@bgord/bun 0.17.0 → 0.18.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bgord/bun",
-  "version": "0.17.0",
+  "version": "0.18.0",
   "license": "MIT",
   "type": "module",
   "author": "Bartosz Gordon",
@@ -23,12 +23,12 @@
     "@biomejs/biome": "2.0.6",
     "@commitlint/cli": "19.8.1",
     "@commitlint/config-conventional": "19.8.1",
-    "@types/bun": "1.2.18",
+    "@types/bun": "1.2.19",
     "@types/lodash": "4.17.20",
     "@types/mime-types": "3.0.1",
     "@types/nodemailer": "6.4.17",
-    "cspell": "9.1.5",
-    "knip": "5.61.3",
+    "cspell": "9.2.0",
+    "knip": "5.62.0",
     "lefthook": "1.12.2",
     "only-allow": "1.2.1",
     "shellcheck": "3.1.0",
@@ -36,14 +36,14 @@
   },
   "dependencies": {
     "@axiomhq/winston": "1.3.1",
-    "@bgord/tools": "0.11.1",
-    "@hono/ua-blocker": "0.1.5",
+    "@bgord/tools": "0.12.0",
+    "@hono/ua-blocker": "0.1.6",
+    "better-auth": "1.3.2",
     "check-disk-space": "3.4.0",
     "croner": "9.1.0",
     "hcaptcha": "0.2.0",
-    "hono": "4.8.4",
+    "hono": "4.8.5",
     "lodash": "4.17.21",
-    "lucia": "3.2.2",
     "mime-types": "3.0.1",
     "node-cache": "5.1.2",
     "nodemailer": "7.0.5",

package/readme.md

@@ -67,7 +67,6 @@ src/
 ├── new-uuid.service.ts
 ├── node-env.vo.ts
 ├── open-graph.service.ts
-├── passwords.vo.ts
 ├── path.vo.ts
 ├── policy-error-handler.service.ts
 ├── policy.service.ts
@@ -95,7 +94,6 @@ src/
 ├── rate-limit-shield.middleware.ts
 ├── recaptcha-shield.middleware.ts
 ├── safe-parse-body.service.ts
-├── session-id.vo.ts
 ├── setup.service.ts
 ├── simulated-error.middleware.ts
 ├── sitemap.service.ts
@@ -105,7 +103,6 @@ src/
 ├── translations.service.ts
 ├── uptime.service.ts
 ├── url-wo-trailing-slash.vo.ts
-├── username.vo.ts
 ├── uuid.vo.ts
 └── weak-etag-extractor.middleware.ts
 ```

package/src/auth-shield.middleware.ts

@@ -1,44 +1,37 @@
+// TODO: tests
+
+import type { betterAuth } from "better-auth";
 import hono from "hono";
 import { createMiddleware } from "hono/factory";
 import { HTTPException } from "hono/http-exception";
-import { Lucia } from "lucia";
-
-import { HashedPassword, Password, PasswordType } from "./passwords.vo";
-import { SessionId } from "./session-id.vo";
-import { IdType, Username } from "./username.vo";
-
-type AuthShieldConfigType<T> = {
-  Username: typeof Username;
-  Password: typeof Password;
-  HashedPassword: typeof HashedPassword;
-  lucia: Lucia;
-  findUniqueUserOrThrow: (username: Username) => Promise<T>;
-};
 
 export const AccessDeniedAuthShieldError = new HTTPException(403, {
   message: "access_denied_auth_shield",
 });
 
-export class AuthShield<T extends { password: PasswordType; id: IdType }> {
-  private readonly config: AuthShieldConfigType<T>;
+export class AuthShield {
+  cors = {
+    origin: ["http://localhost:5173", "http://localhost:3000"],
+    credentials: true,
+    allowHeaders: ["Content-Type"],
+    exposeHeaders: ["Set-Cookie"],
+  };
+
+  constructor(private readonly Auth: ReturnType<typeof betterAuth>) {}
 
-  constructor(
-    overrides: Omit<AuthShieldConfigType<T>, "Username" | "Password" | "HashedPassword"> & {
-      Username?: typeof Username;
-      Password?: typeof Password;
-      HashedPassword?: typeof HashedPassword;
-    },
-  ) {
-    const config = {
-      Username: overrides.Username ?? Username,
-      Password: overrides.Password ?? Password,
-      HashedPassword: overrides.HashedPassword ?? HashedPassword,
-      lucia: overrides.lucia,
-      findUniqueUserOrThrow: overrides.findUniqueUserOrThrow,
-    };
+  attach = createMiddleware(async (c: hono.Context, next: hono.Next) => {
+    const session = await this.Auth.api.getSession({ headers: c.req.raw.headers });
+
+    if (!session) {
+      c.set("user", null);
+      c.set("session", null);
+      return next();
+    }
 
-    this.config = config;
-  }
+    c.set("user", session.user);
+    c.set("session", session.session);
+    return next();
+  });
 
   verify = createMiddleware(async (c: hono.Context, next: hono.Next) => {
     const user = c.get("user");
@@ -59,70 +52,4 @@ export class AuthShield<T extends { password: PasswordType; id: IdType }> {
 
     return next();
   });
-
-  detach = createMiddleware(async (c: hono.Context, next: hono.Next) => {
-    const cookie = c.req.header("cookie");
-
-    const sessionId = new SessionId(cookie, this.config.lucia).get();
-
-    if (!sessionId) return next();
-
-    await this.config.lucia.invalidateSession(sessionId);
-
-    return next();
-  });
-
-  build = createMiddleware(async (c: hono.Context, next: hono.Next) => {
-    const cookie = c.req.header("cookie");
-
-    const sessionId = new SessionId(cookie, this.config.lucia).get();
-
-    if (!sessionId) {
-      c.set("user", null);
-      c.set("session", null);
-
-      return next();
-    }
-
-    const { session, user } = await this.config.lucia.validateSession(sessionId);
-
-    if (!session) {
-      c.res.headers.set("Set-Cookie", this.config.lucia.createBlankSessionCookie().serialize());
-      c.set("user", null);
-      c.set("session", null);
-
-      return next();
-    }
-
-    if (session.fresh) {
-      c.res.headers.set("Set-Cookie", this.config.lucia.createSessionCookie(session.id).serialize());
-    }
-    c.set("user", user);
-    c.set("session", session);
-
-    return next();
-  });
-
-  attach = createMiddleware(async (c: hono.Context, next: hono.Next) => {
-    try {
-      const body = await c.req.raw.clone().formData();
-
-      const username = new this.config.Username(body.get("username") as string);
-      const password = new this.config.Password(body.get("password") as string);
-
-      const user = await this.config.findUniqueUserOrThrow(username);
-
-      const hashedPassword = await this.config.HashedPassword.fromHash(user.password);
-      await hashedPassword.matchesOrThrow(password);
-
-      const session = await this.config.lucia.createSession(user.id, {});
-      const sessionCookie = this.config.lucia.createSessionCookie(session.id);
-
-      c.res.headers.set("Set-Cookie", sessionCookie.serialize());
-
-      return next();
-    } catch (_error) {
-      throw AccessDeniedAuthShieldError;
-    }
-  });
 }

package/src/index.ts

@@ -41,7 +41,6 @@ export * from "./memory-consumption.service";
 export * from "./new-uuid.service";
 export * from "./node-env.vo";
 export * from "./open-graph.service";
-export * from "./passwords.vo";
 export * from "./path.vo";
 export * from "./policy.service";
 export * from "./policy-error-handler.service";
@@ -51,7 +50,6 @@ export * from "./prerequisites.service";
 export * from "./rate-limit-shield.middleware";
 export * from "./recaptcha-shield.middleware";
 export * from "./safe-parse-body.service";
-export * from "./session-id.vo";
 export * from "./setup.service";
 export * from "./simulated-error.middleware";
 export * from "./sitemap.service";
@@ -61,6 +59,5 @@ export * from "./to-event-map.types";
 export * from "./translations.service";
 export * from "./uptime.service";
 export * from "./url-wo-trailing-slash.vo";
-export * from "./username.vo";
 export * from "./uuid.vo";
 export * from "./weak-etag-extractor.middleware";

package/src/policy.service.ts

@@ -4,7 +4,7 @@ import type { ContentfulStatusCode } from "hono/utils/http-status";
 type BasePolicyConfig = Record<string, unknown>;
 
 export abstract class Policy<T extends BasePolicyConfig> {
-  abstract fails(config: T): Promise<boolean> | boolean;
+  abstract fails(config: T): boolean;
 
   abstract error: Constructor<Error>;
 
@@ -16,13 +16,13 @@ export abstract class Policy<T extends BasePolicyConfig> {
     throw new this.error();
   }
 
-  async perform(config: T) {
-    if (await this.fails(config)) {
+  perform(config: T) {
+    if (this.fails(config)) {
       this.throw();
     }
   }
 
-  async passes(config: T) {
-    return !(await this.fails(config));
+  passes(config: T) {
+    return !this.fails(config);
   }
 }

package/src/setup.service.ts

@@ -23,17 +23,25 @@ export const BODY_LIMIT_MAX_SIZE = new tools.Size({
   unit: tools.SizeUnit.kB,
 }).toBytes();
 
+// TODO: test custom cors options
+type CorsOptions = Parameters<typeof cors>[0];
+
+type SetupOverridesType = { cors?: CorsOptions };
+
 export class Setup {
-  static essentials(logger: Logger, i18n: I18nConfigType) {
+  static essentials(logger: Logger, i18n: I18nConfigType, overrides?: SetupOverridesType) {
+    const corsOptions = overrides?.cors ?? { origin: "*" };
+
     return [
       secureHeaders(),
       bodyLimit({ maxSize: BODY_LIMIT_MAX_SIZE }),
       uaBlocker({ blocklist: BOTS_REGEX }),
       ApiVersion.attach,
-      cors({ origin: "*" }),
+      cors(corsOptions),
       languageDetector({
         supportedLanguages: Object.keys(i18n.supportedLanguages),
         fallbackLanguage: i18n.defaultLanguage,
+        caches: false,
       }),
       requestId({ limitLength: 36, headerName: "x-correlation-id" }),
       TimeZoneOffset.attach,

package/dist/passwords.vo.d.ts

@@ -1,21 +0,0 @@
-import { z } from "zod/v4";
-export type PasswordType = string;
-type HashedPasswordType = string;
-export declare class Password {
-    private schema;
-    private value;
-    constructor(value: PasswordType, schema?: z.ZodSchema);
-    hash(): Promise<HashedPassword>;
-    read(): PasswordType;
-}
-export declare class HashedPassword {
-    private value;
-    private constructor();
-    static fromPassword(password: Password): Promise<HashedPassword>;
-    static fromHash(value: HashedPasswordType): Promise<HashedPassword>;
-    read(): HashedPasswordType;
-    matches(password: Password): Promise<boolean>;
-    matchesOrThrow(password: Password): Promise<true>;
-}
-export {};
-//# sourceMappingURL=passwords.vo.d.ts.map

package/dist/passwords.vo.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"passwords.vo.d.ts","sourceRoot":"","sources":["../src/passwords.vo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,QAAQ,CAAC;AAE3B,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAElC,KAAK,kBAAkB,GAAG,MAAM,CAAC;AAEjC,qBAAa,QAAQ;IACnB,OAAO,CAAC,MAAM,CAA2C;IAEzD,OAAO,CAAC,KAAK,CAAe;gBAEhB,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,SAAS;IAK/C,IAAI,IAAI,OAAO,CAAC,cAAc,CAAC;IAIrC,IAAI,IAAI,YAAY;CAGrB;AAED,qBAAa,cAAc;IACL,OAAO,CAAC,KAAK;IAAjC,OAAO;WAEM,YAAY,CAAC,QAAQ,EAAE,QAAQ;WAM/B,QAAQ,CAAC,KAAK,EAAE,kBAAkB;IAI/C,IAAI,IAAI,kBAAkB;IAIpB,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAI7C,cAAc,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;CASxD"}

package/dist/passwords.vo.js

@@ -1,42 +0,0 @@
-import { z } from "zod/v4";
-export class Password {
-    schema = z.string().min(1).max(256);
-    value;
-    constructor(value, schema) {
-        this.schema = schema ?? this.schema;
-        this.value = this.schema.parse(value);
-    }
-    async hash() {
-        return HashedPassword.fromPassword(this);
-    }
-    read() {
-        return this.value;
-    }
-}
-export class HashedPassword {
-    value;
-    constructor(value) {
-        this.value = value;
-    }
-    static async fromPassword(password) {
-        const hash = await Bun.password.hash(password.read());
-        return new HashedPassword(hash);
-    }
-    static async fromHash(value) {
-        return new HashedPassword(value);
-    }
-    read() {
-        return this.value;
-    }
-    async matches(password) {
-        return Bun.password.verify(password.read(), this.read());
-    }
-    async matchesOrThrow(password) {
-        const matches = await Bun.password.verify(password.read(), this.read());
-        if (!matches) {
-            throw new Error("HashedPassword does not match the provided password");
-        }
-        return true;
-    }
-}
-//# sourceMappingURL=passwords.vo.js.map

package/dist/passwords.vo.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"passwords.vo.js","sourceRoot":"","sources":["../src/passwords.vo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,QAAQ,CAAC;AAM3B,MAAM,OAAO,QAAQ;IACX,MAAM,GAAgB,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAEjD,KAAK,CAAe;IAE5B,YAAY,KAAmB,EAAE,MAAoB;QACnD,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QACpC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAiB,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,OAAO,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;IAED,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF;AAED,MAAM,OAAO,cAAc;IACG;IAA5B,YAA4B,KAAyB;QAAzB,UAAK,GAAL,KAAK,CAAoB;IAAG,CAAC;IAEzD,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,QAAkB;QAC1C,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QAEtD,OAAO,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAyB;QAC7C,OAAO,IAAI,cAAc,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAED,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,OAAO,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,QAAkB;QACrC,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAExE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}

package/dist/session-id.vo.d.ts

@@ -1,7 +0,0 @@
-import { Lucia } from "lucia";
-export declare class SessionId {
-    private value;
-    constructor(cookie: string | undefined, lucia: Lucia);
-    get(): SessionId["value"];
-}
-//# sourceMappingURL=session-id.vo.d.ts.map

package/dist/session-id.vo.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-id.vo.d.ts","sourceRoot":"","sources":["../src/session-id.vo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;AAE9B,qBAAa,SAAS;IACpB,OAAO,CAAC,KAAK,CAAgB;gBAEjB,MAAM,EAAE,MAAM,GAAG,SAAS,EAAE,KAAK,EAAE,KAAK;IAIpD,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC;CAG1B"}

package/dist/session-id.vo.js

@@ -1,10 +0,0 @@
-export class SessionId {
-    value;
-    constructor(cookie, lucia) {
-        this.value = lucia.readSessionCookie(cookie ?? "");
-    }
-    get() {
-        return this.value;
-    }
-}
-//# sourceMappingURL=session-id.vo.js.map

package/dist/session-id.vo.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-id.vo.js","sourceRoot":"","sources":["../src/session-id.vo.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,SAAS;IACZ,KAAK,CAAgB;IAE7B,YAAY,MAA0B,EAAE,KAAY;QAClD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,iBAAiB,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,GAAG;QACD,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}

package/dist/username.vo.d.ts

@@ -1,11 +0,0 @@
-import { z } from "zod/v4";
-export type IdType = string;
-type UsernameType = string;
-export declare class Username {
-    private readonly schema;
-    private readonly value;
-    constructor(value: UsernameType, schema?: z.ZodSchema);
-    read(): UsernameType;
-}
-export {};
-//# sourceMappingURL=username.vo.d.ts.map

package/dist/username.vo.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"username.vo.d.ts","sourceRoot":"","sources":["../src/username.vo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,QAAQ,CAAC;AAE3B,MAAM,MAAM,MAAM,GAAG,MAAM,CAAC;AAE5B,KAAK,YAAY,GAAG,MAAM,CAAC;AAE3B,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoC;IAE3D,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAe;gBAEzB,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,SAAS;IAKrD,IAAI,IAAI,YAAY;CAGrB"}

package/dist/username.vo.js

@@ -1,13 +0,0 @@
-import { z } from "zod/v4";
-export class Username {
-    schema = z.string().max(256);
-    value;
-    constructor(value, schema) {
-        this.schema = schema ?? this.schema;
-        this.value = this.schema.parse(value);
-    }
-    read() {
-        return this.value;
-    }
-}
-//# sourceMappingURL=username.vo.js.map

package/dist/username.vo.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"username.vo.js","sourceRoot":"","sources":["../src/username.vo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,QAAQ,CAAC;AAM3B,MAAM,OAAO,QAAQ;IACF,MAAM,GAAgB,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAE1C,KAAK,CAAe;IAErC,YAAY,KAAmB,EAAE,MAAoB;QACnD,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QACpC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAiB,CAAC;IACxD,CAAC;IAED,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}

package/src/passwords.vo.ts

@@ -1,56 +0,0 @@
-import { z } from "zod/v4";
-
-export type PasswordType = string;
-
-type HashedPasswordType = string;
-
-export class Password {
-  private schema: z.ZodSchema = z.string().min(1).max(256);
-
-  private value: PasswordType;
-
-  constructor(value: PasswordType, schema?: z.ZodSchema) {
-    this.schema = schema ?? this.schema;
-    this.value = this.schema.parse(value) as PasswordType;
-  }
-
-  async hash(): Promise<HashedPassword> {
-    return HashedPassword.fromPassword(this);
-  }
-
-  read(): PasswordType {
-    return this.value;
-  }
-}
-
-export class HashedPassword {
-  private constructor(private value: HashedPasswordType) {}
-
-  static async fromPassword(password: Password) {
-    const hash = await Bun.password.hash(password.read());
-
-    return new HashedPassword(hash);
-  }
-
-  static async fromHash(value: HashedPasswordType) {
-    return new HashedPassword(value);
-  }
-
-  read(): HashedPasswordType {
-    return this.value;
-  }
-
-  async matches(password: Password): Promise<boolean> {
-    return Bun.password.verify(password.read(), this.read());
-  }
-
-  async matchesOrThrow(password: Password): Promise<true> {
-    const matches = await Bun.password.verify(password.read(), this.read());
-
-    if (!matches) {
-      throw new Error("HashedPassword does not match the provided password");
-    }
-
-    return true;
-  }
-}

package/src/session-id.vo.ts

@@ -1,13 +0,0 @@
-import { Lucia } from "lucia";
-
-export class SessionId {
-  private value: string | null;
-
-  constructor(cookie: string | undefined, lucia: Lucia) {
-    this.value = lucia.readSessionCookie(cookie ?? "");
-  }
-
-  get(): SessionId["value"] {
-    return this.value;
-  }
-}

package/src/username.vo.ts

@@ -1,20 +0,0 @@
-import { z } from "zod/v4";
-
-export type IdType = string;
-
-type UsernameType = string;
-
-export class Username {
-  private readonly schema: z.ZodSchema = z.string().max(256);
-
-  private readonly value: UsernameType;
-
-  constructor(value: UsernameType, schema?: z.ZodSchema) {
-    this.schema = schema ?? this.schema;
-    this.value = this.schema.parse(value) as UsernameType;
-  }
-
-  read(): UsernameType {
-    return this.value;
-  }
-}