@hypersonic-js/core 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +13 -0
- package/dist/auth/setup.d.ts +6 -1
- package/dist/auth/setup.d.ts.map +1 -1
- package/dist/auth/setup.js +9 -1
- package/dist/auth/setup.js.map +1 -1
- package/dist/auth/types.d.ts +6 -0
- package/dist/auth/types.d.ts.map +1 -1
- package/dist/config/types.d.ts +10 -0
- package/dist/config/types.d.ts.map +1 -1
- package/dist/inertia/middleware.d.ts +5 -1
- package/dist/inertia/middleware.d.ts.map +1 -1
- package/dist/inertia/middleware.js +32 -6
- package/dist/inertia/middleware.js.map +1 -1
- package/dist/server/app.d.ts.map +1 -1
- package/dist/server/app.js +1 -0
- package/dist/server/app.js.map +1 -1
- package/package.json +7 -7
- package/Readme.md +0 -30
package/README.md
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# @hypersonic-js/core
|
|
2
|
+
|
|
3
|
+
The core of Hypersonic.js — a modern Django-inspired full-stack TypeScript framework
|
|
4
|
+
|
|
5
|
+
📖 **[Full documentation → hypersonic-js.com](https://hypersonic-js.com)**
|
|
6
|
+
|
|
7
|
+
## Install
|
|
8
|
+
|
|
9
|
+
npm install @hypersonic-js/core
|
|
10
|
+
|
|
11
|
+
## License
|
|
12
|
+
|
|
13
|
+
MIT
|
package/dist/auth/setup.d.ts
CHANGED
|
@@ -4,14 +4,19 @@ export type AuthInstance = ReturnType<typeof betterAuth>;
|
|
|
4
4
|
/**
|
|
5
5
|
* Creates and returns a configured Better Auth instance.
|
|
6
6
|
* OAuth social providers are only wired in when credentials are supplied.
|
|
7
|
+
* The rateLimit option is only forwarded when explicitly provided, allowing
|
|
8
|
+
* test environments to pass `{ enabled: false }` to suppress the in-process
|
|
9
|
+
* rate limiter and avoid 429s across shared test suites.
|
|
7
10
|
*
|
|
8
|
-
*
|
|
11
|
+
* Three targeted casts remain:
|
|
9
12
|
* - `prisma as PrismaAdapterClient`: our public API keeps `prisma: unknown`
|
|
10
13
|
* to stay agnostic of the generated PrismaClient types; the adapter's own
|
|
11
14
|
* PrismaClient is an empty interface so the cast is safe at runtime.
|
|
12
15
|
* - `socialProviders as BetterAuthOptions['socialProviders']`: our plain record
|
|
13
16
|
* satisfies the runtime contract but TypeScript cannot verify it against the
|
|
14
17
|
* `SocialProviders` mapped type without a cast.
|
|
18
|
+
* - `rateLimit as BetterAuthOptions['rateLimit']`: our `{ enabled?: boolean }`
|
|
19
|
+
* subset is a valid runtime value for Better Auth's rateLimit field.
|
|
15
20
|
*/
|
|
16
21
|
export declare function createAuth(options: AuthSetupOptions): AuthInstance;
|
|
17
22
|
//# sourceMappingURL=setup.d.ts.map
|
package/dist/auth/setup.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAIxC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,UAAU,CAAC,CAAA;AAUxD
|
|
1
|
+
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAIxC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,UAAU,CAAC,CAAA;AAUxD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,gBAAgB,GAAG,YAAY,CA8BlE"}
|
package/dist/auth/setup.js
CHANGED
|
@@ -4,14 +4,19 @@ import { admin } from 'better-auth/plugins';
|
|
|
4
4
|
/**
|
|
5
5
|
* Creates and returns a configured Better Auth instance.
|
|
6
6
|
* OAuth social providers are only wired in when credentials are supplied.
|
|
7
|
+
* The rateLimit option is only forwarded when explicitly provided, allowing
|
|
8
|
+
* test environments to pass `{ enabled: false }` to suppress the in-process
|
|
9
|
+
* rate limiter and avoid 429s across shared test suites.
|
|
7
10
|
*
|
|
8
|
-
*
|
|
11
|
+
* Three targeted casts remain:
|
|
9
12
|
* - `prisma as PrismaAdapterClient`: our public API keeps `prisma: unknown`
|
|
10
13
|
* to stay agnostic of the generated PrismaClient types; the adapter's own
|
|
11
14
|
* PrismaClient is an empty interface so the cast is safe at runtime.
|
|
12
15
|
* - `socialProviders as BetterAuthOptions['socialProviders']`: our plain record
|
|
13
16
|
* satisfies the runtime contract but TypeScript cannot verify it against the
|
|
14
17
|
* `SocialProviders` mapped type without a cast.
|
|
18
|
+
* - `rateLimit as BetterAuthOptions['rateLimit']`: our `{ enabled?: boolean }`
|
|
19
|
+
* subset is a valid runtime value for Better Auth's rateLimit field.
|
|
15
20
|
*/
|
|
16
21
|
export function createAuth(options) {
|
|
17
22
|
const socialProviders = {};
|
|
@@ -32,6 +37,9 @@ export function createAuth(options) {
|
|
|
32
37
|
if (hasSocialProviders) {
|
|
33
38
|
authOptions.socialProviders = socialProviders;
|
|
34
39
|
}
|
|
40
|
+
if (options.rateLimit !== undefined) {
|
|
41
|
+
authOptions.rateLimit = options.rateLimit;
|
|
42
|
+
}
|
|
35
43
|
return betterAuth(authOptions);
|
|
36
44
|
}
|
|
37
45
|
//# sourceMappingURL=setup.js.map
|
package/dist/auth/setup.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAA;AAC3D,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAc3C
|
|
1
|
+
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/auth/setup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAA;AAC3D,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAc3C;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,UAAU,CAAC,OAAyB;IAClD,MAAM,eAAe,GAA+D,EAAE,CAAA;IAEtF,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAC5C,eAAe,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAA;IACtD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAC5C,eAAe,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAA;IACtD,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IAElE,MAAM,WAAW,GAAsB;QACrC,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,QAAQ,EAAE,aAAa,CAAC,OAAO,CAAC,MAA6B,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;QAC9F,gBAAgB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QACnC,OAAO,EAAE,CAAC,KAAK,EAAE,CAAC;KACnB,CAAA;IAED,IAAI,kBAAkB,EAAE,CAAC;QACvB,WAAW,CAAC,eAAe,GAAG,eAAuD,CAAA;IACvF,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,WAAW,CAAC,SAAS,GAAG,OAAO,CAAC,SAA2C,CAAA;IAC7E,CAAC;IAED,OAAO,UAAU,CAAC,WAAW,CAAiB,CAAA;AAChD,CAAC"}
|
package/dist/auth/types.d.ts
CHANGED
|
@@ -13,6 +13,12 @@ export interface AuthSetupOptions {
|
|
|
13
13
|
github?: SocialProviderCredentials;
|
|
14
14
|
google?: SocialProviderCredentials;
|
|
15
15
|
};
|
|
16
|
+
/**
|
|
17
|
+
* Better Auth rate-limit settings.
|
|
18
|
+
*/
|
|
19
|
+
rateLimit?: {
|
|
20
|
+
enabled?: boolean;
|
|
21
|
+
};
|
|
16
22
|
}
|
|
17
23
|
export type { betterAuth as BetterAuth } from 'better-auth';
|
|
18
24
|
//# sourceMappingURL=types.d.ts.map
|
package/dist/auth/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAE1D,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,MAAM,EAAE,CAAA;IACxB,4EAA4E;IAC5E,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,MAAM,EAAE,OAAO,CAAA;IACf,SAAS,CAAC,EAAE;QACV,MAAM,CAAC,EAAE,yBAAyB,CAAA;QAClC,MAAM,CAAC,EAAE,yBAAyB,CAAA;KACnC,CAAA;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAE1D,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,EAAE,MAAM,CAAA;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,MAAM,EAAE,CAAA;IACxB,4EAA4E;IAC5E,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,MAAM,EAAE,OAAO,CAAA;IACf,SAAS,CAAC,EAAE;QACV,MAAM,CAAC,EAAE,yBAAyB,CAAA;QAClC,MAAM,CAAC,EAAE,yBAAyB,CAAA;KACnC,CAAA;IACD;;OAEG;IACH,SAAS,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE,CAAA;CAClC;AAGD,YAAY,EAAE,UAAU,IAAI,UAAU,EAAE,MAAM,aAAa,CAAA"}
|
package/dist/config/types.d.ts
CHANGED
|
@@ -10,9 +10,19 @@ export interface AuthProviders {
|
|
|
10
10
|
github?: boolean;
|
|
11
11
|
google?: boolean;
|
|
12
12
|
}
|
|
13
|
+
export interface AuthRateLimit {
|
|
14
|
+
/** Set to false to disable Better Auth's built-in rate limiting (useful in test environments). */
|
|
15
|
+
enabled?: boolean;
|
|
16
|
+
}
|
|
13
17
|
export interface AuthConfig {
|
|
14
18
|
trustedOrigins: string[];
|
|
15
19
|
providers?: AuthProviders;
|
|
20
|
+
/**
|
|
21
|
+
* Better Auth rate-limit settings.
|
|
22
|
+
* Pass `{ enabled: false }` in test environments to prevent the in-process
|
|
23
|
+
* rate limiter from triggering 429 errors across shared test suites.
|
|
24
|
+
*/
|
|
25
|
+
rateLimit?: AuthRateLimit;
|
|
16
26
|
}
|
|
17
27
|
export interface InertiaConfig {
|
|
18
28
|
ssr: boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,YAAY,GAAG,QAAQ,CAAA;AAEtD,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,gBAAgB,CAAA;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;CACb;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,MAAM,CAAC,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,cAAc,EAAE,MAAM,EAAE,CAAA;IACxB,SAAS,CAAC,EAAE,aAAa,CAAA;CAC1B;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,OAAO,CAAA;IACZ,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED;;;GAGG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAA;AAEzF,MAAM,WAAW,aAAa;IAC5B;;;OAGG;IACH,KAAK,EAAE,QAAQ,CAAA;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,IAAI,EAAE,UAAU,CAAA;IAChB,OAAO,EAAE,aAAa,CAAA;IACtB,QAAQ,EAAE,cAAc,CAAA;IACxB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAA;CACxB"}
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,YAAY,GAAG,QAAQ,CAAA;AAEtD,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,gBAAgB,CAAA;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;CACb;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,MAAM,CAAC,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,kGAAkG;IAClG,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,cAAc,EAAE,MAAM,EAAE,CAAA;IACxB,SAAS,CAAC,EAAE,aAAa,CAAA;IACzB;;;;OAIG;IACH,SAAS,CAAC,EAAE,aAAa,CAAA;CAC1B;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,OAAO,CAAA;IACZ,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED;;;GAGG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAA;AAEzF,MAAM,WAAW,aAAa;IAC5B;;;OAGG;IACH,KAAK,EAAE,QAAQ,CAAA;CAChB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,IAAI,EAAE,UAAU,CAAA;IAChB,OAAO,EAAE,aAAa,CAAA;IACtB,QAAQ,EAAE,cAAc,CAAA;IACxB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAA;CACxB"}
|
|
@@ -29,7 +29,11 @@ export declare function createInertiaErrorHandler(): (err: unknown, req: Request
|
|
|
29
29
|
*
|
|
30
30
|
* - **csrfValidator** — on POST/PUT/PATCH/DELETE requests, verifies that the
|
|
31
31
|
* `X-XSRF-TOKEN` request header matches the `XSRF-TOKEN` request cookie.
|
|
32
|
-
* Returns 419 if they are absent or do not match.
|
|
32
|
+
* Returns 419 if they are absent or do not match. Exception: when both the
|
|
33
|
+
* cookie AND the header are absent the client has not yet received a CSRF
|
|
34
|
+
* cookie (a completely unauthenticated request with no prior GET). In that
|
|
35
|
+
* case validation is skipped and downstream auth middleware is responsible
|
|
36
|
+
* for redirecting or rejecting the request.
|
|
33
37
|
*
|
|
34
38
|
* Note: `/api/auth/*` routes are handled by Better Auth before reaching this
|
|
35
39
|
* middleware, so they are naturally excluded from CSRF validation.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/inertia/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAkB,MAAM,SAAS,CAAA;AAC3F,OAAO,KAAK,EAAe,cAAc,EAAE,MAAM,YAAY,CAAA;AAgE7D;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,yBAAyB,IAAI,CAC3C,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,KACf,IAAI,CAWR;AAED
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/inertia/middleware.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAkB,MAAM,SAAS,CAAA;AAC3F,OAAO,KAAK,EAAe,cAAc,EAAE,MAAM,YAAY,CAAA;AAgE7D;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,yBAAyB,IAAI,CAC3C,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,KACf,IAAI,CAWR;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,uBAAuB,CAC3C,GAAG,EAAE,WAAW,EAChB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,IAAI,CAAC,CAoHf"}
|
|
@@ -97,7 +97,11 @@ export function createInertiaErrorHandler() {
|
|
|
97
97
|
*
|
|
98
98
|
* - **csrfValidator** — on POST/PUT/PATCH/DELETE requests, verifies that the
|
|
99
99
|
* `X-XSRF-TOKEN` request header matches the `XSRF-TOKEN` request cookie.
|
|
100
|
-
* Returns 419 if they are absent or do not match.
|
|
100
|
+
* Returns 419 if they are absent or do not match. Exception: when both the
|
|
101
|
+
* cookie AND the header are absent the client has not yet received a CSRF
|
|
102
|
+
* cookie (a completely unauthenticated request with no prior GET). In that
|
|
103
|
+
* case validation is skipped and downstream auth middleware is responsible
|
|
104
|
+
* for redirecting or rejecting the request.
|
|
101
105
|
*
|
|
102
106
|
* Note: `/api/auth/*` routes are handled by Better Auth before reaching this
|
|
103
107
|
* middleware, so they are naturally excluded from CSRF validation.
|
|
@@ -125,6 +129,14 @@ export async function createInertiaMiddleware(app, options) {
|
|
|
125
129
|
};
|
|
126
130
|
// CSRF validator — rejects mutation requests where the X-XSRF-TOKEN header
|
|
127
131
|
// does not match the XSRF-TOKEN cookie that was set on a prior response.
|
|
132
|
+
//
|
|
133
|
+
// Special case: when neither token is present the client has not yet
|
|
134
|
+
// received a CSRF cookie (e.g. a completely unauthenticated browser request
|
|
135
|
+
// with no prior GET). Returning 419 in that case would mask the auth-guard
|
|
136
|
+
// redirect to /login with a confusing error. Downstream auth middleware
|
|
137
|
+
// handles these requests. 419 is only appropriate when a cookie exists but
|
|
138
|
+
// the header is wrong or missing — i.e. when there is something concrete to
|
|
139
|
+
// validate against.
|
|
128
140
|
const csrfValidator = (req, res, next) => {
|
|
129
141
|
if (!CSRF_MUTATION_METHODS.has(req.method)) {
|
|
130
142
|
next();
|
|
@@ -132,10 +144,19 @@ export async function createInertiaMiddleware(app, options) {
|
|
|
132
144
|
}
|
|
133
145
|
const cookies = parseCookieHeader(req.headers.cookie);
|
|
134
146
|
const cookieToken = cookies[CSRF_COOKIE];
|
|
135
|
-
const
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
147
|
+
const rawHeaderToken = req.headers[CSRF_HEADER];
|
|
148
|
+
// The header value is always a plain string for custom headers; normalise
|
|
149
|
+
// to string | undefined so the comparison below is type-safe.
|
|
150
|
+
const headerToken = Array.isArray(rawHeaderToken) ? rawHeaderToken[0] : rawHeaderToken;
|
|
151
|
+
const hasCookie = typeof cookieToken === 'string' && cookieToken.length > 0;
|
|
152
|
+
const hasHeader = typeof headerToken === 'string' && headerToken.length > 0;
|
|
153
|
+
// Both absent — no CSRF context; defer to downstream auth middleware.
|
|
154
|
+
if (!hasCookie && !hasHeader) {
|
|
155
|
+
next();
|
|
156
|
+
return;
|
|
157
|
+
}
|
|
158
|
+
// Cookie present but header wrong/missing, or header present but no cookie.
|
|
159
|
+
if (!hasCookie || cookieToken !== headerToken) {
|
|
139
160
|
res.status(419).json({ error: 'CSRF token mismatch' });
|
|
140
161
|
return;
|
|
141
162
|
}
|
|
@@ -146,9 +167,14 @@ export async function createInertiaMiddleware(app, options) {
|
|
|
146
167
|
// Inertia protocol middleware
|
|
147
168
|
const inertiaMiddleware = (req, res, next) => {
|
|
148
169
|
const isInertiaRequest = Boolean(req.headers[INERTIA_HEADER]);
|
|
149
|
-
// Asset version mismatch — force a full page reload
|
|
170
|
+
// Asset version mismatch — force a full page reload.
|
|
171
|
+
// Only fires when the client sends X-Inertia-Version AND it doesn't match
|
|
172
|
+
// the server version. Requests without the header (e.g. test clients that
|
|
173
|
+
// set X-Inertia but omit the version) are let through so they receive the
|
|
174
|
+
// normal JSON response rather than a 409.
|
|
150
175
|
if (isInertiaRequest &&
|
|
151
176
|
req.method === 'GET' &&
|
|
177
|
+
req.headers[INERTIA_VERSION_HEADER] !== undefined &&
|
|
152
178
|
req.headers[INERTIA_VERSION_HEADER] !== version) {
|
|
153
179
|
res.setHeader('X-Inertia-Location', req.url);
|
|
154
180
|
res.status(409).end();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/inertia/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACzC,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAE9C,MAAM,cAAc,GAAG,WAAW,CAAA;AAClC,MAAM,sBAAsB,GAAG,mBAAmB,CAAA;AAClD,MAAM,WAAW,GAAG,YAAY,CAAA;AAChC,MAAM,WAAW,GAAG,cAAc,CAAA;AAClC,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAA;AAEzE,SAAS,iBAAiB;IACxB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACxC,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,YAAgC;IACzD,IAAI,CAAC,YAAY;QAAE,OAAO,EAAE,CAAA;IAC5B,MAAM,MAAM,GAA2B,EAAE,CAAA;IACzC,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAI,KAAK,KAAK,CAAC,CAAC;YAAE,SAAQ;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACxC,IAAI,KAAa,CAAA;QACjB,IAAI,CAAC;YACH,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAA;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,GAAG,GAAG,CAAA;QACb,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;IACrB,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAiB,EAAE,SAAiB;IACrD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAA;IACjD,OAAO;;;;;MAKH,SAAS;;;sDAGuC,QAAQ;;;QAGtD,CAAA;AACR,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,yBAAyB;IAMvC,OAAO,CAAC,GAAY,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC7E,IAAI,CAAC,CAAC,GAAG,YAAY,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC,GAAG,CAAC,CAAA;YACT,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACtC,MAAM,WAAW,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA;QACrF,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAChC,CAAC,CAAA;AACH,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/inertia/middleware.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACzC,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAE9C,MAAM,cAAc,GAAG,WAAW,CAAA;AAClC,MAAM,sBAAsB,GAAG,mBAAmB,CAAA;AAClD,MAAM,WAAW,GAAG,YAAY,CAAA;AAChC,MAAM,WAAW,GAAG,cAAc,CAAA;AAClC,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAA;AAEzE,SAAS,iBAAiB;IACxB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACxC,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,YAAgC;IACzD,IAAI,CAAC,YAAY;QAAE,OAAO,EAAE,CAAA;IAC5B,MAAM,MAAM,GAA2B,EAAE,CAAA;IACzC,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAI,KAAK,KAAK,CAAC,CAAC;YAAE,SAAQ;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAA;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACxC,IAAI,KAAa,CAAA;QACjB,IAAI,CAAC;YACH,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAA;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,GAAG,GAAG,CAAA;QACb,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;IACrB,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;AAC7B,CAAC;AAED,SAAS,SAAS,CAAC,IAAiB,EAAE,SAAiB;IACrD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAA;IACjD,OAAO;;;;;MAKH,SAAS;;;sDAGuC,QAAQ;;;QAGtD,CAAA;AACR,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,yBAAyB;IAMvC,OAAO,CAAC,GAAY,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC7E,IAAI,CAAC,CAAC,GAAG,YAAY,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC,GAAG,CAAC,CAAA;YACT,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QACtC,MAAM,WAAW,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA;QACrF,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAChC,CAAC,CAAA;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,GAAgB,EAChB,OAAuB;IAEvB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,GAAG,CAAA;IACtC,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IAE/C,+CAA+C;IAC/C,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,UAA4B,CAAC,CAAA;IAE1C,yEAAyE;IACzE,yEAAyE;IACzE,6DAA6D;IAC7D,+DAA+D;IAC/D,MAAM,UAAU,GAAmB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC3F,MAAM,OAAO,GAAG,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QACrD,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,iBAAiB,EAAE,EAAE;gBAC3C,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY;gBAChD,IAAI,EAAE,GAAG;aACV,CAAC,CAAA;QACJ,CAAC;QACD,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;IAED,2EAA2E;IAC3E,yEAAyE;IACzE,EAAE;IACF,qEAAqE;IACrE,4EAA4E;IAC5E,2EAA2E;IAC3E,wEAAwE;IACxE,2EAA2E;IAC3E,4EAA4E;IAC5E,oBAAoB;IACpB,MAAM,aAAa,GAAmB,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC9F,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3C,IAAI,EAAE,CAAA;YACN,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QACrD,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,CAAA;QACxC,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;QAC/C,0EAA0E;QAC1E,8DAA8D;QAC9D,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAA;QAEtF,MAAM,SAAS,GAAG,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAA;QAC3E,MAAM,SAAS,GAAG,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAA;QAE3E,sEAAsE;QACtE,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YAC7B,IAAI,EAAE,CAAA;YACN,OAAM;QACR,CAAC;QAED,4EAA4E;QAC5E,IAAI,CAAC,SAAS,IAAI,WAAW,KAAK,WAAW,EAAE,CAAC;YAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC,CAAA;YACtD,OAAM;QACR,CAAC;QAED,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;IAED,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;IACnB,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;IAEtB,8BAA8B;IAC9B,MAAM,iBAAiB,GAAmB,CACxC,GAAY,EACZ,GAAa,EACb,IAAkB,EACZ,EAAE;QACR,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAA;QAE7D,qDAAqD;QACrD,0EAA0E;QAC1E,0EAA0E;QAC1E,0EAA0E;QAC1E,0CAA0C;QAC1C,IACE,gBAAgB;YAChB,GAAG,CAAC,MAAM,KAAK,KAAK;YACpB,GAAG,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,SAAS;YACjD,GAAG,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,OAAO,EAC/C,CAAC;YACD,GAAG,CAAC,SAAS,CAAC,oBAAoB,EAAE,GAAG,CAAC,GAAG,CAAC,CAAA;YAC5C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;YACrB,OAAM;QACR,CAAC;QAED,GAAG,CAAC,OAAO,GAAG,CAAC,SAAiB,EAAE,QAAiC,EAAE,EAAQ,EAAE;YAC7E,MAAM,IAAI,GAAgB;gBACxB,SAAS;gBACT,KAAK;gBACL,GAAG,EAAE,GAAG,CAAC,WAAW;gBACpB,OAAO;aACR,CAAA;YAED,IAAI,gBAAgB,EAAE,CAAC;gBACrB,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;gBAClC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;gBAClC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAC1B,OAAM;YACR,CAAC;YAED,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAA;YAC9C,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAA;YACzD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC5B,CAAC,CAAA;QAED,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;IAED,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;AAC5B,CAAC"}
|
package/dist/server/app.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../../src/server/app.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AA4BjE;;;;;;GAMG;AACH,wBAAsB,SAAS,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC,
|
|
1
|
+
{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../../src/server/app.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AA4BjE;;;;;;GAMG;AACH,wBAAsB,SAAS,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC,CAsDjF"}
|
package/dist/server/app.js
CHANGED
package/dist/server/app.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"app.js","sourceRoot":"","sources":["../../src/server/app.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAA;AAEpC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAA;AAClE,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAKjD,SAAS,gBAAgB,CACvB,MAAwB,EACxB,GAAQ;IAER,MAAM,SAAS,GAA+D,EAAE,CAAA;IAChF,MAAM,CAAC,GAAG,GAAyC,CAAA;IAEnD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,EAAE,CAAC;QAC3C,SAAS,CAAC,QAAQ,CAAC,GAAG;YACpB,QAAQ,EAAE,CAAC,CAAC,kBAAkB,CAAW;YACzC,YAAY,EAAE,CAAC,CAAC,sBAAsB,CAAW;SAClD,CAAA;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,EAAE,CAAC;QAC3C,SAAS,CAAC,QAAQ,CAAC,GAAG;YACpB,QAAQ,EAAE,CAAC,CAAC,kBAAkB,CAAW;YACzC,YAAY,EAAE,CAAC,CAAC,sBAAsB,CAAW;SAClD,CAAA;IACH,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAA;AAClE,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAyB;IACvD,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAEvC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,2CAA2C;YACzC,sDAAsD;YACtD,wCAAwC,CAC3C,CAAA;IACH,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,IAAI,OAAO,CAAC,CAAA;IAE7D,MAAM,GAAG,GAAG,OAAO,EAAE,CAAA;IAErB,oBAAoB;IACpB,iEAAiE;IACjE,iEAAiE;IACjE,oEAAoE;IACpE,yEAAyE;IACzE,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CACL,MAAM,CAAC;QACL,qBAAqB,EAAE,KAAK;QAC5B,cAAc,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE;KAC1C,CAAC,CACH,CAAA;IAED,iDAAiD;IACjD,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAA8B,CAAC,CAAA;IAE1D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;IACvB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IAE/C,eAAe,CAAC,MAAM,CAAC,CAAA;IAEvB,MAAM,IAAI,GAAG,UAAU,CAAC;QACtB,MAAM,EAAE,GAAG,CAAC,kBAAkB;QAC9B,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc;QAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;QAClC,MAAM;QACN,SAAS,EAAE,gBAAgB,CAAC,MAAM,EAAE,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"app.js","sourceRoot":"","sources":["../../src/server/app.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAA;AAEpC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAA;AAClE,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAKjD,SAAS,gBAAgB,CACvB,MAAwB,EACxB,GAAQ;IAER,MAAM,SAAS,GAA+D,EAAE,CAAA;IAChF,MAAM,CAAC,GAAG,GAAyC,CAAA;IAEnD,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,EAAE,CAAC;QAC3C,SAAS,CAAC,QAAQ,CAAC,GAAG;YACpB,QAAQ,EAAE,CAAC,CAAC,kBAAkB,CAAW;YACzC,YAAY,EAAE,CAAC,CAAC,sBAAsB,CAAW;SAClD,CAAA;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,EAAE,CAAC;QAC3C,SAAS,CAAC,QAAQ,CAAC,GAAG;YACpB,QAAQ,EAAE,CAAC,CAAC,kBAAkB,CAAW;YACzC,YAAY,EAAE,CAAC,CAAC,sBAAsB,CAAW;SAClD,CAAA;IACH,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAA;AAClE,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAyB;IACvD,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAEvC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CACb,2CAA2C;YACzC,sDAAsD;YACtD,wCAAwC,CAC3C,CAAA;IACH,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,IAAI,OAAO,CAAC,CAAA;IAE7D,MAAM,GAAG,GAAG,OAAO,EAAE,CAAA;IAErB,oBAAoB;IACpB,iEAAiE;IACjE,iEAAiE;IACjE,oEAAoE;IACpE,yEAAyE;IACzE,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CACL,MAAM,CAAC;QACL,qBAAqB,EAAE,KAAK;QAC5B,cAAc,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE;KAC1C,CAAC,CACH,CAAA;IAED,iDAAiD;IACjD,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAA8B,CAAC,CAAA;IAE1D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;IACvB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IAE/C,eAAe,CAAC,MAAM,CAAC,CAAA;IAEvB,MAAM,IAAI,GAAG,UAAU,CAAC;QACtB,MAAM,EAAE,GAAG,CAAC,kBAAkB;QAC9B,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc;QAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;QAClC,MAAM;QACN,SAAS,EAAE,gBAAgB,CAAC,MAAM,EAAE,GAAG,CAAC;QACxC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;KACjC,CAAC,CAAA;IACF,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;IAEpB,MAAM,uBAAuB,CAAC,GAAG,EAAE;QACjC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG;QACvB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,OAAO;KAChC,CAAC,CAAA;IAEF,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;IAEpD,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;AACpD,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hypersonic-js/core",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.1",
|
|
4
4
|
"description": "The core of Hypersonic.js — a modern Django-inspired full-stack TypeScript framework",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -25,21 +25,21 @@
|
|
|
25
25
|
"access": "public"
|
|
26
26
|
},
|
|
27
27
|
"engines": {
|
|
28
|
-
"node": "
|
|
28
|
+
"node": ">=24.0.0"
|
|
29
29
|
},
|
|
30
30
|
"dependencies": {
|
|
31
31
|
"@inertiajs/core": "3.4.0",
|
|
32
32
|
"@inertiajs/react": "3.4.0",
|
|
33
|
-
"@tailwindcss/vite": "4.3.
|
|
33
|
+
"@tailwindcss/vite": "4.3.1",
|
|
34
34
|
"@vitejs/plugin-react": "6.0.2",
|
|
35
|
-
"better-auth": "1.6.
|
|
35
|
+
"better-auth": "1.6.19",
|
|
36
36
|
"express": "5.2.1",
|
|
37
37
|
"helmet": "8.2.0",
|
|
38
38
|
"pino": "10.3.1",
|
|
39
39
|
"pino-http": "11.0.0",
|
|
40
40
|
"react": "19.2.7",
|
|
41
41
|
"react-dom": "19.2.7",
|
|
42
|
-
"tailwindcss": "4.3.
|
|
42
|
+
"tailwindcss": "4.3.1",
|
|
43
43
|
"vite": "8.0.16",
|
|
44
44
|
"zod": "4.4.3"
|
|
45
45
|
},
|
|
@@ -64,11 +64,11 @@
|
|
|
64
64
|
"@types/react": "19.2.17",
|
|
65
65
|
"@types/react-dom": "19.2.3",
|
|
66
66
|
"@types/supertest": "7.2.0",
|
|
67
|
-
"@vitest/coverage-v8": "4.1.
|
|
67
|
+
"@vitest/coverage-v8": "4.1.9",
|
|
68
68
|
"prisma": "7.8.0",
|
|
69
69
|
"supertest": "7.2.2",
|
|
70
70
|
"typescript": "6.0.3",
|
|
71
|
-
"vitest": "4.1.
|
|
71
|
+
"vitest": "4.1.9"
|
|
72
72
|
},
|
|
73
73
|
"scripts": {
|
|
74
74
|
"build": "tsc",
|
package/Readme.md
DELETED
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
# @hypersonic-js/complete
|
|
2
|
-
|
|
3
|
-
**Hypersonic.js** — everything in one installation. This package re-exports the full public API of every Hypersonic package so you don't have to manage individual package versions.
|
|
4
|
-
|
|
5
|
-
📖 **[hypersonic-js.com](https://hypersonic-js.com)**
|
|
6
|
-
|
|
7
|
-
## Install
|
|
8
|
-
|
|
9
|
-
```bash
|
|
10
|
-
npm install @hypersonic-js/complete
|
|
11
|
-
npm install --save-dev prisma @prisma/client
|
|
12
|
-
```
|
|
13
|
-
|
|
14
|
-
## When to use this
|
|
15
|
-
|
|
16
|
-
Use `@hypersonic-js/complete` if you want a single dependency that tracks the full framework. Use the individual packages (e.g. `@hypersonic-js/core`) if you need fine-grained control over which parts of the framework you include.
|
|
17
|
-
|
|
18
|
-
## Quick start
|
|
19
|
-
|
|
20
|
-
```ts
|
|
21
|
-
import { defineConfig, createApp, loadConfig } from '@hypersonic-js/complete'
|
|
22
|
-
```
|
|
23
|
-
|
|
24
|
-
Everything exported by `@hypersonic-js/complete` is identical to the same export from its source package — no wrappers, no overhead.
|
|
25
|
-
|
|
26
|
-
Full documentation at **[hypersonic-js.com](https://hypersonic-js.com)**.
|
|
27
|
-
|
|
28
|
-
## License
|
|
29
|
-
|
|
30
|
-
MIT © [Joaquim Dalton-Pereira](https://github.com/Zesuperaker)
|