@essentialai/cogent-server 3.4.2 → 3.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. package/dist/__tests__/helpers.d.ts +5 -2
  2. package/dist/__tests__/helpers.d.ts.map +1 -1
  3. package/dist/__tests__/helpers.js +11 -4
  4. package/dist/__tests__/helpers.js.map +1 -1
  5. package/dist/__tests__/services/session-store-contract.d.ts +17 -0
  6. package/dist/__tests__/services/session-store-contract.d.ts.map +1 -0
  7. package/dist/__tests__/services/session-store-contract.js +186 -0
  8. package/dist/__tests__/services/session-store-contract.js.map +1 -0
  9. package/dist/app.d.ts +9 -0
  10. package/dist/app.d.ts.map +1 -1
  11. package/dist/app.js +18 -2
  12. package/dist/app.js.map +1 -1
  13. package/dist/config.d.ts +14 -0
  14. package/dist/config.d.ts.map +1 -1
  15. package/dist/config.js +44 -0
  16. package/dist/config.js.map +1 -1
  17. package/dist/contract/control-plane-contract.d.ts +93 -0
  18. package/dist/contract/control-plane-contract.d.ts.map +1 -0
  19. package/dist/contract/control-plane-contract.js +72 -0
  20. package/dist/contract/control-plane-contract.js.map +1 -0
  21. package/dist/db/index.d.ts +5 -0
  22. package/dist/db/index.d.ts.map +1 -0
  23. package/dist/db/index.js +3 -0
  24. package/dist/db/index.js.map +1 -0
  25. package/dist/db/migrate-cli.d.ts +2 -0
  26. package/dist/db/migrate-cli.d.ts.map +1 -0
  27. package/dist/db/migrate-cli.js +54 -0
  28. package/dist/db/migrate-cli.js.map +1 -0
  29. package/dist/db/migrate.d.ts +31 -0
  30. package/dist/db/migrate.d.ts.map +1 -0
  31. package/dist/db/migrate.js +98 -0
  32. package/dist/db/migrate.js.map +1 -0
  33. package/dist/db/migrations/0001_init_sessions.down.sql +4 -0
  34. package/dist/db/migrations/0001_init_sessions.up.sql +46 -0
  35. package/dist/db/migrations/0002_org_quotas.down.sql +2 -0
  36. package/dist/db/migrations/0002_org_quotas.up.sql +13 -0
  37. package/dist/db/pool.d.ts +39 -0
  38. package/dist/db/pool.d.ts.map +1 -0
  39. package/dist/db/pool.js +72 -0
  40. package/dist/db/pool.js.map +1 -0
  41. package/dist/index.js +33 -3
  42. package/dist/index.js.map +1 -1
  43. package/dist/middleware/auth.d.ts.map +1 -1
  44. package/dist/middleware/auth.js +32 -0
  45. package/dist/middleware/auth.js.map +1 -1
  46. package/dist/middleware/control-plane-auth.d.ts +17 -0
  47. package/dist/middleware/control-plane-auth.d.ts.map +1 -0
  48. package/dist/middleware/control-plane-auth.js +35 -0
  49. package/dist/middleware/control-plane-auth.js.map +1 -0
  50. package/dist/routes/control-plane.d.ts +20 -0
  51. package/dist/routes/control-plane.d.ts.map +1 -0
  52. package/dist/routes/control-plane.js +122 -0
  53. package/dist/routes/control-plane.js.map +1 -0
  54. package/dist/routes/messages.d.ts.map +1 -1
  55. package/dist/routes/messages.js +18 -0
  56. package/dist/routes/messages.js.map +1 -1
  57. package/dist/routes/poll.js +2 -2
  58. package/dist/routes/poll.js.map +1 -1
  59. package/dist/routes/sessions.d.ts +22 -1
  60. package/dist/routes/sessions.d.ts.map +1 -1
  61. package/dist/routes/sessions.js +99 -13
  62. package/dist/routes/sessions.js.map +1 -1
  63. package/dist/routes/validation-hook.d.ts +31 -0
  64. package/dist/routes/validation-hook.d.ts.map +1 -1
  65. package/dist/routes/validation-hook.js +3 -0
  66. package/dist/routes/validation-hook.js.map +1 -1
  67. package/dist/services/auth-service.d.ts +5 -45
  68. package/dist/services/auth-service.d.ts.map +1 -1
  69. package/dist/services/auth-service.js +5 -60
  70. package/dist/services/auth-service.js.map +1 -1
  71. package/dist/services/connection-manager.d.ts +15 -0
  72. package/dist/services/connection-manager.d.ts.map +1 -1
  73. package/dist/services/connection-manager.js +29 -0
  74. package/dist/services/connection-manager.js.map +1 -1
  75. package/dist/services/join-rate-limiter.d.ts +50 -0
  76. package/dist/services/join-rate-limiter.d.ts.map +1 -0
  77. package/dist/services/join-rate-limiter.js +89 -0
  78. package/dist/services/join-rate-limiter.js.map +1 -0
  79. package/dist/services/obs-log.d.ts +51 -0
  80. package/dist/services/obs-log.d.ts.map +1 -0
  81. package/dist/services/obs-log.js +93 -0
  82. package/dist/services/obs-log.js.map +1 -0
  83. package/dist/services/session-store-memory.d.ts +60 -0
  84. package/dist/services/session-store-memory.d.ts.map +1 -0
  85. package/dist/services/session-store-memory.js +189 -0
  86. package/dist/services/session-store-memory.js.map +1 -0
  87. package/dist/services/session-store-postgres.d.ts +60 -0
  88. package/dist/services/session-store-postgres.d.ts.map +1 -0
  89. package/dist/services/session-store-postgres.js +393 -0
  90. package/dist/services/session-store-postgres.js.map +1 -0
  91. package/dist/services/session-store.d.ts +73 -5
  92. package/dist/services/session-store.d.ts.map +1 -1
  93. package/dist/services/session-store.js +62 -16
  94. package/dist/services/session-store.js.map +1 -1
  95. package/dist/types.d.ts +13 -0
  96. package/dist/types.d.ts.map +1 -1
  97. package/package.json +11 -6
package/dist/index.js CHANGED
@@ -1,7 +1,9 @@
1
1
  import { serve } from "@hono/node-server";
2
2
  import { loadServerConfig, getServerConfig } from "./config.js";
3
3
  import { AuthService } from "./services/auth-service.js";
4
- import { SessionStore } from "./services/session-store.js";
4
+ import { FileSessionStore } from "./services/session-store.js";
5
+ import { PostgresSessionStore } from "./services/session-store-postgres.js";
6
+ import { createPool, closePool } from "./db/pool.js";
5
7
  import { PeerCleanup } from "./services/peer-cleanup.js";
6
8
  import { ConnectionManager } from "./services/connection-manager.js";
7
9
  import { MessageQueueService } from "./services/message-queue.js";
@@ -27,7 +29,27 @@ async function main() {
27
29
  const config = getServerConfig();
28
30
  // Initialize services
29
31
  const authService = new AuthService(config.BCRYPT_ROUNDS);
30
- const sessionStore = new SessionStore(config.STATE_DIR, config.MAX_MESSAGES_PER_SESSION);
32
+ // Services depend on the SessionStore interface, not the concrete store. The
33
+ // business instance (multiTenant + a DATABASE_URL) persists to Postgres (FR35);
34
+ // the free relay keeps its file store. The pool is created here and closed on
35
+ // shutdown.
36
+ let dbPool;
37
+ let sessionStore;
38
+ if (config.MULTI_TENANT && config.DATABASE_URL) {
39
+ dbPool = createPool({
40
+ connectionString: config.DATABASE_URL,
41
+ max: config.DB_POOL_MAX,
42
+ connectionTimeoutMs: config.DB_CONNECTION_TIMEOUT_MS,
43
+ idleTimeoutMs: config.DB_IDLE_TIMEOUT_MS,
44
+ statementTimeoutMs: config.DB_STATEMENT_TIMEOUT_MS,
45
+ });
46
+ sessionStore = new PostgresSessionStore(dbPool, config.MAX_MESSAGES_PER_SESSION);
47
+ console.error("Session store: Postgres (business instance)");
48
+ }
49
+ else {
50
+ sessionStore = new FileSessionStore(config.STATE_DIR, config.MAX_MESSAGES_PER_SESSION);
51
+ console.error("Session store: file (free instance)");
52
+ }
31
53
  await sessionStore.init();
32
54
  // Create WebSocket-aware services
33
55
  const connectionManager = new ConnectionManager(config.WS_GRACE_PERIOD_MS);
@@ -63,7 +85,10 @@ async function main() {
63
85
  heartbeatMaxMissed: config.WS_HEARTBEAT_MAX_MISSED,
64
86
  adapterRegistry,
65
87
  channelIndex,
88
+ multiTenant: config.MULTI_TENANT,
89
+ controlPlaneToken: config.CONTROL_PLANE_TOKEN ?? null,
66
90
  });
91
+ console.error(`Tenancy mode: ${config.MULTI_TENANT ? "multi-tenant (Business Edition)" : "single-tenant (free)"}`);
67
92
  // Start stale peer cleanup background service
68
93
  const peerCleanup = new PeerCleanup(sessionStore, config.STALE_PEER_TIMEOUT_MS, connectionManager);
69
94
  peerCleanup.start();
@@ -101,7 +126,12 @@ async function main() {
101
126
  console.error("Error during shutdown:", err);
102
127
  process.exit(1);
103
128
  }
104
- process.exit(0);
129
+ // Drain the Postgres pool (business instance only) before exiting.
130
+ const done = () => process.exit(0);
131
+ if (dbPool)
132
+ closePool(dbPool).then(done, done);
133
+ else
134
+ done();
105
135
  });
106
136
  };
107
137
  process.on("SIGTERM", shutdown);
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC;;;;;;;;;GASG;AACH,KAAK,UAAU,IAAI;IACjB,yDAAyD;IACzD,gBAAgB,EAAE,CAAC;IACnB,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IAEjC,sBAAsB;IACtB,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC1D,MAAM,YAAY,GAAG,IAAI,YAAY,CACnC,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,wBAAwB,CAChC,CAAC;IACF,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;IAE1B,kCAAkC;IAClC,MAAM,iBAAiB,GAAG,IAAI,iBAAiB,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAC3E,MAAM,YAAY,GAAG,IAAI,mBAAmB,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAEhF,8DAA8D;IAC9D,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IACzC,OAAO,CAAC,KAAK,CAAC,0BAA0B,YAAY,CAAC,IAAI,aAAa,CAAC,CAAC;IAExE,sFAAsF;IACtF,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,EAAE;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,MAAM,CAAC,CAAC;QAClD,iBAAiB,CAAC,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,kDAAkD;IAClD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,mDAAmD;IACnD,MAAM,aAAa,GAAG,MAAM,CAAC,cAAc,IAAI,IAAI,CAAC;IAEpD,6DAA6D;IAC7D,uEAAuE;IACvE,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAEpG,yEAAyE;IACzE,MAAM,EAAE,GAAG,EAAE,eAAe,EAAE,GAAG,SAAS,CAAC;QACzC,YAAY;QACZ,WAAW;QACX,SAAS;QACT,WAAW,EAAE,MAAM,CAAC,wBAAwB;QAC5C,iBAAiB;QACjB,YAAY;QACZ,YAAY;QACZ,aAAa;QACb,mBAAmB,EAAE,MAAM,CAAC,wBAAwB;QACpD,kBAAkB,EAAE,MAAM,CAAC,uBAAuB;QAClD,eAAe;QACf,YAAY;KACb,CAAC,CAAC;IAEH,8CAA8C;IAC9C,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,YAAY,EAAE,MAAM,CAAC,qBAAqB,EAAE,iBAAiB,CAAC,CAAC;IACnG,WAAW,CAAC,KAAK,EAAE,CAAC;IAEpB,iDAAiD;IACjD,YAAY,CAAC,YAAY,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC;IAE5D,oGAAoG;IACpG,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,YAAY,EAAE,iBAAiB,EAAE,MAAM,CAAC,qBAAqB,CAAC,CAAC;IACzG,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,2BAA2B,CAAC,CAAC;IAEzD,wBAAwB;IACxB,MAAM,MAAM,GAAG,KAAK,CAAC;QACnB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ,EAAE,MAAM,CAAC,IAAI;KACtB,CAAC,CAAC;IAEH,sFAAsF;IACtF,kEAAkE;IAClE,eAAe,CAAC,MAAM,CAAC,CAAC;IAExB,OAAO,CAAC,KAAK,CACX,8BAA8B,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,sBAAsB,CAC/E,CAAC;IAEF,gDAAgD;IAChD,YAAY,CAAC,KAAK,EAAE,CAAC;IAErB,0CAA0C;IAC1C,MAAM,QAAQ,GAAG,GAAG,EAAE;QACpB,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAEhD,2BAA2B;QAC3B,YAAY,CAAC,IAAI,EAAE,CAAC;QACpB,WAAW,CAAC,IAAI,EAAE,CAAC;QACnB,cAAc,CAAC,IAAI,EAAE,CAAC;QACtB,YAAY,CAAC,WAAW,EAAE,CAAC;QAE3B,0CAA0C;QAC1C,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAElD,+FAA+F;QAC/F,iBAAiB,CAAC,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAEpD,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACnB,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACjC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAE/D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAErD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAErC;;;;;;;;;GASG;AACH,KAAK,UAAU,IAAI;IACjB,yDAAyD;IACzD,gBAAgB,EAAE,CAAC;IACnB,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IAEjC,sBAAsB;IACtB,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC1D,6EAA6E;IAC7E,gFAAgF;IAChF,8EAA8E;IAC9E,YAAY;IACZ,IAAI,MAAwB,CAAC;IAC7B,IAAI,YAA0B,CAAC;IAC/B,IAAI,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QAC/C,MAAM,GAAG,UAAU,CAAC;YAClB,gBAAgB,EAAE,MAAM,CAAC,YAAY;YACrC,GAAG,EAAE,MAAM,CAAC,WAAW;YACvB,mBAAmB,EAAE,MAAM,CAAC,wBAAwB;YACpD,aAAa,EAAE,MAAM,CAAC,kBAAkB;YACxC,kBAAkB,EAAE,MAAM,CAAC,uBAAuB;SACnD,CAAC,CAAC;QACH,YAAY,GAAG,IAAI,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,wBAAwB,CAAC,CAAC;QACjF,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,wBAAwB,CAAC,CAAC;QACvF,OAAO,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACvD,CAAC;IACD,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;IAE1B,kCAAkC;IAClC,MAAM,iBAAiB,GAAG,IAAI,iBAAiB,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAC3E,MAAM,YAAY,GAAG,IAAI,mBAAmB,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;IAEhF,8DAA8D;IAC9D,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IACzC,OAAO,CAAC,KAAK,CAAC,0BAA0B,YAAY,CAAC,IAAI,aAAa,CAAC,CAAC;IAExE,sFAAsF;IACtF,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,EAAE;QACvD,MAAM,KAAK,GAAG,2BAA2B,CAAC,MAAM,CAAC,CAAC;QAClD,iBAAiB,CAAC,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,kDAAkD;IAClD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,mDAAmD;IACnD,MAAM,aAAa,GAAG,MAAM,CAAC,cAAc,IAAI,IAAI,CAAC;IAEpD,6DAA6D;IAC7D,uEAAuE;IACvE,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;IAEpG,yEAAyE;IACzE,MAAM,EAAE,GAAG,EAAE,eAAe,EAAE,GAAG,SAAS,CAAC;QACzC,YAAY;QACZ,WAAW;QACX,SAAS;QACT,WAAW,EAAE,MAAM,CAAC,wBAAwB;QAC5C,iBAAiB;QACjB,YAAY;QACZ,YAAY;QACZ,aAAa;QACb,mBAAmB,EAAE,MAAM,CAAC,wBAAwB;QACpD,kBAAkB,EAAE,MAAM,CAAC,uBAAuB;QAClD,eAAe;QACf,YAAY;QACZ,WAAW,EAAE,MAAM,CAAC,YAAY;QAChC,iBAAiB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;KACtD,CAAC,CAAC;IACH,OAAO,CAAC,KAAK,CACX,iBAAiB,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,sBAAsB,EAAE,CACpG,CAAC;IAEF,8CAA8C;IAC9C,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,YAAY,EAAE,MAAM,CAAC,qBAAqB,EAAE,iBAAiB,CAAC,CAAC;IACnG,WAAW,CAAC,KAAK,EAAE,CAAC;IAEpB,iDAAiD;IACjD,YAAY,CAAC,YAAY,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC;IAE5D,oGAAoG;IACpG,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,YAAY,EAAE,iBAAiB,EAAE,MAAM,CAAC,qBAAqB,CAAC,CAAC;IACzG,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,2BAA2B,CAAC,CAAC;IAEzD,wBAAwB;IACxB,MAAM,MAAM,GAAG,KAAK,CAAC;QACnB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ,EAAE,MAAM,CAAC,IAAI;KACtB,CAAC,CAAC;IAEH,sFAAsF;IACtF,kEAAkE;IAClE,eAAe,CAAC,MAAM,CAAC,CAAC;IAExB,OAAO,CAAC,KAAK,CACX,8BAA8B,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,sBAAsB,CAC/E,CAAC;IAEF,gDAAgD;IAChD,YAAY,CAAC,KAAK,EAAE,CAAC;IAErB,0CAA0C;IAC1C,MAAM,QAAQ,GAAG,GAAG,EAAE;QACpB,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAEhD,2BAA2B;QAC3B,YAAY,CAAC,IAAI,EAAE,CAAC;QACpB,WAAW,CAAC,IAAI,EAAE,CAAC;QACnB,cAAc,CAAC,IAAI,EAAE,CAAC;QACtB,YAAY,CAAC,WAAW,EAAE,CAAC;QAE3B,0CAA0C;QAC1C,eAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAElD,+FAA+F;QAC/F,iBAAiB,CAAC,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAEpD,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACnB,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,mEAAmE;YACnE,MAAM,IAAI,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnC,IAAI,MAAM;gBAAE,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;;gBAC1C,IAAI,EAAE,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACjC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAE7C;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAClC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,qEA4DzB"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAG7C;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAClC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,qEA4FzB"}
@@ -1,5 +1,6 @@
1
1
  import { createMiddleware } from "hono/factory";
2
2
  import { BridgeError, ErrorCode } from "@essentialai/cogent";
3
+ import { logOrgEvent } from "../services/obs-log.js";
3
4
  /**
4
5
  * Create bearer token auth middleware.
5
6
  *
@@ -12,14 +13,31 @@ import { BridgeError, ErrorCode } from "@essentialai/cogent";
12
13
  */
13
14
  export function createAuthMiddleware(sessionStore, authService) {
14
15
  return createMiddleware(async (c, next) => {
16
+ // Per-org observability (Story 2.7): bearer auth runs BEFORE the session is
17
+ // resolved, so org is unknown for most failures (org_id: null) — except the
18
+ // timing-safe step below, where the session (and its org_scope) is known.
19
+ // The token is NEVER passed to the logger (and redaction would strip it).
20
+ const pathSessionId = c.req.param("sessionId");
15
21
  // 1. Extract Authorization header
16
22
  const authHeader = c.req.header("Authorization");
17
23
  if (!authHeader) {
24
+ logOrgEvent({
25
+ event: "auth_failure",
26
+ sessionId: pathSessionId,
27
+ outcome: "missing_token",
28
+ detail: { phase: "bearer" },
29
+ });
18
30
  throw new BridgeError(ErrorCode.AUTH_MISSING_TOKEN, "Authorization header required", "Include 'Authorization: Bearer <token>' header");
19
31
  }
20
32
  // 2. Parse Bearer <token> format
21
33
  const match = authHeader.match(/^Bearer\s+(.+)$/i);
22
34
  if (!match) {
35
+ logOrgEvent({
36
+ event: "auth_failure",
37
+ sessionId: pathSessionId,
38
+ outcome: "malformed_header",
39
+ detail: { phase: "bearer" },
40
+ });
23
41
  throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Invalid Authorization header format", "Use 'Bearer <token>' format");
24
42
  }
25
43
  const token = match[1];
@@ -28,6 +46,12 @@ export function createAuthMiddleware(sessionStore, authService) {
28
46
  // 4. Look up session by token hash
29
47
  const result = await sessionStore.getSessionByTokenHash(tokenHash);
30
48
  if (!result) {
49
+ logOrgEvent({
50
+ event: "auth_failure",
51
+ sessionId: pathSessionId,
52
+ outcome: "invalid_token",
53
+ detail: { phase: "bearer" },
54
+ });
31
55
  throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Invalid or expired token");
32
56
  }
33
57
  // 5. Defense-in-depth: timing-safe comparison of the token hash
@@ -35,6 +59,14 @@ export function createAuthMiddleware(sessionStore, authService) {
35
59
  const storedTokenHash = result.state.tokens.find((t) => t.tokenHash === tokenHash)?.tokenHash;
36
60
  if (!storedTokenHash ||
37
61
  !authService.timingSafeCompare(tokenHash, storedTokenHash)) {
62
+ // Session resolved here, so the org_scope tag IS known.
63
+ logOrgEvent({
64
+ event: "auth_failure",
65
+ orgScope: result.state.orgScope ?? null,
66
+ sessionId: result.sessionId,
67
+ outcome: "token_mismatch",
68
+ detail: { phase: "bearer" },
69
+ });
38
70
  throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Invalid or expired token");
39
71
  }
40
72
  // 6. Set session context for downstream handlers
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAK7D;;;;;;;;;GASG;AACH,MAAM,UAAU,oBAAoB,CAClC,YAA0B,EAC1B,WAAwB;IAExB,OAAO,gBAAgB,CAAY,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACnD,kCAAkC;QAClC,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,+BAA+B,EAC/B,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,qCAAqC,EACrC,6BAA6B,CAC9B,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEvB,kDAAkD;QAClD,MAAM,SAAS,GAAG,WAAW,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAE/C,mCAAmC;QACnC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;QACnE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,0BAA0B,CAC3B,CAAC;QACJ,CAAC;QAED,gEAAgE;QAChE,4EAA4E;QAC5E,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAC9C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CACjC,EAAE,SAAS,CAAC;QAEb,IACE,CAAC,eAAe;YAChB,CAAC,WAAW,CAAC,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC1D,CAAC;YACD,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,0BAA0B,CAC3B,CAAC;QACJ,CAAC;QAED,iDAAiD;QACjD,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACrC,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QAE/B,yCAAyC;QACzC,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAI7D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAErD;;;;;;;;;GASG;AACH,MAAM,UAAU,oBAAoB,CAClC,YAA0B,EAC1B,WAAwB;IAExB,OAAO,gBAAgB,CAAY,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACnD,4EAA4E;QAC5E,4EAA4E;QAC5E,0EAA0E;QAC1E,0EAA0E;QAC1E,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kCAAkC;QAClC,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,WAAW,CAAC;gBACV,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,aAAa;gBACxB,OAAO,EAAE,eAAe;gBACxB,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;aAC5B,CAAC,CAAC;YACH,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,+BAA+B,EAC/B,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC;gBACV,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,aAAa;gBACxB,OAAO,EAAE,kBAAkB;gBAC3B,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;aAC5B,CAAC,CAAC;YACH,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,qCAAqC,EACrC,6BAA6B,CAC9B,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEvB,kDAAkD;QAClD,MAAM,SAAS,GAAG,WAAW,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAE/C,mCAAmC;QACnC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;QACnE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,WAAW,CAAC;gBACV,KAAK,EAAE,cAAc;gBACrB,SAAS,EAAE,aAAa;gBACxB,OAAO,EAAE,eAAe;gBACxB,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;aAC5B,CAAC,CAAC;YACH,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,0BAA0B,CAC3B,CAAC;QACJ,CAAC;QAED,gEAAgE;QAChE,4EAA4E;QAC5E,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAC9C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CACjC,EAAE,SAAS,CAAC;QAEb,IACE,CAAC,eAAe;YAChB,CAAC,WAAW,CAAC,iBAAiB,CAAC,SAAS,EAAE,eAAe,CAAC,EAC1D,CAAC;YACD,wDAAwD;YACxD,WAAW,CAAC;gBACV,KAAK,EAAE,cAAc;gBACrB,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,IAAI,IAAI;gBACvC,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,OAAO,EAAE,gBAAgB;gBACzB,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;aAC5B,CAAC,CAAC;YACH,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,0BAA0B,CAC3B,CAAC;QACJ,CAAC;QAED,iDAAiD;QACjD,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACrC,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QAE/B,yCAAyC;QACzC,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
@@ -0,0 +1,17 @@
1
+ import type { AuthService } from "../services/auth-service.js";
2
+ import type { ServerEnv } from "../types.js";
3
+ /**
4
+ * Authenticates the control plane on `/api/control-plane/*` with a shared bearer
5
+ * token (`COGENT_SERVER_CONTROL_PLANE_TOKEN`).
6
+ *
7
+ * FAIL-CLOSED: when no token is configured, EVERY request is rejected. An
8
+ * unconfigured secret must never mean "open" — that would expose privileged
9
+ * channel-mutation to anyone who can reach the relay. The endpoint is only live
10
+ * once an operator deliberately sets the token (and MULTI_TENANT — the route is
11
+ * not even mounted on the free relay).
12
+ *
13
+ * Comparison is timing-safe (`authService.timingSafeCompare` SHA-256s both sides
14
+ * then `timingSafeEqual`, so it is length-agnostic and leaks no prefix timing).
15
+ */
16
+ export declare function createControlPlaneAuthMiddleware(expectedToken: string | null, authService: AuthService): import("hono").MiddlewareHandler<ServerEnv, string, {}, Response>;
17
+ //# sourceMappingURL=control-plane-auth.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control-plane-auth.d.ts","sourceRoot":"","sources":["../../src/middleware/control-plane-auth.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAE7C;;;;;;;;;;;;GAYG;AACH,wBAAgB,gCAAgC,CAAC,aAAa,EAAE,MAAM,GAAG,IAAI,EAAE,WAAW,EAAE,WAAW,qEAsCtG"}
@@ -0,0 +1,35 @@
1
+ import { createMiddleware } from "hono/factory";
2
+ import { BridgeError, ErrorCode } from "@essentialai/cogent";
3
+ /**
4
+ * Authenticates the control plane on `/api/control-plane/*` with a shared bearer
5
+ * token (`COGENT_SERVER_CONTROL_PLANE_TOKEN`).
6
+ *
7
+ * FAIL-CLOSED: when no token is configured, EVERY request is rejected. An
8
+ * unconfigured secret must never mean "open" — that would expose privileged
9
+ * channel-mutation to anyone who can reach the relay. The endpoint is only live
10
+ * once an operator deliberately sets the token (and MULTI_TENANT — the route is
11
+ * not even mounted on the free relay).
12
+ *
13
+ * Comparison is timing-safe (`authService.timingSafeCompare` SHA-256s both sides
14
+ * then `timingSafeEqual`, so it is length-agnostic and leaks no prefix timing).
15
+ */
16
+ export function createControlPlaneAuthMiddleware(expectedToken, authService) {
17
+ return createMiddleware(async (c, next) => {
18
+ if (!expectedToken) {
19
+ throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Control-plane endpoint is disabled", "Set COGENT_SERVER_CONTROL_PLANE_TOKEN on the relay to enable control-plane access");
20
+ }
21
+ const authHeader = c.req.header("Authorization");
22
+ if (!authHeader) {
23
+ throw new BridgeError(ErrorCode.AUTH_MISSING_TOKEN, "Missing Authorization header", "Send Authorization: Bearer <control-plane-token>");
24
+ }
25
+ const match = authHeader.match(/^Bearer\s+(.+)$/i);
26
+ if (!match) {
27
+ throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Malformed Authorization header", "Expected format: Authorization: Bearer <token>");
28
+ }
29
+ if (!authService.timingSafeCompare(match[1], expectedToken)) {
30
+ throw new BridgeError(ErrorCode.AUTH_INVALID_TOKEN, "Invalid control-plane token", "Verify COGENT_SERVER_CONTROL_PLANE_TOKEN matches the control plane's configured service token");
31
+ }
32
+ await next();
33
+ });
34
+ }
35
+ //# sourceMappingURL=control-plane-auth.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control-plane-auth.js","sourceRoot":"","sources":["../../src/middleware/control-plane-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAI7D;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,gCAAgC,CAAC,aAA4B,EAAE,WAAwB;IACrG,OAAO,gBAAgB,CAAY,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACnD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,oCAAoC,EACpC,mFAAmF,CACpF,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,8BAA8B,EAC9B,kDAAkD,CACnD,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,gCAAgC,EAChC,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,6BAA6B,EAC7B,+FAA+F,CAChG,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}
@@ -0,0 +1,20 @@
1
+ import { Hono } from "hono";
2
+ import type { SessionStore } from "../services/session-store.js";
3
+ import type { AuthService } from "../services/auth-service.js";
4
+ import type { ConnectionManager } from "../services/connection-manager.js";
5
+ import type { ServerEnv } from "../types.js";
6
+ /**
7
+ * Control-plane → relay receiver (FR10): the privileged endpoint the Business
8
+ * Edition control plane POSTs to so it can mutate relay channels it owns.
9
+ *
10
+ * Single endpoint `POST /api/control-plane/channels`, dispatched on the envelope
11
+ * `op` (`channel.create` | `channel.delete` | `org.rotate`). Auth (a shared
12
+ * bearer token) is applied by `createControlPlaneAuthMiddleware` at mount time;
13
+ * this factory assumes the request is already authenticated.
14
+ *
15
+ * Version safety: the request's contract `version` major MUST equal the relay's
16
+ * `CONTROL_PLANE_API_MAJOR`; a mismatch is rejected BEFORE any mutation so an
17
+ * incompatible deploy fails fast and loud.
18
+ */
19
+ export declare function createControlPlaneRoutes(sessionStore: SessionStore, authService: AuthService, connectionManager: ConnectionManager): Hono<ServerEnv>;
20
+ //# sourceMappingURL=control-plane.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control-plane.d.ts","sourceRoot":"","sources":["../../src/routes/control-plane.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,KAAK,EAAc,SAAS,EAAE,MAAM,aAAa,CAAC;AAOzD;;;;;;;;;;;;GAYG;AACH,wBAAgB,wBAAwB,CACtC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,EACxB,iBAAiB,EAAE,iBAAiB,GACnC,IAAI,CAAC,SAAS,CAAC,CAkIjB"}
@@ -0,0 +1,122 @@
1
+ import { Hono } from "hono";
2
+ import { BridgeError, ErrorCode, generateSessionId } from "@essentialai/cogent";
3
+ import { RelayRequestSchema, isCompatibleVersion, CONTROL_PLANE_API_MAJOR, } from "../contract/control-plane-contract.js";
4
+ /**
5
+ * Control-plane → relay receiver (FR10): the privileged endpoint the Business
6
+ * Edition control plane POSTs to so it can mutate relay channels it owns.
7
+ *
8
+ * Single endpoint `POST /api/control-plane/channels`, dispatched on the envelope
9
+ * `op` (`channel.create` | `channel.delete` | `org.rotate`). Auth (a shared
10
+ * bearer token) is applied by `createControlPlaneAuthMiddleware` at mount time;
11
+ * this factory assumes the request is already authenticated.
12
+ *
13
+ * Version safety: the request's contract `version` major MUST equal the relay's
14
+ * `CONTROL_PLANE_API_MAJOR`; a mismatch is rejected BEFORE any mutation so an
15
+ * incompatible deploy fails fast and loud.
16
+ */
17
+ export function createControlPlaneRoutes(sessionStore, authService, connectionManager) {
18
+ const cp = new Hono();
19
+ // Live agent-usage read (FR11 usage reporting): the control plane's
20
+ // HttpAgentCountSource GETs this to fill the "agents used" figure it cannot
21
+ // know itself (agents live on the relay). `orgScope` is the SHA-256(Org_ID)
22
+ // the relay indexes by. Authenticated by the same control-plane bearer token
23
+ // (the middleware covers all of /api/control-plane/*). Unknown scope -> 0.
24
+ cp.get("/orgs/:orgScope/agent-count", async (c) => {
25
+ const orgScope = c.req.param("orgScope");
26
+ const count = await sessionStore.countAgentsByOrgScope(orgScope);
27
+ return c.json({ orgScope, count }, 200);
28
+ });
29
+ cp.post("/channels", async (c) => {
30
+ // Header version gate (cheap reject before reading the body) — the CP sets
31
+ // x-control-plane-api-version so an incompatible major is caught up front.
32
+ const headerVersion = c.req.header("x-control-plane-api-version");
33
+ if (headerVersion && !isCompatibleVersion(headerVersion)) {
34
+ throw new BridgeError(ErrorCode.INVALID_INPUT, `Unsupported control-plane API version ${headerVersion}`, `This relay supports major ${CONTROL_PLANE_API_MAJOR}.x`);
35
+ }
36
+ let raw;
37
+ try {
38
+ raw = await c.req.json();
39
+ }
40
+ catch {
41
+ throw new BridgeError(ErrorCode.INVALID_INPUT, "Request body is not valid JSON", "Send a JSON control-plane envelope");
42
+ }
43
+ const parsed = RelayRequestSchema.safeParse(raw);
44
+ if (!parsed.success) {
45
+ // Report only the offending field PATHS, never the Zod messages — a future
46
+ // custom validator could stringify a received value (e.g. a secret) into
47
+ // its message, which requestLogger would then persist. Paths are enough for
48
+ // the (already-authenticated) control plane to debug.
49
+ const fields = [...new Set(parsed.error.issues.map((i) => i.path.join(".")))].join(", ");
50
+ throw new BridgeError(ErrorCode.INVALID_INPUT, `Invalid control-plane request (fields: ${fields})`, "Check the op and payload against the control-plane contract");
51
+ }
52
+ const req = parsed.data;
53
+ // Body version gate (the header is optional; the body version is authoritative).
54
+ if (!isCompatibleVersion(req.version)) {
55
+ throw new BridgeError(ErrorCode.INVALID_INPUT, `Unsupported control-plane API version ${req.version}`, `This relay supports major ${CONTROL_PLANE_API_MAJOR}.x`);
56
+ }
57
+ switch (req.op) {
58
+ case "channel.create": {
59
+ const { orgScope, orgIdHash, name, secret } = req.payload;
60
+ const sessionId = generateSessionId();
61
+ // The channel password arrives in plaintext and is bcrypt-hashed HERE.
62
+ // orgScope (SHA-256) and orgIdHash (bcrypt) are ALREADY derived by the
63
+ // control plane and stored verbatim — the relay never re-hashes them.
64
+ const secretHash = await authService.hashSecret(secret);
65
+ // Every relay session carries at least one bearer token. A CP-created
66
+ // channel has no human creator to hold one, so we mint a token and keep
67
+ // only its hash (the plaintext is discarded); agents obtain their own
68
+ // tokens later via the normal join flow.
69
+ const { tokenHash } = authService.generateToken();
70
+ const tokenEntry = { tokenHash, createdAt: new Date().toISOString() };
71
+ // createSession enforces the per-org channel quota atomically and throws
72
+ // a BridgeError if exceeded — which the error handler surfaces as-is.
73
+ const session = await sessionStore.createSession(sessionId, name, secretHash, tokenEntry, undefined, {
74
+ idHash: orgIdHash,
75
+ scope: orgScope,
76
+ });
77
+ return c.json({ relaySessionId: session.sessionId }, 201);
78
+ }
79
+ case "channel.delete": {
80
+ const { relaySessionId } = req.payload;
81
+ // deleteSession is idempotent (a missing session is a no-op), so a
82
+ // retried delete is safe. Drop any live agents first so they don't keep
83
+ // a dangling connection to a deleted channel.
84
+ const dropped = connectionManager.closeSessionConnections(relaySessionId, 4001, "Channel deleted");
85
+ await sessionStore.deleteSession(relaySessionId);
86
+ return c.json({ success: true, dropped }, 200);
87
+ }
88
+ case "org.setQuota": {
89
+ // Persist the org's tier-derived quota (Story 5.1, FR20). The CP owns the
90
+ // tier→limits mapping; the relay upserts what it row-locks to enforce. Idempotent
91
+ // (a tier change re-sends), so a retried push is safe. No Org_ID material here —
92
+ // orgScope is the SHA-256 key, already derived by the CP.
93
+ const { orgScope, tier, maxChannels, maxAgents } = req.payload;
94
+ await sessionStore.setOrgQuota(orgScope, tier, maxChannels, maxAgents);
95
+ return c.json({ success: true }, 200);
96
+ }
97
+ case "org.rotate": {
98
+ // FR11 live rotation re-keys every session under oldOrgScope to the new
99
+ // scope + Org_ID hash AND re-indexes the per-org label map atomically.
100
+ // That store-level re-index is a dedicated story; abusing updateSession
101
+ // here would corrupt the label index (key = orgScope::label). Until that
102
+ // ships, fail loudly rather than half-rotate.
103
+ //
104
+ // Honest 501 (not 400): the op is recognized and well-formed — the relay
105
+ // simply hasn't implemented it, so a 400 would mislead the CP into
106
+ // suspecting its own request. Returned directly (not via BridgeError) to
107
+ // avoid widening the shared @essentialai/cogent ErrorCode taxonomy — which
108
+ // would force a republish — for a deliberately-interim path. No Org_ID
109
+ // hash is logged (it would be a weak confirmation oracle).
110
+ console.error("[control-plane] org.rotate received but NOT IMPLEMENTED — rejecting");
111
+ return c.json({
112
+ success: false,
113
+ error: "NOT_IMPLEMENTED",
114
+ message: "org.rotate is not yet supported by this relay",
115
+ suggestion: "Org_ID rotation (FR11) requires the relay re-keying story; channel.create/delete are available",
116
+ }, 501);
117
+ }
118
+ }
119
+ });
120
+ return cp;
121
+ }
122
+ //# sourceMappingURL=control-plane.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"control-plane.js","sourceRoot":"","sources":["../../src/routes/control-plane.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAKhF,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,uCAAuC,CAAC;AAE/C;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,wBAAwB,CACtC,YAA0B,EAC1B,WAAwB,EACxB,iBAAoC;IAEpC,MAAM,EAAE,GAAG,IAAI,IAAI,EAAa,CAAC;IAEjC,oEAAoE;IACpE,4EAA4E;IAC5E,4EAA4E;IAC5E,6EAA6E;IAC7E,2EAA2E;IAC3E,EAAE,CAAC,GAAG,CAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAChD,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QACjE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC/B,2EAA2E;QAC3E,2EAA2E;QAC3E,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC;QAClE,IAAI,aAAa,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAAE,CAAC;YACzD,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,aAAa,EACvB,yCAAyC,aAAa,EAAE,EACxD,6BAA6B,uBAAuB,IAAI,CACzD,CAAC;QACJ,CAAC;QAED,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,WAAW,CAAC,SAAS,CAAC,aAAa,EAAE,gCAAgC,EAAE,oCAAoC,CAAC,CAAC;QACzH,CAAC;QAED,MAAM,MAAM,GAAG,kBAAkB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,2EAA2E;YAC3E,yEAAyE;YACzE,4EAA4E;YAC5E,sDAAsD;YACtD,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzF,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,aAAa,EACvB,0CAA0C,MAAM,GAAG,EACnD,6DAA6D,CAC9D,CAAC;QACJ,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC;QAExB,iFAAiF;QACjF,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YACtC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,aAAa,EACvB,yCAAyC,GAAG,CAAC,OAAO,EAAE,EACtD,6BAA6B,uBAAuB,IAAI,CACzD,CAAC;QACJ,CAAC;QAED,QAAQ,GAAG,CAAC,EAAE,EAAE,CAAC;YACf,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;gBAC1D,MAAM,SAAS,GAAG,iBAAiB,EAAE,CAAC;gBACtC,uEAAuE;gBACvE,uEAAuE;gBACvE,sEAAsE;gBACtE,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;gBACxD,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;gBACtE,yCAAyC;gBACzC,MAAM,EAAE,SAAS,EAAE,GAAG,WAAW,CAAC,aAAa,EAAE,CAAC;gBAClD,MAAM,UAAU,GAAe,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;gBAElF,yEAAyE;gBACzE,sEAAsE;gBACtE,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE;oBACnG,MAAM,EAAE,SAAS;oBACjB,KAAK,EAAE,QAAQ;iBAChB,CAAC,CAAC;gBAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,GAAG,CAAC,CAAC;YAC5D,CAAC;YAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;gBACvC,mEAAmE;gBACnE,wEAAwE;gBACxE,8CAA8C;gBAC9C,MAAM,OAAO,GAAG,iBAAiB,CAAC,uBAAuB,CAAC,cAAc,EAAE,IAAI,EAAE,iBAAiB,CAAC,CAAC;gBACnG,MAAM,YAAY,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;gBACjD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;YACjD,CAAC;YAED,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,0EAA0E;gBAC1E,kFAAkF;gBAClF,iFAAiF;gBACjF,0DAA0D;gBAC1D,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;gBAC/D,MAAM,YAAY,CAAC,WAAW,CAAC,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;gBACvE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC;YACxC,CAAC;YAED,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,wEAAwE;gBACxE,uEAAuE;gBACvE,wEAAwE;gBACxE,yEAAyE;gBACzE,8CAA8C;gBAC9C,EAAE;gBACF,yEAAyE;gBACzE,mEAAmE;gBACnE,yEAAyE;gBACzE,2EAA2E;gBAC3E,uEAAuE;gBACvE,2DAA2D;gBAC3D,OAAO,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;gBACrF,OAAO,CAAC,CAAC,IAAI,CACX;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,+CAA+C;oBACxD,UAAU,EAAE,gGAAgG;iBAC7G,EACD,GAAG,CACJ,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,CAAC;AACZ,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"messages.d.ts","sourceRoot":"","sources":["../../src/routes/messages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAS5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAK7C;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,EACxB,WAAW,EAAE,MAAM,EACnB,iBAAiB,CAAC,EAAE,iBAAiB,EACrC,YAAY,CAAC,EAAE,mBAAmB,EAClC,eAAe,CAAC,EAAE,eAAe,EACjC,YAAY,CAAC,EAAE,YAAY,GAC1B,IAAI,CAAC,SAAS,CAAC,CAsYjB"}
1
+ {"version":3,"file":"messages.d.ts","sourceRoot":"","sources":["../../src/routes/messages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAS5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAM7C;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,EACxB,WAAW,EAAE,MAAM,EACnB,iBAAiB,CAAC,EAAE,iBAAiB,EACrC,YAAY,CAAC,EAAE,mBAAmB,EAClC,eAAe,CAAC,EAAE,eAAe,EACjC,YAAY,CAAC,EAAE,YAAY,GAC1B,IAAI,CAAC,SAAS,CAAC,CAwZjB"}
@@ -3,6 +3,7 @@ import { zValidator } from "@hono/zod-validator";
3
3
  import { z } from "zod";
4
4
  import { BridgeError, ErrorCode, generateMessageId, } from "@essentialai/cogent";
5
5
  import { createAuthMiddleware } from "../middleware/auth.js";
6
+ import { logOrgEvent } from "../services/obs-log.js";
6
7
  import { validationHook } from "./validation-hook.js";
7
8
  import { createMessageFrame } from "../ws/frames.js";
8
9
  /**
@@ -93,7 +94,10 @@ export function createMessageRoutes(sessionStore, authService, maxMessages, conn
93
94
  let messageId;
94
95
  let timestamp;
95
96
  let record;
97
+ // Org tag for observability (immutable on the session). Free channels: null.
98
+ let orgScope = null;
96
99
  await sessionStore.updateSession(authSessionId, (state) => {
100
+ orgScope = state.orgScope ?? null;
97
101
  // Verify sender is a registered peer in this session
98
102
  if (!state.peers[fromPeerId]) {
99
103
  throw new BridgeError(ErrorCode.PEER_NOT_FOUND, "Sender peer not registered in session", `Register peer '${fromPeerId}' before sending messages`);
@@ -136,6 +140,20 @@ export function createMessageRoutes(sessionStore, authService, maxMessages, conn
136
140
  });
137
141
  // Increment global message counter (monotonic, survives session deletion)
138
142
  await sessionStore.incrementGlobalMessageCount();
143
+ // Per-org observability (Story 2.7): metadata only — NEVER the message body.
144
+ logOrgEvent({
145
+ event: "message_relay",
146
+ orgScope,
147
+ sessionId: authSessionId,
148
+ outcome: "relayed",
149
+ detail: {
150
+ fromPeerId,
151
+ toPeerId,
152
+ messageId: messageId,
153
+ broadcast: toPeerId === "*",
154
+ originPlatform: originPlatform ?? "cc",
155
+ },
156
+ });
139
157
  // Increment cumulative platform message counter (fire-and-forget)
140
158
  if (statsService) {
141
159
  statsService.incrementMessageSent(originPlatform ?? "cc").catch(console.error);
@@ -1 +1 @@
1
- {"version":3,"file":"messages.js","sourceRoot":"","sources":["../../src/routes/messages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,WAAW,EACX,SAAS,EACT,iBAAiB,GAClB,MAAM,qBAAqB,CAAC;AAS7B,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,mBAAmB,CACjC,YAA0B,EAC1B,WAAwB,EACxB,WAAmB,EACnB,iBAAqC,EACrC,YAAkC,EAClC,eAAiC,EACjC,YAA2B;IAE3B,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAa,CAAC;IAEvC,yEAAyE;IACzE,2EAA2E;IAC3E,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAE7D,2EAA2E;IAC3E,yEAAyE;IACzE,4EAA4E;IAC5E,8EAA8E;IAC9E,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,0BAA0B,GAAG,CAAC;SACjC,MAAM,CAAC;QACN,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC7B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1B,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QAC3E,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;KACpC,CAAC;SACD,MAAM,EAAE,CAAC;IAEZ,MAAM,0BAA0B,GAAG,CAAC;SACjC,MAAM,CAAC;QACN,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC7B,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;QACvE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC5D,wEAAwE;QACxE,iEAAiE;QACjE,4CAA4C;QAC5C,kBAAkB,EAAE,CAAC;aAClB,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;QACjB,sEAAsE;QACtE,gEAAgE;QAChE,yEAAyE;QACzE,YAAY,EAAE,CAAC;aACZ,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;QACjB,0EAA0E;QAC1E,yEAAyE;QACzE,uEAAuE;QACvE,kEAAkE;QAClE,mEAAmE;QACnE,wEAAwE;QACxE,8BAA8B;QAC9B,mBAAmB,EAAE,CAAC;aACnB,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;KAClB,CAAC;SACD,MAAM,EAAE,CAAC;IAEZ;;;;;;;;OAQG;IACH,QAAQ,CAAC,IAAI,CACX,sBAAsB,EACtB,IAAI,EACJ,UAAU,CAAC,MAAM,EAAE,0BAA0B,EAAE,cAAc,CAAC,EAC9D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,GAClE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEtB,6EAA6E;QAC7E,wEAAwE;QACxE,wEAAwE;QACxE,0EAA0E;QAC1E,IAAI,SAAiB,CAAC;QACtB,IAAI,SAAiB,CAAC;QACtB,IAAI,MAAiD,CAAC;QAEtD,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,qDAAqD;YACrD,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,cAAc,EACxB,uCAAuC,EACvC,kBAAkB,UAAU,2BAA2B,CACxD,CAAC;YACJ,CAAC;YAED,oEAAoE;YACpE,IAAI,QAAQ,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,cAAc,EACxB,qCAAqC,EACrC,oBAAoB,QAAQ,gCAAgC,CAC7D,CAAC;YACJ,CAAC;YAED,qDAAqD;YACrD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YACrC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC;YAEzC,4CAA4C;YAC5C,SAAS,GAAG,iBAAiB,EAAE,CAAC;YAChC,SAAS,GAAG,GAAG,CAAC;YAEhB,MAAM,GAAG;gBACP,EAAE,EAAE,SAAS;gBACb,UAAU;gBACV,QAAQ;gBACR,OAAO;gBACP,QAAQ,EAAE,IAAI;gBACd,SAAS;gBACT,UAAU,EAAE,IAAI;gBAChB,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,IAAI;gBACX,cAAc,EAAE,cAAc,IAAI,IAAI;gBACtC,iEAAiE;gBACjE,6DAA6D;gBAC7D,+BAA+B;gBAC/B,WAAW,EAAE,WAAW,IAAI,KAAK;aAClC,CAAC;YAEF,kEAAkE;YAClE,mEAAmE;YACnE,sEAAsE;YACtE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAuB,CAAC,CAAC;YAE7C,0EAA0E;YAC1E,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC;gBACxC,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC;YACtD,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,0EAA0E;QAC1E,MAAM,YAAY,CAAC,2BAA2B,EAAE,CAAC;QAEjD,kEAAkE;QAClE,IAAI,YAAY,EAAE,CAAC;YACjB,YAAY,CAAC,oBAAoB,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACjF,CAAC;QAED,8DAA8D;QAC9D,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,kBAAkB,CAAC,MAAO,CAAC,CAAC;gBAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBACnC,MAAM,cAAc,GAAG,cAAc,IAAI,IAAI,CAAC;gBAE9C,IAAI,QAAQ,KAAK,GAAG,EAAE,CAAC;oBACrB,mEAAmE;oBACnE,iBAAiB,CAAC,kBAAkB,CAAC,aAAa,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;oBAEtE,8DAA8D;oBAC9D,IAAI,eAAe,EAAE,CAAC;wBACpB,eAAe,CAAC,mBAAmB,CAAC,aAAa,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;oBAC3E,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yEAAyE;oBACzE,IAAI,iBAAiB,CAAC,WAAW,CAAC,aAAa,EAAE,QAAQ,CAAC,EAAE,CAAC;wBAC3D,MAAM,IAAI,GAAG,iBAAiB,CAAC,UAAU,CAAC,aAAa,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;wBACzE,IAAI,IAAI,KAAK,CAAC,IAAI,YAAY,EAAE,CAAC;4BAC/B,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAO,CAAC,CAAC;wBAC/D,CAAC;oBACH,CAAC;yBAAM,IAAI,YAAY,EAAE,CAAC;wBACxB,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAO,CAAC,CAAC;oBAC/D,CAAC;oBAED,wEAAwE;oBACxE,uEAAuE;oBACvE,8DAA8D;oBAC9D,IAAI,eAAe,EAAE,CAAC;wBACpB,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;wBAC7D,MAAM,iBAAiB,GAAG,OAAO,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC;wBAC7D,IAAI,iBAAiB,IAAI,iBAAiB,KAAK,IAAI,IAAI,iBAAiB,KAAK,cAAc,EAAE,CAAC;4BAC5F,eAAe,CAAC,aAAa,CAAC,aAAa,EAAE,iBAAiB,EAAE,IAAI,CAAC,CAAC;wBACxE,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,iEAAiE;gBACjE,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CACX;YACE,EAAE,EAAE,SAAU;YACd,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,SAAU;SACtB,EACD,GAAG,CACJ,CAAC;IACJ,CAAC,CACF,CAAC;IAEF;;;;;;OAMG;IACH,QAAQ,CAAC,GAAG,CACV,sBAAsB,EACtB,IAAI,EACJ,UAAU,CAAC,OAAO,EAAE,0BAA0B,EAAE,cAAc,CAAC,EAC/D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;QAC5B,0EAA0E;QAC1E,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,GAAG,CAAC;QACjC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC;QACjC,MAAM,kBAAkB,GAAG,KAAK,CAAC,kBAAkB,IAAI,KAAK,CAAC;QAC7D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC;QACjD,MAAM,mBAAmB,GAAG,KAAK,CAAC,mBAAmB,IAAI,KAAK,CAAC;QAE/D,0DAA0D;QAC1D,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,iBAAiB,EAC3B,WAAW,aAAa,YAAY,CACrC,CAAC;QACJ,CAAC;QAED,oEAAoE;QACpE,wEAAwE;QACxE,sEAAsE;QACtE,mEAAmE;QACnE,IAAI,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,CAAC,EAAE,EAAE,CAAE,CAA+C,CAAC,WAAW,KAAK,IAAI,CAC7E,CAAC;QACJ,CAAC;QAED,+DAA+D;QAC/D,kEAAkE;QAClE,sDAAsD;QACtD,qDAAqD;QACrD,0DAA0D;QAC1D,8BAA8B;QAC9B,qEAAqE;QACrE,mEAAmE;QACnE,IAAI,mBAAmB,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/C,MAAM,uBAAuB,GAAG,OAAO,CAAC;YACxC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;gBACpC,IAAI,CAAC,KAAK,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACzB,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC7B,IAAI,CAAC,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAChC,IAAI,GAAG,CAAC,OAAO,KAAK,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAC/C,IAAI,GAAG,CAAC,UAAU,KAAK,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAClD,IAAI,GAAG,CAAC,QAAQ,KAAK,IAAI,CAAC,UAAU;oBAAE,OAAO,IAAI,CAAC;gBAClD,MAAM,EAAE,GACN,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACzD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,uBAAuB,EAAE,CAAC;oBACnE,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACL,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,UAAU,KAAK,MAAM;gBACzB,GAAG,CAAC,QAAQ,KAAK,MAAM;gBACvB,GAAG,CAAC,QAAQ,KAAK,GAAG,CACvB,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;QAE9B,mEAAmE;QACnE,sDAAsD;QACtD,qEAAqE;QACrE,wEAAwE;QACxE,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAEnD,iEAAiE;QACjE,sEAAsE;QACtE,iEAAiE;QACjE,mEAAmE;QACnE,iEAAiE;QACjE,wDAAwD;QACxD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACpC,MAAM,GAAG,GAAG,CAA8C,CAAC;gBAC3D,OAAO;oBACL,EAAE,EAAE,GAAG,CAAC,EAAE;oBACV,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,SAAS,EAAE,GAAG,CAAC,SAAS;oBACxB,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,WAAW,EAAE,GAAG,CAAC,WAAW,KAAK,IAAI;oBACrC,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,SAAS;gBACnB,KAAK;aACN,CAAC,CAAC;QACL,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,SAAS;YACnB,KAAK;SACN,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF;;;;;;;OAOG;IACH,0EAA0E;IAC1E,sEAAsE;IACtE,yEAAyE;IACzE,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAAC;QAC3C,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAClC,CAAC,CAAC;IAEH,QAAQ,CAAC,KAAK,CACZ,iCAAiC,EACjC,IAAI,EACJ,UAAU,CAAC,MAAM,EAAE,2BAA2B,EAAE,cAAc,CAAC,EAC/D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAErD,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC3D,IAAI,GAAG,EAAE,CAAC;gBACR,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC;gBACxB,IAAI,UAAU,KAAK,SAAS;oBAAE,GAAG,CAAC,UAAU,GAAG,UAAU,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC"}
1
+ {"version":3,"file":"messages.js","sourceRoot":"","sources":["../../src/routes/messages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,WAAW,EACX,SAAS,EACT,iBAAiB,GAClB,MAAM,qBAAqB,CAAC;AAS7B,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,mBAAmB,CACjC,YAA0B,EAC1B,WAAwB,EACxB,WAAmB,EACnB,iBAAqC,EACrC,YAAkC,EAClC,eAAiC,EACjC,YAA2B;IAE3B,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAa,CAAC;IAEvC,yEAAyE;IACzE,2EAA2E;IAC3E,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAE7D,2EAA2E;IAC3E,yEAAyE;IACzE,4EAA4E;IAC5E,8EAA8E;IAC9E,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,0BAA0B,GAAG,CAAC;SACjC,MAAM,CAAC;QACN,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC7B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1B,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;QAC3E,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;KACpC,CAAC;SACD,MAAM,EAAE,CAAC;IAEZ,MAAM,0BAA0B,GAAG,CAAC;SACjC,MAAM,CAAC;QACN,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC7B,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;QACvE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC5D,wEAAwE;QACxE,iEAAiE;QACjE,4CAA4C;QAC5C,kBAAkB,EAAE,CAAC;aAClB,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;QACjB,sEAAsE;QACtE,gEAAgE;QAChE,yEAAyE;QACzE,YAAY,EAAE,CAAC;aACZ,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;QACjB,0EAA0E;QAC1E,yEAAyE;QACzE,uEAAuE;QACvE,kEAAkE;QAClE,mEAAmE;QACnE,wEAAwE;QACxE,8BAA8B;QAC9B,mBAAmB,EAAE,CAAC;aACnB,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;aAC1D,QAAQ,EAAE;aACV,OAAO,CAAC,KAAK,CAAC;KAClB,CAAC;SACD,MAAM,EAAE,CAAC;IAEZ;;;;;;;;OAQG;IACH,QAAQ,CAAC,IAAI,CACX,sBAAsB,EACtB,IAAI,EACJ,UAAU,CAAC,MAAM,EAAE,0BAA0B,EAAE,cAAc,CAAC,EAC9D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,GAClE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEtB,6EAA6E;QAC7E,wEAAwE;QACxE,wEAAwE;QACxE,0EAA0E;QAC1E,IAAI,SAAiB,CAAC;QACtB,IAAI,SAAiB,CAAC;QACtB,IAAI,MAAiD,CAAC;QACtD,6EAA6E;QAC7E,IAAI,QAAQ,GAAkB,IAAI,CAAC;QAEnC,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,IAAI,CAAC;YAClC,qDAAqD;YACrD,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,cAAc,EACxB,uCAAuC,EACvC,kBAAkB,UAAU,2BAA2B,CACxD,CAAC;YACJ,CAAC;YAED,oEAAoE;YACpE,IAAI,QAAQ,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,cAAc,EACxB,qCAAqC,EACrC,oBAAoB,QAAQ,gCAAgC,CAC7D,CAAC;YACJ,CAAC;YAED,qDAAqD;YACrD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YACrC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC;YAEzC,4CAA4C;YAC5C,SAAS,GAAG,iBAAiB,EAAE,CAAC;YAChC,SAAS,GAAG,GAAG,CAAC;YAEhB,MAAM,GAAG;gBACP,EAAE,EAAE,SAAS;gBACb,UAAU;gBACV,QAAQ;gBACR,OAAO;gBACP,QAAQ,EAAE,IAAI;gBACd,SAAS;gBACT,UAAU,EAAE,IAAI;gBAChB,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,IAAI;gBACX,cAAc,EAAE,cAAc,IAAI,IAAI;gBACtC,iEAAiE;gBACjE,6DAA6D;gBAC7D,+BAA+B;gBAC/B,WAAW,EAAE,WAAW,IAAI,KAAK;aAClC,CAAC;YAEF,kEAAkE;YAClE,mEAAmE;YACnE,sEAAsE;YACtE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAuB,CAAC,CAAC;YAE7C,0EAA0E;YAC1E,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC;gBACxC,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC;YACtD,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,0EAA0E;QAC1E,MAAM,YAAY,CAAC,2BAA2B,EAAE,CAAC;QAEjD,6EAA6E;QAC7E,WAAW,CAAC;YACV,KAAK,EAAE,eAAe;YACtB,QAAQ;YACR,SAAS,EAAE,aAAa;YACxB,OAAO,EAAE,SAAS;YAClB,MAAM,EAAE;gBACN,UAAU;gBACV,QAAQ;gBACR,SAAS,EAAE,SAAU;gBACrB,SAAS,EAAE,QAAQ,KAAK,GAAG;gBAC3B,cAAc,EAAE,cAAc,IAAI,IAAI;aACvC;SACF,CAAC,CAAC;QAEH,kEAAkE;QAClE,IAAI,YAAY,EAAE,CAAC;YACjB,YAAY,CAAC,oBAAoB,CAAC,cAAc,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACjF,CAAC;QAED,8DAA8D;QAC9D,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,kBAAkB,CAAC,MAAO,CAAC,CAAC;gBAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBACnC,MAAM,cAAc,GAAG,cAAc,IAAI,IAAI,CAAC;gBAE9C,IAAI,QAAQ,KAAK,GAAG,EAAE,CAAC;oBACrB,mEAAmE;oBACnE,iBAAiB,CAAC,kBAAkB,CAAC,aAAa,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;oBAEtE,8DAA8D;oBAC9D,IAAI,eAAe,EAAE,CAAC;wBACpB,eAAe,CAAC,mBAAmB,CAAC,aAAa,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;oBAC3E,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yEAAyE;oBACzE,IAAI,iBAAiB,CAAC,WAAW,CAAC,aAAa,EAAE,QAAQ,CAAC,EAAE,CAAC;wBAC3D,MAAM,IAAI,GAAG,iBAAiB,CAAC,UAAU,CAAC,aAAa,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;wBACzE,IAAI,IAAI,KAAK,CAAC,IAAI,YAAY,EAAE,CAAC;4BAC/B,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAO,CAAC,CAAC;wBAC/D,CAAC;oBACH,CAAC;yBAAM,IAAI,YAAY,EAAE,CAAC;wBACxB,MAAM,YAAY,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,EAAE,MAAO,CAAC,CAAC;oBAC/D,CAAC;oBAED,wEAAwE;oBACxE,uEAAuE;oBACvE,8DAA8D;oBAC9D,IAAI,eAAe,EAAE,CAAC;wBACpB,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;wBAC7D,MAAM,iBAAiB,GAAG,OAAO,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC;wBAC7D,IAAI,iBAAiB,IAAI,iBAAiB,KAAK,IAAI,IAAI,iBAAiB,KAAK,cAAc,EAAE,CAAC;4BAC5F,eAAe,CAAC,aAAa,CAAC,aAAa,EAAE,iBAAiB,EAAE,IAAI,CAAC,CAAC;wBACxE,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,iEAAiE;gBACjE,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CACX;YACE,EAAE,EAAE,SAAU;YACd,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,SAAU;SACtB,EACD,GAAG,CACJ,CAAC;IACJ,CAAC,CACF,CAAC;IAEF;;;;;;OAMG;IACH,QAAQ,CAAC,GAAG,CACV,sBAAsB,EACtB,IAAI,EACJ,UAAU,CAAC,OAAO,EAAE,0BAA0B,EAAE,cAAc,CAAC,EAC/D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;QAC5B,0EAA0E;QAC1E,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,GAAG,CAAC;QACjC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC;QACjC,MAAM,kBAAkB,GAAG,KAAK,CAAC,kBAAkB,IAAI,KAAK,CAAC;QAC7D,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC;QACjD,MAAM,mBAAmB,GAAG,KAAK,CAAC,mBAAmB,IAAI,KAAK,CAAC;QAE/D,0DAA0D;QAC1D,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,iBAAiB,EAC3B,WAAW,aAAa,YAAY,CACrC,CAAC;QACJ,CAAC;QAED,oEAAoE;QACpE,wEAAwE;QACxE,sEAAsE;QACtE,mEAAmE;QACnE,IAAI,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,CAAC,EAAE,EAAE,CAAE,CAA+C,CAAC,WAAW,KAAK,IAAI,CAC7E,CAAC;QACJ,CAAC;QAED,+DAA+D;QAC/D,kEAAkE;QAClE,sDAAsD;QACtD,qDAAqD;QACrD,0DAA0D;QAC1D,8BAA8B;QAC9B,qEAAqE;QACrE,mEAAmE;QACnE,IAAI,mBAAmB,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/C,MAAM,uBAAuB,GAAG,OAAO,CAAC;YACxC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;gBACpC,IAAI,CAAC,KAAK,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACzB,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC7B,IAAI,CAAC,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAChC,IAAI,GAAG,CAAC,OAAO,KAAK,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAC/C,IAAI,GAAG,CAAC,UAAU,KAAK,IAAI,CAAC,QAAQ;oBAAE,OAAO,IAAI,CAAC;gBAClD,IAAI,GAAG,CAAC,QAAQ,KAAK,IAAI,CAAC,UAAU;oBAAE,OAAO,IAAI,CAAC;gBAClD,MAAM,EAAE,GACN,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACzD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,uBAAuB,EAAE,CAAC;oBACnE,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACL,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,UAAU,KAAK,MAAM;gBACzB,GAAG,CAAC,QAAQ,KAAK,MAAM;gBACvB,GAAG,CAAC,QAAQ,KAAK,GAAG,CACvB,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;QAE9B,mEAAmE;QACnE,sDAAsD;QACtD,qEAAqE;QACrE,wEAAwE;QACxE,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAEnD,iEAAiE;QACjE,sEAAsE;QACtE,iEAAiE;QACjE,mEAAmE;QACnE,iEAAiE;QACjE,wDAAwD;QACxD,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACpC,MAAM,GAAG,GAAG,CAA8C,CAAC;gBAC3D,OAAO;oBACL,EAAE,EAAE,GAAG,CAAC,EAAE;oBACV,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,SAAS,EAAE,GAAG,CAAC,SAAS;oBACxB,UAAU,EAAE,GAAG,CAAC,UAAU;oBAC1B,WAAW,EAAE,GAAG,CAAC,WAAW,KAAK,IAAI;oBACrC,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,SAAS;gBACnB,KAAK;aACN,CAAC,CAAC;QACL,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,SAAS;YACnB,KAAK;SACN,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF;;;;;;;OAOG;IACH,0EAA0E;IAC1E,sEAAsE;IACtE,yEAAyE;IACzE,MAAM,2BAA2B,GAAG,CAAC,CAAC,MAAM,CAAC;QAC3C,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAClC,CAAC,CAAC;IAEH,QAAQ,CAAC,KAAK,CACZ,iCAAiC,EACjC,IAAI,EACJ,UAAU,CAAC,MAAM,EAAE,2BAA2B,EAAE,cAAc,CAAC,EAC/D,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAErD,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC3D,IAAI,GAAG,EAAE,CAAC;gBACR,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC;gBACxB,IAAI,UAAU,KAAK,SAAS;oBAAE,GAAG,CAAC,UAAU,GAAG,UAAU,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC"}
@@ -2,7 +2,7 @@ import { Hono } from "hono";
2
2
  import { zValidator } from "@hono/zod-validator";
3
3
  import { BridgeError, ErrorCode, PollQuerySchema, } from "@essentialai/cogent";
4
4
  import { createAuthMiddleware } from "../middleware/auth.js";
5
- import { validationHook } from "./validation-hook.js";
5
+ import { validationHook, honoSchema } from "./validation-hook.js";
6
6
  /**
7
7
  * Create poll routes sub-router.
8
8
  *
@@ -30,7 +30,7 @@ export function createPollRoutes(sessionStore, authService) {
30
30
  * Peer events are filtered by timestamp (after the lastMessageId's timestamp).
31
31
  * Limited to the last 100 events to prevent unbounded growth.
32
32
  */
33
- poll.get("/:sessionId/poll", auth, zValidator("query", PollQuerySchema, validationHook), async (c) => {
33
+ poll.get("/:sessionId/poll", auth, zValidator("query", honoSchema(PollQuerySchema), validationHook), async (c) => {
34
34
  const authSessionId = c.get("sessionId");
35
35
  const pathSessionId = c.req.param("sessionId");
36
36
  // Verify path param matches authenticated session
@@ -1 +1 @@
1
- {"version":3,"file":"poll.js","sourceRoot":"","sources":["../../src/routes/poll.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EACL,WAAW,EACX,SAAS,EACT,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAK7B,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAC9B,YAA0B,EAC1B,WAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,IAAI,EAAa,CAAC;IAEnC,yEAAyE;IACzE,2EAA2E;IAC3E,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAE7D;;;;;;;;;;;;OAYG;IACH,IAAI,CAAC,GAAG,CACN,kBAAkB,EAClB,IAAI,EACJ,UAAU,CAAC,OAAO,EAAE,eAAe,EAAE,cAAc,CAAC,EACpD,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEvD,4EAA4E;QAC5E,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,yCAAyC;QACzC,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,iBAAiB,EAC3B,WAAW,aAAa,YAAY,CACrC,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,WAA4B,CAAC;QACjC,IAAI,kBAAkB,GAAkB,IAAI,CAAC;QAE7C,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,CACpC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,aAAa,CAClC,CAAC;YACF,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;gBACf,kDAAkD;gBAClD,kBAAkB,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC;gBACrD,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;YAChD,CAAC;iBAAM,CAAC;gBACN,mEAAmE;gBACnE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;YACjC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,CAAC;QAED,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CACzC,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,QAAQ,KAAK,MAAM;YACvB,GAAG,CAAC,QAAQ,KAAK,GAAG;YACpB,GAAG,CAAC,UAAU,KAAK,MAAM,CAC5B,CAAC;QAEF,iDAAiD;QACjD,IAAI,MAAmB,CAAC;QACxB,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,CAAC;YACvD,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAChC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,OAAO,CACrD,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;QAC9B,CAAC;QAED,uDAAuD;QACvD,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACxB,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;QAC9B,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,gBAAgB;YAC1B,MAAM;SACP,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC"}
1
+ {"version":3,"file":"poll.js","sourceRoot":"","sources":["../../src/routes/poll.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EACL,WAAW,EACX,SAAS,EACT,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAK7B,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAElE;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAC9B,YAA0B,EAC1B,WAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,IAAI,EAAa,CAAC;IAEnC,yEAAyE;IACzE,2EAA2E;IAC3E,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAE7D;;;;;;;;;;;;OAYG;IACH,IAAI,CAAC,GAAG,CACN,kBAAkB,EAClB,IAAI,EACJ,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,eAAe,CAAC,EAAE,cAAc,CAAC,EAChE,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAE/C,kDAAkD;QAClD,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,kBAAkB,EAC5B,uCAAuC,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEvD,4EAA4E;QAC5E,MAAM,YAAY,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YACxD,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QAEH,yCAAyC;QACzC,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,WAAW,CACnB,SAAS,CAAC,iBAAiB,EAC3B,WAAW,aAAa,YAAY,CACrC,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,WAA4B,CAAC;QACjC,IAAI,kBAAkB,GAAkB,IAAI,CAAC;QAE7C,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,CACpC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,aAAa,CAClC,CAAC;YACF,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;gBACf,kDAAkD;gBAClD,kBAAkB,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC;gBACrD,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;YAChD,CAAC;iBAAM,CAAC;gBACN,mEAAmE;gBACnE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;YACjC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,CAAC;QAED,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CACzC,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,QAAQ,KAAK,MAAM;YACvB,GAAG,CAAC,QAAQ,KAAK,GAAG;YACpB,GAAG,CAAC,UAAU,KAAK,MAAM,CAC5B,CAAC;QAEF,iDAAiD;QACjD,IAAI,MAAmB,CAAC;QACxB,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,CAAC;YACvD,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAChC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,OAAO,CACrD,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;QAC9B,CAAC;QAED,uDAAuD;QACvD,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACxB,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;QAC9B,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,gBAAgB;YAC1B,MAAM;SACP,CAAC,CAAC;IACL,CAAC,CACF,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC"}
@@ -1,7 +1,23 @@
1
1
  import { Hono } from "hono";
2
2
  import type { SessionStore } from "../services/session-store.js";
3
3
  import type { AuthService } from "../services/auth-service.js";
4
+ import { JoinRateLimiter } from "../services/join-rate-limiter.js";
4
5
  import type { ServerEnv } from "../types.js";
6
+ /**
7
+ * Best-effort client IP for the rate limiter's per-source tier.
8
+ *
9
+ * Prefer `X-Real-IP` (our edge proxy OVERWRITES it with the real peer) and the
10
+ * RIGHTMOST `X-Forwarded-For` entry (the hop our proxy appends) — never the
11
+ * leftmost XFF value, which is attacker-supplied. This is only the UX tier;
12
+ * the spoof-proof guarantee comes from the limiter's channel tier (keyed on the
13
+ * non-spoofable sessionId), so a forged header at worst evades per-IP
14
+ * granularity, not the lockout itself.
15
+ */
16
+ export declare function clientIp(c: {
17
+ req: {
18
+ header: (name: string) => string | undefined;
19
+ };
20
+ }): string;
5
21
  /**
6
22
  * Create session routes sub-router.
7
23
  *
@@ -9,6 +25,11 @@ import type { ServerEnv } from "../types.js";
9
25
  * POST /:sessionId/join -> Join an existing session
10
26
  *
11
27
  * Both endpoints are unauthenticated (they issue tokens, not consume them).
28
+ *
29
+ * @param multiTenant When true, Org_ID (the 3rd join credential) is enforced
30
+ * for channels created with one. When false (free relay),
31
+ * Org_ID is ignored entirely and behavior is unchanged.
32
+ * @param rateLimiter Throttles repeated failed joins (brute-force lockout).
12
33
  */
13
- export declare function createSessionRoutes(sessionStore: SessionStore, authService: AuthService): Hono<ServerEnv>;
34
+ export declare function createSessionRoutes(sessionStore: SessionStore, authService: AuthService, multiTenant: boolean, rateLimiter: JoinRateLimiter): Hono<ServerEnv>;
14
35
  //# sourceMappingURL=sessions.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/routes/sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAW5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,EAAc,SAAS,EAAE,MAAM,aAAa,CAAC;AAGzD;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,GACvB,IAAI,CAAC,SAAS,CAAC,CA0JjB"}
1
+ {"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/routes/sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAW5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,KAAK,EAAc,SAAS,EAAE,MAAM,aAAa,CAAC;AAIzD;;;;;;;;;GASG;AACH,wBAAgB,QAAQ,CAAC,CAAC,EAAE;IAAE,GAAG,EAAE;QAAE,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAA;KAAE,CAAA;CAAE,GAAG,MAAM,CAS7F;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,WAAW,EACxB,WAAW,EAAE,OAAO,EACpB,WAAW,EAAE,eAAe,GAC3B,IAAI,CAAC,SAAS,CAAC,CAwNjB"}