@dotdo/do 0.1.0

package/dist/api/middleware/cors.js

@@ -0,0 +1,225 @@
+/**
+ * CORS Middleware
+ *
+ * Handles Cross-Origin Resource Sharing with configurable options.
+ * Includes smart defaults for the DO platform.
+ */
+import { cors as honoCors } from 'hono/cors';
+// =============================================================================
+// Default Configuration
+// =============================================================================
+/**
+ * Default CORS configuration for DO APIs
+ */
+export const DEFAULT_CORS_CONFIG = {
+    origin: '*',
+    methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+    allowedHeaders: [
+        'Content-Type',
+        'Authorization',
+        'X-API-Key',
+        'X-Request-ID',
+        'X-DO-Context',
+    ],
+    exposedHeaders: [
+        'X-Request-ID',
+        'X-RateLimit-Limit',
+        'X-RateLimit-Remaining',
+        'X-RateLimit-Reset',
+        'X-Response-Time',
+    ],
+    credentials: false,
+    maxAge: 86400, // 24 hours
+};
+/**
+ * Restrictive CORS for sensitive endpoints
+ */
+export const RESTRICTIVE_CORS_CONFIG = {
+    origin: (origin) => {
+        // Allow platform domains
+        if (origin.endsWith('.do') || origin.endsWith('.do.md')) {
+            return true;
+        }
+        // Allow localhost in development
+        if (origin.includes('localhost') || origin.includes('127.0.0.1')) {
+            return true;
+        }
+        return false;
+    },
+    methods: ['GET', 'POST', 'PUT', 'DELETE'],
+    allowedHeaders: ['Content-Type', 'Authorization'],
+    credentials: true,
+    maxAge: 3600, // 1 hour
+};
+// =============================================================================
+// CORS Middleware Factory
+// =============================================================================
+/**
+ * Create CORS middleware with custom configuration
+ *
+ * @example
+ * // Use default config
+ * app.use('*', createCorsMiddleware())
+ *
+ * @example
+ * // Custom origins
+ * app.use('*', createCorsMiddleware({
+ *   origin: ['https://app.example.com', 'https://admin.example.com']
+ * }))
+ *
+ * @example
+ * // Restrictive config for admin routes
+ * app.use('/admin/*', createCorsMiddleware(RESTRICTIVE_CORS_CONFIG))
+ */
+export function createCorsMiddleware(config = {}) {
+    const mergedConfig = { ...DEFAULT_CORS_CONFIG, ...config };
+    // Use Hono's built-in CORS middleware
+    return honoCors({
+        origin: mergedConfig.origin,
+        allowMethods: mergedConfig.methods,
+        allowHeaders: mergedConfig.allowedHeaders,
+        exposeHeaders: mergedConfig.exposedHeaders,
+        credentials: mergedConfig.credentials,
+        maxAge: mergedConfig.maxAge,
+    });
+}
+// =============================================================================
+// Dynamic CORS Middleware
+// =============================================================================
+/**
+ * Create dynamic CORS middleware that checks allowed origins from KV
+ *
+ * This allows runtime configuration of CORS without redeployment
+ *
+ * @example
+ * app.use('*', createDynamicCorsMiddleware('cors:allowed-origins'))
+ */
+export function createDynamicCorsMiddleware(kvKey = 'cors:config') {
+    return async (c, next) => {
+        const origin = c.req.header('Origin');
+        // No origin header = same-origin request
+        if (!origin) {
+            await next();
+            return;
+        }
+        // Handle preflight requests
+        if (c.req.method === 'OPTIONS') {
+            const response = new Response(null, { status: 204 });
+            // Try to get config from KV
+            let allowedOrigins = ['*'];
+            try {
+                const configStr = await c.env.KV?.get(kvKey);
+                if (configStr) {
+                    const config = JSON.parse(configStr);
+                    allowedOrigins = config.origins || ['*'];
+                }
+            }
+            catch {
+                // Use default
+            }
+            // Check if origin is allowed
+            const isAllowed = allowedOrigins.includes('*') || allowedOrigins.includes(origin);
+            if (isAllowed) {
+                response.headers.set('Access-Control-Allow-Origin', origin);
+                response.headers.set('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS');
+                response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key, X-Request-ID');
+                response.headers.set('Access-Control-Max-Age', '86400');
+            }
+            return response;
+        }
+        // Continue with request
+        await next();
+        // Add CORS headers to response
+        if (c.res) {
+            c.res.headers.set('Access-Control-Allow-Origin', origin);
+        }
+    };
+}
+// =============================================================================
+// Preflight Handler
+// =============================================================================
+/**
+ * Create a dedicated preflight handler for specific routes
+ *
+ * @example
+ * app.options('/api/*', createPreflightHandler())
+ */
+export function createPreflightHandler(config = DEFAULT_CORS_CONFIG) {
+    return (c) => {
+        const origin = c.req.header('Origin') || '*';
+        // Check if origin is allowed
+        let allowedOrigin = '*';
+        if (typeof config.origin === 'string') {
+            allowedOrigin = config.origin;
+        }
+        else if (Array.isArray(config.origin)) {
+            allowedOrigin = config.origin.includes(origin) ? origin : config.origin[0];
+        }
+        else if (typeof config.origin === 'function') {
+            allowedOrigin = config.origin(origin) ? origin : '';
+        }
+        if (!allowedOrigin) {
+            return new Response(null, { status: 403 });
+        }
+        const headers = new Headers({
+            'Access-Control-Allow-Origin': allowedOrigin,
+            'Access-Control-Allow-Methods': (config.methods || DEFAULT_CORS_CONFIG.methods).join(', '),
+            'Access-Control-Allow-Headers': (config.allowedHeaders || DEFAULT_CORS_CONFIG.allowedHeaders).join(', '),
+            'Access-Control-Max-Age': String(config.maxAge || DEFAULT_CORS_CONFIG.maxAge),
+        });
+        if (config.credentials) {
+            headers.set('Access-Control-Allow-Credentials', 'true');
+        }
+        return new Response(null, { status: 204, headers });
+    };
+}
+// =============================================================================
+// Utility Functions
+// =============================================================================
+/**
+ * Add CORS headers to an existing response
+ */
+export function addCorsHeaders(response, origin, config = DEFAULT_CORS_CONFIG) {
+    const headers = new Headers(response.headers);
+    // Determine allowed origin
+    let allowedOrigin = '*';
+    if (typeof config.origin === 'string') {
+        allowedOrigin = config.origin;
+    }
+    else if (Array.isArray(config.origin)) {
+        allowedOrigin = config.origin.includes(origin) ? origin : config.origin[0];
+    }
+    else if (typeof config.origin === 'function') {
+        allowedOrigin = config.origin(origin) ? origin : '*';
+    }
+    headers.set('Access-Control-Allow-Origin', allowedOrigin);
+    if (config.exposedHeaders) {
+        headers.set('Access-Control-Expose-Headers', config.exposedHeaders.join(', '));
+    }
+    if (config.credentials) {
+        headers.set('Access-Control-Allow-Credentials', 'true');
+    }
+    return new Response(response.body, {
+        status: response.status,
+        statusText: response.statusText,
+        headers,
+    });
+}
+/**
+ * Check if an origin is allowed
+ */
+export function isOriginAllowed(origin, config = DEFAULT_CORS_CONFIG) {
+    if (!config.origin || config.origin === '*')
+        return true;
+    if (typeof config.origin === 'string') {
+        return config.origin === origin;
+    }
+    if (Array.isArray(config.origin)) {
+        return config.origin.includes(origin);
+    }
+    if (typeof config.origin === 'function') {
+        return config.origin(origin);
+    }
+    return false;
+}
+//# sourceMappingURL=cors.js.map

package/dist/api/middleware/cors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.js","sourceRoot":"","sources":["../../../api/middleware/cors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,IAAI,IAAI,QAAQ,EAAE,MAAM,WAAW,CAAA;AAG5C,gFAAgF;AAChF,wBAAwB;AACxB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAe;IAC7C,MAAM,EAAE,GAAG;IACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC;IAC7D,cAAc,EAAE;QACd,cAAc;QACd,eAAe;QACf,WAAW;QACX,cAAc;QACd,cAAc;KACf;IACD,cAAc,EAAE;QACd,cAAc;QACd,mBAAmB;QACnB,uBAAuB;QACvB,mBAAmB;QACnB,iBAAiB;KAClB;IACD,WAAW,EAAE,KAAK;IAClB,MAAM,EAAE,KAAK,EAAE,WAAW;CAC3B,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAe;IACjD,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE;QACjB,yBAAyB;QACzB,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxD,OAAO,IAAI,CAAA;QACb,CAAC;QACD,iCAAiC;QACjC,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACjE,OAAO,IAAI,CAAA;QACb,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC;IACzC,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,CAAC;IACjD,WAAW,EAAE,IAAI;IACjB,MAAM,EAAE,IAAI,EAAE,SAAS;CACxB,CAAA;AAED,gFAAgF;AAChF,0BAA0B;AAC1B,gFAAgF;AAEhF;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,oBAAoB,CAAC,SAAqB,EAAE;IAC1D,MAAM,YAAY,GAAG,EAAE,GAAG,mBAAmB,EAAE,GAAG,MAAM,EAAE,CAAA;IAE1D,sCAAsC;IACtC,OAAO,QAAQ,CAAC;QACd,MAAM,EAAE,YAAY,CAAC,MAAyF;QAC9G,YAAY,EAAE,YAAY,CAAC,OAAO;QAClC,YAAY,EAAE,YAAY,CAAC,cAAc;QACzC,aAAa,EAAE,YAAY,CAAC,cAAc;QAC1C,WAAW,EAAE,YAAY,CAAC,WAAW;QACrC,MAAM,EAAE,YAAY,CAAC,MAAM;KAC5B,CAAC,CAAA;AACJ,CAAC;AAED,gFAAgF;AAChF,0BAA0B;AAC1B,gFAAgF;AAEhF;;;;;;;GAOG;AACH,MAAM,UAAU,2BAA2B,CAAC,QAAgB,aAAa;IACvE,OAAO,KAAK,EAAE,CAAmD,EAAE,IAAU,EAA4B,EAAE;QACzG,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;QAErC,yCAAyC;QACzC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,EAAE,CAAA;YACZ,OAAM;QACR,CAAC;QAED,4BAA4B;QAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;YAEpD,4BAA4B;YAC5B,IAAI,cAAc,GAAa,CAAC,GAAG,CAAC,CAAA;YACpC,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAA;gBAC5C,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;oBACpC,cAAc,GAAG,MAAM,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;gBAC1C,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,cAAc;YAChB,CAAC;YAED,6BAA6B;YAC7B,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;YAEjF,IAAI,SAAS,EAAE,CAAC;gBACd,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAA;gBAC3D,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAAE,wCAAwC,CAAC,CAAA;gBAC9F,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAAE,sDAAsD,CAAC,CAAA;gBAC5G,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAA;YACzD,CAAC;YAED,OAAO,QAAQ,CAAA;QACjB,CAAC;QAED,wBAAwB;QACxB,MAAM,IAAI,EAAE,CAAA;QAEZ,+BAA+B;QAC/B,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;YACV,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED,gFAAgF;AAChF,oBAAoB;AACpB,gFAAgF;AAEhF;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,SAAqB,mBAAmB;IAC7E,OAAO,CAAC,CAAU,EAAE,EAAE;QACpB,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAA;QAE5C,6BAA6B;QAC7B,IAAI,aAAa,GAAG,GAAG,CAAA;QACvB,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YACtC,aAAa,GAAG,MAAM,CAAC,MAAM,CAAA;QAC/B,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACxC,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;QAC5E,CAAC;aAAM,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC/C,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAA;QACrD,CAAC;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC5C,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC;YAC1B,6BAA6B,EAAE,aAAa;YAC5C,8BAA8B,EAAE,CAAC,MAAM,CAAC,OAAO,IAAI,mBAAmB,CAAC,OAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YAC3F,8BAA8B,EAAE,CAAC,MAAM,CAAC,cAAc,IAAI,mBAAmB,CAAC,cAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YACzG,wBAAwB,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC;SAC9E,CAAC,CAAA;QAEF,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAA;QACzD,CAAC;QAED,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAA;IACrD,CAAC,CAAA;AACH,CAAC;AAED,gFAAgF;AAChF,oBAAoB;AACpB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,cAAc,CAC5B,QAAkB,EAClB,MAAc,EACd,SAAqB,mBAAmB;IAExC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;IAE7C,2BAA2B;IAC3B,IAAI,aAAa,GAAG,GAAG,CAAA;IACvB,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACtC,aAAa,GAAG,MAAM,CAAC,MAAM,CAAA;IAC/B,CAAC;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACxC,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;SAAM,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QAC/C,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAA;IACtD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAA;IAEzD,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;IAChF,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;QACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO;KACR,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAc,EAAE,SAAqB,mBAAmB;IACtF,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,IAAI,CAAA;IAExD,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,MAAM,CAAC,MAAM,KAAK,MAAM,CAAA;IACjC,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;IACvC,CAAC;IAED,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QACxC,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IAC9B,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC"}

package/dist/api/middleware/index.d.ts

@@ -0,0 +1,60 @@
+/**
+ * Middleware Exports
+ *
+ * All middleware for the DO API layer
+ */
+export { createAuthMiddleware, createApiKeyMiddleware, getUser, requireUser, hasRole, hasPermission, } from './auth';
+export { createCorsMiddleware, createDynamicCorsMiddleware, createPreflightHandler, addCorsHeaders, isOriginAllowed, DEFAULT_CORS_CONFIG, RESTRICTIVE_CORS_CONFIG, } from './cors';
+export { createRateLimitMiddleware, createAIRateLimitMiddleware, createWriteRateLimitMiddleware, createSlidingWindowRateLimitMiddleware, getRateLimitInfo, resetRateLimit, DEFAULT_RATE_LIMIT_CONFIG, STRICT_RATE_LIMIT_CONFIG, GENEROUS_RATE_LIMIT_CONFIG, } from './rateLimit';
+import type { Context, Next } from 'hono';
+import type { Env, DOContext } from '../types';
+/**
+ * Create request context middleware
+ * Sets up common variables for all routes
+ */
+export declare function createContextMiddleware(): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<void>;
+/**
+ * Create logging middleware
+ */
+export declare function createLoggingMiddleware(options?: {
+    level?: string;
+    skipPaths?: string[];
+}): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<void>;
+/**
+ * Create error handling middleware
+ */
+export declare function createErrorMiddleware(): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>;
+/**
+ * Create security headers middleware
+ */
+export declare function createSecurityMiddleware(): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<void>;
+/**
+ * Compose all standard middleware
+ *
+ * @example
+ * import { composeMiddleware } from './middleware'
+ * app.use('*', ...composeMiddleware())
+ */
+export declare function composeMiddleware(options?: {
+    auth?: boolean;
+    cors?: boolean;
+    rateLimit?: boolean;
+    logging?: boolean;
+    security?: boolean;
+}): (import("hono").MiddlewareHandler | ((c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>))[];
+//# sourceMappingURL=index.d.ts.map

package/dist/api/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../api/middleware/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,OAAO,EACP,WAAW,EACX,OAAO,EACP,aAAa,GACd,MAAM,QAAQ,CAAA;AAKf,OAAO,EACL,oBAAoB,EACpB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,eAAe,EACf,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,QAAQ,CAAA;AAKf,OAAO,EACL,yBAAyB,EACzB,2BAA2B,EAC3B,8BAA8B,EAC9B,sCAAsC,EACtC,gBAAgB,EAChB,cAAc,EACd,yBAAyB,EACzB,wBAAwB,EACxB,0BAA0B,GAC3B,MAAM,aAAa,CAAA;AAKpB,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AACzC,OAAO,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAgB9C;;;GAGG;AACH,wBAAgB,uBAAuB,KACvB,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,mBAkB9E;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CAAO,IAG9E,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,mBAsC9E;AAED;;GAEG;AACH,wBAAgB,qBAAqB,KACrB,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAgCzG;AAED;;GAEG;AACH,wBAAgB,wBAAwB,KACxB,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,mBAc9E;AAMD;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,GAAE;IACzC,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,SAAS,CAAC,EAAE,OAAO,CAAA;IACnB,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACd;;;gDA+BL"}

package/dist/api/middleware/index.js

@@ -0,0 +1,175 @@
+/**
+ * Middleware Exports
+ *
+ * All middleware for the DO API layer
+ */
+// =============================================================================
+// Authentication
+// =============================================================================
+export { createAuthMiddleware, createApiKeyMiddleware, getUser, requireUser, hasRole, hasPermission, } from './auth';
+// =============================================================================
+// CORS
+// =============================================================================
+export { createCorsMiddleware, createDynamicCorsMiddleware, createPreflightHandler, addCorsHeaders, isOriginAllowed, DEFAULT_CORS_CONFIG, RESTRICTIVE_CORS_CONFIG, } from './cors';
+// =============================================================================
+// Rate Limiting
+// =============================================================================
+export { createRateLimitMiddleware, createAIRateLimitMiddleware, createWriteRateLimitMiddleware, createSlidingWindowRateLimitMiddleware, getRateLimitInfo, resetRateLimit, DEFAULT_RATE_LIMIT_CONFIG, STRICT_RATE_LIMIT_CONFIG, GENEROUS_RATE_LIMIT_CONFIG, } from './rateLimit';
+// Import for internal use in composeMiddleware
+import { createAuthMiddleware } from './auth';
+import { createCorsMiddleware } from './cors';
+import { createRateLimitMiddleware } from './rateLimit';
+/**
+ * Generate a unique request ID
+ */
+function generateRequestId() {
+    const timestamp = Date.now().toString(36);
+    const random = Math.random().toString(36).substring(2, 10);
+    return `${timestamp}-${random}`;
+}
+/**
+ * Create request context middleware
+ * Sets up common variables for all routes
+ */
+export function createContextMiddleware() {
+    return async (c, next) => {
+        const url = new URL(c.req.url);
+        // Set request context
+        c.set('requestId', c.req.header('X-Request-ID') || generateRequestId());
+        c.set('startTime', Date.now());
+        c.set('hostname', url.hostname);
+        c.set('colo', c.req.header('CF-Ray')?.split('-')[1]);
+        // Add request ID to response
+        c.header('X-Request-ID', c.get('requestId'));
+        await next();
+        // Add timing header
+        const duration = Date.now() - c.get('startTime');
+        c.header('X-Response-Time', `${duration}ms`);
+    };
+}
+/**
+ * Create logging middleware
+ */
+export function createLoggingMiddleware(options = {}) {
+    const skipPaths = options.skipPaths || ['/_health', '/favicon.ico'];
+    return async (c, next) => {
+        const path = new URL(c.req.url).pathname;
+        // Skip logging for certain paths
+        if (skipPaths.some(skip => path.startsWith(skip))) {
+            await next();
+            return;
+        }
+        const startTime = Date.now();
+        const method = c.req.method;
+        const requestId = c.get('requestId') || 'unknown';
+        // Log request
+        console.log(JSON.stringify({
+            type: 'request',
+            requestId,
+            method,
+            path,
+            timestamp: new Date().toISOString(),
+        }));
+        await next();
+        // Log response
+        const duration = Date.now() - startTime;
+        const status = c.res?.status || 0;
+        console.log(JSON.stringify({
+            type: 'response',
+            requestId,
+            method,
+            path,
+            status,
+            durationMs: duration,
+            timestamp: new Date().toISOString(),
+        }));
+    };
+}
+/**
+ * Create error handling middleware
+ */
+export function createErrorMiddleware() {
+    return async (c, next) => {
+        try {
+            await next();
+        }
+        catch (error) {
+            const url = new URL(c.req.url);
+            const requestId = c.get('requestId') || 'unknown';
+            // Log error
+            console.error(JSON.stringify({
+                type: 'error',
+                requestId,
+                error: error instanceof Error ? error.message : String(error),
+                stack: error instanceof Error ? error.stack : undefined,
+                timestamp: new Date().toISOString(),
+            }));
+            // Return error response
+            return c.json({
+                api: url.hostname,
+                error: {
+                    code: 'INTERNAL_ERROR',
+                    message: error instanceof Error ? error.message : 'An unexpected error occurred',
+                    requestId,
+                },
+                links: {
+                    self: c.req.url,
+                    docs: 'https://do.md/errors',
+                },
+                timestamp: Date.now(),
+            }, 500);
+        }
+    };
+}
+/**
+ * Create security headers middleware
+ */
+export function createSecurityMiddleware() {
+    return async (c, next) => {
+        await next();
+        // Add security headers
+        c.header('X-Content-Type-Options', 'nosniff');
+        c.header('X-Frame-Options', 'DENY');
+        c.header('X-XSS-Protection', '1; mode=block');
+        c.header('Referrer-Policy', 'strict-origin-when-cross-origin');
+        // Don't override if already set (e.g., by specific route)
+        if (!c.res?.headers.get('Content-Security-Policy')) {
+            c.header('Content-Security-Policy', "default-src 'self'");
+        }
+    };
+}
+// =============================================================================
+// Middleware Composer
+// =============================================================================
+/**
+ * Compose all standard middleware
+ *
+ * @example
+ * import { composeMiddleware } from './middleware'
+ * app.use('*', ...composeMiddleware())
+ */
+export function composeMiddleware(options = {}) {
+    const middleware = [];
+    // Always add context
+    middleware.push(createContextMiddleware());
+    // Add error handling
+    middleware.push(createErrorMiddleware());
+    // Optional middleware
+    if (options.logging !== false) {
+        middleware.push(createLoggingMiddleware());
+    }
+    if (options.security !== false) {
+        middleware.push(createSecurityMiddleware());
+    }
+    if (options.cors !== false) {
+        middleware.push(createCorsMiddleware());
+    }
+    if (options.rateLimit !== false) {
+        middleware.push(createRateLimitMiddleware());
+    }
+    if (options.auth) {
+        middleware.push(createAuthMiddleware());
+    }
+    return middleware;
+}
+//# sourceMappingURL=index.js.map

package/dist/api/middleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../api/middleware/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,gFAAgF;AAChF,iBAAiB;AACjB,gFAAgF;AAChF,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,OAAO,EACP,WAAW,EACX,OAAO,EACP,aAAa,GACd,MAAM,QAAQ,CAAA;AAEf,gFAAgF;AAChF,OAAO;AACP,gFAAgF;AAChF,OAAO,EACL,oBAAoB,EACpB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,eAAe,EACf,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,QAAQ,CAAA;AAEf,gFAAgF;AAChF,gBAAgB;AAChB,gFAAgF;AAChF,OAAO,EACL,yBAAyB,EACzB,2BAA2B,EAC3B,8BAA8B,EAC9B,sCAAsC,EACtC,gBAAgB,EAChB,cAAc,EACd,yBAAyB,EACzB,wBAAwB,EACxB,0BAA0B,GAC3B,MAAM,aAAa,CAAA;AAQpB,+CAA+C;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,QAAQ,CAAA;AAC7C,OAAO,EAAE,oBAAoB,EAAE,MAAM,QAAQ,CAAA;AAC7C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD;;GAEG;AACH,SAAS,iBAAiB;IACxB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAC1D,OAAO,GAAG,SAAS,IAAI,MAAM,EAAE,CAAA;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB;IACrC,OAAO,KAAK,EAAE,CAAmD,EAAE,IAAU,EAAE,EAAE;QAC/E,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAE9B,sBAAsB;QACtB,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,iBAAiB,EAAE,CAAC,CAAA;QACvE,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;QAC9B,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAA;QAC/B,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAEpD,6BAA6B;QAC7B,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;QAE5C,MAAM,IAAI,EAAE,CAAA;QAEZ,oBAAoB;QACpB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;QAChD,CAAC,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,QAAQ,IAAI,CAAC,CAAA;IAC9C,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,UAAoD,EAAE;IAC5F,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAA;IAEnE,OAAO,KAAK,EAAE,CAAmD,EAAE,IAAU,EAAE,EAAE;QAC/E,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAA;QAExC,iCAAiC;QACjC,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,EAAE,CAAA;YACZ,OAAM;QACR,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAC5B,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;QAC3B,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,SAAS,CAAA;QAEjD,cAAc;QACd,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACzB,IAAI,EAAE,SAAS;YACf,SAAS;YACT,MAAM;YACN,IAAI;YACJ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC,CAAA;QAEH,MAAM,IAAI,EAAE,CAAA;QAEZ,eAAe;QACf,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAA;QACvC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,CAAA;QAEjC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACzB,IAAI,EAAE,UAAU;YAChB,SAAS;YACT,MAAM;YACN,IAAI;YACJ,MAAM;YACN,UAAU,EAAE,QAAQ;YACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC,CAAA;IACL,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,KAAK,EAAE,CAAmD,EAAE,IAAU,EAA4B,EAAE;QACzG,IAAI,CAAC;YACH,MAAM,IAAI,EAAE,CAAA;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;YAC9B,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,SAAS,CAAA;YAEjD,YAAY;YACZ,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;gBAC3B,IAAI,EAAE,OAAO;gBACb,SAAS;gBACT,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;gBACvD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC,CAAA;YAEH,wBAAwB;YACxB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,GAAG,EAAE,GAAG,CAAC,QAAQ;gBACjB,KAAK,EAAE;oBACL,IAAI,EAAE,gBAAgB;oBACtB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,8BAA8B;oBAChF,SAAS;iBACV;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;oBACf,IAAI,EAAE,sBAAsB;iBAC7B;gBACD,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,EAAE,GAAG,CAAC,CAAA;QACT,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB;IACtC,OAAO,KAAK,EAAE,CAAmD,EAAE,IAAU,EAAE,EAAE;QAC/E,MAAM,IAAI,EAAE,CAAA;QAEZ,uBAAuB;QACvB,CAAC,CAAC,MAAM,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAA;QAC7C,CAAC,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAA;QACnC,CAAC,CAAC,MAAM,CAAC,kBAAkB,EAAE,eAAe,CAAC,CAAA;QAC7C,CAAC,CAAC,MAAM,CAAC,iBAAiB,EAAE,iCAAiC,CAAC,CAAA;QAE9D,0DAA0D;QAC1D,IAAI,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,EAAE,CAAC;YACnD,CAAC,CAAC,MAAM,CAAC,yBAAyB,EAAE,oBAAoB,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAM9B,EAAE;IACJ,MAAM,UAAU,GAAG,EAAE,CAAA;IAErB,qBAAqB;IACrB,UAAU,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAA;IAE1C,qBAAqB;IACrB,UAAU,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAA;IAExC,sBAAsB;IACtB,IAAI,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,UAAU,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAA;IAC5C,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;QAC/B,UAAU,CAAC,IAAI,CAAC,wBAAwB,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC3B,UAAU,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAA;IACzC,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,KAAK,KAAK,EAAE,CAAC;QAChC,UAAU,CAAC,IAAI,CAAC,yBAAyB,EAAE,CAAC,CAAA;IAC9C,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,UAAU,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAA;IACzC,CAAC;IAED,OAAO,UAAU,CAAA;AACnB,CAAC"}

package/dist/api/middleware/rateLimit.d.ts

@@ -0,0 +1,84 @@
+/**
+ * Rate Limiting Middleware
+ *
+ * Implements token bucket rate limiting using KV storage.
+ * Supports per-IP, per-user, and per-API-key limits.
+ */
+import type { Context, Next } from 'hono';
+import type { Env, DOContext, RateLimitConfig, RateLimitInfo } from '../types';
+/**
+ * Default rate limit configuration
+ */
+export declare const DEFAULT_RATE_LIMIT_CONFIG: RateLimitConfig;
+/**
+ * Strict rate limit for expensive operations
+ */
+export declare const STRICT_RATE_LIMIT_CONFIG: RateLimitConfig;
+/**
+ * Generous rate limit for read-only operations
+ */
+export declare const GENEROUS_RATE_LIMIT_CONFIG: RateLimitConfig;
+/**
+ * Create rate limiting middleware
+ *
+ * @example
+ * // Basic rate limiting (60 req/min)
+ * app.use('*', createRateLimitMiddleware())
+ *
+ * @example
+ * // Custom limits
+ * app.use('/api/*', createRateLimitMiddleware({
+ *   windowSecs: 60,
+ *   maxRequests: 100,
+ * }))
+ *
+ * @example
+ * // Different limits per path
+ * app.use('/api/*', createRateLimitMiddleware({
+ *   windowSecs: 60,
+ *   maxRequests: 60,
+ *   pathLimits: {
+ *     '/api/ai': 10,    // Expensive AI operations
+ *     '/api/search': 120, // Generous search limits
+ *   }
+ * }))
+ */
+export declare function createRateLimitMiddleware(config?: Partial<RateLimitConfig>): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>;
+/**
+ * Create rate limiter for AI/expensive operations
+ */
+export declare function createAIRateLimitMiddleware(maxRequests?: number): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>;
+/**
+ * Create rate limiter for write operations
+ */
+export declare function createWriteRateLimitMiddleware(maxRequests?: number): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>;
+/**
+ * Create sliding window rate limiter
+ * More accurate but more expensive (uses more KV operations)
+ */
+export declare function createSlidingWindowRateLimitMiddleware(config: RateLimitConfig): (c: Context<{
+    Bindings: Env;
+    Variables: DOContext;
+}>, next: Next) => Promise<Response | void>;
+/**
+ * Get current rate limit info without incrementing
+ */
+export declare function getRateLimitInfo(c: Context<{
+    Bindings: Env;
+}>, key: string, config?: RateLimitConfig): Promise<RateLimitInfo>;
+/**
+ * Reset rate limit for a specific key
+ */
+export declare function resetRateLimit(c: Context<{
+    Bindings: Env;
+}>, key: string): Promise<void>;
+//# sourceMappingURL=rateLimit.d.ts.map

package/dist/api/middleware/rateLimit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rateLimit.d.ts","sourceRoot":"","sources":["../../../api/middleware/rateLimit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AACzC,OAAO,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAM9E;;GAEG;AACH,eAAO,MAAM,yBAAyB,EAAE,eAIvC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,EAAE,eAItC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE,eAIxC,CAAA;AA8GD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAgB,yBAAyB,CAAC,MAAM,GAAE,OAAO,CAAC,eAAe,CAAM,IAG/D,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CA6DzG;AAMD;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,WAAW,GAAE,MAAW,OAtEjD,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,QAAQ,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CA+EzG;AAED;;GAEG;AACH,wBAAgB,8BAA8B,CAAC,WAAW,GAAE,MAAW,OApFpD,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,QAAQ,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CA6FzG;AAED;;;GAGG;AACH,wBAAgB,sCAAsC,CAAC,MAAM,EAAE,eAAe,IAC9D,GAAG,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,SAAS,EAAE,SAAS,CAAA;CAAE,CAAC,EAAE,MAAM,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAmEzG;AAMD;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,CAAC,EAAE,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAA;CAAE,CAAC,EAC7B,GAAG,EAAE,MAAM,EACX,MAAM,GAAE,eAA2C,GAClD,OAAO,CAAC,aAAa,CAAC,CAsBxB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,CAAC,EAAE,OAAO,CAAC;IAAE,QAAQ,EAAE,GAAG,CAAA;CAAE,CAAC,EAC7B,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,IAAI,CAAC,CAUf"}