npm - @axium/server - Versions diffs - 0.8.0 → 0.10.0 - Mend

@axium/server 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/{web/lib → assets}/styles.css +7 -1
package/{web/api/index.ts → dist/api/index.d.ts} +0 -2
package/dist/api/index.js +5 -0
package/dist/api/metadata.d.ts +1 -0
package/dist/api/metadata.js +28 -0
package/dist/api/passkeys.d.ts +1 -0
package/dist/api/passkeys.js +50 -0
package/dist/api/register.d.ts +1 -0
package/dist/api/register.js +70 -0
package/dist/api/session.d.ts +1 -0
package/dist/api/session.js +31 -0
package/dist/api/users.d.ts +1 -0
package/dist/api/users.js +244 -0
package/dist/apps.d.ts +0 -5
package/dist/apps.js +2 -9
package/dist/auth.d.ts +9 -31
package/dist/auth.js +20 -34
package/dist/cli.js +200 -54
package/dist/config.d.ts +52 -480
package/dist/config.js +89 -56
package/dist/database.d.ts +3 -3
package/dist/database.js +57 -24
package/dist/io.d.ts +6 -4
package/dist/io.js +26 -19
package/dist/plugins.d.ts +5 -2
package/dist/plugins.js +16 -14
package/dist/requests.d.ts +11 -0
package/dist/requests.js +58 -0
package/dist/routes.d.ts +12 -13
package/dist/routes.js +21 -22
package/dist/serve.d.ts +7 -0
package/dist/serve.js +11 -0
package/dist/state.d.ts +4 -0
package/dist/state.js +22 -0
package/dist/sveltekit.d.ts +8 -0
package/dist/sveltekit.js +90 -0
package/package.json +18 -10
package/{web/routes → routes}/account/+page.svelte +115 -48
package/svelte.config.js +36 -0
package/web/hooks.server.ts +15 -4
package/web/lib/ClipboardCopy.svelte +42 -0
package/web/lib/Dialog.svelte +0 -1
package/web/lib/FormDialog.svelte +9 -2
package/web/lib/icons/Icon.svelte +3 -12
package/web/template.html +18 -0
package/web/tsconfig.json +3 -2
package/web/api/metadata.ts +0 -35
package/web/api/passkeys.ts +0 -56
package/web/api/readme.md +0 -1
package/web/api/register.ts +0 -83
package/web/api/schemas.ts +0 -22
package/web/api/session.ts +0 -33
package/web/api/users.ts +0 -340
package/web/api/utils.ts +0 -66
package/web/app.html +0 -14
package/web/auth.ts +0 -8
package/web/index.server.ts +0 -1
package/web/index.ts +0 -1
package/web/lib/auth.ts +0 -12
package/web/lib/index.ts +0 -5
package/web/routes/+layout.svelte +0 -6
package/web/routes/[...path]/+page.server.ts +0 -13
package/web/routes/[appId]/[...page]/+page.server.ts +0 -14
package/web/routes/api/[...path]/+server.ts +0 -49
package/web/utils.ts +0 -26
/package/{web/lib → assets}/icons/light.svg +0 -0
/package/{web/lib → assets}/icons/regular.svg +0 -0
/package/{web/lib → assets}/icons/solid.svg +0 -0
/package/{web/routes → routes}/_axium/default/+page.svelte +0 -0
/package/{web/routes → routes}/login/+page.svelte +0 -0
/package/{web/routes → routes}/logout/+page.svelte +0 -0
/package/{web/routes → routes}/register/+page.svelte +0 -0

package/web/hooks.server.ts CHANGED Viewed

@@ -1,6 +1,17 @@
-import { loadDefaultConfigs } from '@axium/server/config.js';
-import { _markDefaults } from '@axium/server/routes.js';
-import './api/index.js';
+import '@axium/server/api/index';
+import { loadDefaultConfigs } from '@axium/server/config';
+import { clean, database } from '@axium/server/database';
+import { dirs, logger } from '@axium/server/io';
+import { allLogLevels } from 'logzen';
+import { createWriteStream } from 'node:fs';
+import { join } from 'node:path/posix';
-_markDefaults();
+logger.attach(createWriteStream(join(dirs.at(-1), 'server.log')), { output: allLogLevels });
 await loadDefaultConfigs();
+await clean({});
+process.on('beforeExit', async () => {
+	await database.destroy();
+});
+export { handle } from '@axium/server/sveltekit';

package/web/lib/ClipboardCopy.svelte ADDED Viewed

@@ -0,0 +1,42 @@
+<script lang="ts">
+	import { fade } from 'svelte/transition';
+	import { wait } from 'utilium';
+	import Icon from './icons/Icon.svelte';
+	const { value, type = 'text/plain' }: { value: BlobPart; type?: string } = $props();
+	let success = $state(false);
+	async function onclick() {
+		const blob = new Blob([value], { type });
+		const item = new ClipboardItem({ [type]: blob });
+		await navigator.clipboard.write([item]);
+		success = true;
+		await wait(3000);
+		success = false;
+	}
+</script>
+<button {onclick}>
+	{#if success}
+		<span transition:fade><Icon i="check" /></span>
+	{:else}
+		<span transition:fade><Icon i="copy" /></span>
+	{/if}
+</button>
+<style>
+	button {
+		position: relative;
+		display: inline-block;
+		width: 1em;
+		height: 1em;
+		border: none;
+		background: transparent;
+	}
+	span {
+		position: absolute;
+		inset: 0;
+	}
+</style>

package/web/lib/Dialog.svelte CHANGED Viewed

@@ -1,6 +1,5 @@
 <script>
 	let { children, dialog = $bindable(), ...rest } = $props();
-	import './styles.css';
 </script>
 <dialog bind:this={dialog} {...rest}>

package/web/lib/FormDialog.svelte CHANGED Viewed

@@ -1,7 +1,14 @@
 <script lang="ts">
 	import { goto } from '$app/navigation';
+	import { page } from '$app/state';
 	import Dialog from './Dialog.svelte';
-	import './styles.css';
+	function resolveRedirectAfter() {
+		const maybe = page.url.searchParams.get('after');
+		if (!maybe || maybe == page.url.pathname) return '/';
+		for (const prefix of ['/api/']) if (maybe.startsWith(prefix)) return '/';
+		return maybe || '/';
+	}
 	let {
 		children,
@@ -42,7 +49,7 @@
 		const data = Object.fromEntries(new FormData(e.currentTarget));
 		submit(data)
 			.then(result => {
-				if (pageMode) goto('/');
+				if (pageMode) goto(resolveRedirectAfter());
 				else dialog.close();
 			})
 			.catch((e: unknown) => {

package/web/lib/icons/Icon.svelte CHANGED Viewed

@@ -1,20 +1,11 @@
 <script lang="ts">
-	import light from './light.svg';
-	import solid from './solid.svg';
-	import regular from './regular.svg';
-	const urls = { light, solid, regular };
 	const { i } = $props();
-	const [style, id] = i.includes('/') ? i.split('/') : ['solid', i];
-	const url = urls[style];
+	const [style, id] = $derived(i.includes('/') ? i.split('/') : ['solid', i]);
+	const href = $derived(`/icons/${style}.svg#${id}`);
 </script>
-<svelte:head>
-	<link rel="preload" href={url} />
-</svelte:head>
 <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" width="1em" height="1em">
-	<use href="{url}#{id}" />
+	<use {href} />
 </svg>
 <style>

package/web/template.html ADDED Viewed

@@ -0,0 +1,18 @@
+<!doctype html>
+<html lang="en">
+	<head>
+		<meta charset="utf-8" />
+		<link rel="icon" href="%sveltekit.assets%/favicon.svg" />
+		<meta name="viewport" content="width=device-width, initial-scale=1" />
+		<meta name="color-scheme" content="dark light" />
+		<link rel="stylesheet" href="%sveltekit.assets%/styles.css" />
+		<link rel="preload" href="%sveltekit.assets%/icons/light.svg" as="image" type="image/svg+xml" />
+		<link rel="preload" href="%sveltekit.assets%/icons/regular.svg" as="image" type="image/svg+xml" />
+		<link rel="preload" href="%sveltekit.assets%/icons/solid.svg" as="image" type="image/svg+xml" />
+		%sveltekit.head%
+	</head>
+	<body>
+		<div style="display: contents">%sveltekit.body%</div>
+	</body>
+</html>

package/web/tsconfig.json CHANGED Viewed

@@ -1,8 +1,9 @@
 {
+	"$schema": "https://json.schemastore.org/tsconfig",
 	"extends": "../.svelte-kit/tsconfig.json",
 	"compilerOptions": {
-		"target": "ES2021",
+		"target": "ES2023",
 		"lib": ["ESNext", "DOM", "DOM.Iterable"]
 	},
-	"include": ["**/*.ts", "**/*.svelte"]
+	"include": ["./**/*", "../lib"]
 }

package/web/api/metadata.ts DELETED Viewed

@@ -1,35 +0,0 @@
-import type { Result } from '@axium/core/api';
-import { requestMethods } from '@axium/core/requests';
-import { config } from '@axium/server/config.js';
-import { plugins } from '@axium/server/plugins.js';
-import { addRoute, routes } from '@axium/server/routes.js';
-import { error } from '@sveltejs/kit';
-import pkg from '../../package.json' with { type: 'json' };
-addRoute({
-	path: '/api/metadata',
-	async GET(): Result<'GET', 'metadata'> {
-		if (config.api.disable_metadata) {
-			error(401, { message: 'API metadata is disabled' });
-		}
-		return {
-			version: pkg.version,
-			routes: Object.fromEntries(
-				routes
-					.entries()
-					.filter(([path]) => path.startsWith('/api/'))
-					.map(([path, route]) => [
-						path,
-						{
-							params: Object.fromEntries(
-								Object.entries(route.params || {}).map(([key, type]) => [key, type ? type.def.type : null])
-							),
-							methods: requestMethods.filter(m => m in route),
-						},
-					])
-			),
-			plugins: Object.fromEntries(plugins.values().map(plugin => [plugin.id, plugin.version])),
-		};
-	},
-});

package/web/api/passkeys.ts DELETED Viewed

@@ -1,56 +0,0 @@
-import type { Result } from '@axium/core/api';
-import { PasskeyChangeable } from '@axium/core/schemas';
-import { getPasskey } from '@axium/server/auth.js';
-import { database as db } from '@axium/server/database.js';
-import { addRoute } from '@axium/server/routes.js';
-import { error } from '@sveltejs/kit';
-import { omit } from 'utilium';
-import z from 'zod/v4';
-import { checkAuth, parseBody, withError } from './utils';
-addRoute({
-	path: '/api/passkeys/:id',
-	params: {
-		id: z.string(),
-	},
-	async GET(event): Result<'GET', 'passkeys/:id'> {
-		const passkey = await getPasskey(event.params.id);
-		await checkAuth(event, passkey.userId);
-		return omit(passkey, 'counter', 'publicKey');
-	},
-	async PATCH(event): Result<'PATCH', 'passkeys/:id'> {
-		const body = await parseBody(event, PasskeyChangeable);
-		const passkey = await getPasskey(event.params.id);
-		await checkAuth(event, passkey.userId);
-		const result = await db
-			.updateTable('passkeys')
-			.set(body)
-			.where('id', '=', passkey.id)
-			.returningAll()
-			.executeTakeFirstOrThrow()
-			.catch(withError('Could not update passkey'));
-		return omit(result, 'counter', 'publicKey');
-	},
-	async DELETE(event): Result<'DELETE', 'passkeys/:id'> {
-		const passkey = await getPasskey(event.params.id);
-		await checkAuth(event, passkey.userId);
-		const { count } = await db
-			.selectFrom('passkeys')
-			.select(db.fn.countAll().as('count'))
-			.where('userId', '=', passkey.userId)
-			.executeTakeFirstOrThrow();
-		if (Number(count) <= 1) error(409, 'At least one passkey is required');
-		const result = await db
-			.deleteFrom('passkeys')
-			.where('id', '=', passkey.id)
-			.returningAll()
-			.executeTakeFirstOrThrow()
-			.catch(withError('Could not delete passkey'));
-		return omit(result, 'counter', 'publicKey');
-	},
-});

package/web/api/readme.md DELETED Viewed

	@@ -1 +0,0 @@
1	- This is the web-facing API, not a TypeScript API. In this directory you'll find the `addRoute` calls for the built-in `/api` routes along with the utilities and other helpers used.

package/web/api/register.ts DELETED Viewed

@@ -1,83 +0,0 @@
-/** Register a new user. */
-import type { Result } from '@axium/core/api';
-import { APIUserRegistration } from '@axium/core/schemas';
-import { createPasskey, getUser, getUserByEmail } from '@axium/server/auth.js';
-import config from '@axium/server/config.js';
-import { database as db, type Schema } from '@axium/server/database.js';
-import { addRoute } from '@axium/server/routes.js';
-import { generateRegistrationOptions, verifyRegistrationResponse } from '@simplewebauthn/server';
-import { error, type RequestEvent } from '@sveltejs/kit';
-import { randomUUID } from 'node:crypto';
-import z from 'zod/v4';
-import { createSessionData, parseBody, withError } from './utils.js';
-// Map of user ID => challenge
-const registrations = new Map<string, string>();
-async function OPTIONS(event: RequestEvent): Result<'OPTIONS', 'register'> {
-	const { name, email } = await parseBody(event, z.object({ name: z.string().optional(), email: z.email().optional() }));
-	const userId = randomUUID();
-	const user = await getUser(userId);
-	if (user) error(409, { message: 'Generated UUID is already in use, please retry.' });
-	const options = await generateRegistrationOptions({
-		rpName: config.auth.rp_name,
-		rpID: config.auth.rp_id,
-		userName: email ?? userId,
-		userDisplayName: name,
-		attestationType: 'none',
-		excludeCredentials: [],
-		authenticatorSelection: {
-			residentKey: 'preferred',
-			userVerification: 'preferred',
-			authenticatorAttachment: 'platform',
-		},
-	});
-	registrations.set(userId, options.challenge);
-	return { userId, options };
-}
-async function POST(event: RequestEvent): Result<'POST', 'register'> {
-	const { userId, email, name, response } = await parseBody(event, APIUserRegistration);
-	const existing = await getUserByEmail(email);
-	if (existing) error(409, { message: 'Email already in use' });
-	const expectedChallenge = registrations.get(userId);
-	if (!expectedChallenge) error(404, { message: 'No registration challenge found for this user' });
-	registrations.delete(userId);
-	const { verified, registrationInfo } = await verifyRegistrationResponse({
-		response,
-		expectedChallenge,
-		expectedOrigin: config.auth.origin,
-	}).catch(() => error(400, { message: 'Verification failed' }));
-	if (!verified || !registrationInfo) error(401, { message: 'Verification failed' });
-	await db
-		.insertInto('users')
-		.values({ id: userId, name, email } as Schema['users'])
-		.executeTakeFirstOrThrow()
-		.catch(withError('Failed to create user'));
-	await createPasskey({
-		transports: [],
-		...registrationInfo.credential,
-		userId,
-		deviceType: registrationInfo.credentialDeviceType,
-		backedUp: registrationInfo.credentialBackedUp,
-	}).catch(e => error(500, { message: 'Failed to create passkey' + (config.debug ? `: ${e.message}` : '') }));
-	return await createSessionData(event, userId);
-}
-addRoute({
-	path: '/api/register',
-	params: {},
-	OPTIONS,
-	POST,
-});

package/web/api/schemas.ts DELETED Viewed

@@ -1,22 +0,0 @@
-import type { AuthenticatorTransportFuture } from '@simplewebauthn/server';
-import z from 'zod/v4';
-const transports = ['ble', 'cable', 'hybrid', 'internal', 'nfc', 'smart-card', 'usb'] satisfies AuthenticatorTransportFuture[];
-export const authenticatorAttachment = z.enum(['platform', 'cross-platform'] satisfies AuthenticatorAttachment[]).optional();
-export const PasskeyRegistration = z.object({
-	id: z.string(),
-	rawId: z.string(),
-	response: z.object({
-		clientDataJSON: z.string(),
-		attestationObject: z.string(),
-		authenticatorData: z.string().optional(),
-		transports: z.array(z.enum(transports)).optional(),
-		publicKeyAlgorithm: z.number().optional(),
-		publicKey: z.string().optional(),
-	}),
-	authenticatorAttachment,
-	clientExtensionResults: z.record(z.any(), z.any()),
-	type: z.literal('public-key'),
-});

package/web/api/session.ts DELETED Viewed

@@ -1,33 +0,0 @@
-import { authenticate } from '$lib/auth';
-import type { Result } from '@axium/core/api';
-import { connect, database as db } from '@axium/server/database.js';
-import { addRoute } from '@axium/server/routes.js';
-import { error } from '@sveltejs/kit';
-import { omit } from 'utilium';
-import { getToken, stripUser } from './utils';
-addRoute({
-	path: '/api/session',
-	async GET(event): Result<'GET', 'session'> {
-		const result = await authenticate(event);
-		if (!result) error(404, 'Session does not exist');
-		return {
-			...omit(result, 'token'),
-			user: stripUser(result.user, true),
-		};
-	},
-	async DELETE(event): Result<'DELETE', 'session'> {
-		const token = getToken(event);
-		connect();
-		const result = await db
-			.deleteFrom('sessions')
-			.where('sessions.token', '=', token)
-			.returningAll()
-			.executeTakeFirstOrThrow()
-			.catch((e: Error) => (e.message == 'no result' ? error(404, 'Session does not exist') : error(400, 'Invalid session')));
-		return omit(result, 'token');
-	},
-});