@ereo/rpc 0.1.6

package/dist/src/index.js

@@ -0,0 +1,616 @@
+// @bun
+// src/procedure.ts
+function createProcedureBuilder(middlewares = []) {
+  return {
+    use(middleware) {
+      return createProcedureBuilder([
+        ...middlewares,
+        { fn: middleware }
+      ]);
+    },
+    query(schemaOrHandler, maybeHandler) {
+      if (typeof schemaOrHandler === "function") {
+        return {
+          _type: "query",
+          _ctx: undefined,
+          _input: undefined,
+          _output: undefined,
+          middlewares: [...middlewares],
+          handler: schemaOrHandler
+        };
+      }
+      return {
+        _type: "query",
+        _ctx: undefined,
+        _input: undefined,
+        _output: undefined,
+        middlewares: [...middlewares],
+        inputSchema: schemaOrHandler,
+        handler: maybeHandler
+      };
+    },
+    mutation(schemaOrHandler, maybeHandler) {
+      if (typeof schemaOrHandler === "function") {
+        return {
+          _type: "mutation",
+          _ctx: undefined,
+          _input: undefined,
+          _output: undefined,
+          middlewares: [...middlewares],
+          handler: schemaOrHandler
+        };
+      }
+      return {
+        _type: "mutation",
+        _ctx: undefined,
+        _input: undefined,
+        _output: undefined,
+        middlewares: [...middlewares],
+        inputSchema: schemaOrHandler,
+        handler: maybeHandler
+      };
+    },
+    subscription(schemaOrHandler, maybeHandler) {
+      if (typeof schemaOrHandler === "function") {
+        return {
+          _type: "subscription",
+          _ctx: undefined,
+          _input: undefined,
+          _output: undefined,
+          middlewares: [...middlewares],
+          handler: schemaOrHandler
+        };
+      }
+      return {
+        _type: "subscription",
+        _ctx: undefined,
+        _input: undefined,
+        _output: undefined,
+        middlewares: [...middlewares],
+        inputSchema: schemaOrHandler,
+        handler: maybeHandler
+      };
+    }
+  };
+}
+var procedure = createProcedureBuilder();
+async function executeMiddleware(middlewares, initialCtx) {
+  let currentCtx = initialCtx;
+  for (const middleware of middlewares) {
+    const result = await middleware.fn({
+      ctx: currentCtx,
+      next: (ctx) => ({ ok: true, ctx })
+    });
+    if (!result.ok) {
+      return result;
+    }
+    currentCtx = result.ctx;
+  }
+  return { ok: true, ctx: currentCtx };
+}
+function query(schemaOrHandler, maybeHandler) {
+  if (typeof schemaOrHandler === "function") {
+    return procedure.query(schemaOrHandler);
+  }
+  return procedure.query(schemaOrHandler, maybeHandler);
+}
+function mutation(schemaOrHandler, maybeHandler) {
+  if (typeof schemaOrHandler === "function") {
+    return procedure.mutation(schemaOrHandler);
+  }
+  return procedure.mutation(schemaOrHandler, maybeHandler);
+}
+function subscription(schemaOrHandler, maybeHandler) {
+  if (typeof schemaOrHandler === "function") {
+    return procedure.subscription(schemaOrHandler);
+  }
+  return procedure.subscription(schemaOrHandler, maybeHandler);
+}
+// src/router.ts
+function createRouter(def) {
+  return {
+    _def: def,
+    handler: createHttpHandler(def),
+    websocket: createWebSocketHandler(def)
+  };
+}
+function createHttpHandler(def) {
+  return async (request, ctx) => {
+    let rpcRequest;
+    try {
+      if (request.method === "GET") {
+        const url = new URL(request.url);
+        const path = url.searchParams.get("path")?.split(".") ?? [];
+        const inputRaw = url.searchParams.get("input");
+        rpcRequest = {
+          path,
+          type: "query",
+          input: inputRaw ? JSON.parse(inputRaw) : undefined
+        };
+      } else {
+        rpcRequest = await request.json();
+      }
+    } catch {
+      return jsonResponse({
+        ok: false,
+        error: { code: "PARSE_ERROR", message: "Invalid RPC request" }
+      }, 400);
+    }
+    const procedure2 = resolveProcedure(def, rpcRequest.path);
+    if (!procedure2) {
+      return jsonResponse({
+        ok: false,
+        error: { code: "NOT_FOUND", message: `Procedure not found: ${rpcRequest.path.join(".")}` }
+      }, 404);
+    }
+    if (procedure2._type === "subscription") {
+      return jsonResponse({
+        ok: false,
+        error: { code: "METHOD_NOT_ALLOWED", message: "Subscriptions must use WebSocket" }
+      }, 400);
+    }
+    if (procedure2._type !== rpcRequest.type) {
+      return jsonResponse({
+        ok: false,
+        error: { code: "METHOD_MISMATCH", message: `Expected ${procedure2._type}, got ${rpcRequest.type}` }
+      }, 400);
+    }
+    const baseContext = { ctx, request };
+    const middlewareResult = await executeMiddleware(procedure2.middlewares, baseContext);
+    if (!middlewareResult.ok) {
+      return jsonResponse({ ok: false, error: middlewareResult.error }, 400);
+    }
+    let input = rpcRequest.input;
+    if (procedure2.inputSchema) {
+      try {
+        input = procedure2.inputSchema.parse(rpcRequest.input);
+      } catch (error) {
+        const sanitizedError = sanitizeValidationError(error);
+        return jsonResponse({
+          ok: false,
+          error: { code: "VALIDATION_ERROR", message: "Input validation failed", details: sanitizedError }
+        }, 400);
+      }
+    }
+    try {
+      const result = await procedure2.handler({ ...middlewareResult.ctx, input });
+      return jsonResponse({ ok: true, data: result });
+    } catch (error) {
+      if (error instanceof RPCError) {
+        return jsonResponse({ ok: false, error: { code: error.code, message: error.message } }, error.status);
+      }
+      console.error(`RPC error [${rpcRequest.path.join(".")}]:`, error);
+      return jsonResponse({
+        ok: false,
+        error: { code: "INTERNAL_ERROR", message: "An unexpected error occurred" }
+      }, 500);
+    }
+  };
+}
+function createWebSocketHandler(def) {
+  return {
+    open(ws) {
+      ws.data.subscriptions = new Map;
+    },
+    async message(ws, message) {
+      let msg;
+      try {
+        msg = JSON.parse(typeof message === "string" ? message : message.toString());
+      } catch {
+        sendError(ws, "", "PARSE_ERROR", "Invalid message format");
+        return;
+      }
+      if (msg.type === "ping") {
+        const pongMsg = { type: "pong" };
+        ws.send(JSON.stringify(pongMsg));
+        return;
+      }
+      if (msg.type === "subscribe") {
+        await handleSubscribe(ws, def, msg);
+      } else if (msg.type === "unsubscribe") {
+        handleUnsubscribe(ws, msg.id);
+      }
+    },
+    close(ws) {
+      for (const [, controller] of ws.data.subscriptions) {
+        controller.abort();
+      }
+      ws.data.subscriptions.clear();
+    }
+  };
+}
+async function handleSubscribe(ws, def, msg) {
+  const { id, path, input } = msg;
+  if (ws.data.subscriptions.has(id)) {
+    sendError(ws, id, "DUPLICATE_ID", "Subscription ID already in use");
+    return;
+  }
+  const procedure2 = resolveProcedure(def, path);
+  if (!procedure2) {
+    sendError(ws, id, "NOT_FOUND", `Procedure not found: ${path.join(".")}`);
+    return;
+  }
+  if (procedure2._type !== "subscription") {
+    sendError(ws, id, "METHOD_MISMATCH", "Procedure is not a subscription");
+    return;
+  }
+  const baseContext = {
+    ctx: ws.data.ctx,
+    request: ws.data.originalRequest ?? new Request("ws://localhost")
+  };
+  const middlewareResult = await executeMiddleware(procedure2.middlewares, baseContext);
+  if (!middlewareResult.ok) {
+    sendError(ws, id, middlewareResult.error.code, middlewareResult.error.message);
+    return;
+  }
+  let validatedInput = input;
+  if (procedure2.inputSchema) {
+    try {
+      validatedInput = procedure2.inputSchema.parse(input);
+    } catch {
+      sendError(ws, id, "VALIDATION_ERROR", "Input validation failed");
+      return;
+    }
+  }
+  const controller = new AbortController;
+  ws.data.subscriptions.set(id, controller);
+  const sub = procedure2;
+  try {
+    const generator = sub.handler({ ...middlewareResult.ctx, input: validatedInput });
+    (async () => {
+      try {
+        for await (const value of generator) {
+          if (controller.signal.aborted)
+            break;
+          const msg2 = { type: "data", id, data: value };
+          ws.send(JSON.stringify(msg2));
+        }
+        if (!controller.signal.aborted) {
+          const msg2 = { type: "complete", id };
+          ws.send(JSON.stringify(msg2));
+        }
+      } catch (error) {
+        if (!controller.signal.aborted) {
+          const errorMsg = error instanceof Error ? error.message : "Subscription error";
+          sendError(ws, id, "SUBSCRIPTION_ERROR", errorMsg);
+        }
+      } finally {
+        ws.data.subscriptions.delete(id);
+      }
+    })();
+  } catch (error) {
+    ws.data.subscriptions.delete(id);
+    const errorMsg = error instanceof Error ? error.message : "Failed to start subscription";
+    sendError(ws, id, "SUBSCRIPTION_ERROR", errorMsg);
+  }
+}
+function handleUnsubscribe(ws, id) {
+  const controller = ws.data.subscriptions.get(id);
+  if (controller) {
+    controller.abort();
+    ws.data.subscriptions.delete(id);
+  }
+}
+function sendError(ws, id, code, message) {
+  const msg = { type: "error", id, error: { code, message } };
+  ws.send(JSON.stringify(msg));
+}
+function sanitizeValidationError(error) {
+  if (error instanceof Error) {
+    const anyError = error;
+    if (Array.isArray(anyError.issues)) {
+      return anyError.issues.map((issue) => ({
+        path: issue.path,
+        message: issue.message,
+        code: issue.code
+      }));
+    }
+    return { message: error.message };
+  }
+  return { message: "Validation failed" };
+}
+function resolveProcedure(def, path) {
+  let current = def;
+  for (const segment of path) {
+    if (!current || typeof current !== "object" || !(segment in current)) {
+      return null;
+    }
+    current = current[segment];
+  }
+  if (current && typeof current === "object" && "_type" in current) {
+    return current;
+  }
+  return null;
+}
+function jsonResponse(data, status = 200) {
+  return new Response(JSON.stringify(data), {
+    status,
+    headers: { "Content-Type": "application/json" }
+  });
+}
+
+class RPCError extends Error {
+  code;
+  status;
+  constructor(code, message, status = 400) {
+    super(message);
+    this.code = code;
+    this.status = status;
+    this.name = "RPCError";
+  }
+}
+var errors = {
+  unauthorized: (message = "Unauthorized") => new RPCError("UNAUTHORIZED", message, 401),
+  forbidden: (message = "Forbidden") => new RPCError("FORBIDDEN", message, 403),
+  notFound: (message = "Not found") => new RPCError("NOT_FOUND", message, 404),
+  badRequest: (message) => new RPCError("BAD_REQUEST", message, 400)
+};
+// src/plugin.ts
+function rpcPlugin(options) {
+  const { router, endpoint = "/api/rpc" } = options;
+  const rpcMiddleware = async (request, context, next) => {
+    const url = new URL(request.url);
+    if (url.pathname === endpoint) {
+      const upgradeHeader = request.headers.get("Upgrade");
+      if (upgradeHeader?.toLowerCase() === "websocket") {
+        return new Response(null, {
+          status: 101,
+          headers: {
+            "X-Ereo-RPC-Upgrade": "websocket"
+          }
+        });
+      }
+      return router.handler(request, context);
+    }
+    return next();
+  };
+  return {
+    name: "@ereo/rpc",
+    runtimeMiddleware: [rpcMiddleware],
+    virtualModules: {
+      "virtual:ereo-rpc-client": `
+        import { createClient } from '@ereo/rpc/client';
+
+        const wsProtocol = typeof window !== 'undefined' && window.location.protocol === 'https:' ? 'wss:' : 'ws:';
+        const wsEndpoint = typeof window !== 'undefined'
+          ? wsProtocol + '//' + window.location.host + '${endpoint}'
+          : 'ws://localhost:3000${endpoint}';
+
+        export const rpc = createClient({
+          httpEndpoint: '${endpoint}',
+          wsEndpoint,
+        });
+      `
+    },
+    getWebSocketConfig() {
+      return router.websocket;
+    },
+    upgradeToWebSocket(server, request, ctx) {
+      const url = new URL(request.url);
+      if (url.pathname !== endpoint) {
+        return false;
+      }
+      const upgradeHeader = request.headers.get("Upgrade");
+      if (upgradeHeader?.toLowerCase() !== "websocket") {
+        return false;
+      }
+      const data = {
+        subscriptions: new Map,
+        ctx,
+        originalRequest: request
+      };
+      const success = server.upgrade(request, { data });
+      return success;
+    }
+  };
+}
+// src/context-bridge.ts
+var globalContextProvider = null;
+function setContextProvider(provider) {
+  globalContextProvider = provider;
+}
+function getContextProvider() {
+  return globalContextProvider;
+}
+function clearContextProvider() {
+  globalContextProvider = null;
+}
+async function createSharedContext(request) {
+  if (globalContextProvider) {
+    return globalContextProvider(request);
+  }
+  return {};
+}
+function createContextProvider(provider) {
+  return provider;
+}
+function withSharedContext() {
+  return async ({ ctx, next }) => {
+    const sharedCtx = await createSharedContext(ctx.request);
+    return next({ ...ctx, ctx: { ...ctx.ctx, ...sharedCtx } });
+  };
+}
+function useSharedContext() {
+  if (typeof window !== "undefined") {
+    return window.__EREO_SHARED_CONTEXT__ ?? null;
+  }
+  return null;
+}
+// src/middleware.ts
+class RateLimitStore {
+  stores = new Map;
+  cleanupInterval = null;
+  CLEANUP_INTERVAL_MS = 60000;
+  getStore(windowMs) {
+    const key = String(windowMs);
+    let store = this.stores.get(key);
+    if (!store) {
+      store = new Map;
+      this.stores.set(key, store);
+      this.scheduleCleanup();
+    }
+    return store;
+  }
+  scheduleCleanup() {
+    if (this.cleanupInterval)
+      return;
+    this.cleanupInterval = setInterval(() => {
+      const now = Date.now();
+      for (const [windowMsStr, store] of this.stores) {
+        const windowMs = parseInt(windowMsStr, 10);
+        for (const [key, entry] of store) {
+          if (entry.resetAt < now) {
+            store.delete(key);
+          }
+        }
+        if (store.size === 0) {
+          this.stores.delete(windowMsStr);
+        }
+      }
+      if (this.stores.size === 0 && this.cleanupInterval) {
+        clearInterval(this.cleanupInterval);
+        this.cleanupInterval = null;
+      }
+    }, this.CLEANUP_INTERVAL_MS);
+  }
+  clear() {
+    if (this.cleanupInterval) {
+      clearInterval(this.cleanupInterval);
+      this.cleanupInterval = null;
+    }
+    this.stores.clear();
+  }
+}
+var globalRateLimitStore = new RateLimitStore;
+function logging(options = {}) {
+  const { log = console.log, timing = true } = options;
+  return async ({ ctx, next }) => {
+    const start = timing ? performance.now() : 0;
+    const result = await next(ctx);
+    if (timing) {
+      const duration = (performance.now() - start).toFixed(2);
+      log(`[RPC] ${duration}ms`);
+    } else {
+      log("[RPC] Request completed");
+    }
+    return result;
+  };
+}
+function rateLimit(options) {
+  const {
+    limit,
+    windowMs,
+    keyFn = (ctx) => ctx.request.headers.get("x-forwarded-for") ?? "unknown",
+    message = "Too many requests"
+  } = options;
+  const store = globalRateLimitStore.getStore(windowMs);
+  return async ({ ctx, next }) => {
+    const key = keyFn(ctx);
+    const now = Date.now();
+    let entry = store.get(key);
+    if (!entry || entry.resetAt < now) {
+      entry = { count: 0, resetAt: now + windowMs };
+      store.set(key, entry);
+    }
+    entry.count++;
+    if (entry.count > limit) {
+      return {
+        ok: false,
+        error: { code: "RATE_LIMITED", message }
+      };
+    }
+    return next(ctx);
+  };
+}
+function clearRateLimitStore() {
+  globalRateLimitStore.clear();
+}
+function createAuthMiddleware(getUser, options = {}) {
+  const { message = "Unauthorized" } = options;
+  return async ({ ctx, next }) => {
+    const user = await getUser(ctx);
+    if (!user) {
+      return {
+        ok: false,
+        error: { code: "UNAUTHORIZED", message }
+      };
+    }
+    return next({ ...ctx, user });
+  };
+}
+function requireRoles(roles, options = {}) {
+  const { message = "Insufficient permissions" } = options;
+  return async ({ ctx, next }) => {
+    const userRole = ctx.user?.role;
+    if (!userRole || !roles.includes(userRole)) {
+      return {
+        ok: false,
+        error: { code: "FORBIDDEN", message }
+      };
+    }
+    return next(ctx);
+  };
+}
+function validate(validator) {
+  return async ({ ctx, next }) => {
+    const result = await validator(ctx);
+    if (!result.ok) {
+      return { ok: false, error: result.error };
+    }
+    return next(ctx);
+  };
+}
+function extend(extender) {
+  return async ({ ctx, next }) => {
+    const extension = await extender(ctx);
+    return next({ ...ctx, ...extension });
+  };
+}
+function timing() {
+  return async ({ ctx, next }) => {
+    const start = performance.now();
+    return next({
+      ...ctx,
+      timing: {
+        start,
+        getDuration: () => performance.now() - start
+      }
+    });
+  };
+}
+function catchErrors(handler) {
+  return async ({ ctx, next }) => {
+    try {
+      return await next(ctx);
+    } catch (error) {
+      const errorResult = handler(error);
+      return { ok: false, error: errorResult };
+    }
+  };
+}
+export {
+  withSharedContext,
+  validate,
+  useSharedContext,
+  timing,
+  subscription,
+  setContextProvider,
+  rpcPlugin,
+  requireRoles,
+  rateLimit,
+  query,
+  procedure,
+  mutation,
+  logging,
+  getContextProvider,
+  extend,
+  errors,
+  createSharedContext,
+  createRouter,
+  createContextProvider,
+  createAuthMiddleware,
+  clearRateLimitStore,
+  clearContextProvider,
+  catchErrors,
+  RPCError
+};