@edge-base/server 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/admin-build/.gitkeep +0 -0
- package/admin-build/_app/env.js +1 -0
- package/admin-build/_app/immutable/assets/0.Bm6cF078.css +1 -0
- package/admin-build/_app/immutable/assets/1.BfW3pUNa.css +1 -0
- package/admin-build/_app/immutable/assets/11.CVmQOewb.css +1 -0
- package/admin-build/_app/immutable/assets/12.B1EhbRZT.css +1 -0
- package/admin-build/_app/immutable/assets/13.BvwYeuwE.css +1 -0
- package/admin-build/_app/immutable/assets/14.CdVfcO0R.css +1 -0
- package/admin-build/_app/immutable/assets/15.2yeZ66b-.css +1 -0
- package/admin-build/_app/immutable/assets/17.BVg0JEVu.css +1 -0
- package/admin-build/_app/immutable/assets/18.Rwnl3x_i.css +1 -0
- package/admin-build/_app/immutable/assets/20.DsPWA9AV.css +1 -0
- package/admin-build/_app/immutable/assets/21.Dz2RJ56c.css +1 -0
- package/admin-build/_app/immutable/assets/22.DwNLk5Ai.css +1 -0
- package/admin-build/_app/immutable/assets/23.CFpu0gOO.css +1 -0
- package/admin-build/_app/immutable/assets/24.Cy5LBeoJ.css +1 -0
- package/admin-build/_app/immutable/assets/25.pUyLVf-h.css +1 -0
- package/admin-build/_app/immutable/assets/26.DBcGrlXa.css +1 -0
- package/admin-build/_app/immutable/assets/27.BswYyAJD.css +1 -0
- package/admin-build/_app/immutable/assets/28.B4ueB1Kf.css +1 -0
- package/admin-build/_app/immutable/assets/29.B-qU6PdF.css +1 -0
- package/admin-build/_app/immutable/assets/3.Dg81Pgmd.css +1 -0
- package/admin-build/_app/immutable/assets/30.CsdWum94.css +1 -0
- package/admin-build/_app/immutable/assets/31.U6OwIp50.css +1 -0
- package/admin-build/_app/immutable/assets/4.CyawCCux.css +1 -0
- package/admin-build/_app/immutable/assets/5.C0YO2HTk.css +1 -0
- package/admin-build/_app/immutable/assets/8.Br5jd6kD.css +1 -0
- package/admin-build/_app/immutable/assets/Badge.EMYLHBxE.css +1 -0
- package/admin-build/_app/immutable/assets/Button.DpzMRTjK.css +1 -0
- package/admin-build/_app/immutable/assets/ConfirmDialog.DAnaWRRk.css +1 -0
- package/admin-build/_app/immutable/assets/EmptyState.CwKsu57Y.css +1 -0
- package/admin-build/_app/immutable/assets/Input.BDUSenmU.css +1 -0
- package/admin-build/_app/immutable/assets/Modal.Dm5B0Xie.css +1 -0
- package/admin-build/_app/immutable/assets/PageShell.CmU-Xh-b.css +1 -0
- package/admin-build/_app/immutable/assets/SchemaFieldEditor.g4NsCdno.css +1 -0
- package/admin-build/_app/immutable/assets/Select.BW4Keufm.css +1 -0
- package/admin-build/_app/immutable/assets/Skeleton.KWUulTKJ.css +1 -0
- package/admin-build/_app/immutable/assets/Tabs.CniGYb67.css +1 -0
- package/admin-build/_app/immutable/assets/TimeChart.BTCDAvmT.css +1 -0
- package/admin-build/_app/immutable/assets/Toggle.Cy_K12OM.css +1 -0
- package/admin-build/_app/immutable/assets/TopList.ClFzmPlA.css +1 -0
- package/admin-build/_app/immutable/chunks/7B47DvSx.js +1 -0
- package/admin-build/_app/immutable/chunks/7f08Id8e.js +1 -0
- package/admin-build/_app/immutable/chunks/8wJeQ7LN.js +1 -0
- package/admin-build/_app/immutable/chunks/B-h2afW5.js +1 -0
- package/admin-build/_app/immutable/chunks/B8vJP3wz.js +1 -0
- package/admin-build/_app/immutable/chunks/BR_fL5Yv.js +1 -0
- package/admin-build/_app/immutable/chunks/BY92tFS2.js +1 -0
- package/admin-build/_app/immutable/chunks/BcR-Rdj9.js +1 -0
- package/admin-build/_app/immutable/chunks/BdrwyZv8.js +1 -0
- package/admin-build/_app/immutable/chunks/Bh56EfQ_.js +1 -0
- package/admin-build/_app/immutable/chunks/BkrCkgYp.js +1 -0
- package/admin-build/_app/immutable/chunks/BmRjiP5k.js +1 -0
- package/admin-build/_app/immutable/chunks/BsokvhWC.js +1 -0
- package/admin-build/_app/immutable/chunks/C4D51vTW.js +1 -0
- package/admin-build/_app/immutable/chunks/C6puvcoR.js +2 -0
- package/admin-build/_app/immutable/chunks/CCKNu7m7.js +1 -0
- package/admin-build/_app/immutable/chunks/CWj6FrbW.js +1 -0
- package/admin-build/_app/immutable/chunks/Ce-ngf4p.js +5 -0
- package/admin-build/_app/immutable/chunks/Cs0GwzJA.js +1 -0
- package/admin-build/_app/immutable/chunks/CwROoZK0.js +1 -0
- package/admin-build/_app/immutable/chunks/CxCPv_Ut.js +1 -0
- package/admin-build/_app/immutable/chunks/CxbRue-5.js +1 -0
- package/admin-build/_app/immutable/chunks/CyqB6g-D.js +1 -0
- package/admin-build/_app/immutable/chunks/D5h5A1cc.js +2 -0
- package/admin-build/_app/immutable/chunks/DnyL7Zq-.js +1 -0
- package/admin-build/_app/immutable/chunks/DoPXzH7F.js +1 -0
- package/admin-build/_app/immutable/chunks/DrQSgw-f.js +1 -0
- package/admin-build/_app/immutable/chunks/DttM2zNO.js +1 -0
- package/admin-build/_app/immutable/chunks/DuXuUBWN.js +1 -0
- package/admin-build/_app/immutable/chunks/MdeqaOQx.js +10 -0
- package/admin-build/_app/immutable/chunks/NuUjtcO2.js +1 -0
- package/admin-build/_app/immutable/chunks/Q2nPFxS6.js +1 -0
- package/admin-build/_app/immutable/chunks/R6arueIl.js +1 -0
- package/admin-build/_app/immutable/chunks/UUazaC_N.js +1 -0
- package/admin-build/_app/immutable/chunks/cOYbrQxx.js +1 -0
- package/admin-build/_app/immutable/chunks/eFQHTGwA.js +1 -0
- package/admin-build/_app/immutable/chunks/ehbppgYb.js +1 -0
- package/admin-build/_app/immutable/chunks/glwixJlP.js +1 -0
- package/admin-build/_app/immutable/chunks/vApWTCBs.js +1 -0
- package/admin-build/_app/immutable/chunks/w89G9Xpi.js +1 -0
- package/admin-build/_app/immutable/chunks/wJsUhbfZ.js +1 -0
- package/admin-build/_app/immutable/chunks/zfauFM8P.js +1 -0
- package/admin-build/_app/immutable/entry/app.CcO-Uos3.js +2 -0
- package/admin-build/_app/immutable/entry/start.COebYq3I.js +1 -0
- package/admin-build/_app/immutable/nodes/0.CjtHKU-6.js +1 -0
- package/admin-build/_app/immutable/nodes/1.DEisjlM0.js +1 -0
- package/admin-build/_app/immutable/nodes/10.CvhdyWVB.js +1 -0
- package/admin-build/_app/immutable/nodes/11.DjHqcOvy.js +1 -0
- package/admin-build/_app/immutable/nodes/12.mQLz4Mj_.js +1 -0
- package/admin-build/_app/immutable/nodes/13.CBonZZyP.js +110 -0
- package/admin-build/_app/immutable/nodes/14.d-oiZL0j.js +3 -0
- package/admin-build/_app/immutable/nodes/15.CKPQsUYF.js +1 -0
- package/admin-build/_app/immutable/nodes/16.wPzAPQGx.js +1 -0
- package/admin-build/_app/immutable/nodes/17.DayhKyEZ.js +1 -0
- package/admin-build/_app/immutable/nodes/18.DKwS0Ir0.js +1 -0
- package/admin-build/_app/immutable/nodes/19.wPzAPQGx.js +1 -0
- package/admin-build/_app/immutable/nodes/2.BKoKrw1i.js +1 -0
- package/admin-build/_app/immutable/nodes/20.BvIkkkrW.js +1 -0
- package/admin-build/_app/immutable/nodes/21.DMaFhdHk.js +128 -0
- package/admin-build/_app/immutable/nodes/22.3xdgwuK1.js +1 -0
- package/admin-build/_app/immutable/nodes/23.8Bvgjbsl.js +112 -0
- package/admin-build/_app/immutable/nodes/24.DzSSzRhG.js +2 -0
- package/admin-build/_app/immutable/nodes/25.9KKYBnAE.js +2 -0
- package/admin-build/_app/immutable/nodes/26.Bhn9dfhY.js +1 -0
- package/admin-build/_app/immutable/nodes/27.kRLiC24G.js +1 -0
- package/admin-build/_app/immutable/nodes/28.BVIN1-7N.js +1 -0
- package/admin-build/_app/immutable/nodes/29.3yabZWj4.js +1 -0
- package/admin-build/_app/immutable/nodes/3.BFtSOkX7.js +2 -0
- package/admin-build/_app/immutable/nodes/30.CyCQlwaP.js +1 -0
- package/admin-build/_app/immutable/nodes/31.C4LDXjES.js +1 -0
- package/admin-build/_app/immutable/nodes/4.CvbiMlCa.js +1 -0
- package/admin-build/_app/immutable/nodes/5.C6BLv2eM.js +1 -0
- package/admin-build/_app/immutable/nodes/6.BcXvfl2P.js +1 -0
- package/admin-build/_app/immutable/nodes/7.CIuqhPiK.js +1 -0
- package/admin-build/_app/immutable/nodes/8.BQOR_JfO.js +1 -0
- package/admin-build/_app/immutable/nodes/9.NZqXQxPy.js +1 -0
- package/admin-build/_app/version.json +1 -0
- package/admin-build/favicon.svg +26 -0
- package/admin-build/index.html +45 -0
- package/openapi.json +19543 -0
- package/package.json +66 -0
- package/src/__tests__/admin-assets.test.ts +55 -0
- package/src/__tests__/admin-data-routes.test.ts +488 -0
- package/src/__tests__/admin-db-target.test.ts +103 -0
- package/src/__tests__/admin-routing.test.ts +31 -0
- package/src/__tests__/admin-user-management.test.ts +311 -0
- package/src/__tests__/analytics-query.test.ts +75 -0
- package/src/__tests__/auth-d1.test.ts +749 -0
- package/src/__tests__/auth-db-adapter.test.ts +73 -0
- package/src/__tests__/auth-jwt.test.ts +440 -0
- package/src/__tests__/auth-oauth.test.ts +389 -0
- package/src/__tests__/auth-password.test.ts +367 -0
- package/src/__tests__/auth-redirect.test.ts +87 -0
- package/src/__tests__/backup-restore.test.ts +711 -0
- package/src/__tests__/broadcast.test.ts +128 -0
- package/src/__tests__/cli.test.ts +178 -0
- package/src/__tests__/cloudflare-realtime.test.ts +113 -0
- package/src/__tests__/config.test.ts +469 -0
- package/src/__tests__/cors.test.ts +154 -0
- package/src/__tests__/cron.test.ts +302 -0
- package/src/__tests__/d1-handler.test.ts +402 -0
- package/src/__tests__/d1-sql.test.ts +120 -0
- package/src/__tests__/database-live-config.test.ts +42 -0
- package/src/__tests__/database-live-emitter.test.ts +56 -0
- package/src/__tests__/database-live-filters.test.ts +63 -0
- package/src/__tests__/database-live-route.test.ts +113 -0
- package/src/__tests__/db-sql.test.ts +163 -0
- package/src/__tests__/do-lifecycle.test.ts +263 -0
- package/src/__tests__/do-router.test.ts +729 -0
- package/src/__tests__/email-provider.test.ts +128 -0
- package/src/__tests__/email-templates.test.ts +528 -0
- package/src/__tests__/error-format.test.ts +250 -0
- package/src/__tests__/field-ops.test.ts +242 -0
- package/src/__tests__/functions-context.test.ts +334 -0
- package/src/__tests__/functions-d1-proxy.test.ts +229 -0
- package/src/__tests__/functions-registry-runtime-config.test.ts +17 -0
- package/src/__tests__/functions-route.test.ts +139 -0
- package/src/__tests__/internal-request.test.ts +77 -0
- package/src/__tests__/log-writer.test.ts +44 -0
- package/src/__tests__/logger.test.ts +58 -0
- package/src/__tests__/meta-admin-proxy.test.ts +48 -0
- package/src/__tests__/meta-export-coverage.test.ts +191 -0
- package/src/__tests__/meta-route-registration.test.ts +47 -0
- package/src/__tests__/namespace-dump.test.ts +28 -0
- package/src/__tests__/oauth-providers.test.ts +337 -0
- package/src/__tests__/openapi-coverage.test.ts +144 -0
- package/src/__tests__/pagination.test.ts +59 -0
- package/src/__tests__/password-policy.test.ts +191 -0
- package/src/__tests__/plugin-migrations.test.ts +379 -0
- package/src/__tests__/postgres-batch-compat.test.ts +133 -0
- package/src/__tests__/postgres-dialect.test.ts +328 -0
- package/src/__tests__/postgres-executor.test.ts +79 -0
- package/src/__tests__/postgres-field-ops-compat.test.ts +222 -0
- package/src/__tests__/postgres-schema-init.test.ts +105 -0
- package/src/__tests__/postgres-table-utils.test.ts +107 -0
- package/src/__tests__/presence.test.ts +199 -0
- package/src/__tests__/provider.test.ts +550 -0
- package/src/__tests__/public-user-profile.test.ts +339 -0
- package/src/__tests__/push-handlers.test.ts +179 -0
- package/src/__tests__/push-provider.test.ts +80 -0
- package/src/__tests__/push-token.test.ts +418 -0
- package/src/__tests__/query.test.ts +771 -0
- package/src/__tests__/rate-limit.test.ts +260 -0
- package/src/__tests__/room-access-policy.test.ts +101 -0
- package/src/__tests__/room-handler-context.test.ts +130 -0
- package/src/__tests__/room-monitoring.test.ts +138 -0
- package/src/__tests__/room-runtime-routing.test.ts +222 -0
- package/src/__tests__/room.test.ts +254 -0
- package/src/__tests__/route-parser.test.ts +490 -0
- package/src/__tests__/rules.test.ts +234 -0
- package/src/__tests__/runtime-surface-accounting.test.ts +120 -0
- package/src/__tests__/scheduled.test.ts +80 -0
- package/src/__tests__/schema.test.ts +1273 -0
- package/src/__tests__/security-hardening.test.ts +312 -0
- package/src/__tests__/server.unit.test.ts +333 -0
- package/src/__tests__/service-key-db-proxy.test.ts +650 -0
- package/src/__tests__/service-key-provider-bypass.test.ts +138 -0
- package/src/__tests__/service-key.test.ts +757 -0
- package/src/__tests__/smoke-skip-report.test.ts +72 -0
- package/src/__tests__/sms-provider.test.ts +39 -0
- package/src/__tests__/sql-route.test.ts +218 -0
- package/src/__tests__/storage-hook-context.test.ts +115 -0
- package/src/__tests__/totp.test.ts +200 -0
- package/src/__tests__/uuid.test.ts +144 -0
- package/src/__tests__/validation.test.ts +773 -0
- package/src/__tests__/websocket-pending.test.ts +163 -0
- package/src/_functions-registry.ts +51 -0
- package/src/bench-entry.ts +9 -0
- package/src/cloudflare-test.d.ts +1 -0
- package/src/durable-objects/auth-do.ts +49 -0
- package/src/durable-objects/database-do.ts +2240 -0
- package/src/durable-objects/database-live-do.ts +949 -0
- package/src/durable-objects/logs-do.ts +1200 -0
- package/src/durable-objects/room-runtime-base.ts +1604 -0
- package/src/durable-objects/rooms-do.ts +2191 -0
- package/src/generated-config.ts +6 -0
- package/src/index.ts +382 -0
- package/src/lib/admin-assets.ts +54 -0
- package/src/lib/admin-db-target.ts +301 -0
- package/src/lib/admin-routing.ts +35 -0
- package/src/lib/admin-user-management.ts +464 -0
- package/src/lib/analytics-adapter.ts +103 -0
- package/src/lib/analytics-query.ts +579 -0
- package/src/lib/auth-d1-service.ts +1193 -0
- package/src/lib/auth-d1.ts +1056 -0
- package/src/lib/auth-db-adapter.ts +289 -0
- package/src/lib/auth-redirect.ts +116 -0
- package/src/lib/cidr.ts +115 -0
- package/src/lib/client-ip.ts +51 -0
- package/src/lib/cloudflare-realtime.ts +251 -0
- package/src/lib/control-db.ts +36 -0
- package/src/lib/cron.ts +163 -0
- package/src/lib/d1-handler.ts +1425 -0
- package/src/lib/d1-schema-init.ts +255 -0
- package/src/lib/d1-sql.ts +33 -0
- package/src/lib/database-live-config.ts +24 -0
- package/src/lib/database-live-emitter.ts +111 -0
- package/src/lib/db-sql.ts +66 -0
- package/src/lib/do-retry.ts +36 -0
- package/src/lib/do-router.ts +270 -0
- package/src/lib/do-sql.ts +73 -0
- package/src/lib/email-provider.ts +379 -0
- package/src/lib/email-templates.ts +285 -0
- package/src/lib/email-translations.ts +422 -0
- package/src/lib/errors.ts +151 -0
- package/src/lib/functions.ts +2091 -0
- package/src/lib/hono.ts +56 -0
- package/src/lib/internal-request.ts +56 -0
- package/src/lib/jwt.ts +354 -0
- package/src/lib/log-writer.ts +272 -0
- package/src/lib/namespace-dump.ts +125 -0
- package/src/lib/oauth-providers.ts +1225 -0
- package/src/lib/op-parser.ts +99 -0
- package/src/lib/openapi.ts +146 -0
- package/src/lib/pagination.ts +19 -0
- package/src/lib/password-policy.ts +102 -0
- package/src/lib/password.ts +145 -0
- package/src/lib/plugin-migrations.ts +612 -0
- package/src/lib/postgres-executor.ts +203 -0
- package/src/lib/postgres-handler.ts +1102 -0
- package/src/lib/postgres-schema-init.ts +341 -0
- package/src/lib/postgres-table-utils.ts +87 -0
- package/src/lib/public-user-profile.ts +187 -0
- package/src/lib/push-provider.ts +409 -0
- package/src/lib/push-token.ts +294 -0
- package/src/lib/query-engine.ts +768 -0
- package/src/lib/room-monitoring.ts +97 -0
- package/src/lib/room-runtime.ts +14 -0
- package/src/lib/route-parser.ts +434 -0
- package/src/lib/schema.ts +538 -0
- package/src/lib/schemas.ts +152 -0
- package/src/lib/service-key.ts +419 -0
- package/src/lib/sms-provider.ts +230 -0
- package/src/lib/startup-config.ts +99 -0
- package/src/lib/totp.ts +242 -0
- package/src/lib/uuid.ts +87 -0
- package/src/lib/validation.ts +205 -0
- package/src/lib/version.ts +2 -0
- package/src/lib/websocket-pending.ts +40 -0
- package/src/middleware/auth.ts +169 -0
- package/src/middleware/captcha-verify.ts +217 -0
- package/src/middleware/cors.ts +159 -0
- package/src/middleware/error-handler.ts +54 -0
- package/src/middleware/internal-guard.ts +26 -0
- package/src/middleware/logger.ts +126 -0
- package/src/middleware/rate-limit.ts +283 -0
- package/src/middleware/rules.ts +475 -0
- package/src/routes/admin-auth.ts +447 -0
- package/src/routes/admin.ts +3501 -0
- package/src/routes/analytics-api.ts +290 -0
- package/src/routes/auth.ts +4222 -0
- package/src/routes/backup.ts +1466 -0
- package/src/routes/config.ts +53 -0
- package/src/routes/d1.ts +109 -0
- package/src/routes/database-live.ts +281 -0
- package/src/routes/functions.ts +155 -0
- package/src/routes/health.ts +32 -0
- package/src/routes/kv.ts +167 -0
- package/src/routes/oauth.ts +1055 -0
- package/src/routes/push.ts +1465 -0
- package/src/routes/room.ts +639 -0
- package/src/routes/schema-endpoint.ts +76 -0
- package/src/routes/sql.ts +176 -0
- package/src/routes/storage.ts +1674 -0
- package/src/routes/tables.ts +699 -0
- package/src/routes/users.ts +21 -0
- package/src/routes/vectorize.ts +372 -0
- package/src/types.ts +99 -0
|
@@ -0,0 +1,469 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* 서버 단위 테스트 — bundled runtime config + public config route helpers
|
|
3
|
+
*
|
|
4
|
+
* 실행: cd packages/server && npx vitest run src/__tests__/config.test.ts
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
import { afterEach, describe, expect, it, vi } from 'vitest';
|
|
8
|
+
import { parseConfig, setConfig } from '../lib/do-router.js';
|
|
9
|
+
import type { EdgeBaseConfig } from '@edge-base/shared';
|
|
10
|
+
import {
|
|
11
|
+
parseProcessEnvConfig,
|
|
12
|
+
resolveStartupConfig,
|
|
13
|
+
} from '../lib/startup-config.js';
|
|
14
|
+
|
|
15
|
+
afterEach(() => {
|
|
16
|
+
setConfig({} as EdgeBaseConfig);
|
|
17
|
+
});
|
|
18
|
+
|
|
19
|
+
async function loadFreshDoRouter() {
|
|
20
|
+
vi.resetModules();
|
|
21
|
+
return import('../lib/do-router.js');
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
function getCaptchaFromRuntime(env: {
|
|
25
|
+
CAPTCHA_SITE_KEY?: string;
|
|
26
|
+
}): { siteKey: string } | null {
|
|
27
|
+
if (env.CAPTCHA_SITE_KEY) {
|
|
28
|
+
return { siteKey: env.CAPTCHA_SITE_KEY };
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
const config = parseConfig();
|
|
32
|
+
const captchaCfg = (config as { captcha?: { siteKey?: string } }).captcha;
|
|
33
|
+
if (captchaCfg?.siteKey) {
|
|
34
|
+
return { siteKey: captchaCfg.siteKey };
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
return null;
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
describe('parseConfig', () => {
|
|
41
|
+
it('returns empty object when no startup config has been injected', () => {
|
|
42
|
+
expect(parseConfig()).toEqual({});
|
|
43
|
+
});
|
|
44
|
+
|
|
45
|
+
it('returns the injected bundled config', () => {
|
|
46
|
+
const cfg: EdgeBaseConfig = {
|
|
47
|
+
databases: {
|
|
48
|
+
shared: {
|
|
49
|
+
tables: {
|
|
50
|
+
posts: {},
|
|
51
|
+
},
|
|
52
|
+
},
|
|
53
|
+
},
|
|
54
|
+
};
|
|
55
|
+
|
|
56
|
+
setConfig(cfg);
|
|
57
|
+
|
|
58
|
+
expect(parseConfig()).toBe(cfg);
|
|
59
|
+
});
|
|
60
|
+
|
|
61
|
+
it('ignores unrelated runtime input and keeps singleton config authoritative', () => {
|
|
62
|
+
setConfig({ databases: { shared: { tables: { posts: {} } } } } as EdgeBaseConfig);
|
|
63
|
+
|
|
64
|
+
expect(parseConfig({ arbitrary: true })).toEqual({
|
|
65
|
+
databases: { shared: { tables: { posts: {} } } },
|
|
66
|
+
});
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
it('empty injected config stays authoritative', () => {
|
|
70
|
+
setConfig({} as EdgeBaseConfig);
|
|
71
|
+
|
|
72
|
+
expect(parseConfig({ arbitrary: true })).toEqual({});
|
|
73
|
+
});
|
|
74
|
+
|
|
75
|
+
it('request-scoped EDGEBASE_CONFIG overrides singleton config', () => {
|
|
76
|
+
setConfig({ databases: { shared: { tables: { posts: {} } } } } as EdgeBaseConfig);
|
|
77
|
+
|
|
78
|
+
expect(parseConfig({
|
|
79
|
+
EDGEBASE_CONFIG: JSON.stringify({
|
|
80
|
+
databases: {
|
|
81
|
+
shared: {
|
|
82
|
+
tables: {
|
|
83
|
+
comments: {
|
|
84
|
+
schema: {
|
|
85
|
+
body: { type: 'string' },
|
|
86
|
+
},
|
|
87
|
+
},
|
|
88
|
+
},
|
|
89
|
+
},
|
|
90
|
+
},
|
|
91
|
+
}),
|
|
92
|
+
})).toEqual({
|
|
93
|
+
databases: {
|
|
94
|
+
shared: {
|
|
95
|
+
tables: {
|
|
96
|
+
comments: {
|
|
97
|
+
schema: {
|
|
98
|
+
body: { type: 'string' },
|
|
99
|
+
},
|
|
100
|
+
},
|
|
101
|
+
},
|
|
102
|
+
},
|
|
103
|
+
},
|
|
104
|
+
});
|
|
105
|
+
});
|
|
106
|
+
|
|
107
|
+
it('fresh module without startup config returns empty object', async () => {
|
|
108
|
+
const fresh = await loadFreshDoRouter();
|
|
109
|
+
expect(fresh.parseConfig({ arbitrary: true })).toEqual({});
|
|
110
|
+
});
|
|
111
|
+
|
|
112
|
+
it('fresh module reads request-scoped EDGEBASE_CONFIG when present', async () => {
|
|
113
|
+
const fresh = await loadFreshDoRouter();
|
|
114
|
+
expect(fresh.parseConfig({
|
|
115
|
+
EDGEBASE_CONFIG: JSON.stringify({
|
|
116
|
+
databases: {
|
|
117
|
+
shared: {
|
|
118
|
+
tables: {
|
|
119
|
+
posts: {
|
|
120
|
+
schema: {
|
|
121
|
+
title: { type: 'string' },
|
|
122
|
+
},
|
|
123
|
+
},
|
|
124
|
+
},
|
|
125
|
+
},
|
|
126
|
+
},
|
|
127
|
+
}),
|
|
128
|
+
})).toEqual({
|
|
129
|
+
databases: {
|
|
130
|
+
shared: {
|
|
131
|
+
tables: {
|
|
132
|
+
posts: {
|
|
133
|
+
schema: {
|
|
134
|
+
title: { type: 'string' },
|
|
135
|
+
},
|
|
136
|
+
},
|
|
137
|
+
},
|
|
138
|
+
},
|
|
139
|
+
},
|
|
140
|
+
});
|
|
141
|
+
});
|
|
142
|
+
|
|
143
|
+
it('accepts request-scoped EDGEBASE_CONFIG when Wrangler provides it as an object binding', () => {
|
|
144
|
+
setConfig({ databases: { from: 'singleton' } } as EdgeBaseConfig);
|
|
145
|
+
|
|
146
|
+
expect(parseConfig({
|
|
147
|
+
EDGEBASE_CONFIG: {
|
|
148
|
+
databases: {
|
|
149
|
+
shared: {
|
|
150
|
+
tables: {
|
|
151
|
+
posts: {
|
|
152
|
+
schema: {
|
|
153
|
+
title: { type: 'string' },
|
|
154
|
+
},
|
|
155
|
+
},
|
|
156
|
+
},
|
|
157
|
+
},
|
|
158
|
+
},
|
|
159
|
+
},
|
|
160
|
+
})).toEqual({
|
|
161
|
+
databases: {
|
|
162
|
+
shared: {
|
|
163
|
+
tables: {
|
|
164
|
+
posts: {
|
|
165
|
+
schema: {
|
|
166
|
+
title: { type: 'string' },
|
|
167
|
+
},
|
|
168
|
+
},
|
|
169
|
+
},
|
|
170
|
+
},
|
|
171
|
+
},
|
|
172
|
+
});
|
|
173
|
+
});
|
|
174
|
+
});
|
|
175
|
+
|
|
176
|
+
describe('startup config resolution', () => {
|
|
177
|
+
it('prefers process env EDGEBASE_CONFIG over generated or test config', async () => {
|
|
178
|
+
const resolved = await resolveStartupConfig(
|
|
179
|
+
{
|
|
180
|
+
databases: {
|
|
181
|
+
shared: {
|
|
182
|
+
tables: {
|
|
183
|
+
generated: {},
|
|
184
|
+
},
|
|
185
|
+
},
|
|
186
|
+
},
|
|
187
|
+
},
|
|
188
|
+
async () => ({
|
|
189
|
+
default: {
|
|
190
|
+
databases: {
|
|
191
|
+
shared: {
|
|
192
|
+
tables: {
|
|
193
|
+
fromTest: {},
|
|
194
|
+
},
|
|
195
|
+
},
|
|
196
|
+
},
|
|
197
|
+
},
|
|
198
|
+
}),
|
|
199
|
+
{
|
|
200
|
+
EDGEBASE_CONFIG: JSON.stringify({
|
|
201
|
+
databases: {
|
|
202
|
+
shared: {
|
|
203
|
+
tables: {
|
|
204
|
+
fromEnv: {},
|
|
205
|
+
},
|
|
206
|
+
},
|
|
207
|
+
},
|
|
208
|
+
}),
|
|
209
|
+
},
|
|
210
|
+
);
|
|
211
|
+
|
|
212
|
+
expect(resolved).toEqual({
|
|
213
|
+
databases: {
|
|
214
|
+
shared: {
|
|
215
|
+
tables: {
|
|
216
|
+
fromEnv: {},
|
|
217
|
+
},
|
|
218
|
+
},
|
|
219
|
+
},
|
|
220
|
+
});
|
|
221
|
+
});
|
|
222
|
+
|
|
223
|
+
it('prefers generated config over test config when no process env config exists', async () => {
|
|
224
|
+
const resolved = await resolveStartupConfig(
|
|
225
|
+
{
|
|
226
|
+
databases: {
|
|
227
|
+
shared: {
|
|
228
|
+
tables: {
|
|
229
|
+
generated: {},
|
|
230
|
+
},
|
|
231
|
+
},
|
|
232
|
+
},
|
|
233
|
+
},
|
|
234
|
+
async () => ({
|
|
235
|
+
default: {
|
|
236
|
+
databases: {
|
|
237
|
+
shared: {
|
|
238
|
+
tables: {
|
|
239
|
+
fromTest: {},
|
|
240
|
+
},
|
|
241
|
+
},
|
|
242
|
+
},
|
|
243
|
+
},
|
|
244
|
+
}),
|
|
245
|
+
{},
|
|
246
|
+
);
|
|
247
|
+
|
|
248
|
+
expect(resolved).toEqual({
|
|
249
|
+
databases: {
|
|
250
|
+
shared: {
|
|
251
|
+
tables: {
|
|
252
|
+
generated: {},
|
|
253
|
+
},
|
|
254
|
+
},
|
|
255
|
+
},
|
|
256
|
+
});
|
|
257
|
+
});
|
|
258
|
+
|
|
259
|
+
it('prefers test config in vitest environments', async () => {
|
|
260
|
+
const resolved = await resolveStartupConfig(
|
|
261
|
+
{
|
|
262
|
+
databases: {
|
|
263
|
+
shared: {
|
|
264
|
+
tables: {
|
|
265
|
+
generated: {},
|
|
266
|
+
},
|
|
267
|
+
},
|
|
268
|
+
},
|
|
269
|
+
},
|
|
270
|
+
async () => ({
|
|
271
|
+
default: {
|
|
272
|
+
databases: {
|
|
273
|
+
shared: {
|
|
274
|
+
tables: {
|
|
275
|
+
fromTest: {},
|
|
276
|
+
},
|
|
277
|
+
},
|
|
278
|
+
},
|
|
279
|
+
},
|
|
280
|
+
}),
|
|
281
|
+
{ VITEST: 'true' },
|
|
282
|
+
);
|
|
283
|
+
|
|
284
|
+
expect(resolved).toEqual({
|
|
285
|
+
databases: {
|
|
286
|
+
shared: {
|
|
287
|
+
tables: {
|
|
288
|
+
fromTest: {},
|
|
289
|
+
},
|
|
290
|
+
},
|
|
291
|
+
},
|
|
292
|
+
});
|
|
293
|
+
});
|
|
294
|
+
|
|
295
|
+
it('prefers test config when explicitly requested by the caller', async () => {
|
|
296
|
+
const resolved = await resolveStartupConfig(
|
|
297
|
+
{
|
|
298
|
+
databases: {
|
|
299
|
+
shared: {
|
|
300
|
+
tables: {
|
|
301
|
+
generated: {},
|
|
302
|
+
},
|
|
303
|
+
},
|
|
304
|
+
},
|
|
305
|
+
},
|
|
306
|
+
async () => ({
|
|
307
|
+
default: {
|
|
308
|
+
databases: {
|
|
309
|
+
shared: {
|
|
310
|
+
tables: {
|
|
311
|
+
fromTest: {},
|
|
312
|
+
},
|
|
313
|
+
},
|
|
314
|
+
},
|
|
315
|
+
},
|
|
316
|
+
}),
|
|
317
|
+
{},
|
|
318
|
+
{ preferTestConfig: true },
|
|
319
|
+
);
|
|
320
|
+
|
|
321
|
+
expect(resolved).toEqual({
|
|
322
|
+
databases: {
|
|
323
|
+
shared: {
|
|
324
|
+
tables: {
|
|
325
|
+
fromTest: {},
|
|
326
|
+
},
|
|
327
|
+
},
|
|
328
|
+
},
|
|
329
|
+
});
|
|
330
|
+
});
|
|
331
|
+
|
|
332
|
+
it('falls back to test config when generated config is empty', async () => {
|
|
333
|
+
const resolved = await resolveStartupConfig(
|
|
334
|
+
{},
|
|
335
|
+
async () => ({
|
|
336
|
+
default: {
|
|
337
|
+
databases: {
|
|
338
|
+
shared: {
|
|
339
|
+
tables: {
|
|
340
|
+
fromTest: {},
|
|
341
|
+
},
|
|
342
|
+
},
|
|
343
|
+
},
|
|
344
|
+
},
|
|
345
|
+
}),
|
|
346
|
+
{},
|
|
347
|
+
);
|
|
348
|
+
|
|
349
|
+
expect(resolved).toEqual({
|
|
350
|
+
databases: {
|
|
351
|
+
shared: {
|
|
352
|
+
tables: {
|
|
353
|
+
fromTest: {},
|
|
354
|
+
},
|
|
355
|
+
},
|
|
356
|
+
},
|
|
357
|
+
});
|
|
358
|
+
});
|
|
359
|
+
|
|
360
|
+
it('returns generated config when test config is unavailable', async () => {
|
|
361
|
+
const resolved = await resolveStartupConfig(
|
|
362
|
+
{
|
|
363
|
+
databases: {
|
|
364
|
+
shared: {
|
|
365
|
+
tables: {
|
|
366
|
+
generated: {},
|
|
367
|
+
},
|
|
368
|
+
},
|
|
369
|
+
},
|
|
370
|
+
},
|
|
371
|
+
async () => {
|
|
372
|
+
throw new Error('missing');
|
|
373
|
+
},
|
|
374
|
+
{},
|
|
375
|
+
);
|
|
376
|
+
|
|
377
|
+
expect(resolved).toEqual({
|
|
378
|
+
databases: {
|
|
379
|
+
shared: {
|
|
380
|
+
tables: {
|
|
381
|
+
generated: {},
|
|
382
|
+
},
|
|
383
|
+
},
|
|
384
|
+
},
|
|
385
|
+
});
|
|
386
|
+
});
|
|
387
|
+
|
|
388
|
+
it('parses process env config safely', () => {
|
|
389
|
+
expect(parseProcessEnvConfig({
|
|
390
|
+
EDGEBASE_CONFIG: '{"databases":{"shared":{"tables":{"posts":{}}}}}',
|
|
391
|
+
})).toEqual({
|
|
392
|
+
databases: {
|
|
393
|
+
shared: {
|
|
394
|
+
tables: {
|
|
395
|
+
posts: {},
|
|
396
|
+
},
|
|
397
|
+
},
|
|
398
|
+
},
|
|
399
|
+
});
|
|
400
|
+
});
|
|
401
|
+
});
|
|
402
|
+
|
|
403
|
+
describe('public captcha config resolution', () => {
|
|
404
|
+
it('uses CAPTCHA_SITE_KEY when present', () => {
|
|
405
|
+
expect(getCaptchaFromRuntime({ CAPTCHA_SITE_KEY: '0x12345' })).toEqual({
|
|
406
|
+
siteKey: '0x12345',
|
|
407
|
+
});
|
|
408
|
+
});
|
|
409
|
+
|
|
410
|
+
it('prefers CAPTCHA_SITE_KEY over bundled captcha config', () => {
|
|
411
|
+
setConfig({ captcha: { siteKey: 'config-key' } } as EdgeBaseConfig);
|
|
412
|
+
|
|
413
|
+
expect(getCaptchaFromRuntime({ CAPTCHA_SITE_KEY: 'env-key' })).toEqual({
|
|
414
|
+
siteKey: 'env-key',
|
|
415
|
+
});
|
|
416
|
+
});
|
|
417
|
+
|
|
418
|
+
it('falls back to bundled captcha config', () => {
|
|
419
|
+
setConfig({ captcha: { siteKey: 'config-site-key' } } as EdgeBaseConfig);
|
|
420
|
+
|
|
421
|
+
expect(getCaptchaFromRuntime({})).toEqual({
|
|
422
|
+
siteKey: 'config-site-key',
|
|
423
|
+
});
|
|
424
|
+
});
|
|
425
|
+
|
|
426
|
+
it('returns null when no captcha config exists', () => {
|
|
427
|
+
setConfig({ auth: {} } as EdgeBaseConfig);
|
|
428
|
+
|
|
429
|
+
expect(getCaptchaFromRuntime({})).toBeNull();
|
|
430
|
+
});
|
|
431
|
+
});
|
|
432
|
+
|
|
433
|
+
describe('config materialization', () => {
|
|
434
|
+
it('accepts empty config', () => {
|
|
435
|
+
setConfig({} as EdgeBaseConfig);
|
|
436
|
+
|
|
437
|
+
expect(parseConfig()).toEqual({});
|
|
438
|
+
});
|
|
439
|
+
|
|
440
|
+
it('preserves nested config structure', () => {
|
|
441
|
+
const cfg: EdgeBaseConfig = {
|
|
442
|
+
databases: {
|
|
443
|
+
shared: {
|
|
444
|
+
tables: {
|
|
445
|
+
users: { schema: { name: { type: 'string' } } },
|
|
446
|
+
},
|
|
447
|
+
},
|
|
448
|
+
},
|
|
449
|
+
auth: { passwordPolicy: { minLength: 12 } },
|
|
450
|
+
};
|
|
451
|
+
|
|
452
|
+
setConfig(cfg);
|
|
453
|
+
|
|
454
|
+
expect(parseConfig()).toBe(cfg);
|
|
455
|
+
});
|
|
456
|
+
});
|
|
457
|
+
|
|
458
|
+
describe('config route cache headers', () => {
|
|
459
|
+
it('uses public cache header', () => {
|
|
460
|
+
const header = 'public, max-age=60, s-maxage=60';
|
|
461
|
+
expect(header).toContain('public');
|
|
462
|
+
expect(header).toContain('max-age=60');
|
|
463
|
+
});
|
|
464
|
+
|
|
465
|
+
it('uses CDN cache header', () => {
|
|
466
|
+
const header = 'public, max-age=60';
|
|
467
|
+
expect(header).toContain('public');
|
|
468
|
+
});
|
|
469
|
+
});
|
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Regression tests for CORS helpers.
|
|
3
|
+
*
|
|
4
|
+
* Key regression: when user explicitly configures cors.origin,
|
|
5
|
+
* localhost must NOT be auto-allowed as an override.
|
|
6
|
+
*/
|
|
7
|
+
import { describe, it, expect } from 'vitest';
|
|
8
|
+
import { Hono } from 'hono';
|
|
9
|
+
import { setConfig } from '../lib/do-router.js';
|
|
10
|
+
import { corsMiddleware, decorateResponseHeaders, isOriginAllowed, wildcardToRegex } from '../middleware/cors.js';
|
|
11
|
+
|
|
12
|
+
// ─── wildcardToRegex ───
|
|
13
|
+
|
|
14
|
+
describe('wildcardToRegex', () => {
|
|
15
|
+
it('matches wildcard subdomain pattern', () => {
|
|
16
|
+
const re = wildcardToRegex('*.example.com');
|
|
17
|
+
expect(re.test('https://app.example.com')).toBe(true);
|
|
18
|
+
expect(re.test('http://app.example.com')).toBe(true);
|
|
19
|
+
expect(re.test('https://sub.app.example.com')).toBe(true);
|
|
20
|
+
expect(re.test('https://evil.com')).toBe(false);
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
it('escapes dots in pattern', () => {
|
|
24
|
+
const re = wildcardToRegex('app.example.com');
|
|
25
|
+
// Should NOT match appXexampleXcom (dots are literal)
|
|
26
|
+
expect(re.test('https://appXexampleXcom')).toBe(false);
|
|
27
|
+
expect(re.test('https://app.example.com')).toBe(true);
|
|
28
|
+
});
|
|
29
|
+
});
|
|
30
|
+
|
|
31
|
+
// ─── isOriginAllowed ───
|
|
32
|
+
|
|
33
|
+
describe('isOriginAllowed', () => {
|
|
34
|
+
it('allows everything with wildcard "*"', () => {
|
|
35
|
+
expect(isOriginAllowed('https://anything.com', '*')).toBe(true);
|
|
36
|
+
});
|
|
37
|
+
|
|
38
|
+
it('matches exact origin', () => {
|
|
39
|
+
expect(isOriginAllowed('https://app.example.com', 'https://app.example.com')).toBe(true);
|
|
40
|
+
expect(isOriginAllowed('https://other.com', 'https://app.example.com')).toBe(false);
|
|
41
|
+
});
|
|
42
|
+
|
|
43
|
+
it('matches against array of origins', () => {
|
|
44
|
+
const origins = ['https://app.example.com', 'https://staging.example.com'];
|
|
45
|
+
expect(isOriginAllowed('https://app.example.com', origins)).toBe(true);
|
|
46
|
+
expect(isOriginAllowed('https://staging.example.com', origins)).toBe(true);
|
|
47
|
+
expect(isOriginAllowed('https://evil.com', origins)).toBe(false);
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
it('supports wildcard patterns in array', () => {
|
|
51
|
+
const origins = ['*.example.com'];
|
|
52
|
+
expect(isOriginAllowed('https://app.example.com', origins)).toBe(true);
|
|
53
|
+
expect(isOriginAllowed('https://evil.com', origins)).toBe(false);
|
|
54
|
+
});
|
|
55
|
+
|
|
56
|
+
// ── REGRESSION: localhost must NOT be allowed when not in config ──
|
|
57
|
+
it('rejects localhost when not in configured origins', () => {
|
|
58
|
+
const origins = ['https://app.example.com'];
|
|
59
|
+
expect(isOriginAllowed('http://localhost:3000', origins)).toBe(false);
|
|
60
|
+
expect(isOriginAllowed('http://127.0.0.1:3000', origins)).toBe(false);
|
|
61
|
+
});
|
|
62
|
+
|
|
63
|
+
it('allows localhost only when explicitly configured', () => {
|
|
64
|
+
const origins = ['https://app.example.com', 'http://localhost:3000'];
|
|
65
|
+
expect(isOriginAllowed('http://localhost:3000', origins)).toBe(true);
|
|
66
|
+
});
|
|
67
|
+
});
|
|
68
|
+
|
|
69
|
+
describe('corsMiddleware', () => {
|
|
70
|
+
it('applies CORS headers to downstream JSON responses', async () => {
|
|
71
|
+
setConfig({
|
|
72
|
+
cors: {
|
|
73
|
+
origin: ['http://localhost:5174'],
|
|
74
|
+
credentials: true,
|
|
75
|
+
},
|
|
76
|
+
});
|
|
77
|
+
|
|
78
|
+
const app = new Hono();
|
|
79
|
+
app.use('*', corsMiddleware as never);
|
|
80
|
+
app.get('/json', (c) => c.json({ ok: true }));
|
|
81
|
+
|
|
82
|
+
const res = await app.request('http://localhost/json', {
|
|
83
|
+
headers: { Origin: 'http://localhost:5174' },
|
|
84
|
+
});
|
|
85
|
+
|
|
86
|
+
expect(res.headers.get('Access-Control-Allow-Origin')).toBe('http://localhost:5174');
|
|
87
|
+
expect(res.headers.get('Access-Control-Allow-Credentials')).toBe('true');
|
|
88
|
+
expect(res.headers.get('Vary')).toBe('Origin');
|
|
89
|
+
});
|
|
90
|
+
|
|
91
|
+
it('applies CORS headers even when downstream returns a raw Response', async () => {
|
|
92
|
+
setConfig({
|
|
93
|
+
cors: {
|
|
94
|
+
origin: ['http://localhost:5174'],
|
|
95
|
+
credentials: true,
|
|
96
|
+
},
|
|
97
|
+
});
|
|
98
|
+
|
|
99
|
+
const app = new Hono();
|
|
100
|
+
app.use('*', corsMiddleware as never);
|
|
101
|
+
app.get('/raw', () => new Response(JSON.stringify({ ok: true }), {
|
|
102
|
+
headers: { 'Content-Type': 'application/json' },
|
|
103
|
+
}));
|
|
104
|
+
|
|
105
|
+
const res = await app.request('http://localhost/raw', {
|
|
106
|
+
headers: { Origin: 'http://localhost:5174' },
|
|
107
|
+
});
|
|
108
|
+
|
|
109
|
+
expect(res.headers.get('Access-Control-Allow-Origin')).toBe('http://localhost:5174');
|
|
110
|
+
expect(res.headers.get('Access-Control-Allow-Credentials')).toBe('true');
|
|
111
|
+
expect(res.headers.get('Vary')).toBe('Origin');
|
|
112
|
+
});
|
|
113
|
+
|
|
114
|
+
it('includes canonical auth headers in preflight allow-headers', async () => {
|
|
115
|
+
setConfig({
|
|
116
|
+
cors: {
|
|
117
|
+
origin: ['http://localhost:5174'],
|
|
118
|
+
credentials: true,
|
|
119
|
+
},
|
|
120
|
+
});
|
|
121
|
+
|
|
122
|
+
const app = new Hono();
|
|
123
|
+
app.use('*', corsMiddleware as never);
|
|
124
|
+
app.options('/preflight', (c) => c.body(null, 204));
|
|
125
|
+
|
|
126
|
+
const res = await app.request('http://localhost/preflight', {
|
|
127
|
+
method: 'OPTIONS',
|
|
128
|
+
headers: {
|
|
129
|
+
Origin: 'http://localhost:5174',
|
|
130
|
+
'Access-Control-Request-Method': 'POST',
|
|
131
|
+
'Access-Control-Request-Headers': 'X-EdgeBase-Service-Key',
|
|
132
|
+
},
|
|
133
|
+
});
|
|
134
|
+
|
|
135
|
+
expect(res.headers.get('Access-Control-Allow-Headers')).toContain('X-EdgeBase-Service-Key');
|
|
136
|
+
});
|
|
137
|
+
|
|
138
|
+
it('leaves websocket upgrade responses untouched', () => {
|
|
139
|
+
const upgradeResponse = {
|
|
140
|
+
status: 101,
|
|
141
|
+
headers: new Headers(),
|
|
142
|
+
} as Response;
|
|
143
|
+
|
|
144
|
+
const decorated = decorateResponseHeaders(upgradeResponse, {
|
|
145
|
+
allowOrigin: 'http://localhost:5174',
|
|
146
|
+
allowMethods: 'GET, POST',
|
|
147
|
+
allowHeaders: 'Content-Type',
|
|
148
|
+
allowCredentials: true,
|
|
149
|
+
maxAge: '86400',
|
|
150
|
+
});
|
|
151
|
+
|
|
152
|
+
expect(decorated).toBe(upgradeResponse);
|
|
153
|
+
});
|
|
154
|
+
});
|