@hogsend/engine 0.0.1

package/src/lib/tracking.ts

@@ -0,0 +1,78 @@
+import type { Database } from "@hogsend/db";
+import { trackedLinks } from "@hogsend/db";
+
+const HREF_RE = /href="(https?:\/\/[^"]+)"/gi;
+
+const SKIP_PATTERNS = ["/v1/email/unsubscribe", "/v1/email/preferences"];
+
+function shouldSkipUrl(url: string): boolean {
+  return SKIP_PATTERNS.some((pattern) => url.includes(pattern));
+}
+
+export async function rewriteLinks(opts: {
+  html: string;
+  emailSendId: string;
+  baseUrl: string;
+  db: Database;
+}): Promise<string> {
+  const { html, emailSendId, baseUrl, db } = opts;
+
+  const uniqueUrls = new Set<string>();
+
+  for (const match of html.matchAll(HREF_RE)) {
+    const url = match[1];
+    if (url && !shouldSkipUrl(url)) {
+      uniqueUrls.add(url);
+    }
+  }
+
+  if (uniqueUrls.size === 0) return html;
+
+  const urlList = [...uniqueUrls];
+  const rows = await db
+    .insert(trackedLinks)
+    .values(urlList.map((url) => ({ emailSendId, originalUrl: url })))
+    .returning({ id: trackedLinks.id, originalUrl: trackedLinks.originalUrl });
+
+  const urlToId = new Map<string, string>();
+  for (const row of rows) {
+    urlToId.set(row.originalUrl, row.id);
+  }
+
+  return html.replace(HREF_RE, (full, url: string) => {
+    if (shouldSkipUrl(url)) return full;
+    const linkId = urlToId.get(url);
+    return linkId ? `href="${baseUrl}/v1/t/c/${linkId}"` : full;
+  });
+}
+
+export function injectOpenPixel(opts: {
+  html: string;
+  emailSendId: string;
+  baseUrl: string;
+}): string {
+  const { html, emailSendId, baseUrl } = opts;
+  const pixel = `<img src="${baseUrl}/v1/t/o/${emailSendId}" width="1" height="1" alt="" style="display:none" />`;
+
+  const bodyCloseIdx = html.lastIndexOf("</body>");
+  if (bodyCloseIdx !== -1) {
+    return html.slice(0, bodyCloseIdx) + pixel + html.slice(bodyCloseIdx);
+  }
+
+  return html + pixel;
+}
+
+export async function prepareTrackedHtml(opts: {
+  html: string;
+  emailSendId: string;
+  baseUrl: string;
+  db: Database;
+}): Promise<string> {
+  let result = await rewriteLinks(opts);
+  result = injectOpenPixel({
+    html: result,
+    emailSendId: opts.emailSendId,
+    baseUrl: opts.baseUrl,
+  });
+  return result;
+}

package/src/middleware/api-key.ts

@@ -0,0 +1,129 @@
+import { apiKeys } from "@hogsend/db";
+import { and, eq, isNull } from "drizzle-orm";
+import { createMiddleware } from "hono/factory";
+import type { AppEnv } from "../app.js";
+import { hashApiKey } from "../lib/api-key-hash.js";
+
+export interface ApiKeyContext {
+  id: string;
+  name: string;
+  scopes: string[];
+}
+
+const SCOPE_HIERARCHY: Record<string, number> = {
+  read: 0,
+  "journey-admin": 1,
+  "full-admin": 2,
+};
+
+const KEY_CACHE = new Map<
+  string,
+  {
+    data: ApiKeyContext & { expiresAt: Date | null; lastUsedAt: Date | null };
+    cachedAt: number;
+  }
+>();
+const CACHE_TTL = 60_000;
+const LAST_USED_DEBOUNCE = 5 * 60_000;
+
+export const requireApiKey = createMiddleware<AppEnv>(async (c, next) => {
+  const { env, db } = c.get("container");
+
+  const header = c.req.header("authorization");
+  const provided = header?.startsWith("Bearer ") ? header.slice(7) : undefined;
+
+  if (!provided) {
+    return c.json({ error: "Unauthorized" }, 401);
+  }
+
+  if (env.ADMIN_API_KEY && provided === env.ADMIN_API_KEY) {
+    c.set("apiKey", {
+      id: "legacy",
+      name: "legacy",
+      scopes: ["full-admin"],
+    });
+    return next();
+  }
+
+  const keyHash = hashApiKey(provided);
+
+  const cached = KEY_CACHE.get(keyHash);
+  if (cached && Date.now() - cached.cachedAt < CACHE_TTL) {
+    if (cached.data.expiresAt && cached.data.expiresAt < new Date()) {
+      return c.json({ error: "API key expired" }, 401);
+    }
+    c.set("apiKey", {
+      id: cached.data.id,
+      name: cached.data.name,
+      scopes: cached.data.scopes,
+    });
+    return next();
+  }
+
+  const rows = await db
+    .select()
+    .from(apiKeys)
+    .where(and(eq(apiKeys.keyHash, keyHash), isNull(apiKeys.revokedAt)))
+    .limit(1);
+
+  const key = rows[0];
+  if (!key) {
+    return c.json({ error: "Unauthorized" }, 401);
+  }
+
+  if (key.expiresAt && key.expiresAt < new Date()) {
+    return c.json({ error: "API key expired" }, 401);
+  }
+
+  const keyContext: ApiKeyContext = {
+    id: key.id,
+    name: key.name,
+    scopes: key.scopes as string[],
+  };
+
+  c.set("apiKey", keyContext);
+
+  KEY_CACHE.set(keyHash, {
+    data: {
+      ...keyContext,
+      expiresAt: key.expiresAt,
+      lastUsedAt: key.lastUsedAt,
+    },
+    cachedAt: Date.now(),
+  });
+
+  const shouldUpdateLastUsed =
+    !key.lastUsedAt ||
+    Date.now() - key.lastUsedAt.getTime() > LAST_USED_DEBOUNCE;
+
+  if (shouldUpdateLastUsed) {
+    db.update(apiKeys)
+      .set({ lastUsedAt: new Date() })
+      .where(eq(apiKeys.id, key.id))
+      .then(() => {})
+      .catch(() => {});
+  }
+
+  return next();
+});
+
+export function requireScope(scope: string) {
+  const required = SCOPE_HIERARCHY[scope] ?? 0;
+
+  return createMiddleware<AppEnv>(async (c, next) => {
+    const apiKey = c.get("apiKey");
+    if (!apiKey) {
+      return c.json({ error: "Unauthorized" }, 401);
+    }
+
+    const maxScope = Math.max(
+      ...apiKey.scopes.map((s: string) => SCOPE_HIERARCHY[s] ?? 0),
+    );
+
+    if (maxScope < required) {
+      return c.json({ error: "Forbidden: insufficient scope" }, 403);
+    }
+
+    return next();
+  });
+}

package/src/middleware/audit.ts

@@ -0,0 +1,47 @@
+import { auditLogs } from "@hogsend/db";
+import { createMiddleware } from "hono/factory";
+import type { AppEnv } from "../app.js";
+
+const MUTATION_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
+
+function extractResource(path: string): {
+  resource: string;
+  resourceId: string | null;
+} {
+  const parts = path
+    .replace(/^\/v1\/admin\//, "")
+    .split("/")
+    .filter(Boolean);
+
+  const resource = parts[0] ?? "unknown";
+  const resourceId = parts[1] ?? null;
+  return { resource, resourceId };
+}
+
+export const auditMiddleware = createMiddleware<AppEnv>(async (c, next) => {
+  await next();
+
+  if (!MUTATION_METHODS.has(c.req.method)) return;
+  if (c.res.status >= 400) return;
+
+  const apiKey = c.get("apiKey");
+  const { db, logger } = c.get("container");
+  const { resource, resourceId } = extractResource(c.req.path);
+
+  db.insert(auditLogs)
+    .values({
+      actor: apiKey?.name ?? "unknown",
+      actorKeyId: apiKey?.id && apiKey.id !== "legacy" ? apiKey.id : null,
+      action: `${resource}.${c.req.method.toLowerCase()}`,
+      resource,
+      resourceId,
+      ipAddress:
+        c.req.header("x-forwarded-for") ?? c.req.header("x-real-ip") ?? null,
+    })
+    .then(() => {})
+    .catch((err: unknown) => {
+      logger.warn("Audit log write failed", {
+        error: err instanceof Error ? err.message : String(err),
+      });
+    });
+});

package/src/middleware/auth.ts

@@ -0,0 +1,24 @@
+import type { Context } from "hono";
+import { createMiddleware } from "hono/factory";
+import type { AppEnv } from "../app.js";
+
+async function resolveSession(c: Context<AppEnv>) {
+  const { auth } = c.get("container");
+  const session = await auth.api.getSession({ headers: c.req.raw.headers });
+  c.set("user", session?.user ?? null);
+  c.set("session", session?.session ?? null);
+  return session;
+}
+
+export const sessionMiddleware = createMiddleware<AppEnv>(async (c, next) => {
+  await resolveSession(c);
+  return next();
+});
+
+export const requireAuth = createMiddleware<AppEnv>(async (c, next) => {
+  const session = await resolveSession(c);
+  if (!session) {
+    return c.json({ error: "Unauthorized" }, 401);
+  }
+  return next();
+});

package/src/middleware/error-handler.ts

@@ -0,0 +1,22 @@
+import type { ErrorHandler } from "hono";
+import type { ContentfulStatusCode } from "hono/utils/http-status";
+import type { AppEnv } from "../app.js";
+
+export const errorHandler: ErrorHandler<AppEnv> = (err, c) => {
+  const logger = c.get("container").logger;
+
+  const status: ContentfulStatusCode =
+    "status" in err && typeof err.status === "number"
+      ? (err.status as ContentfulStatusCode)
+      : 500;
+  const message = status === 500 ? "Internal Server Error" : err.message;
+
+  logger.error(err.message, {
+    stack: err.stack,
+    path: c.req.path,
+    method: c.req.method,
+    status,
+  });
+
+  return c.json({ error: message }, status);
+};

package/src/middleware/rate-limit.ts

@@ -0,0 +1,65 @@
+import { createMiddleware } from "hono/factory";
+import type { AppEnv } from "../app.js";
+import { getRedis } from "../lib/redis.js";
+
+const WINDOW_MS = 60_000;
+const MAX_REQUESTS = 100;
+
+const memoryStore = new Map<string, number[]>();
+let cleanupCounter = 0;
+const MAX_KEYS = 10_000;
+
+export const rateLimit = createMiddleware<AppEnv>(async (c, next) => {
+  if (process.env.NODE_ENV === "test") return next();
+
+  const apiKey = c.get("apiKey");
+  const keyId = apiKey?.id ?? "anonymous";
+  const now = Date.now();
+
+  let count: number;
+
+  try {
+    const redis = getRedis();
+    if (redis) {
+      const windowKey = `ratelimit:${keyId}`;
+      const pipeline = redis.pipeline();
+      pipeline.zremrangebyscore(windowKey, 0, now - WINDOW_MS);
+      pipeline.zcard(windowKey);
+      pipeline.zadd(windowKey, now, `${now}:${Math.random()}`);
+      pipeline.expire(windowKey, Math.ceil(WINDOW_MS / 1000));
+
+      const results = await pipeline.exec();
+      count = (results?.[1]?.[1] as number) ?? 0;
+    } else {
+      throw new Error("No Redis");
+    }
+  } catch {
+    const entries = memoryStore.get(keyId) ?? [];
+    const cutoff = now - WINDOW_MS;
+    const valid = entries.filter((t) => t > cutoff);
+    valid.push(now);
+    memoryStore.set(keyId, valid);
+    count = valid.length - 1;
+
+    if (++cleanupCounter % 100 === 0 && memoryStore.size > MAX_KEYS) {
+      const sweepCutoff = now - WINDOW_MS;
+      for (const [key, entries] of memoryStore) {
+        const active = entries.filter((t) => t > sweepCutoff);
+        if (active.length === 0) memoryStore.delete(key);
+        else memoryStore.set(key, active);
+      }
+    }
+  }
+
+  c.header("X-RateLimit-Limit", String(MAX_REQUESTS));
+  c.header(
+    "X-RateLimit-Remaining",
+    String(Math.max(0, MAX_REQUESTS - count - 1)),
+  );
+
+  if (count >= MAX_REQUESTS) {
+    return c.json({ error: "Rate limit exceeded" }, 429);
+  }
+
+  return next();
+});

package/src/middleware/request-logger.ts

@@ -0,0 +1,19 @@
+import type { MiddlewareHandler } from "hono";
+import type { AppEnv } from "../app.js";
+
+export const requestLogger: MiddlewareHandler<AppEnv> = async (c, next) => {
+  const start = Date.now();
+
+  await next();
+
+  const duration = Date.now() - start;
+  const logger = c.get("container").logger;
+
+  logger.http("request", {
+    method: c.req.method,
+    path: c.req.path,
+    status: c.res.status,
+    duration,
+    requestId: c.get("requestId"),
+  });
+};