npm - @guren/server - Versions diffs - 0.1.1-alpha.0 - Mend

@guren/server 0.1.1-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,1392 @@
+import {
+  gurenVitePlugin
+} from "./chunk-GDCUIM6V.js";
+// src/http/Application.ts
+import { Hono } from "hono";
+// src/mvc/Route.ts
+var Route = class {
+  static registry = [];
+  static prefixStack = [];
+  static add(method, path, handler, middlewares = []) {
+    const fullPath = joinPaths(this.prefixStack, path);
+    this.registry.push({ method, path: fullPath, handler, middlewares });
+    return this;
+  }
+  static on(method, path, handler, ...middlewares) {
+    return this.add(method.toUpperCase(), path, handler, middlewares);
+  }
+  static get(path, handler, ...middlewares) {
+    return this.add("GET", path, handler, middlewares);
+  }
+  static post(path, handler, ...middlewares) {
+    return this.add("POST", path, handler, middlewares);
+  }
+  static put(path, handler, ...middlewares) {
+    return this.add("PUT", path, handler, middlewares);
+  }
+  static patch(path, handler, ...middlewares) {
+    return this.add("PATCH", path, handler, middlewares);
+  }
+  static delete(path, handler, ...middlewares) {
+    return this.add("DELETE", path, handler, middlewares);
+  }
+  static group(prefix, callback) {
+    this.prefixStack.push(prefix);
+    callback();
+    this.prefixStack.pop();
+    return this;
+  }
+  static mount(app) {
+    for (const route of this.registry) {
+      const handler = resolveHandler(route.handler);
+      app.on(route.method, route.path, ...route.middlewares, handler);
+    }
+  }
+  static clear() {
+    this.registry.splice(0, this.registry.length);
+  }
+  static definitions() {
+    return this.registry.map(({ method, path, name }) => ({ method, path, name }));
+  }
+};
+function resolveHandler(action) {
+  if (isControllerAction(action)) {
+    const [ControllerClass, methodName] = action;
+    return async (c) => {
+      const controller = new ControllerClass();
+      controller.setContext(c);
+      const method = controller[methodName];
+      if (typeof method !== "function") {
+        throw new Error(`Controller method ${String(methodName)} is not defined on ${ControllerClass.name}.`);
+      }
+      const result = await method.call(controller, c);
+      return ensureResponse(result);
+    };
+  }
+  return async (c) => {
+    const result = await action(c);
+    return ensureResponse(result);
+  };
+}
+function ensureResponse(result) {
+  if (result instanceof Response) {
+    return result;
+  }
+  if (result === void 0 || result === null) {
+    return new Response(null, { status: 204 });
+  }
+  if (typeof result === "string") {
+    return new Response(result, {
+      headers: { "Content-Type": "text/html; charset=utf-8" }
+    });
+  }
+  if (typeof result === "object") {
+    return new Response(JSON.stringify(result), {
+      headers: { "Content-Type": "application/json" }
+    });
+  }
+  return new Response(String(result));
+}
+function isControllerAction(action) {
+  return Array.isArray(action);
+}
+function joinPaths(prefixStack, path) {
+  const segments = [...prefixStack, path].filter(Boolean).map((segment) => segment.replace(/\/*$/u, "").replace(/^\/*/u, "")).filter(Boolean);
+  if (segments.length === 0) {
+    return "/";
+  }
+  const combined = segments.join("/");
+  return "/" + combined.replace(/\/+/gu, "/");
+}
+// src/mvc/ViewEngine.ts
+var ViewEngine = class {
+  static engines = /* @__PURE__ */ new Map();
+  static register(name, renderer) {
+    this.engines.set(name, renderer);
+  }
+  static has(name) {
+    return this.engines.has(name);
+  }
+  static render(name, template, props) {
+    const engine = this.engines.get(name);
+    if (!engine) {
+      throw new Error(`View engine "${name}" has not been registered.`);
+    }
+    return engine(template, props);
+  }
+};
+// src/plugins/ApplicationContext.ts
+var ApplicationContext = class {
+  constructor(application, authManager) {
+    this.application = application;
+    this.authManager = authManager;
+  }
+  get app() {
+    return this.application;
+  }
+  get hono() {
+    return this.application.hono;
+  }
+  get routes() {
+    return Route;
+  }
+  get views() {
+    return ViewEngine;
+  }
+  get auth() {
+    return this.authManager;
+  }
+};
+// src/plugins/PluginManager.ts
+var PluginManager = class {
+  constructor(contextFactory) {
+    this.contextFactory = contextFactory;
+  }
+  entries = [];
+  bootCompleted = false;
+  add(provider) {
+    if (this.bootCompleted) {
+      throw new Error("Cannot register providers after application has booted.");
+    }
+    const instance = this.instantiate(provider);
+    this.entries.push({ instance, registered: false, booted: false });
+    return instance;
+  }
+  addMany(providers) {
+    for (const provider of providers) {
+      this.add(provider);
+    }
+  }
+  async registerAll() {
+    const context = this.contextFactory();
+    for (const entry of this.entries) {
+      if (!entry.registered) {
+        if (typeof entry.instance.register === "function") {
+          await entry.instance.register(context);
+        }
+        entry.registered = true;
+      }
+    }
+  }
+  async bootAll() {
+    const context = this.contextFactory();
+    for (const entry of this.entries) {
+      if (!entry.booted) {
+        if (typeof entry.instance.boot === "function") {
+          await entry.instance.boot(context);
+        }
+        entry.booted = true;
+      }
+    }
+    this.bootCompleted = true;
+  }
+  instantiate(provider) {
+    if (typeof provider === "function") {
+      return new provider();
+    }
+    return provider;
+  }
+};
+// src/mvc/inertia/InertiaEngine.ts
+var DEFAULT_TITLE = "Guren";
+var DEFAULT_IMPORT_MAP = {
+  react: "https://esm.sh/react@19.0.0?dev",
+  "react/jsx-runtime": "https://esm.sh/react@19.0.0/jsx-runtime?dev",
+  "react/jsx-dev-runtime": "https://esm.sh/react@19.0.0/jsx-dev-runtime?dev",
+  "react-dom/client": "https://esm.sh/react-dom@19.0.0/client?dev",
+  "@inertiajs/react": "https://esm.sh/@inertiajs/react@2.2.15?dev&external=react,react-dom/client",
+  "@guren/inertia-client": "/vendor/inertia-client.tsx"
+};
+function inertia(component, props, options = {}) {
+  const page = {
+    component,
+    props,
+    url: options.url ?? "",
+    version: options.version
+  };
+  const request = options.request;
+  const isInertiaVisit = Boolean(request?.headers.get("X-Inertia"));
+  const prefersJson = request ? acceptsJson(request) : false;
+  if (isInertiaVisit || prefersJson) {
+    return new Response(serializePage(page), {
+      status: options.status ?? 200,
+      headers: {
+        "Content-Type": "application/json; charset=utf-8",
+        "X-Inertia": "true",
+        "Vary": "Accept",
+        ...options.version ? { "X-Inertia-Version": options.version } : {},
+        ...options.headers
+      }
+    });
+  }
+  const html = renderDocument(page, options);
+  return new Response(html, {
+    status: options.status ?? 200,
+    headers: {
+      "Content-Type": "text/html; charset=utf-8",
+      "X-Inertia": "true",
+      "Vary": "Accept",
+      ...options.version ? { "X-Inertia-Version": options.version } : {},
+      ...options.headers
+    }
+  });
+}
+function renderDocument(page, options) {
+  const defaultEntry = process.env.GUREN_INERTIA_ENTRY ?? "/resources/js/app.tsx";
+  const entry = options.entry ?? defaultEntry;
+  const title = escapeHtml(options.title ?? DEFAULT_TITLE);
+  const styles = options.styles ?? parseStylesEnv(process.env.GUREN_INERTIA_STYLES);
+  const importMap = JSON.stringify(
+    {
+      imports: {
+        ...DEFAULT_IMPORT_MAP,
+        ...options.importMap ?? {}
+      }
+    },
+    null,
+    2
+  );
+  const serializedPage = serializePage(page);
+  const stylesheetLinks = renderStyles(styles);
+  return `<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>${title}</title>
+    ${stylesheetLinks}
+    <script type="importmap">${importMap}</script>
+    <script>window.__INERTIA_PAGE__ = ${serializedPage};</script>
+  </head>
+  <body>
+    <div id="app" data-page="${escapeAttribute(serializedPage)}"></div>
+    <script type="module" src="${entry}"></script>
+  </body>
+</html>`;
+}
+function renderStyles(styles) {
+  if (!styles.length) {
+    return "";
+  }
+  return styles.map((href) => `<link rel="stylesheet" href="${escapeAttribute(href)}" />`).join("\n    ");
+}
+function serializePage(page) {
+  return JSON.stringify(page).replace(/[<\u2028\u2029]/gu, (char) => {
+    switch (char) {
+      case "<":
+        return "\\u003c";
+      case "\u2028":
+        return "\\u2028";
+      case "\u2029":
+        return "\\u2029";
+      default:
+        return char;
+    }
+  });
+}
+function acceptsJson(request) {
+  const accept = request.headers.get("accept")?.toLowerCase() ?? "";
+  if (!accept || accept === "*/*") {
+    return false;
+  }
+  if (accept.includes("text/html")) {
+    return false;
+  }
+  return accept.includes("application/json") || accept.includes("json");
+}
+function escapeHtml(value) {
+  return value.replace(/[&<>"']/gu, (char) => {
+    switch (char) {
+      case "&":
+        return "&amp;";
+      case "<":
+        return "&lt;";
+      case ">":
+        return "&gt;";
+      case '"':
+        return "&quot;";
+      case "'":
+        return "&#39;";
+      default:
+        return char;
+    }
+  });
+}
+function escapeAttribute(value) {
+  return value.replace(/[&"]/gu, (char) => {
+    if (char === "&") {
+      return "&amp;";
+    }
+    return "&quot;";
+  });
+}
+function parseStylesEnv(value) {
+  if (!value) {
+    return [];
+  }
+  return value.split(",").map((item) => item.trim()).filter((item) => item.length > 0);
+}
+// src/plugins/providers/InertiaViewProvider.ts
+var InertiaViewProvider = class {
+  register(_context) {
+    if (!ViewEngine.has("inertia")) {
+      ViewEngine.register("inertia", inertia);
+    }
+  }
+};
+// src/http/middleware/auth.ts
+var AUTH_CONTEXT_KEY = "guren:auth";
+function attachAuthContext(contextFactory) {
+  return async (ctx, next) => {
+    ctx.set(AUTH_CONTEXT_KEY, contextFactory(ctx));
+    await next();
+  };
+}
+function resolveAuth(ctx) {
+  return ctx.get(AUTH_CONTEXT_KEY);
+}
+function requireAuthenticated(options = {}) {
+  const { redirectTo, status = 401, responseFactory } = options;
+  return async (ctx, next) => {
+    const auth = resolveAuth(ctx);
+    if (!auth) {
+      throw new Error("Auth context has not been attached. Did you register the auth middleware?");
+    }
+    if (!await auth.check()) {
+      if (redirectTo) {
+        return ctx.redirect(redirectTo);
+      }
+      if (responseFactory) {
+        return responseFactory();
+      }
+      return new Response(JSON.stringify({ message: "Unauthorized" }), {
+        status,
+        headers: { "Content-Type": "application/json; charset=utf-8" }
+      });
+    }
+    await next();
+  };
+}
+function requireGuest(options = {}) {
+  const { redirectTo, status = 403, responseFactory } = options;
+  return async (ctx, next) => {
+    const auth = resolveAuth(ctx);
+    if (!auth) {
+      throw new Error("Auth context has not been attached. Did you register the auth middleware?");
+    }
+    if (!await auth.guest()) {
+      if (redirectTo) {
+        return ctx.redirect(redirectTo);
+      }
+      if (responseFactory) {
+        return responseFactory();
+      }
+      return new Response(JSON.stringify({ message: "Already authenticated" }), {
+        status,
+        headers: { "Content-Type": "application/json; charset=utf-8" }
+      });
+    }
+    await next();
+  };
+}
+// src/auth/SessionGuard.ts
+var DEFAULT_SESSION_KEY = "auth:user_id";
+var DEFAULT_REMEMBER_KEY = "auth:remember_token";
+var SessionGuard = class {
+  constructor(options) {
+    this.options = options;
+  }
+  cachedUser;
+  get currentSession() {
+    return this.options.session;
+  }
+  get provider() {
+    return this.options.provider;
+  }
+  sessionKey() {
+    return this.options.sessionKey ?? DEFAULT_SESSION_KEY;
+  }
+  rememberSessionKey() {
+    return this.options.rememberSessionKey ?? DEFAULT_REMEMBER_KEY;
+  }
+  async loadRememberedUser() {
+    if (!this.currentSession || !this.provider.getRememberToken) {
+      return null;
+    }
+    const rememberToken = this.currentSession.get(this.rememberSessionKey());
+    if (!rememberToken) {
+      return null;
+    }
+    const user = await this.provider.retrieveByCredentials({ rememberToken });
+    if (!user) {
+      this.currentSession.forget(this.rememberSessionKey());
+      return null;
+    }
+    const providerToken = await this.provider.getRememberToken?.(user);
+    if (!providerToken || providerToken !== rememberToken) {
+      this.currentSession.forget(this.rememberSessionKey());
+      return null;
+    }
+    this.cachedUser = user;
+    await this.provider.setRememberToken?.(user, rememberToken);
+    return user;
+  }
+  async resolveUser() {
+    if (this.cachedUser !== void 0) {
+      return this.cachedUser;
+    }
+    const session = this.currentSession;
+    if (!session) {
+      this.cachedUser = null;
+      return null;
+    }
+    const identifier = session.get(this.sessionKey());
+    if (identifier == null) {
+      const remembered = await this.loadRememberedUser();
+      this.cachedUser = remembered;
+      return remembered;
+    }
+    const user = await this.provider.retrieveById(identifier);
+    if (!user) {
+      session.forget(this.sessionKey());
+      this.cachedUser = null;
+      return null;
+    }
+    this.cachedUser = user;
+    return user;
+  }
+  async check() {
+    return await this.resolveUser() !== null;
+  }
+  async guest() {
+    return !await this.check();
+  }
+  async user() {
+    const user = await this.resolveUser();
+    return user ?? null;
+  }
+  async id() {
+    const session = this.currentSession;
+    if (!session) {
+      return null;
+    }
+    return session.get(this.sessionKey()) ?? null;
+  }
+  async remember(user) {
+    if (!this.currentSession || !this.provider.setRememberToken) {
+      return;
+    }
+    const token = globalThis.crypto.randomUUID();
+    await this.provider.setRememberToken?.(user, token);
+    this.currentSession.set(this.rememberSessionKey(), token);
+  }
+  async login(user, remember = false) {
+    const castUser = user;
+    const session = this.currentSession;
+    if (!session) {
+      throw new Error("SessionGuard: session middleware is required to use the session guard.");
+    }
+    const identifier = this.provider.getId(castUser);
+    session.set(this.sessionKey(), identifier);
+    this.cachedUser = castUser;
+    if (remember) {
+      await this.remember(castUser);
+    } else {
+      session.forget(this.rememberSessionKey());
+    }
+  }
+  async logout() {
+    const session = this.currentSession;
+    if (!session) {
+      return;
+    }
+    session.forget(this.sessionKey());
+    session.forget(this.rememberSessionKey());
+    this.cachedUser = null;
+  }
+  async attempt(credentials, remember = false) {
+    const user = await this.validate(credentials);
+    if (!user) {
+      return false;
+    }
+    await this.login(user, remember);
+    return true;
+  }
+  async validate(credentials) {
+    const user = await this.provider.retrieveByCredentials(credentials);
+    if (!user) {
+      return null;
+    }
+    const valid = await this.provider.validateCredentials(user, credentials);
+    if (!valid) {
+      return null;
+    }
+    return user;
+  }
+  session() {
+    return this.currentSession;
+  }
+};
+// src/plugins/providers/AuthServiceProvider.ts
+var DEFAULT_GUARD = "web";
+var DEFAULT_PROVIDER = "users";
+var AuthServiceProvider = class {
+  register(context) {
+    const auth = context.auth;
+    if (!auth.guardNames().length) {
+      auth.registerGuard(DEFAULT_GUARD, createDefaultGuardFactory(DEFAULT_PROVIDER));
+      auth.setDefaultGuard(DEFAULT_GUARD);
+    }
+  }
+  boot(context) {
+    const { app, auth } = context;
+    app.use("*", attachAuthContext((ctx) => auth.createAuthContext(ctx)));
+  }
+};
+function createDefaultGuardFactory(providerName) {
+  return ({ ctx, session, manager }) => {
+    const provider = manager.getProvider(providerName);
+    return new SessionGuard({
+      provider,
+      session
+    });
+  };
+}
+// src/http/middleware/session.ts
+import { getCookie, setCookie, deleteCookie } from "hono/cookie";
+var MemorySessionStore = class {
+  constructor(now = () => Date.now()) {
+    this.now = now;
+  }
+  store = /* @__PURE__ */ new Map();
+  async read(id) {
+    const entry = this.store.get(id);
+    if (!entry) {
+      return void 0;
+    }
+    if (entry.expiresAt <= this.now()) {
+      this.store.delete(id);
+      return void 0;
+    }
+    return { ...entry.data };
+  }
+  async write(id, data, ttlSeconds) {
+    const expiresAt = this.now() + ttlSeconds * 1e3;
+    this.store.set(id, { data: { ...data }, expiresAt });
+  }
+  async destroy(id) {
+    this.store.delete(id);
+  }
+};
+var DEFAULT_COOKIE_NAME = "guren.session";
+var DEFAULT_TTL_SECONDS = 60 * 60 * 2;
+var SESSION_CONTEXT_KEY = "guren:session";
+var SessionImpl = class {
+  constructor(id, initialData, isNew) {
+    this.isNew = isNew;
+    this.currentId = id;
+    this.originalId = id;
+    this.data = { ...initialData };
+  }
+  currentId;
+  originalId;
+  data;
+  dirty = false;
+  destroyed = false;
+  regenerated = false;
+  get id() {
+    return this.currentId;
+  }
+  get(key) {
+    return this.data[key];
+  }
+  set(key, value) {
+    this.data[key] = value;
+    this.dirty = true;
+  }
+  has(key) {
+    return Object.prototype.hasOwnProperty.call(this.data, key);
+  }
+  forget(key) {
+    if (this.has(key)) {
+      delete this.data[key];
+      this.dirty = true;
+    }
+  }
+  flush() {
+    if (Object.keys(this.data).length > 0) {
+      this.data = {};
+      this.dirty = true;
+    }
+  }
+  all() {
+    return { ...this.data };
+  }
+  regenerate() {
+    this.currentId = globalThis.crypto.randomUUID();
+    this.regenerated = true;
+    this.dirty = true;
+  }
+  invalidate() {
+    this.flush();
+    this.destroyed = true;
+  }
+  markTouched() {
+    this.dirty = true;
+  }
+  wasDestroyed() {
+    return this.destroyed;
+  }
+  wasRegenerated() {
+    return this.regenerated;
+  }
+  shouldPersist() {
+    return this.dirty || this.isNew;
+  }
+  snapshot() {
+    return { ...this.data };
+  }
+  originalSessionId() {
+    return this.originalId;
+  }
+};
+function createSessionMiddleware(options = {}) {
+  const {
+    cookieName = DEFAULT_COOKIE_NAME,
+    cookiePath = "/",
+    cookieDomain,
+    cookieSecure = true,
+    cookieSameSite = "Lax",
+    cookieHttpOnly = true,
+    cookieMaxAgeSeconds,
+    ttlSeconds = DEFAULT_TTL_SECONDS,
+    store = new MemorySessionStore()
+  } = options;
+  return async (ctx, next) => {
+    const existingId = getCookie(ctx, cookieName);
+    const sessionId = existingId ?? globalThis.crypto.randomUUID();
+    const isNew = !existingId;
+    const initialData = existingId ? await store.read(existingId) ?? {} : {};
+    const session = new SessionImpl(sessionId, initialData, isNew);
+    ctx.set(SESSION_CONTEXT_KEY, session);
+    try {
+      await next();
+    } finally {
+      if (session.wasDestroyed()) {
+        await store.destroy(session.originalSessionId());
+        deleteCookie(ctx, cookieName, {
+          path: cookiePath,
+          domain: cookieDomain,
+          secure: cookieSecure,
+          sameSite: cookieSameSite,
+          httpOnly: cookieHttpOnly
+        });
+        return;
+      }
+      if (!session.shouldPersist()) {
+        if (existingId) {
+          await store.write(existingId, session.snapshot(), ttlSeconds);
+          setCookie(ctx, cookieName, existingId, {
+            path: cookiePath,
+            domain: cookieDomain,
+            secure: cookieSecure,
+            sameSite: cookieSameSite,
+            httpOnly: cookieHttpOnly,
+            maxAge: cookieMaxAgeSeconds ?? ttlSeconds
+          });
+        }
+        return;
+      }
+      const nextId = session.id;
+      await store.write(nextId, session.snapshot(), ttlSeconds);
+      setCookie(ctx, cookieName, nextId, {
+        path: cookiePath,
+        domain: cookieDomain,
+        secure: cookieSecure,
+        sameSite: cookieSameSite,
+        httpOnly: cookieHttpOnly,
+        maxAge: cookieMaxAgeSeconds ?? ttlSeconds
+      });
+    }
+  };
+}
+function getSessionFromContext(ctx) {
+  return ctx.get(SESSION_CONTEXT_KEY);
+}
+// src/auth/RequestAuthContext.ts
+var RequestAuthContext = class {
+  constructor(manager, ctx, currentSession, resolveGuard) {
+    this.manager = manager;
+    this.ctx = ctx;
+    this.currentSession = currentSession;
+    this.resolveGuard = resolveGuard;
+  }
+  guardCache = /* @__PURE__ */ new Map();
+  guard(name) {
+    const key = name ?? this.manager.getDefaultGuard();
+    if (!this.guardCache.has(key)) {
+      const guard = this.resolveGuard(name);
+      this.guardCache.set(key, guard);
+    }
+    return this.guardCache.get(key);
+  }
+  session() {
+    return this.currentSession;
+  }
+  async check() {
+    return this.guard().check();
+  }
+  async guest() {
+    return this.guard().guest();
+  }
+  async user() {
+    return this.guard().user();
+  }
+  async id() {
+    return this.guard().id();
+  }
+  async login(user, remember) {
+    await this.guard().login(user, remember);
+  }
+  async attempt(credentials, remember) {
+    return this.guard().attempt(credentials, remember);
+  }
+  async logout() {
+    await this.guard().logout();
+  }
+};
+// src/auth/AuthManager.ts
+var DEFAULT_GUARD2 = "web";
+var AuthManager = class {
+  guards = /* @__PURE__ */ new Map();
+  providers = /* @__PURE__ */ new Map();
+  defaultGuard;
+  constructor(options = {}) {
+    this.defaultGuard = options.defaultGuard ?? DEFAULT_GUARD2;
+  }
+  registerGuard(name, factory) {
+    this.guards.set(name, { factory });
+  }
+  registerProvider(name, factory) {
+    this.providers.set(name, { factory });
+  }
+  getProvider(name) {
+    const entry = this.providers.get(name);
+    if (!entry) {
+      throw new Error(`AuthManager: provider "${name}" has not been registered.`);
+    }
+    if (!entry.instance) {
+      const instance = entry.factory(this);
+      entry.instance = instance;
+      this.providers.set(name, entry);
+    }
+    return entry.instance;
+  }
+  createGuard(name, context) {
+    const entry = this.guards.get(name);
+    if (!entry) {
+      throw new Error(`AuthManager: guard "${name}" has not been registered.`);
+    }
+    return entry.factory(context);
+  }
+  guardNames() {
+    return Array.from(this.guards.keys());
+  }
+  setDefaultGuard(name) {
+    if (!this.guards.has(name)) {
+      throw new Error(`AuthManager: cannot set default guard to unregistered guard "${name}".`);
+    }
+    this.defaultGuard = name;
+  }
+  getDefaultGuard() {
+    return this.defaultGuard;
+  }
+  createAuthContext(ctx, options = {}) {
+    const guardName = options.guard ?? this.defaultGuard;
+    const session = getSessionFromContext(ctx);
+    const guardFactory = (name) => {
+      const targetName = name ?? guardName;
+      return this.createGuard(targetName, {
+        ctx,
+        session,
+        manager: this
+      });
+    };
+    return new RequestAuthContext(this, ctx, session, guardFactory);
+  }
+  async attempt(name, ctx, credentials, remember) {
+    const guard = this.createAuthContext(ctx, { guard: name }).guard(name);
+    return guard.attempt(credentials, remember);
+  }
+};
+// src/auth/providers/UserProvider.ts
+var BaseUserProvider = class {
+  async setRememberToken(user, token) {
+    if (typeof user.setRememberToken === "function") {
+      await user.setRememberToken(token);
+    }
+  }
+  async getRememberToken(user) {
+    if (typeof user.getRememberToken === "function") {
+      return await user.getRememberToken() ?? null;
+    }
+    return null;
+  }
+};
+// src/auth/password/ScryptHasher.ts
+var ScryptHasher = class {
+  algorithm;
+  memoryCost;
+  timeCost;
+  cost;
+  constructor(options = {}) {
+    this.algorithm = options.algorithm ?? "argon2id";
+    this.memoryCost = options.memoryCost;
+    this.timeCost = options.timeCost;
+    this.cost = options.cost;
+  }
+  async hash(plain) {
+    if (this.algorithm === "bcrypt") {
+      return Bun.password.hash(plain, {
+        algorithm: "bcrypt",
+        cost: this.cost
+      });
+    }
+    return Bun.password.hash(plain, {
+      algorithm: this.algorithm,
+      memoryCost: this.memoryCost,
+      timeCost: this.timeCost
+    });
+  }
+  async verify(hashed, plain) {
+    return Bun.password.verify(plain, hashed);
+  }
+  needsRehash(hashed) {
+    if (this.algorithm === "bcrypt") {
+      if (!hashed.startsWith("$2")) {
+        return true;
+      }
+      if (this.cost != null) {
+        const costSegment = hashed.slice(4, 6);
+        const parsedCost = Number.parseInt(costSegment, 10);
+        if (!Number.isNaN(parsedCost) && parsedCost !== this.cost) {
+          return true;
+        }
+      }
+      return false;
+    }
+    if (!hashed.startsWith(`$${this.algorithm}$`)) {
+      return true;
+    }
+    const [, , , parameterSegment] = hashed.split("$");
+    if (!parameterSegment) {
+      return false;
+    }
+    const params = Object.fromEntries(
+      parameterSegment.split(",").map((pair) => pair.split("=")).filter((parts) => parts.length === 2)
+    );
+    if (this.memoryCost != null) {
+      const memory = Number(params.m);
+      if (!Number.isNaN(memory) && memory !== this.memoryCost) {
+        return true;
+      }
+    }
+    if (this.timeCost != null) {
+      const time = Number(params.t);
+      if (!Number.isNaN(time) && time !== this.timeCost) {
+        return true;
+      }
+    }
+    return false;
+  }
+};
+// src/auth/providers/ModelUserProvider.ts
+var ModelUserProvider = class extends BaseUserProvider {
+  constructor(model, options = {}) {
+    super();
+    this.model = model;
+    this.idColumn = options.idColumn ?? "id";
+    this.usernameColumn = options.usernameColumn ?? "email";
+    this.passwordColumn = options.passwordColumn ?? "password";
+    this.rememberTokenColumn = options.rememberTokenColumn ?? "remember_token";
+    this.hasher = options.hasher ?? new ScryptHasher();
+    this.credentialsPasswordField = options.credentialsPasswordField ?? "password";
+  }
+  idColumn;
+  usernameColumn;
+  passwordColumn;
+  rememberTokenColumn;
+  hasher;
+  credentialsPasswordField;
+  cast(record) {
+    if (record && typeof record === "object") {
+      return record;
+    }
+    return null;
+  }
+  async retrieveById(identifier) {
+    const record = await this.model.find(identifier, this.idColumn);
+    return this.cast(record);
+  }
+  async retrieveByCredentials(credentials) {
+    const rememberToken = credentials["rememberToken"] ?? credentials["remember_token"];
+    if (rememberToken != null) {
+      const records2 = await this.model.where({ [this.rememberTokenColumn]: rememberToken });
+      return this.cast(records2[0] ?? null);
+    }
+    const username = credentials[this.usernameColumn];
+    if (username == null) {
+      return null;
+    }
+    const records = await this.model.where({ [this.usernameColumn]: username });
+    return this.cast(records[0] ?? null);
+  }
+  async validateCredentials(user, credentials) {
+    const plain = credentials[this.credentialsPasswordField];
+    if (typeof plain !== "string") {
+      return false;
+    }
+    const hashed = user[this.passwordColumn];
+    if (typeof hashed !== "string") {
+      return false;
+    }
+    return this.hasher.verify(hashed, plain);
+  }
+  getId(user) {
+    return user[this.idColumn];
+  }
+  async setRememberToken(user, token) {
+    if (typeof user[this.rememberTokenColumn] !== "undefined") {
+      ;
+      user[this.rememberTokenColumn] = token;
+      await this.model.update({ [this.idColumn]: this.getId(user) }, { [this.rememberTokenColumn]: token });
+    }
+  }
+  async getRememberToken(user) {
+    const token = user[this.rememberTokenColumn];
+    if (token == null) {
+      return null;
+    }
+    return String(token);
+  }
+};
+// src/http/Application.ts
+var Application = class {
+  constructor(options = {}) {
+    this.options = options;
+    this.hono = new Hono();
+    this.authManager = new AuthManager();
+    this.plugins = new PluginManager(() => this.resolveContext());
+    this.registerDefaultProviders();
+    if (Array.isArray(this.options.providers)) {
+      this.plugins.addMany(this.options.providers);
+    }
+  }
+  hono;
+  plugins;
+  context;
+  authManager;
+  get auth() {
+    return this.authManager;
+  }
+  /**
+   * Mounts all routes that were defined through the Route DSL.
+   */
+  mountRoutes() {
+    Route.mount(this.hono);
+  }
+  /**
+   * Allows registering global middlewares directly on the underlying Hono app.
+   */
+  use(path, ...middleware) {
+    this.hono.use(path, ...middleware);
+  }
+  /**
+   * Executes the optional boot callback and mounts the registered routes.
+   */
+  async boot() {
+    await this.plugins.registerAll();
+    await this.options.boot?.(this.hono);
+    this.mountRoutes();
+    await this.plugins.bootAll();
+  }
+  /**
+   * Fetch handler to integrate with Bun.serve or any standard Fetch runtime.
+   */
+  async fetch(request, env, executionCtx) {
+    return this.hono.fetch(request, env, executionCtx);
+  }
+  /**
+   * Convenience helper to start a Bun server when available.
+   */
+  listen(options = {}) {
+    if (!Bun) {
+      throw new Error("Bun runtime is required to call Application.listen");
+    }
+    const { port = 3e3, hostname = "0.0.0.0" } = options;
+    Bun.serve({
+      port,
+      hostname,
+      fetch: (request) => this.fetch(request)
+    });
+  }
+  register(provider) {
+    this.plugins.add(provider);
+    return this;
+  }
+  registerMany(providers) {
+    this.plugins.addMany(providers);
+    return this;
+  }
+  resolveContext() {
+    if (!this.context) {
+      this.context = new ApplicationContext(this, this.authManager);
+    }
+    return this.context;
+  }
+  registerDefaultProviders() {
+    this.plugins.add(InertiaViewProvider);
+    this.plugins.add(AuthServiceProvider);
+  }
+};
+// src/http/dev-assets.ts
+import { serveStatic } from "hono/bun";
+import { dirname, extname, resolve } from "path";
+import { fileURLToPath } from "url";
+var DEFAULT_PREFIX = "/resources/js";
+var DEFAULT_VENDOR_PATH = "/vendor/inertia-client.tsx";
+var DEFAULT_JSX_RUNTIME = "https://esm.sh/react@19.0.0/jsx-dev-runtime?dev";
+var gurenInertiaClient = fileURLToPath(new URL("../../../inertia-client/src/app.tsx", import.meta.url));
+function registerDevAssets(app, options) {
+  if (typeof Bun === "undefined") {
+    throw new Error("Bun runtime is required for dev asset serving.");
+  }
+  const moduleDir = options.importMeta ? dirname(fileURLToPath(options.importMeta.url)) : void 0;
+  const resourcesDir = options.resourcesDir ?? (moduleDir ? resolve(moduleDir, options.resourcesPath ?? "../resources") : void 0);
+  if (!resourcesDir) {
+    throw new Error("registerDevAssets requires either `resourcesDir` or `importMeta`.");
+  }
+  const prefix = options.prefix ?? DEFAULT_PREFIX;
+  const inertiaClientPath = options.inertiaClientPath ?? DEFAULT_VENDOR_PATH;
+  const inertiaClientSource = options.inertiaClientSource ?? gurenInertiaClient;
+  const jsxRuntimeUrl = options.jsxRuntimeUrl ?? DEFAULT_JSX_RUNTIME;
+  const resourcesJsDir = resolve(resourcesDir, "js");
+  const reactImportPattern = /from\s+['"]react['"]/u;
+  const transpilerOptions = {
+    target: "browser",
+    jsx: "transform",
+    jsxFactory: "React.createElement",
+    jsxFragment: "React.Fragment",
+    define: {
+      "process.env.NODE_ENV": JSON.stringify(process.env.NODE_ENV ?? "development")
+    }
+  };
+  const tsxTranspiler = new Bun.Transpiler({ loader: "tsx", ...transpilerOptions });
+  const tsTranspiler = new Bun.Transpiler({ loader: "ts", ...transpilerOptions });
+  app.hono.get(`${prefix}/*`, (ctx) => handleTranspileRequest(ctx, resourcesJsDir, prefix, reactImportPattern, tsxTranspiler, tsTranspiler, jsxRuntimeUrl));
+  if (options.inertiaClient !== false) {
+    app.hono.get(inertiaClientPath, () => transpileFile(inertiaClientSource, reactImportPattern, tsxTranspiler, tsTranspiler, jsxRuntimeUrl));
+  }
+  const publicPathOption = options.publicPath === void 0 ? "../public" : options.publicPath;
+  const publicDir = options.publicDir ?? (moduleDir && publicPathOption ? resolve(moduleDir, publicPathOption) : void 0);
+  const shouldServePublic = publicDir && publicPathOption !== false;
+  if (shouldServePublic) {
+    const publicRoute = options.publicRoute ?? "/public/*";
+    const rewriteRequestPath = createStaticRewrite(publicRoute);
+    app.use(
+      publicRoute,
+      serveStatic({
+        root: publicDir,
+        rewriteRequestPath
+      })
+    );
+    if (options.favicon !== false) {
+      app.hono.get("/favicon.ico", () => new Response(null, { status: 204 }));
+    }
+  }
+}
+function createStaticRewrite(route) {
+  const wildcardIndex = route.indexOf("*");
+  const base = wildcardIndex >= 0 ? route.slice(0, wildcardIndex) : route;
+  const normalizedBase = base.endsWith("/") ? base.slice(0, -1) : base;
+  if (!normalizedBase) {
+    return (path) => path || "/";
+  }
+  return (path) => {
+    if (!path.startsWith(normalizedBase)) {
+      return path || "/";
+    }
+    const remainder = path.slice(normalizedBase.length);
+    if (!remainder) {
+      return "/";
+    }
+    return remainder.startsWith("/") ? remainder : `/${remainder}`;
+  };
+}
+async function handleTranspileRequest(ctx, resourcesJsDir, prefix, reactImportPattern, tsxTranspiler, tsTranspiler, jsxRuntimeUrl) {
+  const relative = ctx.req.path.slice(prefix.length + 1);
+  const fsPath = resolve(resourcesJsDir, relative);
+  if (!fsPath.startsWith(resourcesJsDir)) {
+    return ctx.notFound();
+  }
+  return transpileFile(fsPath, reactImportPattern, tsxTranspiler, tsTranspiler, jsxRuntimeUrl);
+}
+async function transpileFile(fsPath, reactImportPattern, tsxTranspiler, tsTranspiler, jsxRuntimeUrl) {
+  const candidates = buildCandidatePaths(fsPath);
+  let filePath;
+  let file;
+  for (const candidate of candidates) {
+    const bunFile = Bun.file(candidate);
+    if (await bunFile.exists()) {
+      filePath = candidate;
+      file = bunFile;
+      break;
+    }
+  }
+  if (!file || !filePath) {
+    return new Response("Not Found", { status: 404 });
+  }
+  const ext = extname(filePath);
+  let source = await file.text();
+  if (ext === ".tsx" && !reactImportPattern.test(source)) {
+    source = "import React from 'react'\n" + source;
+  }
+  if (ext === ".tsx" || ext === ".ts") {
+    const transpiled = ext === ".tsx" ? tsxTranspiler.transformSync(source, {
+      loader: "tsx",
+      sourceMap: isDev() ? "inline" : false,
+      filename: filePath
+    }) : tsTranspiler.transformSync(source, {
+      loader: "ts",
+      sourceMap: isDev() ? "inline" : false,
+      filename: filePath
+    });
+    const helpers = collectJsxHelpers(transpiled);
+    const runtimeShim = helpers.size ? createJsxRuntimeShim(helpers, jsxRuntimeUrl) : "";
+    return new Response(runtimeShim + transpiled, {
+      headers: {
+        "Content-Type": "application/javascript; charset=utf-8",
+        "Cache-Control": isDev() ? "no-cache" : "public, max-age=31536000"
+      }
+    });
+  }
+  const body = await file.arrayBuffer();
+  return new Response(body, {
+    headers: {
+      "Content-Type": file.type || "application/octet-stream",
+      "Cache-Control": isDev() ? "no-cache" : "public, max-age=31536000"
+    }
+  });
+}
+function buildCandidatePaths(fsPath) {
+  const ext = extname(fsPath);
+  if (ext) {
+    return [fsPath];
+  }
+  return [
+    `${fsPath}.tsx`,
+    `${fsPath}.ts`,
+    `${fsPath}.jsx`,
+    `${fsPath}.js`
+  ];
+}
+function collectJsxHelpers(code) {
+  const helpers = /* @__PURE__ */ new Set();
+  const pattern = /(jsxDEV|jsx|jsxs|Fragment)_[0-9a-z]+/gu;
+  for (const match of code.matchAll(pattern)) {
+    helpers.add(match[0]);
+  }
+  return helpers;
+}
+function createJsxRuntimeShim(helpers, runtimeUrl) {
+  const assignments = Array.from(helpers).map((helper) => {
+    const base = helper.split("_")[0];
+    return `const ${helper} = __jsxRuntime.${base};`;
+  });
+  return `import * as __jsxRuntime from "${runtimeUrl}";
+${assignments.join("\n")}
+`;
+}
+function isDev() {
+  return (process.env.NODE_ENV ?? "development") !== "production";
+}
+// src/http/inertia-assets.ts
+import { serveStatic as serveStatic2 } from "hono/bun";
+import { dirname as dirname2, resolve as resolve2 } from "path";
+import { fileURLToPath as fileURLToPath2 } from "url";
+var DEFAULT_STYLES_ENTRY = "/public/assets/app.css";
+var DEFAULT_SCRIPT_ENTRY = "/assets/app.js";
+function configureInertiaAssets(app, options) {
+  const stylesEntry = options.stylesEntry ?? DEFAULT_STYLES_ENTRY;
+  process.env.GUREN_INERTIA_STYLES = process.env.GUREN_INERTIA_STYLES ?? stylesEntry;
+  const isProduction = process.env.NODE_ENV === "production";
+  if (!isProduction) {
+    registerDevAssets(app, options);
+    return;
+  }
+  const scriptEntry = options.scriptEntry ?? DEFAULT_SCRIPT_ENTRY;
+  process.env.GUREN_INERTIA_ENTRY = process.env.GUREN_INERTIA_ENTRY ?? scriptEntry;
+  const moduleDir = options.importMeta ? dirname2(fileURLToPath2(options.importMeta.url)) : void 0;
+  const publicPathOption = options.publicPath === void 0 ? "../public" : options.publicPath;
+  const publicDir = options.publicDir ?? (moduleDir && publicPathOption ? resolve2(moduleDir, publicPathOption) : void 0);
+  if (!publicDir || publicPathOption === false) {
+    return;
+  }
+  const publicRoute = options.publicRoute ?? "/public/*";
+  const rewriteRequestPath = createStaticRewrite(publicRoute);
+  app.use(
+    publicRoute,
+    serveStatic2({
+      root: publicDir,
+      rewriteRequestPath
+    })
+  );
+  if (options.favicon !== false) {
+    app.hono.get("/favicon.ico", () => new Response(null, { status: 204 }));
+  }
+}
+// src/http/request.ts
+function isPlainObject(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+async function parseRequestPayload(ctx) {
+  const contentType = ctx.req.header("content-type") ?? "";
+  if (contentType.includes("application/json")) {
+    const body = await ctx.req.json().catch(() => ({}));
+    return isPlainObject(body) ? body : {};
+  }
+  if (typeof ctx.req.parseBody === "function") {
+    const form = await ctx.req.parseBody();
+    return Object.fromEntries(
+      Object.entries(form).map(([key, value]) => [key, Array.isArray(value) ? value[0] : value])
+    );
+  }
+  return {};
+}
+function formatValidationErrors(error, fallbackMessage = "The provided data is invalid.") {
+  const errors = {};
+  for (const issue of error.issues ?? []) {
+    const field = issue.path?.[0];
+    if (typeof field === "string" && !errors[field]) {
+      errors[field] = issue.message;
+    }
+  }
+  if (Object.keys(errors).length === 0) {
+    errors.message = fallbackMessage;
+  }
+  return errors;
+}
+// src/mvc/Controller.ts
+var Controller = class {
+  context;
+  setContext(context) {
+    this.context = context;
+  }
+  get ctx() {
+    if (!this.context) {
+      throw new Error("Controller context has not been set.");
+    }
+    return this.context;
+  }
+  get request() {
+    return this.ctx.req;
+  }
+  get auth() {
+    const auth = this.ctx.get(AUTH_CONTEXT_KEY);
+    if (!auth) {
+      throw new Error("Controller auth helper requires the auth middleware. Make sure AuthServiceProvider is registered.");
+    }
+    return auth;
+  }
+  inertia(component, props, options = {}) {
+    const ctx = this.ctx;
+    const { url: overrideUrl, ...rest } = options;
+    const url = overrideUrl ?? ctx.req.path ?? ctx.req.url ?? "";
+    return inertia(component, props, {
+      ...rest,
+      url,
+      request: ctx.req.raw
+    });
+  }
+  json(data, init = {}) {
+    return new Response(JSON.stringify(data), {
+      ...init,
+      headers: {
+        "Content-Type": "application/json; charset=utf-8",
+        ...init.headers
+      }
+    });
+  }
+  text(body, init = {}) {
+    return new Response(body, {
+      ...init,
+      headers: {
+        "Content-Type": "text/plain; charset=utf-8",
+        ...init.headers
+      }
+    });
+  }
+  redirect(url, options = {}) {
+    const { status = 302, headers } = options;
+    return new Response(null, {
+      status,
+      headers: {
+        Location: url,
+        ...headers
+      }
+    });
+  }
+};
+// src/http/middleware/index.ts
+function defineMiddleware(handler) {
+  return handler;
+}
+export {
+  Application,
+  ApplicationContext,
+  AuthManager,
+  AuthServiceProvider,
+  BaseUserProvider,
+  Controller,
+  InertiaViewProvider,
+  MemorySessionStore,
+  ModelUserProvider,
+  Route,
+  ScryptHasher,
+  SessionGuard,
+  ViewEngine,
+  attachAuthContext,
+  configureInertiaAssets,
+  createSessionMiddleware,
+  defineMiddleware,
+  formatValidationErrors,
+  getSessionFromContext,
+  gurenVitePlugin,
+  inertia,
+  parseRequestPayload,
+  registerDevAssets,
+  requireAuthenticated,
+  requireGuest
+};