npm - @h3ravel/session - Versions diffs - 0.1.0-alpha.1 - Mend

@h3ravel/session 0.1.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,1434 @@
+//#region rolldown:runtime
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+//#endregion
+let __h3ravel_support = require("@h3ravel/support");
+let __h3ravel_database = require("@h3ravel/database");
+let crypto$1 = require("crypto");
+crypto$1 = __toESM(crypto$1);
+let __h3ravel_foundation = require("@h3ravel/foundation");
+let __h3ravel_contracts = require("@h3ravel/contracts");
+let fs = require("fs");
+let path = require("path");
+path = __toESM(path);
+let __h3ravel_musket = require("@h3ravel/musket");
+//#region src/Encryption.ts
+var Encryption = class {
+	key;
+	constructor() {
+		const appKey = process.env.APP_KEY;
+		if (!appKey) throw new __h3ravel_foundation.ConfigException("APP_KEY not set in env");
+		this.key = (0, crypto$1.createHash)("sha256").update(Buffer.from(appKey, "base64")).digest();
+	}
+	/**
+	* Encrypt session data using AES-256-CBC and the APP_KEY.
+	*/
+	encrypt(value) {
+		value = typeof value === "string" ? value : JSON.stringify(value);
+		const iv = crypto$1.default.randomBytes(16);
+		const cipher = crypto$1.default.createCipheriv("aes-256-cbc", this.key, iv);
+		const encrypted = Buffer.concat([cipher.update(value, "utf8"), cipher.final()]);
+		return iv.toString("hex") + ":" + encrypted.toString("hex");
+	}
+	/**
+	* Decrypt session data.
+	*/
+	decrypt(value) {
+		const [ivHex, encryptedHex] = value.split(":");
+		const iv = Buffer.from(ivHex, "hex");
+		const encrypted = Buffer.from(encryptedHex, "hex");
+		const decipher = crypto$1.default.createDecipheriv("aes-256-cbc", this.key, iv);
+		const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]).toString("utf8");
+		try {
+			return JSON.parse(decrypted);
+		} catch {
+			return decrypted;
+		}
+	}
+};
+//#endregion
+//#region src/FlashBag.ts
+/**
+* FlashBag
+*
+* Manages flash data for session management, handling temporary data
+* that persists for one request cycle.
+*/
+var FlashBag = class {
+	/**
+	* Storage for flash data
+	*
+	* Structure:
+	* {
+	*   new: { key1: value1, key2: value2 },
+	*   old: { key3: value3, key4: value4 }
+	* }
+	*/
+	flashData = {
+		new: {},
+		old: {}
+	};
+	/**
+	* Flash a value for the next request
+	*
+	* @param key Key to store in flash
+	* @param value Value to be flashed
+	*/
+	flash(key, value) {
+		this.flashData.new[key] = value;
+	}
+	/**
+	* Store a temporary value for the current request only
+	*
+	* @param key Key to store
+	* @param value Value to store
+	*/
+	now(key, value) {
+		this.flashData.new[key] = value;
+	}
+	/**
+	* Reflash all current flash data for another request cycle
+	*/
+	reflash() {
+		this.flashData.old = { ...this.flashData.new };
+	}
+	/**
+	* Keep only specific flash keys for the next request
+	*
+	* @param keys Keys to keep
+	*/
+	keep(keys) {
+		const keptNew = {};
+		const keptOld = {};
+		keys.forEach((key) => {
+			if (this.flashData.new[key] !== void 0) keptNew[key] = this.flashData.new[key];
+			if (this.flashData.old[key] !== void 0) keptOld[key] = this.flashData.old[key];
+		});
+		this.flashData.new = keptNew;
+		this.flashData.old = keptOld;
+	}
+	/**
+	* Age flash data at the end of the request
+	*
+	* - Removes old flash data
+	* - Moves new flash data to old
+	* - Clears new flash data
+	*/
+	ageFlashData() {
+		this.flashData.old = {};
+		this.flashData.old = { ...this.flashData.new };
+		this.flashData.new = {};
+	}
+	/**
+	* Get a flash value
+	*
+	* @param key Key to retrieve
+	* @param defaultValue Default value if key doesn't exist
+	* @returns Flash value or default
+	*/
+	get(key, defaultValue) {
+		return this.flashData.new[key] ?? this.flashData.old[key] ?? defaultValue;
+	}
+	/**
+	* Check if a flash key exists
+	*
+	* @param key Key to check
+	* @returns Boolean indicating existence
+	*/
+	has(key) {
+		return key in this.flashData.new || key in this.flashData.old;
+	}
+	/**
+	* Get all flash data
+	*
+	* @returns Combined flash data
+	*/
+	all() {
+		return {
+			...this.flashData.old,
+			...this.flashData.new
+		};
+	}
+	/**
+	* Get all flash data keys
+	*
+	* @returns Combined flash data
+	*/
+	keys() {
+		return Object.keys({
+			...this.flashData.old,
+			...this.flashData.new
+		});
+	}
+	/**
+	* Get the raww flash data
+	*
+	* @returns raw flash data
+	*/
+	raw() {
+		return this.flashData;
+	}
+	/**
+	* Clear all flash data
+	*/
+	clear() {
+		this.flashData.new = {};
+		this.flashData.old = {};
+	}
+};
+//#endregion
+//#region src/drivers/Driver.ts
+/**
+* Driver
+*
+* Base Session driver.
+*/
+var Driver = class extends __h3ravel_contracts.ISessionDriver {
+	encryptor = new Encryption();
+	sessionId;
+	flashBag = new FlashBag();
+	/**
+	* Save the raw session payload (session + flash)
+	*/
+	saveRawPayload() {
+		this.savePayload(Object.assign({}, this.fetchPayload(), { _flash: this.flashBag.raw() }));
+	}
+	/**
+	* Retrieve all data from the session including flash
+	*
+	* @returns
+	*/
+	getAll() {
+		const payload = this.fetchPayload();
+		const flash = payload._flash ?? {
+			old: {},
+			new: {}
+		};
+		return {
+			...payload,
+			...flash.old,
+			...flash.new
+		};
+	}
+	/**
+	* Retrieve a value from the session
+	*
+	* @param key
+	* @param defaultValue
+	* @returns
+	*/
+	get(key, defaultValue) {
+		return (0, __h3ravel_support.safeDot)(this.getAll(), key) || defaultValue;
+	}
+	/**
+	* Store a value in the session
+	*
+	* @param key
+	* @param value
+	*/
+	set(value) {
+		const payload = this.fetchPayload();
+		Object.assign(payload, value);
+		return this.savePayload(payload);
+	}
+	/**
+	* Store multiple key/value pairs
+	*
+	* @param values
+	*/
+	put(key, value) {
+		const payload = this.fetchPayload();
+		(0, __h3ravel_support.setNested)(payload, key, value);
+		return this.savePayload(payload);
+	}
+	/**
+	* Append a value to an array key
+	*
+	* @param key
+	* @param value
+	*/
+	push(key, value) {
+		const payload = this.fetchPayload();
+		if (!Array.isArray(payload[key])) payload[key] = [];
+		payload[key].push(value);
+		return this.savePayload(payload);
+	}
+	/**
+	* Remove a key from the session
+	*
+	* @param key
+	*/
+	forget(key) {
+		const payload = this.fetchPayload();
+		delete payload[key];
+		return this.savePayload(payload);
+	}
+	/**
+	* Retrieve all session data
+	*
+	* @returns
+	*/
+	all() {
+		return this.fetchPayload();
+	}
+	/**
+	* Determine if a key exists (even if null).
+	*
+	* @param key
+	* @returns
+	*/
+	exists(key) {
+		const data = this.getAll();
+		return Object.prototype.hasOwnProperty.call(data, key);
+	}
+	/**
+	* Determine if a key has a non-null value.
+	*
+	* @param key
+	* @returns
+	*/
+	has(key) {
+		const data = this.getAll();
+		return data[key] !== void 0 && data[key] !== null;
+	}
+	/**
+	* Get only specific keys.
+	*
+	* @param keys
+	* @returns
+	*/
+	only(keys) {
+		const data = this.fetchPayload();
+		const result = {};
+		keys.forEach((k) => {
+			if (k in data) result[k] = data[k];
+		});
+		return result;
+	}
+	/**
+	* Return all keys except the specified ones.
+	*
+	* @param keys
+	* @returns
+	*/
+	except(keys) {
+		const data = this.fetchPayload();
+		keys.forEach((k) => delete data[k]);
+		return data;
+	}
+	/**
+	* Return and delete a key from the session.
+	*
+	* @param key
+	* @param defaultValue
+	* @returns
+	*/
+	pull(key, defaultValue = null) {
+		const data = this.fetchPayload();
+		const value = data[key] ?? defaultValue;
+		delete data[key];
+		this.savePayload(data);
+		return value;
+	}
+	/**
+	* Increment a numeric value by amount (default 1).
+	*
+	* @param key
+	* @param amount
+	* @returns
+	*/
+	increment(key, amount = 1) {
+		const data = this.fetchPayload();
+		const newVal = (parseFloat(data[key]) || 0) + amount;
+		data[key] = newVal;
+		this.savePayload(data);
+		return newVal;
+	}
+	/**
+	* Decrement a numeric value by amount (default 1).
+	*
+	* @param key
+	* @param amount
+	* @returns
+	*/
+	decrement(key, amount = 1) {
+		return this.increment(key, -amount);
+	}
+	/**
+	* Flash a value for next request only.
+	*
+	* @param key
+	* @param value
+	*/
+	flash(key, value) {
+		this.flashBag.flash(key, value);
+		this.saveRawPayload();
+	}
+	/**
+	* Reflash all flash data for one more cycle.
+	*
+	* @returns
+	*/
+	reflash() {
+		this.flashBag.reflash();
+		this.saveRawPayload();
+	}
+	/**
+	* Keep only selected flash data.
+	*
+	* @param keys
+	* @returns
+	*/
+	keep(keys) {
+		this.flashBag.keep(keys);
+		this.saveRawPayload();
+	}
+	/**
+	* Store a temporary value (flash) for this request only (not persisted)
+	*
+	* @param key
+	* @param value
+	*/
+	now(key, value) {
+		this.flashBag.now(key, value);
+		this.saveRawPayload();
+	}
+	/**
+	* Regenerate session ID and persist data under new ID.
+	*/
+	regenerate() {
+		const oldData = this.fetchPayload();
+		this.sessionId = crypto.randomUUID();
+		this.savePayload(oldData);
+	}
+	/**
+	* Age flash data at the end of the request lifecycle.
+	*/
+	ageFlashData() {
+		const data = this.flashBag.ageFlashData();
+		this.saveRawPayload();
+		return data;
+	}
+	/**
+	* Determine if an item is not present in the session.
+	*
+	* @param key
+	* @returns
+	*/
+	missing(key) {
+		return !this.exists(key);
+	}
+	/**
+	* Flush all session data
+	*/
+	flush() {
+		return this.savePayload({});
+	}
+};
+//#endregion
+//#region src/drivers/DatabaseDriver.ts
+/**
+* DatabaseDriver
+*
+* Stores sessions in a database table. Each session ID maps to a row.
+* The `payload` column contains all session key/value pairs as JSON.
+*/
+var DatabaseDriver = class extends Driver {
+	/**
+	*
+	* @param sessionId The current session ID
+	* @param table
+	*/
+	constructor(sessionId, table = "sessions") {
+		super();
+		this.sessionId = sessionId;
+		this.table = table;
+	}
+	/**
+	* Get the query builder for this table
+	*/
+	query() {
+		return __h3ravel_database.DB.table(this.table).where("id", this.sessionId);
+	}
+	/**
+	* Fetch the session payload
+	*/
+	async fetchPayload() {
+		const row = await this.query().first();
+		if (!row) return {};
+		try {
+			const decrypted = this.encryptor.decrypt(row.payload);
+			return typeof decrypted === "string" ? JSON.parse(decrypted) : decrypted;
+		} catch {
+			return {};
+		}
+	}
+	/**
+	* Save the session payload back to DB
+	*/
+	async savePayload(payload) {
+		const now = Math.floor(Date.now() / 1e3);
+		const exists = await this.query().exists();
+		const encrypted = this.encryptor.encrypt(JSON.stringify(payload));
+		if (exists) await this.query().update({
+			payload: encrypted,
+			last_activity: now
+		});
+		else await __h3ravel_database.DB.table(this.table).insert({
+			id: this.sessionId,
+			payload: encrypted,
+			last_activity: now
+		});
+	}
+	/**
+	* Retrieve all data from the session including flash
+	*/
+	async getAll() {
+		const payload = await this.fetchPayload();
+		const flash = payload._flash ?? {
+			old: {},
+			new: {}
+		};
+		return {
+			...payload,
+			...flash.old,
+			...flash.new
+		};
+	}
+	/**
+	* Get a value from the session
+	*/
+	async get(key, defaultValue) {
+		return (0, __h3ravel_support.safeDot)(await this.getAll(), key) || defaultValue;
+	}
+	/**
+	* Set one or multiple session values
+	*/
+	async set(values) {
+		const payload = await this.fetchPayload();
+		Object.assign(payload, values);
+		await this.savePayload(payload);
+	}
+	/**
+	* Store a single key/value pair
+	*/
+	async put(key, value) {
+		const payload = await this.fetchPayload();
+		(0, __h3ravel_support.setNested)(payload, key, value);
+		await this.savePayload(payload);
+	}
+	/**
+	* Append a value to an array key
+	*/
+	async push(key, value) {
+		const payload = await this.fetchPayload();
+		if (!Array.isArray(payload[key])) payload[key] = [];
+		payload[key].push(value);
+		await this.savePayload(payload);
+	}
+	/**
+	* Forget a session key
+	*/
+	async forget(key) {
+		const payload = await this.fetchPayload();
+		delete payload[key];
+		await this.savePayload(payload);
+	}
+	/**
+	* Retrieve all session data (excluding flash)
+	*/
+	async all() {
+		return this.fetchPayload();
+	}
+	/**
+	* Determine if a key exists (even if null)
+	*/
+	async exists(key) {
+		const data = await this.getAll();
+		return Object.prototype.hasOwnProperty.call(data, key);
+	}
+	/**
+	* Determine if a key has a non-null value
+	*/
+	async has(key) {
+		const data = await this.getAll();
+		return data[key] !== void 0 && data[key] !== null;
+	}
+	/**
+	* Get only specific keys
+	*/
+	async only(keys) {
+		const data = await this.fetchPayload();
+		const result = {};
+		keys.forEach((k) => {
+			if (k in data) result[k] = data[k];
+		});
+		return result;
+	}
+	/**
+	* Return all except specific keys
+	*/
+	async except(keys) {
+		const data = await this.fetchPayload();
+		keys.forEach((k) => delete data[k]);
+		return data;
+	}
+	/**
+	* Retrieve and delete a value
+	*/
+	async pull(key, defaultValue = null) {
+		const data = await this.fetchPayload();
+		const value = data[key] ?? defaultValue;
+		delete data[key];
+		await this.savePayload(data);
+		return value;
+	}
+	/**
+	* Increment a numeric value
+	*/
+	async increment(key, amount = 1) {
+		const data = await this.fetchPayload();
+		const newVal = (parseFloat(data[key]) || 0) + amount;
+		data[key] = newVal;
+		await this.savePayload(data);
+		return newVal;
+	}
+	/**
+	* Decrement a numeric value
+	*/
+	async decrement(key, amount = 1) {
+		return this.increment(key, -amount);
+	}
+	/**
+	* Flash a value for next request only
+	*/
+	async flash(key, value) {
+		this.flashBag.flash(key, value);
+	}
+	/**
+	* Reflash all flash data for one more cycle
+	*/
+	async reflash() {
+		this.flashBag.reflash();
+	}
+	/**
+	* Keep only specific flash keys
+	*/
+	async keep(keys) {
+		this.flashBag.keep(keys);
+	}
+	/**
+	* Store a temporary value (flash) for this request only (not persisted)
+	*/
+	async now(key, value) {
+		this.flashBag.now(key, value);
+	}
+	/**
+	* Regenerate session ID with same data
+	*/
+	async regenerate() {
+		const oldData = await this.fetchPayload();
+		this.sessionId = crypto.randomUUID();
+		await this.savePayload(oldData);
+	}
+	/**
+	* Check if a key is missing
+	*/
+	async missing(key) {
+		return !await this.exists(key);
+	}
+	/**
+	* Flush all session data
+	*/
+	async flush() {
+		await this.savePayload({});
+	}
+	/**
+	* Invalidate the session and regenerate
+	*/
+	async invalidate() {
+		await __h3ravel_database.DB.table(this.table).where("id", this.sessionId).delete();
+		this.sessionId = crypto.randomUUID();
+		this.flashBag = new FlashBag();
+		await this.savePayload({});
+	}
+	/**
+	* Age flash data at the end of the request lifecycle.
+	*/
+	async ageFlashData() {
+		this.flashBag.ageFlashData();
+	}
+};
+//#endregion
+//#region src/drivers/FileDriver.ts
+/**
+* FileDriver
+*
+* Stores session data as encrypted JSON files.
+* Each session is stored in its own file named after the session ID.
+* Ideal for local development or low-scale deployments.
+*/
+var FileDriver = class extends Driver {
+	constructor(sessionId, sessionDir = path.default.resolve(".sessions"), cwd = process.cwd()) {
+		super();
+		this.sessionId = sessionId;
+		this.sessionDir = sessionDir;
+		this.cwd = cwd;
+		this.sessionDir = path.default.join(this.cwd, sessionDir);
+		this.sessionId = sessionId;
+		if (!(0, fs.existsSync)(this.sessionDir)) (0, fs.mkdirSync)(this.sessionDir, { recursive: true });
+		this.ensureSessionFile();
+	}
+	/**
+	* Ensures the session file exists and is initialized.
+	*/
+	ensureSessionFile() {
+		if (!(0, fs.existsSync)(this.sessionFilePath())) this.savePayload({});
+	}
+	/**
+	* Get the absolute path for the current session file.
+	*/
+	sessionFilePath() {
+		return path.default.join(this.sessionDir, this.sessionId);
+	}
+	/**
+	* Read raw decrypted payload (including _flash).
+	*/
+	readRawPayload() {
+		const file = this.sessionFilePath();
+		if (!(0, fs.existsSync)(file)) return {};
+		const content = (0, fs.readFileSync)(file, "utf8");
+		try {
+			return this.encryptor.decrypt(content);
+		} catch {
+			return {};
+		}
+	}
+	/**
+	* Fetch decrypted payload and strip out flash metadata.
+	*/
+	fetchPayload() {
+		return this.readRawPayload();
+	}
+	/**
+	* Write and encrypt session data to file.
+	* Always persists flash state.
+	*
+	* @param data
+	*/
+	savePayload(payload) {
+		(0, fs.writeFileSync)(this.sessionFilePath(), this.encryptor.encrypt(payload), "utf8");
+	}
+	/**
+	* Completely invalidate the current session and regenerate a new one.
+	*/
+	invalidate() {
+		const file = this.sessionFilePath();
+		if ((0, fs.existsSync)(file)) (0, fs.rmSync)(file, { recursive: true });
+		this.sessionId = crypto.randomUUID();
+		this.flashBag = new FlashBag();
+		this.savePayload({});
+	}
+};
+//#endregion
+//#region src/drivers/MemoryDriver.ts
+/**
+* MemoryDriver
+*
+* Lightweight, ephemeral session storage.
+* Intended for tests, local development, or short-lived apps.
+*/
+var MemoryDriver = class MemoryDriver extends Driver {
+	static store = {};
+	constructor(sessionId) {
+		super();
+		this.sessionId = sessionId;
+		this.sessionId = sessionId;
+		if (!MemoryDriver.store[this.sessionId]) MemoryDriver.store[this.sessionId] = {};
+	}
+	/**
+	* Fetch and return session payload.
+	*
+	* @returns Decrypted and usable payload
+	*/
+	fetchPayload() {
+		return { ...MemoryDriver.store[this.sessionId] };
+	}
+	/**
+	* Persist session payload and flash bag state.
+	*
+	* @param data
+	*/
+	savePayload(payload) {
+		MemoryDriver.store[this.sessionId] = { ...payload };
+	}
+	/**
+	* Invalidate current session and regenerate new session ID.
+	*/
+	invalidate() {
+		delete MemoryDriver.store[this.sessionId];
+		this.sessionId = crypto$1.default.randomUUID();
+		this.flashBag = new FlashBag();
+		this.savePayload({});
+	}
+};
+//#endregion
+//#region src/drivers/RedisDriver.ts
+/**
+* RedisDriver (placeholder)
+*/
+var RedisDriver = class extends Driver {
+	static store = {};
+	constructor(sessionId, redisClient, prefix) {
+		super();
+		this.sessionId = sessionId;
+		this.redisClient = redisClient;
+		this.prefix = prefix;
+	}
+	/**
+	* Fetch and return session payload.
+	*
+	* @returns Decrypted and usable payload
+	*/
+	fetchPayload() {
+		return {};
+	}
+	/**
+	* Persist session payload and flash bag state.
+	*
+	* @param data
+	*/
+	savePayload(_payload) {}
+	/**
+	* Invalidate current session and regenerate new session ID.
+	*/
+	invalidate() {
+		this.flashBag = new FlashBag();
+		this.savePayload({});
+	}
+};
+//#endregion
+//#region src/adapters.ts
+/**
+* FileDriver builder
+* constructor(sessionId: string, sessionDir?: string, cwd?: string)
+*/
+const fileBuilder = (sessionId, options = {}) => {
+	return new FileDriver(sessionId, options.sessionDir ?? options.dir ?? "./storage/sessions", options.cwd ?? process.cwd());
+};
+/**
+* DatabaseDriver builder
+* constructor(sessionId: string, table?: string)
+*/
+const dbBuilder = (sessionId, options = {}) => {
+	const table = options.table ?? "sessions";
+	return new DatabaseDriver(options.sessionId ?? sessionId, table);
+};
+/**
+* MemoryDriver builder
+* constructor(sessionId: string)
+*/
+const memoryBuilder = (sessionId) => {
+	return new MemoryDriver(sessionId);
+};
+/**
+* RedisDriver builder
+* constructor(sessionId: string, redisClient?: RedisClient, prefix?: string)
+*/
+const redisBuilder = (sessionId, options = {}) => {
+	const client = options.client;
+	return new RedisDriver(sessionId, client, options.prefix ?? "h3ravel:sessions:");
+};
+//#endregion
+//#region src/Commands/MakeSessionTableCommand.ts
+var MakeSessionTableCommand = class extends __h3ravel_musket.Command {
+	/**
+	* The name and signature of the console command.
+	*
+	* @var string
+	*/
+	signature = "make:session-table";
+	/**
+	* The console command description.
+	*
+	* @var string
+	*/
+	description = "Create a migration for the session database table";
+	async handle() {
+		await __h3ravel_database.DB.instance().schema.hasTable("sessions").then(async function(exists) {
+			if (!exists) return __h3ravel_database.DB.instance().schema.createTable("sessions", (table) => {
+				table.string("id", 255).primary();
+				table.bigInteger("user_id").nullable().index();
+				table.string("ip_address", 45).nullable();
+				table.text("user_agent").nullable();
+				table.text("payload", "longtext").nullable();
+				table.integer("last_activity").index();
+			});
+		});
+		this.info("INFO: session table created successfully.");
+	}
+};
+//#endregion
+//#region ../../node_modules/.pnpm/h3@2.0.1-rc.5/node_modules/h3/dist/h3.mjs
+const kEventNS = "h3.internal.event.";
+const kEventRes = /* @__PURE__ */ Symbol.for(`${kEventNS}res`);
+const kEventResHeaders = /* @__PURE__ */ Symbol.for(`${kEventNS}res.headers`);
+function parse(str, options) {
+	if (typeof str !== "string") throw new TypeError("argument str must be a string");
+	const obj = {};
+	const opt = options || {};
+	const dec = opt.decode || decode;
+	let index = 0;
+	while (index < str.length) {
+		const eqIdx = str.indexOf("=", index);
+		if (eqIdx === -1) break;
+		let endIdx = str.indexOf(";", index);
+		if (endIdx === -1) endIdx = str.length;
+		else if (endIdx < eqIdx) {
+			index = str.lastIndexOf(";", eqIdx - 1) + 1;
+			continue;
+		}
+		const key = str.slice(index, eqIdx).trim();
+		if (opt?.filter && !opt?.filter(key)) {
+			index = endIdx + 1;
+			continue;
+		}
+		if (void 0 === obj[key]) {
+			let val = str.slice(eqIdx + 1, endIdx).trim();
+			if (val.codePointAt(0) === 34) val = val.slice(1, -1);
+			obj[key] = tryDecode(val, dec);
+		}
+		index = endIdx + 1;
+	}
+	return obj;
+}
+function decode(str) {
+	return str.includes("%") ? decodeURIComponent(str) : str;
+}
+function tryDecode(str, decode2) {
+	try {
+		return decode2(str);
+	} catch {
+		return str;
+	}
+}
+const fieldContentRegExp = /^[\u0009\u0020-\u007E\u0080-\u00FF]+$/;
+function serialize(name, value, options) {
+	const opt = options || {};
+	const enc = opt.encode || encodeURIComponent;
+	if (typeof enc !== "function") throw new TypeError("option encode is invalid");
+	if (!fieldContentRegExp.test(name)) throw new TypeError("argument name is invalid");
+	const encodedValue = enc(value);
+	if (encodedValue && !fieldContentRegExp.test(encodedValue)) throw new TypeError("argument val is invalid");
+	let str = name + "=" + encodedValue;
+	if (void 0 !== opt.maxAge && opt.maxAge !== null) {
+		const maxAge = opt.maxAge - 0;
+		if (Number.isNaN(maxAge) || !Number.isFinite(maxAge)) throw new TypeError("option maxAge is invalid");
+		str += "; Max-Age=" + Math.floor(maxAge);
+	}
+	if (opt.domain) {
+		if (!fieldContentRegExp.test(opt.domain)) throw new TypeError("option domain is invalid");
+		str += "; Domain=" + opt.domain;
+	}
+	if (opt.path) {
+		if (!fieldContentRegExp.test(opt.path)) throw new TypeError("option path is invalid");
+		str += "; Path=" + opt.path;
+	}
+	if (opt.expires) {
+		if (!isDate(opt.expires) || Number.isNaN(opt.expires.valueOf())) throw new TypeError("option expires is invalid");
+		str += "; Expires=" + opt.expires.toUTCString();
+	}
+	if (opt.httpOnly) str += "; HttpOnly";
+	if (opt.secure) str += "; Secure";
+	if (opt.priority) switch (typeof opt.priority === "string" ? opt.priority.toLowerCase() : opt.priority) {
+		case "low":
+			str += "; Priority=Low";
+			break;
+		case "medium":
+			str += "; Priority=Medium";
+			break;
+		case "high":
+			str += "; Priority=High";
+			break;
+		default: throw new TypeError("option priority is invalid");
+	}
+	if (opt.sameSite) switch (typeof opt.sameSite === "string" ? opt.sameSite.toLowerCase() : opt.sameSite) {
+		case true:
+			str += "; SameSite=Strict";
+			break;
+		case "lax":
+			str += "; SameSite=Lax";
+			break;
+		case "strict":
+			str += "; SameSite=Strict";
+			break;
+		case "none":
+			str += "; SameSite=None";
+			break;
+		default: throw new TypeError("option sameSite is invalid");
+	}
+	if (opt.partitioned) str += "; Partitioned";
+	return str;
+}
+function isDate(val) {
+	return Object.prototype.toString.call(val) === "[object Date]" || val instanceof Date;
+}
+function parseSetCookie(setCookieValue, options) {
+	const parts = (setCookieValue || "").split(";").filter((str) => typeof str === "string" && !!str.trim());
+	const parsed = _parseNameValuePair(parts.shift() || "");
+	const name = parsed.name;
+	let value = parsed.value;
+	try {
+		value = options?.decode === false ? value : (options?.decode || decodeURIComponent)(value);
+	} catch {}
+	const cookie = {
+		name,
+		value
+	};
+	for (const part of parts) {
+		const sides = part.split("=");
+		const partKey = (sides.shift() || "").trimStart().toLowerCase();
+		const partValue = sides.join("=");
+		switch (partKey) {
+			case "expires":
+				cookie.expires = new Date(partValue);
+				break;
+			case "max-age":
+				cookie.maxAge = Number.parseInt(partValue, 10);
+				break;
+			case "secure":
+				cookie.secure = true;
+				break;
+			case "httponly":
+				cookie.httpOnly = true;
+				break;
+			case "samesite":
+				cookie.sameSite = partValue;
+				break;
+			default: cookie[partKey] = partValue;
+		}
+	}
+	return cookie;
+}
+function _parseNameValuePair(nameValuePairStr) {
+	let name = "";
+	let value = "";
+	const nameValueArr = nameValuePairStr.split("=");
+	if (nameValueArr.length > 1) {
+		name = nameValueArr.shift();
+		value = nameValueArr.join("=");
+	} else value = nameValuePairStr;
+	return {
+		name,
+		value
+	};
+}
+function parseCookies(event) {
+	return parse(event.req.headers.get("cookie") || "");
+}
+function getCookie(event, name) {
+	return parseCookies(event)[name];
+}
+function setCookie(event, name, value, options) {
+	const newCookie = serialize(name, value, {
+		path: "/",
+		...options
+	});
+	const currentCookies = event.res.headers.getSetCookie();
+	if (currentCookies.length === 0) {
+		event.res.headers.set("set-cookie", newCookie);
+		return;
+	}
+	const newCookieKey = _getDistinctCookieKey(name, options || {});
+	event.res.headers.delete("set-cookie");
+	for (const cookie of currentCookies) {
+		if (_getDistinctCookieKey(cookie.split("=")?.[0], parseSetCookie(cookie)) === newCookieKey) continue;
+		event.res.headers.append("set-cookie", cookie);
+	}
+	event.res.headers.append("set-cookie", newCookie);
+}
+function _getDistinctCookieKey(name, options) {
+	return [
+		name,
+		options.domain || "",
+		options.path || "/"
+	].join(";");
+}
+//#endregion
+//#region src/SessionStore.ts
+/**
+* SessionStore (Driver registry)
+*
+* Register driver builders under a name and then create instances using:
+*   SessionStore.make('file', sessionId, options)
+*/
+var SessionStore = class {
+	static registry = /* @__PURE__ */ new Map();
+	/**
+	* Register a driver builder under a key (e.g. 'file', 'database', 'memory').
+	*/
+	static register(name, builder) {
+		this.registry.set(name, builder);
+	}
+	/**
+	* Create a driver instance for the given sessionId using the named builder.
+	*
+	* If driver not found, throws. Options is a simple key/value bag passed to the builder.
+	*/
+	static make(name, sessionId, options = {}) {
+		const builder = this.registry.get(name);
+		if (!builder) throw new Error(`Session driver "${name}" is not registered`);
+		return builder(sessionId, options);
+	}
+};
+//#endregion
+//#region src/SessionManager.ts
+/**
+* SessionManager
+*
+* Handles session initialization, ID generation, and encryption.
+* Each request gets a unique session namespace tied to its ID.
+*/
+var SessionManager = class SessionManager extends __h3ravel_contracts.ISessionManager {
+	app;
+	ctx;
+	driver;
+	appKey;
+	sessionId;
+	request;
+	flashBag;
+	constructor(app, driverName = "file", driverOptions = {}) {
+		super();
+		this.appKey = process.env.APP_KEY;
+		if (app instanceof __h3ravel_contracts.IHttpContext) {
+			this.request = app.request;
+			this.ctx = app;
+			this.app = app.app;
+		} else {
+			this.app = app;
+			this.ctx = app.make("http.context");
+			this.request = this.ctx.request;
+		}
+		this.sessionId = this.resolveSessionId();
+		this.driver = SessionStore.make(driverName, driverOptions.sessionId ?? this.sessionId, driverOptions);
+		this.flashBag = this.driver.flashBag;
+	}
+	/**
+	* Initialize the Session Manager
+	*
+	* @param ctx
+	* @returns
+	*/
+	static init(app) {
+		return new SessionManager(app, config("session.driver", "file"), {
+			cwd: config("session.files"),
+			sessionDir: "/",
+			dir: "/",
+			table: config("session.table"),
+			prefix: config("database.connections.redis.options.prefix"),
+			client: config(`database.connections.${config("session.driver", "file")}.client`)
+		});
+	}
+	/**
+	* Generate a secure session ID unique to the user device.
+	*/
+	generateSessionId() {
+		const userAgent = this.request.getHeader("user-agent") || "";
+		const ip = this.request.getHeader("x-forwarded-for") || this.request.ip() || "";
+		const random = (0, crypto$1.randomBytes)(32).toString("hex");
+		const fingerprint = (0, crypto$1.createHash)("sha256").update(`${userAgent}-${ip}`).digest("hex");
+		return (0, crypto$1.createHmac)("sha256", this.appKey).update(`${fingerprint}-${random}`).digest("hex");
+	}
+	/**
+	* Resolve the session ID from cookie, header, or create a new one.
+	*/
+	resolveSessionId() {
+		const cookieSession = getCookie(this.ctx.event, "h3ravel_session");
+		if (cookieSession) return cookieSession;
+		const newId = this.generateSessionId();
+		setCookie(this.ctx.event, "h3ravel_session", newId, {
+			httpOnly: true,
+			secure: true,
+			sameSite: "lax",
+			maxAge: 3600 * 24 * 7
+		});
+		return newId;
+	}
+	/**
+	* Access the current session ID.
+	*/
+	id() {
+		return this.sessionId;
+	}
+	/**
+	* Get the current session driver
+	*/
+	getDriver() {
+		return this.driver;
+	}
+	/**
+	* Retrieve a value from the session
+	*
+	* @param key
+	* @param defaultValue
+	* @returns
+	*/
+	get(key, defaultValue) {
+		return this.driver.get(key, defaultValue);
+	}
+	/**
+	* Store a value in the session
+	*
+	* @param key
+	* @param value
+	*/
+	set(value) {
+		return this.driver.set(value);
+	}
+	/**
+	* Store multiple key/value pairs
+	*
+	* @param values
+	*/
+	put(key, value) {
+		return this.driver.put(key, value);
+	}
+	/**
+	* Append a value to an array key
+	*
+	* @param key
+	* @param value
+	*/
+	push(key, value) {
+		return this.driver.push(key, value);
+	}
+	/**
+	* Remove a key from the session
+	*
+	* @param key
+	*/
+	forget(key) {
+		return this.driver.forget(key);
+	}
+	/**
+	* Retrieve all session data
+	*
+	* @returns
+	*/
+	all() {
+		return this.driver.all();
+	}
+	/**
+	* Determine if a key exists (even if null).
+	*
+	* @param key
+	* @returns
+	*/
+	exists(key) {
+		return this.driver.exists(key);
+	}
+	/**
+	* Determine if a key has a non-null value.
+	*
+	* @param key
+	* @returns
+	*/
+	has(key) {
+		return this.driver.has(key);
+	}
+	/**
+	* Get only specific keys.
+	*
+	* @param keys
+	* @returns
+	*/
+	only(keys) {
+		return this.driver.only(keys);
+	}
+	/**
+	* Return all keys except the specified ones.
+	*
+	* @param keys
+	* @returns
+	*/
+	except(keys) {
+		return this.driver.except(keys);
+	}
+	/**
+	* Return and delete a key from the session.
+	*
+	* @param key
+	* @param defaultValue
+	* @returns
+	*/
+	pull(key, defaultValue = null) {
+		return this.driver.pull(key, defaultValue);
+	}
+	/**
+	* Increment a numeric value by amount (default 1).
+	*
+	* @param key
+	* @param amount
+	* @returns
+	*/
+	increment(key, amount = 1) {
+		return this.driver.increment(key, amount);
+	}
+	/**
+	* Decrement a numeric value by amount (default 1).
+	*
+	* @param key
+	* @param amount
+	* @returns
+	*/
+	decrement(key, amount = 1) {
+		return this.driver.decrement(key, amount);
+	}
+	/**
+	* Flash a value for next request only.
+	*
+	* @param key
+	* @param value
+	*/
+	flash(key, value) {
+		return this.driver.flash(key, value);
+	}
+	/**
+	* Reflash all flash data for one more cycle.
+	*
+	* @returns
+	*/
+	reflash() {
+		return this.driver.reflash();
+	}
+	/**
+	* Keep only selected flash data.
+	*
+	* @param keys
+	* @returns
+	*/
+	keep(keys) {
+		return this.driver.keep(keys);
+	}
+	/**
+	* Store data only for current request cycle (not persisted).
+	*
+	* @param key
+	* @param value
+	*/
+	now(key, value) {
+		return this.driver.now(key, value);
+	}
+	/**
+	* Regenerate session ID and persist data under new ID.
+	*/
+	regenerate() {
+		return this.driver.regenerate();
+	}
+	/**
+	* Determine if an item is not present in the session.
+	*
+	* @param key
+	* @returns
+	*/
+	missing(key) {
+		return this.driver.missing(key);
+	}
+	/**
+	* Flush all session data
+	*/
+	flush() {
+		return this.driver.flush();
+	}
+	/**
+	* Invalidate the session completely and regenerate ID.
+	*
+	* @returns
+	*/
+	invalidate() {
+		return this.driver.invalidate();
+	}
+	/**
+	* Age flash data at the end of the request lifecycle.
+	*
+	* @returns
+	*/
+	ageFlashData() {
+		return this.driver.ageFlashData();
+	}
+};
+//#endregion
+//#region src/Providers/SessionServiceProvider.ts
+var SessionServiceProvider = class extends __h3ravel_support.ServiceProvider {
+	static priority = 895;
+	static order = "before:HttpServiceProvider";
+	register() {
+		/**
+		* Register default drivers.
+		*/
+		SessionStore.register("file", fileBuilder);
+		SessionStore.register("database", dbBuilder);
+		SessionStore.register("memory", memoryBuilder);
+		SessionStore.register("redis", redisBuilder);
+		this.app.singleton("session", (app) => {
+			return SessionManager.init(app);
+		});
+		this.app.singleton("session.store", (app) => {
+			return app.make("session").getDriver();
+		});
+		this.registerCommands([MakeSessionTableCommand]);
+	}
+};
+//#endregion
+exports.DatabaseDriver = DatabaseDriver;
+exports.Driver = Driver;
+exports.Encryption = Encryption;
+exports.FileDriver = FileDriver;
+exports.FlashBag = FlashBag;
+exports.MakeSessionTableCommand = MakeSessionTableCommand;
+exports.MemoryDriver = MemoryDriver;
+exports.RedisDriver = RedisDriver;
+exports.SessionManager = SessionManager;
+exports.SessionServiceProvider = SessionServiceProvider;
+exports.SessionStore = SessionStore;
+exports.dbBuilder = dbBuilder;
+exports.fileBuilder = fileBuilder;
+exports.memoryBuilder = memoryBuilder;
+exports.redisBuilder = redisBuilder;