@daloyjs/core 0.3.3 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/README.md +3 -2
  2. package/dist/index.d.ts +2 -2
  3. package/dist/index.d.ts.map +1 -1
  4. package/dist/index.js +1 -1
  5. package/dist/index.js.map +1 -1
  6. package/dist/middleware.d.ts +48 -0
  7. package/dist/middleware.d.ts.map +1 -1
  8. package/dist/middleware.js +144 -4
  9. package/dist/middleware.js.map +1 -1
  10. package/package.json +1 -1
package/README.md CHANGED
@@ -177,7 +177,7 @@ import { swaggerUiHtml, htmlResponse } from "@daloyjs/core/docs";
177
177
  ```
178
178
 
179
179
  Mount at `/docs` and the UI is always contract-accurate — never stale.
180
- `create-daloy@0.1.13` mounts Swagger UI at `/docs` and the live spec at `/openapi.json` by default.
180
+ `create-daloy@0.1.14` mounts Swagger UI at `/docs` and the live spec at `/openapi.json` by default.
181
181
 
182
182
  ---
183
183
 
@@ -313,11 +313,12 @@ Full, versioned plan: [ROADMAP.md](./ROADMAP.md).
313
313
  - [x] Streaming response helpers: SSE + NDJSON with backpressure-safe writers (`sseStream` / `sseResponse` / `ndjsonStream` / `ndjsonResponse`)
314
314
  - [x] OpenAPI extras: `securitySchemes` builders (`httpBearerScheme` / `httpBasicScheme` / `apiKeyScheme` / `oauth2Scheme` / `openIdConnectScheme`), top-level `webhooks`, per-operation `callbacks`, and `discriminator` / `discriminatedUnion` helpers
315
315
  - [x] OpenTelemetry-compatible tracing hook (`otelTracing`) with HTTP semantic-convention attributes and per-request `SERVER` spans
316
+ - [x] CSRF helper (`csrf`) with double-submit-cookie pattern, timing-safe verification, and `__Host-` cookie defaults
316
317
  - [ ] Branch coverage push to `>= 98%`
317
318
  - [ ] Release checklist and publishing docs cleanup
318
319
 
319
320
  **On deck (`0.3.x` and beyond):**
320
- multipart/form-data ergonomics, CSRF helper, Redis rate-limit store,
321
+ multipart/form-data ergonomics, Redis rate-limit store,
321
322
  CLI route and schema inspector, WebSockets, and HTTP/2 + HTTP/3 adapters.
322
323
 
323
324
  ## License
package/dist/index.d.ts CHANGED
@@ -6,8 +6,8 @@ export type { ProblemDetails, ProblemRenderOptions } from "./errors.js";
6
6
  export type { StandardSchemaV1 } from "./schema.js";
7
7
  export { validate, isStandardSchema } from "./schema.js";
8
8
  export { readBodyLimited, safeJsonParse, sanitizeHeaderName, sanitizeHeaderValue, timingSafeEqual, randomId, } from "./security.js";
9
- export { requestId, secureHeaders, cors, rateLimit, timing, bearerAuth, } from "./middleware.js";
10
- export type { RequestIdOptions, SecureHeadersOptions, CorsOptions, RateLimitOptions, RateLimitStore, } from "./middleware.js";
9
+ export { requestId, secureHeaders, cors, rateLimit, timing, bearerAuth, csrf, } from "./middleware.js";
10
+ export type { RequestIdOptions, SecureHeadersOptions, CorsOptions, RateLimitOptions, RateLimitStore, CsrfOptions, CsrfCookieOptions, } from "./middleware.js";
11
11
  export { createLogger, noopLogger } from "./logger.js";
12
12
  export type { Logger, LogLevel, ConsoleLoggerOptions } from "./logger.js";
13
13
  export { sseStream, sseResponse, ndjsonStream, ndjsonResponse, } from "./streaming.js";
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE9D,YAAY,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,KAAK,EACL,WAAW,EACX,QAAQ,EACR,aAAa,EACb,YAAY,EACZ,QAAQ,EACR,UAAU,EACV,kBAAkB,EAClB,WAAW,EACX,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,SAAS,EACT,eAAe,EACf,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,GACd,MAAM,aAAa,CAAC;AACrB,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExE,YAAY,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEzD,OAAO,EACL,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,QAAQ,GACT,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,aAAa,EACb,IAAI,EACJ,SAAS,EACT,MAAM,EACN,UAAU,GACX,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,gBAAgB,EAChB,oBAAoB,EACpB,WAAW,EACX,gBAAgB,EAChB,cAAc,GACf,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACvD,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAE1E,OAAO,EACL,SAAS,EACT,WAAW,EACX,YAAY,EACZ,cAAc,GACf,MAAM,gBAAgB,CAAC;AACxB,YAAY,EACV,UAAU,EACV,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,GACtB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EACV,cAAc,EACd,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,sBAAsB,EACtB,gBAAgB,EAChB,uBAAuB,EACvB,2BAA2B,EAC3B,2BAA2B,EAC3B,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,mBAAmB,EACnB,mBAAmB,EACnB,0BAA0B,EAC1B,cAAc,GACf,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACvE,YAAY,EACV,mBAAmB,EACnB,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,yBAAyB,EACzB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,WAAW,EACX,uBAAuB,EACvB,aAAa,GACd,MAAM,cAAc,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,YAAY,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE9D,YAAY,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,QAAQ,EACR,KAAK,EACL,WAAW,EACX,QAAQ,EACR,aAAa,EACb,YAAY,EACZ,QAAQ,EACR,UAAU,EACV,kBAAkB,EAClB,WAAW,EACX,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,SAAS,EACT,eAAe,EACf,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,GACd,MAAM,aAAa,CAAC;AACrB,YAAY,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExE,YAAY,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEzD,OAAO,EACL,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,QAAQ,GACT,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,aAAa,EACb,IAAI,EACJ,SAAS,EACT,MAAM,EACN,UAAU,EACV,IAAI,GACL,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,gBAAgB,EAChB,oBAAoB,EACpB,WAAW,EACX,gBAAgB,EAChB,cAAc,EACd,WAAW,EACX,iBAAiB,GAClB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACvD,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAE1E,OAAO,EACL,SAAS,EACT,WAAW,EACX,YAAY,EACZ,cAAc,GACf,MAAM,gBAAgB,CAAC;AACxB,YAAY,EACV,UAAU,EACV,aAAa,EACb,gBAAgB,EAChB,kBAAkB,EAClB,qBAAqB,GACtB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,YAAY,EACV,cAAc,EACd,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,sBAAsB,EACtB,gBAAgB,EAChB,uBAAuB,EACvB,2BAA2B,EAC3B,2BAA2B,EAC3B,WAAW,EACX,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,mBAAmB,EACnB,mBAAmB,EACnB,0BAA0B,EAC1B,cAAc,GACf,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACvE,YAAY,EACV,mBAAmB,EACnB,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,yBAAyB,EACzB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,WAAW,EACX,uBAAuB,EACvB,aAAa,GACd,MAAM,cAAc,CAAC"}
package/dist/index.js CHANGED
@@ -2,7 +2,7 @@ export { App } from "./app.js";
2
2
  export { HttpError, BadRequestError, ValidationError, NotFoundError, UnauthorizedError, ForbiddenError, MethodNotAllowedError, PayloadTooLargeError, UnsupportedMediaTypeError, TooManyRequestsError, RequestTimeoutError, InternalError, } from "./errors.js";
3
3
  export { validate, isStandardSchema } from "./schema.js";
4
4
  export { readBodyLimited, safeJsonParse, sanitizeHeaderName, sanitizeHeaderValue, timingSafeEqual, randomId, } from "./security.js";
5
- export { requestId, secureHeaders, cors, rateLimit, timing, bearerAuth, } from "./middleware.js";
5
+ export { requestId, secureHeaders, cors, rateLimit, timing, bearerAuth, csrf, } from "./middleware.js";
6
6
  export { createLogger, noopLogger } from "./logger.js";
7
7
  export { sseStream, sseResponse, ndjsonStream, ndjsonResponse, } from "./streaming.js";
8
8
  export { httpBearerScheme, httpBasicScheme, apiKeyScheme, oauth2Scheme, openIdConnectScheme, } from "./security-schemes.js";
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAuB/B,OAAO,EACL,SAAS,EACT,eAAe,EACf,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,GACd,MAAM,aAAa,CAAC;AAIrB,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEzD,OAAO,EACL,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,QAAQ,GACT,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,aAAa,EACb,IAAI,EACJ,SAAS,EACT,MAAM,EACN,UAAU,GACX,MAAM,iBAAiB,CAAC;AASzB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGvD,OAAO,EACL,SAAS,EACT,WAAW,EACX,YAAY,EACZ,cAAc,GACf,MAAM,gBAAgB,CAAC;AASxB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAqB/B,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAOvE,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,yBAAyB,EACzB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,cAAc,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAuB/B,OAAO,EACL,SAAS,EACT,eAAe,EACf,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,yBAAyB,EACzB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,GACd,MAAM,aAAa,CAAC;AAIrB,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEzD,OAAO,EACL,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,QAAQ,GACT,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,SAAS,EACT,aAAa,EACb,IAAI,EACJ,SAAS,EACT,MAAM,EACN,UAAU,EACV,IAAI,GACL,MAAM,iBAAiB,CAAC;AAWzB,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGvD,OAAO,EACL,SAAS,EACT,WAAW,EACX,YAAY,EACZ,cAAc,GACf,MAAM,gBAAgB,CAAC;AASxB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAqB/B,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAOvE,OAAO,EACL,WAAW,EACX,wBAAwB,EACxB,yBAAyB,EACzB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,cAAc,CAAC"}
package/dist/middleware.d.ts CHANGED
@@ -64,5 +64,53 @@ export declare function bearerAuth(opts: {
64
64
  validate: (token: string) => boolean | Promise<boolean>;
65
65
  realm?: string;
66
66
  }): Hooks;
67
+ /**
68
+ * Cookie attributes for the CSRF token cookie. The token cookie must be
69
+ * **readable by client-side JavaScript** (so the SPA can mirror it into a
70
+ * request header), so `HttpOnly` is intentionally not configurable.
71
+ */
72
+ export interface CsrfCookieOptions {
73
+ /** `Strict` | `Lax` | `None`. Default: `"Lax"`. */
74
+ sameSite?: "Strict" | "Lax" | "None";
75
+ /** Default: `true`. Required when `sameSite` is `"None"`. */
76
+ secure?: boolean;
77
+ /** Default: `"/"`. */
78
+ path?: string;
79
+ /** Optional `Domain=` attribute. Cannot be combined with a `__Host-` cookie name. */
80
+ domain?: string;
81
+ /** Optional `Max-Age=` (seconds). When omitted the cookie is a session cookie. */
82
+ maxAgeSeconds?: number;
83
+ /** Emit `Partitioned` (CHIPS) for cross-site contexts. Default: `false`. */
84
+ partitioned?: boolean;
85
+ }
86
+ export interface CsrfOptions {
87
+ /**
88
+ * Cookie name carrying the CSRF token. Default: `"__Host-daloy.csrf"`.
89
+ * `__Host-` prefixed names require `secure: true`, `path: "/"`, and no `domain`.
90
+ * The middleware enforces those constraints at construction time.
91
+ */
92
+ cookieName?: string;
93
+ /** Request header that must echo the cookie value. Default: `"x-csrf-token"`. */
94
+ headerName?: string;
95
+ /** Methods that skip token validation but still receive a cookie. Default: GET/HEAD/OPTIONS. */
96
+ ignoreMethods?: string[];
97
+ /** Cookie attributes (see {@link CsrfCookieOptions}). */
98
+ cookieOptions?: CsrfCookieOptions;
99
+ /** Override the random token generator (32 bytes URL-safe by default). */
100
+ generator?: () => string;
101
+ }
102
+ /**
103
+ * Double-submit-cookie CSRF protection.
104
+ *
105
+ * On safe methods (default GET/HEAD/OPTIONS), ensures the client has a CSRF
106
+ * cookie; if missing, issues a fresh token and sets it via `Set-Cookie` on
107
+ * the response. The token is also exposed on `ctx.state.csrfToken` so handlers
108
+ * can render it into HTML.
109
+ *
110
+ * On mutating methods, requires that an `x-csrf-token` request header (name
111
+ * configurable) matches the cookie value via timing-safe comparison. A missing
112
+ * or mismatched token rejects the request with `403 Forbidden`.
113
+ */
114
+ export declare function csrf(opts?: CsrfOptions): Hooks;
67
115
  export { timingSafeEqual };
68
116
  //# sourceMappingURL=middleware.d.ts.map
package/dist/middleware.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAErD,OAAO,EAAY,eAAe,EAAE,MAAM,eAAe,CAAC;AAI1D,MAAM,WAAW,gBAAgB;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,0EAA0E;IAC1E,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,MAAM,CAAC;CAC1B;AAED,wBAAgB,SAAS,CAAC,IAAI,GAAE,gBAAqB,GAAG,KAAK,CAgB5D;AAID,MAAM,WAAW,oBAAoB;IACnC,qBAAqB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACvC,IAAI,CAAC,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,KAAK,CAAC;IACzF,YAAY,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,KAAK,CAAC;IAC7C,cAAc,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACnC,uBAAuB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACzC,yBAAyB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAC3C,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,wBAAgB,aAAa,CAAC,IAAI,GAAE,oBAAyB,GAAG,KAAK,CAsCpE;AAID,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC;IAC1D,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAgB,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,KAAK,CA2D7C;AAID,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACjF;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,KAAK,MAAM,CAAC;IACtD,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,+DAA+D;IAC/D,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAqBD,wBAAgB,SAAS,CAAC,IAAI,EAAE,gBAAgB,GAAG,KAAK,CA8BvD;AAID,wBAAgB,MAAM,CAAC,UAAU,SAAkB,GAAG,KAAK,CAe1D;AAID,wBAAgB,UAAU,CAAC,IAAI,EAAE;IAC/B,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,KAAK,CA0BR;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}
1
+ {"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAErD,OAAO,EAAgC,eAAe,EAAE,MAAM,eAAe,CAAC;AAI9E,MAAM,WAAW,gBAAgB;IAC/B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,0EAA0E;IAC1E,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,MAAM,CAAC;CAC1B;AAED,wBAAgB,SAAS,CAAC,IAAI,GAAE,gBAAqB,GAAG,KAAK,CAgB5D;AAID,MAAM,WAAW,oBAAoB;IACnC,qBAAqB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACvC,IAAI,CAAC,EAAE;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,KAAK,CAAC;IACzF,YAAY,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,KAAK,CAAC;IAC7C,cAAc,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAChC,iBAAiB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACnC,uBAAuB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACzC,yBAAyB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAC3C,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED,wBAAgB,aAAa,CAAC,IAAI,GAAE,oBAAyB,GAAG,KAAK,CAsCpE;AAID,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC;IAC1D,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAgB,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,KAAK,CA2D7C;AAID,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACjF;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,KAAK,MAAM,CAAC;IACtD,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,+DAA+D;IAC/D,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAqBD,wBAAgB,SAAS,CAAC,IAAI,EAAE,gBAAgB,GAAG,KAAK,CA4BvD;AAID,wBAAgB,MAAM,CAAC,UAAU,SAAkB,GAAG,KAAK,CAe1D;AAID,wBAAgB,UAAU,CAAC,IAAI,EAAE;IAC/B,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GAAG,KAAK,CA0BR;AAID;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAChC,mDAAmD;IACnD,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IACrC,6DAA6D;IAC7D,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,sBAAsB;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,qFAAqF;IACrF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kFAAkF;IAClF,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,4EAA4E;IAC5E,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iFAAiF;IACjF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gGAAgG;IAChG,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,yDAAyD;IACzD,aAAa,CAAC,EAAE,iBAAiB,CAAC;IAClC,0EAA0E;IAC1E,SAAS,CAAC,EAAE,MAAM,MAAM,CAAC;CAC1B;AA4ED;;;;;;;;;;;GAWG;AACH,wBAAgB,IAAI,CAAC,IAAI,GAAE,WAAgB,GAAG,KAAK,CAiDlD;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}
package/dist/middleware.js CHANGED
@@ -5,7 +5,7 @@
5
5
  * groups, and per-route hooks identically.
6
6
  */
7
7
  import { TooManyRequestsError, ForbiddenError } from "./errors.js";
8
- import { randomId, timingSafeEqual } from "./security.js";
8
+ import { randomId, sanitizeHeaderName, timingSafeEqual } from "./security.js";
9
9
  export function requestId(opts = {}) {
10
10
  const header = (opts.header ?? "x-request-id").toLowerCase();
11
11
  const gen = opts.generator ?? randomId;
@@ -154,9 +154,9 @@ export function rateLimit(opts) {
154
154
  const keyOf = opts.keyGenerator ??
155
155
  ((ctx) => {
156
156
  if (opts.trustProxyHeaders) {
157
- return (ctx.request.headers.get("x-forwarded-for")?.split(",")[0]?.trim() ||
158
- ctx.request.headers.get("x-real-ip") ||
159
- "global");
157
+ const xff = ctx.request.headers.get("x-forwarded-for");
158
+ const first = xff ? xff.split(",")[0].trim() : "";
159
+ return first || ctx.request.headers.get("x-real-ip") || "global";
160
160
  }
161
161
  return "global";
162
162
  });
@@ -218,5 +218,145 @@ export function bearerAuth(opts) {
218
218
  },
219
219
  };
220
220
  }
221
+ const CSRF_STATE_TOKEN = "csrfToken";
222
+ const CSRF_STATE_ISSUED = "__csrfIssued";
223
+ const CSRF_COOKIE_NAME_RE = /^[!#$%&'*+.^_`|~0-9A-Za-z-]+$/;
224
+ function generateCsrfToken() {
225
+ const cryptoApi = globalThis.crypto;
226
+ if (cryptoApi?.getRandomValues) {
227
+ const buf = new Uint8Array(32);
228
+ cryptoApi.getRandomValues(buf);
229
+ return Array.from(buf, (byte) => byte.toString(16).padStart(2, "0")).join("");
230
+ }
231
+ if (cryptoApi?.randomUUID)
232
+ return cryptoApi.randomUUID().replace(/-/g, "");
233
+ throw new Error("csrf(): WebCrypto is required for the default token generator. Pass a custom generator to csrf({ generator }).");
234
+ }
235
+ function validateCookieSegment(kind, value) {
236
+ if (/[;\r\n\0]/.test(value))
237
+ throw new Error(`csrf(): cookieOptions.${kind} contains an invalid character.`);
238
+ }
239
+ function validateCsrfCookieOptions(cookieName, opts) {
240
+ if (!CSRF_COOKIE_NAME_RE.test(cookieName))
241
+ throw new Error("csrf(): cookieName is not a valid cookie name.");
242
+ if (opts.sameSite !== "Strict" && opts.sameSite !== "Lax" && opts.sameSite !== "None") {
243
+ throw new Error('csrf(): cookieOptions.sameSite must be "Strict", "Lax", or "None".');
244
+ }
245
+ if (!opts.path.startsWith("/"))
246
+ throw new Error('csrf(): cookieOptions.path must start with "/".');
247
+ validateCookieSegment("path", opts.path);
248
+ if (opts.domain)
249
+ validateCookieSegment("domain", opts.domain);
250
+ if (!Number.isInteger(opts.maxAgeSeconds) || opts.maxAgeSeconds < 0) {
251
+ throw new Error("csrf(): cookieOptions.maxAgeSeconds must be a non-negative integer.");
252
+ }
253
+ if (cookieName.startsWith("__Host-")) {
254
+ if (!opts.secure || opts.path !== "/" || opts.domain) {
255
+ throw new Error('csrf(): "__Host-" cookie names require secure: true, path: "/", and no domain. ' +
256
+ "Pass an explicit cookieName or relax cookieOptions to use a non-prefixed cookie.");
257
+ }
258
+ }
259
+ if (opts.sameSite === "None" && !opts.secure) {
260
+ throw new Error('csrf(): cookieOptions.sameSite: "None" requires secure: true.');
261
+ }
262
+ }
263
+ function parseCookieValue(header, name) {
264
+ if (!header)
265
+ return null;
266
+ const parts = header.split(";");
267
+ for (let i = 0; i < parts.length; i++) {
268
+ const part = parts[i];
269
+ const eq = part.indexOf("=");
270
+ if (eq < 0)
271
+ continue;
272
+ const k = part.slice(0, eq).trim();
273
+ if (k === name) {
274
+ const v = part.slice(eq + 1).trim();
275
+ try {
276
+ return decodeURIComponent(v);
277
+ }
278
+ catch {
279
+ return v;
280
+ }
281
+ }
282
+ }
283
+ return null;
284
+ }
285
+ function buildCsrfSetCookie(name, value, opts) {
286
+ let s = `${name}=${encodeURIComponent(value)}`;
287
+ s += `; Path=${opts.path}`;
288
+ s += `; SameSite=${opts.sameSite}`;
289
+ if (opts.secure)
290
+ s += "; Secure";
291
+ if (opts.domain)
292
+ s += `; Domain=${opts.domain}`;
293
+ if (opts.maxAgeSeconds > 0)
294
+ s += `; Max-Age=${opts.maxAgeSeconds}`;
295
+ if (opts.partitioned)
296
+ s += "; Partitioned";
297
+ return s;
298
+ }
299
+ /**
300
+ * Double-submit-cookie CSRF protection.
301
+ *
302
+ * On safe methods (default GET/HEAD/OPTIONS), ensures the client has a CSRF
303
+ * cookie; if missing, issues a fresh token and sets it via `Set-Cookie` on
304
+ * the response. The token is also exposed on `ctx.state.csrfToken` so handlers
305
+ * can render it into HTML.
306
+ *
307
+ * On mutating methods, requires that an `x-csrf-token` request header (name
308
+ * configurable) matches the cookie value via timing-safe comparison. A missing
309
+ * or mismatched token rejects the request with `403 Forbidden`.
310
+ */
311
+ export function csrf(opts = {}) {
312
+ const cookieName = opts.cookieName ?? "__Host-daloy.csrf";
313
+ const headerName = sanitizeHeaderName(opts.headerName ?? "x-csrf-token").toLowerCase();
314
+ const ignore = new Set((opts.ignoreMethods ?? ["GET", "HEAD", "OPTIONS"]).map((m) => m.toUpperCase()));
315
+ const generator = opts.generator ?? generateCsrfToken;
316
+ const cookieOverrides = opts.cookieOptions ?? {};
317
+ const cookieOpts = {
318
+ sameSite: cookieOverrides.sameSite ?? "Lax",
319
+ secure: cookieOverrides.secure ?? true,
320
+ path: cookieOverrides.path ?? "/",
321
+ domain: cookieOverrides.domain ?? "",
322
+ maxAgeSeconds: cookieOverrides.maxAgeSeconds ?? 0,
323
+ partitioned: cookieOverrides.partitioned ?? false,
324
+ };
325
+ validateCsrfCookieOptions(cookieName, cookieOpts);
326
+ return {
327
+ beforeHandle(ctx) {
328
+ const existing = parseCookieValue(ctx.request.headers.get("cookie"), cookieName);
329
+ const method = ctx.request.method.toUpperCase();
330
+ if (ignore.has(method)) {
331
+ if (existing) {
332
+ ctx.state[CSRF_STATE_TOKEN] = existing;
333
+ }
334
+ else {
335
+ const token = generator();
336
+ if (!token)
337
+ throw new Error("csrf(): generator returned an empty token.");
338
+ ctx.state[CSRF_STATE_TOKEN] = token;
339
+ ctx.state[CSRF_STATE_ISSUED] = token;
340
+ }
341
+ return undefined;
342
+ }
343
+ const provided = ctx.request.headers.get(headerName);
344
+ if (!existing || !provided || !timingSafeEqual(existing, provided)) {
345
+ throw new ForbiddenError("CSRF token missing or invalid");
346
+ }
347
+ ctx.state[CSRF_STATE_TOKEN] = existing;
348
+ return undefined;
349
+ },
350
+ onSend(res, ctx) {
351
+ if (!ctx)
352
+ return undefined;
353
+ const issued = ctx.state[CSRF_STATE_ISSUED];
354
+ if (!issued)
355
+ return undefined;
356
+ res.headers.append("set-cookie", buildCsrfSetCookie(cookieName, issued, cookieOpts));
357
+ return undefined;
358
+ },
359
+ };
360
+ }
221
361
  export { timingSafeEqual };
222
362
  //# sourceMappingURL=middleware.js.map
package/dist/middleware.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAW1D,MAAM,UAAU,SAAS,CAAC,OAAyB,EAAE;IACnD,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,QAAQ,CAAC;IACvC,OAAO;QACL,YAAY,CAAC,GAAG;YACd,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7E,MAAM,EAAE,GAAG,QAAQ,IAAI,yBAAyB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;YAClF,GAAG,CAAC,KAAiC,CAAC,SAAS,GAAG,EAAE,CAAC;YACtD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QACD,UAAU,CAAC,GAAG;YACZ,qEAAqE;YACrE,0BAA0B;YAC1B,KAAK,GAAG,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,aAAa,CAAC,OAA6B,EAAE;IAC3D,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,qBAAqB,IAAI,4CAA4C,CAAC;IACvF,IAAI,GAAG,KAAK,KAAK;QAAE,OAAO,CAAC,yBAAyB,CAAC,GAAG,GAAG,CAAC;IAE5D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC;IAC/E,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,WAAW,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,IAAI,IAAI,CAAC,iBAAiB;YAAE,CAAC,IAAI,qBAAqB,CAAC;QACvD,IAAI,IAAI,CAAC,OAAO;YAAE,CAAC,IAAI,WAAW,CAAC;QACnC,OAAO,CAAC,2BAA2B,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,IAAI,MAAM,CAAC;IAC1C,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC;IAExD,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,IAAI,aAAa,CAAC;IACjD,IAAI,GAAG,KAAK,KAAK;QAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,GAAG,CAAC;IAEpD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,IAAI,0CAA0C,CAAC;IAClF,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC;IAEzD,MAAM,IAAI,GAAG,IAAI,CAAC,uBAAuB,IAAI,aAAa,CAAC;IAC3D,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC;IAEjE,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,IAAI,aAAa,CAAC;IAC7D,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,8BAA8B,CAAC,GAAG,IAAI,CAAC;IAEnE,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK;QAAE,OAAO,CAAC,wBAAwB,CAAC,GAAG,SAAS,CAAC;IAC1E,IAAI,IAAI,CAAC,aAAa,IAAI,KAAK;QAAE,OAAO,CAAC,kBAAkB,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IAEtF,OAAO;QACL,UAAU,CAAC,GAAG;YACZ,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;oBAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,oBAAoB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;AAClF,MAAM,4BAA4B,GAAG,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;AAUvE,MAAM,UAAU,IAAI,CAAC,IAAiB;IACpC,2EAA2E;IAC3E,+DAA+D;IAC/D,iDAAiD;IACjD,wEAAwE;IACxE,wEAAwE;IACxE,uCAAuC;IACvC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,gBAAgB,GACpB,IAAI,CAAC,MAAM,KAAK,GAAG;YACnB,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5D,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CACb,mEAAmE;gBACjE,+FAA+F,CAClG,CAAC;QACJ,CAAC;IACH,CAAC;IACD,MAAM,KAAK,GAAG,CAAC,MAAqB,EAAiB,EAAE;QACrD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/G,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QACpF,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IAC7C,CAAC,CAAC;IACF,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,oBAAoB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,cAAc,IAAI,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,IAAI,GAAG,CAAC,CAAC;IAEjD,OAAO;QACL,YAAY,CAAC,GAAG;YACd,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACjD,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;gBAC5D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBACtC,IAAI,IAAI,CAAC,WAAW;oBAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;gBACtF,IAAI,OAAO;oBAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,OAAO,CAAC,CAAC;YAC7E,CAAC;YACD,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBACrC,MAAM,CAAC,GAAG,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,OAAO,EAAE,CAAC;oBACZ,CAAC,CAAC,GAAG,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;oBAC9C,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;oBACxB,IAAI,IAAI,CAAC,WAAW;wBAAE,CAAC,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;gBAC1E,CAAC;gBACD,CAAC,CAAC,GAAG,CAAC,8BAA8B,EAAE,OAAO,CAAC,CAAC;gBAC/C,CAAC,CAAC,GAAG,CAAC,8BAA8B,EAAE,cAAc,CAAC,CAAC;gBACtD,CAAC,CAAC,GAAG,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;gBACxC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,UAAU,CAAC,GAAG;YACZ,8CAA8C;YAC9C,8BAA8B;YAC9B,KAAK,GAAG,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAuBD,MAAM,WAAW;IACP,OAAO,GAAG,IAAI,GAAG,EAA8C,CAAC;IACxE,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,QAAgB;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,GAAG,QAAQ,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7B,6DAA6D;YAC7D,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,MAAM,EAAE,CAAC;gBAC/B,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO;oBAAE,IAAI,CAAC,CAAC,OAAO,IAAI,GAAG;wBAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,CAAC,CAAC,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,CAAC;IACX,CAAC;CACF;AAED,MAAM,UAAU,SAAS,CAAC,IAAsB;IAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,CAAC;IAC9C,MAAM,KAAK,GACT,IAAI,CAAC,YAAY;QACjB,CAAC,CAAC,GAA0B,EAAE,EAAE;YAC9B,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC3B,OAAO,CACL,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;oBACjE,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;oBACpC,QAAQ,CACT,CAAC;YACJ,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL,OAAO;QACL,KAAK,CAAC,YAAY,CAAC,GAAG;YACpB,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;YACvB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;YAChD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;YAChE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAC5E,IAAI,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACrB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBACvD,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,+BAA+B;AAE/B,MAAM,UAAU,MAAM,CAAC,UAAU,GAAG,eAAe;IACjD,MAAM,GAAG,GAAG,GAAW,EAAE,CACvB,OAAO,WAAW,KAAK,WAAW,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IACzF,OAAO;QACL,YAAY,CAAC,GAAG;YACb,GAAG,CAAC,KAAiC,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;QACzD,CAAC;QACD,WAAW,CAAC,GAAG,EAAE,KAAK;YACpB,MAAM,KAAK,GAAI,GAAG,CAAC,KAAiC,CAAC,OAA6B,CAAC;YACnF,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;AACJ,CAAC;AAED,2CAA2C;AAE3C,MAAM,UAAU,UAAU,CAAC,IAG1B;IACC,OAAO;QACL,KAAK,CAAC,YAAY,CAAC,GAAG;YACpB,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;YACzD,MAAM,CAAC,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACP,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,yCAAyC;oBAC/C,KAAK,EAAE,cAAc;oBACrB,MAAM,EAAE,GAAG;iBACZ,CAAC,EACF;oBACE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE;wBACP,cAAc,EAAE,0BAA0B;wBAC1C,kBAAkB,EAAE,iBAAiB,IAAI,CAAC,KAAK,IAAI,KAAK,GAAG;qBAC5D;iBACF,CACF,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC,CAAC;YACtC,IAAI,CAAC,EAAE;gBAAE,MAAM,IAAI,cAAc,CAAC,eAAe,CAAC,CAAC;YACnD,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}
1
+ {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../src/middleware.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAW9E,MAAM,UAAU,SAAS,CAAC,OAAyB,EAAE;IACnD,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IAC7D,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,QAAQ,CAAC;IACvC,OAAO;QACL,YAAY,CAAC,GAAG;YACd,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YAC7E,MAAM,EAAE,GAAG,QAAQ,IAAI,yBAAyB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;YAClF,GAAG,CAAC,KAAiC,CAAC,SAAS,GAAG,EAAE,CAAC;YACtD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAClC,CAAC;QACD,UAAU,CAAC,GAAG;YACZ,qEAAqE;YACrE,0BAA0B;YAC1B,KAAK,GAAG,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,UAAU,aAAa,CAAC,OAA6B,EAAE;IAC3D,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,qBAAqB,IAAI,4CAA4C,CAAC;IACvF,IAAI,GAAG,KAAK,KAAK;QAAE,OAAO,CAAC,yBAAyB,CAAC,GAAG,GAAG,CAAC;IAE5D,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC;IAC/E,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,WAAW,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,IAAI,IAAI,CAAC,iBAAiB;YAAE,CAAC,IAAI,qBAAqB,CAAC;QACvD,IAAI,IAAI,CAAC,OAAO;YAAE,CAAC,IAAI,WAAW,CAAC;QACnC,OAAO,CAAC,2BAA2B,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,IAAI,MAAM,CAAC;IAC1C,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC;IAExD,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,IAAI,aAAa,CAAC;IACjD,IAAI,GAAG,KAAK,KAAK;QAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,GAAG,CAAC;IAEpD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,IAAI,0CAA0C,CAAC;IAClF,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC;IAEzD,MAAM,IAAI,GAAG,IAAI,CAAC,uBAAuB,IAAI,aAAa,CAAC;IAC3D,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC;IAEjE,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,IAAI,aAAa,CAAC;IAC7D,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,CAAC,8BAA8B,CAAC,GAAG,IAAI,CAAC;IAEnE,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK;QAAE,OAAO,CAAC,wBAAwB,CAAC,GAAG,SAAS,CAAC;IAC1E,IAAI,IAAI,CAAC,aAAa,IAAI,KAAK;QAAE,OAAO,CAAC,kBAAkB,CAAC,GAAG,GAAG,CAAC,CAAC,kBAAkB;IAEtF,OAAO;QACL,UAAU,CAAC,GAAG;YACZ,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;oBAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,oBAAoB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;AAClF,MAAM,4BAA4B,GAAG,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;AAUvE,MAAM,UAAU,IAAI,CAAC,IAAiB;IACpC,2EAA2E;IAC3E,+DAA+D;IAC/D,iDAAiD;IACjD,wEAAwE;IACxE,wEAAwE;IACxE,uCAAuC;IACvC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,gBAAgB,GACpB,IAAI,CAAC,MAAM,KAAK,GAAG;YACnB,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5D,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CACb,mEAAmE;gBACjE,+FAA+F,CAClG,CAAC;QACJ,CAAC;IACH,CAAC;IACD,MAAM,KAAK,GAAG,CAAC,MAAqB,EAAiB,EAAE;QACrD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/G,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QACpF,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IAC7C,CAAC,CAAC;IACF,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,oBAAoB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,cAAc,IAAI,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,IAAI,GAAG,CAAC,CAAC;IAEjD,OAAO;QACL,YAAY,CAAC,GAAG;YACd,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACjD,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;gBAC5D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBACtC,IAAI,IAAI,CAAC,WAAW;oBAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;gBACtF,IAAI,OAAO;oBAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,OAAO,CAAC,CAAC;YAC7E,CAAC;YACD,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBACrC,MAAM,CAAC,GAAG,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,OAAO,EAAE,CAAC;oBACZ,CAAC,CAAC,GAAG,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;oBAC9C,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;oBACxB,IAAI,IAAI,CAAC,WAAW;wBAAE,CAAC,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;gBAC1E,CAAC;gBACD,CAAC,CAAC,GAAG,CAAC,8BAA8B,EAAE,OAAO,CAAC,CAAC;gBAC/C,CAAC,CAAC,GAAG,CAAC,8BAA8B,EAAE,cAAc,CAAC,CAAC;gBACtD,CAAC,CAAC,GAAG,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;gBACxC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,UAAU,CAAC,GAAG;YACZ,8CAA8C;YAC9C,8BAA8B;YAC9B,KAAK,GAAG,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAuBD,MAAM,WAAW;IACP,OAAO,GAAG,IAAI,GAAG,EAA8C,CAAC;IACxE,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,QAAgB;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,GAAG,QAAQ,EAAE,CAAC;YACpD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7B,6DAA6D;YAC7D,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,MAAM,EAAE,CAAC;gBAC/B,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO;oBAAE,IAAI,CAAC,CAAC,OAAO,IAAI,GAAG;wBAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,CAAC,CAAC,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,CAAC;IACX,CAAC;CACF;AAED,MAAM,UAAU,SAAS,CAAC,IAAsB;IAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,CAAC;IAC9C,MAAM,KAAK,GACT,IAAI,CAAC,YAAY;QACjB,CAAC,CAAC,GAA0B,EAAE,EAAE;YAC9B,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC3B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;gBACvD,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACnD,OAAO,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC;YACnE,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC,CAAC;IAEL,OAAO;QACL,KAAK,CAAC,YAAY,CAAC,GAAG;YACpB,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;YACvB,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;YAChD,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;YAChE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAC5E,IAAI,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACrB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBACvD,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,+BAA+B;AAE/B,MAAM,UAAU,MAAM,CAAC,UAAU,GAAG,eAAe;IACjD,MAAM,GAAG,GAAG,GAAW,EAAE,CACvB,OAAO,WAAW,KAAK,WAAW,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IACzF,OAAO;QACL,YAAY,CAAC,GAAG;YACb,GAAG,CAAC,KAAiC,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;QACzD,CAAC;QACD,WAAW,CAAC,GAAG,EAAE,KAAK;YACpB,MAAM,KAAK,GAAI,GAAG,CAAC,KAAiC,CAAC,OAA6B,CAAC;YACnF,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;AACJ,CAAC;AAED,2CAA2C;AAE3C,MAAM,UAAU,UAAU,CAAC,IAG1B;IACC,OAAO;QACL,KAAK,CAAC,YAAY,CAAC,GAAG;YACpB,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;YACzD,MAAM,CAAC,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACP,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,yCAAyC;oBAC/C,KAAK,EAAE,cAAc;oBACrB,MAAM,EAAE,GAAG;iBACZ,CAAC,EACF;oBACE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE;wBACP,cAAc,EAAE,0BAA0B;wBAC1C,kBAAkB,EAAE,iBAAiB,IAAI,CAAC,KAAK,IAAI,KAAK,GAAG;qBAC5D;iBACF,CACF,CAAC;YACJ,CAAC;YACD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC,CAAC;YACtC,IAAI,CAAC,EAAE;gBAAE,MAAM,IAAI,cAAc,CAAC,eAAe,CAAC,CAAC;YACnD,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAyCD,MAAM,gBAAgB,GAAG,WAAW,CAAC;AACrC,MAAM,iBAAiB,GAAG,cAAc,CAAC;AACzC,MAAM,mBAAmB,GAAG,+BAA+B,CAAC;AAE5D,SAAS,iBAAiB;IACxB,MAAM,SAAS,GAAwB,UAAkB,CAAC,MAAM,CAAC;IACjE,IAAI,SAAS,EAAE,eAAe,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAC/B,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,SAAS,EAAE,UAAU;QAAE,OAAO,SAAS,CAAC,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC3E,MAAM,IAAI,KAAK,CAAC,gHAAgH,CAAC,CAAC;AACpI,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAuB,EAAE,KAAa;IACnE,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,iCAAiC,CAAC,CAAC;AAC/G,CAAC;AAED,SAAS,yBAAyB,CAAC,UAAkB,EAAE,IAAiC;IACtF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IAC7G,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QACtF,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;IACxF,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACnG,qBAAqB,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,IAAI,IAAI,CAAC,MAAM;QAAE,qBAAqB,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9D,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,aAAa,GAAG,CAAC,EAAE,CAAC;QACpE,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;IACzF,CAAC;IACD,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACrC,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CACb,iFAAiF;gBAC/E,kFAAkF,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;IACnF,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAqB,EAAE,IAAY;IAC3D,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,EAAE,GAAG,CAAC;YAAE,SAAS;QACrB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YACf,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,CAAC;YACX,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,KAAa,EAAE,IAAiC;IACxF,IAAI,CAAC,GAAG,GAAG,IAAI,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC;IAC/C,CAAC,IAAI,UAAU,IAAI,CAAC,IAAI,EAAE,CAAC;IAC3B,CAAC,IAAI,cAAc,IAAI,CAAC,QAAQ,EAAE,CAAC;IACnC,IAAI,IAAI,CAAC,MAAM;QAAE,CAAC,IAAI,UAAU,CAAC;IACjC,IAAI,IAAI,CAAC,MAAM;QAAE,CAAC,IAAI,YAAY,IAAI,CAAC,MAAM,EAAE,CAAC;IAChD,IAAI,IAAI,CAAC,aAAa,GAAG,CAAC;QAAE,CAAC,IAAI,aAAa,IAAI,CAAC,aAAa,EAAE,CAAC;IACnE,IAAI,IAAI,CAAC,WAAW;QAAE,CAAC,IAAI,eAAe,CAAC;IAC3C,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,IAAI,CAAC,OAAoB,EAAE;IACzC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,CAAC;IAC1D,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,UAAU,IAAI,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IACvF,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACvG,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,iBAAiB,CAAC;IAEtD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;IACjD,MAAM,UAAU,GAAgC;QAC9C,QAAQ,EAAE,eAAe,CAAC,QAAQ,IAAI,KAAK;QAC3C,MAAM,EAAE,eAAe,CAAC,MAAM,IAAI,IAAI;QACtC,IAAI,EAAE,eAAe,CAAC,IAAI,IAAI,GAAG;QACjC,MAAM,EAAE,eAAe,CAAC,MAAM,IAAI,EAAE;QACpC,aAAa,EAAE,eAAe,CAAC,aAAa,IAAI,CAAC;QACjD,WAAW,EAAE,eAAe,CAAC,WAAW,IAAI,KAAK;KAClD,CAAC;IACF,yBAAyB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAElD,OAAO;QACL,YAAY,CAAC,GAAG;YACd,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,UAAU,CAAC,CAAC;YACjF,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAEhD,IAAI,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvB,IAAI,QAAQ,EAAE,CAAC;oBACZ,GAAG,CAAC,KAAiC,CAAC,gBAAgB,CAAC,GAAG,QAAQ,CAAC;gBACtE,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;oBAC1B,IAAI,CAAC,KAAK;wBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;oBACzE,GAAG,CAAC,KAAiC,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC;oBAChE,GAAG,CAAC,KAAiC,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC;gBACpE,CAAC;gBACD,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;gBACnE,MAAM,IAAI,cAAc,CAAC,+BAA+B,CAAC,CAAC;YAC5D,CAAC;YACA,GAAG,CAAC,KAAiC,CAAC,gBAAgB,CAAC,GAAG,QAAQ,CAAC;YACpE,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,CAAC,GAAG,EAAE,GAAG;YACb,IAAI,CAAC,GAAG;gBAAE,OAAO,SAAS,CAAC;YAC3B,MAAM,MAAM,GAAI,GAAG,CAAC,KAAiC,CAAC,iBAAiB,CAAuB,CAAC;YAC/F,IAAI,CAAC,MAAM;gBAAE,OAAO,SAAS,CAAC;YAC9B,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,kBAAkB,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;YACrF,OAAO,SAAS,CAAC;QACnB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@daloyjs/core",
3
- "version": "0.3.3",
3
+ "version": "0.4.0",
4
4
  "description": "DaloyJS is a runtime-portable, contract-first TypeScript web framework with built-in OpenAPI (Hey API), typed client generation, large-scale maintainability, and security-first defaults. Hono-grade portability, Elysia-grade DX, FastAPI-grade docs, Fastify-grade ops — distributed via pnpm.",
5
5
  "type": "module",
6
6
  "publishConfig": {