@draftlab/auth 0.15.0 → 0.16.0

package/dist/router/context.mjs

@@ -1,193 +0,0 @@
-import { ContextVariableManager } from "./variables.mjs";
-
-//#region src/router/context.ts
-const parseCookies = (request) => {
-	const cookies = /* @__PURE__ */ new Map();
-	const cookieHeader = request.headers.get("cookie");
-	if (!cookieHeader) return cookies;
-	try {
-		for (const cookie of cookieHeader.split(";")) {
-			const trimmedCookie = cookie.trim();
-			if (!trimmedCookie) continue;
-			const [name, ...valueParts] = trimmedCookie.split("=");
-			if (!name || name.trim() === "") continue;
-			const trimmedName = name.trim();
-			if (!/^[!#$%&'*+\-.0-9A-Z^_`a-z|~]+$/.test(trimmedName)) {
-				console.warn(`Invalid cookie name: ${trimmedName}`);
-				continue;
-			}
-			const value = valueParts.join("=");
-			try {
-				cookies.set(trimmedName, decodeURIComponent(value));
-			} catch {
-				cookies.set(trimmedName, value);
-			}
-		}
-	} catch (error) {
-		console.error("Failed to parse cookies:", error);
-	}
-	return cookies;
-};
-const serializeCookie = (name, value, options = {}) => {
-	if (!/^[!#$%&'*+\-.0-9A-Z^_`a-z|~]+$/.test(name)) throw new Error(`Invalid cookie name: ${name}`);
-	const parts = [`${name}=${encodeURIComponent(value)}`];
-	if (options.domain) parts.push(`Domain=${options.domain}`);
-	if (options.path) parts.push(`Path=${options.path}`);
-	if (options.expires) parts.push(`Expires=${options.expires.toUTCString()}`);
-	if (options.maxAge) parts.push(`Max-Age=${options.maxAge}`);
-	if (options.httpOnly) parts.push("HttpOnly");
-	if (options.secure) parts.push("Secure");
-	if (options.sameSite) parts.push(`SameSite=${options.sameSite}`);
-	return parts.join("; ");
-};
-const validateRedirectStatus = (status) => {
-	if (![
-		300,
-		301,
-		302,
-		303,
-		307,
-		308
-	].includes(status)) throw new Error(`Invalid redirect status code: ${status}.`);
-	return true;
-};
-var ContextBuilder = class {
-	request;
-	matchedParams;
-	searchParams;
-	cookies;
-	variableManager;
-	responseHeaders = new Headers();
-	status = 200;
-	finalized = false;
-	cachedFormData = null;
-	formDataPromise = null;
-	bodyText = null;
-	constructor(request, matchedParams, initialVariables) {
-		if (!request || typeof request !== "object" || !request.url || !request.method) throw new Error("Invalid request object provided to ContextBuilder.");
-		this.request = request;
-		this.matchedParams = matchedParams;
-		this.searchParams = new URL(request.url).searchParams;
-		this.cookies = parseCookies(request);
-		this.variableManager = new ContextVariableManager(initialVariables);
-		Object.freeze(this.matchedParams);
-	}
-	build() {
-		return {
-			request: this.request,
-			params: this.matchedParams,
-			searchParams: this.searchParams,
-			query: (key) => this.searchParams.get(key) ?? void 0,
-			header: (key) => this.request.headers.get(key) ?? void 0,
-			cookie: (key) => this.cookies.get(key),
-			formData: async () => {
-				if (this.cachedFormData) return this.cachedFormData;
-				if (this.formDataPromise) try {
-					return await this.formDataPromise;
-				} catch {
-					this.formDataPromise = null;
-				}
-				this.formDataPromise = (async () => {
-					try {
-						const formData = await this.request.formData();
-						this.cachedFormData = formData;
-						return formData;
-					} catch (error) {
-						this.formDataPromise = null;
-						throw new Error(`Failed to read form data: ${error instanceof Error ? error.message : "Unknown error"}`);
-					}
-				})();
-				return this.formDataPromise;
-			},
-			parseJson: async () => {
-				try {
-					if (this.bodyText !== null) {
-						if (!this.bodyText) throw new Error("Request body is empty.");
-						return JSON.parse(this.bodyText);
-					}
-					const text = await this.request.text();
-					this.bodyText = text;
-					if (!text) throw new Error("Request body is empty.");
-					return JSON.parse(text);
-				} catch (error) {
-					throw new Error(`Failed to parse JSON: ${error instanceof Error ? error.message : "Unknown error"}`);
-				}
-			},
-			redirect: (url, status = 302) => {
-				validateRedirectStatus(status);
-				const location = url instanceof URL ? url.toString() : url;
-				return this.newResponse(void 0, {
-					status,
-					headers: { location }
-				});
-			},
-			json: (data, init) => {
-				const finalInit = {
-					...init,
-					headers: {
-						"content-type": "application/json; charset=utf-8",
-						...init?.headers
-					}
-				};
-				return this.newResponse(JSON.stringify(data), finalInit);
-			},
-			text: (data, init) => {
-				const finalInit = {
-					...init,
-					headers: {
-						"content-type": "text/plain; charset=utf-8",
-						...init?.headers
-					}
-				};
-				return this.newResponse(data, finalInit);
-			},
-			setCookie: (name, value, options) => {
-				try {
-					const cookie = serializeCookie(name, value, options);
-					this.responseHeaders.append("Set-Cookie", cookie);
-				} catch (error) {
-					console.error(`Failed to set cookie "${name}":`, error);
-				}
-			},
-			deleteCookie: (name, options) => {
-				try {
-					const cookie = serializeCookie(name, "", {
-						...options,
-						expires: /* @__PURE__ */ new Date(0)
-					});
-					this.responseHeaders.append("Set-Cookie", cookie);
-				} catch (error) {
-					console.error(`Failed to delete cookie "${name}":`, error);
-				}
-			},
-			newResponse: (body, init) => this.newResponse(body, init),
-			set: (key, value) => {
-				this.variableManager.set(key, value);
-			},
-			get: (key) => {
-				return this.variableManager.get(key);
-			},
-			has: (key) => {
-				return this.variableManager.has(key);
-			}
-		};
-	}
-	newResponse(body, init) {
-		if (this.finalized) throw new Error("Response already finalized");
-		const finalHeaders = new Headers(this.responseHeaders);
-		if (init?.headers) new Headers(init.headers).forEach((value, key) => {
-			if (key.toLowerCase() === "set-cookie") finalHeaders.append(key, value);
-			else finalHeaders.set(key, value);
-		});
-		const response = new Response(body, {
-			status: init?.status || this.status,
-			statusText: init?.statusText,
-			headers: finalHeaders
-		});
-		this.finalized = true;
-		return response;
-	}
-};
-
-//#endregion
-export { ContextBuilder };

package/dist/router/cookies.d.mts

@@ -1,8 +0,0 @@
-import { CookieOptions, RouterContext, VariableMap } from "./types.mjs";
-
-//#region src/router/cookies.d.ts
-declare const getCookie: <TVariables extends VariableMap = VariableMap>(ctx: RouterContext<Record<string, string>, TVariables>, name: string) => string | undefined;
-declare const setCookie: <TVariables extends VariableMap = VariableMap>(ctx: RouterContext<Record<string, string>, TVariables>, name: string, value: string, options?: CookieOptions) => void;
-declare const deleteCookie: <TVariables extends VariableMap = VariableMap>(ctx: RouterContext<Record<string, string>, TVariables>, name: string, options?: Pick<CookieOptions, "domain" | "path">) => void;
-//#endregion
-export { deleteCookie, getCookie, setCookie };

package/dist/router/cookies.mjs

@@ -1,13 +0,0 @@
-//#region src/router/cookies.ts
-const getCookie = (ctx, name) => {
-	return ctx.cookie(name);
-};
-const setCookie = (ctx, name, value, options) => {
-	ctx.setCookie(name, value, options);
-};
-const deleteCookie = (ctx, name, options) => {
-	ctx.deleteCookie(name, options);
-};
-
-//#endregion
-export { deleteCookie, getCookie, setCookie };

package/dist/router/index.d.mts

@@ -1,21 +0,0 @@
-import { AnyHandler, ErrorHandler, ExtractParams, GlobalMiddleware, RouterEnvironment, RouterOptions } from "./types.mjs";
-
-//#region src/router/index.d.ts
-declare class Router<TEnvironment extends RouterEnvironment = RouterEnvironment> {
-  private readonly routes;
-  private readonly matcher;
-  private readonly globalMiddleware;
-  private errorHandler?;
-  constructor(routerOptions?: RouterOptions);
-  private addRoute;
-  get<TPath extends string>(path: TPath, handler: AnyHandler<ExtractParams<TPath>, TEnvironment["Variables"]>): this;
-  post<TPath extends string>(path: TPath, handler: AnyHandler<ExtractParams<TPath>, TEnvironment["Variables"]>): this;
-  use(middleware: GlobalMiddleware<TEnvironment["Variables"]>): this;
-  onError(handler: ErrorHandler<TEnvironment["Variables"]>): this;
-  mount<TMountedEnvironment extends RouterEnvironment>(path: string, router: Router<TMountedEnvironment>): this;
-  handle(request: Request, initialVariables?: Partial<TEnvironment["Variables"]>): Promise<Response>;
-  get fetch(): (request: Request) => Promise<Response>;
-  private createErrorResponse;
-}
-//#endregion
-export { Router };

package/dist/router/index.mjs

@@ -1,107 +0,0 @@
-import { ContextBuilder } from "./context.mjs";
-import { RouteMatcher } from "./matcher.mjs";
-import { makeSafeRequest } from "./safe-request.mjs";
-
-//#region src/router/index.ts
-var Router = class {
-	routes = /* @__PURE__ */ new Map();
-	matcher;
-	globalMiddleware = [];
-	errorHandler;
-	constructor(routerOptions = {}) {
-		this.matcher = new RouteMatcher(routerOptions);
-	}
-	addRoute(method, path, handler) {
-		const { handler: mainHandler, middleware = [] } = typeof handler === "function" ? { handler } : handler;
-		if (typeof mainHandler !== "function") throw new Error(`Handler for ${method} ${path} must be a function.`);
-		const route = {
-			method,
-			pattern: path,
-			handler: mainHandler,
-			middleware: [...this.globalMiddleware, ...middleware],
-			compiled: this.matcher.compile(path)
-		};
-		const methodRoutes = this.routes.get(method) ?? [];
-		if (methodRoutes.some((r) => r.pattern === path)) console.warn(`Route already exists: ${method} ${path}. Overwriting.`);
-		const newRoutes = [...methodRoutes.filter((r) => r.pattern !== path), route];
-		const sortedPatterns = this.matcher.sortRoutesBySpecificity(newRoutes.map((r) => r.pattern));
-		newRoutes.sort((a, b) => sortedPatterns.indexOf(a.pattern) - sortedPatterns.indexOf(b.pattern));
-		this.routes.set(method, newRoutes);
-		return this;
-	}
-	get(path, handler) {
-		return this.addRoute("GET", path, handler);
-	}
-	post(path, handler) {
-		return this.addRoute("POST", path, handler);
-	}
-	use(middleware) {
-		this.globalMiddleware.push(middleware);
-		return this;
-	}
-	onError(handler) {
-		this.errorHandler = handler;
-		return this;
-	}
-	mount(path, router) {
-		const normalizedPath = path.endsWith("/") ? path.slice(0, -1) : path;
-		for (const [method, routes] of router.routes) for (const route of routes) this.addRoute(method, `${normalizedPath}${route.pattern}`, {
-			handler: route.handler,
-			middleware: route.middleware
-		});
-		return this;
-	}
-	async handle(request, initialVariables) {
-		const safeRequest = await makeSafeRequest(request);
-		try {
-			const url = new URL(safeRequest.url);
-			const method = safeRequest.method.toUpperCase();
-			const pathname = this.matcher.normalizePath(url.pathname);
-			const methodRoutes = this.routes.get(method);
-			if (!methodRoutes) return this.createErrorResponse("Not Found", 404);
-			for (const route of methodRoutes) {
-				const match = this.matcher.match(route.pattern, pathname);
-				if (match) {
-					const context = new ContextBuilder(safeRequest, match.params, initialVariables).build();
-					const allMiddleware = [...this.globalMiddleware, ...route.middleware];
-					const run = async (index, ctx) => {
-						if (index < allMiddleware.length) {
-							const middleware = allMiddleware[index];
-							if (middleware) return middleware(ctx, () => run(index + 1, ctx));
-						}
-						return route.handler(ctx);
-					};
-					return await run(0, context);
-				}
-			}
-			return this.createErrorResponse(`Route not found: ${method} ${pathname}`, 404);
-		} catch (error) {
-			console.error("Router handle error:", error);
-			if (this.errorHandler) try {
-				const errorContext = new ContextBuilder(safeRequest, {}, initialVariables).build();
-				return await this.errorHandler(error, errorContext);
-			} catch (handlerError) {
-				console.error("Error handler failed:", handlerError);
-			}
-			const message = error instanceof Error ? error.message : "Internal Server Error";
-			return this.createErrorResponse(message, 500);
-		}
-	}
-	get fetch() {
-		return (request) => {
-			return this.handle(request);
-		};
-	}
-	createErrorResponse(message, status) {
-		return new Response(JSON.stringify({
-			error: message,
-			status
-		}), {
-			status,
-			headers: { "Content-Type": "application/json" }
-		});
-	}
-};
-
-//#endregion
-export { Router };

package/dist/router/matcher.d.mts

@@ -1,15 +0,0 @@
-import { CompiledRoute, MatchResult, RouterOptions } from "./types.mjs";
-
-//#region src/router/matcher.d.ts
-declare class RouteMatcher {
-  private readonly compiledRoutes;
-  private readonly options;
-  constructor(options?: RouterOptions);
-  compile(pattern: string): CompiledRoute;
-  match(pattern: string, pathname: string): MatchResult | null;
-  sortRoutesBySpecificity(patterns: string[]): string[];
-  private calculateSpecificity;
-  normalizePath(pathname: string): string;
-}
-//#endregion
-export { RouteMatcher };

package/dist/router/matcher.mjs

@@ -1,76 +0,0 @@
-//#region src/router/matcher.ts
-var RouteMatcher = class {
-	compiledRoutes = /* @__PURE__ */ new Map();
-	options;
-	constructor(options = {}) {
-		this.options = {
-			caseSensitive: false,
-			strict: false,
-			basePath: "",
-			...options
-		};
-	}
-	compile(pattern) {
-		const cacheKey = `${pattern}:${this.options.caseSensitive}:${this.options.strict}`;
-		const cached = this.compiledRoutes.get(cacheKey);
-		if (cached) return cached;
-		const paramNames = [];
-		let regexPattern = pattern.replace(/:([^/]+)/g, (_, name) => {
-			paramNames.push(name);
-			return "([^/]+)";
-		});
-		regexPattern = regexPattern.replace(/\*/g, "(.*)");
-		const finalPattern = this.options.strict || pattern === "/" ? regexPattern : `${regexPattern.replace(/\/$/, "")}/?`;
-		const compiled = {
-			regex: new RegExp(`^${finalPattern}$`, this.options.caseSensitive ? "" : "i"),
-			paramNames,
-			pattern
-		};
-		this.compiledRoutes.set(cacheKey, compiled);
-		return compiled;
-	}
-	match(pattern, pathname) {
-		const compiled = this.compile(pattern);
-		const match = pathname.match(compiled.regex);
-		if (!match) return null;
-		const params = {};
-		for (let i = 0; i < compiled.paramNames.length; i++) {
-			const name = compiled.paramNames[i];
-			const value = match[i + 1];
-			if (name && value !== void 0) try {
-				params[name] = decodeURIComponent(value);
-			} catch {
-				params[name] = value;
-			}
-		}
-		return {
-			params: Object.freeze(params),
-			pattern
-		};
-	}
-	sortRoutesBySpecificity(patterns) {
-		return [...patterns].sort((a, b) => {
-			const aScore = this.calculateSpecificity(a);
-			return this.calculateSpecificity(b) - aScore;
-		});
-	}
-	calculateSpecificity(pattern) {
-		const segments = pattern.split("/").filter(Boolean);
-		let score = 0;
-		for (const segment of segments) if (segment.startsWith(":")) score += 2;
-		else if (segment === "*") score += 1;
-		else score += 4;
-		return score;
-	}
-	normalizePath(pathname) {
-		let normalized = pathname;
-		const { basePath, strict } = this.options;
-		if (basePath && normalized.startsWith(basePath)) normalized = normalized.slice(basePath.length) || "/";
-		if (!normalized.startsWith("/")) normalized = `/${normalized}`;
-		if (!strict && normalized.length > 1 && normalized.endsWith("/")) normalized = normalized.slice(0, -1);
-		return normalized;
-	}
-};
-
-//#endregion
-export { RouteMatcher };

package/dist/router/middleware/cors.d.mts

@@ -1,15 +0,0 @@
-import { MiddlewareHandler, RouterContext, VariableMap } from "../types.mjs";
-
-//#region src/router/middleware/cors.d.ts
-interface CORSOptions {
-  origin?: "*" | string | readonly string[] | ((origin: string, ctx: RouterContext<Record<string, string>, VariableMap>) => string | null);
-  allowMethods?: readonly string[] | ((origin: string, ctx: RouterContext<Record<string, string>, VariableMap>) => readonly string[]);
-  allowHeaders?: readonly string[];
-  maxAge?: number;
-  credentials?: boolean;
-  exposeHeaders?: readonly string[];
-  preflightHandler?: <TVariables extends VariableMap>(ctx: RouterContext<Record<string, string>, TVariables>) => Promise<Response> | Response;
-}
-declare const cors: <TVariables extends VariableMap = VariableMap>(options?: CORSOptions) => MiddlewareHandler<Record<string, string>, TVariables>;
-//#endregion
-export { CORSOptions, cors };

package/dist/router/middleware/cors.mjs

@@ -1,114 +0,0 @@
-//#region src/router/middleware/cors.ts
-const DEFAULT_CORS_OPTIONS = {
-	origin: "*",
-	allowMethods: [
-		"GET",
-		"HEAD",
-		"PUT",
-		"POST",
-		"DELETE",
-		"PATCH",
-		"OPTIONS"
-	],
-	allowHeaders: [],
-	maxAge: 86400,
-	credentials: false,
-	exposeHeaders: []
-};
-const createOriginResolver = (origin) => {
-	if (!origin || origin === "*") return () => "*";
-	if (typeof origin === "string") return (requestOrigin) => origin === requestOrigin ? origin : null;
-	if (typeof origin === "function") return origin;
-	if (Array.isArray(origin)) {
-		const allowedOrigins = new Set(origin);
-		return (requestOrigin) => allowedOrigins.has(requestOrigin) ? requestOrigin : null;
-	}
-	return () => null;
-};
-const createMethodsResolver = (methods) => {
-	if (typeof methods === "function") return methods;
-	if (Array.isArray(methods)) return () => methods;
-	return () => DEFAULT_CORS_OPTIONS.allowMethods;
-};
-const normalizeCORSOptions = (options = {}) => {
-	const opts = {
-		...DEFAULT_CORS_OPTIONS,
-		...options
-	};
-	if (opts.maxAge < 0) throw new Error("CORS maxAge must be non-negative");
-	if (Array.isArray(opts.allowMethods)) {
-		const validMethods = new Set([
-			"GET",
-			"HEAD",
-			"PUT",
-			"POST",
-			"DELETE",
-			"PATCH",
-			"OPTIONS"
-		]);
-		const invalidMethods = opts.allowMethods.filter((method) => !validMethods.has(method.toUpperCase()));
-		if (invalidMethods.length > 0) console.warn(`CORS: Invalid HTTP methods detected: ${invalidMethods.join(", ")}`);
-	}
-	return {
-		...opts,
-		_originResolver: createOriginResolver(options.origin),
-		_methodsResolver: createMethodsResolver(options.allowMethods)
-	};
-};
-const cors = (options = {}) => {
-	const opts = normalizeCORSOptions(options);
-	return async (ctx, next) => {
-		const requestOrigin = ctx.header("origin") || "";
-		const requestMethod = ctx.request.method.toUpperCase();
-		const allowedOrigin = opts._originResolver(requestOrigin, ctx);
-		const corsHeaders = {};
-		if (allowedOrigin) corsHeaders["Access-Control-Allow-Origin"] = allowedOrigin;
-		if (opts.origin !== "*" && allowedOrigin) {
-			const existingVary = ctx.header("vary");
-			corsHeaders.Vary = existingVary ? `${existingVary}, Origin` : "Origin";
-		}
-		if (opts.credentials) corsHeaders["Access-Control-Allow-Credentials"] = "true";
-		if (opts.exposeHeaders && opts.exposeHeaders.length > 0) corsHeaders["Access-Control-Expose-Headers"] = opts.exposeHeaders.join(",");
-		if (requestMethod === "OPTIONS") {
-			if (opts.preflightHandler) return await opts.preflightHandler(ctx);
-			if (opts.maxAge != null) corsHeaders["Access-Control-Max-Age"] = opts.maxAge.toString();
-			const allowedMethods = opts._methodsResolver(requestOrigin, ctx);
-			if (allowedMethods.length > 0) corsHeaders["Access-Control-Allow-Methods"] = allowedMethods.join(",");
-			let allowedHeaders = opts.allowHeaders;
-			if (!allowedHeaders || allowedHeaders.length === 0) {
-				const requestHeaders = ctx.header("access-control-request-headers");
-				if (requestHeaders) allowedHeaders = requestHeaders.split(/\s*,\s*/);
-			}
-			if (allowedHeaders && allowedHeaders.length > 0) {
-				corsHeaders["Access-Control-Allow-Headers"] = allowedHeaders.join(",");
-				const existingVary = corsHeaders.Vary || ctx.header("vary");
-				corsHeaders.Vary = existingVary ? `${existingVary}, Access-Control-Request-Headers` : "Access-Control-Request-Headers";
-			}
-			const headers = new Headers();
-			Object.entries(corsHeaders).forEach(([key, value]) => {
-				headers.set(key, value);
-			});
-			return new Response(null, {
-				status: 204,
-				statusText: "No Content",
-				headers
-			});
-		}
-		return applyCORSHeaders(await next(), corsHeaders);
-	};
-};
-const applyCORSHeaders = (response, corsHeaders) => {
-	if (Object.keys(corsHeaders).length === 0) return response;
-	const newHeaders = new Headers(response.headers);
-	Object.entries(corsHeaders).forEach(([key, value]) => {
-		newHeaders.set(key, value);
-	});
-	return new Response(response.body, {
-		status: response.status,
-		statusText: response.statusText,
-		headers: newHeaders
-	});
-};
-
-//#endregion
-export { cors };

package/dist/router/safe-request.d.mts

@@ -1,52 +0,0 @@
-//#region src/router/safe-request.d.ts
-/**
- * SafeRequest wraps a Request to cache the body and allow multiple reads.
- * This solves issues with Request implementations that don't support multiple body reads.
- */
-interface SafeRequestOptions {
-  cache?: RequestCache;
-  credentials?: RequestCredentials;
-  destination?: RequestDestination;
-  integrity?: string;
-  keepalive?: boolean;
-  mode?: RequestMode;
-  redirect?: RequestRedirect;
-  referrer?: string;
-  referrerPolicy?: ReferrerPolicy;
-  signal?: AbortSignal;
-}
-declare class SafeRequest implements Request {
-  private cachedBody;
-  private bodyBuffer;
-  private readonly textDecoder;
-  readonly cache: RequestCache;
-  readonly credentials: RequestCredentials;
-  readonly destination: RequestDestination;
-  readonly headers: Headers;
-  readonly integrity: string;
-  readonly keepalive: boolean;
-  readonly method: string;
-  readonly mode: RequestMode;
-  readonly redirect: RequestRedirect;
-  readonly referrer: string;
-  readonly referrerPolicy: ReferrerPolicy;
-  readonly signal: AbortSignal;
-  readonly url: string;
-  constructor(url: string, method: string, headers: Headers, body: ArrayBuffer | null, options?: SafeRequestOptions);
-  arrayBuffer(): Promise<ArrayBuffer>;
-  blob(): Promise<Blob>;
-  formData(): Promise<FormData>;
-  json<T = unknown>(): Promise<T>;
-  text(): Promise<string>;
-  bytes(): Promise<Uint8Array<ArrayBuffer>>;
-  get body(): ReadableStream<Uint8Array<ArrayBuffer>> | null;
-  get bodyUsed(): boolean;
-  clone(): Request;
-}
-/**
- * Extracts data from a Request and creates a SafeRequest.
- * Uses ReadableStream to safely read the body and avoid issues with certain Request implementations.
- */
-declare function makeSafeRequest(request: Request): Promise<Request>;
-//#endregion
-export { SafeRequest, makeSafeRequest };