@arkstack/driver-express 0.12.37 → 0.13.1

package/dist/index.d.ts

@@ -2,8 +2,8 @@
 import { Middleware as Middleware$1, MiddlewareConfig } from "./types.js";
 import { ErrorRequestHandler, Express, Handler, Router as Router$1 } from "express";
 import { ArkstackKitDriver, ArkstackRouteListOptions, PromiseOrValue } from "@arkstack/contract";
-import { Route } from "clear-router";
 import { Router as Router$2 } from "clear-router/express";
+import { Route } from "clear-router";
 import { Handler as Handler$1, HttpContext, Middleware } from "clear-router/types/express";
 
 //#region src/error-handler.d.ts

package/dist/index.js

@@ -1,23 +1,18 @@
 import express from "express";
 import { Arkstack, ArkstackKitDriver } from "@arkstack/contract";
-import { ErrorHandler, Logger, RequestException, env, isClass, renderError } from "@arkstack/common";
-import { Request as Request$1 } from "clear-router";
-import { definePlugin } from "clear-router/core";
-import { definePlugin as definePlugin$1 } from "kanun";
-import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes, timingSafeEqual } from "node:crypto";
-import { DB } from "arkormx";
-import { dirname, join } from "node:path";
-import { mkdir, readFile, rm, writeFile } from "node:fs/promises";
+import { ErrorHandler, Logger, RequestException, env, renderError } from "@arkstack/common";
+import { resolveMiddleware } from "@arkstack/http";
 import { Router as Router$2 } from "clear-router/express";
 import { clearRouterExpressPlugin } from "@resora/plugin-clear-router";
+import { join } from "node:path";
 import { registerPlugin } from "resora";
 //#region src/error-handler.ts
 const webMiddlewareKey = Symbol.for("arkstack:http:web");
-const isRecord$1 = (value) => {
+const isRecord = (value) => {
 	return typeof value === "object" && value !== null;
 };
 const isWebRequest = (value) => {
-	if (!isRecord$1(value)) return false;
+	if (!isRecord(value)) return false;
 	return value[webMiddlewareKey] === true || value.arkstackWeb === true || isWebRequest(value.context) || isWebRequest(value.req);
 };
 const redirectBackTarget = (req) => {
@@ -26,7 +21,7 @@ const redirectBackTarget = (req) => {
 	return typeof value === "string" && value ? value : "/";
 };
 const flashValidationState = async (err, req, errors) => {
-	const session = req.httpSession ?? (isRecord$1(req.session) && typeof req.session.addValidationErrors === "function" ? req.session : void 0);
+	const session = req.httpSession ?? (isRecord(req.session) && typeof req.session.addValidationErrors === "function" ? req.session : void 0);
 	if (!session) return;
 	if (errors) session.addErrors?.(errors);
 	else session.addValidationErrors?.(err);
@@ -62,1217 +57,6 @@ const defaultErrorHandler = async (err, req, res, next) => {
 	}));
 };
 //#endregion
-//#region ../http/dist/redirect-CFGcSkzk.js
-const unwrapRequestSource = (source) => {
-	if (source.original) return unwrapRequestSource(source.original);
-	if (source.headers) return source;
-	if (source.req) return source.req;
-	if (source.request) return source.request;
-	return source;
-};
-const normalizeHeaders = (headers) => {
-	const normalized = {};
-	if (!headers) return normalized;
-	if (isHeaders(headers)) {
-		headers.forEach((value, key) => {
-			normalized[key.toLowerCase()] = value;
-		});
-		return normalized;
-	}
-	for (const [key, value] of Object.entries(headers)) {
-		const normalizedValue = normalizeHeaderValue(value);
-		if (typeof normalizedValue === "string") normalized[key.toLowerCase()] = normalizedValue;
-	}
-	return normalized;
-};
-const normalizeHeaderValue = (value) => {
-	if (Array.isArray(value)) return value.join(", ");
-	if (typeof value === "number" || typeof value === "boolean") return String(value);
-	return value ?? void 0;
-};
-const isHeaders = (value) => typeof Headers !== "undefined" && value instanceof Headers;
-const isRecord = (value) => {
-	return !!value && typeof value === "object" && !Array.isArray(value);
-};
-/**
-* Resolve Middleware
-* 
-* @param middleware 
-* @returns 
-*/
-const resolveMiddleware = (middleware) => {
-	if (!middleware || typeof middleware === "function" && !isClass(middleware)) return middleware;
-	if (middleware && typeof middleware === "object" && !isClass(middleware) && "handle" in middleware) return middleware.handle.bind(middleware);
-	const instance = isClass(middleware) ? new middleware() : middleware;
-	if (instance && typeof instance.handle === "function") return instance.handle.bind(instance);
-	return middleware;
-};
-/**
-* Represents an HTTP request, providing a consistent interface for accessing request data.
-* 
-* @author 3m1n3nc3
-*/
-var Request$1$1 = class Request$1$2 extends Request$1 {
-	headers;
-	ip;
-	source;
-	currentUser;
-	currentAuth;
-	currentAuthUser;
-	currentAuthToken;
-	get user() {
-		return this.getSourceRequest()?.user ?? this.currentUser;
-	}
-	set user(user) {
-		this.currentUser = user;
-	}
-	get auth() {
-		return this.getSourceRequest()?.auth ?? this.currentAuth;
-	}
-	set auth(auth) {
-		this.currentAuth = auth;
-	}
-	get authUser() {
-		return this.getSourceRequest()?.authUser ?? this.currentAuthUser;
-	}
-	set authUser(user) {
-		this.currentAuthUser = user;
-	}
-	get authToken() {
-		return this.getSourceRequest()?.authToken ?? this.currentAuthToken;
-	}
-	set authToken(token) {
-		this.currentAuthToken = token;
-	}
-	constructor(options = {}) {
-		super(options);
-		const source = options.source ?? options.original;
-		const sourceRequest = isRecord(source) ? source : void 0;
-		this.headers = normalizeHeaders(options.headers);
-		if (this.method) this.method = options.method;
-		if (this.url) this.url = options.url;
-		if (this.path) this.path = options.path;
-		this.ip = options.ip ?? sourceRequest?.ip ?? null;
-		this.user = options.user ?? sourceRequest?.user;
-		this.auth = options.auth ?? sourceRequest?.auth;
-		this.authUser = options.authUser ?? sourceRequest?.authUser;
-		this.authToken = options.authToken ?? sourceRequest?.authToken;
-		this.source = source;
-		globalThis.request = (key) => key ? this.input(key) : this;
-	}
-	static from(source) {
-		if (!source) return;
-		if (source instanceof Request$1$2) return source;
-		const request = unwrapRequestSource(source);
-		return new Request$1$2({
-			headers: request.headers,
-			method: request.method,
-			url: request.originalUrl ?? request.url,
-			path: request.path,
-			ip: request.ip ?? null,
-			user: request.user,
-			auth: request.auth,
-			authUser: request.authUser,
-			authToken: request.authToken,
-			source: request
-		});
-	}
-	header(name) {
-		return this.headers[name.toLowerCase()];
-	}
-	bearerToken() {
-		const authorization = this.header("authorization");
-		if (!authorization?.startsWith("Bearer ")) return null;
-		return authorization.substring(7);
-	}
-	setUser(user) {
-		this.user = user;
-		if (isRecord(this.source)) this.source.user = user;
-		return this;
-	}
-	setAuthentication(auth, user, token) {
-		this.auth = auth;
-		this.authUser = user;
-		this.authToken = token;
-		this.setUser(user);
-		if (isRecord(this.source)) {
-			this.source.auth = auth;
-			this.source.authUser = user;
-			this.source.authToken = token;
-		}
-		return this;
-	}
-	syncFromSource() {
-		if (!isRecord(this.source)) return this;
-		const source = this.source;
-		this.user = source.user ?? this.user;
-		this.auth = source.auth ?? this.auth;
-		this.authUser = source.authUser ?? this.authUser;
-		this.authToken = source.authToken ?? this.authToken;
-		return this;
-	}
-	getSourceRequest() {
-		return isRecord(this.source) ? this.source : void 0;
-	}
-	clearAuthentication() {
-		this.auth = void 0;
-		this.authUser = void 0;
-		this.authToken = void 0;
-		this.user = void 0;
-		if (isRecord(this.source)) {
-			this.source.auth = void 0;
-			this.source.authUser = void 0;
-			this.source.authToken = void 0;
-			this.source.user = void 0;
-		}
-		return this;
-	}
-};
-var FlashBag = class {
-	bag = {};
-	sweepKeys = /* @__PURE__ */ new Set();
-	constructor(items) {
-		this.bag = { ...items || {} };
-		this.sweepKeys = new Set(Object.keys(this.bag));
-	}
-	put(key, value) {
-		this.bag[key] = value;
-		this.sweepKeys.delete(key);
-		return this;
-	}
-	set(key, value) {
-		return this.put(key, value);
-	}
-	get(key, defaultValue) {
-		return key in this.bag ? this.bag[key] : defaultValue;
-	}
-	has(key) {
-		if (Array.isArray(key)) return key.every((item) => this.has(item));
-		if (key) return key in this.bag;
-		return this.any();
-	}
-	any() {
-		return Object.keys(this.bag).length > 0;
-	}
-	isEmpty() {
-		return !this.any();
-	}
-	isNotEmpty() {
-		return this.any();
-	}
-	keys() {
-		return Object.keys(this.bag);
-	}
-	all() {
-		return { ...this.bag };
-	}
-	clear(key) {
-		if (Array.isArray(key)) {
-			for (const item of key) {
-				delete this.bag[item];
-				this.sweepKeys.delete(item);
-			}
-			return this;
-		}
-		if (key) {
-			delete this.bag[key];
-			this.sweepKeys.delete(key);
-			return this;
-		}
-		this.bag = {};
-		this.sweepKeys.clear();
-		return this;
-	}
-	forget(key) {
-		return this.clear(key);
-	}
-	markForSweep(keys = this.keys()) {
-		this.sweepKeys = new Set(keys);
-		return this;
-	}
-	sweep() {
-		for (const key of this.sweepKeys) delete this.bag[key];
-		this.sweepKeys = new Set(Object.keys(this.bag));
-		return this;
-	}
-	toJSON() {
-		return this.all();
-	}
-};
-const sessionKey = Symbol.for("arkstack:http:session");
-const asMessageRecord = (value) => {
-	if (!isRecord(value)) return;
-	return value;
-};
-const callRecordMethod = (source, method) => {
-	if (typeof source[method] !== "function") return;
-	return asMessageRecord(source[method]());
-};
-const resolveMessageRecord = (source) => {
-	if (!isRecord(source)) return;
-	if (typeof source.getMessageBag === "function") {
-		const bag = source.getMessageBag();
-		if (bag && bag !== source) {
-			const messages = resolveMessageRecord(bag);
-			if (messages) return messages;
-		}
-	}
-	if (typeof source.errors === "function") {
-		const errors = source.errors();
-		const messages = resolveMessageRecord(errors) || asMessageRecord(errors);
-		if (messages) return messages;
-	}
-	return callRecordMethod(source, "getMessages") || callRecordMethod(source, "messagesRaw") || callRecordMethod(source, "toArray") || resolveMessageRecord(source.errors) || asMessageRecord(source.errors);
-};
-const getValidationIssueField = (issue) => {
-	if (typeof issue.field === "string") return issue.field;
-	if (typeof issue.attribute === "string") return issue.attribute;
-	if (typeof issue.key === "string") return issue.key;
-	if (typeof issue.path === "string") return issue.path;
-	if (Array.isArray(issue.path)) return issue.path.join(".") || "_";
-	return "_";
-};
-const toMessages = (value) => {
-	if (Array.isArray(value)) return value.flatMap((item) => toMessages(item));
-	if (value instanceof Error) return [value.message];
-	if (isRecord(value) && typeof value.message === "string") return [value.message];
-	if (value === null || typeof value === "undefined") return [];
-	return [String(value)];
-};
-const getPath = (source, key, defaultValue) => {
-	const value = key.split(".").reduce((current, part) => {
-		if (!isRecord(current) && !Array.isArray(current)) return;
-		return current[part];
-	}, source);
-	return typeof value === "undefined" ? defaultValue : value;
-};
-var ErrorBag = class ErrorBag extends FlashBag {
-	constructor(errors) {
-		super();
-		if (errors) {
-			this.merge(errors);
-			this.markForSweep();
-		}
-	}
-	add(field, message) {
-		const key = field || "_";
-		const messages = toMessages(message);
-		if (!messages.length) return this;
-		this.put(key, [...this.bag[key] || [], ...messages]);
-		return this;
-	}
-	addIf(condition, field, message) {
-		if (condition) this.add(field, message);
-		return this;
-	}
-	merge(errors) {
-		const incoming = resolveMessageRecord(errors) || (isRecord(errors) ? errors : void 0);
-		if (!incoming) return this.validation(errors);
-		for (const [field, messages] of Object.entries(incoming)) this.add(field, messages);
-		return this;
-	}
-	validation(error) {
-		if (!error) return this;
-		if (error instanceof ErrorBag) return this.merge(error);
-		const messages = resolveMessageRecord(error);
-		if (messages) return this.merge(messages);
-		if (Array.isArray(error)) {
-			for (const item of error) if (isRecord(item) && "message" in item) this.add(getValidationIssueField(item), item.message);
-			else this.add("_", item);
-			return this;
-		}
-		if (isRecord(error)) {
-			if (typeof error.errors === "function") return this.validation(error.errors());
-			if (error.errors) return this.validation(error.errors);
-			if (Array.isArray(error.issues)) return this.validation(error.issues);
-			if ("message" in error) return this.add(getValidationIssueField(error), error.message);
-			return this.merge(error);
-		}
-		if (error instanceof Error) return this.add("_", error.message);
-		return this.add("_", error);
-	}
-	keys() {
-		return Object.keys(this.bag);
-	}
-	get(field = "_") {
-		return [...this.bag[field] || []];
-	}
-	first(field) {
-		if (field) return this.bag[field]?.[0] || "";
-		return this.all()[0] || "";
-	}
-	has(field) {
-		if (Array.isArray(field)) return field.every((key) => this.has(key));
-		if (field) return (this.bag[field]?.length || 0) > 0;
-		return this.any();
-	}
-	hasAny(fields) {
-		return (Array.isArray(fields) ? fields : [fields]).some((key) => this.has(key));
-	}
-	missing(fields) {
-		return (Array.isArray(fields) ? fields : [fields]).every((key) => !this.has(key));
-	}
-	any() {
-		return Object.values(this.bag).some((messages) => messages.length > 0);
-	}
-	isEmpty() {
-		return !this.any();
-	}
-	isNotEmpty() {
-		return this.any();
-	}
-	count() {
-		return Object.values(this.bag).reduce((total, messages) => total + messages.length, 0);
-	}
-	all() {
-		return Object.values(this.bag).flat();
-	}
-	unique() {
-		return [...new Set(this.all())];
-	}
-	clear(field) {
-		super.clear(field);
-		return this;
-	}
-	forget(field) {
-		return this.clear(field);
-	}
-	messagesRaw() {
-		return this.toJSON();
-	}
-	getMessages() {
-		return this.messagesRaw();
-	}
-	getMessageBag() {
-		return this;
-	}
-	toArray() {
-		return this.toJSON();
-	}
-	toJSON() {
-		return Object.entries(this.bag).reduce((errors, [field, messages]) => {
-			errors[field] = [...messages];
-			return errors;
-		}, {});
-	}
-};
-var Session = class Session {
-	errors;
-	flashBag;
-	id;
-	data;
-	persistent;
-	saveQueue = Promise.resolve();
-	constructor(initial, persistent) {
-		const current = initial instanceof Session ? initial : void 0;
-		const state = current ? current.snapshot() : initial && ("data" in initial || "errors" in initial || "flash" in initial) ? initial : { data: initial };
-		this.id = persistent?.id ?? current?.id;
-		this.persistent = persistent ?? current?.persistent;
-		this.saveQueue = current?.saveQueue ?? this.saveQueue;
-		this.data = current ? current.data : { ...state.data || {} };
-		this.errors = current ? current.errors : state.errors instanceof ErrorBag ? state.errors : new ErrorBag(state.errors);
-		this.flashBag = current ? current.flashBag : state.flash instanceof FlashBag ? state.flash : new FlashBag(state.flash);
-		const helper = ((key) => key ? this.get(key) : this);
-		Object.assign(helper, {
-			get: this.get.bind(this),
-			put: this.put.bind(this),
-			set: this.set.bind(this),
-			has: this.has.bind(this),
-			forget: this.forget.bind(this),
-			clear: this.clear.bind(this),
-			all: this.all.bind(this),
-			flash: this.flash.bind(this),
-			getFlash: this.getFlash.bind(this),
-			hasErrors: this.hasErrors.bind(this),
-			clearErrors: this.clearErrors.bind(this),
-			errors: this.errors,
-			flashBag: this.flashBag
-		});
-		globalThis.session = helper;
-	}
-	snapshot() {
-		return {
-			data: this.all(),
-			errors: this.errors.toJSON(),
-			flash: this.flashBag.toJSON()
-		};
-	}
-	queuePersist() {
-		this.save();
-	}
-	async save() {
-		const payload = this.snapshot();
-		const previous = this.saveQueue.catch(() => void 0);
-		this.saveQueue = previous.then(async () => {
-			await this.persistent?.save(payload);
-		});
-		await this.saveQueue;
-		return this;
-	}
-	async destroy() {
-		this.data = {};
-		this.errors.clear();
-		this.flashBag.clear();
-		await this.persistent?.destroy?.();
-		return this;
-	}
-	/**
-	* Get an item from the session bag
-	*
-	* @param key
-	* @param defaultValue
-	* @returns
-	*/
-	get(key, defaultValue) {
-		return key in this.data ? this.data[key] : defaultValue;
-	}
-	/**
-	* Add an item to the session bag
-	*
-	* @param key
-	* @param defaultValue
-	* @returns
-	*/
-	put(key, value) {
-		this.data[key] = value;
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Add an item to the session bag
-	*
-	* @param key
-	* @param defaultValue
-	* @returns
-	*/
-	set(key, value) {
-		return this.put(key, value);
-	}
-	/**
-	* Check if an item exist in the session bag
-	*
-	* @param key
-	* @returns
-	*/
-	has(key) {
-		return key in this.data;
-	}
-	/**
-	* Remove an item from the session bag
-	*
-	* @param key
-	* @returns
-	*/
-	forget(key) {
-		delete this.data[key];
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Clear the session bag
-	*
-	* @returns
-	*/
-	clear() {
-		this.data = {};
-		this.errors.clear();
-		this.flashBag.clear();
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Get all items in the session bag
-	*
-	* @returns
-	*/
-	all() {
-		return { ...this.data };
-	}
-	/**
-	* Add a flash item for the next request
-	*
-	* @param key
-	* @param value
-	* @returns
-	*/
-	flash(key, value) {
-		this.flashBag.put(key, value);
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Get a flash item
-	*
-	* @param key
-	* @param defaultValue
-	* @returns
-	*/
-	getFlash(key, defaultValue) {
-		return this.flashBag.get(key, defaultValue);
-	}
-	/**
-	* Sweep flashed data that was loaded for this request
-	*
-	* @returns
-	*/
-	async sweepFlash() {
-		this.errors.sweep();
-		this.flashBag.sweep();
-		await this.save();
-		return this;
-	}
-	/**
-	* Add an error to the session error bag
-	*
-	* @param field
-	* @param message
-	* @returns
-	*/
-	addError(field, message) {
-		this.errors.add(field, message);
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Add multiple errors to the session error bag
-	*
-	* @param errors
-	* @returns
-	*/
-	addErrors(errors) {
-		this.errors.merge(errors);
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Add a validation error to the session error bag
-	*
-	* @param error
-	* @returns
-	*/
-	addValidationErrors(error) {
-		this.errors.validation(error);
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Check if the session error bag has any errors
-	*
-	* @param field
-	* @returns
-	*/
-	hasErrors(field) {
-		return this.errors.has(field);
-	}
-	/**
-	* Clear all errors in the session error bag
-	*
-	* @param field
-	* @returns
-	*/
-	clearErrors(field) {
-		this.errors.clear(field);
-		this.queuePersist();
-		return this;
-	}
-	/**
-	* Parse session for views
-	*
-	* @returns
-	*/
-	forView() {
-		return {
-			...this.all(),
-			errors: this.errors,
-			flash: this.flashBag
-		};
-	}
-	/**
-	* Return session as json
-	*
-	* @returns
-	*/
-	toJSON() {
-		return {
-			...this.all(),
-			errors: this.errors.toJSON(),
-			flash: this.flashBag.toJSON()
-		};
-	}
-};
-const requestInput = () => {
-	const request = globalThis.request?.();
-	if (request instanceof Request$1$1) {
-		if (isRecord(request.body)) return request.body;
-		const source = isRecord(request.source) ? request.source : void 0;
-		if (source && typeof source.getBody === "function") return source.getBody() ?? {};
-		if (isRecord(source?.body)) return source.body;
-	}
-	if (isRecord(request) && typeof request.getBody === "function") return request.getBody() ?? {};
-	return isRecord(request?.body) ? request.body : {};
-};
-const old = (key, defaultValue) => {
-	const input = requestInput();
-	if (!key) return input;
-	return getPath(input, key, defaultValue);
-};
-const sweepRegisteredKey = Symbol.for("arkstack:http:flash-sweep-registered");
-const attachSessionProperty = (target, session) => {
-	target.httpSession = session;
-	if (!("session" in target) || target.session instanceof Session) target.session = session;
-};
-const responseSource = (target) => {
-	return target.res ?? target.ctx?.res ?? target.response?.source ?? target.clearResponse?.source ?? target.context?.res ?? target.context?.response?.source;
-};
-const registerResponseFlashSweep = (target, session) => {
-	if (!isRecord(target)) return;
-	const current = session ?? getSession(target);
-	const res = responseSource(target);
-	if (!(current instanceof Session) || !isRecord(res) || typeof res.end !== "function" || res[sweepRegisteredKey]) return;
-	res[sweepRegisteredKey] = true;
-	const end = res.end.bind(res);
-	res.end = (...args) => {
-		current.sweepFlash().catch(() => void 0).finally(() => end(...args));
-		return res;
-	};
-};
-const attachViewState = (target, session) => {
-	attachSessionProperty(target, session);
-	target.errors = session.errors;
-	if (isRecord(target.req)) {
-		attachSessionProperty(target.req, session);
-		target.req.errors = session.errors;
-		target.req.old = old;
-	}
-	if (isRecord(target.res)) target.res.locals = {
-		...target.res.locals || {},
-		session,
-		errors: session.errors,
-		flash: session.flashBag,
-		old
-	};
-	if (isRecord(target.response?.source)) target.response.source.locals = {
-		...target.response.source.locals || {},
-		session,
-		errors: session.errors,
-		flash: session.flashBag,
-		old
-	};
-	if (isRecord(target.context)) {
-		attachSessionProperty(target.context, session);
-		target.context.errors = session.errors;
-		target.context.flash = session.flashBag;
-		target.context.old = old;
-	}
-	if (isRecord(target.state)) {
-		attachSessionProperty(target.state, session);
-		target.state.errors = session.errors;
-		target.state.flash = session.flashBag;
-		target.state.old = old;
-	}
-	if (typeof target.set === "function") {
-		target.set("session", session);
-		target.set("errors", session.errors);
-		target.set("flash", session.flashBag);
-		target.set("old", old);
-	}
-};
-/**
-* Ensure a valid session exists
-* 
-* @param ctx 
-* @param initial 
-* @returns 
-*/
-const ensureSession = (ctx, initial, persistent) => {
-	if (!isRecord(ctx)) return new Session(initial, persistent);
-	const existing = ctx[sessionKey] ?? (ctx.session instanceof Session ? ctx.session : void 0) ?? (isRecord(ctx.req) && ctx.req.httpSession instanceof Session ? ctx.req.httpSession : void 0);
-	const session = existing instanceof Session ? existing : new Session(initial, persistent);
-	ctx[sessionKey] = session;
-	attachViewState(ctx, session);
-	return session;
-};
-/**
-* Get the current session
-* 
-* @param ctx 
-* @returns 
-*/
-const getSession = (ctx) => {
-	if (!isRecord(ctx)) return;
-	const session = ctx[sessionKey] ?? (ctx.httpSession instanceof Session ? ctx.httpSession : void 0) ?? (ctx.session instanceof Session ? ctx.session : void 0) ?? (isRecord(ctx.req) && ctx.req.httpSession instanceof Session ? ctx.req.httpSession : void 0) ?? (isRecord(ctx.context) && ctx.context.httpSession instanceof Session ? ctx.context.httpSession : void 0);
-	return session instanceof Session ? session : void 0;
-};
-const generateSessionId = () => randomBytes(32).toString("base64url");
-const signValue = (value, secret) => createHmac("sha256", secret).update(value).digest("base64url");
-const encodeSignedValue = (value, secret) => `${value}.${signValue(value, secret)}`;
-const decodeSignedValue = (value, secret) => {
-	if (!value) return void 0;
-	const index = value.lastIndexOf(".");
-	if (index < 1) return void 0;
-	const payload = value.slice(0, index);
-	const signature = value.slice(index + 1);
-	const expected = signValue(payload, secret);
-	const signatureBuffer = Buffer.from(signature);
-	const expectedBuffer = Buffer.from(expected);
-	if (signatureBuffer.length !== expectedBuffer.length) return void 0;
-	return timingSafeEqual(signatureBuffer, expectedBuffer) ? payload : void 0;
-};
-const decodeJson = (value) => {
-	if (!value) return void 0;
-	try {
-		return JSON.parse(Buffer.from(value, "base64url").toString("utf8"));
-	} catch {
-		return;
-	}
-};
-const parseCookies = (header) => {
-	return (Array.isArray(header) ? header.join("; ") : header || "").split(";").reduce((cookies, part) => {
-		const index = part.indexOf("=");
-		if (index < 0) return cookies;
-		const key = part.slice(0, index).trim();
-		const value = part.slice(index + 1).trim();
-		if (key) cookies[key] = decodeURIComponent(value);
-		return cookies;
-	}, {});
-};
-const getCookie = (context, name) => {
-	const ctx = isRecord(context.ctx) ? context.ctx : context;
-	const headers = (context.request || ctx.clearRequest || ctx.req || ctx.request)?.headers || ctx.headers || ctx.req?.headers || ctx.request?.headers;
-	return parseCookies(typeof headers?.get === "function" ? headers.get("cookie") : headers?.cookie)[name];
-};
-const serializeCookie = (name, value, options = {}) => {
-	const parts = [`${name}=${encodeURIComponent(value)}`];
-	if (typeof options.maxAge === "number") parts.push(`Max-Age=${Math.max(0, Math.floor(options.maxAge))}`);
-	if (options.expires) parts.push(`Expires=${options.expires.toUTCString()}`);
-	parts.push(`Path=${options.path || "/"}`);
-	if (options.domain) parts.push(`Domain=${options.domain}`);
-	if (options.httpOnly !== false) parts.push("HttpOnly");
-	if (options.secure) parts.push("Secure");
-	if (options.sameSite) parts.push(`SameSite=${options.sameSite}`);
-	return parts.join("; ");
-};
-const splitSetCookieHeader = (value) => {
-	return value.split(/,\s*(?=[^;,\s]+=)/).filter(Boolean);
-};
-const withoutCookie = (current, cookieName) => {
-	return (Array.isArray(current) ? current.flatMap((item) => splitSetCookieHeader(String(item))) : typeof current === "string" ? splitSetCookieHeader(current) : []).filter((cookie) => !cookie.trim().startsWith(`${cookieName}=`));
-};
-const upsertHeaderValue = (target, headerName, cookieName, value) => {
-	if (!target) return false;
-	if (typeof target.setHeader === "function") {
-		const next = [...withoutCookie(typeof target.getHeader === "function" ? target.getHeader(headerName) : void 0, cookieName), value];
-		target.setHeader(headerName, next);
-		return true;
-	}
-	if (target.headers && typeof target.headers.set === "function") {
-		const next = [...withoutCookie(target.headers.get(headerName), cookieName), value];
-		target.headers.set(headerName, next.join(", "));
-		return true;
-	}
-	if (typeof target.appendHeader === "function") {
-		target.appendHeader(headerName, value);
-		return true;
-	}
-	if (typeof target.append === "function") {
-		target.append(headerName, value);
-		return true;
-	}
-	return false;
-};
-const setCookie = (context, name, value, options = {}) => {
-	const ctx = isRecord(context.ctx) ? context.ctx : context;
-	const cookie = serializeCookie(name, value, options);
-	const response = context.response || ctx.clearResponse;
-	if (response?.headers && typeof response.headers.set === "function") {
-		const next = [...withoutCookie(response.headers.get("set-cookie"), name), cookie];
-		response.headers.set("set-cookie", next.join(", "));
-	}
-	upsertHeaderValue(response?.source, "Set-Cookie", name, cookie) || upsertHeaderValue(ctx.res, "Set-Cookie", name, cookie) || upsertHeaderValue(ctx.response, "Set-Cookie", name, cookie) || upsertHeaderValue(ctx.response?.source, "Set-Cookie", name, cookie) || upsertHeaderValue(ctx.event?.res, "Set-Cookie", name, cookie);
-	return cookie;
-};
-const byteLength = (value) => Buffer.byteLength(value, "utf8");
-const serializeValue = (value) => {
-	if (value === null || typeof value === "undefined") return "N;";
-	if (typeof value === "boolean") return `b:${value ? 1 : 0};`;
-	if (typeof value === "number") return Number.isInteger(value) ? `i:${value};` : `d:${value};`;
-	if (typeof value === "string") return `s:${byteLength(value)}:"${value}";`;
-	if (Array.isArray(value)) return serializeEntries(value.map((item, index) => [index, item]));
-	if (typeof value === "object") return serializeEntries(Object.entries(value));
-	return serializeValue(String(value));
-};
-const serializeEntries = (entries) => {
-	return `a:${entries.length}:{${entries.map(([key, value]) => serializeValue(key) + serializeValue(value)).join("")}}`;
-};
-var Parser = class {
-	source;
-	offset = 0;
-	constructor(source) {
-		this.source = source;
-	}
-	parse() {
-		const type = this.source[this.offset];
-		this.offset += type === "N" ? 1 : 2;
-		switch (type) {
-			case "N":
-				this.expect(";");
-				return null;
-			case "b": return this.readUntil(";") === "1";
-			case "i": return Number.parseInt(this.readUntil(";"), 10);
-			case "d": return Number.parseFloat(this.readUntil(";"));
-			case "s": return this.parseString();
-			case "a": return this.parseArray();
-			default: throw new Error(`Unsupported serialized session value: ${type}`);
-		}
-	}
-	parseString() {
-		const length = Number.parseInt(this.readUntil(":"), 10);
-		this.expect("\"");
-		let end = this.offset;
-		let bytes = 0;
-		while (end < this.source.length && bytes < length) {
-			const char = this.source[end];
-			bytes += Buffer.byteLength(char, "utf8");
-			end += 1;
-		}
-		const value = this.source.slice(this.offset, end);
-		this.offset = end;
-		this.expect("\"");
-		this.expect(";");
-		return value;
-	}
-	parseArray() {
-		const length = Number.parseInt(this.readUntil(":"), 10);
-		this.expect("{");
-		const entries = [];
-		let sequential = true;
-		for (let index = 0; index < length; index += 1) {
-			const key = this.parse();
-			const value = this.parse();
-			entries.push([key, value]);
-			if (key !== index) sequential = false;
-		}
-		this.expect("}");
-		if (sequential) return entries.map(([, value]) => value);
-		return entries.reduce((record, [key, value]) => {
-			record[String(key)] = value;
-			return record;
-		}, {});
-	}
-	readUntil(token) {
-		const index = this.source.indexOf(token, this.offset);
-		if (index < 0) throw new Error("Invalid serialized session payload");
-		const value = this.source.slice(this.offset, index);
-		this.offset = index + token.length;
-		return value;
-	}
-	expect(token) {
-		if (this.source.slice(this.offset, this.offset + token.length) !== token) throw new Error("Invalid serialized session payload");
-		this.offset += token.length;
-	}
-};
-const encodeSessionPayload = (payload) => {
-	return serializeValue(payload);
-};
-const normalizeSessionPayload = (payload) => {
-	if (!payload || typeof payload !== "object" || Array.isArray(payload)) return payload;
-	const record = payload;
-	for (const key of [
-		"data",
-		"errors",
-		"flash"
-	]) if (Array.isArray(record[key]) && record[key].length === 0) record[key] = {};
-	return record;
-};
-const decodeSessionPayload = (value) => {
-	if (!value) return;
-	try {
-		return normalizeSessionPayload(new Parser(value).parse());
-	} catch {
-		return;
-	}
-};
-const keyFromSecret = (secret) => {
-	if (secret.startsWith("base64:")) {
-		const decoded = Buffer.from(secret.slice(7), "base64");
-		if (decoded.length === 32) return decoded;
-	}
-	const raw = Buffer.from(secret, "base64");
-	if (raw.length === 32) return raw;
-	return createHash("sha256").update(secret).digest();
-};
-const macFor = (iv, value, key) => {
-	return createHmac("sha256", key).update(iv + value).digest("hex");
-};
-const encryptSessionValue = (value, secret) => {
-	const key = keyFromSecret(secret);
-	const iv = randomBytes(16);
-	const ivValue = iv.toString("base64");
-	const cipher = createCipheriv("aes-256-cbc", key, iv);
-	const encrypted = Buffer.concat([cipher.update(value, "utf8"), cipher.final()]).toString("base64");
-	const payload = {
-		iv: ivValue,
-		value: encrypted,
-		mac: macFor(ivValue, encrypted, key),
-		tag: ""
-	};
-	return JSON.stringify(payload);
-};
-const decryptSessionValue = (payload, secret) => {
-	if (!payload) return;
-	try {
-		const decoded = JSON.parse(payload.startsWith("{") ? payload : Buffer.from(payload, "base64").toString("utf8"));
-		if (!decoded.iv || !decoded.value || !decoded.mac) return;
-		const key = keyFromSecret(secret);
-		const expected = macFor(decoded.iv, decoded.value, key);
-		const actualBuffer = Buffer.from(decoded.mac);
-		const expectedBuffer = Buffer.from(expected);
-		if (actualBuffer.length !== expectedBuffer.length || !timingSafeEqual(actualBuffer, expectedBuffer)) return;
-		const decipher = createDecipheriv("aes-256-cbc", key, Buffer.from(decoded.iv, "base64"));
-		return Buffer.concat([decipher.update(Buffer.from(decoded.value, "base64")), decipher.final()]).toString("utf8");
-	} catch {
-		return;
-	}
-};
-const defaultSecret = () => String(process.env.SESSION_SECRET || process.env.APP_KEY || "arkstack-session-secret");
-const defaultcookie_options = (ttl) => ({
-	httpOnly: true,
-	sameSite: "Lax",
-	secure: process.env.NODE_ENV === "production",
-	path: "/",
-	maxAge: ttl
-});
-var BaseSessionDriver = class {
-	cookie;
-	secret;
-	ttl;
-	cookie_options;
-	constructor(options = {}) {
-		this.cookie = options.cookie || "arkstack_session";
-		this.secret = options.secret || defaultSecret();
-		this.ttl = options.ttl;
-		this.cookie_options = {
-			...defaultcookie_options(options.ttl),
-			...options.cookie_options || {}
-		};
-	}
-	readSessionId(context) {
-		return decodeSignedValue(getCookie(context, this.cookie), this.secret);
-	}
-	encryptPayload(value) {
-		return encryptSessionValue(value, this.secret);
-	}
-	decryptPayload(value) {
-		return decryptSessionValue(value, this.secret);
-	}
-	writeSessionId(context, id) {
-		setCookie(context, this.cookie, encodeSignedValue(id, this.secret), this.cookie_options);
-	}
-};
-var CookieSessionDriver = class extends BaseSessionDriver {
-	async start(context) {
-		const cookie = getCookie(context, this.cookie);
-		const decoded = this.decryptPayload(cookie) ?? decodeSignedValue(cookie, this.secret);
-		const payload = decodeSessionPayload(decoded) ?? decodeJson(decoded);
-		const id = payload?.id || generateSessionId();
-		const state = payload ? {
-			data: payload.data,
-			errors: payload.errors,
-			flash: payload.flash
-		} : void 0;
-		const save = async (next) => {
-			setCookie(context, this.cookie, this.encryptPayload(encodeSessionPayload({
-				id,
-				...next
-			})), this.cookie_options);
-		};
-		const destroy = async () => {
-			setCookie(context, this.cookie, "", {
-				...this.cookie_options,
-				maxAge: 0,
-				expires: /* @__PURE__ */ new Date(0)
-			});
-		};
-		return {
-			id,
-			state,
-			save,
-			destroy
-		};
-	}
-};
-var DatabaseSessionDriver = class extends BaseSessionDriver {
-	tableName;
-	constructor(options = {}) {
-		super(options);
-		this.tableName = options.table || "sessions";
-	}
-	table() {
-		return DB.table(this.tableName);
-	}
-	async start(context) {
-		const id = this.readSessionId(context) || generateSessionId();
-		this.writeSessionId(context, id);
-		const row = await this.table().where({ id }).first();
-		const state = isRecord(row) && typeof row.payload === "string" ? decodeSessionPayload(this.decryptPayload(row.payload) ?? row.payload) ?? decodeJson(this.decryptPayload(row.payload) ?? row.payload) : isRecord(row?.payload) ? row.payload : void 0;
-		const save = async (payload) => {
-			const now = /* @__PURE__ */ new Date();
-			const values = {
-				id,
-				payload: this.encryptPayload(encodeSessionPayload(payload)),
-				updatedAt: now,
-				expiresAt: this.ttl ? new Date(now.getTime() + this.ttl * 1e3) : null
-			};
-			if (await this.table().where({ id }).first()) await this.table().where({ id }).update(values);
-			else await this.table().insert({
-				...values,
-				createdAt: now
-			});
-			this.writeSessionId(context, id);
-		};
-		const destroy = async () => {
-			await this.table().where({ id }).delete();
-			setCookie(context, this.cookie, "", {
-				...this.cookie_options,
-				maxAge: 0,
-				expires: /* @__PURE__ */ new Date(0)
-			});
-		};
-		return {
-			id,
-			state,
-			save,
-			destroy
-		};
-	}
-};
-var FileSessionDriver = class extends BaseSessionDriver {
-	directory;
-	constructor(options = {}) {
-		super(options);
-		this.directory = options.directory || join(Arkstack.rootDir(), "storage", "framework", "sessions");
-	}
-	path(id) {
-		return join(this.directory, id);
-	}
-	async start(context) {
-		const id = this.readSessionId(context) || generateSessionId();
-		this.writeSessionId(context, id);
-		let state;
-		try {
-			const contents = await readFile(this.path(id), "utf8");
-			const payload = this.decryptPayload(contents) ?? contents;
-			state = decodeSessionPayload(payload) ?? JSON.parse(payload);
-		} catch {
-			state = void 0;
-		}
-		const save = async (payload) => {
-			const path = this.path(id);
-			await mkdir(dirname(path), { recursive: true });
-			await writeFile(path, this.encryptPayload(encodeSessionPayload(payload)), "utf8");
-			this.writeSessionId(context, id);
-		};
-		const destroy = async () => {
-			await rm(this.path(id), { force: true });
-			setCookie(context, this.cookie, "", {
-				...this.cookie_options,
-				maxAge: 0,
-				expires: /* @__PURE__ */ new Date(0)
-			});
-		};
-		return {
-			id,
-			state,
-			save,
-			destroy
-		};
-	}
-};
-let configuredDriver;
-const readAppSessionConfig = () => {
-	try {
-		if (!globalThis.config) return;
-		return {
-			driver: config("session.driver", "cookie"),
-			cookie: config("session.cookie", "arkstack_session"),
-			secret: config("session.secret"),
-			ttl: config("session.ttl", 3600 * 24 * 7),
-			cookie_options: {
-				path: config("session.path", "/"),
-				httpOnly: config("session.http_only", true),
-				secure: config("session.secure", true),
-				sameSite: config("session.same_site", "Lax")
-			},
-			file: { directory: config("session.directory") },
-			database: { table: config("session.table", "sessions") }
-		};
-	} catch {
-		return;
-	}
-};
-const createSessionDriver = (config = {}) => {
-	if (config.driver && typeof config.driver !== "string") return config.driver;
-	const common = {
-		cookie: config.cookie,
-		secret: config.secret,
-		ttl: config.ttl,
-		cookie_options: config.cookie_options
-	};
-	switch (config.driver || "cookie") {
-		case "file": return new FileSessionDriver({
-			...common,
-			directory: config.file?.directory
-		});
-		case "database": return new DatabaseSessionDriver({
-			...common,
-			table: config.database?.table
-		});
-		default: return new CookieSessionDriver(common);
-	}
-};
-const getSessionDriver = () => {
-	if (!configuredDriver) configuredDriver = createSessionDriver(readAppSessionConfig());
-	return configuredDriver;
-};
-definePlugin({
-	name: "arkstack-http",
-	setup: ({ bind, useHttpContext }) => {
-		bind(Session, async ({ ctx }) => {
-			const existing = getSession(ctx);
-			if (existing) return existing;
-			const persistent = await getSessionDriver().start(ctx);
-			const session = ensureSession(ctx, persistent.state, persistent);
-			attachViewState(ctx, session);
-			registerResponseFlashSweep(ctx, session);
-			return session;
-		});
-		bind(Request$1$1, ({ request, ctx }) => {
-			return (request instanceof Request$1$1 ? request : Request$1$1.from(request ?? ctx)).syncFromSource();
-		});
-		useHttpContext((context) => {
-			const session = getSession(context.ctx);
-			if (session) {
-				context.httpSession = session;
-				if (!("session" in context) || context.session instanceof Session) context.session = session;
-				context.errors = session.errors;
-				attachViewState(context.ctx, session);
-				attachViewState(context, session);
-				registerResponseFlashSweep(context, session);
-			} else delete globalThis.session;
-			globalThis.request = (key) => key ? context.request.input(key) : context.request;
-		});
-	}
-});
-definePlugin$1({
-	name: "kanun-session-plugin",
-	install({ onValidationError }) {
-		onValidationError((validator) => {
-			const currentSession = globalThis.session?.();
-			if (currentSession instanceof Session) currentSession.addValidationErrors(validator);
-		});
-	}
-});
-//#endregion
 //#region src/Router.ts
 registerPlugin(clearRouterExpressPlugin);
 Router$2.configure({ inferParamName: true });

package/dist/middlewares/index.d.ts

@@ -54,4 +54,16 @@ declare class RequestLoggerMiddleware {
   handler(req: Request, res: Response, next: NextFunction): Promise<void>;
 }
 //#endregion
-export { AuthMiddleware, FormDataMiddleware, RequestLoggerMiddleware, auth, formdata, limiter, requestLogger };
+//#region src/middlewares/resora.d.ts
+/**
+ * Apply the application's resora configuration (`src/config/resources.ts`) and
+ * bind the per-request `{ req, res }` context so Resources can build URLs and
+ * pagination links.
+ *
+ * Replaces the manual `Resource.setCtx(...)` wiring: resora's runtime config is
+ * applied from `config('resources')`, and the request is run within resora's
+ * async context so downstream handlers resolve the correct context.
+ */
+declare const resora: () => Handler;
+//#endregion
+export { AuthMiddleware, FormDataMiddleware, RequestLoggerMiddleware, auth, formdata, limiter, requestLogger, resora };

package/dist/middlewares/index.js

@@ -1,4 +1,5 @@
-import { Exception, Hook, Logger, env, nodeEnv } from "@arkstack/common";
+import { Exception, Hook, Logger, config, env, nodeEnv } from "@arkstack/common";
+import { applyRuntimeConfig, getDefaultConfig, runWithCtx, setCtx } from "resora";
 import multer from "multer";
 import { rateLimit } from "express-rate-limit";
 //#region src/middlewares/auth.ts
@@ -145,4 +146,33 @@ var RequestLoggerMiddleware = class {
 	}
 };
 //#endregion
-export { AuthMiddleware, FormDataMiddleware, RequestLoggerMiddleware, auth, formdata, limiter, requestLogger };
+//#region src/middlewares/resora.ts
+/**
+* Apply the application's resora configuration (`src/config/resources.ts`) and
+* bind the per-request `{ req, res }` context so Resources can build URLs and
+* pagination links.
+*
+* Replaces the manual `Resource.setCtx(...)` wiring: resora's runtime config is
+* applied from `config('resources')`, and the request is run within resora's
+* async context so downstream handlers resolve the correct context.
+*/
+const resora = () => {
+	return (req, res, next) => {
+		try {
+			applyRuntimeConfig({
+				...getDefaultConfig(),
+				...config("resources", {})
+			});
+		} catch {}
+		setCtx({
+			req,
+			res
+		});
+		return runWithCtx({
+			req,
+			res
+		}, () => next());
+	};
+};
+//#endregion
+export { AuthMiddleware, FormDataMiddleware, RequestLoggerMiddleware, auth, formdata, limiter, requestLogger, resora };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@arkstack/driver-express",
-  "version": "0.12.37",
+  "version": "0.13.1",
   "type": "module",
   "description": "Express driver for Arkstack, providing Express-based runtime integration for the framework.",
   "homepage": "https://arkstack.toneflix.net",
@@ -40,15 +40,15 @@
     "multer": "^2.1.1",
     "clear-router": "^2.8.8",
     "express-rate-limit": "^8.4.1",
-    "@resora/plugin-clear-router": "^1.0.62",
-    "resora": "^1.3.25",
-    "@arkstack/contract": "^0.12.37"
+    "@resora/plugin-clear-router": "^1.0.63",
+    "resora": "^1.3.26",
+    "@arkstack/contract": "^0.13.1"
   },
   "peerDependencies": {
     "express": "^5.2.1",
-    "@arkstack/auth": "^0.12.37",
-    "@arkstack/common": "^0.12.37",
-    "@arkstack/foundry": "^0.12.37"
+    "@arkstack/foundry": "^0.13.1",
+    "@arkstack/auth": "^0.13.1",
+    "@arkstack/common": "^0.13.1"
   },
   "peerDependenciesMeta": {
     "@arkstack/auth": {