@forinda/kickjs-http 0.3.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Felix Orinda
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/application.d.ts

@@ -0,0 +1,89 @@
+import http from 'node:http';
+import { RequestHandler, Express } from 'express';
+import { AppModuleClass, AppAdapter } from '@forinda/kickjs-core';
+
+/**
+ * A middleware entry in the declarative pipeline.
+ * Can be a bare handler or an object with path scoping.
+ */
+type MiddlewareEntry = RequestHandler | {
+    path: string;
+    handler: RequestHandler;
+};
+interface ApplicationOptions {
+    /** Feature modules to load */
+    modules: AppModuleClass[];
+    /** Adapters that hook into the lifecycle (DB, Redis, Swagger, etc.) */
+    adapters?: AppAdapter[];
+    /** Server port (falls back to PORT env var, then 3000) */
+    port?: number;
+    /** Global API prefix (default: '/api') */
+    apiPrefix?: string;
+    /** Default API version (default: 1) — routes become /{prefix}/v{version}/{path} */
+    defaultVersion?: number;
+    /**
+     * Global middleware pipeline. Declared in order.
+     * Replaces the hardcoded middleware stack — you control exactly what runs.
+     *
+     * @example
+     * ```ts
+     * bootstrap({
+     *   modules,
+     *   middleware: [
+     *     helmet(),
+     *     cors(),
+     *     compression(),
+     *     morgan('dev'),
+     *     express.json({ limit: '1mb' }),
+     *   ],
+     * })
+     * ```
+     *
+     * If omitted, a sensible default is applied:
+     *   requestId(), express.json({ limit: '100kb' })
+     */
+    middleware?: MiddlewareEntry[];
+    /** Express `trust proxy` setting */
+    trustProxy?: boolean | number | string | ((ip: string, hopIndex: number) => boolean);
+    /** Maximum JSON body size (only used when middleware is not provided) */
+    jsonLimit?: string | number;
+}
+/**
+ * The main application class. Wires together Express, the DI container,
+ * feature modules, adapters, and the middleware pipeline.
+ */
+declare class Application {
+    private readonly options;
+    private app;
+    private container;
+    private httpServer;
+    private adapters;
+    constructor(options: ApplicationOptions);
+    /**
+     * Full setup pipeline:
+     * 1. Adapter beforeMount hooks (early routes — docs, health)
+     * 2. Adapter middleware (phase: beforeGlobal)
+     * 3. Global middleware (user-declared or defaults)
+     * 4. Adapter middleware (phase: afterGlobal)
+     * 5. Module registration + DI bootstrap
+     * 6. Adapter middleware (phase: beforeRoutes)
+     * 7. Module route mounting
+     * 8. Adapter middleware (phase: afterRoutes)
+     * 9. Error handlers (notFound + global)
+     * 10. Adapter beforeStart hooks
+     */
+    setup(): void;
+    /** Start the HTTP server, retrying up to 3 times on port conflict */
+    start(): void;
+    /** HMR rebuild: swap Express handler without restarting the server */
+    rebuild(): void;
+    /** Graceful shutdown — runs all adapter shutdowns in parallel, resilient to failures */
+    shutdown(): Promise<void>;
+    getExpressApp(): Express;
+    getHttpServer(): http.Server | null;
+    private collectAdapterMiddleware;
+    private mountMiddlewareList;
+    private mountMiddlewareEntry;
+}
+
+export { Application, type ApplicationOptions, type MiddlewareEntry };

package/dist/application.js

@@ -0,0 +1,10 @@
+import {
+  Application
+} from "./chunk-P3YCN5LK.js";
+import "./chunk-BNWCVQQH.js";
+import "./chunk-ZI52TGQ4.js";
+import "./chunk-7QVYU63E.js";
+export {
+  Application
+};
+//# sourceMappingURL=application.js.map

package/dist/application.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/bootstrap.d.ts

@@ -0,0 +1,27 @@
+import { ApplicationOptions } from './application.js';
+import 'node:http';
+import 'express';
+import '@forinda/kickjs-core';
+
+/**
+ * Bootstrap a KickJS application with zero boilerplate.
+ *
+ * Handles:
+ * - Vite HMR (hot-swaps Express handler without restarting the server)
+ * - Graceful shutdown on SIGINT / SIGTERM
+ * - Global uncaughtException / unhandledRejection handlers
+ * - globalThis app storage for HMR rebuild
+ *
+ * @example
+ * ```ts
+ * // src/index.ts — that's it, the whole file
+ * import 'reflect-metadata'
+ * import { bootstrap } from '@forinda/kickjs-http'
+ * import { modules } from './modules'
+ *
+ * bootstrap({ modules })
+ * ```
+ */
+declare function bootstrap(options: ApplicationOptions): void;
+
+export { bootstrap };

package/dist/bootstrap.js

@@ -0,0 +1,11 @@
+import {
+  bootstrap
+} from "./chunk-KAWXFLFS.js";
+import "./chunk-P3YCN5LK.js";
+import "./chunk-BNWCVQQH.js";
+import "./chunk-ZI52TGQ4.js";
+import "./chunk-7QVYU63E.js";
+export {
+  bootstrap
+};
+//# sourceMappingURL=bootstrap.js.map

package/dist/bootstrap.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/chunk-75Z5FSZN.js

@@ -0,0 +1,88 @@
+import {
+  __name
+} from "./chunk-7QVYU63E.js";
+
+// src/middleware/upload.ts
+import { unlink } from "fs/promises";
+import multer from "multer";
+function single(fieldName, options = {}) {
+  const m = createMulter(options);
+  return m.single(fieldName);
+}
+__name(single, "single");
+function array(fieldName, maxCount = 10, options = {}) {
+  const m = createMulter(options);
+  return m.array(fieldName, maxCount);
+}
+__name(array, "array");
+function none(options = {}) {
+  const m = createMulter(options);
+  return m.none();
+}
+__name(none, "none");
+function createMulter(options) {
+  const limits = {
+    fileSize: options.maxSize ?? 5 * 1024 * 1024
+  };
+  const fileFilter = options.allowedTypes ? (_req, file, cb) => {
+    const allowed = options.allowedTypes.some((type) => {
+      if (type.endsWith("/*")) {
+        return file.mimetype.startsWith(type.replace("/*", "/"));
+      }
+      return file.mimetype === type;
+    });
+    if (allowed) {
+      cb(null, true);
+    } else {
+      cb(new Error(`File type ${file.mimetype} is not allowed`));
+    }
+  } : void 0;
+  const multerOptions = {
+    limits,
+    ...fileFilter ? {
+      fileFilter
+    } : {},
+    ...options.storage ? {
+      storage: options.storage
+    } : {},
+    ...options.dest ? {
+      dest: options.dest
+    } : {}
+  };
+  return multer(multerOptions);
+}
+__name(createMulter, "createMulter");
+function cleanupFiles() {
+  return (req, res, next) => {
+    res.on("finish", async () => {
+      const files = [];
+      if (req.file?.path) {
+        files.push(req.file);
+      }
+      if (Array.isArray(req.files)) {
+        for (const f of req.files) {
+          if (f?.path) files.push(f);
+        }
+      }
+      for (const file of files) {
+        try {
+          await unlink(file.path);
+        } catch {
+        }
+      }
+    });
+    next();
+  };
+}
+__name(cleanupFiles, "cleanupFiles");
+var upload = {
+  single,
+  array,
+  none
+};
+
+export {
+  cleanupFiles,
+  upload
+};
+//# sourceMappingURL=chunk-75Z5FSZN.js.map

package/dist/chunk-75Z5FSZN.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/middleware/upload.ts"],"sourcesContent":["import { unlink } from 'node:fs/promises'\nimport type { Request, Response, NextFunction, RequestHandler } from 'express'\nimport multer, { type Options as MulterOptions } from 'multer'\n\nexport interface UploadOptions {\n  /** Max file size in bytes (default: 5MB) */\n  maxSize?: number\n  /** Allowed MIME types (default: all) */\n  allowedTypes?: string[]\n  /** Multer storage config (default: memory storage) */\n  storage?: MulterOptions['storage']\n  /** Multer dest for disk storage shorthand */\n  dest?: string\n}\n\n/**\n * Single file upload middleware. Attaches the file to `req.file`.\n *\n * @example\n * ```ts\n * @Post('/avatar')\n * @Middleware(upload.single('avatar', { maxSize: 2 * 1024 * 1024, allowedTypes: ['image/*'] }))\n * async uploadAvatar(ctx: RequestContext) {\n *   ctx.json({ filename: ctx.file.originalname })\n * }\n * ```\n */\nfunction single(fieldName: string, options: UploadOptions = {}): RequestHandler {\n  const m = createMulter(options)\n  return m.single(fieldName) as RequestHandler\n}\n\n/**\n * Multiple file upload middleware. Attaches files to `req.files`.\n */\nfunction array(fieldName: string, maxCount = 10, options: UploadOptions = {}): RequestHandler {\n  const m = createMulter(options)\n  return m.array(fieldName, maxCount) as RequestHandler\n}\n\n/**\n * No file upload — just parse multipart form data without file fields.\n */\nfunction none(options: UploadOptions = {}): RequestHandler {\n  const m = createMulter(options)\n  return m.none() as RequestHandler\n}\n\nfunction createMulter(options: UploadOptions) {\n  const limits: MulterOptions['limits'] = {\n    fileSize: options.maxSize ?? 5 * 1024 * 1024,\n  }\n\n  const fileFilter: MulterOptions['fileFilter'] = options.allowedTypes\n    ? (_req, file, cb) => {\n        const allowed = options.allowedTypes!.some((type) => {\n          if (type.endsWith('/*')) {\n            return file.mimetype.startsWith(type.replace('/*', '/'))\n          }\n          return file.mimetype === type\n        })\n        if (allowed) {\n          cb(null, true)\n        } else {\n          cb(new Error(`File type ${file.mimetype} is not allowed`))\n        }\n      }\n    : undefined\n\n  const multerOptions: MulterOptions = {\n    limits,\n    ...(fileFilter ? { fileFilter } : {}),\n    ...(options.storage ? { storage: options.storage } : {}),\n    ...(options.dest ? { dest: options.dest } : {}),\n  }\n\n  return multer(multerOptions)\n}\n\n/**\n * Middleware that automatically cleans up uploaded files after the response\n * is sent. Attach this AFTER your upload middleware.\n *\n * Only cleans up disk-stored files (files with a `path` property).\n *\n * @example\n * ```ts\n * middleware: [\n *   upload.single('file', { dest: '/tmp/uploads' }),\n *   cleanupFiles(),\n * ]\n * ```\n */\nexport function cleanupFiles() {\n  return (req: Request, res: Response, next: NextFunction) => {\n    res.on('finish', async () => {\n      const files: any[] = []\n\n      if ((req as any).file?.path) {\n        files.push((req as any).file)\n      }\n      if (Array.isArray((req as any).files)) {\n        for (const f of (req as any).files) {\n          if (f?.path) files.push(f)\n        }\n      }\n\n      for (const file of files) {\n        try {\n          await unlink(file.path)\n        } catch {\n          // File may already be moved/deleted by the handler — ignore\n        }\n      }\n    })\n\n    next()\n  }\n}\n\n/** Upload middleware factory with `.single()`, `.array()`, `.none()` methods */\nexport const upload = { single, array, none }\n"],"mappings":";;;;;AAAA,SAASA,cAAc;AAEvB,OAAOC,YAA+C;AAyBtD,SAASC,OAAOC,WAAmBC,UAAyB,CAAC,GAAC;AAC5D,QAAMC,IAAIC,aAAaF,OAAAA;AACvB,SAAOC,EAAEH,OAAOC,SAAAA;AAClB;AAHSD;AAQT,SAASK,MAAMJ,WAAmBK,WAAW,IAAIJ,UAAyB,CAAC,GAAC;AAC1E,QAAMC,IAAIC,aAAaF,OAAAA;AACvB,SAAOC,EAAEE,MAAMJ,WAAWK,QAAAA;AAC5B;AAHSD;AAQT,SAASE,KAAKL,UAAyB,CAAC,GAAC;AACvC,QAAMC,IAAIC,aAAaF,OAAAA;AACvB,SAAOC,EAAEI,KAAI;AACf;AAHSA;AAKT,SAASH,aAAaF,SAAsB;AAC1C,QAAMM,SAAkC;IACtCC,UAAUP,QAAQQ,WAAW,IAAI,OAAO;EAC1C;AAEA,QAAMC,aAA0CT,QAAQU,eACpD,CAACC,MAAMC,MAAMC,OAAAA;AACX,UAAMC,UAAUd,QAAQU,aAAcK,KAAK,CAACC,SAAAA;AAC1C,UAAIA,KAAKC,SAAS,IAAA,GAAO;AACvB,eAAOL,KAAKM,SAASC,WAAWH,KAAKI,QAAQ,MAAM,GAAA,CAAA;MACrD;AACA,aAAOR,KAAKM,aAAaF;IAC3B,CAAA;AACA,QAAIF,SAAS;AACXD,SAAG,MAAM,IAAA;IACX,OAAO;AACLA,SAAG,IAAIQ,MAAM,aAAaT,KAAKM,QAAQ,iBAAiB,CAAA;IAC1D;EACF,IACAI;AAEJ,QAAMC,gBAA+B;IACnCjB;IACA,GAAIG,aAAa;MAAEA;IAAW,IAAI,CAAC;IACnC,GAAIT,QAAQwB,UAAU;MAAEA,SAASxB,QAAQwB;IAAQ,IAAI,CAAC;IACtD,GAAIxB,QAAQyB,OAAO;MAAEA,MAAMzB,QAAQyB;IAAK,IAAI,CAAC;EAC/C;AAEA,SAAOC,OAAOH,aAAAA;AAChB;AA7BSrB;AA6CF,SAASyB,eAAAA;AACd,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnCD,QAAIE,GAAG,UAAU,YAAA;AACf,YAAMC,QAAe,CAAA;AAErB,UAAKJ,IAAYhB,MAAMqB,MAAM;AAC3BD,cAAME,KAAMN,IAAYhB,IAAI;MAC9B;AACA,UAAIuB,MAAMC,QAASR,IAAYI,KAAK,GAAG;AACrC,mBAAWK,KAAMT,IAAYI,OAAO;AAClC,cAAIK,GAAGJ,KAAMD,OAAME,KAAKG,CAAAA;QAC1B;MACF;AAEA,iBAAWzB,QAAQoB,OAAO;AACxB,YAAI;AACF,gBAAMM,OAAO1B,KAAKqB,IAAI;QACxB,QAAQ;QAER;MACF;IACF,CAAA;AAEAH,SAAAA;EACF;AACF;AAzBgBH;AA4BT,IAAMY,SAAS;EAAEzC;EAAQK;EAAOE;AAAK;","names":["unlink","multer","single","fieldName","options","m","createMulter","array","maxCount","none","limits","fileSize","maxSize","fileFilter","allowedTypes","_req","file","cb","allowed","some","type","endsWith","mimetype","startsWith","replace","Error","undefined","multerOptions","storage","dest","multer","cleanupFiles","req","res","next","on","files","path","push","Array","isArray","f","unlink","upload"]}

package/dist/chunk-7QVYU63E.js

@@ -0,0 +1,7 @@
+var __defProp = Object.defineProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+
+export {
+  __name
+};
+//# sourceMappingURL=chunk-7QVYU63E.js.map

package/dist/chunk-7QVYU63E.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/chunk-BNWCVQQH.js

@@ -0,0 +1,54 @@
+import {
+  __name
+} from "./chunk-7QVYU63E.js";
+
+// src/middleware/error-handler.ts
+import { HttpException, createLogger } from "@forinda/kickjs-core";
+var log = createLogger("ErrorHandler");
+function notFoundHandler() {
+  return (_req, res, _next) => {
+    res.status(404).json({
+      message: "Not Found"
+    });
+  };
+}
+__name(notFoundHandler, "notFoundHandler");
+function errorHandler() {
+  return (err, req, res, _next) => {
+    if (res.headersSent) {
+      log.warn(`Error after headers sent: ${err?.message || "Unknown"}`);
+      return;
+    }
+    if (err?.name === "ZodError") {
+      const firstIssue = err.issues?.[0];
+      return res.status(422).json({
+        message: firstIssue?.message || "Validation failed",
+        errors: err.issues
+      });
+    }
+    if (err instanceof HttpException) {
+      if (err.status >= 500) {
+        log.error(err, err.message);
+      }
+      return res.status(err.status).json({
+        message: err.message,
+        ...err.details ? {
+          errors: err.details
+        } : {}
+      });
+    }
+    const status = err.status || err.statusCode || 500;
+    log.error(err, `${req.method} ${req.originalUrl} \u2014 ${err.message || "Unhandled error"}`);
+    const message = status === 500 ? "Internal Server Error" : err.message || "Error";
+    res.status(status).json({
+      message
+    });
+  };
+}
+__name(errorHandler, "errorHandler");
+
+export {
+  notFoundHandler,
+  errorHandler
+};
+//# sourceMappingURL=chunk-BNWCVQQH.js.map

package/dist/chunk-BNWCVQQH.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/middleware/error-handler.ts"],"sourcesContent":["import type { Request, Response, NextFunction } from 'express'\nimport { HttpException, createLogger } from '@forinda/kickjs-core'\n\nconst log = createLogger('ErrorHandler')\n\n/** Catch-all for unmatched routes */\nexport function notFoundHandler() {\n  return (_req: Request, res: Response, _next: NextFunction) => {\n    res.status(404).json({ message: 'Not Found' })\n  }\n}\n\n/** Global error handler */\nexport function errorHandler() {\n  return (err: any, req: Request, res: Response, _next: NextFunction) => {\n    // Don't write after headers are already sent\n    if (res.headersSent) {\n      log.warn(`Error after headers sent: ${err?.message || 'Unknown'}`)\n      return\n    }\n\n    // Zod validation errors\n    if (err?.name === 'ZodError') {\n      const firstIssue = err.issues?.[0]\n      return res.status(422).json({\n        message: firstIssue?.message || 'Validation failed',\n        errors: err.issues,\n      })\n    }\n\n    // HttpException (expected application errors)\n    if (err instanceof HttpException) {\n      if (err.status >= 500) {\n        log.error(err, err.message)\n      }\n      return res.status(err.status).json({\n        message: err.message,\n        ...(err.details ? { errors: err.details } : {}),\n      })\n    }\n\n    // Unexpected errors — always log\n    const status = err.status || err.statusCode || 500\n    log.error(err, `${req.method} ${req.originalUrl} — ${err.message || 'Unhandled error'}`)\n    const message = status === 500 ? 'Internal Server Error' : err.message || 'Error'\n    res.status(status).json({ message })\n  }\n}\n"],"mappings":";;;;;AACA,SAASA,eAAeC,oBAAoB;AAE5C,IAAMC,MAAMC,aAAa,cAAA;AAGlB,SAASC,kBAAAA;AACd,SAAO,CAACC,MAAeC,KAAeC,UAAAA;AACpCD,QAAIE,OAAO,GAAA,EAAKC,KAAK;MAAEC,SAAS;IAAY,CAAA;EAC9C;AACF;AAJgBN;AAOT,SAASO,eAAAA;AACd,SAAO,CAACC,KAAUC,KAAcP,KAAeC,UAAAA;AAE7C,QAAID,IAAIQ,aAAa;AACnBZ,UAAIa,KAAK,6BAA6BH,KAAKF,WAAW,SAAA,EAAW;AACjE;IACF;AAGA,QAAIE,KAAKI,SAAS,YAAY;AAC5B,YAAMC,aAAaL,IAAIM,SAAS,CAAA;AAChC,aAAOZ,IAAIE,OAAO,GAAA,EAAKC,KAAK;QAC1BC,SAASO,YAAYP,WAAW;QAChCS,QAAQP,IAAIM;MACd,CAAA;IACF;AAGA,QAAIN,eAAeQ,eAAe;AAChC,UAAIR,IAAIJ,UAAU,KAAK;AACrBN,YAAImB,MAAMT,KAAKA,IAAIF,OAAO;MAC5B;AACA,aAAOJ,IAAIE,OAAOI,IAAIJ,MAAM,EAAEC,KAAK;QACjCC,SAASE,IAAIF;QACb,GAAIE,IAAIU,UAAU;UAAEH,QAAQP,IAAIU;QAAQ,IAAI,CAAC;MAC/C,CAAA;IACF;AAGA,UAAMd,SAASI,IAAIJ,UAAUI,IAAIW,cAAc;AAC/CrB,QAAImB,MAAMT,KAAK,GAAGC,IAAIW,MAAM,IAAIX,IAAIY,WAAW,WAAMb,IAAIF,WAAW,iBAAA,EAAmB;AACvF,UAAMA,UAAUF,WAAW,MAAM,0BAA0BI,IAAIF,WAAW;AAC1EJ,QAAIE,OAAOA,MAAAA,EAAQC,KAAK;MAAEC;IAAQ,CAAA;EACpC;AACF;AAlCgBC;","names":["HttpException","createLogger","log","createLogger","notFoundHandler","_req","res","_next","status","json","message","errorHandler","err","req","headersSent","warn","name","firstIssue","issues","errors","HttpException","error","details","statusCode","method","originalUrl"]}

package/dist/chunk-I6UNTOQD.js

@@ -0,0 +1,52 @@
+import {
+  __name
+} from "./chunk-7QVYU63E.js";
+
+// src/middleware/csrf.ts
+import { randomBytes } from "crypto";
+function csrf(options = {}) {
+  const cookieName = options.cookie ?? "_csrf";
+  const headerName = options.header ?? "x-csrf-token";
+  const protectedMethods = new Set((options.methods ?? [
+    "POST",
+    "PUT",
+    "PATCH",
+    "DELETE"
+  ]).map((m) => m.toUpperCase()));
+  const ignorePaths = new Set(options.ignorePaths ?? []);
+  const tokenLength = options.tokenLength ?? 32;
+  const cookieOpts = {
+    httpOnly: true,
+    sameSite: "strict",
+    secure: process.env.NODE_ENV === "production",
+    path: "/",
+    ...options.cookieOptions
+  };
+  return (req, res, next) => {
+    const cookies = req.cookies || {};
+    let token = cookies[cookieName];
+    if (!token) {
+      token = randomBytes(tokenLength).toString("hex");
+      res.cookie(cookieName, token, cookieOpts);
+    }
+    if (!protectedMethods.has(req.method.toUpperCase())) {
+      return next();
+    }
+    if (ignorePaths.has(req.path)) {
+      return next();
+    }
+    const headerToken = req.headers[headerName];
+    if (!headerToken || headerToken !== token) {
+      return res.status(403).json({
+        message: "CSRF token mismatch"
+      });
+    }
+    next();
+  };
+}
+__name(csrf, "csrf");
+
+export {
+  csrf
+};
+//# sourceMappingURL=chunk-I6UNTOQD.js.map

package/dist/chunk-I6UNTOQD.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/middleware/csrf.ts"],"sourcesContent":["import { randomBytes } from 'node:crypto'\nimport type { Request, Response, NextFunction } from 'express'\n\nexport interface CsrfOptions {\n  /** Cookie name for the CSRF token (default: '_csrf') */\n  cookie?: string\n  /** Header name to check for the token (default: 'x-csrf-token') */\n  header?: string\n  /** HTTP methods that require CSRF validation (default: POST, PUT, PATCH, DELETE) */\n  methods?: string[]\n  /** Paths to exclude from CSRF checks (e.g. webhooks) */\n  ignorePaths?: string[]\n  /** Token byte length before hex encoding (default: 32 = 64 hex chars) */\n  tokenLength?: number\n  /** Cookie options */\n  cookieOptions?: {\n    httpOnly?: boolean\n    sameSite?: 'strict' | 'lax' | 'none'\n    secure?: boolean\n    path?: string\n  }\n}\n\n/**\n * Double-submit cookie CSRF protection middleware.\n *\n * On every request, sets a CSRF token cookie. For state-changing methods\n * (POST, PUT, PATCH, DELETE), validates that the request header matches\n * the cookie value.\n *\n * @example\n * ```ts\n * import { csrf } from '@forinda/kickjs-http'\n *\n * bootstrap({\n *   modules,\n *   middleware: [\n *     cookieParser(),\n *     csrf(),\n *     // ... other middleware\n *   ],\n * })\n * ```\n *\n * Client usage:\n * 1. Read the `_csrf` cookie value\n * 2. Send it in the `x-csrf-token` header on every mutating request\n */\nexport function csrf(options: CsrfOptions = {}) {\n  const cookieName = options.cookie ?? '_csrf'\n  const headerName = options.header ?? 'x-csrf-token'\n  const protectedMethods = new Set(\n    (options.methods ?? ['POST', 'PUT', 'PATCH', 'DELETE']).map((m) => m.toUpperCase()),\n  )\n  const ignorePaths = new Set(options.ignorePaths ?? [])\n  const tokenLength = options.tokenLength ?? 32\n  const cookieOpts = {\n    httpOnly: true,\n    sameSite: 'strict' as const,\n    secure: process.env.NODE_ENV === 'production',\n    path: '/',\n    ...options.cookieOptions,\n  }\n\n  return (req: Request, res: Response, next: NextFunction) => {\n    // Generate or reuse CSRF token\n    const cookies = (req as any).cookies || {}\n    let token = cookies[cookieName]\n\n    if (!token) {\n      token = randomBytes(tokenLength).toString('hex')\n      res.cookie(cookieName, token, cookieOpts)\n    }\n\n    // Skip validation for safe methods and ignored paths\n    if (!protectedMethods.has(req.method.toUpperCase())) {\n      return next()\n    }\n\n    if (ignorePaths.has(req.path)) {\n      return next()\n    }\n\n    // Validate: header token must match cookie token\n    const headerToken = req.headers[headerName] as string | undefined\n\n    if (!headerToken || headerToken !== token) {\n      return res.status(403).json({\n        message: 'CSRF token mismatch',\n      })\n    }\n\n    next()\n  }\n}\n"],"mappings":";;;;;AAAA,SAASA,mBAAmB;AAgDrB,SAASC,KAAKC,UAAuB,CAAC,GAAC;AAC5C,QAAMC,aAAaD,QAAQE,UAAU;AACrC,QAAMC,aAAaH,QAAQI,UAAU;AACrC,QAAMC,mBAAmB,IAAIC,KAC1BN,QAAQO,WAAW;IAAC;IAAQ;IAAO;IAAS;KAAWC,IAAI,CAACC,MAAMA,EAAEC,YAAW,CAAA,CAAA;AAElF,QAAMC,cAAc,IAAIL,IAAIN,QAAQW,eAAe,CAAA,CAAE;AACrD,QAAMC,cAAcZ,QAAQY,eAAe;AAC3C,QAAMC,aAAa;IACjBC,UAAU;IACVC,UAAU;IACVC,QAAQC,QAAQC,IAAIC,aAAa;IACjCC,MAAM;IACN,GAAGpB,QAAQqB;EACb;AAEA,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AAEnC,UAAMC,UAAWH,IAAYG,WAAW,CAAC;AACzC,QAAIC,QAAQD,QAAQxB,UAAAA;AAEpB,QAAI,CAACyB,OAAO;AACVA,cAAQC,YAAYf,WAAAA,EAAagB,SAAS,KAAA;AAC1CL,UAAIrB,OAAOD,YAAYyB,OAAOb,UAAAA;IAChC;AAGA,QAAI,CAACR,iBAAiBwB,IAAIP,IAAIQ,OAAOpB,YAAW,CAAA,GAAK;AACnD,aAAOc,KAAAA;IACT;AAEA,QAAIb,YAAYkB,IAAIP,IAAIF,IAAI,GAAG;AAC7B,aAAOI,KAAAA;IACT;AAGA,UAAMO,cAAcT,IAAIU,QAAQ7B,UAAAA;AAEhC,QAAI,CAAC4B,eAAeA,gBAAgBL,OAAO;AACzC,aAAOH,IAAIU,OAAO,GAAA,EAAKC,KAAK;QAC1BC,SAAS;MACX,CAAA;IACF;AAEAX,SAAAA;EACF;AACF;AA9CgBzB;","names":["randomBytes","csrf","options","cookieName","cookie","headerName","header","protectedMethods","Set","methods","map","m","toUpperCase","ignorePaths","tokenLength","cookieOpts","httpOnly","sameSite","secure","process","env","NODE_ENV","path","cookieOptions","req","res","next","cookies","token","randomBytes","toString","has","method","headerToken","headers","status","json","message"]}

package/dist/chunk-JD2RKDKH.js

@@ -0,0 +1,61 @@
+import {
+  __name
+} from "./chunk-7QVYU63E.js";
+
+// src/middleware/validate.ts
+function validate(schema) {
+  return (req, res, next) => {
+    try {
+      if (schema.body) {
+        const result = schema.body.safeParse(req.body);
+        if (!result.success) {
+          return res.status(422).json({
+            message: result.error.issues[0]?.message || "Validation failed",
+            errors: result.error.issues.map((i) => ({
+              field: i.path.join("."),
+              message: i.message
+            }))
+          });
+        }
+        req.body = result.data;
+      }
+      if (schema.query) {
+        const result = schema.query.safeParse(req.query);
+        if (!result.success) {
+          return res.status(422).json({
+            message: "Invalid query parameters",
+            errors: result.error.issues.map((i) => ({
+              field: i.path.join("."),
+              message: i.message
+            }))
+          });
+        }
+        ;
+        req.query = result.data;
+      }
+      if (schema.params) {
+        const result = schema.params.safeParse(req.params);
+        if (!result.success) {
+          return res.status(422).json({
+            message: "Invalid path parameters",
+            errors: result.error.issues.map((i) => ({
+              field: i.path.join("."),
+              message: i.message
+            }))
+          });
+        }
+        ;
+        req.params = result.data;
+      }
+      next();
+    } catch (err) {
+      next(err);
+    }
+  };
+}
+__name(validate, "validate");
+
+export {
+  validate
+};
+//# sourceMappingURL=chunk-JD2RKDKH.js.map

package/dist/chunk-JD2RKDKH.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/middleware/validate.ts"],"sourcesContent":["import type { Request, Response, NextFunction } from 'express'\n\nexport interface ValidationSchema {\n  body?: any\n  query?: any\n  params?: any\n}\n\n/**\n * Express middleware that validates request body/query/params against schemas.\n * Works with any validation library that exposes `.safeParse(data)` returning\n * `{ success: true, data }` or `{ success: false, error: { issues } }`.\n */\nexport function validate(schema: ValidationSchema) {\n  return (req: Request, res: Response, next: NextFunction) => {\n    try {\n      if (schema.body) {\n        const result = schema.body.safeParse(req.body)\n        if (!result.success) {\n          return res.status(422).json({\n            message: result.error.issues[0]?.message || 'Validation failed',\n            errors: result.error.issues.map((i: any) => ({\n              field: i.path.join('.'),\n              message: i.message,\n            })),\n          })\n        }\n        req.body = result.data\n      }\n\n      if (schema.query) {\n        const result = schema.query.safeParse(req.query)\n        if (!result.success) {\n          return res.status(422).json({\n            message: 'Invalid query parameters',\n            errors: result.error.issues.map((i: any) => ({\n              field: i.path.join('.'),\n              message: i.message,\n            })),\n          })\n        }\n        ;(req as any).query = result.data\n      }\n\n      if (schema.params) {\n        const result = schema.params.safeParse(req.params)\n        if (!result.success) {\n          return res.status(422).json({\n            message: 'Invalid path parameters',\n            errors: result.error.issues.map((i: any) => ({\n              field: i.path.join('.'),\n              message: i.message,\n            })),\n          })\n        }\n        ;(req as any).params = result.data\n      }\n\n      next()\n    } catch (err) {\n      next(err)\n    }\n  }\n}\n"],"mappings":";;;;;AAaO,SAASA,SAASC,QAAwB;AAC/C,SAAO,CAACC,KAAcC,KAAeC,SAAAA;AACnC,QAAI;AACF,UAAIH,OAAOI,MAAM;AACf,cAAMC,SAASL,OAAOI,KAAKE,UAAUL,IAAIG,IAAI;AAC7C,YAAI,CAACC,OAAOE,SAAS;AACnB,iBAAOL,IAAIM,OAAO,GAAA,EAAKC,KAAK;YAC1BC,SAASL,OAAOM,MAAMC,OAAO,CAAA,GAAIF,WAAW;YAC5CG,QAAQR,OAAOM,MAAMC,OAAOE,IAAI,CAACC,OAAY;cAC3CC,OAAOD,EAAEE,KAAKC,KAAK,GAAA;cACnBR,SAASK,EAAEL;YACb,EAAA;UACF,CAAA;QACF;AACAT,YAAIG,OAAOC,OAAOc;MACpB;AAEA,UAAInB,OAAOoB,OAAO;AAChB,cAAMf,SAASL,OAAOoB,MAAMd,UAAUL,IAAImB,KAAK;AAC/C,YAAI,CAACf,OAAOE,SAAS;AACnB,iBAAOL,IAAIM,OAAO,GAAA,EAAKC,KAAK;YAC1BC,SAAS;YACTG,QAAQR,OAAOM,MAAMC,OAAOE,IAAI,CAACC,OAAY;cAC3CC,OAAOD,EAAEE,KAAKC,KAAK,GAAA;cACnBR,SAASK,EAAEL;YACb,EAAA;UACF,CAAA;QACF;;AACET,YAAYmB,QAAQf,OAAOc;MAC/B;AAEA,UAAInB,OAAOqB,QAAQ;AACjB,cAAMhB,SAASL,OAAOqB,OAAOf,UAAUL,IAAIoB,MAAM;AACjD,YAAI,CAAChB,OAAOE,SAAS;AACnB,iBAAOL,IAAIM,OAAO,GAAA,EAAKC,KAAK;YAC1BC,SAAS;YACTG,QAAQR,OAAOM,MAAMC,OAAOE,IAAI,CAACC,OAAY;cAC3CC,OAAOD,EAAEE,KAAKC,KAAK,GAAA;cACnBR,SAASK,EAAEL;YACb,EAAA;UACF,CAAA;QACF;;AACET,YAAYoB,SAAShB,OAAOc;MAChC;AAEAhB,WAAAA;IACF,SAASmB,KAAK;AACZnB,WAAKmB,GAAAA;IACP;EACF;AACF;AAlDgBvB;","names":["validate","schema","req","res","next","body","result","safeParse","success","status","json","message","error","issues","errors","map","i","field","path","join","data","query","params","err"]}

package/dist/chunk-JM7X7SAD.js

@@ -0,0 +1,133 @@
+import {
+  __name
+} from "./chunk-7QVYU63E.js";
+
+// src/query/types.ts
+var FILTER_OPERATORS = /* @__PURE__ */ new Set([
+  "eq",
+  "neq",
+  "gt",
+  "gte",
+  "lt",
+  "lte",
+  "between",
+  "in",
+  "contains",
+  "starts",
+  "ends"
+]);
+
+// src/query/parse-query.ts
+var MAX_SEARCH_LENGTH = 200;
+var DEFAULT_PAGE = 1;
+var DEFAULT_LIMIT = 20;
+var MAX_LIMIT = 100;
+function parseFilters(filterParam, allowedFields) {
+  if (!filterParam) return [];
+  const items = Array.isArray(filterParam) ? filterParam : [
+    filterParam
+  ];
+  const results = [];
+  const allowed = allowedFields ? new Set(allowedFields) : null;
+  for (const item of items) {
+    const firstColon = item.indexOf(":");
+    if (firstColon === -1) continue;
+    const secondColon = item.indexOf(":", firstColon + 1);
+    if (secondColon === -1) continue;
+    const field = item.slice(0, firstColon);
+    const operator = item.slice(firstColon + 1, secondColon);
+    const value = item.slice(secondColon + 1);
+    if (!field || !value) continue;
+    if (!FILTER_OPERATORS.has(operator)) continue;
+    if (allowed && !allowed.has(field)) continue;
+    results.push({
+      field,
+      operator,
+      value
+    });
+  }
+  return results;
+}
+__name(parseFilters, "parseFilters");
+function parseSort(sortParam, allowedFields) {
+  if (!sortParam) return [];
+  const items = Array.isArray(sortParam) ? sortParam : [
+    sortParam
+  ];
+  const results = [];
+  const allowed = allowedFields ? new Set(allowedFields) : null;
+  for (const item of items) {
+    const lastColon = item.lastIndexOf(":");
+    if (lastColon === -1) continue;
+    const field = item.slice(0, lastColon);
+    const dir = item.slice(lastColon + 1).toLowerCase();
+    if (!field) continue;
+    if (dir !== "asc" && dir !== "desc") continue;
+    if (allowed && !allowed.has(field)) continue;
+    results.push({
+      field,
+      direction: dir
+    });
+  }
+  return results;
+}
+__name(parseSort, "parseSort");
+function parsePagination(params) {
+  let page = typeof params.page === "string" ? parseInt(params.page, 10) : params.page ?? DEFAULT_PAGE;
+  let limit = typeof params.limit === "string" ? parseInt(params.limit, 10) : params.limit ?? DEFAULT_LIMIT;
+  if (isNaN(page) || page < 1) page = DEFAULT_PAGE;
+  if (isNaN(limit) || limit < 1) limit = DEFAULT_LIMIT;
+  if (limit > MAX_LIMIT) limit = MAX_LIMIT;
+  return {
+    page,
+    limit,
+    offset: (page - 1) * limit
+  };
+}
+__name(parsePagination, "parsePagination");
+function parseSearchQuery(q) {
+  if (!q) return "";
+  return q.trim().slice(0, MAX_SEARCH_LENGTH);
+}
+__name(parseSearchQuery, "parseSearchQuery");
+function parseQuery(query, fieldConfig) {
+  return {
+    filters: parseFilters(query.filter, fieldConfig?.filterable),
+    sort: parseSort(query.sort, fieldConfig?.sortable),
+    pagination: parsePagination({
+      page: query.page,
+      limit: query.limit
+    }),
+    search: parseSearchQuery(query.q)
+  };
+}
+__name(parseQuery, "parseQuery");
+function buildQueryParams(parsed) {
+  const params = {};
+  if (parsed.filters?.length) {
+    params.filter = parsed.filters.map((f) => `${f.field}:${f.operator}:${f.value}`);
+  }
+  if (parsed.sort?.length) {
+    params.sort = parsed.sort.map((s) => `${s.field}:${s.direction}`);
+  }
+  if (parsed.pagination) {
+    params.page = parsed.pagination.page;
+    params.limit = parsed.pagination.limit;
+  }
+  if (parsed.search) {
+    params.q = parsed.search;
+  }
+  return params;
+}
+__name(buildQueryParams, "buildQueryParams");
+
+export {
+  FILTER_OPERATORS,
+  parseFilters,
+  parseSort,
+  parsePagination,
+  parseSearchQuery,
+  parseQuery,
+  buildQueryParams
+};
+//# sourceMappingURL=chunk-JM7X7SAD.js.map

package/dist/chunk-JM7X7SAD.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/query/types.ts","../src/query/parse-query.ts"],"sourcesContent":["/** Supported filter operators for query string parsing */\nexport type FilterOperator =\n  | 'eq'\n  | 'neq'\n  | 'gt'\n  | 'gte'\n  | 'lt'\n  | 'lte'\n  | 'between'\n  | 'in'\n  | 'contains'\n  | 'starts'\n  | 'ends'\n\nexport const FILTER_OPERATORS = new Set<string>([\n  'eq',\n  'neq',\n  'gt',\n  'gte',\n  'lt',\n  'lte',\n  'between',\n  'in',\n  'contains',\n  'starts',\n  'ends',\n])\n\nexport interface FilterItem {\n  field: string\n  operator: FilterOperator\n  value: string\n}\n\nexport interface SortItem {\n  field: string\n  direction: 'asc' | 'desc'\n}\n\nexport interface PaginationParams {\n  page: number\n  limit: number\n  offset: number\n}\n\n/**\n * The result of parsing a query string. ORM-agnostic — pass this to\n * a query builder adapter (Drizzle, Prisma, Sequelize, etc.) to produce\n * database-specific query objects.\n */\nexport interface ParsedQuery {\n  filters: FilterItem[]\n  sort: SortItem[]\n  pagination: PaginationParams\n  search: string\n}\n\n/**\n * Restrict which fields can be filtered, sorted, or searched.\n * Fields not in the allow-list are silently ignored.\n */\nexport interface QueryFieldConfig {\n  filterable?: string[]\n  sortable?: string[]\n  searchable?: string[]\n}\n\n/**\n * Interface for ORM-specific query builder adapters.\n * Implement this to translate a `ParsedQuery` into your ORM's query format.\n *\n * @example\n * ```ts\n * // Drizzle adapter\n * class DrizzleQueryAdapter implements QueryBuilderAdapter<DrizzleQueryResult> {\n *   build(parsed: ParsedQuery, config: DrizzleConfig): DrizzleQueryResult {\n *     // Convert filters → Drizzle SQL conditions\n *     // Convert sort → Drizzle orderBy\n *     return { where, orderBy, limit, offset }\n *   }\n * }\n *\n * // Prisma adapter\n * class PrismaQueryAdapter implements QueryBuilderAdapter<PrismaQueryResult> {\n *   build(parsed: ParsedQuery, config: PrismaConfig): PrismaQueryResult {\n *     return { where, orderBy, skip, take }\n *   }\n * }\n * ```\n */\nexport interface QueryBuilderAdapter<TResult = any, TConfig = any> {\n  /** Human-readable name for debugging */\n  readonly name: string\n\n  /**\n   * Convert a ParsedQuery into an ORM-specific query object.\n   * @param parsed - The ORM-agnostic parsed query\n   * @param config - ORM-specific configuration (column maps, search columns, etc.)\n   */\n  build(parsed: ParsedQuery, config: TConfig): TResult\n}\n","import {\n  FILTER_OPERATORS,\n  type FilterItem,\n  type FilterOperator,\n  type SortItem,\n  type PaginationParams,\n  type ParsedQuery,\n  type QueryFieldConfig,\n} from './types'\n\nconst MAX_SEARCH_LENGTH = 200\nconst DEFAULT_PAGE = 1\nconst DEFAULT_LIMIT = 20\nconst MAX_LIMIT = 100\n\n// ── Individual parsers ──────────────────────────────────────────────────\n\n/** Parse filter strings like \"status:eq:active\" into structured objects */\nexport function parseFilters(\n  filterParam: string | string[] | undefined,\n  allowedFields?: string[],\n): FilterItem[] {\n  if (!filterParam) return []\n\n  const items = Array.isArray(filterParam) ? filterParam : [filterParam]\n  const results: FilterItem[] = []\n  const allowed = allowedFields ? new Set(allowedFields) : null\n\n  for (const item of items) {\n    // Split on first two colons only — value may contain colons (e.g. timestamps)\n    const firstColon = item.indexOf(':')\n    if (firstColon === -1) continue\n\n    const secondColon = item.indexOf(':', firstColon + 1)\n    if (secondColon === -1) continue\n\n    const field = item.slice(0, firstColon)\n    const operator = item.slice(firstColon + 1, secondColon)\n    const value = item.slice(secondColon + 1)\n\n    if (!field || !value) continue\n    if (!FILTER_OPERATORS.has(operator)) continue\n    if (allowed && !allowed.has(field)) continue\n\n    results.push({ field, operator: operator as FilterOperator, value })\n  }\n\n  return results\n}\n\n/** Parse sort strings like \"firstName:asc\" into structured objects */\nexport function parseSort(\n  sortParam: string | string[] | undefined,\n  allowedFields?: string[],\n): SortItem[] {\n  if (!sortParam) return []\n\n  const items = Array.isArray(sortParam) ? sortParam : [sortParam]\n  const results: SortItem[] = []\n  const allowed = allowedFields ? new Set(allowedFields) : null\n\n  for (const item of items) {\n    // Split on last colon so field names with colons work\n    const lastColon = item.lastIndexOf(':')\n    if (lastColon === -1) continue\n\n    const field = item.slice(0, lastColon)\n    const dir = item.slice(lastColon + 1).toLowerCase()\n\n    if (!field) continue\n    if (dir !== 'asc' && dir !== 'desc') continue\n    if (allowed && !allowed.has(field)) continue\n\n    results.push({ field, direction: dir })\n  }\n\n  return results\n}\n\n/** Parse page/limit into pagination with computed offset */\nexport function parsePagination(params: {\n  page?: string | number\n  limit?: string | number\n}): PaginationParams {\n  let page =\n    typeof params.page === 'string' ? parseInt(params.page, 10) : (params.page ?? DEFAULT_PAGE)\n  let limit =\n    typeof params.limit === 'string' ? parseInt(params.limit, 10) : (params.limit ?? DEFAULT_LIMIT)\n\n  if (isNaN(page) || page < 1) page = DEFAULT_PAGE\n  if (isNaN(limit) || limit < 1) limit = DEFAULT_LIMIT\n  if (limit > MAX_LIMIT) limit = MAX_LIMIT\n\n  return { page, limit, offset: (page - 1) * limit }\n}\n\n/** Sanitize and truncate search query */\nexport function parseSearchQuery(q: string | undefined): string {\n  if (!q) return ''\n  return q.trim().slice(0, MAX_SEARCH_LENGTH)\n}\n\n// ── Combined parser ─────────────────────────────────────────────────────\n\n/**\n * Parse a raw Express query object into a structured, ORM-agnostic ParsedQuery.\n *\n * @param query - Raw query string object from `req.query` or Zod-validated object\n * @param fieldConfig - Optional field restrictions (whitelist filterable/sortable/searchable)\n *\n * @example\n * ```ts\n * // In a controller\n * @Get('/')\n * async list(ctx: RequestContext) {\n *   const parsed = parseQuery(ctx.query, {\n *     filterable: ['status', 'priority'],\n *     sortable: ['createdAt', 'title'],\n *   })\n *   // Pass to your ORM query builder adapter\n *   const q = drizzleAdapter.build(parsed, { columns, searchColumns })\n * }\n * ```\n *\n * Query string format:\n * - Filters: `?filter=field:operator:value` (repeatable)\n * - Sort: `?sort=field:asc|desc` (repeatable)\n * - Pagination: `?page=1&limit=20`\n * - Search: `?q=search+term`\n *\n * Filter operators: eq, neq, gt, gte, lt, lte, between, in, contains, starts, ends\n */\nexport function parseQuery(\n  query: Record<string, any>,\n  fieldConfig?: QueryFieldConfig,\n): ParsedQuery {\n  return {\n    filters: parseFilters(query.filter, fieldConfig?.filterable),\n    sort: parseSort(query.sort, fieldConfig?.sortable),\n    pagination: parsePagination({ page: query.page, limit: query.limit }),\n    search: parseSearchQuery(query.q),\n  }\n}\n\n// ── Query URL builder (for client-side or testing) ──────────────────────\n\n/** Convert ParsedQuery back into query string parameters */\nexport function buildQueryParams(\n  parsed: Partial<ParsedQuery>,\n): Record<string, string | string[] | number> {\n  const params: Record<string, string | string[] | number> = {}\n\n  if (parsed.filters?.length) {\n    params.filter = parsed.filters.map((f) => `${f.field}:${f.operator}:${f.value}`)\n  }\n\n  if (parsed.sort?.length) {\n    params.sort = parsed.sort.map((s) => `${s.field}:${s.direction}`)\n  }\n\n  if (parsed.pagination) {\n    params.page = parsed.pagination.page\n    params.limit = parsed.pagination.limit\n  }\n\n  if (parsed.search) {\n    params.q = parsed.search\n  }\n\n  return params\n}\n"],"mappings":";;;;;AAcO,IAAMA,mBAAmB,oBAAIC,IAAY;EAC9C;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;CACD;;;AChBD,IAAMC,oBAAoB;AAC1B,IAAMC,eAAe;AACrB,IAAMC,gBAAgB;AACtB,IAAMC,YAAY;AAKX,SAASC,aACdC,aACAC,eAAwB;AAExB,MAAI,CAACD,YAAa,QAAO,CAAA;AAEzB,QAAME,QAAQC,MAAMC,QAAQJ,WAAAA,IAAeA,cAAc;IAACA;;AAC1D,QAAMK,UAAwB,CAAA;AAC9B,QAAMC,UAAUL,gBAAgB,IAAIM,IAAIN,aAAAA,IAAiB;AAEzD,aAAWO,QAAQN,OAAO;AAExB,UAAMO,aAAaD,KAAKE,QAAQ,GAAA;AAChC,QAAID,eAAe,GAAI;AAEvB,UAAME,cAAcH,KAAKE,QAAQ,KAAKD,aAAa,CAAA;AACnD,QAAIE,gBAAgB,GAAI;AAExB,UAAMC,QAAQJ,KAAKK,MAAM,GAAGJ,UAAAA;AAC5B,UAAMK,WAAWN,KAAKK,MAAMJ,aAAa,GAAGE,WAAAA;AAC5C,UAAMI,QAAQP,KAAKK,MAAMF,cAAc,CAAA;AAEvC,QAAI,CAACC,SAAS,CAACG,MAAO;AACtB,QAAI,CAACC,iBAAiBC,IAAIH,QAAAA,EAAW;AACrC,QAAIR,WAAW,CAACA,QAAQW,IAAIL,KAAAA,EAAQ;AAEpCP,YAAQa,KAAK;MAAEN;MAAOE;MAAsCC;IAAM,CAAA;EACpE;AAEA,SAAOV;AACT;AA9BgBN;AAiCT,SAASoB,UACdC,WACAnB,eAAwB;AAExB,MAAI,CAACmB,UAAW,QAAO,CAAA;AAEvB,QAAMlB,QAAQC,MAAMC,QAAQgB,SAAAA,IAAaA,YAAY;IAACA;;AACtD,QAAMf,UAAsB,CAAA;AAC5B,QAAMC,UAAUL,gBAAgB,IAAIM,IAAIN,aAAAA,IAAiB;AAEzD,aAAWO,QAAQN,OAAO;AAExB,UAAMmB,YAAYb,KAAKc,YAAY,GAAA;AACnC,QAAID,cAAc,GAAI;AAEtB,UAAMT,QAAQJ,KAAKK,MAAM,GAAGQ,SAAAA;AAC5B,UAAME,MAAMf,KAAKK,MAAMQ,YAAY,CAAA,EAAGG,YAAW;AAEjD,QAAI,CAACZ,MAAO;AACZ,QAAIW,QAAQ,SAASA,QAAQ,OAAQ;AACrC,QAAIjB,WAAW,CAACA,QAAQW,IAAIL,KAAAA,EAAQ;AAEpCP,YAAQa,KAAK;MAAEN;MAAOa,WAAWF;IAAI,CAAA;EACvC;AAEA,SAAOlB;AACT;AA1BgBc;AA6BT,SAASO,gBAAgBC,QAG/B;AACC,MAAIC,OACF,OAAOD,OAAOC,SAAS,WAAWC,SAASF,OAAOC,MAAM,EAAA,IAAOD,OAAOC,QAAQhC;AAChF,MAAIkC,QACF,OAAOH,OAAOG,UAAU,WAAWD,SAASF,OAAOG,OAAO,EAAA,IAAOH,OAAOG,SAASjC;AAEnF,MAAIkC,MAAMH,IAAAA,KAASA,OAAO,EAAGA,QAAOhC;AACpC,MAAImC,MAAMD,KAAAA,KAAUA,QAAQ,EAAGA,SAAQjC;AACvC,MAAIiC,QAAQhC,UAAWgC,SAAQhC;AAE/B,SAAO;IAAE8B;IAAME;IAAOE,SAASJ,OAAO,KAAKE;EAAM;AACnD;AAdgBJ;AAiBT,SAASO,iBAAiBC,GAAqB;AACpD,MAAI,CAACA,EAAG,QAAO;AACf,SAAOA,EAAEC,KAAI,EAAGtB,MAAM,GAAGlB,iBAAAA;AAC3B;AAHgBsC;AAmCT,SAASG,WACdC,OACAC,aAA8B;AAE9B,SAAO;IACLC,SAASxC,aAAasC,MAAMG,QAAQF,aAAaG,UAAAA;IACjDC,MAAMvB,UAAUkB,MAAMK,MAAMJ,aAAaK,QAAAA;IACzCC,YAAYlB,gBAAgB;MAAEE,MAAMS,MAAMT;MAAME,OAAOO,MAAMP;IAAM,CAAA;IACnEe,QAAQZ,iBAAiBI,MAAMH,CAAC;EAClC;AACF;AAVgBE;AAeT,SAASU,iBACdC,QAA4B;AAE5B,QAAMpB,SAAqD,CAAC;AAE5D,MAAIoB,OAAOR,SAASS,QAAQ;AAC1BrB,WAAOa,SAASO,OAAOR,QAAQU,IAAI,CAACC,MAAM,GAAGA,EAAEtC,KAAK,IAAIsC,EAAEpC,QAAQ,IAAIoC,EAAEnC,KAAK,EAAE;EACjF;AAEA,MAAIgC,OAAOL,MAAMM,QAAQ;AACvBrB,WAAOe,OAAOK,OAAOL,KAAKO,IAAI,CAACE,MAAM,GAAGA,EAAEvC,KAAK,IAAIuC,EAAE1B,SAAS,EAAE;EAClE;AAEA,MAAIsB,OAAOH,YAAY;AACrBjB,WAAOC,OAAOmB,OAAOH,WAAWhB;AAChCD,WAAOG,QAAQiB,OAAOH,WAAWd;EACnC;AAEA,MAAIiB,OAAOF,QAAQ;AACjBlB,WAAOO,IAAIa,OAAOF;EACpB;AAEA,SAAOlB;AACT;AAvBgBmB;","names":["FILTER_OPERATORS","Set","MAX_SEARCH_LENGTH","DEFAULT_PAGE","DEFAULT_LIMIT","MAX_LIMIT","parseFilters","filterParam","allowedFields","items","Array","isArray","results","allowed","Set","item","firstColon","indexOf","secondColon","field","slice","operator","value","FILTER_OPERATORS","has","push","parseSort","sortParam","lastColon","lastIndexOf","dir","toLowerCase","direction","parsePagination","params","page","parseInt","limit","isNaN","offset","parseSearchQuery","q","trim","parseQuery","query","fieldConfig","filters","filter","filterable","sort","sortable","pagination","search","buildQueryParams","parsed","length","map","f","s"]}