npm - @c15t/backend - Versions diffs - 2.0.0-rc.4 → 2.0.0-rc.5 - Mend

@c15t/backend 2.0.0-rc.4 → 2.0.0-rc.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (308) hide show

package/dist/core.cjs +830 -74
package/dist/core.js +807 -75
package/dist/db/schema.cjs +37 -0
package/dist/db/schema.js +33 -2
package/dist/edge.cjs +1106 -0
package/dist/edge.js +1069 -0
package/dist/router.cjs +613 -64
package/dist/router.js +613 -64
package/{dist → dist-types}/cache/adapters/cloudflare-kv.d.ts +0 -1
package/{dist → dist-types}/cache/adapters/index.d.ts +0 -1
package/{dist → dist-types}/cache/adapters/memory.d.ts +0 -1
package/{dist → dist-types}/cache/adapters/upstash-redis.d.ts +0 -1
package/{dist → dist-types}/cache/gvl-resolver.d.ts +1 -2
package/{dist → dist-types}/cache/index.d.ts +0 -1
package/{dist → dist-types}/cache/keys.d.ts +0 -1
package/{dist → dist-types}/cache/types.d.ts +0 -1
package/{dist → dist-types}/core.d.ts +8 -1
package/{dist → dist-types}/db/migrator/index.d.ts +0 -1
package/{dist → dist-types}/db/registry/consent-policy.d.ts +0 -1
package/{dist → dist-types}/db/registry/consent-purpose.d.ts +0 -1
package/{dist → dist-types}/db/registry/domain.d.ts +0 -1
package/{dist → dist-types}/db/registry/index.d.ts +22 -2
package/dist-types/db/registry/runtime-policy-decision.d.ts +60 -0
package/{dist → dist-types}/db/registry/subject.d.ts +0 -1
package/{dist → dist-types}/db/registry/types.d.ts +1 -2
package/{dist → dist-types}/db/registry/utils/generate-id.d.ts +0 -1
package/{dist → dist-types}/db/registry/utils.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/audit-log.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/consent-policy.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/consent-purpose.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/consent-record.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/consent.d.ts +1 -2
package/{dist → dist-types}/db/schema/1.0.0/domain.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/index.d.ts +0 -1
package/{dist → dist-types}/db/schema/1.0.0/subject.d.ts +0 -1
package/{dist → dist-types}/db/schema/2.0.0/audit-log.d.ts +1 -2
package/{dist → dist-types}/db/schema/2.0.0/consent-policy.d.ts +1 -2
package/{dist → dist-types}/db/schema/2.0.0/consent-purpose.d.ts +1 -2
package/{dist → dist-types}/db/schema/2.0.0/consent.d.ts +5 -2
package/{dist → dist-types}/db/schema/2.0.0/domain.d.ts +1 -2
package/{dist → dist-types}/db/schema/2.0.0/index.d.ts +432 -17
package/dist-types/db/schema/2.0.0/runtime-policy-decision.d.ts +23 -0
package/{dist → dist-types}/db/schema/2.0.0/subject.d.ts +1 -2
package/{dist → dist-types}/db/schema/index.d.ts +862 -33
package/{dist → dist-types}/db/tenant-scope.d.ts +0 -1
package/{dist → dist-types}/define-config.d.ts +0 -1
package/dist-types/edge/index.d.ts +5 -0
package/dist-types/edge/init-handler.d.ts +38 -0
package/dist-types/edge/resolve-consent.d.ts +80 -0
package/dist-types/edge/types.d.ts +13 -0
package/{dist → dist-types}/handlers/consent/check.handler.d.ts +0 -1
package/{src/handlers/consent/index.ts → dist-types/handlers/consent/index.d.ts} +0 -1
package/{dist → dist-types}/handlers/init/geo.d.ts +2 -3
package/{dist → dist-types}/handlers/init/index.d.ts +4 -5
package/dist-types/handlers/init/policy.d.ts +26 -0
package/dist-types/handlers/init/resolve-init.d.ts +44 -0
package/dist-types/handlers/init/translations.d.ts +48 -0
package/dist-types/handlers/policy/snapshot.d.ts +99 -0
package/{src/handlers/status/index.ts → dist-types/handlers/status/index.d.ts} +0 -1
package/{dist → dist-types}/handlers/status/status.handler.d.ts +0 -1
package/{dist → dist-types}/handlers/subject/get.handler.d.ts +0 -1
package/{src/handlers/subject/index.ts → dist-types/handlers/subject/index.d.ts} +0 -1
package/{dist → dist-types}/handlers/subject/list.handler.d.ts +0 -1
package/{dist → dist-types}/handlers/subject/patch.handler.d.ts +0 -1
package/{dist → dist-types}/handlers/subject/post.handler.d.ts +12 -1
package/{dist → dist-types}/handlers/utils/consent-enrichment.d.ts +0 -1
package/{dist → dist-types}/init.d.ts +0 -1
package/{dist → dist-types}/middleware/auth/index.d.ts +0 -1
package/{dist → dist-types}/middleware/auth/validate-api-key.d.ts +0 -1
package/{dist → dist-types}/middleware/cors/cors.d.ts +0 -1
package/{src/middleware/cors/index.ts → dist-types/middleware/cors/index.d.ts} +0 -1
package/{dist → dist-types}/middleware/cors/is-origin-trusted.d.ts +1 -2
package/{dist → dist-types}/middleware/cors/process-cors.d.ts +0 -1
package/{dist → dist-types}/middleware/openapi/config.d.ts +0 -1
package/{dist → dist-types}/middleware/openapi/handlers.d.ts +0 -1
package/{src/middleware/openapi/index.ts → dist-types/middleware/openapi/index.d.ts} +0 -1
package/{dist → dist-types}/middleware/process-ip/index.d.ts +0 -1
package/dist-types/policies/builder.d.ts +127 -0
package/dist-types/policies/defaults.d.ts +2 -0
package/dist-types/policies/matchers.d.ts +3 -0
package/{dist → dist-types}/router.d.ts +0 -1
package/{dist → dist-types}/routes/consent.d.ts +0 -1
package/{src/routes/index.ts → dist-types/routes/index.d.ts} +0 -1
package/{dist → dist-types}/routes/init.d.ts +0 -1
package/{dist → dist-types}/routes/status.d.ts +0 -1
package/{dist → dist-types}/routes/subject.d.ts +0 -1
package/{dist → dist-types}/types/api.d.ts +0 -1
package/{dist → dist-types}/types/index.d.ts +110 -6
package/dist-types/utils/background.d.ts +6 -0
package/{dist → dist-types}/utils/create-telemetry-options.d.ts +0 -1
package/{dist → dist-types}/utils/env.d.ts +0 -1
package/{dist → dist-types}/utils/extract-error-message.d.ts +0 -1
package/{dist → dist-types}/utils/instrumentation.d.ts +0 -1
package/{dist → dist-types}/utils/logger.d.ts +1 -2
package/{dist → dist-types}/utils/metrics.d.ts +0 -1
package/dist-types/version.d.ts +1 -0
package/docs/README.md +49 -0
package/docs/api/configuration.md +197 -0
package/docs/api/endpoints.md +211 -0
package/docs/guides/caching.md +85 -0
package/docs/guides/database-setup.md +128 -0
package/docs/guides/edge-deployment.md +248 -0
package/docs/guides/framework-integration.md +142 -0
package/docs/guides/iab-tcf.md +89 -0
package/docs/guides/observability.md +96 -0
package/docs/guides/policy-packs.md +396 -0
package/docs/quickstart.md +129 -0
package/package.json +33 -19
package/.turbo/turbo-build.log +0 -49
package/CHANGELOG.md +0 -123
package/dist/cache/adapters/cloudflare-kv.d.ts.map +0 -1
package/dist/cache/adapters/index.d.ts.map +0 -1
package/dist/cache/adapters/memory.d.ts.map +0 -1
package/dist/cache/adapters/upstash-redis.d.ts.map +0 -1
package/dist/cache/gvl-resolver.d.ts.map +0 -1
package/dist/cache/index.d.ts.map +0 -1
package/dist/cache/keys.d.ts.map +0 -1
package/dist/cache/types.d.ts.map +0 -1
package/dist/core.d.ts.map +0 -1
package/dist/db/adapters/drizzle.d.ts +0 -2
package/dist/db/adapters/drizzle.d.ts.map +0 -1
package/dist/db/adapters/index.d.ts +0 -2
package/dist/db/adapters/index.d.ts.map +0 -1
package/dist/db/adapters/kysely.d.ts +0 -2
package/dist/db/adapters/kysely.d.ts.map +0 -1
package/dist/db/adapters/mongo.d.ts +0 -2
package/dist/db/adapters/mongo.d.ts.map +0 -1
package/dist/db/adapters/prisma.d.ts +0 -2
package/dist/db/adapters/prisma.d.ts.map +0 -1
package/dist/db/adapters/typeorm.d.ts +0 -2
package/dist/db/adapters/typeorm.d.ts.map +0 -1
package/dist/db/migrator/index.d.ts.map +0 -1
package/dist/db/registry/consent-policy.d.ts.map +0 -1
package/dist/db/registry/consent-purpose.d.ts.map +0 -1
package/dist/db/registry/domain.d.ts.map +0 -1
package/dist/db/registry/index.d.ts.map +0 -1
package/dist/db/registry/subject.d.ts.map +0 -1
package/dist/db/registry/types.d.ts.map +0 -1
package/dist/db/registry/utils/generate-id.d.ts.map +0 -1
package/dist/db/registry/utils.d.ts.map +0 -1
package/dist/db/schema/1.0.0/audit-log.d.ts.map +0 -1
package/dist/db/schema/1.0.0/consent-policy.d.ts.map +0 -1
package/dist/db/schema/1.0.0/consent-purpose.d.ts.map +0 -1
package/dist/db/schema/1.0.0/consent-record.d.ts.map +0 -1
package/dist/db/schema/1.0.0/consent.d.ts.map +0 -1
package/dist/db/schema/1.0.0/domain.d.ts.map +0 -1
package/dist/db/schema/1.0.0/index.d.ts.map +0 -1
package/dist/db/schema/1.0.0/subject.d.ts.map +0 -1
package/dist/db/schema/2.0.0/audit-log.d.ts.map +0 -1
package/dist/db/schema/2.0.0/consent-policy.d.ts.map +0 -1
package/dist/db/schema/2.0.0/consent-purpose.d.ts.map +0 -1
package/dist/db/schema/2.0.0/consent.d.ts.map +0 -1
package/dist/db/schema/2.0.0/domain.d.ts.map +0 -1
package/dist/db/schema/2.0.0/index.d.ts.map +0 -1
package/dist/db/schema/2.0.0/subject.d.ts.map +0 -1
package/dist/db/schema/index.d.ts.map +0 -1
package/dist/db/tenant-scope.d.ts.map +0 -1
package/dist/define-config.d.ts.map +0 -1
package/dist/handlers/consent/check.handler.d.ts.map +0 -1
package/dist/handlers/consent/index.d.ts +0 -12
package/dist/handlers/consent/index.d.ts.map +0 -1
package/dist/handlers/init/geo.d.ts.map +0 -1
package/dist/handlers/init/index.d.ts.map +0 -1
package/dist/handlers/init/translations.d.ts +0 -26
package/dist/handlers/init/translations.d.ts.map +0 -1
package/dist/handlers/status/index.d.ts +0 -7
package/dist/handlers/status/index.d.ts.map +0 -1
package/dist/handlers/status/status.handler.d.ts.map +0 -1
package/dist/handlers/subject/get.handler.d.ts.map +0 -1
package/dist/handlers/subject/index.d.ts +0 -10
package/dist/handlers/subject/index.d.ts.map +0 -1
package/dist/handlers/subject/list.handler.d.ts.map +0 -1
package/dist/handlers/subject/patch.handler.d.ts.map +0 -1
package/dist/handlers/subject/post.handler.d.ts.map +0 -1
package/dist/handlers/utils/consent-enrichment.d.ts.map +0 -1
package/dist/init.d.ts.map +0 -1
package/dist/middleware/auth/index.d.ts.map +0 -1
package/dist/middleware/auth/validate-api-key.d.ts.map +0 -1
package/dist/middleware/cors/cors.d.ts.map +0 -1
package/dist/middleware/cors/index.d.ts +0 -30
package/dist/middleware/cors/index.d.ts.map +0 -1
package/dist/middleware/cors/is-origin-trusted.d.ts.map +0 -1
package/dist/middleware/cors/process-cors.d.ts.map +0 -1
package/dist/middleware/openapi/config.d.ts.map +0 -1
package/dist/middleware/openapi/handlers.d.ts.map +0 -1
package/dist/middleware/openapi/index.d.ts +0 -12
package/dist/middleware/openapi/index.d.ts.map +0 -1
package/dist/middleware/process-ip/index.d.ts.map +0 -1
package/dist/router.d.ts.map +0 -1
package/dist/routes/consent.d.ts.map +0 -1
package/dist/routes/index.d.ts +0 -10
package/dist/routes/index.d.ts.map +0 -1
package/dist/routes/init.d.ts.map +0 -1
package/dist/routes/status.d.ts.map +0 -1
package/dist/routes/subject.d.ts.map +0 -1
package/dist/types/api.d.ts.map +0 -1
package/dist/types/index.d.ts.map +0 -1
package/dist/utils/create-telemetry-options.d.ts.map +0 -1
package/dist/utils/env.d.ts.map +0 -1
package/dist/utils/extract-error-message.d.ts.map +0 -1
package/dist/utils/index.d.ts +0 -4
package/dist/utils/index.d.ts.map +0 -1
package/dist/utils/instrumentation.d.ts.map +0 -1
package/dist/utils/logger.d.ts.map +0 -1
package/dist/utils/metrics.d.ts.map +0 -1
package/dist/version.d.ts +0 -2
package/dist/version.d.ts.map +0 -1
package/knip.json +0 -31
package/rslib.config.ts +0 -93
package/src/cache/adapters/cloudflare-kv.ts +0 -71
package/src/cache/adapters/index.ts +0 -22
package/src/cache/adapters/memory.ts +0 -111
package/src/cache/adapters/upstash-redis.ts +0 -113
package/src/cache/gvl-resolver.ts +0 -289
package/src/cache/index.ts +0 -34
package/src/cache/keys.ts +0 -68
package/src/cache/types.ts +0 -66
package/src/core.ts +0 -369
package/src/db/migrator/index.ts +0 -80
package/src/db/registry/consent-policy.test.ts +0 -451
package/src/db/registry/consent-policy.ts +0 -82
package/src/db/registry/consent-purpose.test.ts +0 -428
package/src/db/registry/consent-purpose.ts +0 -61
package/src/db/registry/domain.test.ts +0 -445
package/src/db/registry/domain.ts +0 -91
package/src/db/registry/index.ts +0 -14
package/src/db/registry/subject.test.ts +0 -371
package/src/db/registry/subject.ts +0 -126
package/src/db/registry/types.ts +0 -10
package/src/db/registry/utils/generate-id.test.ts +0 -216
package/src/db/registry/utils/generate-id.ts +0 -133
package/src/db/registry/utils.ts +0 -133
package/src/db/schema/1.0.0/audit-log.ts +0 -15
package/src/db/schema/1.0.0/consent-policy.ts +0 -14
package/src/db/schema/1.0.0/consent-purpose.ts +0 -14
package/src/db/schema/1.0.0/consent-record.ts +0 -10
package/src/db/schema/1.0.0/consent.ts +0 -20
package/src/db/schema/1.0.0/domain.ts +0 -12
package/src/db/schema/1.0.0/index.ts +0 -48
package/src/db/schema/1.0.0/subject.ts +0 -11
package/src/db/schema/2.0.0/audit-log.ts +0 -18
package/src/db/schema/2.0.0/consent-policy.ts +0 -28
package/src/db/schema/2.0.0/consent-purpose.ts +0 -12
package/src/db/schema/2.0.0/consent.ts +0 -28
package/src/db/schema/2.0.0/domain.ts +0 -12
package/src/db/schema/2.0.0/index.ts +0 -47
package/src/db/schema/2.0.0/subject.ts +0 -13
package/src/db/schema/index.ts +0 -15
package/src/db/tenant-scope.test.ts +0 -747
package/src/db/tenant-scope.ts +0 -103
package/src/define-config.ts +0 -19
package/src/handlers/consent/check.handler.ts +0 -126
package/src/handlers/init/geo.test.ts +0 -317
package/src/handlers/init/geo.ts +0 -195
package/src/handlers/init/index.test.ts +0 -205
package/src/handlers/init/index.ts +0 -114
package/src/handlers/init/translations.test.ts +0 -121
package/src/handlers/init/translations.ts +0 -69
package/src/handlers/status/status.handler.test.ts +0 -155
package/src/handlers/status/status.handler.ts +0 -51
package/src/handlers/subject/get.handler.ts +0 -92
package/src/handlers/subject/list.handler.ts +0 -92
package/src/handlers/subject/patch.handler.ts +0 -119
package/src/handlers/subject/post.handler.test.ts +0 -294
package/src/handlers/subject/post.handler.ts +0 -268
package/src/handlers/utils/consent-enrichment.test.ts +0 -380
package/src/handlers/utils/consent-enrichment.ts +0 -218
package/src/init.test.ts +0 -122
package/src/init.ts +0 -88
package/src/middleware/auth/index.ts +0 -11
package/src/middleware/auth/validate-api-key.test.ts +0 -86
package/src/middleware/auth/validate-api-key.ts +0 -107
package/src/middleware/cors/cors.test.ts +0 -135
package/src/middleware/cors/cors.ts +0 -186
package/src/middleware/cors/is-origin-trusted.test.ts +0 -164
package/src/middleware/cors/is-origin-trusted.ts +0 -130
package/src/middleware/cors/process-cors.ts +0 -91
package/src/middleware/openapi/config.ts +0 -29
package/src/middleware/openapi/handlers.ts +0 -34
package/src/middleware/process-ip/index.test.ts +0 -193
package/src/middleware/process-ip/index.ts +0 -199
package/src/router.ts +0 -15
package/src/routes/consent.ts +0 -52
package/src/routes/init.ts +0 -105
package/src/routes/status.ts +0 -46
package/src/routes/subject.ts +0 -152
package/src/types/api.ts +0 -48
package/src/types/index.ts +0 -391
package/src/utils/create-telemetry-options.test.ts +0 -286
package/src/utils/create-telemetry-options.ts +0 -229
package/src/utils/env.ts +0 -84
package/src/utils/extract-error-message.ts +0 -21
package/src/utils/instrumentation.test.ts +0 -183
package/src/utils/instrumentation.ts +0 -194
package/src/utils/logger.ts +0 -41
package/src/utils/metrics.test.ts +0 -311
package/src/utils/metrics.ts +0 -402
package/src/utils/telemetry-pii.test.ts +0 -323
package/src/version.ts +0 -2
package/tsconfig.json +0 -11
package/vitest.config.ts +0 -28
/package/{src/db/adapters/drizzle.ts → dist-types/db/adapters/drizzle.d.ts} +0 -0
/package/{src/db/adapters/index.ts → dist-types/db/adapters/index.d.ts} +0 -0
/package/{src/db/adapters/kysely.ts → dist-types/db/adapters/kysely.d.ts} +0 -0
/package/{src/db/adapters/mongo.ts → dist-types/db/adapters/mongo.d.ts} +0 -0
/package/{src/db/adapters/prisma.ts → dist-types/db/adapters/prisma.d.ts} +0 -0
/package/{src/db/adapters/typeorm.ts → dist-types/db/adapters/typeorm.d.ts} +0 -0
/package/{src/utils/index.ts → dist-types/utils/index.d.ts} +0 -0

package/src/init.ts DELETED Viewed

@@ -1,88 +0,0 @@
-import type { C15TContext, C15TOptions } from '~/types';
-import { createRegistry } from './db/registry';
-import { DB } from './db/schema';
-import { withTenantScope } from './db/tenant-scope';
-import {
-	createTelemetryOptions,
-	isTelemetryEnabled,
-} from './utils/create-telemetry-options';
-import { initLogger } from './utils/logger';
-/**
- * Initializes the c15t backend context.
- *
- * Telemetry (tracing and metrics) is opt-in and disabled by default.
- * Users must:
- * 1. Set up their own OpenTelemetry SDK (Node.js, Bun, edge runtime, etc.)
- * 2. Pass enabled: true and optionally a tracer/meter to the telemetry config
- *
- * @example
- * ```typescript
- * // User sets up their own SDK before calling init
- * import { NodeSDK } from '@opentelemetry/sdk-node';
- * const sdk = new NodeSDK({ ... });
- * sdk.start();
- *
- * // Then pass telemetry config
- * const instance = c15tInstance({
- *   telemetry: {
- *     enabled: true,
- *     tracer: trace.getTracer('my-app'),
- *     meter: metrics.getMeter('my-app'),
- *   },
- * });
- * ```
- */
-export const init = (options: C15TOptions): C15TContext => {
-	const appName = options.appName || 'c15t';
-	const logger = initLogger({
-		...options.logger,
-		appName: String(appName),
-	});
-	// Create telemetry options (validates and merges with defaults)
-	const telemetryOptions = createTelemetryOptions(
-		String(appName),
-		options.telemetry,
-		options.tenantId
-	);
-	// Log telemetry status
-	if (isTelemetryEnabled(options)) {
-		logger.debug('Telemetry is enabled', {
-			hasTracer: !!telemetryOptions?.tracer,
-			hasMeter: !!telemetryOptions?.meter,
-			attributes: telemetryOptions?.defaultAttributes,
-		});
-	} else {
-		logger.debug('Telemetry is disabled (opt-in required)');
-	}
-	// Initialize core components
-	const db = options.tablePrefix ? DB.names.prefix(options.tablePrefix) : DB;
-	const client = db.client(options.adapter);
-	const rawOrm = client.orm('2.0.0');
-	const orm = options.tenantId
-		? withTenantScope(rawOrm, options.tenantId)
-		: rawOrm;
-	// Destructure ipAddress config to avoid type conflict with C15TContext.ipAddress (resolved string)
-	const { ipAddress: _ipAddressConfig, ...baseOptions } = options;
-	const context: C15TContext = {
-		...baseOptions,
-		appName,
-		logger,
-		db: orm,
-		registry: createRegistry({
-			db: orm,
-			ctx: {
-				logger,
-			},
-		}),
-	};
-	return context;
-};

package/src/middleware/auth/index.ts DELETED Viewed

@@ -1,11 +0,0 @@
-/**
- * Authentication middleware exports.
- *
- * @packageDocumentation
- */
-export {
-	extractBearerToken,
-	validateApiKey,
-	validateRequestAuth,
-} from './validate-api-key';

package/src/middleware/auth/validate-api-key.test.ts DELETED Viewed

@@ -1,86 +0,0 @@
-import { describe, expect, it } from 'vitest';
-import {
-	extractBearerToken,
-	validateApiKey,
-	validateRequestAuth,
-} from './validate-api-key';
-describe('extractBearerToken', () => {
-	it('should extract token from valid Bearer header', () => {
-		expect(extractBearerToken('Bearer sk_live_abc123')).toBe('sk_live_abc123');
-	});
-	it('should return null for non-Bearer auth', () => {
-		expect(extractBearerToken('Basic abc123')).toBeNull();
-	});
-	it('should return null for missing Bearer prefix', () => {
-		expect(extractBearerToken('sk_live_abc123')).toBeNull();
-	});
-	it('should return null for null header', () => {
-		expect(extractBearerToken(null)).toBeNull();
-	});
-	it('should return null for empty header', () => {
-		expect(extractBearerToken('')).toBeNull();
-	});
-	it('should handle extra spaces', () => {
-		expect(extractBearerToken('Bearer  abc123')).toBeNull(); // Two spaces
-	});
-});
-describe('validateApiKey', () => {
-	const validKeys = ['sk_live_abc123', 'sk_live_def456'];
-	it('should return true for valid key', () => {
-		expect(validateApiKey('sk_live_abc123', validKeys)).toBe(true);
-		expect(validateApiKey('sk_live_def456', validKeys)).toBe(true);
-	});
-	it('should return false for invalid key', () => {
-		expect(validateApiKey('sk_live_invalid', validKeys)).toBe(false);
-	});
-	it('should return false for null token', () => {
-		expect(validateApiKey(null, validKeys)).toBe(false);
-	});
-	it('should return false for undefined keys', () => {
-		expect(validateApiKey('sk_live_abc123', undefined)).toBe(false);
-	});
-	it('should return false for empty keys array', () => {
-		expect(validateApiKey('sk_live_abc123', [])).toBe(false);
-	});
-	it('should be case-sensitive', () => {
-		expect(validateApiKey('SK_LIVE_ABC123', validKeys)).toBe(false);
-	});
-});
-describe('validateRequestAuth', () => {
-	const validKeys = ['sk_live_abc123'];
-	it('should return true for valid Authorization header', () => {
-		const headers = new Headers();
-		headers.set('Authorization', 'Bearer sk_live_abc123');
-		expect(validateRequestAuth(headers, validKeys)).toBe(true);
-	});
-	it('should return false for invalid token', () => {
-		const headers = new Headers();
-		headers.set('Authorization', 'Bearer sk_live_invalid');
-		expect(validateRequestAuth(headers, validKeys)).toBe(false);
-	});
-	it('should return false for missing Authorization header', () => {
-		const headers = new Headers();
-		expect(validateRequestAuth(headers, validKeys)).toBe(false);
-	});
-	it('should return false for undefined headers', () => {
-		expect(validateRequestAuth(undefined, validKeys)).toBe(false);
-	});
-});

package/src/middleware/auth/validate-api-key.ts DELETED Viewed

@@ -1,107 +0,0 @@
-/**
- * API key validation utilities.
- *
- * @packageDocumentation
- */
-/**
- * Extracts the Bearer token from an Authorization header.
- *
- * @param authHeader - The Authorization header value
- * @returns The token if valid Bearer format, null otherwise
- *
- * @example
- * ```typescript
- * extractBearerToken('Bearer sk_live_abc123'); // 'sk_live_abc123'
- * extractBearerToken('Basic abc123'); // null
- * extractBearerToken('sk_live_abc123'); // null
- * ```
- */
-export function extractBearerToken(authHeader: string | null): string | null {
-	if (!authHeader) {
-		return null;
-	}
-	const parts = authHeader.split(' ');
-	if (parts.length !== 2 || parts[0] !== 'Bearer') {
-		return null;
-	}
-	return parts[1] || null;
-}
-/**
- * Validates an API key against the configured keys.
- *
- * @param token - The token to validate
- * @param validKeys - Array of valid API keys
- * @returns True if the token is valid
- *
- * @remarks
- * Uses timing-safe comparison to prevent timing attacks.
- * If no keys are configured, returns false.
- */
-export function validateApiKey(
-	token: string | null,
-	validKeys: string[] | undefined
-): boolean {
-	if (!token || !validKeys || validKeys.length === 0) {
-		return false;
-	}
-	// Use timing-safe comparison to prevent timing attacks
-	return validKeys.some((key) => timingSafeEqual(token, key));
-}
-/**
- * Timing-safe string comparison to prevent timing attacks.
- *
- * @param a - First string
- * @param b - Second string
- * @returns True if strings are equal
- */
-function timingSafeEqual(a: string, b: string): boolean {
-	if (a.length !== b.length) {
-		// Still do comparison to maintain constant time
-		let result = 0;
-		for (let i = 0; i < a.length; i++) {
-			result |= a.charCodeAt(i) ^ (b.charCodeAt(i % b.length) || 0);
-		}
-		return false;
-	}
-	let result = 0;
-	for (let i = 0; i < a.length; i++) {
-		result |= a.charCodeAt(i) ^ b.charCodeAt(i);
-	}
-	return result === 0;
-}
-/**
- * Validates authentication from request headers.
- *
- * @param headers - Request headers
- * @param validKeys - Array of valid API keys
- * @returns True if the request has a valid API key
- *
- * @example
- * ```typescript
- * const headers = new Headers();
- * headers.set('Authorization', 'Bearer sk_live_abc123');
- *
- * validateRequestAuth(headers, ['sk_live_abc123']); // true
- * validateRequestAuth(headers, ['sk_live_other']); // false
- * ```
- */
-export function validateRequestAuth(
-	headers: Headers | undefined,
-	validKeys: string[] | undefined
-): boolean {
-	if (!headers) {
-		return false;
-	}
-	const authHeader = headers.get('Authorization');
-	const token = extractBearerToken(authHeader);
-	return validateApiKey(token, validKeys);
-}

package/src/middleware/cors/cors.test.ts DELETED Viewed

@@ -1,135 +0,0 @@
-import { describe, expect, it } from 'vitest';
-import { createCORSOptions } from './cors';
-/**
- * Helper to call the origin function or return a default value
- */
-const callOrigin = async (
-	origin: string | string[] | ((origin: string) => string | null) | undefined,
-	value: string
-): Promise<string | null> => {
-	if (typeof origin === 'function') {
-		return origin(value);
-	}
-	if (origin === '*') {
-		return value || '*';
-	}
-	if (Array.isArray(origin)) {
-		return origin.includes(value) ? value : null;
-	}
-	return origin === value ? value : null;
-};
-describe('createCORSOptions (unit)', () => {
-	describe('configuration shape', () => {
-		it('returns expected defaults when no trustedOrigins provided', async () => {
-			const config = createCORSOptions();
-			expect(config.credentials).toBe(true);
-			expect(config.maxAge).toBe(600);
-			expect(config.allowHeaders).toEqual([
-				'Content-Type',
-				'Authorization',
-				'x-request-id',
-				'x-c15t-country',
-				'x-c15t-region',
-				'accept-language',
-			]);
-			expect(config.methods).toEqual([
-				'GET',
-				'POST',
-				'PUT',
-				'DELETE',
-				'PATCH',
-				'OPTIONS',
-			]);
-			// For default config, origin is '*' string
-			expect(config.origin).toBe('*');
-		});
-	});
-	describe('wildcard "*"', () => {
-		it('allows any concrete origin and echoes it back', async () => {
-			const config = createCORSOptions(['*']);
-			expect(await callOrigin(config.origin, 'http://localhost:3002')).toBe(
-				'http://localhost:3002'
-			);
-			// missing origin -> '*'
-			expect(await callOrigin(config.origin, '')).toBe('*');
-		});
-	});
-	describe('specific origins', () => {
-		it('allows trusted origin and rejects untrusted', async () => {
-			const config = createCORSOptions(['http://localhost:3002']);
-			expect(await callOrigin(config.origin, 'http://localhost:3002')).toBe(
-				'http://localhost:3002'
-			);
-			expect(
-				await callOrigin(config.origin, 'http://malicious-site.com')
-			).toBeNull();
-		});
-		it('treats localhost variants (ports, IPs) as trusted when "localhost" provided', async () => {
-			const config = createCORSOptions(['localhost']);
-			expect(await callOrigin(config.origin, 'http://localhost:1234')).toBe(
-				'http://localhost:1234'
-			);
-			expect(await callOrigin(config.origin, 'http://127.0.0.1:3000')).toBe(
-				'http://127.0.0.1:3000'
-			);
-			expect(await callOrigin(config.origin, 'http://[::1]:3000')).toBe(
-				'http://[::1]:3000'
-			);
-		});
-	});
-	describe('www and non-www variants', () => {
-		it('allows www when non-www is trusted', async () => {
-			const config = createCORSOptions(['http://c15t.com']);
-			expect(await callOrigin(config.origin, 'http://www.c15t.com')).toBe(
-				'http://www.c15t.com'
-			);
-		});
-		it('allows non-www when www is trusted', async () => {
-			const config = createCORSOptions(['http://www.c15t.com']);
-			expect(await callOrigin(config.origin, 'http://c15t.com')).toBe(
-				'http://c15t.com'
-			);
-		});
-	});
-	describe('ports and protocols', () => {
-		it('matches with exact port when provided', async () => {
-			const config = createCORSOptions(['localhost:3002']);
-			expect(await callOrigin(config.origin, 'http://localhost:3002')).toBe(
-				'http://localhost:3002'
-			);
-			expect(
-				await callOrigin(config.origin, 'http://localhost:4000')
-			).toBeNull();
-		});
-		it('is protocol-agnostic for host comparison', async () => {
-			const config = createCORSOptions(['example.com']);
-			expect(await callOrigin(config.origin, 'http://example.com')).toBe(
-				'http://example.com'
-			);
-			expect(await callOrigin(config.origin, 'https://www.example.com')).toBe(
-				'https://www.example.com'
-			);
-		});
-	});
-	describe('invalid or missing origins', () => {
-		it('returns null for clearly invalid origins', async () => {
-			const config = createCORSOptions(['example.com']);
-			expect(await callOrigin(config.origin, '::::invalid::::')).toBeNull();
-		});
-		it('returns "*" when origin header is missing/empty', async () => {
-			const config = createCORSOptions(['*']);
-			expect(await callOrigin(config.origin, '')).toBe('*');
-		});
-	});
-});

package/src/middleware/cors/cors.ts DELETED Viewed

@@ -1,186 +0,0 @@
-/**
- * CORS middleware utility for c15t that handles origin validation and CORS headers
- *
- * @packageDocumentation
- */
-/**
- * CORS configuration options compatible with Hono's cors middleware
- */
-export interface CorsOptions {
-	origin: string | string[] | ((origin: string) => string | null);
-	methods?: string[];
-	allowMethods?: string[];
-	allowHeaders?: string[];
-	maxAge?: number;
-	credentials?: boolean;
-	exposeHeaders?: string[];
-}
-/** Regular expression to match www prefix in domain names */
-const WWW_REGEX = /^www\./;
-/** Regular expression to match protocol and www prefix in URLs */
-const PROTOCOL_WWW_REGEX = /^https?:\/\/(www\.)?/;
-/**
- * Supported HTTP methods for CORS
- */
-const SUPPORTED_METHODS = [
-	'GET',
-	'POST',
-	'PUT',
-	'DELETE',
-	'PATCH',
-	'OPTIONS',
-] as const;
-/**
- * Supported headers for CORS requests
- */
-const SUPPORTED_HEADERS = [
-	'Content-Type',
-	'Authorization',
-	'x-request-id',
-	'x-c15t-country',
-	'x-c15t-region',
-	'accept-language',
-] as const;
-/**
- * Normalizes an origin string by removing protocol and www prefix
- *
- * @param origin - The origin URL to normalize
- * @returns Normalized origin string without protocol and www prefix
- */
-function normalizeOrigin(origin: string): string {
-	try {
-		// Handle bare domains like 'localhost' or 'example.com'
-		if (
-			!origin.includes('://') &&
-			!origin.includes(':') &&
-			!origin.includes('/')
-		) {
-			return origin.toLowerCase();
-		}
-		// Add protocol if missing
-		const originWithProtocol =
-			origin.startsWith('http://') ||
-			origin.startsWith('https://') ||
-			origin.startsWith('ws://') ||
-			origin.startsWith('wss://')
-				? origin
-				: `http://${origin}`;
-		const url = new URL(originWithProtocol);
-		const hostname = url.hostname.replace(WWW_REGEX, '');
-		// Return without protocol to match both http and https
-		return `${hostname}${url.port ? `:${url.port}` : ''}`;
-	} catch {
-		// Fallback: remove www manually and protocol
-		return origin.replace(PROTOCOL_WWW_REGEX, '').replace(WWW_REGEX, '');
-	}
-}
-/**
- * Expands a list of origins to include www variants
- *
- * @param origins - Array of origin strings to expand
- * @returns Array of origins including www variants
- */
-function expandWithWWW(origins: string[]): string[] {
-	const expanded = new Set<string>();
-	for (const origin of origins) {
-		if (origin === '*') {
-			expanded.add('*');
-			continue;
-		}
-		const normalized = normalizeOrigin(origin);
-		expanded.add(normalized);
-		// Add www version if not already present
-		if (!normalized.includes('www.')) {
-			expanded.add(`www.${normalized}`);
-		}
-	}
-	return Array.from(expanded);
-}
-/**
- * Creates CORS options configuration for Hono's cors middleware
- *
- * @param trustedOrigins - Array of allowed origin patterns or single string. Can include wildcards ('*').
- * If undefined, defaults to allowing all origins without credentials.
- *
- * @returns Hono CORS configuration object
- *
- * @example
- * ```ts
- * const corsOptions = createCORSOptions(['http://localhost:3000', 'https://example.com']);
- * app.use('*', cors(corsOptions));
- * ```
- */
-export function createCORSOptions(
-	trustedOrigins?: string[] | string
-): CorsOptions {
-	// If trustedOrigins is undefined or empty, return default config that allows all origins
-	if (!trustedOrigins) {
-		return {
-			origin: '*',
-			credentials: true,
-			allowHeaders: [...SUPPORTED_HEADERS],
-			maxAge: 600,
-			allowMethods: [...SUPPORTED_METHODS],
-			methods: [...SUPPORTED_METHODS],
-		};
-	}
-	// Convert string to array if needed
-	const origins = Array.isArray(trustedOrigins)
-		? trustedOrigins
-		: [trustedOrigins];
-	if (origins.length === 0) {
-		return {
-			origin: '*',
-			credentials: true,
-			allowHeaders: [...SUPPORTED_HEADERS],
-			maxAge: 600,
-			allowMethods: [...SUPPORTED_METHODS],
-			methods: [...SUPPORTED_METHODS],
-		};
-	}
-	const expandedTrusted = expandWithWWW(origins);
-	return {
-		origin: (origin) => {
-			if (!origin) {
-				return '*';
-			}
-			const normalizedOrigin = normalizeOrigin(origin);
-			if (expandedTrusted.includes('*')) {
-				return origin;
-			}
-			// Check if the origin matches any trusted origin
-			const isTrusted = expandedTrusted.some((trusted) => {
-				const normalizedTrusted = normalizeOrigin(trusted);
-				// For localhost, match both with and without port
-				if (normalizedTrusted === 'localhost') {
-					return (
-						normalizedOrigin === 'localhost' ||
-						normalizedOrigin.startsWith('localhost:') ||
-						normalizedOrigin === '127.0.0.1' ||
-						normalizedOrigin.startsWith('127.0.0.1:') ||
-						normalizedOrigin === '[::1]' ||
-						normalizedOrigin.startsWith('[::1]:')
-					);
-				}
-				return normalizedTrusted === normalizedOrigin;
-			});
-			return isTrusted ? origin : null;
-		},
-		credentials: true,
-		allowHeaders: [...SUPPORTED_HEADERS],
-		maxAge: 600,
-		allowMethods: [...SUPPORTED_METHODS],
-		methods: [...SUPPORTED_METHODS],
-	};
-}