@bod.ee/db 0.10.2 → 0.12.1

package/src/server/Transport.ts

@@ -6,6 +6,7 @@ import { AUTH_PREFIX } from './KeyAuthEngine.ts';
 import type { ClientMessage } from '../shared/protocol.ts';
 import { Errors } from '../shared/errors.ts';
 import { normalizePath, pathKey } from '../shared/pathUtils.ts';
+import type { ComponentLogger } from '../shared/logger.ts';
 import { increment, serverTimestamp, arrayUnion, arrayRemove } from '../shared/transforms.ts';
 
 interface VfsTransfer {
@@ -31,20 +32,81 @@ export class TransportOptions {
   staticRoutes?: Record<string, string>;
   /** Custom REST routes checked before 404. Return null to fall through. */
   extraRoutes?: Record<string, (req: Request, url: URL) => Response | Promise<Response> | null>;
+  /** Maximum concurrent WebSocket connections (default 10000) */
+  maxConnections: number = 10000;
+  /** Maximum incoming WebSocket message size in bytes (default 1MB) */
+  maxMessageSize: number = 1_048_576;
+  /** Maximum subscriptions per WebSocket client (default 500) */
+  maxSubscriptionsPerClient: number = 500;
 }
 
 export class Transport {
   readonly options: TransportOptions;
   private server: Server | null = null;
   private _clients = new Set<ServerWebSocket<WsData>>();
+  /** Broadcast groups: path → Set of WS clients */
+  private _valueGroups = new Map<string, Set<ServerWebSocket<WsData>>>();
+  private _childGroups = new Map<string, Set<ServerWebSocket<WsData>>>();
+  /** DB unsub functions for broadcast groups */
+  private _groupUnsubs = new Map<string, () => void>();
+  private _log: ComponentLogger;
   get clientCount(): number { return this._clients.size; }
 
+  /** Send pre-serialized stats directly to subscribed WS clients, bypassing SubscriptionEngine. */
+  broadcastStats(data: unknown, updatedAt: number): void {
+    // Check both exact path and ancestor subscribers
+    const group = this._valueGroups.get('_admin/stats');
+    const adminGroup = this._valueGroups.get('_admin');
+    if (!group?.size && !adminGroup?.size) return;
+    const payload = JSON.stringify({ type: 'value', path: '_admin/stats', data, updatedAt });
+    if (group) for (const c of group) { try { c.send(payload); } catch {} }
+    if (adminGroup) for (const c of adminGroup) { try { c.send(payload); } catch {} }
+  }
+
   constructor(
     private db: BodDB,
     private rules: RulesEngine | null,
     options?: Partial<TransportOptions>,
   ) {
     this.options = { ...new TransportOptions(), ...options };
+    this._log = db.log.forComponent('transport');
+  }
+
+  /** Add a WS client to a broadcast group. Returns the per-client unsub function. */
+  private _addBroadcastSub(ws: ServerWebSocket<WsData>, path: string, event: 'value' | 'child'): () => void {
+    const groups = event === 'value' ? this._valueGroups : this._childGroups;
+    const unsubKey = `${event}:${path}`;
+
+    if (!groups.has(path)) {
+      groups.set(path, new Set());
+      const dbOff = event === 'value'
+        ? this.db.on(path, (snap) => {
+            const group = groups.get(path);
+            if (!group?.size) return;
+            const data = snap.val();
+            const updatedAt = snap.updatedAt ?? this.db.storage.getWithMeta(snap.path)?.updatedAt;
+            const payload = JSON.stringify({ type: 'value', path: snap.path, data, updatedAt });
+            for (const c of group) { try { c.send(payload); } catch {} }
+          })
+        : this.db.onChild(path, (ev) => {
+            const group = groups.get(path);
+            if (!group?.size) return;
+            const payload = JSON.stringify({ type: 'child', path, key: ev.key, data: ev.val(), event: ev.type });
+            for (const c of group) { try { c.send(payload); } catch {} }
+          });
+      this._groupUnsubs.set(unsubKey, dbOff);
+    }
+    groups.get(path)!.add(ws);
+
+    return () => {
+      const group = groups.get(path);
+      group?.delete(ws);
+      if (group?.size === 0) {
+        groups.delete(path);
+        this._groupUnsubs.get(unsubKey)?.();
+        this._groupUnsubs.delete(unsubKey);
+      }
+    };
   }
 
   private async extractAuth(req: Request): Promise<Record<string, unknown> | null> {
@@ -75,6 +137,8 @@ export class Transport {
       }
     }
 
+    if (this._log.isDebug) this._log.debug(`${req.method} ${url.pathname}`);
+
     // REST: GET /db/<path> → get
     if (req.method === 'GET' && url.pathname.startsWith('/db/')) {
       return (async () => {
@@ -255,7 +319,7 @@ export class Transport {
           return Response.json({ ok: true });
         }
 
-        return new Response('Method not allowed', { status: 405 });
+        return Response.json({ ok: false, error: 'Method not allowed', code: Errors.INTERNAL }, { status: 405 });
       })();
     }
 
@@ -275,16 +339,25 @@ export class Transport {
       }
     }
 
-    return new Response('Not Found', { status: 404 });
+    return Response.json({ ok: false, error: 'Not found', code: Errors.NOT_FOUND }, { status: 404 });
   }
 
   /** WebSocket handler config for Bun.serve() */
   get websocketConfig() {
     const self = this;
     return {
-      open(ws: ServerWebSocket<WsData>) { self._clients.add(ws); },
+      open(ws: ServerWebSocket<WsData>) {
+        if (self._clients.size >= self.options.maxConnections) {
+          ws.close(1008, 'At capacity');
+          self._log.warn(`Connection rejected: at capacity (${self.options.maxConnections})`);
+          return;
+        }
+        self._clients.add(ws);
+        self._log.debug(`Client connected (${self._clients.size} total)`);
+      },
       close(ws: ServerWebSocket<WsData>) {
         self._clients.delete(ws);
+        self._log.debug(`Client disconnected (${self._clients.size} total)`);
         for (const off of ws.data.valueSubs.values()) off();
         for (const off of ws.data.childSubs.values()) off();
         for (const off of ws.data.streamSubs.values()) off();
@@ -293,6 +366,11 @@ export class Transport {
         ws.data.streamSubs.clear();
       },
       async message(ws: ServerWebSocket<WsData>, raw: string | Buffer) {
+        const rawLen = typeof raw === 'string' ? Buffer.byteLength(raw) : raw.byteLength;
+        if (rawLen > self.options.maxMessageSize) {
+          ws.send(JSON.stringify({ id: '?', ok: false, error: 'Message too large', code: Errors.INTERNAL }));
+          return;
+        }
         let msg: ClientMessage;
         try {
           msg = JSON.parse(typeof raw === 'string' ? raw : raw.toString());
@@ -303,7 +381,10 @@ export class Transport {
 
         const { id } = msg;
         const reply = (data: unknown, extra?: Record<string, unknown>) => ws.send(JSON.stringify({ id, ok: true, data, ...extra }));
-        const error = (err: string, code: string) => ws.send(JSON.stringify({ id, ok: false, error: err, code }));
+        const error = (err: string, code: string) => {
+          self._log.warn(`WS op=${msg.op} path=${(msg as any).path ?? '—'} → ${err}`);
+          ws.send(JSON.stringify({ id, ok: false, error: err, code }));
+        };
         // Block external writes to _auth/ prefix (only KeyAuthEngine may write)
         const guardAuthPrefix = (path: string) => {
           if (self.options.keyAuth && normalizePath(path).startsWith(AUTH_PREFIX)) {
@@ -394,21 +475,16 @@ export class Transport {
               if (self.rules && !self.rules.check('read', msg.path, ws.data.auth)) {
                 return error('Permission denied', Errors.PERMISSION_DENIED);
               }
+              if (ws.data.valueSubs.size + ws.data.childSubs.size >= self.options.maxSubscriptionsPerClient) {
+                return error('Per-client subscription limit reached', Errors.INTERNAL);
+              }
               const subKey = `${msg.event}:${msg.path}`;
               if (msg.event === 'value') {
                 if (ws.data.valueSubs.has(subKey)) return reply(null);
-                const off = self.db.on(msg.path, (snap) => {
-                  const meta = self.db.storage.getWithMeta(snap.path);
-                  ws.send(JSON.stringify({ type: 'value', path: snap.path, data: snap.val(), updatedAt: meta?.updatedAt }));
-                });
-                ws.data.valueSubs.set(subKey, off);
+                ws.data.valueSubs.set(subKey, self._addBroadcastSub(ws, msg.path, 'value'));
               } else if (msg.event === 'child') {
                 if (ws.data.childSubs.has(subKey)) return reply(null);
-                const subPath = msg.path;
-                const off = self.db.onChild(subPath, (event) => {
-                  ws.send(JSON.stringify({ type: 'child', path: subPath, key: event.key, data: event.val(), event: event.type }));
-                });
-                ws.data.childSubs.set(subKey, off);
+                ws.data.childSubs.set(subKey, self._addBroadcastSub(ws, msg.path, 'child'));
               }
               return reply(null);
             }
@@ -677,6 +753,14 @@ export class Transport {
               }
               return reply(self.db.vfs.list(msg.path));
             }
+            case 'vfs-tree': {
+              if (!self.db.vfs) return error('VFS not configured', Errors.INTERNAL);
+              if (self.rules && !self.rules.check('read', `_vfs/${msg.path}`, ws.data.auth)) {
+                return error('Permission denied', Errors.PERMISSION_DENIED);
+              }
+              const hiddenPaths = msg.hiddenPaths ? new Set(msg.hiddenPaths) : undefined;
+              return reply(self.db.vfs.tree(msg.path, { hiddenPaths, hideDotfiles: msg.hideDotfiles }));
+            }
             case 'vfs-delete': {
               if (!self.db.vfs) return error('VFS not configured', Errors.INTERNAL);
               if (self.rules && !self.rules.check('write', `_vfs/${msg.path}`, ws.data.auth)) {
@@ -708,10 +792,14 @@ export class Transport {
             case 'auth-verify': {
               if (!self.options.keyAuth) return error('KeyAuth not configured', Errors.INTERNAL);
               const result = self.options.keyAuth.verify(msg.publicKey, msg.signature, msg.nonce);
-              if (!result) return error('Authentication failed', Errors.AUTH_REQUIRED);
+              if (!result) {
+                self._log.warn(`Auth failed for key ${msg.publicKey?.slice(0, 16)}…`);
+                return error('Authentication failed', Errors.AUTH_REQUIRED);
+              }
               // Also set ws auth context
               const ctx = self.options.keyAuth.validateToken(result.token);
               if (ctx) ws.data.auth = ctx as unknown as Record<string, unknown>;
+              self._log.info(`Auth succeeded: ${(ctx as any)?.fingerprint?.slice(0, 12) ?? 'unknown'}…`);
               return reply(result);
             }
             case 'auth-link-device': {
@@ -856,6 +944,20 @@ export class Transport {
               return reply(info);
             }
 
+            case 'batch-sub': {
+              let count = 0;
+              for (const sub of msg.subscriptions) {
+                if (self.rules && !self.rules.check('read', sub.path, ws.data.auth)) continue;
+                if (ws.data.valueSubs.size + ws.data.childSubs.size >= self.options.maxSubscriptionsPerClient) break;
+                const bSubKey = `${sub.event}:${sub.path}`;
+                const subsMap = sub.event === 'value' ? ws.data.valueSubs : ws.data.childSubs;
+                if (subsMap.has(bSubKey)) { count++; continue; }
+                subsMap.set(bSubKey, self._addBroadcastSub(ws, sub.path, sub.event as 'value' | 'child'));
+                count++;
+              }
+              return reply({ subscribed: count });
+            }
+
             case 'transform': {
               const { path: tPath, type, value: tVal } = msg as any;
               let sentinel: unknown;
@@ -887,11 +989,19 @@ export class Transport {
               return reply(summary);
             }
 
+            case 'admin-stats-toggle': {
+              const enable = msg.enabled;
+              if (enable) self.db.startStatsPublisher();
+              else self.db.stopStatsPublisher();
+              return reply({ enabled: self.db.statsEnabled });
+            }
+
             default:
               return error('Unknown operation', Errors.INTERNAL);
           }
         } catch (e: unknown) {
           const message = e instanceof Error ? e.message : 'Internal error';
+          self._log.error(`op=${msg.op} path=${msg.path ?? '—'} error: ${message}`);
           return error(message, Errors.INTERNAL);
         }
       },

package/src/server/VFSEngine.ts

@@ -183,6 +183,33 @@ export class VFSEngine {
     return results;
   }
 
+  tree(virtualPath: string, opts?: { hiddenPaths?: Set<string>; hideDotfiles?: boolean }): any[] {
+    const hiddenPaths = opts?.hiddenPaths ?? new Set<string>();
+    const hideDotfiles = opts?.hideDotfiles ?? false;
+
+    const walk = (vPath: string): any[] => {
+      const stats = this.list(vPath);
+      stats.sort((a, b) => {
+        if (a.isDir !== b.isDir) return a.isDir ? -1 : 1;
+        return a.name.localeCompare(b.name);
+      });
+      const result: any[] = [];
+      for (const s of stats) {
+        if (hiddenPaths.has(s.name)) continue;
+        if (hideDotfiles && s.name.startsWith('.')) continue;
+        if (s.isDir) {
+          const childPath = vPath ? `${vPath}/${s.name}` : s.name;
+          result.push({ name: s.name, type: 'directory', children: walk(childPath) });
+        } else {
+          result.push({ name: s.name, type: 'file' });
+        }
+      }
+      return result;
+    };
+
+    return walk(normalizePath(virtualPath));
+  }
+
   mkdir(virtualPath: string): FileStat {
     const vp = normalizePath(virtualPath);
     const name = vp.split('/').pop()!;

package/src/shared/keyAuth.ts

@@ -119,10 +119,10 @@ const PBKDF2_ITERATIONS = 100_000;
 const PBKDF2_KEYLEN = 32; // 256 bits
 const PBKDF2_DIGEST = 'sha256';
 
-export function encryptPrivateKey(privateKeyDer: Uint8Array, password: string): { encrypted: string; salt: string; iv: string; authTag: string } {
+export function encryptPrivateKey(privateKeyDer: Uint8Array, password: string, iterations?: number): { encrypted: string; salt: string; iv: string; authTag: string } {
   const salt = randomBytes(16);
   const iv = randomBytes(12); // 96-bit for GCM
-  const derivedKey = pbkdf2Sync(password, salt, PBKDF2_ITERATIONS, PBKDF2_KEYLEN, PBKDF2_DIGEST);
+  const derivedKey = pbkdf2Sync(password, salt, iterations ?? PBKDF2_ITERATIONS, PBKDF2_KEYLEN, PBKDF2_DIGEST);
   const cipher = createCipheriv('aes-256-gcm', derivedKey, iv);
   const encrypted = Buffer.concat([cipher.update(privateKeyDer), cipher.final()]);
   const authTag = cipher.getAuthTag();
@@ -134,8 +134,8 @@ export function encryptPrivateKey(privateKeyDer: Uint8Array, password: string):
   };
 }
 
-export function decryptPrivateKey(encrypted: string, salt: string, iv: string, authTag: string, password: string): Uint8Array {
-  const derivedKey = pbkdf2Sync(password, Buffer.from(salt, 'base64'), PBKDF2_ITERATIONS, PBKDF2_KEYLEN, PBKDF2_DIGEST);
+export function decryptPrivateKey(encrypted: string, salt: string, iv: string, authTag: string, password: string, iterations?: number): Uint8Array {
+  const derivedKey = pbkdf2Sync(password, Buffer.from(salt, 'base64'), iterations ?? PBKDF2_ITERATIONS, PBKDF2_KEYLEN, PBKDF2_DIGEST);
   const decipher = createDecipheriv('aes-256-gcm', derivedKey, Buffer.from(iv, 'base64'));
   decipher.setAuthTag(Buffer.from(authTag, 'base64'));
   const decrypted = Buffer.concat([decipher.update(Buffer.from(encrypted, 'base64')), decipher.final()]);

package/src/shared/logger.ts

@@ -0,0 +1,68 @@
+/**
+ * BodDB internal logger — config-driven, zero-dependency.
+ * Disabled by default. Enable via `log` option in BodDBOptions.
+ */
+
+export type LogLevel = 'debug' | 'info' | 'warn' | 'error';
+
+export interface LogConfig {
+  /** Enable logging (default: false) */
+  enabled?: boolean;
+  /** Minimum log level (default: 'info') */
+  level?: LogLevel;
+  /** Enable specific components: ['storage', 'transport', 'subs', 'replication', 'stats', 'keyauth'] or '*' for all */
+  components?: string[] | '*';
+}
+
+const LEVELS: Record<LogLevel, number> = { debug: 0, info: 1, warn: 2, error: 3 };
+
+export class Logger {
+  private enabled: boolean;
+  private minLevel: number;
+  private components: Set<string> | '*';
+  private _cache = new Map<string, ComponentLogger>();
+
+  constructor(config?: LogConfig) {
+    this.enabled = config?.enabled ?? false;
+    this.minLevel = LEVELS[config?.level ?? 'info'];
+    this.components = config?.components === '*' ? '*' : new Set(config?.components ?? []);
+  }
+
+  forComponent(name: string): ComponentLogger {
+    let cl = this._cache.get(name);
+    if (!cl) { cl = new ComponentLogger(this, name); this._cache.set(name, cl); }
+    return cl;
+  }
+
+  shouldLog(level: LogLevel, component: string): boolean {
+    if (!this.enabled) return false;
+    if (LEVELS[level] < this.minLevel) return false;
+    if (this.components !== '*' && !this.components.has(component)) return false;
+    return true;
+  }
+
+  log(level: LogLevel, component: string, msg: string, data?: unknown): void {
+    if (!this.shouldLog(level, component)) return;
+    const ts = new Date().toISOString().slice(11, 23);
+    const prefix = `[${ts}] [${level.toUpperCase()}] [${component}]`;
+    if (data !== undefined) {
+      console[level === 'debug' ? 'log' : level](prefix, msg, data);
+    } else {
+      console[level === 'debug' ? 'log' : level](prefix, msg);
+    }
+  }
+}
+
+export class ComponentLogger {
+  readonly isDebug: boolean;
+  constructor(private logger: Logger, private component: string) {
+    this.isDebug = logger.shouldLog('debug', component);
+  }
+  debug(msg: string, data?: unknown) { this.logger.log('debug', this.component, msg, data); }
+  info(msg: string, data?: unknown) { this.logger.log('info', this.component, msg, data); }
+  warn(msg: string, data?: unknown) { this.logger.log('warn', this.component, msg, data); }
+  error(msg: string, data?: unknown) { this.logger.log('error', this.component, msg, data); }
+}
+
+/** Global no-op logger (used when logging disabled) */
+export const noopLogger = new Logger();

package/src/shared/protocol.ts

@@ -36,6 +36,7 @@ export type ClientMessage =
   | { id: string; op: 'vfs-download-init'; path: string }
   | { id: string; op: 'vfs-stat'; path: string }
   | { id: string; op: 'vfs-list'; path: string }
+  | { id: string; op: 'vfs-tree'; path: string; hiddenPaths?: string[]; hideDotfiles?: boolean }
   | { id: string; op: 'vfs-delete'; path: string }
   | { id: string; op: 'vfs-mkdir'; path: string }
   | { id: string; op: 'vfs-move'; path: string; dst: string }
@@ -65,7 +66,9 @@ export type ClientMessage =
   | { id: string; op: 'transform'; path: string; type: string; value?: unknown }
   | { id: string; op: 'set-ttl'; path: string; value: unknown; ttl: number }
   | { id: string; op: 'sweep' }
-  | { id: string; op: 'get-rules' };
+  | { id: string; op: 'get-rules' }
+  | { id: string; op: 'batch-sub'; subscriptions: Array<{ path: string; event: SubEvent }> }
+  | { id: string; op: 'admin-stats-toggle'; enabled: boolean };
 
 // Server → Client messages
 export type ServerMessage =