@axium/server 0.26.2 → 0.27.0

package/dist/acl.d.ts

@@ -1,4 +1,4 @@
-import type { AccessControl, Permission, UserInternal } from '@axium/core';
+import type { AccessControl, AccessMap, Permission, UserInternal } from '@axium/core';
 import type { AliasedRawBuilder, Expression, ExpressionBuilder, Selectable } from 'kysely';
 import * as db from './database.js';
 export interface Target {
@@ -57,4 +57,5 @@ export interface ACLSelectionOptions {
  */
 export declare function from(table: TargetName, opt?: ACLSelectionOptions): (eb: ExpressionBuilder<db.Schema, any>) => AliasedRawBuilder<Required<AccessControl>[], 'acl'>;
 export declare function get(itemType: TargetName, itemId: string): Promise<Required<AccessControlInternal>[]>;
+export declare function set(itemType: TargetName, itemId: string, data: AccessMap): Promise<AccessControlInternal[]>;
 export {};

package/dist/acl.js

@@ -64,3 +64,21 @@ export function from(table, opt = {}) {
 export async function get(itemType, itemId) {
     return await db.database.selectFrom(`acl.${itemType}`).where('itemId', '=', itemId).selectAll().select(db.userFromId).execute();
 }
+export async function set(itemType, itemId, data) {
+    if ('public' in data) {
+        // @ts-expect-error 2353 - TS misses the column
+        await db.database.updateTable(itemType).set({ publicPermission: data.public }).where('id', '=', itemId).execute();
+        delete data.public;
+    }
+    const entries = Object.entries(data).map(([userId, perm]) => ({ userId, perm }));
+    if (!entries.length)
+        return [];
+    return await db.database
+        .updateTable(`acl.${itemType}`)
+        .from(db.values(entries, 'data'))
+        .set('permission', eb => eb.ref('data.perm'))
+        .whereRef(`acl.${itemType}.userId`, '=', 'data.userId')
+        .where('itemId', '=', itemId)
+        .returningAll()
+        .execute();
+}

package/dist/api/acl.js

@@ -1,4 +1,4 @@
-import { Permission } from '@axium/core/access';
+import { AccessMap } from '@axium/core/access';
 import * as z from 'zod';
 import * as acl from '../acl.js';
 import { parseBody, withError } from '../requests.js';
@@ -9,11 +9,11 @@ addRoute({
         itemType: z.string(),
         itemId: z.uuid(),
     },
-    async PUT(request, params) {
-        const type = params.itemType;
-        const itemId = params.itemId;
-        const data = await parseBody(request, z.object({ userId: z.uuid(), permission: Permission }));
-        const share = await acl.createEntry(type, { ...data, itemId }).catch(withError('Failed to create access control'));
-        return share;
+    async GET(request, { itemType, itemId }) {
+        return await acl.get(itemType, itemId).catch(withError('Failed to get access controls'));
+    },
+    async POST(request, { itemType, itemId }) {
+        const data = await parseBody(request, AccessMap);
+        return await acl.set(itemType, itemId, data).catch(withError('Failed to set access controls'));
     },
 });

package/dist/api/admin.js

@@ -55,9 +55,9 @@ addRoute({
 addRoute({
     path: '/api/admin/users/:userId',
     params: { userId: z.uuid() },
-    async GET(req, params) {
+    async GET(req, { userId }) {
         await assertAdmin(this, req);
-        if (!params.userId)
+        if (!userId)
             error(400, 'Missing user ID');
         const user = await db
             .selectFrom('users')
@@ -65,7 +65,7 @@ addRoute({
             .select(eb => jsonArrayFrom(eb.selectFrom('sessions').whereRef('sessions.userId', '=', 'users.id').selectAll())
             .$castTo()
             .as('sessions'))
-            .where('id', '=', params.userId)
+            .where('id', '=', userId)
             .executeTakeFirstOrThrow()
             .catch(withError('User not found', 404));
         return {
@@ -134,9 +134,9 @@ addRoute({
 addRoute({
     path: '/api/admin/audit/:eventId',
     params: { eventId: z.uuid() },
-    async GET(req, params) {
+    async GET(req, { eventId }) {
         await assertAdmin(this, req);
-        if (!params.eventId)
+        if (!eventId)
             error(400, 'Missing event ID');
         const event = await db
             .selectFrom('audit_log')
@@ -144,7 +144,7 @@ addRoute({
             .select(eb => jsonObjectFrom(eb.selectFrom('users').whereRef('users.id', '=', 'audit_log.userId').selectAll())
             .$castTo()
             .as('user'))
-            .where('id', '=', params.eventId)
+            .where('id', '=', eventId)
             .executeTakeFirstOrThrow()
             .catch(withError('Audit event not found', 404));
         return event;

package/dist/api/passkeys.js

@@ -10,14 +10,14 @@ addRoute({
     params: {
         id: z.string(),
     },
-    async GET(request, params) {
-        const passkey = await getPasskey(params.id);
+    async GET(request, { id }) {
+        const passkey = await getPasskey(id);
         await checkAuthForUser(request, passkey.userId);
         return omit(passkey, 'counter', 'publicKey');
     },
-    async PATCH(request, params) {
+    async PATCH(request, { id }) {
         const body = await parseBody(request, PasskeyChangeable);
-        const passkey = await getPasskey(params.id);
+        const passkey = await getPasskey(id);
         await checkAuthForUser(request, passkey.userId);
         const result = await db
             .updateTable('passkeys')
@@ -28,8 +28,8 @@ addRoute({
             .catch(withError('Could not update passkey'));
         return omit(result, 'counter', 'publicKey');
     },
-    async DELETE(request, params) {
-        const passkey = await getPasskey(params.id);
+    async DELETE(request, { id }) {
+        const passkey = await getPasskey(id);
         await checkAuthForUser(request, passkey.userId);
         const { count } = await db
             .selectFrom('passkeys')

package/dist/api/register.js

@@ -48,7 +48,7 @@ async function POST(request) {
     const { verified, registrationInfo } = await verifyRegistrationResponse({
         response,
         expectedChallenge,
-        expectedOrigin: config.auth.origin,
+        expectedOrigin: config.origin,
     }).catch(() => error(400, 'Verification failed'));
     if (!verified || !registrationInfo)
         error(401, 'Verification failed');

package/dist/api/users.js

@@ -32,14 +32,12 @@ addRoute({
 addRoute({
     path: '/api/users/:id',
     params,
-    async GET(request, params) {
-        const userId = params.id;
+    async GET(request, { id: userId }) {
         const auth = await checkAuthForUser(request, userId).catch(() => null);
         const user = auth?.user || (await getUser(userId).catch(withError('User does not exist', 404)));
         return stripUser(user, !!auth);
     },
-    async PATCH(request, params) {
-        const userId = params.id;
+    async PATCH(request, { id: userId }) {
         const body = await parseBody(request, UserChangeable);
         await checkAuthForUser(request, userId);
         if ('email' in body)
@@ -55,8 +53,7 @@ addRoute({
             .catch(withError('Failed to update user'));
         return stripUser(result, true);
     },
-    async DELETE(request, params) {
-        const userId = params.id;
+    async DELETE(request, { id: userId }) {
         await checkAuthForUser(request, userId, true);
         const result = await db
             .deleteFrom('users')
@@ -71,8 +68,7 @@ addRoute({
 addRoute({
     path: '/api/users/:id/full',
     params,
-    async GET(request, params) {
-        const userId = params.id;
+    async GET(request, { id: userId }) {
         const { user } = await checkAuthForUser(request, userId);
         const sessions = await getSessions(userId);
         return {
@@ -84,8 +80,7 @@ addRoute({
 addRoute({
     path: '/api/users/:id/auth',
     params,
-    async OPTIONS(request, params) {
-        const userId = params.id;
+    async OPTIONS(request, { id: userId }) {
         const { type } = await parseBody(request, UserAuthOptions);
         const user = await getUser(userId).catch(withError('User does not exist', 404));
         if (user.isSuspended)
@@ -100,8 +95,7 @@ addRoute({
         challenges.set(userId, { data: options.challenge, type });
         return options;
     },
-    async POST(request, params) {
-        const userId = params.id;
+    async POST(request, { id: userId }) {
         const response = await parseBody(request, PasskeyAuthenticationResponse);
         const auth = challenges.get(userId);
         if (!auth)
@@ -116,7 +110,7 @@ addRoute({
             response,
             credential: passkey,
             expectedChallenge,
-            expectedOrigin: config.auth.origin,
+            expectedOrigin: config.origin,
             expectedRPID: config.auth.rp_id,
         })
             .catch(withError('Verification failed', 400));
@@ -143,8 +137,7 @@ addRoute({
     /**
      * Get passkey registration options for a user.
      */
-    async OPTIONS(request, params) {
-        const userId = params.id;
+    async OPTIONS(request, { id: userId }) {
         const existing = await getPasskeysByUserId(userId);
         const { user } = await checkAuthForUser(request, userId);
         const options = await webauthn.generateRegistrationOptions({
@@ -166,8 +159,7 @@ addRoute({
     /**
      * Get passkeys for a user.
      */
-    async GET(request, params) {
-        const userId = params.id;
+    async GET(request, { id: userId }) {
         await checkAuthForUser(request, userId);
         const passkeys = await getPasskeysByUserId(userId);
         return passkeys.map(p => omit(p, 'publicKey', 'counter'));
@@ -175,8 +167,7 @@ addRoute({
     /**
      * Register a new passkey for an existing user.
      */
-    async PUT(request, params) {
-        const userId = params.id;
+    async PUT(request, { id: userId }) {
         const response = await parseBody(request, PasskeyRegistration);
         await checkAuthForUser(request, userId);
         const expectedChallenge = registrations.get(userId);
@@ -187,7 +178,7 @@ addRoute({
             .verifyRegistrationResponse({
             response,
             expectedChallenge,
-            expectedOrigin: config.auth.origin,
+            expectedOrigin: config.origin,
         })
             .catch(withError('Verification failed', 400));
         if (!verified || !registrationInfo)
@@ -205,13 +196,11 @@ addRoute({
 addRoute({
     path: '/api/users/:id/sessions',
     params,
-    async GET(request, params) {
-        const userId = params.id;
+    async GET(request, { id: userId }) {
         await checkAuthForUser(request, userId);
         return (await getSessions(userId).catch(e => error(503, 'Failed to get sessions' + (config.debug ? ': ' + e : '')))).map(s => omit(s, 'token'));
     },
-    async DELETE(request, params) {
-        const userId = params.id;
+    async DELETE(request, { id: userId }) {
         const body = await parseBody(request, LogoutSessions);
         await checkAuthForUser(request, userId, body.confirm_all);
         if (!body.confirm_all && !Array.isArray(body.id))
@@ -229,8 +218,7 @@ addRoute({
 addRoute({
     path: '/api/users/:id/verify_email',
     params,
-    async OPTIONS(request, params) {
-        const userId = params.id;
+    async OPTIONS(request, { id: userId }) {
         if (!config.auth.email_verification)
             return { enabled: false };
         await checkAuthForUser(request, userId);
@@ -238,16 +226,14 @@ addRoute({
             return { enabled: false };
         return { enabled: true };
     },
-    async GET(request, params) {
-        const userId = params.id;
+    async GET(request, { id: userId }) {
         const { user } = await checkAuthForUser(request, userId);
         if (user.emailVerified)
             error(409, 'Email already verified');
         const verification = await createVerification('verify_email', userId, config.auth.verification_timeout * 60);
         return omit(verification, 'token', 'role');
     },
-    async POST(request, params) {
-        const userId = params.id;
+    async POST(request, { id: userId }) {
         const { token } = await parseBody(request, z.object({ token: z.string() }));
         const { user } = await checkAuthForUser(request, userId);
         if (user.emailVerified)

package/dist/audit.d.ts

@@ -25,6 +25,9 @@ export interface $EventTypes {
         route: string;
         session: string;
     };
+    response_error: {
+        stack?: string;
+    };
 }
 export type EventName = keyof $EventTypes;
 export type EventExtra<T extends EventName> = $EventTypes[T];

package/dist/audit.js

@@ -74,7 +74,7 @@ export async function audit(eventName, userId, extra) {
     }
 }
 export function getEvents(filter) {
-    let query = database.selectFrom('audit_log').selectAll();
+    let query = database.selectFrom('audit_log').selectAll().orderBy('timestamp', 'desc');
     if ('user' in filter && !filter.user)
         query = query.where('userId', 'is', null);
     else if (filter.user)
@@ -120,3 +120,10 @@ addEvent({
     tags: ['auth'],
     extra: { route: z.string(), session: z.string() },
 });
+addEvent({
+    source: '@axium/server',
+    name: 'response_error',
+    severity: Severity.Error,
+    tags: [],
+    extra: { stack: z.string().optional() },
+});

package/dist/cli.js

@@ -529,8 +529,9 @@ try {
         .addOption(opts.host)
         .addOption(opts.check)
         .addOption(opts.packagesDir)
+        .option('-s, --skip', 'Skip already initialized steps')
         .action(async (opt) => {
-        await db.init({ ...opt, skip: opt.dbSkip }).catch(io.handleError);
+        await db.init(opt).catch(io.handleError);
         await restrictedPorts({ method: 'node-cap', action: 'enable' }).catch(io.handleError);
     });
     program
@@ -546,7 +547,7 @@ try {
             ssl_key: opt.ssl ? join(opt.ssl, 'key.pem') : config.web.ssl_key,
             build: opt.build ? resolve(opt.build) : config.web.build,
         });
-        const port = !Number.isNaN(Number.parseInt(opt.port ?? '')) ? Number.parseInt(opt.port) : config.web.port;
+        const port = !Number.isNaN(Number.parseInt(opt.port ?? 'NaN')) ? Number.parseInt(opt.port) : config.web.port;
         server.listen(port, () => {
             console.log('Server is listening on port ' + port);
         });

package/dist/config.d.ts

@@ -13,7 +13,6 @@ export declare const ConfigSchema: z.ZodObject<{
         auto_suspend: z.ZodOptional<z.ZodLiteral<"Emergency" | "Alert" | "Critical" | "Error" | "Warning" | "Notice" | "Info" | "Debug" | "emergency" | "alert" | "critical" | "error" | "warning" | "notice" | "info" | "debug">>;
     }, z.core.$loose>>;
     auth: z.ZodOptional<z.ZodObject<{
-        origin: z.ZodOptional<z.ZodString>;
         passkey_probation: z.ZodOptional<z.ZodNumber>;
         rp_id: z.ZodOptional<z.ZodString>;
         rp_name: z.ZodOptional<z.ZodString>;
@@ -41,6 +40,7 @@ export declare const ConfigSchema: z.ZodObject<{
         }>>;
         console: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$loose>>;
+    origin: z.ZodOptional<z.ZodString>;
     request_size_limit: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
     show_duplicate_state: z.ZodOptional<z.ZodBoolean>;
     web: z.ZodOptional<z.ZodObject<{
@@ -87,7 +87,6 @@ export declare const FileSchema: z.ZodObject<{
         auto_suspend: z.ZodOptional<z.ZodLiteral<"Emergency" | "Alert" | "Critical" | "Error" | "Warning" | "Notice" | "Info" | "Debug" | "emergency" | "alert" | "critical" | "error" | "warning" | "notice" | "info" | "debug">>;
     }, z.core.$loose>>>;
     auth: z.ZodOptional<z.ZodOptional<z.ZodObject<{
-        origin: z.ZodOptional<z.ZodString>;
         passkey_probation: z.ZodOptional<z.ZodNumber>;
         rp_id: z.ZodOptional<z.ZodString>;
         rp_name: z.ZodOptional<z.ZodString>;
@@ -115,6 +114,7 @@ export declare const FileSchema: z.ZodObject<{
         }>>;
         console: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$loose>>>;
+    origin: z.ZodOptional<z.ZodOptional<z.ZodString>>;
     request_size_limit: z.ZodOptional<z.ZodOptional<z.ZodOptional<z.ZodNumber>>>;
     show_duplicate_state: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
     web: z.ZodOptional<z.ZodOptional<z.ZodObject<{

package/dist/config.js

@@ -30,7 +30,6 @@ export const ConfigSchema = z
         .partial(),
     auth: z
         .looseObject({
-        origin: z.string(),
         /** In minutes */
         passkey_probation: z.number(),
         rp_id: z.string(),
@@ -62,6 +61,7 @@ export const ConfigSchema = z
         console: z.boolean(),
     })
         .partial(),
+    origin: z.string(),
     request_size_limit: z.number().min(0).optional(),
     show_duplicate_state: z.boolean(),
     web: z
@@ -95,7 +95,6 @@ export const defaultConfig = {
         auto_suspend: 'critical',
     },
     auth: {
-        origin: 'https://test.localhost',
         passkey_probation: 60,
         rp_id: 'test.localhost',
         rp_name: 'Axium',
@@ -122,6 +121,7 @@ export const defaultConfig = {
         console: true,
         level: 'info',
     },
+    origin: 'https://test.localhost',
     show_duplicate_state: false,
     request_size_limit: 0,
     web: {

package/dist/database.d.ts

@@ -75,6 +75,10 @@ export type TablesMatching<T> = (string & keyof Schema) & keyof {
 export declare function userFromId<TB extends TablesMatching<{
     userId: string;
 }>>(builder: kysely.ExpressionBuilder<Schema, TB>): kysely.AliasedRawBuilder<UserInternal, 'user' | TB>;
+/**
+ * Used for `update ... set ... from`
+ */
+export declare function values<R extends Record<string, unknown>, A extends string>(records: R[], alias: A): kysely.AliasedRawBuilder<R, A>;
 export interface Stats {
     users: number;
     passkeys: number;

package/dist/database.js

@@ -93,6 +93,30 @@ export function userFromId(builder) {
         .$castTo()
         .as('user');
 }
+/**
+ * Used for `update ... set ... from`
+ */
+export function values(records, alias) {
+    if (!records?.length)
+        throw new Error('Can not create values() with empty records array');
+    // Assume there's at least one record and all records
+    // have the same keys.
+    const keys = Object.keys(records[0]);
+    // Transform the records into a list of lists such as
+    // ($1, $2, $3), ($4, $5, $6)
+    const values = sql.join(records.map(r => sql `(${sql.join(keys.map(k => r[k]))})`));
+    // Create the alias `v(id, v1, v2)` that specifies the table alias
+    // AND a name for each column.
+    const wrappedAlias = sql.ref(alias);
+    // eslint-disable-next-line @typescript-eslint/unbound-method
+    const wrappedColumns = sql.join(keys.map(sql.ref));
+    const aliasSql = sql `${wrappedAlias}(${wrappedColumns})`;
+    // Finally create a single `AliasedRawBuilder` instance of the
+    // whole thing. Note that we need to explicitly specify
+    // the alias type using `.as<A>` because we are using a
+    // raw sql snippet as the alias.
+    return sql `(values ${values})`.as(aliasSql);
+}
 export async function statText() {
     try {
         const stats = await count('users', 'passkeys', 'sessions');

package/dist/internal_requests.js

@@ -60,7 +60,7 @@ function get_raw_body(req) {
 }
 export function convertToRequest(req) {
     const headers = req.headers;
-    const request = new Request(config.auth.origin + req.url, {
+    const request = new Request(config.origin + req.url, {
         // @ts-expect-error 2353
         duplex: 'half',
         method: req.method,

package/dist/requests.d.ts

@@ -1,4 +1,4 @@
-import type { User, UserInternal } from '@axium/core';
+import { type User, type UserInternal } from '@axium/core';
 import * as z from 'zod';
 import type { ServerRoute } from './routes.js';
 /**

package/dist/requests.js

@@ -1,7 +1,10 @@
+import {} from '@axium/core';
+import * as io from '@axium/core/io';
 import { userProtectedFields, userPublicFields } from '@axium/core/user';
 import * as cookie from 'cookie_v1';
 import { pick } from 'utilium';
 import * as z from 'zod';
+import { audit } from './audit.js';
 import { createSession } from './auth.js';
 import { config } from './config.js';
 export function isResponseError(e) {
@@ -25,7 +28,7 @@ export function redirect(location, status = 302) {
 export function json(data, init) {
     const response = Response.json(data, init);
     if (!response.headers.has('content-length')) {
-        response.headers.set('content-length', JSON.stringify(data).length.toString());
+        response.headers.set('content-length', new TextEncoder().encode(JSON.stringify(data)).length.toString());
     }
     return response;
 }
@@ -71,6 +74,10 @@ export function withError(text, code = 500) {
     return function (e) {
         if (e.name == 'ResponseError')
             throw e;
+        if (code == 500) {
+            void audit('response_error', undefined, { stack: e.stack });
+            io.error('(in response) ' + e.stack);
+        }
         error(code, text + (config.debug && e.message ? `: ${e.message}` : ''));
     };
 }

package/dist/routes.d.ts

@@ -1,53 +1,53 @@
 import type { RequestMethod } from '@axium/core/requests';
 import type { Component } from 'svelte';
 import type z from 'zod';
-type _Params = Partial<Record<string, string>>;
+type RouteParams = Record<string, z.ZodType>;
+type ParamValues<P extends RouteParams> = {
+    [K in keyof P]: z.infer<P[K]>;
+};
 export type MaybePromise<T> = T | Promise<T>;
-export type EndpointHandlers<Params extends _Params = _Params, This = unknown> = Partial<Record<RequestMethod, (this: This, request: Request, params: Params) => MaybePromise<object | Response>>>;
-export type RouteParamOptions = z.ZodType;
-export interface CommonRouteOptions<Params extends _Params = _Params> {
-    path: string;
-    params?: {
-        [K in keyof Params]?: RouteParamOptions;
-    };
-}
+export type EndpointHandlers<Params, This = unknown> = Partial<Record<RequestMethod, (this: This, request: Request, params: Params) => MaybePromise<object | Response>>>;
 /**
  * A route with server-side handlers for different HTTP methods.
  */
-export interface ServerRouteOptions<Params extends _Params = _Params> extends CommonRouteOptions<Params>, EndpointHandlers<Params, RouteCommon> {
+export interface ServerRouteInit<Params extends RouteParams = RouteParams> extends EndpointHandlers<ParamValues<Params>, RouteCommon<Params>> {
+    path: string;
+    params?: Params;
     api?: boolean;
 }
-export interface WebRouteOptions extends CommonRouteOptions {
+export interface WebRouteInit<Params extends RouteParams = RouteParams> {
+    path: string;
+    params?: Params;
     load?(request: Request): object | Promise<object>;
     /** the Svelte page */
     page?: Component;
 }
-export type RouteOptions = ServerRouteOptions | WebRouteOptions;
-export interface RouteCommon {
+export type RouteInit<Params extends RouteParams = RouteParams> = ServerRouteInit<Params> | WebRouteInit<Params>;
+export interface RouteCommon<Params extends RouteParams = RouteParams> {
     path: string;
-    params?: Record<string, RouteParamOptions>;
+    params?: Params;
 }
-export interface ServerRoute extends RouteCommon, EndpointHandlers {
+export interface ServerRoute<Params extends RouteParams = RouteParams> extends RouteCommon<Params>, EndpointHandlers<ParamValues<Params>> {
     api: boolean;
     server: true;
 }
-export interface WebRoute extends RouteCommon {
+export interface WebRoute<Params extends RouteParams = RouteParams> extends RouteCommon<Params> {
     server: false;
     load?(request: Request): object | Promise<object>;
     page: Component;
 }
-export type Route = ServerRoute | WebRoute;
+export type Route<Params extends RouteParams = RouteParams> = ServerRoute<Params> | WebRoute<Params>;
 /**
  * @internal
  */
-export declare const routes: Map<string, Route>;
+export declare const routes: Map<string, Route<any>>;
 /**
  * @category Plugin API
  */
-export declare function addRoute(opt: RouteOptions): void;
+export declare function addRoute<const P extends RouteParams = RouteParams>(opt: RouteInit<P>): void;
 /**
  * Resolve a request URL into a route.
  * This handles parsing of parameters in the URL.
  */
-export declare function resolveRoute(url: URL): [Route, params: object] | void;
+export declare function resolveRoute<P extends RouteParams = RouteParams>(url: URL): [Route<P>, params: ParamValues<P>] | void;
 export {};

package/dist/routes.js

@@ -27,8 +27,9 @@ export function addRoute(opt) {
  */
 export function resolveRoute(url) {
     const { pathname } = url;
-    if (routes.has(pathname) && !pathname.split('/').some(p => p.startsWith(':')))
+    if (routes.has(pathname) && !pathname.split('/').some(p => p.startsWith(':'))) {
         return [routes.get(pathname), {}];
+    }
     // Otherwise we must have a parameterized route
     _routes: for (const route of routes.values()) {
         const params = {};

package/dist/serve.js

@@ -131,7 +131,7 @@ async function _runRoute(run, request, params) {
 async function _getLinkedBuildHandler(buildPath = '../build/handler.js') {
     const { handler: handleFrontendRequest } = await import(buildPath);
     return function handle(req, res) {
-        const url = new URL(req.url, config.auth.origin);
+        const url = new URL(req.url, config.origin);
         const [route, params = {}] = resolveRoute(url) ?? [];
         if (!route && url.pathname === '/' && config.debug_home) {
             res.writeHead(303, { Location: '/_axium/default' }).end();

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@axium/server",
-	"version": "0.26.2",
+	"version": "0.27.0",
 	"author": "James Prevett <axium@jamespre.dev>",
 	"funding": {
 		"type": "individual",

package/routes/admin/audit/[id]/+page.svelte

@@ -40,4 +40,9 @@
 
 <h4>Extra Data</h4>
 
-<pre>{JSON.stringify(event.extra, null, 4)}</pre>
+{#if event.name == 'response_error'}
+	<h5>Error Stack</h5>
+	<pre>{event.extra.stack}</pre>
+{:else}
+	<pre>{JSON.stringify(event.extra, null, 4)}</pre>
+{/if}

package/routes/admin/plugins/+page.svelte

@@ -15,7 +15,11 @@
 	<p><strong>Author:</strong> {plugin.author}</p>
 	<p>
 		<strong>Provided apps:</strong>
-		{#if plugin.apps?.length}{plugin.apps?.map(a => a.name).join(', ')}{:else}<i>None</i>{/if}
+		{#if plugin.apps?.length}
+			{#each plugin.apps as app, i}
+				<a href="/{app.id}">{app.name}</a>{i != plugin.apps.length - 1 ? ', ' : ''}
+			{/each}
+		{:else}<i>None</i>{/if}
 	</p>
 	<p>{plugin.description}</p>
 {:else}

package/svelte.config.js

@@ -10,6 +10,9 @@ export default {
 		warningFilter(w) {
 			if (w.code.startsWith('a11y')) return false;
 		},
+		experimental: {
+			async: true,
+		},
 	},
 	kit: {
 		adapter: node(),