@jant/core 0.3.4 → 0.3.5

package/dist/app.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.tsx"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAkB,KAAK,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAc,KAAK,IAAI,EAAE,MAAM,WAAW,CAAC;AAGlD,OAAO,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAuCvD,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,UAAU,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC;IAAE,QAAQ,EAAE,QAAQ,CAAC;IAAC,SAAS,EAAE,YAAY,CAAA;CAAE,CAAC,CAAC;AAExE;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,SAAS,CAAC,MAAM,GAAE,UAAe,GAAG,GAAG,CAuoBtD"}
+{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.tsx"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAkB,KAAK,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AACpE,OAAO,EAAc,KAAK,IAAI,EAAE,MAAM,WAAW,CAAC;AAGlD,OAAO,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAwCvD,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,IAAI,CAAC;IACX,MAAM,EAAE,UAAU,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC;IAAE,QAAQ,EAAE,QAAQ,CAAC;IAAC,SAAS,EAAE,YAAY,CAAA;CAAE,CAAC,CAAC;AAExE;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,SAAS,CAAC,MAAM,GAAE,UAAe,GAAG,GAAG,CA0oBtD"}

package/dist/app.js

@@ -33,6 +33,7 @@ import { rssRoutes } from "./routes/feed/rss.js";
 import { sitemapRoutes } from "./routes/feed/sitemap.js";
 // Middleware
 import { requireAuth } from "./middleware/auth.js";
+import { requireOnboarding } from "./middleware/onboarding.js";
 // Layouts for auth pages
 import { BaseLayout } from "./theme/layouts/index.js";
 import { dsRedirect, dsToast } from "./lib/sse.js";
@@ -78,6 +79,8 @@ import { getAvailableThemes, buildThemeStyle } from "./lib/theme.js";
         }
         await next();
     });
+    // Onboarding gate — redirect to /setup if not yet initialized
+    app.use("*", requireOnboarding());
     // Theme middleware - resolve active color theme and build CSS
     app.use("*", async (c, next)=>{
         const themeId = await c.var.services.settings.get(SETTINGS_KEYS.THEME);

package/dist/middleware/onboarding.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Onboarding Middleware
+ *
+ * Redirects all requests to /setup if onboarding hasn't been completed.
+ * Caches the result in memory so the DB is only queried once per isolate lifetime.
+ */
+import type { MiddlewareHandler } from "hono";
+import type { Bindings } from "../types.js";
+import type { AppVariables } from "../app.js";
+type Env = {
+    Bindings: Bindings;
+    Variables: AppVariables;
+};
+/**
+ * Middleware that redirects to /setup if onboarding is not complete.
+ * Uses module-level caching: once onboarding is confirmed complete,
+ * no further DB queries are made for the lifetime of the Worker isolate.
+ */
+export declare function requireOnboarding(): MiddlewareHandler<Env>;
+/**
+ * Reset the onboarding cache. Only for testing.
+ * @internal
+ */
+export declare function resetOnboardingCache(): void;
+export {};
+//# sourceMappingURL=onboarding.d.ts.map

package/dist/middleware/onboarding.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"onboarding.d.ts","sourceRoot":"","sources":["../../src/middleware/onboarding.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAC;AAC9C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAE9C,KAAK,GAAG,GAAG;IAAE,QAAQ,EAAE,QAAQ,CAAC;IAAC,SAAS,EAAE,YAAY,CAAA;CAAE,CAAC;AAK3D;;;;GAIG;AACH,wBAAgB,iBAAiB,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAmB1D;AAaD;;;GAGG;AACH,wBAAgB,oBAAoB,SAEnC"}

package/dist/middleware/onboarding.js

@@ -0,0 +1,36 @@
+/**
+ * Onboarding Middleware
+ *
+ * Redirects all requests to /setup if onboarding hasn't been completed.
+ * Caches the result in memory so the DB is only queried once per isolate lifetime.
+ */ /** In-memory cache — persists across requests within a Worker isolate */ let onboardingComplete = false;
+/**
+ * Middleware that redirects to /setup if onboarding is not complete.
+ * Uses module-level caching: once onboarding is confirmed complete,
+ * no further DB queries are made for the lifetime of the Worker isolate.
+ */ export function requireOnboarding() {
+    return async (c, next)=>{
+        if (onboardingComplete) {
+            return next();
+        }
+        const path = new URL(c.req.url).pathname;
+        if (shouldBypass(path)) {
+            return next();
+        }
+        const isComplete = await c.var.services.settings.isOnboardingComplete();
+        if (isComplete) {
+            onboardingComplete = true;
+            return next();
+        }
+        return c.redirect("/setup");
+    };
+}
+function shouldBypass(path) {
+    return path === "/setup" || path === "/health" || path === "/signin" || path === "/signout" || path === "/reset" || path.startsWith("/api/auth/");
+}
+/**
+ * Reset the onboarding cache. Only for testing.
+ * @internal
+ */ export function resetOnboardingCache() {
+    onboardingComplete = false;
+}

package/dist/routes/pages/home.js

@@ -100,10 +100,6 @@ function HomeContent({ siteName, posts }) {
     });
 }
 homeRoutes.get("/", async (c)=>{
-    const isComplete = await c.var.services.settings.isOnboardingComplete();
-    if (!isComplete) {
-        return c.redirect("/setup");
-    }
     const siteName = await getSiteName(c);
     const posts = await c.var.services.posts.list({
         visibility: [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jant/core",
-  "version": "0.3.4",
+  "version": "0.3.5",
   "description": "A modern, open-source microblogging platform built on Cloudflare Workers",
   "type": "module",
   "bin": {

package/src/app.tsx

@@ -41,6 +41,7 @@ import { sitemapRoutes } from "./routes/feed/sitemap.js";
 
 // Middleware
 import { requireAuth } from "./middleware/auth.js";
+import { requireOnboarding } from "./middleware/onboarding.js";
 
 // Layouts for auth pages
 import { BaseLayout } from "./theme/layouts/index.js";
@@ -104,6 +105,9 @@ export function createApp(config: JantConfig = {}): App {
     await next();
   });
 
+  // Onboarding gate — redirect to /setup if not yet initialized
+  app.use("*", requireOnboarding());
+
   // Theme middleware - resolve active color theme and build CSS
   app.use("*", async (c, next) => {
     const themeId = await c.var.services.settings.get(SETTINGS_KEYS.THEME);

package/src/middleware/__tests__/onboarding.test.ts

@@ -0,0 +1,143 @@
+import { describe, it, expect, beforeEach } from "vitest";
+import { Hono } from "hono";
+import { requireOnboarding, resetOnboardingCache } from "../onboarding.js";
+import type { Bindings } from "../../types.js";
+import type { AppVariables } from "../../app.js";
+
+type Env = { Bindings: Bindings; Variables: AppVariables };
+
+function createMockServices(complete: boolean) {
+  let callCount = 0;
+  const services = {
+    settings: {
+      isOnboardingComplete: async () => {
+        callCount++;
+        return complete;
+      },
+    },
+  } as AppVariables["services"];
+  return { services, getCallCount: () => callCount };
+}
+
+function createApp(complete: boolean) {
+  const mock = createMockServices(complete);
+  const app = new Hono<Env>();
+
+  app.use("*", async (c, next) => {
+    c.set("services", mock.services);
+    await next();
+  });
+  app.use("*", requireOnboarding());
+
+  // Register routes for testing
+  app.get("/", (c) => c.text("Home"));
+  app.get("/dash", (c) => c.text("Dashboard"));
+  app.get("/archive", (c) => c.text("Archive"));
+  app.get("/p/abc", (c) => c.text("Post"));
+  app.get("/setup", (c) => c.text("Setup"));
+  app.get("/health", (c) => c.text("OK"));
+  app.get("/signin", (c) => c.text("Signin"));
+  app.get("/signout", (c) => c.text("Signout"));
+  app.get("/reset", (c) => c.text("Reset"));
+  app.get("/api/auth/session", (c) => c.json({ ok: true }));
+
+  return { app, getCallCount: mock.getCallCount };
+}
+
+describe("requireOnboarding", () => {
+  beforeEach(() => {
+    resetOnboardingCache();
+  });
+
+  it("redirects to /setup when onboarding not complete", async () => {
+    const { app } = createApp(false);
+    const res = await app.request("/", { redirect: "manual" });
+    expect(res.status).toBe(302);
+    expect(res.headers.get("Location")).toBe("/setup");
+  });
+
+  it("redirects /dash to /setup when onboarding not complete", async () => {
+    const { app } = createApp(false);
+    const res = await app.request("/dash", { redirect: "manual" });
+    expect(res.status).toBe(302);
+    expect(res.headers.get("Location")).toBe("/setup");
+  });
+
+  it("redirects /archive to /setup when onboarding not complete", async () => {
+    const { app } = createApp(false);
+    const res = await app.request("/archive", { redirect: "manual" });
+    expect(res.status).toBe(302);
+    expect(res.headers.get("Location")).toBe("/setup");
+  });
+
+  it("allows through when onboarding is complete", async () => {
+    const { app } = createApp(true);
+    const res = await app.request("/");
+    expect(res.status).toBe(200);
+    expect(await res.text()).toBe("Home");
+  });
+
+  it("caches result — second request skips DB query", async () => {
+    const { app, getCallCount } = createApp(true);
+
+    await app.request("/");
+    expect(getCallCount()).toBe(1);
+
+    await app.request("/dash");
+    expect(getCallCount()).toBe(1); // still 1 — cached
+  });
+
+  it("does not cache incomplete status", async () => {
+    const { app, getCallCount } = createApp(false);
+
+    await app.request("/", { redirect: "manual" });
+    expect(getCallCount()).toBe(1);
+
+    await app.request("/dash", { redirect: "manual" });
+    expect(getCallCount()).toBe(2); // queried again
+  });
+
+  describe("bypass paths", () => {
+    it("allows /setup without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/setup");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+
+    it("allows /health without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/health");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+
+    it("allows /signin without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/signin");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+
+    it("allows /signout without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/signout");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+
+    it("allows /reset without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/reset");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+
+    it("allows /api/auth/* without checking DB", async () => {
+      const { app, getCallCount } = createApp(false);
+      const res = await app.request("/api/auth/session");
+      expect(res.status).toBe(200);
+      expect(getCallCount()).toBe(0);
+    });
+  });
+});

package/src/middleware/onboarding.ts

@@ -0,0 +1,60 @@
+/**
+ * Onboarding Middleware
+ *
+ * Redirects all requests to /setup if onboarding hasn't been completed.
+ * Caches the result in memory so the DB is only queried once per isolate lifetime.
+ */
+
+import type { MiddlewareHandler } from "hono";
+import type { Bindings } from "../types.js";
+import type { AppVariables } from "../app.js";
+
+type Env = { Bindings: Bindings; Variables: AppVariables };
+
+/** In-memory cache — persists across requests within a Worker isolate */
+let onboardingComplete = false;
+
+/**
+ * Middleware that redirects to /setup if onboarding is not complete.
+ * Uses module-level caching: once onboarding is confirmed complete,
+ * no further DB queries are made for the lifetime of the Worker isolate.
+ */
+export function requireOnboarding(): MiddlewareHandler<Env> {
+  return async (c, next) => {
+    if (onboardingComplete) {
+      return next();
+    }
+
+    const path = new URL(c.req.url).pathname;
+    if (shouldBypass(path)) {
+      return next();
+    }
+
+    const isComplete = await c.var.services.settings.isOnboardingComplete();
+    if (isComplete) {
+      onboardingComplete = true;
+      return next();
+    }
+
+    return c.redirect("/setup");
+  };
+}
+
+function shouldBypass(path: string): boolean {
+  return (
+    path === "/setup" ||
+    path === "/health" ||
+    path === "/signin" ||
+    path === "/signout" ||
+    path === "/reset" ||
+    path.startsWith("/api/auth/")
+  );
+}
+
+/**
+ * Reset the onboarding cache. Only for testing.
+ * @internal
+ */
+export function resetOnboardingCache() {
+  onboardingComplete = false;
+}

package/src/routes/pages/home.tsx

@@ -102,11 +102,6 @@ function HomeContent({ siteName, posts }: { siteName: string; posts: Post[] }) {
 }
 
 homeRoutes.get("/", async (c) => {
-  const isComplete = await c.var.services.settings.isOnboardingComplete();
-  if (!isComplete) {
-    return c.redirect("/setup");
-  }
-
   const siteName = await getSiteName(c);
 
   const posts = await c.var.services.posts.list({