,YAAW,4BAA4B;IAMjD,OAAO,CAAC,OAAO;IALjB,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,KAAK,CAAuB;gBAG1B,OAAO,EAAE,aAAa,EAC9B,SAAS,EAAE,OAAO,CAAC,eAAe,CAAC;IASrC,aAAa,CAAC,OAAO,EAAE,kBAAkB,EAAE,GAAG,IAAI;IAI5C,IAAI,CACR,gBAAgB,EAAE,CAAC,EACjB,KAAK,EACL,IAAI,GACL,EAAE;QACD,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;KACd,KAAK,IAAI,GACT,OAAO,CAAC,IAAI,CAAC;YAIF,eAAe;IAU7B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAO7B;;OAEG;YACW,qBAAqB;IAWnC;;OAEG;IACH,OAAO,CAAC,iBAAiB;YAwCX,aAAa;YAmDb,WAAW;IAgEzB,OAAO,CAAC,WAAW;IA6DnB,OAAO,CAAC,gBAAgB;YAOV,UAAU;YA+CV,SAAS;IAevB,OAAO,CAAC,cAAc;CAGvB;AAED,eAAO,MAAM,cAAc,YACf,aAAa,aAAa,OAAO,CAAC,eAAe,CAAC,kBAE3D,CAAC"}
+{"version":3,"file":"host.d.ts","sourceRoot":"","sources":["../host.ts"],"names":[],"mappings":"AAAA,OAAO,EAOL,KAAK,aAAa,EAElB,KAAK,eAAe,EACpB,KAAK,kBAAkB,EAGvB,KAAK,4BAA4B,EAClC,MAAM,kBAAkB,CAAC;AAI1B,cAAM,OAAQ,YAAW,4BAA4B;IAMjD,OAAO,CAAC,OAAO;IALjB,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,KAAK,CAAuB;gBAG1B,OAAO,EAAE,aAAa,EAC9B,SAAS,EAAE,OAAO,CAAC,eAAe,CAAC;IASrC,aAAa,CAAC,OAAO,EAAE,kBAAkB,EAAE,GAAG,IAAI;IAI5C,IAAI,CACR,gBAAgB,EAAE,CAAC,EACjB,KAAK,EACL,IAAI,GACL,EAAE;QACD,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;KACd,KAAK,IAAI,GACT,OAAO,CAAC,IAAI,CAAC;YAIF,eAAe;IAS7B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAW1B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAuB1B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAQ7B;;OAEG;YACW,qBAAqB;IAWnC;;OAEG;IACH,OAAO,CAAC,iBAAiB;YAwCX,aAAa;YAoDb,WAAW;YAiEX,WAAW;IAgEzB,OAAO,CAAC,WAAW;IAmEnB,OAAO,CAAC,gBAAgB;YA4BV,UAAU;YA+CV,SAAS;IAevB,OAAO,CAAC,cAAc;CAGvB;AAED,eAAO,MAAM,cAAc,YACf,aAAa,aAAa,OAAO,CAAC,eAAe,CAAC,kBAE3D,CAAC"}

package/dist/index.js

@@ -4904,6 +4904,7 @@ var constructorString = Object.prototype.constructor.toString();
 class ArcContextElement {
   $event;
   name;
+  queryBuilder;
   commandContext;
   commandClient;
   observer;
@@ -5632,7 +5633,7 @@ class ArcFindQuery extends ArcCollectionQuery {
   }
   onChange(change) {
     const lastResult = this.lastResult;
-    const lastResultAsArray = lastResult?.toArray() || [];
+    const lastResultAsArray = lastResult || [];
     const index = lastResultAsArray.findIndex((e) => e._id === (change.type === "delete" ? change.id : change.id));
     const isInLastResult = index !== -1;
     const shouldBeInTheResult = change.type !== "delete" && this.checkItem(change.item);
@@ -6654,6 +6655,40 @@ class Model extends ModelBase {
       }
     });
   }
+  routes(authContext) {
+    return new Proxy({}, {
+      get: (_, name) => {
+        const element3 = this.context.elements.find((element4) => element4.name === name);
+        if (!element3) {
+          throw new Error(`Route element "${String(name)}" not found`);
+        }
+        if (typeof element3.getHandler !== "function") {
+          throw new Error(`Element "${String(name)}" does not have route handlers`);
+        }
+        return async (method, req, routeParams, url) => {
+          const handler = element3.getHandler(method);
+          if (!handler) {
+            throw new Error(`Method ${method} not allowed for route ${String(name)}`);
+          }
+          const forkedDataStorage = this.dataStorage.fork();
+          const eventPublisher = new EventPublisher(this.context, this.dataStorage, authContext);
+          const publishEvent = async (event3) => {
+            await eventPublisher.publishEvent(event3, forkedDataStorage);
+          };
+          const commandContext = this.context.commandContext(forkedDataStorage, publishEvent, authContext);
+          try {
+            const result = await handler(commandContext, req, routeParams, url);
+            await forkedDataStorage.merge();
+            eventPublisher.runAsyncListeners();
+            return result;
+          } catch (error) {
+            this.catchErrorCallback(error);
+            throw error;
+          }
+        };
+      }
+    });
+  }
   get $debug() {
     return {};
   }
@@ -6719,20 +6754,36 @@ class RTCHost {
       const payload = verifyToken(token);
       return payload;
     } catch (error) {
-      console.error("Token verification failed:", error);
       return null;
     }
   }
-  tokenToAuthContext(payload) {
+  tokenToAuthContext(payload, ipAddress) {
     return {
       userId: payload.userId,
-      roles: []
+      roles: [],
+      ipAddress
     };
   }
-  getDefaultAuthContext() {
+  getClientIpAddress(req) {
+    const xForwardedFor = req.headers.get("x-forwarded-for");
+    const xRealIp = req.headers.get("x-real-ip");
+    const cfConnectingIp = req.headers.get("cf-connecting-ip");
+    if (xForwardedFor) {
+      return xForwardedFor.split(",")[0].trim();
+    }
+    if (xRealIp) {
+      return xRealIp;
+    }
+    if (cfConnectingIp) {
+      return cfConnectingIp;
+    }
+    return;
+  }
+  getDefaultAuthContext(ipAddress) {
     return {
-      userId: "anonymous",
-      roles: []
+      userId: undefined,
+      roles: [],
+      ipAddress
     };
   }
   async parseFormDataToObject(formData) {
@@ -6784,15 +6835,16 @@ class RTCHost {
     try {
       const authHeader = req.headers.get("Authorization");
       const token = authHeader?.replace("Bearer ", "");
+      const clientIp = this.getClientIpAddress(req);
       let authContext;
       if (token && !this.isPublicEndpoint(url.pathname)) {
         const payload = await this.verifyAuthToken(token);
         if (!payload) {
           return new Response("Invalid or expired token", { status: 401 });
         }
-        authContext = this.tokenToAuthContext(payload);
+        authContext = this.tokenToAuthContext(payload, clientIp);
       } else {
-        authContext = this.getDefaultAuthContext();
+        authContext = this.getDefaultAuthContext(clientIp);
       }
       let argument;
       const contentType = req.headers.get("Content-Type");
@@ -6817,13 +6869,14 @@ class RTCHost {
     try {
       const authHeader = req.headers.get("Authorization");
       const token = authHeader?.replace("Bearer ", "");
+      const clientIp = this.getClientIpAddress(req);
       let authContext;
       if (token) {
         const payload = await this.verifyAuthToken(token);
         if (!payload) {
           return new Response("Invalid or expired token", { status: 401 });
         }
-        authContext = this.tokenToAuthContext(payload);
+        authContext = this.tokenToAuthContext(payload, clientIp);
       } else {
         return new Response("Authorization token required", { status: 401 });
       }
@@ -6856,6 +6909,50 @@ class RTCHost {
       });
     }
   }
+  async handleRoute(req) {
+    const url = new URL(req.url);
+    const method = req.method;
+    let matchedRoute = null;
+    let routeParams = {};
+    for (const element of this.context.elements) {
+      if (typeof element.matchesRoutePath === "function") {
+        const { matches, params } = element.matchesRoutePath(url.pathname);
+        if (matches) {
+          matchedRoute = element;
+          routeParams = params || {};
+          break;
+        }
+      }
+    }
+    if (!matchedRoute) {
+      return new Response("Route not found", { status: 404 });
+    }
+    const handler = matchedRoute.getHandler(method);
+    if (!handler) {
+      return new Response(`Method ${method} not allowed`, { status: 405 });
+    }
+    try {
+      const authHeader = req.headers.get("Authorization");
+      const token = authHeader?.replace("Bearer ", "");
+      const clientIp = this.getClientIpAddress(req);
+      let authContext;
+      if (token && !matchedRoute.isPublic) {
+        const payload = await this.verifyAuthToken(token);
+        if (!payload) {
+          return new Response("Invalid or expired token", { status: 401 });
+        }
+        authContext = this.tokenToAuthContext(payload, clientIp);
+      } else {
+        authContext = this.getDefaultAuthContext(clientIp);
+      }
+      const routes = this.model.routes(authContext);
+      const response = await routes[matchedRoute.name](method, req, routeParams, url);
+      return response;
+    } catch (error) {
+      console.error(`Error executing route ${matchedRoute.name}:`, error);
+      return new Response("Internal Server Error", { status: 500 });
+    }
+  }
   setupServer() {
     this.server = Bun.serve({
       fetch: async (req, server) => {
@@ -6886,6 +6983,10 @@ class RTCHost {
         if (url.pathname === "/query" && req.method === "POST") {
           return await this.handleQuery(req);
         }
+        const routeResponse = await this.handleRoute(req);
+        if (routeResponse.status !== 404) {
+          return routeResponse;
+        }
         return new Response("Not Found", { status: 404 });
       },
       websocket: {
@@ -6901,8 +7002,21 @@ class RTCHost {
     });
   }
   isPublicEndpoint(pathname) {
-    const publicEndpoints = ["/command/signin", "/command/register"];
-    return publicEndpoints.some((endpoint) => pathname === endpoint);
+    for (const element of this.context.elements) {
+      if (typeof element.matchesCommandPath === "function") {
+        const { matches, isPublic } = element.matchesCommandPath(pathname);
+        if (matches) {
+          return isPublic;
+        }
+      }
+      if (typeof element.matchesRoutePath === "function") {
+        const { matches, isPublic } = element.matchesRoutePath(pathname);
+        if (matches) {
+          return isPublic;
+        }
+      }
+    }
+    return false;
   }
   async handleSync(lastDate) {
     const syncDate = new Date;

package/host.ts

@@ -53,7 +53,6 @@ class RTCHost implements RealTimeCommunicationAdapter {
       const payload = verifyToken(token);
       return payload;
     } catch (error) {
-      console.error("Token verification failed:", error);
       return null;
     }
   }
@@ -61,20 +60,51 @@ class RTCHost implements RealTimeCommunicationAdapter {
   /**
    * Convert JWT payload to AuthContext
    */
-  private tokenToAuthContext(payload: TokenPayload): AuthContext {
+  private tokenToAuthContext(
+    payload: TokenPayload,
+    ipAddress?: string,
+  ): AuthContext {
     return {
       userId: payload.userId,
       roles: [], // Default to no roles, you may want to extend TokenPayload to include roles
+      ipAddress,
     };
   }
 
+  /**
+   * Extract client IP address from request headers
+   */
+  private getClientIpAddress(req: Request): string | undefined {
+    // Check common headers for client IP
+    const xForwardedFor = req.headers.get("x-forwarded-for");
+    const xRealIp = req.headers.get("x-real-ip");
+    const cfConnectingIp = req.headers.get("cf-connecting-ip");
+
+    if (xForwardedFor) {
+      // x-forwarded-for can contain multiple IPs, take the first one
+      return xForwardedFor.split(",")[0].trim();
+    }
+
+    if (xRealIp) {
+      return xRealIp;
+    }
+
+    if (cfConnectingIp) {
+      return cfConnectingIp;
+    }
+
+    // Fallback - this might not work in all environments
+    return undefined;
+  }
+
   /**
    * Get default auth context for anonymous users
    */
-  private getDefaultAuthContext(): AuthContext {
+  private getDefaultAuthContext(ipAddress?: string): AuthContext {
     return {
-      userId: "anonymous",
+      userId: undefined as any,
       roles: [],
+      ipAddress,
     };
   }
 
@@ -148,15 +178,16 @@ class RTCHost implements RealTimeCommunicationAdapter {
       const authHeader = req.headers.get("Authorization");
       const token = authHeader?.replace("Bearer ", "");
 
+      const clientIp = this.getClientIpAddress(req);
       let authContext: AuthContext;
       if (token && !this.isPublicEndpoint(url.pathname)) {
         const payload = await this.verifyAuthToken(token);
         if (!payload) {
           return new Response("Invalid or expired token", { status: 401 });
         }
-        authContext = this.tokenToAuthContext(payload);
+        authContext = this.tokenToAuthContext(payload, clientIp);
       } else {
-        authContext = this.getDefaultAuthContext();
+        authContext = this.getDefaultAuthContext(clientIp);
       }
 
       let argument: any;
@@ -192,13 +223,14 @@ class RTCHost implements RealTimeCommunicationAdapter {
       const authHeader = req.headers.get("Authorization");
       const token = authHeader?.replace("Bearer ", "");
 
+      const clientIp = this.getClientIpAddress(req);
       let authContext: AuthContext;
       if (token) {
         const payload = await this.verifyAuthToken(token);
         if (!payload) {
           return new Response("Invalid or expired token", { status: 401 });
         }
-        authContext = this.tokenToAuthContext(payload);
+        authContext = this.tokenToAuthContext(payload, clientIp);
       } else {
         return new Response("Authorization token required", { status: 401 });
       }
@@ -250,6 +282,70 @@ class RTCHost implements RealTimeCommunicationAdapter {
     }
   }
 
+  private async handleRoute(req: Request) {
+    const url = new URL(req.url);
+    const method = req.method;
+
+    // Find matching route
+    let matchedRoute: any = null;
+    let routeParams: Record<string, string> = {};
+
+    for (const element of this.context.elements) {
+      // Check if element has matchesRoutePath method (ArcRoute)
+      if (typeof (element as any).matchesRoutePath === "function") {
+        const { matches, params } = (element as any).matchesRoutePath(
+          url.pathname,
+        );
+        if (matches) {
+          matchedRoute = element;
+          routeParams = params || {};
+          break;
+        }
+      }
+    }
+
+    if (!matchedRoute) {
+      return new Response("Route not found", { status: 404 });
+    }
+
+    const handler = matchedRoute.getHandler(method);
+    if (!handler) {
+      return new Response(`Method ${method} not allowed`, { status: 405 });
+    }
+
+    try {
+      // Extract token from Authorization header
+      const authHeader = req.headers.get("Authorization");
+      const token = authHeader?.replace("Bearer ", "");
+
+      const clientIp = this.getClientIpAddress(req);
+      let authContext: AuthContext;
+
+      if (token && !matchedRoute.isPublic) {
+        const payload = await this.verifyAuthToken(token);
+        if (!payload) {
+          return new Response("Invalid or expired token", { status: 401 });
+        }
+        authContext = this.tokenToAuthContext(payload, clientIp);
+      } else {
+        authContext = this.getDefaultAuthContext(clientIp);
+      }
+
+      // Use the model's routes method to properly handle event publishing
+      const routes = this.model.routes(authContext);
+      const response = await routes[matchedRoute.name](
+        method,
+        req,
+        routeParams,
+        url,
+      );
+      return response;
+    } catch (error) {
+      console.error(`Error executing route ${matchedRoute.name}:`, error);
+      return new Response("Internal Server Error", { status: 500 });
+    }
+  }
+
   private setupServer() {
     this.server = Bun.serve({
       fetch: async (req, server) => {
@@ -296,6 +392,12 @@ class RTCHost implements RealTimeCommunicationAdapter {
           return await this.handleQuery(req);
         }
 
+        // Try to handle as a route
+        const routeResponse = await this.handleRoute(req);
+        if (routeResponse.status !== 404) {
+          return routeResponse;
+        }
+
         return new Response("Not Found", { status: 404 });
       },
       websocket: {
@@ -312,10 +414,31 @@ class RTCHost implements RealTimeCommunicationAdapter {
   }
 
   private isPublicEndpoint(pathname: string): boolean {
-    // Define which endpoints don't require authentication
-    const publicEndpoints = ["/command/signin", "/command/register"];
+    // Iterate through all context elements and check if any match and are public
+    for (const element of this.context.elements) {
+      // Check if element has matchesCommandPath method (ArcCommand)
+      if (typeof (element as any).matchesCommandPath === "function") {
+        const { matches, isPublic } = (element as any).matchesCommandPath(
+          pathname,
+        );
+        if (matches) {
+          return isPublic;
+        }
+      }
+
+      // Check if element has matchesRoutePath method (ArcRoute)
+      if (typeof (element as any).matchesRoutePath === "function") {
+        const { matches, isPublic } = (element as any).matchesRoutePath(
+          pathname,
+        );
+        if (matches) {
+          return isPublic;
+        }
+      }
+    }
 
-    return publicEndpoints.some((endpoint) => pathname === endpoint);
+    // Default to non-public if no matching element found
+    return false;
   }
 
   private async handleSync(lastDate: string | null) {

package/package.json

@@ -4,7 +4,7 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "private": false,
   "author": "Przemysław Krasiński [arcote.tech]",
   "dependencies": {