@crowi/api 2.0.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (887) hide show
  1. package/LICENSE +21 -0
  2. package/dist/app.d.ts +8 -0
  3. package/dist/app.js +65 -0
  4. package/dist/app.js.map +1 -0
  5. package/dist/collab/attach.d.ts +33 -0
  6. package/dist/collab/attach.js +341 -0
  7. package/dist/collab/attach.js.map +1 -0
  8. package/dist/collab/extension-redis.d.ts +25 -0
  9. package/dist/collab/extension-redis.js +133 -0
  10. package/dist/collab/extension-redis.js.map +1 -0
  11. package/dist/common/functions/path2name.d.ts +1 -0
  12. package/dist/common/functions/path2name.js +22 -0
  13. package/dist/common/functions/path2name.js.map +1 -0
  14. package/dist/common/functions/renderIcon.d.ts +1 -0
  15. package/dist/common/functions/renderIcon.js +9 -0
  16. package/dist/common/functions/renderIcon.js.map +1 -0
  17. package/dist/controllers/admin.d.ts +3 -0
  18. package/dist/controllers/admin.js +474 -0
  19. package/dist/controllers/admin.js.map +1 -0
  20. package/dist/controllers/attachment.d.ts +4 -0
  21. package/dist/controllers/attachment.js +200 -0
  22. package/dist/controllers/attachment.js.map +1 -0
  23. package/dist/controllers/backlink.d.ts +3 -0
  24. package/dist/controllers/backlink.js +42 -0
  25. package/dist/controllers/backlink.js.map +1 -0
  26. package/dist/controllers/bookmark.d.ts +3 -0
  27. package/dist/controllers/bookmark.js +100 -0
  28. package/dist/controllers/bookmark.js.map +1 -0
  29. package/dist/controllers/comment.d.ts +3 -0
  30. package/dist/controllers/comment.js +111 -0
  31. package/dist/controllers/comment.js.map +1 -0
  32. package/dist/controllers/index.d.ts +25 -0
  33. package/dist/controllers/index.js +44 -0
  34. package/dist/controllers/index.js.map +1 -0
  35. package/dist/controllers/installer.d.ts +3 -0
  36. package/dist/controllers/installer.js +48 -0
  37. package/dist/controllers/installer.js.map +1 -0
  38. package/dist/controllers/login.d.ts +4 -0
  39. package/dist/controllers/login.js +438 -0
  40. package/dist/controllers/login.js.map +1 -0
  41. package/dist/controllers/logout.d.ts +5 -0
  42. package/dist/controllers/logout.js +11 -0
  43. package/dist/controllers/logout.js.map +1 -0
  44. package/dist/controllers/me.d.ts +4 -0
  45. package/dist/controllers/me.js +369 -0
  46. package/dist/controllers/me.js.map +1 -0
  47. package/dist/controllers/notification.d.ts +3 -0
  48. package/dist/controllers/notification.js +88 -0
  49. package/dist/controllers/notification.js.map +1 -0
  50. package/dist/controllers/page.d.ts +3 -0
  51. package/dist/controllers/page.js +881 -0
  52. package/dist/controllers/page.js.map +1 -0
  53. package/dist/controllers/revision.d.ts +3 -0
  54. package/dist/controllers/revision.js +91 -0
  55. package/dist/controllers/revision.js.map +1 -0
  56. package/dist/controllers/search.d.ts +3 -0
  57. package/dist/controllers/search.js +93 -0
  58. package/dist/controllers/search.js.map +1 -0
  59. package/dist/controllers/share.d.ts +3 -0
  60. package/dist/controllers/share.js +207 -0
  61. package/dist/controllers/share.js.map +1 -0
  62. package/dist/controllers/shareAccess.d.ts +3 -0
  63. package/dist/controllers/shareAccess.js +28 -0
  64. package/dist/controllers/shareAccess.js.map +1 -0
  65. package/dist/controllers/slack.d.ts +3 -0
  66. package/dist/controllers/slack.js +87 -0
  67. package/dist/controllers/slack.js.map +1 -0
  68. package/dist/controllers/tokenAuth.d.ts +10 -0
  69. package/dist/controllers/tokenAuth.js +292 -0
  70. package/dist/controllers/tokenAuth.js.map +1 -0
  71. package/dist/controllers/user.d.ts +3 -0
  72. package/dist/controllers/user.js +67 -0
  73. package/dist/controllers/user.js.map +1 -0
  74. package/dist/controllers/version.d.ts +4 -0
  75. package/dist/controllers/version.js +19 -0
  76. package/dist/controllers/version.js.map +1 -0
  77. package/dist/crowi/express-init.d.ts +4 -0
  78. package/dist/crowi/express-init.js +101 -0
  79. package/dist/crowi/express-init.js.map +1 -0
  80. package/dist/crowi/index.d.ts +245 -0
  81. package/dist/crowi/index.js +726 -0
  82. package/dist/crowi/index.js.map +1 -0
  83. package/dist/events/activity.d.ts +7 -0
  84. package/dist/events/activity.js +15 -0
  85. package/dist/events/activity.js.map +1 -0
  86. package/dist/events/bookmark.d.ts +8 -0
  87. package/dist/events/bookmark.js +16 -0
  88. package/dist/events/bookmark.js.map +1 -0
  89. package/dist/events/comment.d.ts +6 -0
  90. package/dist/events/comment.js +14 -0
  91. package/dist/events/comment.js.map +1 -0
  92. package/dist/events/config.d.ts +6 -0
  93. package/dist/events/config.js +12 -0
  94. package/dist/events/config.js.map +1 -0
  95. package/dist/events/index.d.ts +17 -0
  96. package/dist/events/index.js +22 -0
  97. package/dist/events/index.js.map +1 -0
  98. package/dist/events/mention-dispatch.d.ts +44 -0
  99. package/dist/events/mention-dispatch.js +151 -0
  100. package/dist/events/mention-dispatch.js.map +1 -0
  101. package/dist/events/notification.d.ts +7 -0
  102. package/dist/events/notification.js +15 -0
  103. package/dist/events/notification.js.map +1 -0
  104. package/dist/events/page.d.ts +44 -0
  105. package/dist/events/page.js +134 -0
  106. package/dist/events/page.js.map +1 -0
  107. package/dist/events/render-cache.d.ts +24 -0
  108. package/dist/events/render-cache.js +63 -0
  109. package/dist/events/render-cache.js.map +1 -0
  110. package/dist/events/user.d.ts +9 -0
  111. package/dist/events/user.js +39 -0
  112. package/dist/events/user.js.map +1 -0
  113. package/dist/form/admin/app.d.ts +2 -0
  114. package/dist/form/admin/app.js +9 -0
  115. package/dist/form/admin/app.js.map +1 -0
  116. package/dist/form/admin/auth.d.ts +2 -0
  117. package/dist/form/admin/auth.js +9 -0
  118. package/dist/form/admin/auth.js.map +1 -0
  119. package/dist/form/admin/aws.d.ts +2 -0
  120. package/dist/form/admin/aws.js +13 -0
  121. package/dist/form/admin/aws.js.map +1 -0
  122. package/dist/form/admin/github.d.ts +2 -0
  123. package/dist/form/admin/github.js +15 -0
  124. package/dist/form/admin/github.js.map +1 -0
  125. package/dist/form/admin/google.d.ts +2 -0
  126. package/dist/form/admin/google.js +13 -0
  127. package/dist/form/admin/google.js.map +1 -0
  128. package/dist/form/admin/mail.d.ts +2 -0
  129. package/dist/form/admin/mail.js +13 -0
  130. package/dist/form/admin/mail.js.map +1 -0
  131. package/dist/form/admin/sec.d.ts +2 -0
  132. package/dist/form/admin/sec.js +10 -0
  133. package/dist/form/admin/sec.js.map +1 -0
  134. package/dist/form/admin/slackSetting.d.ts +2 -0
  135. package/dist/form/admin/slackSetting.js +13 -0
  136. package/dist/form/admin/slackSetting.js.map +1 -0
  137. package/dist/form/admin/userEdit.d.ts +2 -0
  138. package/dist/form/admin/userEdit.js +9 -0
  139. package/dist/form/admin/userEdit.js.map +1 -0
  140. package/dist/form/admin/userInvite.d.ts +2 -0
  141. package/dist/form/admin/userInvite.js +9 -0
  142. package/dist/form/admin/userInvite.js.map +1 -0
  143. package/dist/form/comment.d.ts +2 -0
  144. package/dist/form/comment.js +9 -0
  145. package/dist/form/comment.js.map +1 -0
  146. package/dist/form/index.d.ts +25 -0
  147. package/dist/form/index.js +48 -0
  148. package/dist/form/index.js.map +1 -0
  149. package/dist/form/invited.d.ts +2 -0
  150. package/dist/form/invited.js +13 -0
  151. package/dist/form/invited.js.map +1 -0
  152. package/dist/form/login.d.ts +2 -0
  153. package/dist/form/login.js +11 -0
  154. package/dist/form/login.js.map +1 -0
  155. package/dist/form/me/apiToken.d.ts +2 -0
  156. package/dist/form/me/apiToken.js +9 -0
  157. package/dist/form/me/apiToken.js.map +1 -0
  158. package/dist/form/me/password.d.ts +2 -0
  159. package/dist/form/me/password.js +11 -0
  160. package/dist/form/me/password.js.map +1 -0
  161. package/dist/form/me/user.d.ts +2 -0
  162. package/dist/form/me/user.js +9 -0
  163. package/dist/form/me/user.js.map +1 -0
  164. package/dist/form/register.d.ts +2 -0
  165. package/dist/form/register.js +13 -0
  166. package/dist/form/register.js.map +1 -0
  167. package/dist/form/revision.d.ts +2 -0
  168. package/dist/form/revision.js +13 -0
  169. package/dist/form/revision.js.map +1 -0
  170. package/dist/hono/app.d.ts +19 -0
  171. package/dist/hono/app.js +21 -0
  172. package/dist/hono/app.js.map +1 -0
  173. package/dist/hono/handlers/_helpers/errors.d.ts +61 -0
  174. package/dist/hono/handlers/_helpers/errors.js +51 -0
  175. package/dist/hono/handlers/_helpers/errors.js.map +1 -0
  176. package/dist/hono/handlers/_helpers/user-shape.d.ts +46 -0
  177. package/dist/hono/handlers/_helpers/user-shape.js +23 -0
  178. package/dist/hono/handlers/_helpers/user-shape.js.map +1 -0
  179. package/dist/hono/handlers/access-token.d.ts +221 -0
  180. package/dist/hono/handlers/access-token.js +113 -0
  181. package/dist/hono/handlers/access-token.js.map +1 -0
  182. package/dist/hono/handlers/activation.d.ts +117 -0
  183. package/dist/hono/handlers/activation.js +77 -0
  184. package/dist/hono/handlers/activation.js.map +1 -0
  185. package/dist/hono/handlers/admin/app.d.ts +123 -0
  186. package/dist/hono/handlers/admin/app.js +76 -0
  187. package/dist/hono/handlers/admin/app.js.map +1 -0
  188. package/dist/hono/handlers/admin/auth.d.ts +127 -0
  189. package/dist/hono/handlers/admin/auth.js +91 -0
  190. package/dist/hono/handlers/admin/auth.js.map +1 -0
  191. package/dist/hono/handlers/admin/mail.d.ts +168 -0
  192. package/dist/hono/handlers/admin/mail.js +76 -0
  193. package/dist/hono/handlers/admin/mail.js.map +1 -0
  194. package/dist/hono/handlers/admin/plugins.d.ts +409 -0
  195. package/dist/hono/handlers/admin/plugins.js +257 -0
  196. package/dist/hono/handlers/admin/plugins.js.map +1 -0
  197. package/dist/hono/handlers/admin/search.d.ts +57 -0
  198. package/dist/hono/handlers/admin/search.js +55 -0
  199. package/dist/hono/handlers/admin/search.js.map +1 -0
  200. package/dist/hono/handlers/admin/security.d.ts +112 -0
  201. package/dist/hono/handlers/admin/security.js +71 -0
  202. package/dist/hono/handlers/admin/security.js.map +1 -0
  203. package/dist/hono/handlers/admin/share.d.ts +106 -0
  204. package/dist/hono/handlers/admin/share.js +55 -0
  205. package/dist/hono/handlers/admin/share.js.map +1 -0
  206. package/dist/hono/handlers/admin/storage.d.ts +55 -0
  207. package/dist/hono/handlers/admin/storage.js +40 -0
  208. package/dist/hono/handlers/admin/storage.js.map +1 -0
  209. package/dist/hono/handlers/admin/users.d.ts +1230 -0
  210. package/dist/hono/handlers/admin/users.js +316 -0
  211. package/dist/hono/handlers/admin/users.js.map +1 -0
  212. package/dist/hono/handlers/adminCrypto.d.ts +110 -0
  213. package/dist/hono/handlers/adminCrypto.js +151 -0
  214. package/dist/hono/handlers/adminCrypto.js.map +1 -0
  215. package/dist/hono/handlers/app.d.ts +26 -0
  216. package/dist/hono/handlers/app.js +34 -0
  217. package/dist/hono/handlers/app.js.map +1 -0
  218. package/dist/hono/handlers/attachment-stream.d.ts +4 -0
  219. package/dist/hono/handlers/attachment-stream.js +211 -0
  220. package/dist/hono/handlers/attachment-stream.js.map +1 -0
  221. package/dist/hono/handlers/attachment.d.ts +687 -0
  222. package/dist/hono/handlers/attachment.js +566 -0
  223. package/dist/hono/handlers/attachment.js.map +1 -0
  224. package/dist/hono/handlers/autocomplete.d.ts +160 -0
  225. package/dist/hono/handlers/autocomplete.js +181 -0
  226. package/dist/hono/handlers/autocomplete.js.map +1 -0
  227. package/dist/hono/handlers/backlink.d.ts +78 -0
  228. package/dist/hono/handlers/backlink.js +93 -0
  229. package/dist/hono/handlers/backlink.js.map +1 -0
  230. package/dist/hono/handlers/bookmark.d.ts +558 -0
  231. package/dist/hono/handlers/bookmark.js +166 -0
  232. package/dist/hono/handlers/bookmark.js.map +1 -0
  233. package/dist/hono/handlers/comment.d.ts +231 -0
  234. package/dist/hono/handlers/comment.js +191 -0
  235. package/dist/hono/handlers/comment.js.map +1 -0
  236. package/dist/hono/handlers/draft.d.ts +136 -0
  237. package/dist/hono/handlers/draft.js +191 -0
  238. package/dist/hono/handlers/draft.js.map +1 -0
  239. package/dist/hono/handlers/emailChange.d.ts +124 -0
  240. package/dist/hono/handlers/emailChange.js +79 -0
  241. package/dist/hono/handlers/emailChange.js.map +1 -0
  242. package/dist/hono/handlers/installer.d.ts +94 -0
  243. package/dist/hono/handlers/installer.js +93 -0
  244. package/dist/hono/handlers/installer.js.map +1 -0
  245. package/dist/hono/handlers/inviteAccept.d.ts +180 -0
  246. package/dist/hono/handlers/inviteAccept.js +94 -0
  247. package/dist/hono/handlers/inviteAccept.js.map +1 -0
  248. package/dist/hono/handlers/me.d.ts +401 -0
  249. package/dist/hono/handlers/me.js +390 -0
  250. package/dist/hono/handlers/me.js.map +1 -0
  251. package/dist/hono/handlers/notification.d.ts +274 -0
  252. package/dist/hono/handlers/notification.js +224 -0
  253. package/dist/hono/handlers/notification.js.map +1 -0
  254. package/dist/hono/handlers/oauth.d.ts +299 -0
  255. package/dist/hono/handlers/oauth.js +443 -0
  256. package/dist/hono/handlers/oauth.js.map +1 -0
  257. package/dist/hono/handlers/page-collab.d.ts +79 -0
  258. package/dist/hono/handlers/page-collab.js +98 -0
  259. package/dist/hono/handlers/page-collab.js.map +1 -0
  260. package/dist/hono/handlers/page-preview.d.ts +48 -0
  261. package/dist/hono/handlers/page-preview.js +83 -0
  262. package/dist/hono/handlers/page-preview.js.map +1 -0
  263. package/dist/hono/handlers/page.d.ts +2059 -0
  264. package/dist/hono/handlers/page.js +793 -0
  265. package/dist/hono/handlers/page.js.map +1 -0
  266. package/dist/hono/handlers/passwordReset.d.ts +181 -0
  267. package/dist/hono/handlers/passwordReset.js +101 -0
  268. package/dist/hono/handlers/passwordReset.js.map +1 -0
  269. package/dist/hono/handlers/presence.d.ts +178 -0
  270. package/dist/hono/handlers/presence.js +163 -0
  271. package/dist/hono/handlers/presence.js.map +1 -0
  272. package/dist/hono/handlers/revision.d.ts +345 -0
  273. package/dist/hono/handlers/revision.js +202 -0
  274. package/dist/hono/handlers/revision.js.map +1 -0
  275. package/dist/hono/handlers/search.d.ts +208 -0
  276. package/dist/hono/handlers/search.js +152 -0
  277. package/dist/hono/handlers/search.js.map +1 -0
  278. package/dist/hono/handlers/tokenAuth.d.ts +369 -0
  279. package/dist/hono/handlers/tokenAuth.js +240 -0
  280. package/dist/hono/handlers/tokenAuth.js.map +1 -0
  281. package/dist/hono/handlers/user.d.ts +710 -0
  282. package/dist/hono/handlers/user.js +212 -0
  283. package/dist/hono/handlers/user.js.map +1 -0
  284. package/dist/hono/index.d.ts +289 -0
  285. package/dist/hono/index.js +240 -0
  286. package/dist/hono/index.js.map +1 -0
  287. package/dist/hono/middleware/admin.d.ts +5 -0
  288. package/dist/hono/middleware/admin.js +34 -0
  289. package/dist/hono/middleware/admin.js.map +1 -0
  290. package/dist/hono/middleware/auth.d.ts +54 -0
  291. package/dist/hono/middleware/auth.js +142 -0
  292. package/dist/hono/middleware/auth.js.map +1 -0
  293. package/dist/hono/middleware/cors.d.ts +3 -0
  294. package/dist/hono/middleware/cors.js +86 -0
  295. package/dist/hono/middleware/cors.js.map +1 -0
  296. package/dist/hono/middleware/default-hook.d.ts +8 -0
  297. package/dist/hono/middleware/default-hook.js +17 -0
  298. package/dist/hono/middleware/default-hook.js.map +1 -0
  299. package/dist/hono/middleware/error-handler.d.ts +2 -0
  300. package/dist/hono/middleware/error-handler.js +20 -0
  301. package/dist/hono/middleware/error-handler.js.map +1 -0
  302. package/dist/hono/middleware/rate-limit.d.ts +57 -0
  303. package/dist/hono/middleware/rate-limit.js +42 -0
  304. package/dist/hono/middleware/rate-limit.js.map +1 -0
  305. package/dist/hono/middleware/require-scope.d.ts +50 -0
  306. package/dist/hono/middleware/require-scope.js +64 -0
  307. package/dist/hono/middleware/require-scope.js.map +1 -0
  308. package/dist/hono/path-rewrite.d.ts +15 -0
  309. package/dist/hono/path-rewrite.js +59 -0
  310. package/dist/hono/path-rewrite.js.map +1 -0
  311. package/dist/mail/i18n/en.d.ts +2 -0
  312. package/dist/mail/i18n/en.js +66 -0
  313. package/dist/mail/i18n/en.js.map +1 -0
  314. package/dist/mail/i18n/index.d.ts +46 -0
  315. package/dist/mail/i18n/index.js +31 -0
  316. package/dist/mail/i18n/index.js.map +1 -0
  317. package/dist/mail/i18n/ja.d.ts +2 -0
  318. package/dist/mail/i18n/ja.js +66 -0
  319. package/dist/mail/i18n/ja.js.map +1 -0
  320. package/dist/mcp/attach.d.ts +25 -0
  321. package/dist/mcp/attach.js +104 -0
  322. package/dist/mcp/attach.js.map +1 -0
  323. package/dist/mcp/dispatch.d.ts +59 -0
  324. package/dist/mcp/dispatch.js +70 -0
  325. package/dist/mcp/dispatch.js.map +1 -0
  326. package/dist/mcp/result.d.ts +40 -0
  327. package/dist/mcp/result.js +78 -0
  328. package/dist/mcp/result.js.map +1 -0
  329. package/dist/mcp/server.d.ts +67 -0
  330. package/dist/mcp/server.js +113 -0
  331. package/dist/mcp/server.js.map +1 -0
  332. package/dist/mcp/tools/page.d.ts +2 -0
  333. package/dist/mcp/tools/page.js +256 -0
  334. package/dist/mcp/tools/page.js.map +1 -0
  335. package/dist/mcp/tools/search.d.ts +2 -0
  336. package/dist/mcp/tools/search.js +36 -0
  337. package/dist/mcp/tools/search.js.map +1 -0
  338. package/dist/middlewares/accessTokenParser.d.ts +4 -0
  339. package/dist/middlewares/accessTokenParser.js +29 -0
  340. package/dist/middlewares/accessTokenParser.js.map +1 -0
  341. package/dist/middlewares/adminRequired.d.ts +10 -0
  342. package/dist/middlewares/adminRequired.js +35 -0
  343. package/dist/middlewares/adminRequired.js.map +1 -0
  344. package/dist/middlewares/applicationInstalled.d.ts +3 -0
  345. package/dist/middlewares/applicationInstalled.js +20 -0
  346. package/dist/middlewares/applicationInstalled.js.map +1 -0
  347. package/dist/middlewares/applicationNotInstalled.d.ts +3 -0
  348. package/dist/middlewares/applicationNotInstalled.js +13 -0
  349. package/dist/middlewares/applicationNotInstalled.js.map +1 -0
  350. package/dist/middlewares/basicAuth.d.ts +4 -0
  351. package/dist/middlewares/basicAuth.js +23 -0
  352. package/dist/middlewares/basicAuth.js.map +1 -0
  353. package/dist/middlewares/csrfVerify.d.ts +4 -0
  354. package/dist/middlewares/csrfVerify.js +24 -0
  355. package/dist/middlewares/csrfVerify.js.map +1 -0
  356. package/dist/middlewares/encodeSpace.d.ts +3 -0
  357. package/dist/middlewares/encodeSpace.js +14 -0
  358. package/dist/middlewares/encodeSpace.js.map +1 -0
  359. package/dist/middlewares/fileAccessRightOrLoginRequired.d.ts +4 -0
  360. package/dist/middlewares/fileAccessRightOrLoginRequired.js +29 -0
  361. package/dist/middlewares/fileAccessRightOrLoginRequired.js.map +1 -0
  362. package/dist/middlewares/index.d.ts +16 -0
  363. package/dist/middlewares/index.js +30 -0
  364. package/dist/middlewares/index.js.map +1 -0
  365. package/dist/middlewares/jwtAdminRequired.d.ts +8 -0
  366. package/dist/middlewares/jwtAdminRequired.js +35 -0
  367. package/dist/middlewares/jwtAdminRequired.js.map +1 -0
  368. package/dist/middlewares/jwtAuth.d.ts +4 -0
  369. package/dist/middlewares/jwtAuth.js +104 -0
  370. package/dist/middlewares/jwtAuth.js.map +1 -0
  371. package/dist/middlewares/loginChecker.d.ts +4 -0
  372. package/dist/middlewares/loginChecker.js +32 -0
  373. package/dist/middlewares/loginChecker.js.map +1 -0
  374. package/dist/middlewares/loginRequired.d.ts +4 -0
  375. package/dist/middlewares/loginRequired.js +88 -0
  376. package/dist/middlewares/loginRequired.js.map +1 -0
  377. package/dist/migration/cli-api.d.ts +83 -0
  378. package/dist/migration/cli-api.js +128 -0
  379. package/dist/migration/cli-api.js.map +1 -0
  380. package/dist/migration/migrations/index.d.ts +12 -0
  381. package/dist/migration/migrations/index.js +24 -0
  382. package/dist/migration/migrations/index.js.map +1 -0
  383. package/dist/migration/migrations/page-status-default.d.ts +25 -0
  384. package/dist/migration/migrations/page-status-default.js +79 -0
  385. package/dist/migration/migrations/page-status-default.js.map +1 -0
  386. package/dist/migration/migrations/revisions-schema-unify.d.ts +33 -0
  387. package/dist/migration/migrations/revisions-schema-unify.js +88 -0
  388. package/dist/migration/migrations/revisions-schema-unify.js.map +1 -0
  389. package/dist/migration/migrations/user-unique-prepare.d.ts +1 -0
  390. package/dist/migration/migrations/user-unique-prepare.js +214 -0
  391. package/dist/migration/migrations/user-unique-prepare.js.map +1 -0
  392. package/dist/migration/migrations/wikilink-format.d.ts +97 -0
  393. package/dist/migration/migrations/wikilink-format.js +418 -0
  394. package/dist/migration/migrations/wikilink-format.js.map +1 -0
  395. package/dist/migration/rebuild-api.d.ts +50 -0
  396. package/dist/migration/rebuild-api.js +45 -0
  397. package/dist/migration/rebuild-api.js.map +1 -0
  398. package/dist/migration/rebuild-runner.d.ts +64 -0
  399. package/dist/migration/rebuild-runner.js +42 -0
  400. package/dist/migration/rebuild-runner.js.map +1 -0
  401. package/dist/migration/rebuilds/index.d.ts +26 -0
  402. package/dist/migration/rebuilds/index.js +69 -0
  403. package/dist/migration/rebuilds/index.js.map +1 -0
  404. package/dist/migration/registry.d.ts +15 -0
  405. package/dist/migration/registry.js +96 -0
  406. package/dist/migration/registry.js.map +1 -0
  407. package/dist/migration/run-boot-migrations.d.ts +31 -0
  408. package/dist/migration/run-boot-migrations.js +95 -0
  409. package/dist/migration/run-boot-migrations.js.map +1 -0
  410. package/dist/migration/runner.d.ts +120 -0
  411. package/dist/migration/runner.js +276 -0
  412. package/dist/migration/runner.js.map +1 -0
  413. package/dist/migration/types.d.ts +153 -0
  414. package/dist/migration/types.js +13 -0
  415. package/dist/migration/types.js.map +1 -0
  416. package/dist/models/activity.d.ts +34 -0
  417. package/dist/models/activity.js +263 -0
  418. package/dist/models/activity.js.map +1 -0
  419. package/dist/models/attachment.d.ts +25 -0
  420. package/dist/models/attachment.js +82 -0
  421. package/dist/models/attachment.js.map +1 -0
  422. package/dist/models/backlink.d.ts +19 -0
  423. package/dist/models/backlink.js +138 -0
  424. package/dist/models/backlink.js.map +1 -0
  425. package/dist/models/bookmark.d.ts +28 -0
  426. package/dist/models/bookmark.js +136 -0
  427. package/dist/models/bookmark.js.map +1 -0
  428. package/dist/models/comment.d.ts +21 -0
  429. package/dist/models/comment.js +87 -0
  430. package/dist/models/comment.js.map +1 -0
  431. package/dist/models/config-sensitive.d.ts +21 -0
  432. package/dist/models/config-sensitive.js +71 -0
  433. package/dist/models/config-sensitive.js.map +1 -0
  434. package/dist/models/config.d.ts +34 -0
  435. package/dist/models/config.js +161 -0
  436. package/dist/models/config.js.map +1 -0
  437. package/dist/models/index.d.ts +30 -0
  438. package/dist/models/index.js +55 -0
  439. package/dist/models/index.js.map +1 -0
  440. package/dist/models/migration-application.d.ts +54 -0
  441. package/dist/models/migration-application.js +36 -0
  442. package/dist/models/migration-application.js.map +1 -0
  443. package/dist/models/notification.d.ts +28 -0
  444. package/dist/models/notification.js +285 -0
  445. package/dist/models/notification.js.map +1 -0
  446. package/dist/models/oauth-authorization-code.d.ts +34 -0
  447. package/dist/models/oauth-authorization-code.js +100 -0
  448. package/dist/models/oauth-authorization-code.js.map +1 -0
  449. package/dist/models/oauth-client.d.ts +36 -0
  450. package/dist/models/oauth-client.js +56 -0
  451. package/dist/models/oauth-client.js.map +1 -0
  452. package/dist/models/oauth-device-code.d.ts +55 -0
  453. package/dist/models/oauth-device-code.js +158 -0
  454. package/dist/models/oauth-device-code.js.map +1 -0
  455. package/dist/models/oauth-refresh-token.d.ts +31 -0
  456. package/dist/models/oauth-refresh-token.js +118 -0
  457. package/dist/models/oauth-refresh-token.js.map +1 -0
  458. package/dist/models/page-yjs-update.d.ts +35 -0
  459. package/dist/models/page-yjs-update.js +33 -0
  460. package/dist/models/page-yjs-update.js.map +1 -0
  461. package/dist/models/page.d.ts +200 -0
  462. package/dist/models/page.js +1117 -0
  463. package/dist/models/page.js.map +1 -0
  464. package/dist/models/personal-access-token.d.ts +30 -0
  465. package/dist/models/personal-access-token.js +107 -0
  466. package/dist/models/personal-access-token.js.map +1 -0
  467. package/dist/models/plugin-render-cache.d.ts +40 -0
  468. package/dist/models/plugin-render-cache.js +39 -0
  469. package/dist/models/plugin-render-cache.js.map +1 -0
  470. package/dist/models/revision.d.ts +145 -0
  471. package/dist/models/revision.js +241 -0
  472. package/dist/models/revision.js.map +1 -0
  473. package/dist/models/share.d.ts +38 -0
  474. package/dist/models/share.js +137 -0
  475. package/dist/models/share.js.map +1 -0
  476. package/dist/models/shareAccess.d.ts +20 -0
  477. package/dist/models/shareAccess.js +45 -0
  478. package/dist/models/shareAccess.js.map +1 -0
  479. package/dist/models/tracking.d.ts +14 -0
  480. package/dist/models/tracking.js +14 -0
  481. package/dist/models/tracking.js.map +1 -0
  482. package/dist/models/updatePost.d.ts +25 -0
  483. package/dist/models/updatePost.js +87 -0
  484. package/dist/models/updatePost.js.map +1 -0
  485. package/dist/models/user.d.ts +144 -0
  486. package/dist/models/user.js +681 -0
  487. package/dist/models/user.js.map +1 -0
  488. package/dist/models/watcher.d.ts +23 -0
  489. package/dist/models/watcher.js +75 -0
  490. package/dist/models/watcher.js.map +1 -0
  491. package/dist/notifications/attach.d.ts +63 -0
  492. package/dist/notifications/attach.js +426 -0
  493. package/dist/notifications/attach.js.map +1 -0
  494. package/dist/notifications/channel.d.ts +13 -0
  495. package/dist/notifications/channel.js +18 -0
  496. package/dist/notifications/channel.js.map +1 -0
  497. package/dist/plugin/index.d.ts +2 -0
  498. package/dist/plugin/index.js +6 -0
  499. package/dist/plugin/index.js.map +1 -0
  500. package/dist/plugin/plugin-context.d.ts +22 -0
  501. package/dist/plugin/plugin-context.js +126 -0
  502. package/dist/plugin/plugin-context.js.map +1 -0
  503. package/dist/plugin/plugin-manager.d.ts +164 -0
  504. package/dist/plugin/plugin-manager.js +328 -0
  505. package/dist/plugin/plugin-manager.js.map +1 -0
  506. package/dist/plugin/plugin-namespace.d.ts +28 -0
  507. package/dist/plugin/plugin-namespace.js +53 -0
  508. package/dist/plugin/plugin-namespace.js.map +1 -0
  509. package/dist/plugin/registries.d.ts +38 -0
  510. package/dist/plugin/registries.js +71 -0
  511. package/dist/plugin/registries.js.map +1 -0
  512. package/dist/plugin/schema-serializer.d.ts +34 -0
  513. package/dist/plugin/schema-serializer.js +122 -0
  514. package/dist/plugin/schema-serializer.js.map +1 -0
  515. package/dist/plugin/topo-sort.d.ts +15 -0
  516. package/dist/plugin/topo-sort.js +59 -0
  517. package/dist/plugin/topo-sort.js.map +1 -0
  518. package/dist/presence/attach.d.ts +36 -0
  519. package/dist/presence/attach.js +399 -0
  520. package/dist/presence/attach.js.map +1 -0
  521. package/dist/renderer/__fixtures__/echo-embed.d.ts +27 -0
  522. package/dist/renderer/__fixtures__/echo-embed.js +24 -0
  523. package/dist/renderer/__fixtures__/echo-embed.js.map +1 -0
  524. package/dist/renderer/cache/index.d.ts +60 -0
  525. package/dist/renderer/cache/index.js +219 -0
  526. package/dist/renderer/cache/index.js.map +1 -0
  527. package/dist/renderer/cache/mongodb-cache.d.ts +82 -0
  528. package/dist/renderer/cache/mongodb-cache.js +180 -0
  529. package/dist/renderer/cache/mongodb-cache.js.map +1 -0
  530. package/dist/renderer/cache/reservation.d.ts +20 -0
  531. package/dist/renderer/cache/reservation.js +115 -0
  532. package/dist/renderer/cache/reservation.js.map +1 -0
  533. package/dist/renderer/core/_mdast-walk.d.ts +35 -0
  534. package/dist/renderer/core/_mdast-walk.js +45 -0
  535. package/dist/renderer/core/_mdast-walk.js.map +1 -0
  536. package/dist/renderer/core/code-block-dispatch.d.ts +31 -0
  537. package/dist/renderer/core/code-block-dispatch.js +166 -0
  538. package/dist/renderer/core/code-block-dispatch.js.map +1 -0
  539. package/dist/renderer/core/code-blocks.d.ts +12 -0
  540. package/dist/renderer/core/code-blocks.js +32 -0
  541. package/dist/renderer/core/code-blocks.js.map +1 -0
  542. package/dist/renderer/core/embed-tags.d.ts +14 -0
  543. package/dist/renderer/core/embed-tags.js +154 -0
  544. package/dist/renderer/core/embed-tags.js.map +1 -0
  545. package/dist/renderer/core/headings.d.ts +16 -0
  546. package/dist/renderer/core/headings.js +31 -0
  547. package/dist/renderer/core/headings.js.map +1 -0
  548. package/dist/renderer/core/index.d.ts +65 -0
  549. package/dist/renderer/core/index.js +83 -0
  550. package/dist/renderer/core/index.js.map +1 -0
  551. package/dist/renderer/core/mention-resolve.d.ts +39 -0
  552. package/dist/renderer/core/mention-resolve.js +75 -0
  553. package/dist/renderer/core/mention-resolve.js.map +1 -0
  554. package/dist/renderer/core/mentions.d.ts +2 -0
  555. package/dist/renderer/core/mentions.js +83 -0
  556. package/dist/renderer/core/mentions.js.map +1 -0
  557. package/dist/renderer/core/syntax-highlight.d.ts +21 -0
  558. package/dist/renderer/core/syntax-highlight.js +64 -0
  559. package/dist/renderer/core/syntax-highlight.js.map +1 -0
  560. package/dist/renderer/core/url-inline-expand.d.ts +9 -0
  561. package/dist/renderer/core/url-inline-expand.js +157 -0
  562. package/dist/renderer/core/url-inline-expand.js.map +1 -0
  563. package/dist/renderer/core/wikilinks.d.ts +2 -0
  564. package/dist/renderer/core/wikilinks.js +118 -0
  565. package/dist/renderer/core/wikilinks.js.map +1 -0
  566. package/dist/renderer/index.d.ts +67 -0
  567. package/dist/renderer/index.js +99 -0
  568. package/dist/renderer/index.js.map +1 -0
  569. package/dist/renderer/pipeline.d.ts +134 -0
  570. package/dist/renderer/pipeline.js +203 -0
  571. package/dist/renderer/pipeline.js.map +1 -0
  572. package/dist/renderer/registry.d.ts +83 -0
  573. package/dist/renderer/registry.js +130 -0
  574. package/dist/renderer/registry.js.map +1 -0
  575. package/dist/renderer/serialize.d.ts +27 -0
  576. package/dist/renderer/serialize.js +46 -0
  577. package/dist/renderer/serialize.js.map +1 -0
  578. package/dist/renderer/version.d.ts +30 -0
  579. package/dist/renderer/version.js +34 -0
  580. package/dist/renderer/version.js.map +1 -0
  581. package/dist/routes/admin.d.ts +4 -0
  582. package/dist/routes/admin.js +17 -0
  583. package/dist/routes/admin.js.map +1 -0
  584. package/dist/routes/api/admin.d.ts +4 -0
  585. package/dist/routes/api/admin.js +37 -0
  586. package/dist/routes/api/admin.js.map +1 -0
  587. package/dist/routes/api/attachment.d.ts +4 -0
  588. package/dist/routes/api/attachment.js +19 -0
  589. package/dist/routes/api/attachment.js.map +1 -0
  590. package/dist/routes/api/bookmark.d.ts +4 -0
  591. package/dist/routes/api/bookmark.js +15 -0
  592. package/dist/routes/api/bookmark.js.map +1 -0
  593. package/dist/routes/api/comment.d.ts +4 -0
  594. package/dist/routes/api/comment.js +14 -0
  595. package/dist/routes/api/comment.js.map +1 -0
  596. package/dist/routes/api/index.d.ts +4 -0
  597. package/dist/routes/api/index.js +36 -0
  598. package/dist/routes/api/index.js.map +1 -0
  599. package/dist/routes/api/like.d.ts +4 -0
  600. package/dist/routes/api/like.js +13 -0
  601. package/dist/routes/api/like.js.map +1 -0
  602. package/dist/routes/api/notification.d.ts +4 -0
  603. package/dist/routes/api/notification.js +15 -0
  604. package/dist/routes/api/notification.js.map +1 -0
  605. package/dist/routes/api/page.d.ts +4 -0
  606. package/dist/routes/api/page.js +24 -0
  607. package/dist/routes/api/page.js.map +1 -0
  608. package/dist/routes/api/revision.d.ts +4 -0
  609. package/dist/routes/api/revision.js +14 -0
  610. package/dist/routes/api/revision.js.map +1 -0
  611. package/dist/routes/api/share.d.ts +4 -0
  612. package/dist/routes/api/share.js +16 -0
  613. package/dist/routes/api/share.js.map +1 -0
  614. package/dist/routes/api/version.d.ts +4 -0
  615. package/dist/routes/api/version.js +10 -0
  616. package/dist/routes/api/version.js.map +1 -0
  617. package/dist/routes/index.d.ts +4 -0
  618. package/dist/routes/index.js +71 -0
  619. package/dist/routes/index.js.map +1 -0
  620. package/dist/routes/login.d.ts +4 -0
  621. package/dist/routes/login.js +18 -0
  622. package/dist/routes/login.js.map +1 -0
  623. package/dist/routes/me.d.ts +4 -0
  624. package/dist/routes/me.js +24 -0
  625. package/dist/routes/me.js.map +1 -0
  626. package/dist/routes/ts-rest/admin/app.d.ts +4 -0
  627. package/dist/routes/ts-rest/admin/app.js +67 -0
  628. package/dist/routes/ts-rest/admin/app.js.map +1 -0
  629. package/dist/routes/ts-rest/admin/auth.d.ts +4 -0
  630. package/dist/routes/ts-rest/admin/auth.js +95 -0
  631. package/dist/routes/ts-rest/admin/auth.js.map +1 -0
  632. package/dist/routes/ts-rest/admin/index.d.ts +10 -0
  633. package/dist/routes/ts-rest/admin/index.js +35 -0
  634. package/dist/routes/ts-rest/admin/index.js.map +1 -0
  635. package/dist/routes/ts-rest/admin/mail.d.ts +4 -0
  636. package/dist/routes/ts-rest/admin/mail.js +156 -0
  637. package/dist/routes/ts-rest/admin/mail.js.map +1 -0
  638. package/dist/routes/ts-rest/admin/plugins.d.ts +4 -0
  639. package/dist/routes/ts-rest/admin/plugins.js +317 -0
  640. package/dist/routes/ts-rest/admin/plugins.js.map +1 -0
  641. package/dist/routes/ts-rest/admin/search.d.ts +4 -0
  642. package/dist/routes/ts-rest/admin/search.js +67 -0
  643. package/dist/routes/ts-rest/admin/search.js.map +1 -0
  644. package/dist/routes/ts-rest/admin/security.d.ts +4 -0
  645. package/dist/routes/ts-rest/admin/security.js +114 -0
  646. package/dist/routes/ts-rest/admin/security.js.map +1 -0
  647. package/dist/routes/ts-rest/admin/share.d.ts +4 -0
  648. package/dist/routes/ts-rest/admin/share.js +69 -0
  649. package/dist/routes/ts-rest/admin/share.js.map +1 -0
  650. package/dist/routes/ts-rest/admin/storage.d.ts +4 -0
  651. package/dist/routes/ts-rest/admin/storage.js +59 -0
  652. package/dist/routes/ts-rest/admin/storage.js.map +1 -0
  653. package/dist/routes/ts-rest/admin/users.d.ts +4 -0
  654. package/dist/routes/ts-rest/admin/users.js +215 -0
  655. package/dist/routes/ts-rest/admin/users.js.map +1 -0
  656. package/dist/routes/ts-rest/adminCrypto.d.ts +4 -0
  657. package/dist/routes/ts-rest/adminCrypto.js +111 -0
  658. package/dist/routes/ts-rest/adminCrypto.js.map +1 -0
  659. package/dist/routes/ts-rest/app.d.ts +4 -0
  660. package/dist/routes/ts-rest/app.js +23 -0
  661. package/dist/routes/ts-rest/app.js.map +1 -0
  662. package/dist/routes/ts-rest/attachment.d.ts +4 -0
  663. package/dist/routes/ts-rest/attachment.js +830 -0
  664. package/dist/routes/ts-rest/attachment.js.map +1 -0
  665. package/dist/routes/ts-rest/auth.d.ts +4 -0
  666. package/dist/routes/ts-rest/auth.js +70 -0
  667. package/dist/routes/ts-rest/auth.js.map +1 -0
  668. package/dist/routes/ts-rest/autocomplete.d.ts +30 -0
  669. package/dist/routes/ts-rest/autocomplete.js +189 -0
  670. package/dist/routes/ts-rest/autocomplete.js.map +1 -0
  671. package/dist/routes/ts-rest/backlink.d.ts +4 -0
  672. package/dist/routes/ts-rest/backlink.js +106 -0
  673. package/dist/routes/ts-rest/backlink.js.map +1 -0
  674. package/dist/routes/ts-rest/bookmark.d.ts +4 -0
  675. package/dist/routes/ts-rest/bookmark.js +189 -0
  676. package/dist/routes/ts-rest/bookmark.js.map +1 -0
  677. package/dist/routes/ts-rest/comment.d.ts +4 -0
  678. package/dist/routes/ts-rest/comment.js +217 -0
  679. package/dist/routes/ts-rest/comment.js.map +1 -0
  680. package/dist/routes/ts-rest/draft.d.ts +22 -0
  681. package/dist/routes/ts-rest/draft.js +200 -0
  682. package/dist/routes/ts-rest/draft.js.map +1 -0
  683. package/dist/routes/ts-rest/index.d.ts +4 -0
  684. package/dist/routes/ts-rest/index.js +103 -0
  685. package/dist/routes/ts-rest/index.js.map +1 -0
  686. package/dist/routes/ts-rest/installer.d.ts +4 -0
  687. package/dist/routes/ts-rest/installer.js +77 -0
  688. package/dist/routes/ts-rest/installer.js.map +1 -0
  689. package/dist/routes/ts-rest/me.d.ts +4 -0
  690. package/dist/routes/ts-rest/me.js +410 -0
  691. package/dist/routes/ts-rest/me.js.map +1 -0
  692. package/dist/routes/ts-rest/notification.d.ts +4 -0
  693. package/dist/routes/ts-rest/notification.js +241 -0
  694. package/dist/routes/ts-rest/notification.js.map +1 -0
  695. package/dist/routes/ts-rest/page-collab.d.ts +29 -0
  696. package/dist/routes/ts-rest/page-collab.js +90 -0
  697. package/dist/routes/ts-rest/page-collab.js.map +1 -0
  698. package/dist/routes/ts-rest/page-preview.d.ts +26 -0
  699. package/dist/routes/ts-rest/page-preview.js +80 -0
  700. package/dist/routes/ts-rest/page-preview.js.map +1 -0
  701. package/dist/routes/ts-rest/page.d.ts +4 -0
  702. package/dist/routes/ts-rest/page.js +676 -0
  703. package/dist/routes/ts-rest/page.js.map +1 -0
  704. package/dist/routes/ts-rest/presence.d.ts +30 -0
  705. package/dist/routes/ts-rest/presence.js +155 -0
  706. package/dist/routes/ts-rest/presence.js.map +1 -0
  707. package/dist/routes/ts-rest/revision.d.ts +4 -0
  708. package/dist/routes/ts-rest/revision.js +240 -0
  709. package/dist/routes/ts-rest/revision.js.map +1 -0
  710. package/dist/routes/ts-rest/search.d.ts +4 -0
  711. package/dist/routes/ts-rest/search.js +121 -0
  712. package/dist/routes/ts-rest/search.js.map +1 -0
  713. package/dist/routes/ts-rest/tokenAuth.d.ts +4 -0
  714. package/dist/routes/ts-rest/tokenAuth.js +94 -0
  715. package/dist/routes/ts-rest/tokenAuth.js.map +1 -0
  716. package/dist/routes/ts-rest/user.d.ts +4 -0
  717. package/dist/routes/ts-rest/user.js +307 -0
  718. package/dist/routes/ts-rest/user.js.map +1 -0
  719. package/dist/service/config.d.ts +50 -0
  720. package/dist/service/config.js +202 -0
  721. package/dist/service/config.js.map +1 -0
  722. package/dist/service/lru.d.ts +11 -0
  723. package/dist/service/lru.js +47 -0
  724. package/dist/service/lru.js.map +1 -0
  725. package/dist/service/mail.d.ts +107 -0
  726. package/dist/service/mail.js +220 -0
  727. package/dist/service/mail.js.map +1 -0
  728. package/dist/service/notification.d.ts +9 -0
  729. package/dist/service/notification.js +19 -0
  730. package/dist/service/notification.js.map +1 -0
  731. package/dist/service/presence.d.ts +219 -0
  732. package/dist/service/presence.js +602 -0
  733. package/dist/service/presence.js.map +1 -0
  734. package/dist/types/error.d.ts +13 -0
  735. package/dist/types/error.js +13 -0
  736. package/dist/types/error.js.map +1 -0
  737. package/dist/types/express.d.ts +34 -0
  738. package/dist/types/express.js +50 -0
  739. package/dist/types/express.js.map +1 -0
  740. package/dist/types/mongoose-extensions.d.ts +8 -0
  741. package/dist/types/mongoose-extensions.js +24 -0
  742. package/dist/types/mongoose-extensions.js.map +1 -0
  743. package/dist/util/accessTokenParser.d.ts +1 -0
  744. package/dist/util/accessTokenParser.js +34 -0
  745. package/dist/util/accessTokenParser.js.map +1 -0
  746. package/dist/util/activityDefine.d.ts +15 -0
  747. package/dist/util/activityDefine.js +52 -0
  748. package/dist/util/activityDefine.js.map +1 -0
  749. package/dist/util/admin-config.d.ts +57 -0
  750. package/dist/util/admin-config.js +99 -0
  751. package/dist/util/admin-config.js.map +1 -0
  752. package/dist/util/admin-pager.d.ts +24 -0
  753. package/dist/util/admin-pager.js +73 -0
  754. package/dist/util/admin-pager.js.map +1 -0
  755. package/dist/util/apiPaginate.d.ts +11 -0
  756. package/dist/util/apiPaginate.js +33 -0
  757. package/dist/util/apiPaginate.js.map +1 -0
  758. package/dist/util/apiResponse.d.ts +9 -0
  759. package/dist/util/apiResponse.js +23 -0
  760. package/dist/util/apiResponse.js.map +1 -0
  761. package/dist/util/auth.d.ts +11 -0
  762. package/dist/util/auth.js +48 -0
  763. package/dist/util/auth.js.map +1 -0
  764. package/dist/util/auto-watch.d.ts +35 -0
  765. package/dist/util/auto-watch.js +24 -0
  766. package/dist/util/auto-watch.js.map +1 -0
  767. package/dist/util/autocomplete-match.d.ts +44 -0
  768. package/dist/util/autocomplete-match.js +80 -0
  769. package/dist/util/autocomplete-match.js.map +1 -0
  770. package/dist/util/aws-config-migration.d.ts +11 -0
  771. package/dist/util/aws-config-migration.js +68 -0
  772. package/dist/util/aws-config-migration.js.map +1 -0
  773. package/dist/util/boot-reporter.d.ts +130 -0
  774. package/dist/util/boot-reporter.js +242 -0
  775. package/dist/util/boot-reporter.js.map +1 -0
  776. package/dist/util/collab-cap.d.ts +39 -0
  777. package/dist/util/collab-cap.js +90 -0
  778. package/dist/util/collab-cap.js.map +1 -0
  779. package/dist/util/crypto.d.ts +39 -0
  780. package/dist/util/crypto.js +105 -0
  781. package/dist/util/crypto.js.map +1 -0
  782. package/dist/util/dedup-users.d.ts +96 -0
  783. package/dist/util/dedup-users.js +149 -0
  784. package/dist/util/dedup-users.js.map +1 -0
  785. package/dist/util/editor-cap-counter.d.ts +90 -0
  786. package/dist/util/editor-cap-counter.js +175 -0
  787. package/dist/util/editor-cap-counter.js.map +1 -0
  788. package/dist/util/fileUploader.d.ts +55 -0
  789. package/dist/util/fileUploader.js +70 -0
  790. package/dist/util/fileUploader.js.map +1 -0
  791. package/dist/util/formUtil.d.ts +2 -0
  792. package/dist/util/formUtil.js +15 -0
  793. package/dist/util/formUtil.js.map +1 -0
  794. package/dist/util/githubAuth.d.ts +2 -0
  795. package/dist/util/githubAuth.js +82 -0
  796. package/dist/util/githubAuth.js.map +1 -0
  797. package/dist/util/googleAuth.d.ts +2 -0
  798. package/dist/util/googleAuth.js +85 -0
  799. package/dist/util/googleAuth.js.map +1 -0
  800. package/dist/util/jwt.d.ts +50 -0
  801. package/dist/util/jwt.js +127 -0
  802. package/dist/util/jwt.js.map +1 -0
  803. package/dist/util/linkDetector.d.ts +3 -0
  804. package/dist/util/linkDetector.js +91 -0
  805. package/dist/util/linkDetector.js.map +1 -0
  806. package/dist/util/mail-token.d.ts +24 -0
  807. package/dist/util/mail-token.js +117 -0
  808. package/dist/util/mail-token.js.map +1 -0
  809. package/dist/util/mailer.d.ts +7 -0
  810. package/dist/util/mailer.js +98 -0
  811. package/dist/util/mailer.js.map +1 -0
  812. package/dist/util/map-duplicate-key-error.d.ts +26 -0
  813. package/dist/util/map-duplicate-key-error.js +41 -0
  814. package/dist/util/map-duplicate-key-error.js.map +1 -0
  815. package/dist/util/mongoose-paginate.d.ts +10 -0
  816. package/dist/util/mongoose-paginate.js +23 -0
  817. package/dist/util/mongoose-paginate.js.map +1 -0
  818. package/dist/util/notifications-token.d.ts +35 -0
  819. package/dist/util/notifications-token.js +140 -0
  820. package/dist/util/notifications-token.js.map +1 -0
  821. package/dist/util/oauth-client-seed.d.ts +2 -0
  822. package/dist/util/oauth-client-seed.js +48 -0
  823. package/dist/util/oauth-client-seed.js.map +1 -0
  824. package/dist/util/oauth-redirect-uri.d.ts +2 -0
  825. package/dist/util/oauth-redirect-uri.js +55 -0
  826. package/dist/util/oauth-redirect-uri.js.map +1 -0
  827. package/dist/util/page-response.d.ts +113 -0
  828. package/dist/util/page-response.js +154 -0
  829. package/dist/util/page-response.js.map +1 -0
  830. package/dist/util/page-search-index.d.ts +19 -0
  831. package/dist/util/page-search-index.js +91 -0
  832. package/dist/util/page-search-index.js.map +1 -0
  833. package/dist/util/page-status-migration.d.ts +23 -0
  834. package/dist/util/page-status-migration.js +48 -0
  835. package/dist/util/page-status-migration.js.map +1 -0
  836. package/dist/util/path.d.ts +2 -0
  837. package/dist/util/path.js +12 -0
  838. package/dist/util/path.js.map +1 -0
  839. package/dist/util/pkce.d.ts +13 -0
  840. package/dist/util/pkce.js +30 -0
  841. package/dist/util/pkce.js.map +1 -0
  842. package/dist/util/presence-token.d.ts +21 -0
  843. package/dist/util/presence-token.js +120 -0
  844. package/dist/util/presence-token.js.map +1 -0
  845. package/dist/util/rate-limit.d.ts +67 -0
  846. package/dist/util/rate-limit.js +87 -0
  847. package/dist/util/rate-limit.js.map +1 -0
  848. package/dist/util/rebuild-backlink.d.ts +25 -0
  849. package/dist/util/rebuild-backlink.js +7 -0
  850. package/dist/util/rebuild-backlink.js.map +1 -0
  851. package/dist/util/rebuild-renderer.d.ts +31 -0
  852. package/dist/util/rebuild-renderer.js +7 -0
  853. package/dist/util/rebuild-renderer.js.map +1 -0
  854. package/dist/util/redis-opts.d.ts +17 -0
  855. package/dist/util/redis-opts.js +40 -0
  856. package/dist/util/redis-opts.js.map +1 -0
  857. package/dist/util/regex.d.ts +2 -0
  858. package/dist/util/regex.js +8 -0
  859. package/dist/util/regex.js.map +1 -0
  860. package/dist/util/search-rebuild.d.ts +18 -0
  861. package/dist/util/search-rebuild.js +28 -0
  862. package/dist/util/search-rebuild.js.map +1 -0
  863. package/dist/util/ssr.d.ts +3 -0
  864. package/dist/util/ssr.js +9 -0
  865. package/dist/util/ssr.js.map +1 -0
  866. package/dist/util/storage-copy.d.ts +40 -0
  867. package/dist/util/storage-copy.js +123 -0
  868. package/dist/util/storage-copy.js.map +1 -0
  869. package/dist/util/ts-rest-helpers.d.ts +110 -0
  870. package/dist/util/ts-rest-helpers.js +110 -0
  871. package/dist/util/ts-rest-helpers.js.map +1 -0
  872. package/dist/util/url.d.ts +1 -0
  873. package/dist/util/url.js +11 -0
  874. package/dist/util/url.js.map +1 -0
  875. package/dist/util/user-code.d.ts +10 -0
  876. package/dist/util/user-code.js +55 -0
  877. package/dist/util/user-code.js.map +1 -0
  878. package/dist/util/view.d.ts +10 -0
  879. package/dist/util/view.js +99 -0
  880. package/dist/util/view.js.map +1 -0
  881. package/dist/util/watcher-backfill.d.ts +30 -0
  882. package/dist/util/watcher-backfill.js +43 -0
  883. package/dist/util/watcher-backfill.js.map +1 -0
  884. package/dist/util/ws-token.d.ts +24 -0
  885. package/dist/util/ws-token.js +134 -0
  886. package/dist/util/ws-token.js.map +1 -0
  887. package/package.json +106 -0
package/dist/hono/index.js ADDED
@@ -0,0 +1,240 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
35
+ Object.defineProperty(exports, "__esModule", { value: true });
36
+ exports.buildHonoApp = exports.honoOnError = exports.defaultHook = exports.createJwtAuth = exports.createJwtAdminRequired = exports.createHonoApp = void 0;
37
+ const app_1 = require("./app");
38
+ const attach_1 = require("../mcp/attach");
39
+ const cors_1 = require("./middleware/cors");
40
+ const adminCrypto_1 = require("./handlers/adminCrypto");
41
+ const app_2 = require("./handlers/admin/app");
42
+ const auth_1 = require("./handlers/admin/auth");
43
+ const mail_1 = require("./handlers/admin/mail");
44
+ const plugins_1 = require("./handlers/admin/plugins");
45
+ const search_1 = require("./handlers/admin/search");
46
+ const security_1 = require("./handlers/admin/security");
47
+ const storage_1 = require("./handlers/admin/storage");
48
+ const users_1 = require("./handlers/admin/users");
49
+ const access_token_1 = require("./handlers/access-token");
50
+ const app_3 = require("./handlers/app");
51
+ const attachment_1 = require("./handlers/attachment");
52
+ const attachment_stream_1 = require("./handlers/attachment-stream");
53
+ const autocomplete_1 = require("./handlers/autocomplete");
54
+ const backlink_1 = require("./handlers/backlink");
55
+ const bookmark_1 = require("./handlers/bookmark");
56
+ const comment_1 = require("./handlers/comment");
57
+ const draft_1 = require("./handlers/draft");
58
+ const installer_1 = require("./handlers/installer");
59
+ const me_1 = require("./handlers/me");
60
+ const notification_1 = require("./handlers/notification");
61
+ const oauth_1 = require("./handlers/oauth");
62
+ const page_1 = require("./handlers/page");
63
+ const page_collab_1 = require("./handlers/page-collab");
64
+ const page_preview_1 = require("./handlers/page-preview");
65
+ const presence_1 = require("./handlers/presence");
66
+ const revision_1 = require("./handlers/revision");
67
+ const search_2 = require("./handlers/search");
68
+ const tokenAuth_1 = require("./handlers/tokenAuth");
69
+ const inviteAccept_1 = require("./handlers/inviteAccept");
70
+ const passwordReset_1 = require("./handlers/passwordReset");
71
+ const activation_1 = require("./handlers/activation");
72
+ const emailChange_1 = require("./handlers/emailChange");
73
+ const user_1 = require("./handlers/user");
74
+ var app_4 = require("./app");
75
+ Object.defineProperty(exports, "createHonoApp", { enumerable: true, get: function () { return app_4.createHonoApp; } });
76
+ Object.defineProperty(exports, "createJwtAdminRequired", { enumerable: true, get: function () { return app_4.createJwtAdminRequired; } });
77
+ Object.defineProperty(exports, "createJwtAuth", { enumerable: true, get: function () { return app_4.createJwtAuth; } });
78
+ Object.defineProperty(exports, "defaultHook", { enumerable: true, get: function () { return app_4.defaultHook; } });
79
+ Object.defineProperty(exports, "honoOnError", { enumerable: true, get: function () { return app_4.honoOnError; } });
80
+ /**
81
+ * Build the Hono application chain.
82
+ *
83
+ * Phase 4 commits extend this chain by wrapping the previous return
84
+ * value with the next `registerXRoutes(...)`. Keeping the entire chain
85
+ * inside a single expression preserves OpenAPIHono's per-route type
86
+ * accumulation, which keeps the contract `AppType` and the runtime
87
+ * chain in lock-step.
88
+ *
89
+ * Order doesn't affect routing (Hono dispatches by `method + path`) but
90
+ * we keep it aligned with the contract stub chain in
91
+ * `packages/api-contract/src/client.ts` so the two are easy to eyeball
92
+ * for drift.
93
+ */
94
+ const buildHonoApp = (crowi) => {
95
+ const base = (0, app_1.createHonoApp)();
96
+ // RFC-0006 Phase 6 Sub-batch D — Hono is the sole HTTP host, so
97
+ // this CORS apply is the only CORS layer in the process. The Express
98
+ // bridge that previously also ran `cors()` is gone.
99
+ //
100
+ // `app.use('*', ...)` mutates the underlying Hono instance — it
101
+ // doesn't extend the typed openapi chain — so we install before
102
+ // any `register*Routes(...)` calls.
103
+ base.use('*', (0, cors_1.createCors)(crowi));
104
+ const withApp = (0, app_3.registerAppRoutes)(base, crowi);
105
+ const withInstaller = (0, installer_1.registerInstallerRoutes)(withApp, crowi);
106
+ const withTokenAuth = (0, tokenAuth_1.registerTokenAuthRoutes)(withInstaller, crowi);
107
+ // Public invite-acceptance (token is the credential) — register before
108
+ // the auth-gated me/user routes.
109
+ const withInviteAccept = (0, inviteAccept_1.registerInviteAcceptRoutes)(withTokenAuth, crowi);
110
+ // Public self-service password reset (token is the credential).
111
+ const withPasswordReset = (0, passwordReset_1.registerPasswordResetRoutes)(withInviteAccept, crowi);
112
+ // Public account activation (email confirmation; token is the credential).
113
+ const withActivation = (0, activation_1.registerActivationRoutes)(withPasswordReset, crowi);
114
+ // Public email-change confirmation (token is the credential).
115
+ const withEmailChange = (0, emailChange_1.registerEmailChangeRoutes)(withActivation, crowi);
116
+ const withMe = (0, me_1.registerMeRoutes)(withEmailChange, crowi);
117
+ // RFC-0010 Phase 2 — PAT management (`/me/access-tokens`). MUST follow
118
+ // `registerMeRoutes`: it rides that handler's broad `/me/*` jwtAuth
119
+ // apply rather than installing its own (avoids a second User.findById).
120
+ const withAccessToken = (0, access_token_1.registerAccessTokenRoutes)(withMe, crowi);
121
+ // RFC-0010 Phase 3/4 — OAuth authorization-server endpoints. `/oauth/token`,
122
+ // `/oauth/revoke`, `/.well-known/oauth-authorization-server`,
123
+ // `/oauth/device/authorize` and `GET /oauth/device` are public;
124
+ // `/oauth/authorize` and `/oauth/device/verify` install their own per-path
125
+ // `createJwtAuth` (no prefix overlap with any other handler's broad apply,
126
+ // so they are self-contained).
127
+ const withOAuth = (0, oauth_1.registerOAuthRoutes)(withAccessToken, crowi);
128
+ const withUser = (0, user_1.registerUserRoutes)(withOAuth, crowi);
129
+ const withBookmark = (0, bookmark_1.registerBookmarkRoutes)(withUser, crowi);
130
+ const withBacklink = (0, backlink_1.registerBacklinkRoutes)(withBookmark, crowi);
131
+ const withComment = (0, comment_1.registerCommentRoutes)(withBacklink, crowi);
132
+ // Revision MUST register before page / page-preview / pageCollab /
133
+ // presence: it owns the `app.use('/pages/*', createJwtAuth(crowi))`
134
+ // broad apply, and the downstream `/pages/*` handlers rely on that
135
+ // already-installed middleware (Hono does not dedupe middleware by
136
+ // reference — re-installing would cost a second JWT verify +
137
+ // User.findById per request).
138
+ const withRevision = (0, revision_1.registerRevisionRoutes)(withComment, crowi);
139
+ const withPage = (0, page_1.registerPageRoutes)(withRevision, crowi);
140
+ const withPagePreview = (0, page_preview_1.registerPagePreviewRoutes)(withPage, crowi);
141
+ // pageCollab (RFC-0003 wsToken) + presence (RFC-0005 token + likers)
142
+ // both attach `/pages/{id}/<suffix>` endpoints under the shared
143
+ // jwtAuth apply. presence depends on the same prefix as pageCollab
144
+ // so we keep them grouped; their relative order is irrelevant to
145
+ // routing (Hono dispatches by method+path) but mirrors the spec
146
+ // chain in `packages/api-contract/src/client.ts`.
147
+ const withPageCollab = (0, page_collab_1.registerPageCollabRoutes)(withPagePreview, crowi);
148
+ const withPresence = (0, presence_1.registerPresenceRoutes)(withPageCollab, crowi);
149
+ // Batch 6 — draft / autocomplete / attachment (RFC-0004). draft +
150
+ // `/pages/autocomplete` ride on the revision-owned `/pages/*` jwtAuth
151
+ // apply (same dedupe-avoidance rationale as page / page-preview /
152
+ // pageCollab / presence). autocomplete installs jwtAuth on the
153
+ // singleton `/users/autocomplete` literal itself; attachment installs
154
+ // jwtAuth + rate-limit on `/attachments/*`. Rate limiting wraps the
155
+ // two autocomplete endpoints (60/min) and `uploadAttachment` (20/min).
156
+ const withDraft = (0, draft_1.registerDraftRoutes)(withPresence, crowi);
157
+ const withAutocomplete = (0, autocomplete_1.registerAutocompleteRoutes)(withDraft, crowi);
158
+ const withAttachment = (0, attachment_1.registerAttachmentRoutes)(withAutocomplete, crowi);
159
+ // RFC-0006 Phase 6 Sub-batch D — raw streaming attachment routes
160
+ // (`GET /attachments/by-key/:key`, `GET /attachments/:id`). Hono
161
+ // native via `Readable.toWeb`, no Express bridge. Registers
162
+ // alongside the JSON attachment routes; the literal `:id{24-hex}`
163
+ // pattern keeps them disjoint from `/attachments/upload` /
164
+ // `/attachments/:id/meta`. Mutates the underlying instance
165
+ // (returns `app` unchanged-as-type), so registering after
166
+ // `registerAttachmentRoutes` is fine — both share the same
167
+ // jwt-auth broad apply.
168
+ (0, attachment_stream_1.registerAttachmentStreamRoutes)(withAttachment, crowi);
169
+ // Batch 7 — search. Singleton literal path `/search` (OUTSIDE the
170
+ // revision-owned `/pages/*` apply). The handler installs jwtAuth on
171
+ // the literal path itself, same single-route install pattern as
172
+ // `/users/autocomplete`. No rate limit.
173
+ const withSearch = (0, search_2.registerSearchRoutes)(withAttachment, crowi);
174
+ // Batch 8 — adminCrypto. Two literal paths under `/admin/crypto/*`,
175
+ // admin-only (first time `createJwtAdminRequired` lands on Hono).
176
+ const withAdminCrypto = (0, adminCrypto_1.registerAdminCryptoRoutes)(withSearch, crowi);
177
+ // Batch 9 — the 8 admin sub-contracts (app / auth / security / mail /
178
+ // storage / search / users / plugins). Each handler installs
179
+ // `createJwtAdminRequired(crowi)` broadly on its `/admin/<sub>/*`
180
+ // prefix + the bare `/admin/<sub>` path. No prefix overlap between
181
+ // sub-contracts (every one owns a distinct second-segment literal),
182
+ // so the broad apply pattern is safe.
183
+ const withAdminApp = (0, app_2.registerAdminAppRoutes)(withAdminCrypto, crowi);
184
+ const withAdminAuth = (0, auth_1.registerAdminAuthRoutes)(withAdminApp, crowi);
185
+ const withAdminSecurity = (0, security_1.registerAdminSecurityRoutes)(withAdminAuth, crowi);
186
+ const withAdminMail = (0, mail_1.registerAdminMailRoutes)(withAdminSecurity, crowi);
187
+ const withAdminStorage = (0, storage_1.registerAdminStorageRoutes)(withAdminMail, crowi);
188
+ const withAdminSearch = (0, search_1.registerAdminSearchRoutes)(withAdminStorage, crowi);
189
+ const withAdminUsers = (0, users_1.registerAdminUsersRoutes)(withAdminSearch, crowi);
190
+ const withAdminPlugins = (0, plugins_1.registerAdminPluginsRoutes)(withAdminUsers, crowi);
191
+ const withNotification = (0, notification_1.registerNotificationRoutes)(withAdminPlugins, crowi);
192
+ // RFC-0011 — built-in MCP server. `/mcp` is a normal Hono route (not a
193
+ // WS upgrade), so it is attached here alongside the other handler
194
+ // registration rather than in the post-`buildServer` WS-attach phase.
195
+ // It mounts `app.all('/mcp', …)` under `createJwtAuth(crowi)` + a
196
+ // per-user rate limit; each tool dispatches in-process to the existing
197
+ // scoped routes (`honoApp.request`). `/mcp` is JSON-RPC, not a REST
198
+ // contract, so it is intentionally NOT added to the OpenAPI document.
199
+ // `attachMcp` mutates the underlying Hono instance (it does not extend
200
+ // the typed openapi chain), so it is called for its side-effect.
201
+ (0, attach_1.attachMcp)(withNotification, crowi);
202
+ // RFC-0006 Phase 6 — expose the runtime OpenAPI 3.1 document at
203
+ // `/api/v2/openapi.json` and the Scalar API Reference UI at
204
+ // `/api/v2/docs`. The doc is built from the handlers actually
205
+ // registered above (vs. the bare scaffold in
206
+ // `packages/api-contract/scripts/generate-openapi.ts` which emits the
207
+ // commit-tracked artefact), so admins always see the live shape.
208
+ //
209
+ // We intentionally call `.doc31` / `.get` on the chained app for
210
+ // their side-effect only — capturing the return type would extend
211
+ // an already-TS2589-deep chain. The mutation registers the routes
212
+ // on the same underlying Hono instance, which is what consumers
213
+ // observe at runtime.
214
+ //
215
+ // Scalar (`@scalar/hono-api-reference`) is ESM-only with a `.js`
216
+ // extension, which Jest's CJS runtime cannot statically parse. We
217
+ // dynamic-import it from a lazy wrapper middleware so test files
218
+ // that boot the api process don't trip a transform error. The
219
+ // handler is registered eagerly; the import only runs on the first
220
+ // `GET /api/v2/docs` request.
221
+ withNotification.doc31('/openapi.json', {
222
+ openapi: '3.1.0',
223
+ info: {
224
+ title: 'Crowi API',
225
+ description: 'API for Crowi - Markdown-based Wiki Application',
226
+ version: '2.0.0',
227
+ },
228
+ });
229
+ let scalarHandler = null;
230
+ withNotification.get('/docs', async (c, next) => {
231
+ if (scalarHandler == null) {
232
+ const { Scalar } = await Promise.resolve().then(() => __importStar(require('@scalar/hono-api-reference')));
233
+ scalarHandler = Scalar({ url: '/api/v2/openapi.json' });
234
+ }
235
+ return scalarHandler(c, next);
236
+ });
237
+ return withNotification;
238
+ };
239
+ exports.buildHonoApp = buildHonoApp;
240
+ //# sourceMappingURL=index.js.map
package/dist/hono/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/hono/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA,+BAAsC;AACtC,0CAA0C;AAC1C,4CAA+C;AAC/C,wDAAmE;AACnE,8CAA8D;AAC9D,gDAAgE;AAChE,gDAAgE;AAChE,sDAAsE;AACtE,oDAAoE;AACpE,wDAAwE;AACxE,sDAAsE;AACtE,kDAAkE;AAClE,0DAAoE;AACpE,wCAAmD;AACnD,sDAAiE;AACjE,oEAA8E;AAC9E,0DAAqE;AACrE,kDAA6D;AAC7D,kDAA6D;AAC7D,gDAA2D;AAC3D,4CAAuD;AACvD,oDAA+D;AAC/D,sCAAiD;AACjD,0DAAqE;AACrE,4CAAuD;AACvD,0CAAqD;AACrD,wDAAkE;AAClE,0DAAoE;AACpE,kDAA6D;AAC7D,kDAA6D;AAC7D,8CAAyD;AACzD,oDAA+D;AAC/D,0DAAqE;AACrE,4DAAuE;AACvE,sDAAiE;AACjE,wDAAmE;AACnE,0CAAqD;AAErD,6BAAuG;AAA9F,oGAAA,aAAa,OAAA;AAAE,6GAAA,sBAAsB,OAAA;AAAE,oGAAA,aAAa,OAAA;AAAE,kGAAA,WAAW,OAAA;AAAE,kGAAA,WAAW,OAAA;AAGvF;;;;;;;;;;;;;GAaG;AACI,MAAM,YAAY,GAAG,CAAC,KAAY,EAAE,EAAE;IAC3C,MAAM,IAAI,GAAG,IAAA,mBAAa,GAAE,CAAC;IAC7B,gEAAgE;IAChE,qEAAqE;IACrE,oDAAoD;IACpD,EAAE;IACF,gEAAgE;IAChE,gEAAgE;IAChE,oCAAoC;IACpC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAA,iBAAU,EAAC,KAAK,CAAC,CAAC,CAAC;IACjC,MAAM,OAAO,GAAG,IAAA,uBAAiB,EAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,mCAAuB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9D,MAAM,aAAa,GAAG,IAAA,mCAAuB,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IACpE,uEAAuE;IACvE,iCAAiC;IACjC,MAAM,gBAAgB,GAAG,IAAA,yCAA0B,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAC1E,gEAAgE;IAChE,MAAM,iBAAiB,GAAG,IAAA,2CAA2B,EAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IAC/E,2EAA2E;IAC3E,MAAM,cAAc,GAAG,IAAA,qCAAwB,EAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IAC1E,8DAA8D;IAC9D,MAAM,eAAe,GAAG,IAAA,uCAAyB,EAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAA,qBAAgB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACxD,uEAAuE;IACvE,oEAAoE;IACpE,wEAAwE;IACxE,MAAM,eAAe,GAAG,IAAA,wCAAyB,EAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACjE,6EAA6E;IAC7E,8DAA8D;IAC9D,gEAAgE;IAChE,2EAA2E;IAC3E,2EAA2E;IAC3E,+BAA+B;IAC/B,MAAM,SAAS,GAAG,IAAA,2BAAmB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,IAAA,yBAAkB,EAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,IAAA,iCAAsB,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAA,iCAAsB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,IAAA,+BAAqB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IAC/D,mEAAmE;IACnE,oEAAoE;IACpE,mEAAmE;IACnE,mEAAmE;IACnE,6DAA6D;IAC7D,8BAA8B;IAC9B,MAAM,YAAY,GAAG,IAAA,iCAAsB,EAAC,WAAW,EAAE,KAAK,CAAC,CAAC;IAChE,MAAM,QAAQ,GAAG,IAAA,yBAAkB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IACzD,MAAM,eAAe,GAAG,IAAA,wCAAyB,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IACnE,qEAAqE;IACrE,gEAAgE;IAChE,mEAAmE;IACnE,iEAAiE;IACjE,gEAAgE;IAChE,kDAAkD;IAClD,MAAM,cAAc,GAAG,IAAA,sCAAwB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACxE,MAAM,YAAY,GAAG,IAAA,iCAAsB,EAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACnE,kEAAkE;IAClE,sEAAsE;IACtE,kEAAkE;IAClE,+DAA+D;IAC/D,sEAAsE;IACtE,oEAAoE;IACpE,uEAAuE;IACvE,MAAM,SAAS,GAAG,IAAA,2BAAmB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IAC3D,MAAM,gBAAgB,GAAG,IAAA,yCAA0B,EAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IACtE,MAAM,cAAc,GAAG,IAAA,qCAAwB,EAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACzE,iEAAiE;IACjE,iEAAiE;IACjE,4DAA4D;IAC5D,kEAAkE;IAClE,2DAA2D;IAC3D,2DAA2D;IAC3D,0DAA0D;IAC1D,2DAA2D;IAC3D,wBAAwB;IACxB,IAAA,kDAA8B,EAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACtD,kEAAkE;IAClE,oEAAoE;IACpE,gEAAgE;IAChE,wCAAwC;IACxC,MAAM,UAAU,GAAG,IAAA,6BAAoB,EAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IAC/D,oEAAoE;IACpE,kEAAkE;IAClE,MAAM,eAAe,GAAG,IAAA,uCAAyB,EAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IACrE,sEAAsE;IACtE,6DAA6D;IAC7D,kEAAkE;IAClE,mEAAmE;IACnE,oEAAoE;IACpE,sCAAsC;IACtC,MAAM,YAAY,GAAG,IAAA,4BAAsB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACpE,MAAM,aAAa,GAAG,IAAA,8BAAuB,EAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IACnE,MAAM,iBAAiB,GAAG,IAAA,sCAA2B,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAC5E,MAAM,aAAa,GAAG,IAAA,8BAAuB,EAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IACxE,MAAM,gBAAgB,GAAG,IAAA,oCAA0B,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAC1E,MAAM,eAAe,GAAG,IAAA,kCAAyB,EAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IAC3E,MAAM,cAAc,GAAG,IAAA,gCAAwB,EAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACxE,MAAM,gBAAgB,GAAG,IAAA,oCAA0B,EAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IAC3E,MAAM,gBAAgB,GAAG,IAAA,yCAA0B,EAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IAE7E,uEAAuE;IACvE,kEAAkE;IAClE,sEAAsE;IACtE,kEAAkE;IAClE,uEAAuE;IACvE,oEAAoE;IACpE,sEAAsE;IACtE,uEAAuE;IACvE,iEAAiE;IACjE,IAAA,kBAAS,EAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IAEnC,gEAAgE;IAChE,4DAA4D;IAC5D,8DAA8D;IAC9D,6CAA6C;IAC7C,sEAAsE;IACtE,iEAAiE;IACjE,EAAE;IACF,iEAAiE;IACjE,kEAAkE;IAClE,kEAAkE;IAClE,gEAAgE;IAChE,sBAAsB;IACtB,EAAE;IACF,iEAAiE;IACjE,kEAAkE;IAClE,iEAAiE;IACjE,8DAA8D;IAC9D,mEAAmE;IACnE,8BAA8B;IAC9B,gBAAgB,CAAC,KAAK,CAAC,eAAe,EAAE;QACtC,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ,KAAK,EAAE,WAAW;YAClB,WAAW,EAAE,iDAAiD;YAC9D,OAAO,EAAE,OAAO;SACjB;KACF,CAAC,CAAC;IAOH,IAAI,aAAa,GAA2B,IAAI,CAAC;IACjD,gBAAgB,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC9C,IAAI,aAAa,IAAI,IAAI,EAAE,CAAC;YAC1B,MAAM,EAAE,MAAM,EAAE,GAAG,wDAAa,4BAA4B,GAAC,CAAC;YAC9D,aAAa,GAAG,MAAM,CAAC,EAAE,GAAG,EAAE,sBAAsB,EAAE,CAA+B,CAAC;QACxF,CAAC;QACD,OAAO,aAAa,CAAC,CAAY,EAAE,IAAI,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,OAAO,gBAAgB,CAAC;AAC1B,CAAC,CAAC;AAzJW,QAAA,YAAY,gBAyJvB"}
package/dist/hono/middleware/admin.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type Crowi from '../../crowi';
2
+ import { type HonoAuthVariables } from './auth';
3
+ export declare const createJwtAdminRequired: (crowi: Crowi) => import("../../hono").MiddlewareHandler<{
4
+ Variables: HonoAuthVariables;
5
+ }, string, {}, Response>;
package/dist/hono/middleware/admin.js ADDED
@@ -0,0 +1,34 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.createJwtAdminRequired = void 0;
4
+ const factory_1 = require("hono/factory");
5
+ const auth_1 = require("./auth");
6
+ const ADMIN_REQUIRED_BODY = {
7
+ error: {
8
+ code: 'ADMIN_REQUIRED',
9
+ message: 'Admin permission required',
10
+ },
11
+ };
12
+ const createJwtAdminRequired = (crowi) => {
13
+ const jwtAuth = (0, auth_1.createJwtAuth)(crowi);
14
+ return (0, factory_1.createMiddleware)(async (c, next) => {
15
+ let shortCircuit;
16
+ const jwtResult = await jwtAuth(c, async () => {
17
+ const user = c.get('user');
18
+ if (!user?.admin) {
19
+ shortCircuit = c.json(ADMIN_REQUIRED_BODY, 403);
20
+ return;
21
+ }
22
+ await next();
23
+ });
24
+ // jwtAuth returned a Response (= it short-circuited with 401/403)
25
+ // and never invoked our inner callback. Forward that response.
26
+ if (shortCircuit)
27
+ return shortCircuit;
28
+ if (jwtResult instanceof Response)
29
+ return jwtResult;
30
+ return;
31
+ });
32
+ };
33
+ exports.createJwtAdminRequired = createJwtAdminRequired;
34
+ //# sourceMappingURL=admin.js.map
package/dist/hono/middleware/admin.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"admin.js","sourceRoot":"","sources":["../../../src/hono/middleware/admin.ts"],"names":[],"mappings":";;;AAcA,0CAAgD;AAKhD,iCAA+D;AAI/D,MAAM,mBAAmB,GAAuB;IAC9C,KAAK,EAAE;QACL,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,2BAA2B;KACrC;CACF,CAAC;AAEK,MAAM,sBAAsB,GAAG,CAAC,KAAY,EAAE,EAAE;IACrD,MAAM,OAAO,GAAG,IAAA,oBAAa,EAAC,KAAK,CAAC,CAAC;IAErC,OAAO,IAAA,0BAAgB,EAAmC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC1E,IAAI,YAAkC,CAAC;QACvC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,CAAC,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;gBACjB,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;gBAChD,OAAO;YACT,CAAC;YACD,MAAM,IAAI,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;QACH,kEAAkE;QAClE,+DAA+D;QAC/D,IAAI,YAAY;YAAE,OAAO,YAAY,CAAC;QACtC,IAAI,SAAS,YAAY,QAAQ;YAAE,OAAO,SAAS,CAAC;QACpD,OAAO;IACT,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAnBW,QAAA,sBAAsB,0BAmBjC"}
package/dist/hono/middleware/auth.d.ts ADDED
@@ -0,0 +1,54 @@
1
+ /**
2
+ * Hono port of the Express `jwtAuth` middleware. Wire-format identical to
3
+ * `packages/api/src/middlewares/jwtAuth.ts`:
4
+ *
5
+ * - Bearer token first, `crowi.accessToken` cookie fallback (for
6
+ * `<img src="/api/v2/...">`-style requests that cannot carry an
7
+ * Authorization header).
8
+ * - 401 `AUTHENTICATION_REQUIRED` on missing / invalid / expired token
9
+ * or unknown user. Body shape matches `AuthenticationRequiredErrorSchema`.
10
+ * - 403 `USER_REGISTERED` / `USER_SUSPENDED` / `USER_INVITED` for
11
+ * non-active accounts. Body shape matches `UserStatusErrorSchema`.
12
+ * - On success, the resolved `UserDocument` is exposed via `c.get('user')`.
13
+ */
14
+ import type { AuthenticationRequiredErrorSchema, Scope } from '@crowi/api-contract';
15
+ import type { z } from 'zod';
16
+ import type Crowi from '../../crowi';
17
+ import type { UserDocument } from '../../models/user';
18
+ type AuthenticationRequiredError = z.infer<typeof AuthenticationRequiredErrorSchema>;
19
+ export declare const AUTH_REQUIRED_BODY: AuthenticationRequiredError;
20
+ /**
21
+ * RFC-0010 — context describing how the request authenticated.
22
+ *
23
+ * - `web`: a browser session JWT (`type: 'access'`) or its cookie
24
+ * fallback. Carries no scope claim and is granted **all** scopes, so
25
+ * `requireScope` always passes and the existing UI behaviour is
26
+ * unchanged.
27
+ * - `oauth`: an OAuth access token (`type: 'oauth_access'`). Scopes are
28
+ * limited to the token's `scope` claim and `clientId` identifies the
29
+ * issuing client.
30
+ * - `pat`: a Personal Access Token (`crowi_pat_…` opaque Bearer,
31
+ * RFC-0010 Phase 2). Scopes are the stored token's `scopes`; `tokenId`
32
+ * is the PAT document id. Handlers that must stay web-session-only
33
+ * (e.g. PAT management) branch on `kind !== 'web'`.
34
+ */
35
+ export type AuthContext = {
36
+ kind: 'web';
37
+ } | {
38
+ kind: 'oauth';
39
+ clientId: string;
40
+ } | {
41
+ kind: 'pat';
42
+ tokenId: string;
43
+ };
44
+ export interface HonoAuthVariables {
45
+ user: UserDocument;
46
+ /** Scopes the authenticated principal holds (web sessions = all). */
47
+ authScopes: ReadonlySet<Scope>;
48
+ /** How the request authenticated; lets handlers branch web vs. OAuth. */
49
+ authContext: AuthContext;
50
+ }
51
+ export declare const createJwtAuth: (crowi: Crowi) => import("../../hono").MiddlewareHandler<{
52
+ Variables: HonoAuthVariables;
53
+ }, string, {}, Response>;
54
+ export {};
package/dist/hono/middleware/auth.js ADDED
@@ -0,0 +1,142 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.createJwtAuth = exports.AUTH_REQUIRED_BODY = void 0;
7
+ const api_contract_1 = require("@crowi/api-contract");
8
+ const debug_1 = __importDefault(require("debug"));
9
+ const cookie_1 = require("hono/cookie");
10
+ const factory_1 = require("hono/factory");
11
+ const jwt_1 = require("../../util/jwt");
12
+ const ACCESS_TOKEN_COOKIE_NAME = 'crowi.accessToken';
13
+ exports.AUTH_REQUIRED_BODY = {
14
+ error: {
15
+ code: 'AUTHENTICATION_REQUIRED',
16
+ message: 'Authentication is required',
17
+ },
18
+ };
19
+ const createJwtAuth = (crowi) => {
20
+ const debug = (0, debug_1.default)('crowi:hono:middleware:auth');
21
+ const User = crowi.model('User');
22
+ const PersonalAccessToken = crowi.model('PersonalAccessToken');
23
+ const jwtUtil = (0, jwt_1.createJwtUtil)(crowi);
24
+ return (0, factory_1.createMiddleware)(async (c, next) => {
25
+ const authHeader = c.req.header('authorization');
26
+ let token = jwtUtil.extractTokenFromHeader(authHeader);
27
+ // The cookie fallback (for `<img src>`-style requests that cannot
28
+ // carry an Authorization header) only ever holds a web-session
29
+ // access token, so it is never treated as OAuth — fromCookie flips
30
+ // the accepted token types below to `access`-only.
31
+ let fromCookie = false;
32
+ if (!token) {
33
+ const cookieToken = (0, cookie_1.getCookie)(c, ACCESS_TOKEN_COOKIE_NAME);
34
+ if (cookieToken) {
35
+ token = cookieToken.trim() || null;
36
+ fromCookie = !!token;
37
+ }
38
+ }
39
+ if (!token) {
40
+ return c.json(exports.AUTH_REQUIRED_BODY, 401);
41
+ }
42
+ // Resolve the request's principal up front. Three credential shapes:
43
+ // - `crowi_pat_…` opaque Bearer → Personal Access Token (RFC-0010
44
+ // Phase 2): looked up by SHA-256 hash, scopes from the stored row.
45
+ // - JWT `access` (Bearer or cookie) → web session, all scopes.
46
+ // - JWT `oauth_access` (Bearer only) → OAuth token, claim scopes.
47
+ // `resolved` carries the user plus a deferred scope/context applier so
48
+ // the shared status check below runs once for every credential shape.
49
+ let resolved = null;
50
+ const isPat = !fromCookie && token.startsWith(PersonalAccessToken.TOKEN_PREFIX);
51
+ if (isPat) {
52
+ const record = await PersonalAccessToken.findActiveByHash(PersonalAccessToken.hashToken(token));
53
+ // A missing / revoked / expired PAT is filtered out by
54
+ // `findActiveByHash`'s query, so a null result is an ordinary 401.
55
+ if (!record) {
56
+ return c.json(exports.AUTH_REQUIRED_BODY, 401);
57
+ }
58
+ const tokenId = record._id.toString();
59
+ resolved = {
60
+ userId: record.userId.toString(),
61
+ apply: async () => {
62
+ const scopes = new Set();
63
+ for (const s of record.scopes) {
64
+ if ((0, api_contract_1.isScope)(s))
65
+ scopes.add(s);
66
+ }
67
+ c.set('authScopes', scopes);
68
+ c.set('authContext', { kind: 'pat', tokenId });
69
+ // Best-effort last-used bump; never blocks the request.
70
+ await record.touchLastUsed();
71
+ },
72
+ };
73
+ }
74
+ else {
75
+ // Bearer: accept both web-session (`access`) and OAuth
76
+ // (`oauth_access`) tokens. Cookie: web-session only.
77
+ const payload = fromCookie ? jwtUtil.verifyToken(token, 'access') : jwtUtil.verifyToken(token, ['access', 'oauth_access']);
78
+ if (!payload) {
79
+ return c.json(exports.AUTH_REQUIRED_BODY, 401);
80
+ }
81
+ resolved = {
82
+ userId: payload.userId,
83
+ apply: async () => {
84
+ // Web sessions (`access`, or the cookie fallback) get every scope
85
+ // so `requireScope` always passes and UI behaviour is unchanged.
86
+ // OAuth tokens are limited to their parsed `scope` claim.
87
+ if (payload.type === 'oauth_access') {
88
+ c.set('authScopes', (0, api_contract_1.parseScopeClaim)(payload.scope));
89
+ c.set('authContext', { kind: 'oauth', clientId: payload.client_id });
90
+ }
91
+ else {
92
+ c.set('authScopes', api_contract_1.ALL_SCOPES);
93
+ c.set('authContext', { kind: 'web' });
94
+ }
95
+ },
96
+ };
97
+ }
98
+ try {
99
+ const user = await User.findById(resolved.userId);
100
+ if (!user) {
101
+ return c.json(exports.AUTH_REQUIRED_BODY, 401);
102
+ }
103
+ if (user.status !== User.STATUS_ACTIVE) {
104
+ let code = 'USER_SUSPENDED';
105
+ let message = 'User account is not active';
106
+ let redirectTo = '/login/error/suspended';
107
+ if (user.status === User.STATUS_REGISTERED) {
108
+ code = 'USER_REGISTERED';
109
+ message = 'User registration is not complete';
110
+ redirectTo = '/login/error/registered';
111
+ }
112
+ else if (user.status === User.STATUS_SUSPENDED) {
113
+ code = 'USER_SUSPENDED';
114
+ message = 'User account is suspended';
115
+ redirectTo = '/login/error/suspended';
116
+ }
117
+ else if (user.status === User.STATUS_INVITED) {
118
+ code = 'USER_INVITED';
119
+ message = 'User invitation is pending';
120
+ redirectTo = '/login/invited';
121
+ }
122
+ const body = {
123
+ error: { code, message, redirectTo },
124
+ };
125
+ return c.json(body, 403);
126
+ }
127
+ c.set('user', user);
128
+ // RFC-0010 scope resolution — deferred to the credential-specific
129
+ // applier so this status-check path is shared across web / OAuth /
130
+ // PAT. Sets `authScopes` + `authContext` (and, for PATs, bumps
131
+ // `lastUsedAt`).
132
+ await resolved.apply();
133
+ await next();
134
+ }
135
+ catch (error) {
136
+ debug('JWT authentication error:', error);
137
+ return c.json(exports.AUTH_REQUIRED_BODY, 401);
138
+ }
139
+ });
140
+ };
141
+ exports.createJwtAuth = createJwtAuth;
142
+ //# sourceMappingURL=auth.js.map
package/dist/hono/middleware/auth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/hono/middleware/auth.ts"],"names":[],"mappings":";;;;;;AAcA,sDAA2E;AAC3E,kDAA0B;AAC1B,wCAAwC;AACxC,0CAAgD;AAKhD,sCAA6C;AAK7C,MAAM,wBAAwB,GAAG,mBAAmB,CAAC;AAExC,QAAA,kBAAkB,GAAgC;IAC7D,KAAK,EAAE;QACL,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,4BAA4B;KACtC;CACF,CAAC;AA2BK,MAAM,aAAa,GAAG,CAAC,KAAY,EAAE,EAAE;IAC5C,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,4BAA4B,CAAC,CAAC;IAClD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,mBAAmB,GAAG,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAC/D,MAAM,OAAO,GAAG,IAAA,mBAAa,EAAC,KAAK,CAAC,CAAC;IAErC,OAAO,IAAA,0BAAgB,EAAmC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC1E,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,KAAK,GAAG,OAAO,CAAC,sBAAsB,CAAC,UAAU,CAAC,CAAC;QAEvD,kEAAkE;QAClE,+DAA+D;QAC/D,mEAAmE;QACnE,mDAAmD;QACnD,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,WAAW,GAAG,IAAA,kBAAS,EAAC,CAAC,EAAE,wBAAwB,CAAC,CAAC;YAC3D,IAAI,WAAW,EAAE,CAAC;gBAChB,KAAK,GAAG,WAAW,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;gBACnC,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC;YACvB,CAAC;QACH,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,0BAAkB,EAAE,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,qEAAqE;QACrE,oEAAoE;QACpE,uEAAuE;QACvE,iEAAiE;QACjE,oEAAoE;QACpE,uEAAuE;QACvE,sEAAsE;QACtE,IAAI,QAAQ,GAA0D,IAAI,CAAC;QAE3E,MAAM,KAAK,GAAG,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;QAEhF,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YAChG,uDAAuD;YACvD,mEAAmE;YACnE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,CAAC,IAAI,CAAC,0BAAkB,EAAE,GAAG,CAAC,CAAC;YACzC,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YACtC,QAAQ,GAAG;gBACT,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE;gBAChC,KAAK,EAAE,KAAK,IAAI,EAAE;oBAChB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAS,CAAC;oBAChC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;wBAC9B,IAAI,IAAA,sBAAO,EAAC,CAAC,CAAC;4BAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;oBAChC,CAAC;oBACD,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;oBAC5B,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;oBAC/C,wDAAwD;oBACxD,MAAM,MAAM,CAAC,aAAa,EAAE,CAAC;gBAC/B,CAAC;aACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,uDAAuD;YACvD,qDAAqD;YACrD,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,cAAc,CAAU,CAAC,CAAC;YACpI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,CAAC,CAAC,IAAI,CAAC,0BAAkB,EAAE,GAAG,CAAC,CAAC;YACzC,CAAC;YACD,QAAQ,GAAG;gBACT,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK,IAAI,EAAE;oBAChB,kEAAkE;oBAClE,iEAAiE;oBACjE,0DAA0D;oBAC1D,IAAI,OAAO,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;wBACpC,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,IAAA,8BAAe,EAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;wBACpD,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;oBACvE,CAAC;yBAAM,CAAC;wBACN,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,yBAAU,CAAC,CAAC;wBAChC,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;oBACxC,CAAC;gBACH,CAAC;aACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,CAAC,CAAC,IAAI,CAAC,0BAAkB,EAAE,GAAG,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvC,IAAI,IAAI,GAA0D,gBAAgB,CAAC;gBACnF,IAAI,OAAO,GAAG,4BAA4B,CAAC;gBAC3C,IAAI,UAAU,GAAG,wBAAwB,CAAC;gBAE1C,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAC3C,IAAI,GAAG,iBAAiB,CAAC;oBACzB,OAAO,GAAG,mCAAmC,CAAC;oBAC9C,UAAU,GAAG,yBAAyB,CAAC;gBACzC,CAAC;qBAAM,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBACjD,IAAI,GAAG,gBAAgB,CAAC;oBACxB,OAAO,GAAG,2BAA2B,CAAC;oBACtC,UAAU,GAAG,wBAAwB,CAAC;gBACxC,CAAC;qBAAM,IAAI,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,cAAc,EAAE,CAAC;oBAC/C,IAAI,GAAG,cAAc,CAAC;oBACtB,OAAO,GAAG,4BAA4B,CAAC;oBACvC,UAAU,GAAG,gBAAgB,CAAC;gBAChC,CAAC;gBAED,MAAM,IAAI,GAAoB;oBAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE;iBACrC,CAAC;gBACF,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC3B,CAAC;YAED,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAoB,CAAC,CAAC;YAEpC,kEAAkE;YAClE,mEAAmE;YACnE,+DAA+D;YAC/D,iBAAiB;YACjB,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC;YAEvB,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;YAC1C,OAAO,CAAC,CAAC,IAAI,CAAC,0BAAkB,EAAE,GAAG,CAAC,CAAC;QACzC,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAhIW,QAAA,aAAa,iBAgIxB"}
package/dist/hono/middleware/cors.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import type { MiddlewareHandler } from '../../hono';
2
+ import type Crowi from '../../crowi';
3
+ export declare const createCors: (crowi: Crowi) => MiddlewareHandler;
package/dist/hono/middleware/cors.js ADDED
@@ -0,0 +1,86 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.createCors = void 0;
7
+ /**
8
+ * RFC-0006 Phase 6 Sub-batch C — Hono port of the Express `cors`
9
+ * middleware. The Express bridge will be retired in Sub-batch D, after
10
+ * which this is the only CORS layer on `/api/v2/*` (and on every other
11
+ * Hono-owned path, since Hono will then be the sole HTTP host).
12
+ *
13
+ * Allow-origin policy (mirrors `packages/api/src/crowi/express-init.ts`
14
+ * byte-for-byte, with the same precedence order):
15
+ *
16
+ * 1. Requests with no `Origin` header are allowed (mobile clients,
17
+ * curl, server-to-server, supertest).
18
+ * 2. `process.env.CLIENT_URL` exact match (production allow-list).
19
+ * 3. In `NODE_ENV === 'development'`, any `localhost` / `127.0.0.1`
20
+ * origin (port-agnostic) is allowed — this is what lets the
21
+ * Next.js dev server on `:4302` talk to the api on `:4301`.
22
+ * 4. `crowi.getBaseUrl()` exact match (covers deployments that
23
+ * reverse-proxy the api on its own hostname without setting
24
+ * `CLIENT_URL`).
25
+ * 5. Anything else is rejected (returns `undefined` from the
26
+ * callback → Hono omits `Access-Control-Allow-Origin`, which
27
+ * makes the browser fail the CORS check).
28
+ *
29
+ * `credentials: true` is required for the JWT refresh-token cookie
30
+ * (`crowi.accessToken`) used by `<img src=...>` style requests. The
31
+ * `allowMethods` / `allowHeaders` lists match the Express config so
32
+ * the wire-format diff is zero.
33
+ */
34
+ const debug_1 = __importDefault(require("debug"));
35
+ const cors_1 = require("hono/cors");
36
+ const debug = (0, debug_1.default)('crowi:hono:middleware:cors');
37
+ /**
38
+ * Return value matches the Hono `cors` `origin` callback contract:
39
+ * `string` — echo this exact origin back as
40
+ * `Access-Control-Allow-Origin`; `undefined` / `null` — reject (no
41
+ * header emitted).
42
+ */
43
+ const buildOriginResolver = (crowi) => {
44
+ const env = crowi.node_env;
45
+ const clientUrl = process.env.CLIENT_URL;
46
+ return (origin) => {
47
+ // No `Origin` header (or empty string from the helper) — non-browser
48
+ // clients. The Express cors package would call `callback(null,
49
+ // true)`; the Hono equivalent is to echo back whatever the helper
50
+ // produced (treat as same-origin). Hono normalises an absent
51
+ // header to `''` here, so we cannot distinguish "no Origin" from
52
+ // "empty Origin" — both fall through this branch, which matches
53
+ // the legacy behaviour.
54
+ if (!origin)
55
+ return origin;
56
+ if (clientUrl && origin === clientUrl) {
57
+ return origin;
58
+ }
59
+ if (env === 'development' && (origin.includes('localhost') || origin.includes('127.0.0.1'))) {
60
+ return origin;
61
+ }
62
+ const baseUrl = crowi.getBaseUrl();
63
+ if (baseUrl && origin === baseUrl) {
64
+ return origin;
65
+ }
66
+ if (env !== 'development') {
67
+ debug('CORS rejected origin:', origin);
68
+ return undefined;
69
+ }
70
+ // Dev fallback: allow anything in development so local plugin /
71
+ // smoke-test traffic isn't blocked. Production rejected above.
72
+ return origin;
73
+ };
74
+ };
75
+ const createCors = (crowi) => {
76
+ const resolveOrigin = buildOriginResolver(crowi);
77
+ debug('CORS enabled, CLIENT_URL:', process.env.CLIENT_URL || '(not set)');
78
+ return (0, cors_1.cors)({
79
+ origin: (origin) => resolveOrigin(origin),
80
+ credentials: true,
81
+ allowMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
82
+ allowHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
83
+ });
84
+ };
85
+ exports.createCors = createCors;
86
+ //# sourceMappingURL=cors.js.map
package/dist/hono/middleware/cors.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cors.js","sourceRoot":"","sources":["../../../src/hono/middleware/cors.ts"],"names":[],"mappings":";;;;;;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,kDAA0B;AAC1B,oCAAiC;AAKjC,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,4BAA4B,CAAC,CAAC;AAElD;;;;;GAKG;AACH,MAAM,mBAAmB,GAAG,CAAC,KAAY,EAAE,EAAE;IAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC;IAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;IAEzC,OAAO,CAAC,MAAc,EAAsB,EAAE;QAC5C,qEAAqE;QACrE,+DAA+D;QAC/D,kEAAkE;QAClE,6DAA6D;QAC7D,iEAAiE;QACjE,gEAAgE;QAChE,wBAAwB;QACxB,IAAI,CAAC,MAAM;YAAE,OAAO,MAAM,CAAC;QAE3B,IAAI,SAAS,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACtC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,GAAG,KAAK,aAAa,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YAC5F,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC;QACnC,IAAI,OAAO,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YAClC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,GAAG,KAAK,aAAa,EAAE,CAAC;YAC1B,KAAK,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;YACvC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,gEAAgE;QAChE,+DAA+D;QAC/D,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC,CAAC;AAEK,MAAM,UAAU,GAAG,CAAC,KAAY,EAAqB,EAAE;IAC5D,MAAM,aAAa,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IACjD,KAAK,CAAC,2BAA2B,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,WAAW,CAAC,CAAC;IAE1E,OAAO,IAAA,WAAI,EAAC;QACV,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC;QACzC,WAAW,EAAE,IAAI;QACjB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,YAAY,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,kBAAkB,CAAC;KACpE,CAAC,CAAC;AACL,CAAC,CAAC;AAVW,QAAA,UAAU,cAUrB"}
package/dist/hono/middleware/default-hook.d.ts ADDED
@@ -0,0 +1,8 @@
1
+ import type { Context } from '../../hono';
2
+ import type { ZodError } from 'zod';
3
+ interface ValidationHookResult {
4
+ success: boolean;
5
+ error?: ZodError;
6
+ }
7
+ export declare const defaultHook: (result: ValidationHookResult, c: Context) => Response | undefined;
8
+ export {};
package/dist/hono/middleware/default-hook.js ADDED
@@ -0,0 +1,17 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.defaultHook = void 0;
4
+ const defaultHook = (result, c) => {
5
+ if (result.success)
6
+ return;
7
+ const body = {
8
+ error: {
9
+ code: 'VALIDATION_ERROR',
10
+ message: 'Request validation failed',
11
+ details: result.error?.flatten(),
12
+ },
13
+ };
14
+ return c.json(body, 400);
15
+ };
16
+ exports.defaultHook = defaultHook;
17
+ //# sourceMappingURL=default-hook.js.map
package/dist/hono/middleware/default-hook.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"default-hook.js","sourceRoot":"","sources":["../../../src/hono/middleware/default-hook.ts"],"names":[],"mappings":";;;AAyBO,MAAM,WAAW,GAAG,CAAC,MAA4B,EAAE,CAAU,EAAwB,EAAE;IAC5F,IAAI,MAAM,CAAC,OAAO;QAAE,OAAO;IAC3B,MAAM,IAAI,GAAoB;QAC5B,KAAK,EAAE;YACL,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,2BAA2B;YACpC,OAAO,EAAE,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE;SACjC;KACF,CAAC;IACF,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AAC3B,CAAC,CAAC;AAVW,QAAA,WAAW,eAUtB"}
package/dist/hono/middleware/error-handler.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { Context } from '../../hono';
2
+ export declare const honoOnError: (err: Error, c: Context) => Response;