@cloudwerk/vite-plugin 0.6.3 → 0.6.5

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 import { Plugin } from 'vite';
-import { CloudwerkConfig, QueueManifest, ServiceManifest, RouteManifest, ScanResult } from '@cloudwerk/core/build';
+import { CloudwerkConfig, QueueManifest, ServiceManifest, AuthManifest, RouteManifest, ScanResult } from '@cloudwerk/core/build';
 
 /**
  * @cloudwerk/vite-plugin - Types
@@ -185,6 +185,10 @@ interface GenerateServerEntryOptions {
     serviceManifest?: ServiceManifest | null;
     /** Asset manifest from Vite build for CSS injection */
     assetManifest?: AssetManifest | null;
+    /** Auth manifest if auth providers are configured */
+    authManifest?: AuthManifest | null;
+    /** CSS imports from layouts/pages (for dev mode injection) */
+    cssImports?: Map<string, CssImportInfo[]>;
 }
 /**
  * Generate the server entry module code.

package/dist/index.js

@@ -19,7 +19,13 @@ import {
   scanServices,
   buildServiceManifest,
   SERVICES_DIR,
-  SERVICE_FILE_NAME
+  SERVICE_FILE_NAME,
+  scanImages,
+  buildImageManifest,
+  IMAGES_DIR,
+  scanAuth,
+  buildAuthManifestWithModules,
+  AUTH_DIR
 } from "@cloudwerk/core/build";
 
 // src/types.ts
@@ -40,6 +46,7 @@ function generateServerEntry(manifest, scanResult, options, entryOptions) {
   const queueManifest = entryOptions?.queueManifest;
   const serviceManifest = entryOptions?.serviceManifest;
   const assetManifest = entryOptions?.assetManifest;
+  const authManifest = entryOptions?.authManifest;
   const imports = [];
   const pageRegistrations = [];
   const routeRegistrations = [];
@@ -58,6 +65,10 @@ function generateServerEntry(manifest, scanResult, options, entryOptions) {
   let middlewareIndex = 0;
   let errorIndex = 0;
   let notFoundIndex = 0;
+  const rootMiddleware = scanResult.middleware.find(
+    (m) => m.relativePath === "middleware.ts" || m.relativePath === "middleware.tsx"
+  );
+  let rootMiddlewareVarName = null;
   const ssgPageInfo = [];
   for (const err of scanResult.errors) {
     if (!importedModules.has(err.absolutePath)) {
@@ -89,6 +100,12 @@ function generateServerEntry(manifest, scanResult, options, entryOptions) {
     const varName = notFoundModules.get(nf.absolutePath);
     notFoundBoundaryMapEntries.push(`  ['${normalizedDir}', ${varName}]`);
   }
+  if (rootMiddleware) {
+    rootMiddlewareVarName = `middleware_${middlewareIndex++}`;
+    middlewareImports.push(`import { middleware as ${rootMiddlewareVarName} } from '${rootMiddleware.absolutePath}'`);
+    middlewareModules.set(rootMiddleware.absolutePath, rootMiddlewareVarName);
+    importedModules.add(rootMiddleware.absolutePath);
+  }
   for (const route of manifest.routes) {
     for (const middlewarePath of route.middleware) {
       if (!importedModules.has(middlewarePath)) {
@@ -139,7 +156,17 @@ function generateServerEntry(manifest, scanResult, options, entryOptions) {
     }
   }
   const rendererName = options.renderer;
-  const clientEntryPath = options.isProduction ? `${options.hydrationEndpoint}/client.js` : "/@id/__x00__virtual:cloudwerk/client-entry";
+  let clientEntryPath = "/@id/__x00__virtual:cloudwerk/client-entry";
+  if (options.isProduction && assetManifest) {
+    const clientEntry = assetManifest["virtual:cloudwerk/client-entry"];
+    if (clientEntry?.file) {
+      clientEntryPath = `/${clientEntry.file}`;
+    } else {
+      clientEntryPath = `${options.hydrationEndpoint}/client.js`;
+    }
+  } else if (options.isProduction) {
+    clientEntryPath = `${options.hydrationEndpoint}/client.js`;
+  }
   let cssLinksCode = "";
   if (options.isProduction && assetManifest) {
     const clientEntry = assetManifest["virtual:cloudwerk/client-entry"];
@@ -147,6 +174,17 @@ function generateServerEntry(manifest, scanResult, options, entryOptions) {
       const cssLinks = clientEntry.css.map((css) => `<link rel="stylesheet" href="/${css}" />`).join("");
       cssLinksCode = `const CSS_LINKS = '${cssLinks}'`;
     }
+  } else if (!options.isProduction && entryOptions?.cssImports) {
+    const allCss = /* @__PURE__ */ new Set();
+    for (const imports2 of entryOptions.cssImports.values()) {
+      for (const info of imports2) {
+        allCss.add(info.absolutePath);
+      }
+    }
+    if (allCss.size > 0) {
+      const cssLinks = Array.from(allCss).map((css) => `<link rel="stylesheet" href="/@fs${css}" />`).join("");
+      cssLinksCode = `const CSS_LINKS = '${cssLinks}'`;
+    }
   }
   if (!cssLinksCode) {
     cssLinksCode = `const CSS_LINKS = ''`;
@@ -471,7 +509,7 @@ function registerRoute(app, pattern, routeModule, middlewareModules) {
   for (const method of HTTP_METHODS) {
     const handler = routeModule[method]
     if (handler && typeof handler === 'function') {
-      const h = handler.length === 2 ? createHandlerAdapter(handler) : handler
+      const h = createHandlerAdapter(handler)
       switch (method) {
         case 'GET': app.get(pattern, h); break
         case 'POST': app.post(pattern, h); break
@@ -497,7 +535,10 @@ const app = new Hono({ strict: false })
 
 // Add context middleware
 app.use('*', contextMiddleware())
-${options.isProduction ? `
+${rootMiddlewareVarName ? `
+// Apply root middleware globally (for all routes including auth)
+app.use('*', createMiddlewareAdapter(${rootMiddlewareVarName}))
+` : ""}${options.isProduction ? `
 // Serve static assets using Workers Static Assets binding (production only)
 app.use('*', async (c, next) => {
   // Check if ASSETS binding is available
@@ -518,9 +559,27 @@ app.use('*', async (c, next) => {
   // Try to serve the request as a static asset
   const response = await c.env.ASSETS.fetch(c.req.raw)
 
-  // If asset found (not 404), return it
+  // If asset found (not 404), return it with cache headers
   if (response.status !== 404) {
-    return response
+    const path = new URL(c.req.url).pathname
+
+    // Check if this is a hashed asset (Vite adds content hash to filename)
+    // Hashed assets are immutable and can be cached forever
+    const isHashedAsset = path.startsWith('/__cloudwerk/') ||
+      /-[a-zA-Z0-9]{8,}\\.(js|css|woff2?|ttf|eot|svg|png|jpg|jpeg|gif|webp|avif|ico)$/.test(path)
+
+    const cacheControl = isHashedAsset
+      ? 'public, max-age=31536000, immutable'
+      : 'public, max-age=3600'
+
+    return new Response(response.body, {
+      status: response.status,
+      statusText: response.statusText,
+      headers: {
+        ...Object.fromEntries(response.headers.entries()),
+        'Cache-Control': cacheControl,
+      },
+    })
   }
 
   // Asset not found, continue to routes
@@ -531,6 +590,9 @@ app.use('*', async (c, next) => {
 ${pageRegistrations.join("\n")}
 ${routeRegistrations.join("\n")}
 
+// Register auth routes
+${generateAuthRouteRegistrations(authManifest)}
+
 // SSG routes endpoint - returns all static routes for build-time generation
 app.get('/__ssg/routes', async (c) => {
   const routes = []
@@ -766,6 +828,242 @@ function generateServiceRegistration(serviceManifest) {
   }
   return lines.join("\n");
 }
+function generateAuthRouteRegistrations(authManifest) {
+  if (!authManifest) {
+    return "";
+  }
+  const lines = [];
+  const imports = [];
+  const basePath = authManifest.config?.basePath || "/auth";
+  lines.push("");
+  lines.push("// ============================================================================");
+  lines.push("// Auth Route Registration");
+  lines.push("// ============================================================================");
+  lines.push("");
+  imports.push(`import {
+  handleSession,
+  handleProviders,
+  handleSignIn,
+  handleSignInProvider,
+  handleSignOutGet,
+  handleSignOutPost,
+} from '@cloudwerk/auth/routes'`);
+  imports.push(`import { createSessionManager, createKVSessionAdapter } from '@cloudwerk/auth/session'`);
+  const passkeyProviders = authManifest.providers.filter((p) => p.type === "passkey" && !p.disabled);
+  if (passkeyProviders.length > 0) {
+    imports.push(`import {
+  handlePasskeyRegisterOptions,
+  handlePasskeyRegisterVerify,
+  handlePasskeyAuthenticateOptions,
+  handlePasskeyAuthenticateVerify,
+} from '@cloudwerk/auth/routes'`);
+    imports.push(`import {
+  createKVChallengeStorage,
+  createD1CredentialStorage,
+} from '@cloudwerk/auth/providers'`);
+    for (let i = 0; i < passkeyProviders.length; i++) {
+      const provider = passkeyProviders[i];
+      imports.push(`import passkeyProviderDef_${i} from '${provider.filePath}'`);
+    }
+  }
+  lines.push(imports.join("\n"));
+  lines.push("");
+  lines.push(`
+/**
+ * Build auth context for standard auth routes.
+ */
+function buildAuthContext(c) {
+  const env = c.env || {}
+
+  // Get KV binding - fall back to common binding names
+  let kvBinding = undefined
+  for (const name of ['FLAGSHIP_AUTH_SESSIONS', 'AUTH_KV', 'AUTH_SESSIONS', 'KV']) {
+    const binding = env[name]
+    if (binding && typeof binding.get === 'function') {
+      kvBinding = binding
+      break
+    }
+  }
+
+  // Create session manager from KV
+  const sessionAdapter = kvBinding ? createKVSessionAdapter({ binding: kvBinding, enableUserIndex: true }) : undefined
+  const sessionManager = sessionAdapter ? createSessionManager({ adapter: sessionAdapter }) : undefined
+
+  // Build providers map
+  const providers = new Map()
+
+  return {
+    request: c.req.raw,
+    env,
+    config: { basePath: '${basePath}', session: { strategy: '${authManifest.config?.sessionStrategy || "database"}' } },
+    sessionManager,
+    providers,
+    user: c.get?.('user') ?? null,
+    session: c.get?.('session') ?? null,
+    url: new URL(c.req.url),
+    responseHeaders: new Headers(),
+  }
+}
+`);
+  lines.push(`
+// Standard auth routes
+app.get('${basePath}/session', async (c) => {
+  const ctx = buildAuthContext(c)
+  return handleSession(ctx)
+})
+
+app.get('${basePath}/providers', async (c) => {
+  const ctx = buildAuthContext(c)
+  return handleProviders(ctx)
+})
+
+app.get('${basePath}/signin', async (c) => {
+  const ctx = buildAuthContext(c)
+  return handleSignIn(ctx)
+})
+
+app.get('${basePath}/signin/:provider', async (c) => {
+  const ctx = buildAuthContext(c)
+  const providerId = c.req.param('provider')
+  return handleSignInProvider(ctx, providerId)
+})
+
+app.get('${basePath}/signout', async (c) => {
+  const ctx = buildAuthContext(c)
+  return handleSignOutGet(ctx)
+})
+
+app.post('${basePath}/signout', async (c) => {
+  const ctx = buildAuthContext(c)
+  return handleSignOutPost(ctx)
+})
+`);
+  if (passkeyProviders.length > 0) {
+    lines.push(`
+/**
+ * Build auth context for passkey handlers.
+ */
+function buildPasskeyAuthContext(c, passkeyProvider) {
+  const env = c.env || {}
+
+  // Get KV binding for challenges - use provider config or fall back to common names
+  const kvBindingName = passkeyProvider.kvBinding
+  let kvBinding = kvBindingName ? env[kvBindingName] : undefined
+  if (!kvBinding) {
+    // Fall back to common binding names
+    for (const name of ['AUTH_KV', 'AUTH_SESSIONS', 'KV']) {
+      const binding = env[name]
+      if (binding && typeof binding.get === 'function') {
+        kvBinding = binding
+        break
+      }
+    }
+  }
+  const challengeStorage = kvBinding ? createKVChallengeStorage(kvBinding, 'auth:challenge:') : undefined
+
+  // Get D1 binding for credentials - use provider config or fall back to common names
+  const d1BindingName = passkeyProvider.d1Binding
+  const d1Binding = d1BindingName ? env[d1BindingName] : (env.DB || env.D1 || env.DATABASE)
+  const credentialStorage = d1Binding ? createD1CredentialStorage(d1Binding, 'webauthn_credentials') : undefined
+
+  // Create user adapter from D1
+  const userAdapter = d1Binding ? {
+    async getUserByEmail(email) {
+      const user = await d1Binding.prepare(
+        'SELECT id, email, email_verified, name, image, created_at, updated_at FROM users WHERE email = ?'
+      ).bind(email).first()
+      if (!user) return null
+      return {
+        id: user.id,
+        email: user.email,
+        emailVerified: user.email_verified ? new Date(user.email_verified) : null,
+        name: user.name,
+        image: user.image,
+        createdAt: new Date(user.created_at),
+        updatedAt: new Date(user.updated_at),
+      }
+    },
+    async createUser(userData) {
+      const id = crypto.randomUUID()
+      const now = new Date().toISOString()
+      await d1Binding.prepare(
+        'INSERT INTO users (id, email, email_verified, name, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?)'
+      ).bind(id, userData.email, userData.emailVerified?.toISOString() ?? null, userData.name ?? null, now, now).run()
+      return { id, email: userData.email, emailVerified: userData.emailVerified, name: userData.name ?? null, image: null, createdAt: new Date(now), updatedAt: new Date(now) }
+    },
+    async getUser(id) {
+      const user = await d1Binding.prepare(
+        'SELECT id, email, email_verified, name, image, created_at, updated_at FROM users WHERE id = ?'
+      ).bind(id).first()
+      if (!user) return null
+      return {
+        id: user.id,
+        email: user.email,
+        emailVerified: user.email_verified ? new Date(user.email_verified) : null,
+        name: user.name,
+        image: user.image,
+        createdAt: new Date(user.created_at),
+        updatedAt: new Date(user.updated_at),
+      }
+    },
+  } : undefined
+
+  // Create session manager from KV
+  const sessionAdapter = kvBinding ? createKVSessionAdapter({ binding: kvBinding, enableUserIndex: true }) : undefined
+  const sessionManager = sessionAdapter ? createSessionManager({ adapter: sessionAdapter }) : undefined
+
+  // Build providers map
+  const providers = new Map()
+  providers.set(passkeyProvider.id, passkeyProvider)
+
+  return {
+    request: c.req.raw,
+    env,
+    config: { basePath: '${basePath}', session: { strategy: '${authManifest.config?.sessionStrategy || "database"}' } },
+    sessionManager,
+    providers,
+    user: null,
+    session: null,
+    url: new URL(c.req.url),
+    responseHeaders: new Headers(),
+    challengeStorage,
+    credentialStorage,
+    userAdapter,
+  }
+}
+`);
+    for (let i = 0; i < passkeyProviders.length; i++) {
+      const provider = passkeyProviders[i];
+      lines.push(`
+// Get provider from definition
+const passkeyProvider_${i} = passkeyProviderDef_${i}.provider || passkeyProviderDef_${i}
+`);
+      lines.push(`
+// Passkey registration routes
+app.post('${basePath}/passkey/register/options', async (c) => {
+  const ctx = buildPasskeyAuthContext(c, passkeyProvider_${i})
+  return handlePasskeyRegisterOptions(ctx, '${provider.id}')
+})
+
+app.post('${basePath}/passkey/register/verify', async (c) => {
+  const ctx = buildPasskeyAuthContext(c, passkeyProvider_${i})
+  return handlePasskeyRegisterVerify(ctx, '${provider.id}')
+})
+
+app.post('${basePath}/passkey/authenticate/options', async (c) => {
+  const ctx = buildPasskeyAuthContext(c, passkeyProvider_${i})
+  return handlePasskeyAuthenticateOptions(ctx, '${provider.id}')
+})
+
+app.post('${basePath}/passkey/authenticate/verify', async (c) => {
+  const ctx = buildPasskeyAuthContext(c, passkeyProvider_${i})
+  return handlePasskeyAuthenticateVerify(ctx, '${provider.id}')
+})
+`);
+    }
+  }
+  return lines.join("\n");
+}
 
 // src/virtual-modules/client-entry.ts
 function collectCssImports(cssImports) {
@@ -1798,6 +2096,62 @@ function cloudwerkPlugin(options = {}) {
       console.log(`[cloudwerk] Found ${state.serviceManifest.services.length} service(s)`);
     }
   }
+  async function buildImageManifestIfExists(root) {
+    if (!state) {
+      throw new Error("Plugin state not initialized");
+    }
+    const imagesPath = path3.resolve(root, state.options.appDir, IMAGES_DIR);
+    try {
+      await fs2.promises.access(imagesPath);
+    } catch {
+      state.imageScanResult = null;
+      state.imageManifest = null;
+      return;
+    }
+    state.imageScanResult = await scanImages(
+      path3.resolve(root, state.options.appDir),
+      { extensions: state.options.config.extensions }
+    );
+    state.imageManifest = buildImageManifest(
+      state.imageScanResult,
+      root
+    );
+    if (state.options.verbose && state.imageManifest.images.length > 0) {
+      console.log(`[cloudwerk] Found ${state.imageManifest.images.length} image(s)`);
+    }
+  }
+  async function buildAuthManifestIfExists(root) {
+    if (!state) {
+      throw new Error("Plugin state not initialized");
+    }
+    const authPath = path3.resolve(root, state.options.appDir, AUTH_DIR);
+    try {
+      await fs2.promises.access(authPath);
+    } catch {
+      state.authScanResult = null;
+      state.authManifest = null;
+      return;
+    }
+    state.authScanResult = await scanAuth(
+      path3.resolve(root, state.options.appDir),
+      { extensions: state.options.config.extensions }
+    );
+    state.authManifest = await buildAuthManifestWithModules(state.authScanResult);
+    state.serverEntryCache = null;
+    if (state.options.verbose && state.authManifest.providers.length > 0) {
+      console.log(`[cloudwerk] Found ${state.authManifest.providers.length} auth provider(s)`);
+      for (const provider of state.authManifest.providers) {
+        console.log(`[cloudwerk]   - ${provider.id} (${provider.type})`);
+      }
+    }
+  }
+  function isAuthFile(filePath) {
+    if (!state) return false;
+    const authDir = path3.resolve(state.options.root, state.options.appDir, AUTH_DIR);
+    if (!filePath.startsWith(authDir)) return false;
+    const ext = path3.extname(filePath);
+    return state.options.config.extensions.includes(ext);
+  }
   function isRouteFile(filePath) {
     if (!state) return false;
     const appDir = path3.resolve(state.options.root, state.options.appDir);
@@ -1825,6 +2179,15 @@ function cloudwerkPlugin(options = {}) {
     if (nameWithoutExt !== SERVICE_FILE_NAME) return false;
     return state.options.config.extensions.includes(ext);
   }
+  function isImageFile(filePath) {
+    if (!state) return false;
+    const imagesDir = path3.resolve(state.options.root, state.options.appDir, IMAGES_DIR);
+    if (!filePath.startsWith(imagesDir)) return false;
+    const relativePath = path3.relative(imagesDir, filePath);
+    if (relativePath.includes(path3.sep)) return false;
+    const ext = path3.extname(filePath);
+    return state.options.config.extensions.includes(ext);
+  }
   function invalidateVirtualModules() {
     if (!server) return;
     const idsToInvalidate = [
@@ -1919,6 +2282,10 @@ function cloudwerkPlugin(options = {}) {
         queueScanResult: null,
         serviceManifest: null,
         serviceScanResult: null,
+        imageManifest: null,
+        imageScanResult: null,
+        authManifest: null,
+        authScanResult: null,
         clientComponents: /* @__PURE__ */ new Map(),
         cssImports: /* @__PURE__ */ new Map(),
         serverEntryCache: null,
@@ -1927,6 +2294,8 @@ function cloudwerkPlugin(options = {}) {
       await buildManifest(root);
       await buildQueueManifestIfExists(root);
       await buildServiceManifestIfExists(root);
+      await buildImageManifestIfExists(root);
+      await buildAuthManifestIfExists(root);
       await scanClientComponents(root, state);
       await scanCssImports(root, state);
     },
@@ -1963,6 +2332,22 @@ function cloudwerkPlugin(options = {}) {
           await buildServiceManifestIfExists(state.options.root);
           invalidateVirtualModules();
         }
+        if (isImageFile(filePath)) {
+          const imagesDir = path3.resolve(root, state.options.appDir, IMAGES_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Image added: ${path3.relative(imagesDir, filePath)}`);
+          }
+          await buildImageManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
+        if (isAuthFile(filePath)) {
+          const authDir = path3.resolve(root, state.options.appDir, AUTH_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Auth file added: ${path3.relative(authDir, filePath)}`);
+          }
+          await buildAuthManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
       });
       devServer.watcher.on("unlink", async (filePath) => {
         if (isRouteFile(filePath)) {
@@ -1988,6 +2373,22 @@ function cloudwerkPlugin(options = {}) {
           await buildServiceManifestIfExists(state.options.root);
           invalidateVirtualModules();
         }
+        if (isImageFile(filePath)) {
+          const imagesDir = path3.resolve(root, state.options.appDir, IMAGES_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Image removed: ${path3.relative(imagesDir, filePath)}`);
+          }
+          await buildImageManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
+        if (isAuthFile(filePath)) {
+          const authDir = path3.resolve(root, state.options.appDir, AUTH_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Auth file removed: ${path3.relative(authDir, filePath)}`);
+          }
+          await buildAuthManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
       });
       devServer.watcher.on("change", async (filePath) => {
         if (isRouteFile(filePath)) {
@@ -2013,6 +2414,22 @@ function cloudwerkPlugin(options = {}) {
           await buildServiceManifestIfExists(state.options.root);
           invalidateVirtualModules();
         }
+        if (isImageFile(filePath)) {
+          const imagesDir = path3.resolve(root, state.options.appDir, IMAGES_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Image changed: ${path3.relative(imagesDir, filePath)}`);
+          }
+          await buildImageManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
+        if (isAuthFile(filePath)) {
+          const authDir = path3.resolve(root, state.options.appDir, AUTH_DIR);
+          if (state?.options.verbose) {
+            console.log(`[cloudwerk] Auth file changed: ${path3.relative(authDir, filePath)}`);
+          }
+          await buildAuthManifestIfExists(state.options.root);
+          invalidateVirtualModules();
+        }
         const wranglerPath2 = findWranglerTomlPath(root);
         if (wranglerPath2 && filePath === wranglerPath2) {
           if (verbose) {
@@ -2060,7 +2477,9 @@ function cloudwerkPlugin(options = {}) {
             state.options,
             {
               queueManifest: state.queueManifest,
-              serviceManifest: state.serviceManifest
+              serviceManifest: state.serviceManifest,
+              authManifest: state.authManifest,
+              cssImports: state.cssImports
             }
           );
         }
@@ -2130,6 +2549,13 @@ function cloudwerkPlugin(options = {}) {
             "getDurableObject",
             "hasDurableObject",
             "getDurableObjectNames",
+            "images",
+            "getImages",
+            "hasImages",
+            "getImagesNames",
+            "registerLocalImages",
+            "unregisterLocalImages",
+            "clearLocalImages",
             "createLazyBinding"
           ];
           const runtimeImports = [];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cloudwerk/vite-plugin",
-  "version": "0.6.3",
+  "version": "0.6.5",
   "description": "Vite plugin for Cloudwerk file-based routing with virtual entry generation",
   "repository": {
     "type": "git",