@develit-io/backend-sdk 6.0.0 → 7.0.1

package/dist/index.d.mts

@@ -1,8 +1,7 @@
 import * as drizzle_orm from 'drizzle-orm';
-import { ExtractTablesWithRelations, DBQueryConfig, BuildQueryResult } from 'drizzle-orm';
+import { ExtractTablesWithRelations, DBQueryConfig, BuildQueryResult, AnyColumn } from 'drizzle-orm';
 import * as drizzle_orm_sqlite_core from 'drizzle-orm/sqlite-core';
 import { AnySQLiteTable } from 'drizzle-orm/sqlite-core';
-import { MiddlewareHandler } from 'hono/types';
 import { z as z$1 } from 'zod';
 import * as z from 'zod/v4/core';
 import { ContentfulStatusCode, SuccessStatusCode } from 'hono/utils/http-status';
@@ -11,12 +10,14 @@ import { Queue } from '@cloudflare/workers-types';
 import { BatchItem } from 'drizzle-orm/batch';
 import { DrizzleD1Database } from 'drizzle-orm/d1';
 
-declare const uuidv4: () => `${string}-${string}-${string}-${string}-${string}`;
+declare const ENVIRONMENT: string[];
 
 type Environment = string | 'localhost' | 'dev' | 'test' | 'staging' | 'production';
 
 type Project = 'creditio' | 'dbu-mdm' | 'dbu-txs' | 'cryptobyte-website' | 'lrf-website' | 'moneio' | 'paycorp-fiat-processor';
 
+declare const uuidv4: () => `${string}-${string}-${string}-${string}-${string}`;
+
 declare const base: {
     id: drizzle_orm.IsPrimaryKey<drizzle_orm.NotNull<drizzle_orm_sqlite_core.SQLiteTextBuilderInitial<"id", [string, ...string[]], number | undefined>>>;
     createdAt: drizzle_orm.HasDefault<drizzle_orm_sqlite_core.SQLiteTimestampBuilderInitial<"created_at">>;
@@ -65,20 +66,6 @@ declare const composeWranglerBase: ({ project, name, }: {
     keep_vars: boolean;
 };
 
-declare const idempotency: <T extends {
-    IDEMPOTENCY_KV: KVNamespace;
-}>() => MiddlewareHandler;
-
-declare const jwt: <TAuthService, TJwtPayload>() => MiddlewareHandler;
-
-declare const ip: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
-
-declare const logger: () => MiddlewareHandler;
-
-declare const signature: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
-
-declare const ENVIRONMENT: string[];
-
 interface AuditLogPayload<T> {
     action: T;
     actorId: string;
@@ -678,6 +665,16 @@ declare const getDrizzleD1Config: () => {
     dialect: "sqlite";
 };
 
+type Operator = 'like' | 'ilike';
+type Wrap = 'both' | 'prefix' | 'suffix' | 'none';
+type BuildSearchOptions = {
+    operator?: Operator;
+    wrap?: Wrap;
+};
+declare const buildSearchConditions: (search: string | undefined | null, columns: ReadonlyArray<AnyColumn>, opts?: BuildSearchOptions) => drizzle_orm.SQL<unknown> | undefined;
+declare const buildMultiFilterConditions: <T>(column: drizzle_orm.Column, value: T | T[] | undefined) => drizzle_orm.SQL<unknown> | undefined;
+declare const buildRangeFilterConditions: <T>(column: drizzle_orm.Column, minValue: T | undefined, maxValue: T | undefined) => drizzle_orm.SQL<unknown> | undefined;
+
 interface Command<TAuditAction = string> {
     handler: (db: DrizzleD1Database<Record<string, unknown>>) => CommandItem<TAuditAction>;
 }
@@ -720,6 +717,10 @@ interface UseFetchOptions extends RequestInit {
 }
 declare function useFetch<T = unknown>(url: string, { parseAs, ...options }?: UseFetchOptions): Promise<Result<T>>;
 
+declare const createSignatureKeyPair: () => Promise<{
+    publicKey: string;
+    privateKey: string;
+}>;
 declare const signPayload: ({ payload, privateKey, }: {
     payload: string;
     privateKey: string;
@@ -820,5 +821,5 @@ interface WithRetryCounterOptions {
 type AsyncMethod<TArgs extends unknown[] = unknown[], TResult = unknown> = (...args: TArgs) => Promise<TResult>;
 declare function cloudflareQueue<TArgs extends unknown[] = unknown[], TResult = unknown>(options: WithRetryCounterOptions): (target: unknown, propertyKey: string | symbol, descriptor: TypedPropertyDescriptor<AsyncMethod<TArgs, TResult>>) => void;
 
-export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, idempotency, ip, isInternalError, jwt, logger, paginationQuerySchema, paginationSchema, service, signPayload, signature, useFetch, useResult, useResultSync, uuidv4, verifyPayloadSignature };
-export type { ActionExecution, ActionHandlerOptions, AuditLogWriter, AuthUser, BankAccountMetadata, BaseEvent, Command, CommandLogPayload, DevelitWorkerMethods, Environment, GatewayResponse, IRPCResponse, IdempotencyVariables, IncludeRelation, InferResultType, InternalError, InternalErrorResponseStatus, Project, UserRole, UserVariables, ValidatedInput };
+export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, buildMultiFilterConditions, buildRangeFilterConditions, buildSearchConditions, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, createSignatureKeyPair, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, isInternalError, paginationQuerySchema, paginationSchema, service, signPayload, useFetch, useResult, useResultSync, uuidv4, verifyPayloadSignature };
+export type { ActionExecution, ActionHandlerOptions, AuditLogWriter, AuthUser, BankAccountMetadata, BaseEvent, BuildSearchOptions, Command, CommandLogPayload, DevelitWorkerMethods, Environment, GatewayResponse, IRPCResponse, IdempotencyVariables, IncludeRelation, InferResultType, InternalError, InternalErrorResponseStatus, Project, UserRole, UserVariables, ValidatedInput };

package/dist/index.d.ts

@@ -1,8 +1,7 @@
 import * as drizzle_orm from 'drizzle-orm';
-import { ExtractTablesWithRelations, DBQueryConfig, BuildQueryResult } from 'drizzle-orm';
+import { ExtractTablesWithRelations, DBQueryConfig, BuildQueryResult, AnyColumn } from 'drizzle-orm';
 import * as drizzle_orm_sqlite_core from 'drizzle-orm/sqlite-core';
 import { AnySQLiteTable } from 'drizzle-orm/sqlite-core';
-import { MiddlewareHandler } from 'hono/types';
 import { z as z$1 } from 'zod';
 import * as z from 'zod/v4/core';
 import { ContentfulStatusCode, SuccessStatusCode } from 'hono/utils/http-status';
@@ -11,12 +10,14 @@ import { Queue } from '@cloudflare/workers-types';
 import { BatchItem } from 'drizzle-orm/batch';
 import { DrizzleD1Database } from 'drizzle-orm/d1';
 
-declare const uuidv4: () => `${string}-${string}-${string}-${string}-${string}`;
+declare const ENVIRONMENT: string[];
 
 type Environment = string | 'localhost' | 'dev' | 'test' | 'staging' | 'production';
 
 type Project = 'creditio' | 'dbu-mdm' | 'dbu-txs' | 'cryptobyte-website' | 'lrf-website' | 'moneio' | 'paycorp-fiat-processor';
 
+declare const uuidv4: () => `${string}-${string}-${string}-${string}-${string}`;
+
 declare const base: {
     id: drizzle_orm.IsPrimaryKey<drizzle_orm.NotNull<drizzle_orm_sqlite_core.SQLiteTextBuilderInitial<"id", [string, ...string[]], number | undefined>>>;
     createdAt: drizzle_orm.HasDefault<drizzle_orm_sqlite_core.SQLiteTimestampBuilderInitial<"created_at">>;
@@ -65,20 +66,6 @@ declare const composeWranglerBase: ({ project, name, }: {
     keep_vars: boolean;
 };
 
-declare const idempotency: <T extends {
-    IDEMPOTENCY_KV: KVNamespace;
-}>() => MiddlewareHandler;
-
-declare const jwt: <TAuthService, TJwtPayload>() => MiddlewareHandler;
-
-declare const ip: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
-
-declare const logger: () => MiddlewareHandler;
-
-declare const signature: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
-
-declare const ENVIRONMENT: string[];
-
 interface AuditLogPayload<T> {
     action: T;
     actorId: string;
@@ -678,6 +665,16 @@ declare const getDrizzleD1Config: () => {
     dialect: "sqlite";
 };
 
+type Operator = 'like' | 'ilike';
+type Wrap = 'both' | 'prefix' | 'suffix' | 'none';
+type BuildSearchOptions = {
+    operator?: Operator;
+    wrap?: Wrap;
+};
+declare const buildSearchConditions: (search: string | undefined | null, columns: ReadonlyArray<AnyColumn>, opts?: BuildSearchOptions) => drizzle_orm.SQL<unknown> | undefined;
+declare const buildMultiFilterConditions: <T>(column: drizzle_orm.Column, value: T | T[] | undefined) => drizzle_orm.SQL<unknown> | undefined;
+declare const buildRangeFilterConditions: <T>(column: drizzle_orm.Column, minValue: T | undefined, maxValue: T | undefined) => drizzle_orm.SQL<unknown> | undefined;
+
 interface Command<TAuditAction = string> {
     handler: (db: DrizzleD1Database<Record<string, unknown>>) => CommandItem<TAuditAction>;
 }
@@ -720,6 +717,10 @@ interface UseFetchOptions extends RequestInit {
 }
 declare function useFetch<T = unknown>(url: string, { parseAs, ...options }?: UseFetchOptions): Promise<Result<T>>;
 
+declare const createSignatureKeyPair: () => Promise<{
+    publicKey: string;
+    privateKey: string;
+}>;
 declare const signPayload: ({ payload, privateKey, }: {
     payload: string;
     privateKey: string;
@@ -820,5 +821,5 @@ interface WithRetryCounterOptions {
 type AsyncMethod<TArgs extends unknown[] = unknown[], TResult = unknown> = (...args: TArgs) => Promise<TResult>;
 declare function cloudflareQueue<TArgs extends unknown[] = unknown[], TResult = unknown>(options: WithRetryCounterOptions): (target: unknown, propertyKey: string | symbol, descriptor: TypedPropertyDescriptor<AsyncMethod<TArgs, TResult>>) => void;
 
-export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, idempotency, ip, isInternalError, jwt, logger, paginationQuerySchema, paginationSchema, service, signPayload, signature, useFetch, useResult, useResultSync, uuidv4, verifyPayloadSignature };
-export type { ActionExecution, ActionHandlerOptions, AuditLogWriter, AuthUser, BankAccountMetadata, BaseEvent, Command, CommandLogPayload, DevelitWorkerMethods, Environment, GatewayResponse, IRPCResponse, IdempotencyVariables, IncludeRelation, InferResultType, InternalError, InternalErrorResponseStatus, Project, UserRole, UserVariables, ValidatedInput };
+export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, buildMultiFilterConditions, buildRangeFilterConditions, buildSearchConditions, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, createSignatureKeyPair, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, isInternalError, paginationQuerySchema, paginationSchema, service, signPayload, useFetch, useResult, useResultSync, uuidv4, verifyPayloadSignature };
+export type { ActionExecution, ActionHandlerOptions, AuditLogWriter, AuthUser, BankAccountMetadata, BaseEvent, BuildSearchOptions, Command, CommandLogPayload, DevelitWorkerMethods, Environment, GatewayResponse, IRPCResponse, IdempotencyVariables, IncludeRelation, InferResultType, InternalError, InternalErrorResponseStatus, Project, UserRole, UserVariables, ValidatedInput };

package/dist/index.mjs

@@ -1,18 +1,22 @@
-import { sql } from 'drizzle-orm';
+import { sql, or, inArray, eq, gte, lte, and } from 'drizzle-orm';
 import { integer, text } from 'drizzle-orm/sqlite-core';
 import { COUNTRY_CODES_2, CURRENCY_CODES, BANK_CODES } from '@develit-io/general-codes';
-import { createMiddleware } from 'hono/factory';
-import { HTTPException } from 'hono/http-exception';
-import { createError } from 'h3';
 import { z as z$1 } from 'zod';
+import * as z from 'zod/v4/core';
+import { createError } from 'h3';
 import 'cloudflare';
 import fs from 'node:fs';
 import crypto$1 from 'node:crypto';
 import path from 'node:path';
 import { parse } from 'comment-json';
-import * as z from 'zod/v4/core';
+export { c as createSignatureKeyPair, s as signPayload, v as verifyPayloadSignature } from './shared/backend-sdk.CgM_2r0b.mjs';
 import superjson from 'superjson';
 
+const ENVIRONMENT = ["dev", "test", "staging", "production"];
+
+const COMPATIBILITY_DATE = "2025-06-04";
+const COMPATIBILITY_FLAGS = ["nodejs_compat"];
+
 const uuidv4 = () => crypto.randomUUID();
 
 const base = {
@@ -48,11 +52,6 @@ const bankAccount = {
 
 const USER_ROLES = ["OWNER", "ADMIN", "MEMBER"];
 
-const ENVIRONMENT = ["dev", "test", "staging", "production"];
-
-const COMPATIBILITY_DATE = "2025-06-04";
-const COMPATIBILITY_FLAGS = ["nodejs_compat"];
-
 const composeWranglerBase = ({
   project,
   name
@@ -76,34 +75,119 @@ const composeWranglerBase = ({
   };
 };
 
-const idempotency = () => {
-  return createMiddleware(async (context, next) => {
-    const idempotencyKeyHeader = context.req.header("X-Idempotency-Key");
-    if (!idempotencyKeyHeader) {
-      throw new HTTPException(401, {
-        message: `The 'X-Idempotency-Key' header must exist and must have a value.`
-      });
-    }
-    const existingIdempotencyRecord = await context.env.IDEMPOTENCY_KV.get(idempotencyKeyHeader);
-    if (existingIdempotencyRecord) {
-      throw new HTTPException(409, {
-        message: "The identical request has already been processed. The idempotency key is not unique."
-      });
-    }
-    await context.env.IDEMPOTENCY_KV.put(
-      idempotencyKeyHeader,
-      idempotencyKeyHeader,
-      {
-        expirationTtl: 60 * 60 * 24 * 3
-        // 3 days
+const ibanSchema = z$1.string().min(1).regex(/^[A-Z]{2}[0-9]{2}[A-Z0-9]{11,30}$/, {
+  message: "Invalid IBAN format"
+});
+const bicSchema = z$1.string().min(1).regex(/^[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?$/, {
+  message: "Invalid SWIFT/BIC format"
+});
+const bankAccountMetadataSchema = z$1.object({
+  id: z$1.string().optional(),
+  number: z$1.string().optional(),
+  bankCode: z$1.enum(BANK_CODES).optional(),
+  holderName: z$1.string().optional(),
+  iban: ibanSchema.optional(),
+  address: z$1.string().optional(),
+  swiftBic: bicSchema.optional(),
+  bicCor: bicSchema.optional(),
+  currency: z$1.enum(CURRENCY_CODES).optional(),
+  country: z$1.enum(COUNTRY_CODES_2).optional(),
+  routingNumber: z$1.string().optional(),
+  // US
+  sortCode: z$1.string().optional(),
+  // UK
+  clabe: z$1.string().optional(),
+  // Mexico
+  bsb: z$1.string().optional(),
+  // Australia
+  brBankNumber: z$1.string().optional()
+  // Brazil
+});
+
+const paginationQuerySchema = new z.$ZodObject({
+  type: "object",
+  shape: {
+    page: new z.$ZodDefault({
+      type: "default",
+      innerType: new z.$ZodNumber({
+        type: "number",
+        coerce: true
+      }),
+      defaultValue: () => 1
+    }),
+    limit: new z.$ZodDefault({
+      type: "default",
+      innerType: new z.$ZodNumber({
+        type: "number",
+        coerce: true
+      }),
+      defaultValue: () => 20
+    }),
+    sort: new z.$ZodDefault({
+      type: "default",
+      innerType: new z.$ZodObject({
+        type: "object",
+        shape: {
+          column: new z.$ZodDefault({
+            type: "default",
+            innerType: new z.$ZodEnum({
+              type: "enum",
+              entries: {
+                createdAt: "createdAt",
+                updatedAt: "updatedAt",
+                deletedAt: "deletedAt"
+              }
+            }),
+            defaultValue: () => "updatedAt"
+          }),
+          direction: new z.$ZodDefault({
+            type: "default",
+            innerType: new z.$ZodEnum({
+              type: "enum",
+              entries: {
+                asc: "asc",
+                desc: "desc"
+              }
+            }),
+            defaultValue: () => "desc"
+          })
+        }
+      }),
+      defaultValue: () => ({ column: "updatedAt", direction: "desc" })
+    })
+  }
+});
+const paginationSchema = new z.$ZodObject({
+  type: "object",
+  shape: {
+    page: new z.$ZodNumber({
+      type: "number"
+    }),
+    limit: new z.$ZodNumber({
+      type: "number"
+    }),
+    sort: new z.$ZodObject({
+      type: "object",
+      shape: {
+        column: new z.$ZodEnum({
+          type: "enum",
+          entries: {
+            createdAt: "createdAt",
+            updatedAt: "updatedAt",
+            deletedAt: "deletedAt"
+          }
+        }),
+        direction: new z.$ZodEnum({
+          type: "enum",
+          entries: {
+            asc: "asc",
+            desc: "desc"
+          }
+        })
       }
-    );
-    context.set("idempotency", {
-      key: idempotencyKeyHeader
-    });
-    await next();
-  });
-};
+    })
+  }
+});
 
 const handleActionResponse = ({
   error,
@@ -263,16 +347,6 @@ function createAuditLogWriter(table) {
   };
 }
 
-const validateBearerScheme = (header) => {
-  return header.startsWith("Bearer ") && header.length > 7 && !header.slice(7).includes(" ");
-};
-const extractBearerToken = (header) => {
-  return header.slice(7).trim();
-};
-const validateBearerToken = (bearerToken) => {
-  return z$1.jwt().safeParse(bearerToken).success;
-};
-
 function first(rows) {
   return rows.length > 0 ? rows[0] : void 0;
 }
@@ -386,6 +460,34 @@ const getDrizzleD1Config = () => ({
   ...getD1Credentials()
 });
 
+const buildSearchConditions = (search, columns, opts = {}) => {
+  const { wrap = "both" } = opts;
+  if (!search || search.trim() === "" || columns.length === 0) return void 0;
+  const searchTerm = search.toLowerCase();
+  const pattern = wrap === "both" ? `%${searchTerm}%` : wrap === "prefix" ? `%${searchTerm}` : wrap === "suffix" ? `${searchTerm}%` : searchTerm;
+  const parts = columns.map((col) => sql`LOWER(${col} || '') LIKE ${pattern}`);
+  return parts.length === 1 ? parts[0] : or(...parts);
+};
+const buildMultiFilterConditions = (column, value) => {
+  if (value === void 0) return void 0;
+  if (Array.isArray(value)) {
+    return value.length > 0 ? inArray(column, value) : void 0;
+  }
+  return eq(column, value);
+};
+const buildRangeFilterConditions = (column, minValue, maxValue) => {
+  const conditions = [];
+  if (minValue !== void 0) {
+    conditions.push(gte(column, minValue));
+  }
+  if (maxValue !== void 0) {
+    conditions.push(lte(column, maxValue));
+  }
+  if (conditions.length === 0) return void 0;
+  if (conditions.length === 1) return conditions[0];
+  return and(...conditions);
+};
+
 class DatabaseTransaction {
   constructor(db, serviceName, auditLogWriter) {
     this.db = db;
@@ -481,90 +583,6 @@ async function useFetch(url, { parseAs = "json", ...options } = {}) {
   return [body, null];
 }
 
-const logRequest = (log) => {
-  console.log("REQUEST | An incoming request has been recorded.", log);
-};
-const logResponse = (log) => {
-  console.log(`RESPONSE | An outgoing response has been recorded.`, log);
-};
-
-const signPayload = async ({
-  payload,
-  privateKey
-}) => {
-  const binaryPrivateKey = Uint8Array.from(
-    atob(privateKey),
-    (c) => c.charCodeAt(0)
-  );
-  const importedPrivateKey = await crypto.subtle.importKey(
-    "pkcs8",
-    binaryPrivateKey,
-    {
-      name: "RSASSA-PKCS1-v1_5",
-      hash: "SHA-256"
-    },
-    false,
-    ["sign"]
-  );
-  const encodedPayload = new TextEncoder().encode(payload);
-  const signature = await crypto.subtle.sign(
-    {
-      name: "RSASSA-PKCS1-v1_5"
-    },
-    importedPrivateKey,
-    encodedPayload
-  );
-  const base64Signature = btoa(
-    String.fromCharCode(...new Uint8Array(signature))
-  );
-  return base64Signature;
-};
-const algParams = {
-  RSA: {
-    name: "RSASSA-PKCS1-v1_5",
-    hash: { name: "SHA-256" }
-  },
-  EC: {
-    name: "ECDSA",
-    namedCurve: "P-256"
-  },
-  HMAC: {
-    name: "HMAC",
-    hash: { name: "SHA-256" }
-  }
-};
-const verifyPayloadSignature = async ({
-  signature,
-  data,
-  publicKey,
-  algorithm = "RSA"
-}) => {
-  const binaryPublicKey = Uint8Array.from(
-    atob(publicKey),
-    (c) => c.charCodeAt(0)
-  );
-  const format = algorithm === "HMAC" ? "raw" : "spki";
-  const importedPublicKey = await crypto.subtle.importKey(
-    format,
-    binaryPublicKey,
-    algParams[algorithm],
-    false,
-    ["verify"]
-  );
-  const encodedPayload = new TextEncoder().encode(data);
-  const decodedSignature = Uint8Array.from(
-    atob(signature),
-    (c) => c.charCodeAt(0)
-  );
-  const isValid = await crypto.subtle.verify(
-    algParams[algorithm],
-    importedPublicKey,
-    decodedSignature,
-    encodedPayload
-  );
-  return isValid;
-};
-
 const calculateExponentialBackoff = (attempts, baseDelaySeconds) => {
   return baseDelaySeconds ** attempts;
 };
@@ -581,291 +599,6 @@ const getSecret = async (secretName, env) => {
   return await secret.get();
 };
 
-const jwt = () => {
-  return createMiddleware(async (context, next) => {
-    const authorizationHeader = context.req.header("Authorization");
-    if (!authorizationHeader) {
-      throw new HTTPException(401, {
-        message: `The 'Authorization' header must exist and must have a value.`
-      });
-    }
-    if (!validateBearerScheme(authorizationHeader)) {
-      throw new HTTPException(401, {
-        message: `The 'Authorization' header value must use the Bearer scheme.`
-      });
-    }
-    const bearerToken = extractBearerToken(authorizationHeader);
-    if (!validateBearerToken(bearerToken)) {
-      throw new HTTPException(401, {
-        message: `The Bearer token in the 'Authorization' header value must be a JWT.`
-      });
-    }
-    const authService = context.env.AUTH_SERVICE;
-    const { data, error } = await authService.verifyAccessToken({
-      accessToken: bearerToken
-    });
-    if (!data || error) {
-      throw new HTTPException(401, {
-        message: "The JWT must contain valid user information."
-      });
-    }
-    const rawUserMetaDataString = data.payload.user.rawUserMetaData;
-    const rawUserMetaData = rawUserMetaDataString ? JSON.parse(rawUserMetaDataString) : null;
-    const organizationId = rawUserMetaData?.organizationId ?? null;
-    if (!organizationId) {
-      throw new HTTPException(422, {
-        message: "User data integrity check failed."
-      });
-    }
-    context.set("user", {
-      email: data.payload.user.email,
-      role: data.payload.user.role,
-      organizationId
-    });
-    context.set("jwt", data.payload);
-    await next();
-  });
-};
-
-const ip = () => {
-  return createMiddleware(async (context, next) => {
-    if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
-      const requestIp = context.req.header("cf-connecting-ip") || context.req.header("x-forwarded-for");
-      if (!requestIp) {
-        throw new HTTPException(401, {
-          message: "Failed to retrieve request IP address."
-        });
-      }
-      const user = context.get("user");
-      if (!user.organizationId) {
-        throw new HTTPException(401, {
-          message: "Failed to retrieve request organization ID."
-        });
-      }
-      const organizationService = context.env.ORGANIZATION_SERVICE;
-      const { data: organization, error } = await organizationService.getOrganization({
-        organizationId: user.organizationId
-      });
-      if (!organization || error) {
-        throw new HTTPException(404, {
-          message: "Failed to retrieve organization."
-        });
-      }
-      if (organization.ipAuthorization) {
-        if (!organization.authorizedIps.map((ip2) => ip2.ip).includes(requestIp)) {
-          throw new HTTPException(404, {
-            message: "Forbidden"
-          });
-        }
-      }
-    }
-    await next();
-  });
-};
-
-const composeRequestLog = async (request) => {
-  return {
-    method: request.method,
-    path: request.path,
-    query: request.query(),
-    headers: request.header(),
-    body: await request.json().catch(() => null)
-  };
-};
-const composeResponseLog = async (response, method, path) => {
-  return {
-    method,
-    path,
-    status: response.status,
-    statusText: response.statusText,
-    headers: Object.fromEntries(response.headers.entries()),
-    body: await response.json().catch(() => null)
-  };
-};
-
-const logger = () => {
-  return createMiddleware(async (context, next) => {
-    const requestLog = await composeRequestLog(context.req);
-    logRequest(requestLog);
-    await next();
-    const response = context.res.clone();
-    const responseLog = await composeResponseLog(
-      response,
-      context.req.method,
-      context.req.url
-    );
-    logResponse(responseLog);
-  });
-};
-
-const signature = () => {
-  return createMiddleware(async (context, next) => {
-    if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
-      const signatureHeader = context.req.header("X-Signature");
-      if (!signatureHeader) {
-        throw new HTTPException(401, {
-          message: `The 'X-Signature' header must exist and must have a value.`
-        });
-      }
-      const signatureKeyHeader = context.req.header("X-Signature-Key");
-      if (!signatureKeyHeader) {
-        throw new HTTPException(401, {
-          message: `The 'X-Signature-Key' header must exist and must have a value.`
-        });
-      }
-      const payload = JSON.stringify(await context.req.json().catch(() => null));
-      const user = context.get("user");
-      if (!user.organizationId) {
-        throw new HTTPException(401, {
-          message: "Failed to retrieve request organization ID."
-        });
-      }
-      const organizationService = context.env.ORGANIZATION_SERVICE;
-      const { data: organization, error } = await organizationService.getOrganization({
-        organizationId: user.organizationId
-      });
-      if (!organization || error) {
-        throw new HTTPException(404, {
-          message: "Failed to retrieve organization."
-        });
-      }
-      const signatureKey = organization.signatureKeys.filter(
-        (signatureKey2) => signatureKey2.name === signatureKeyHeader
-      )[0];
-      if (!signatureKey) {
-        throw new HTTPException(404, {
-          message: "Signature key not found."
-        });
-      }
-      const isVerified = await verifyPayloadSignature({
-        signature: signatureHeader,
-        publicKey: signatureKey.publicKey,
-        data: payload
-      });
-      if (!isVerified) {
-        throw new HTTPException(401, {
-          message: "Invalid signature key or signature."
-        });
-      }
-    }
-    await next();
-  });
-};
-
-const ibanSchema = z$1.string().min(1).regex(/^[A-Z]{2}[0-9]{2}[A-Z0-9]{11,30}$/, {
-  message: "Invalid IBAN format"
-});
-const bicSchema = z$1.string().min(1).regex(/^[A-Z]{6}[A-Z0-9]{2}([A-Z0-9]{3})?$/, {
-  message: "Invalid SWIFT/BIC format"
-});
-const bankAccountMetadataSchema = z$1.object({
-  id: z$1.string().optional(),
-  number: z$1.string().optional(),
-  bankCode: z$1.enum(BANK_CODES).optional(),
-  holderName: z$1.string().optional(),
-  iban: ibanSchema.optional(),
-  address: z$1.string().optional(),
-  swiftBic: bicSchema.optional(),
-  bicCor: bicSchema.optional(),
-  currency: z$1.enum(CURRENCY_CODES).optional(),
-  country: z$1.enum(COUNTRY_CODES_2).optional(),
-  routingNumber: z$1.string().optional(),
-  // US
-  sortCode: z$1.string().optional(),
-  // UK
-  clabe: z$1.string().optional(),
-  // Mexico
-  bsb: z$1.string().optional(),
-  // Australia
-  brBankNumber: z$1.string().optional()
-  // Brazil
-});
-
-const paginationQuerySchema = new z.$ZodObject({
-  type: "object",
-  shape: {
-    page: new z.$ZodDefault({
-      type: "default",
-      innerType: new z.$ZodNumber({
-        type: "number",
-        coerce: true
-      }),
-      defaultValue: () => 1
-    }),
-    limit: new z.$ZodDefault({
-      type: "default",
-      innerType: new z.$ZodNumber({
-        type: "number",
-        coerce: true
-      }),
-      defaultValue: () => 20
-    }),
-    sort: new z.$ZodDefault({
-      type: "default",
-      innerType: new z.$ZodObject({
-        type: "object",
-        shape: {
-          column: new z.$ZodDefault({
-            type: "default",
-            innerType: new z.$ZodEnum({
-              type: "enum",
-              entries: {
-                createdAt: "createdAt",
-                updatedAt: "updatedAt",
-                deletedAt: "deletedAt"
-              }
-            }),
-            defaultValue: () => "updatedAt"
-          }),
-          direction: new z.$ZodDefault({
-            type: "default",
-            innerType: new z.$ZodEnum({
-              type: "enum",
-              entries: {
-                asc: "asc",
-                desc: "desc"
-              }
-            }),
-            defaultValue: () => "desc"
-          })
-        }
-      }),
-      defaultValue: () => ({ column: "updatedAt", direction: "desc" })
-    })
-  }
-});
-const paginationSchema = new z.$ZodObject({
-  type: "object",
-  shape: {
-    page: new z.$ZodNumber({
-      type: "number"
-    }),
-    limit: new z.$ZodNumber({
-      type: "number"
-    }),
-    sort: new z.$ZodObject({
-      type: "object",
-      shape: {
-        column: new z.$ZodEnum({
-          type: "enum",
-          entries: {
-            createdAt: "createdAt",
-            updatedAt: "updatedAt",
-            deletedAt: "deletedAt"
-          }
-        }),
-        direction: new z.$ZodEnum({
-          type: "enum",
-          entries: {
-            asc: "asc",
-            desc: "desc"
-          }
-        })
-      }
-    })
-  }
-});
-
 const service = (serviceName) => {
   return function(constructor) {
     return class extends constructor {
@@ -1006,4 +739,4 @@ function develitWorker(Worker) {
   return DevelitWorker;
 }
 
-export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, idempotency, ip, isInternalError, jwt, logger, paginationQuerySchema, paginationSchema, service, signPayload, signature, useFetch, useResult, useResultSync, uuidv4, verifyPayloadSignature };
+export { DatabaseTransaction, ENVIRONMENT, RPCResponse, USER_ROLES, action, bankAccount, bankAccountMetadataSchema, base, bicSchema, buildMultiFilterConditions, buildRangeFilterConditions, buildSearchConditions, calculateExponentialBackoff, cloudflareQueue, composeWranglerBase, createAuditLogWriter, createInternalError, defineCommand, derivePortFromId, develitWorker, durableObjectNamespaceIdFromName, first, firstOrError, getD1Credentials, getD1DatabaseIdFromWrangler, getDrizzleD1Config, getSecret, handleAction, handleActionResponse, ibanSchema, isInternalError, paginationQuerySchema, paginationSchema, service, useFetch, useResult, useResultSync, uuidv4 };

package/dist/middlewares.d.mts

@@ -0,0 +1,15 @@
+import { MiddlewareHandler } from 'hono/types';
+
+declare const idempotency: <T extends {
+    IDEMPOTENCY_KV: KVNamespace;
+}>() => MiddlewareHandler;
+
+declare const jwt: <TAuthService, TJwtPayload>() => MiddlewareHandler;
+
+declare const ip: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
+
+declare const logger: () => MiddlewareHandler;
+
+declare const signature: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
+
+export { idempotency, ip, jwt, logger, signature };

package/dist/middlewares.d.ts

@@ -0,0 +1,15 @@
+import { MiddlewareHandler } from 'hono/types';
+
+declare const idempotency: <T extends {
+    IDEMPOTENCY_KV: KVNamespace;
+}>() => MiddlewareHandler;
+
+declare const jwt: <TAuthService, TJwtPayload>() => MiddlewareHandler;
+
+declare const ip: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
+
+declare const logger: () => MiddlewareHandler;
+
+declare const signature: <TOrganizationService, TJwtPayload>() => MiddlewareHandler;
+
+export { idempotency, ip, jwt, logger, signature };

package/dist/middlewares.mjs

@@ -0,0 +1,230 @@
+import { createMiddleware } from 'hono/factory';
+import { HTTPException } from 'hono/http-exception';
+import 'h3';
+import { z } from 'zod';
+import 'cloudflare';
+import 'node:fs';
+import 'node:crypto';
+import 'node:path';
+import 'comment-json';
+import 'drizzle-orm';
+import { v as verifyPayloadSignature } from './shared/backend-sdk.CgM_2r0b.mjs';
+
+const validateBearerScheme = (header) => {
+  return header.startsWith("Bearer ") && header.length > 7 && !header.slice(7).includes(" ");
+};
+const extractBearerToken = (header) => {
+  return header.slice(7).trim();
+};
+const validateBearerToken = (bearerToken) => {
+  return z.jwt().safeParse(bearerToken).success;
+};
+
+const logRequest = (log) => {
+  console.log("REQUEST | An incoming request has been recorded.", log);
+};
+const logResponse = (log) => {
+  console.log(`RESPONSE | An outgoing response has been recorded.`, log);
+};
+
+const idempotency = () => {
+  return createMiddleware(async (context, next) => {
+    const idempotencyKeyHeader = context.req.header("X-Idempotency-Key");
+    if (!idempotencyKeyHeader) {
+      throw new HTTPException(401, {
+        message: `The 'X-Idempotency-Key' header must exist and must have a value.`
+      });
+    }
+    const existingIdempotencyRecord = await context.env.IDEMPOTENCY_KV.get(idempotencyKeyHeader);
+    if (existingIdempotencyRecord) {
+      throw new HTTPException(409, {
+        message: "The identical request has already been processed. The idempotency key is not unique."
+      });
+    }
+    await context.env.IDEMPOTENCY_KV.put(
+      idempotencyKeyHeader,
+      idempotencyKeyHeader,
+      {
+        expirationTtl: 60 * 60 * 24 * 3
+        // 3 days
+      }
+    );
+    context.set("idempotency", {
+      key: idempotencyKeyHeader
+    });
+    await next();
+  });
+};
+
+const jwt = () => {
+  return createMiddleware(async (context, next) => {
+    const authorizationHeader = context.req.header("Authorization");
+    if (!authorizationHeader) {
+      throw new HTTPException(401, {
+        message: `The 'Authorization' header must exist and must have a value.`
+      });
+    }
+    if (!validateBearerScheme(authorizationHeader)) {
+      throw new HTTPException(401, {
+        message: `The 'Authorization' header value must use the Bearer scheme.`
+      });
+    }
+    const bearerToken = extractBearerToken(authorizationHeader);
+    if (!validateBearerToken(bearerToken)) {
+      throw new HTTPException(401, {
+        message: `The Bearer token in the 'Authorization' header value must be a JWT.`
+      });
+    }
+    const authService = context.env.AUTH_SERVICE;
+    const { data, error } = await authService.verifyAccessToken({
+      accessToken: bearerToken
+    });
+    if (!data || error) {
+      throw new HTTPException(401, {
+        message: "The JWT must contain valid user information."
+      });
+    }
+    const rawUserMetaDataString = data.payload.user.rawUserMetaData;
+    const rawUserMetaData = rawUserMetaDataString ? JSON.parse(rawUserMetaDataString) : null;
+    const organizationId = rawUserMetaData?.organizationId ?? null;
+    if (!organizationId) {
+      throw new HTTPException(422, {
+        message: "User data integrity check failed."
+      });
+    }
+    context.set("user", {
+      email: data.payload.user.email,
+      role: data.payload.user.role,
+      organizationId
+    });
+    context.set("jwt", data.payload);
+    await next();
+  });
+};
+
+const ip = () => {
+  return createMiddleware(async (context, next) => {
+    if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
+      const requestIp = context.req.header("cf-connecting-ip") || context.req.header("x-forwarded-for");
+      if (!requestIp) {
+        throw new HTTPException(401, {
+          message: "Failed to retrieve request IP address."
+        });
+      }
+      const user = context.get("user");
+      if (!user.organizationId) {
+        throw new HTTPException(401, {
+          message: "Failed to retrieve request organization ID."
+        });
+      }
+      const organizationService = context.env.ORGANIZATION_SERVICE;
+      const { data: organization, error } = await organizationService.getOrganization({
+        organizationId: user.organizationId
+      });
+      if (!organization || error) {
+        throw new HTTPException(404, {
+          message: "Failed to retrieve organization."
+        });
+      }
+      if (organization.ipAuthorization) {
+        if (!organization.authorizedIps.map((ip2) => ip2.ip).includes(requestIp)) {
+          throw new HTTPException(404, {
+            message: "Forbidden"
+          });
+        }
+      }
+    }
+    await next();
+  });
+};
+
+const composeRequestLog = async (request) => {
+  return {
+    method: request.method,
+    path: request.path,
+    query: request.query(),
+    headers: request.header(),
+    body: await request.json().catch(() => null)
+  };
+};
+const composeResponseLog = async (response, method, path) => {
+  return {
+    method,
+    path,
+    status: response.status,
+    statusText: response.statusText,
+    headers: Object.fromEntries(response.headers.entries()),
+    body: await response.json().catch(() => null)
+  };
+};
+
+const logger = () => {
+  return createMiddleware(async (context, next) => {
+    const requestLog = await composeRequestLog(context.req);
+    logRequest(requestLog);
+    await next();
+    const response = context.res.clone();
+    const responseLog = await composeResponseLog(
+      response,
+      context.req.method,
+      context.req.url
+    );
+    logResponse(responseLog);
+  });
+};
+
+const signature = () => {
+  return createMiddleware(async (context, next) => {
+    if (!["localhost", "dev"].includes(context.env.ENVIRONMENT)) {
+      const signatureHeader = context.req.header("X-Signature");
+      if (!signatureHeader) {
+        throw new HTTPException(401, {
+          message: `The 'X-Signature' header must exist and must have a value.`
+        });
+      }
+      const signatureKeyHeader = context.req.header("X-Signature-Key");
+      if (!signatureKeyHeader) {
+        throw new HTTPException(401, {
+          message: `The 'X-Signature-Key' header must exist and must have a value.`
+        });
+      }
+      const payload = JSON.stringify(await context.req.json().catch(() => null));
+      const user = context.get("user");
+      if (!user.organizationId) {
+        throw new HTTPException(401, {
+          message: "Failed to retrieve request organization ID."
+        });
+      }
+      const organizationService = context.env.ORGANIZATION_SERVICE;
+      const { data: organization, error } = await organizationService.getOrganization({
+        organizationId: user.organizationId
+      });
+      if (!organization || error) {
+        throw new HTTPException(404, {
+          message: "Failed to retrieve organization."
+        });
+      }
+      const signatureKey = organization.signatureKeys.filter(
+        (signatureKey2) => signatureKey2.name === signatureKeyHeader
+      )[0];
+      if (!signatureKey) {
+        throw new HTTPException(404, {
+          message: "Signature key not found."
+        });
+      }
+      const isVerified = await verifyPayloadSignature({
+        signature: signatureHeader,
+        publicKey: signatureKey.publicKey,
+        data: payload
+      });
+      if (!isVerified) {
+        throw new HTTPException(401, {
+          message: "Invalid signature key or signature."
+        });
+      }
+    }
+    await next();
+  });
+};
+
+export { idempotency, ip, jwt, logger, signature };

package/dist/shared/backend-sdk.CgM_2r0b.mjs

@@ -0,0 +1,98 @@
+import { subtle } from 'node:crypto';
+
+const createSignatureKeyPair = async () => {
+  const { publicKey, privateKey } = await subtle.generateKey(
+    {
+      name: "RSASSA-PKCS1-v1_5",
+      modulusLength: 4096,
+      publicExponent: new Uint8Array([1, 0, 1]),
+      hash: "SHA-256"
+    },
+    true,
+    ["sign", "verify"]
+  );
+  const exportedPublicKey = await subtle.exportKey("spki", publicKey);
+  const exportedPrivateKey = await subtle.exportKey("pkcs8", privateKey);
+  return {
+    publicKey: Buffer.from(exportedPublicKey).toString("base64"),
+    privateKey: Buffer.from(exportedPrivateKey).toString("base64")
+  };
+};
+const signPayload = async ({
+  payload,
+  privateKey
+}) => {
+  const binaryPrivateKey = Uint8Array.from(
+    atob(privateKey),
+    (c) => c.charCodeAt(0)
+  );
+  const importedPrivateKey = await crypto.subtle.importKey(
+    "pkcs8",
+    binaryPrivateKey,
+    {
+      name: "RSASSA-PKCS1-v1_5",
+      hash: "SHA-256"
+    },
+    false,
+    ["sign"]
+  );
+  const encodedPayload = new TextEncoder().encode(payload);
+  const signature = await crypto.subtle.sign(
+    {
+      name: "RSASSA-PKCS1-v1_5"
+    },
+    importedPrivateKey,
+    encodedPayload
+  );
+  const base64Signature = btoa(
+    String.fromCharCode(...new Uint8Array(signature))
+  );
+  return base64Signature;
+};
+const algParams = {
+  RSA: {
+    name: "RSASSA-PKCS1-v1_5",
+    hash: { name: "SHA-256" }
+  },
+  EC: {
+    name: "ECDSA",
+    namedCurve: "P-256"
+  },
+  HMAC: {
+    name: "HMAC",
+    hash: { name: "SHA-256" }
+  }
+};
+const verifyPayloadSignature = async ({
+  signature,
+  data,
+  publicKey,
+  algorithm = "RSA"
+}) => {
+  const binaryPublicKey = Uint8Array.from(
+    atob(publicKey),
+    (c) => c.charCodeAt(0)
+  );
+  const format = algorithm === "HMAC" ? "raw" : "spki";
+  const importedPublicKey = await crypto.subtle.importKey(
+    format,
+    binaryPublicKey,
+    algParams[algorithm],
+    false,
+    ["verify"]
+  );
+  const encodedPayload = new TextEncoder().encode(data);
+  const decodedSignature = Uint8Array.from(
+    atob(signature),
+    (c) => c.charCodeAt(0)
+  );
+  const isValid = await crypto.subtle.verify(
+    algParams[algorithm],
+    importedPublicKey,
+    decodedSignature,
+    encodedPayload
+  );
+  return isValid;
+};
+
+export { createSignatureKeyPair as c, signPayload as s, verifyPayloadSignature as v };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@develit-io/backend-sdk",
-  "version": "6.0.0",
+  "version": "7.0.1",
   "description": "Develit Backend SDK",
   "author": "Develit.io",
   "license": "ISC",
@@ -22,6 +22,11 @@
       "import": "./dist/index.mjs",
       "default": "./dist/index.mjs"
     },
+    "./middlewares": {
+      "types": "./dist/middlewares.d.ts",
+      "import": "./dist/middlewares.mjs",
+      "default": "./dist/middlewares.mjs"
+    },
     "./package.json": "./package.json"
   },
   "files": [