@joystick.js/node-canary 0.0.0-canary.31 → 0.0.0-canary.310

package/dist/app/middleware/hmr/client.js

@@ -58,7 +58,7 @@ var client_default = (() => websocketClient({
       location.reload();
     }
     if (message?.settings) {
-      window.__joystick_settings__ = JSON.stringify(message?.settings);
+      window.__joystick_settings__ = message?.settings;
       window.joystick.settings = message?.settings;
     }
     if (clientIndex) {
@@ -71,32 +71,36 @@ var client_default = (() => websocketClient({
     if (CSS) {
       const updatedCSS = document.createElement("link");
       updatedCSS.setAttribute("rel", "stylesheet");
-      updatedCSS.setAttribute("href", "/_joystick/index.css");
+      updatedCSS.setAttribute("href", `/_joystick/index.css?v=${new Date().getTime()}`);
       document.head.appendChild(updatedCSS);
     }
     if (isFileChange && isPageInLayout) {
       (async () => {
         window.__joystick_childrenBeforeHMRUpdate__ = window.joystick?._internal?.tree?.instance?.children;
-        const layoutComponentFile = await import(`${window.__joystick_layout__}?t=${new Date().getTime()}`);
-        const pageComponentFile = await import(`${window.window.__joystick_layout_page_url__}?t=${new Date().getTime()}`);
+        const layoutComponentFile = await import(`${window.__joystick_layout__}?v=${new Date().getTime()}`).catch(() => {
+          location.reload();
+        });
+        const pageComponentFile = await import(`${window.window.__joystick_layout_page_url__}?t=${new Date().getTime()}`).catch(() => {
+          location.reload();
+        });
         const layout = layoutComponentFile.default;
         const page = pageComponentFile.default;
         window.joystick.mount(layout, Object.assign({ page }, window.__joystick_ssr_props__), document.getElementById("app"));
         if (connection.send) {
-          const sessions = await fetch(`${location.origin}/api/_joystick/sessions`)?.then((response) => response.text());
-          connection.send({ type: "HMR_UPDATE_COMPLETE", sessions });
+          connection.send({ type: "HMR_UPDATE_COMPLETE" });
         }
       })();
     }
     if (isFileChange && !isPageInLayout) {
       (async () => {
         window.__joystick_childrenBeforeHMRUpdate__ = window.joystick?._internal?.tree?.instance?.children;
-        const pageComponentFile = await import(`${window.__joystick_page_url__}?t=${new Date().getTime()}`);
+        const pageComponentFile = await import(`${window.__joystick_page_url__}?v=${new Date().getTime()}`).catch(() => {
+          location.reload();
+        });
         const page = pageComponentFile.default;
         window.joystick.mount(page, Object.assign({}, window.__joystick_ssr_props__), document.getElementById("app"));
         if (connection.send) {
-          const sessions = await fetch(`${location.origin}/api/_joystick/sessions`)?.then((response) => response.strin());
-          connection.send({ type: "HMR_UPDATE_COMPLETE", sessions });
+          connection.send({ type: "HMR_UPDATE_COMPLETE" });
         }
       })();
     }

package/dist/app/middleware/index.js

@@ -15,11 +15,10 @@ import runUserQuery from "../accounts/runUserQuery.js";
 import replaceBackslashesWithForwardSlashes from "../../lib/replaceBackslashesWithForwardSlashes.js";
 import replaceFileProtocol from "../../lib/replaceFileProtocol.js";
 import getBuildPath from "../../lib/getBuildPath.js";
-import sanitizeRequestParameters from "./sanitizeRequestParameters.js";
 import session from "./session.js";
 import csp from "./csp.js";
 const cwd = replaceFileProtocol(replaceBackslashesWithForwardSlashes(process.cwd()));
-const faviconPath = process.env.NODE_ENV === "test" ? `${cwd}/src/tests/mocks/app/public/favicon.ico` : "public/favicon.ico";
+const faviconPath = "public/favicon.ico";
 var middleware_default = ({
   app,
   port,
@@ -27,7 +26,7 @@ var middleware_default = ({
   appInstance,
   cspConfig
 }) => {
-  if (process.env.NODE_ENV === "production") {
+  if (process.env.NODE_ENV !== "development") {
     app.use(insecure);
   }
   const buildPath = getBuildPath();
@@ -42,8 +41,8 @@ var middleware_default = ({
     }
     next();
   });
-  app.use(sanitizeRequestParameters);
   app.use(requestMethods);
+  app.enable("trust proxy");
   if (cspConfig) {
     app.use((req, res, next) => csp(req, res, next, cspConfig));
   }
@@ -73,7 +72,9 @@ var middleware_default = ({
   app.use(cookieParser());
   app.use(bodyParser(middlewareConfig?.bodyParser));
   app.use(cors(middlewareConfig?.cors, port));
-  app.use((req, res, next) => session(req, res, next, appInstance));
+  if (process.databases?._sessions) {
+    app.use((req, res, next) => session(req, res, next));
+  }
   app.use(async (req, res, next) => {
     const loginTokenHasExpired = await hasLoginTokenExpired(res, req?.cookies?.joystickLoginToken, req?.cookies?.joystickLoginTokenExpiresAt);
     req.context = {

package/dist/app/middleware/insecure.js

@@ -1,8 +1,7 @@
+import get_insecure_landing_page_html from "./get_insecure_landing_page_html.js";
 var insecure_default = (req, res, next) => {
-  const forwardedProtocol = req.get("x-forwarded-proto");
-  const isForwardedFromHTTPS = forwardedProtocol && forwardedProtocol === "https";
-  if (process.env.NODE_ENV != "development" && !req.secure && !isForwardedFromHTTPS) {
-    return res.redirect("https://" + req.headers.host + req.url);
+  if (!req.secure) {
+    return res.send(get_insecure_landing_page_html(req?.headers?.host, req?.url));
   }
   next();
 };

package/dist/app/middleware/render.js

@@ -8,6 +8,10 @@ import generateErrorPage from "../../lib/generateErrorPage.js";
 import replaceFileProtocol from "../../lib/replaceFileProtocol.js";
 import replaceBackslashesWithForwardSlashes from "../../lib/replaceBackslashesWithForwardSlashes.js";
 import getBuildPath from "../../lib/getBuildPath.js";
+import escapeHTML from "../../lib/escapeHTML.js";
+import escapeKeyValuePair from "../../lib/escapeKeyValuePair.js";
+import importFile from "../../lib/importFile.js";
+import getTranslations from "./getTranslations.js";
 const generateHash = (input = "") => {
   return crypto.createHash("sha256").update(input).digest("hex");
 };
@@ -65,71 +69,12 @@ const getCachedHTML = ({ cachePath, cacheFileName, currentDiff }) => {
 const getUrl = (request = {}) => {
   const [path = null] = request.url?.split("?");
   return {
-    params: request.params,
-    query: request.query,
-    route: request.route.path,
-    path
+    params: escapeKeyValuePair(request.params),
+    query: escapeKeyValuePair(request.query),
+    route: escapeHTML(request.route.path),
+    path: escapeHTML(path)
   };
 };
-const getFile = async (buildPath = "") => {
-  const file = await import(buildPath);
-  return file.default;
-};
-const getTranslationsFile = async (languageFilePath = "", paths = "") => {
-  const languageFile = await getFile(`${paths.build}/i18n/${languageFilePath}`);
-  const isValidLanguageFile = languageFile && isObject(languageFile);
-  if (isValidLanguageFile) {
-    const translationsForPage = languageFile[paths.page];
-    return translationsForPage ? translationsForPage : languageFile;
-  }
-  return {};
-};
-const getTranslations = async (paths = {}, languagePreferences = []) => {
-  const languageFiles = fs.readdirSync(`${paths.build}/i18n`);
-  let matchingFile = null;
-  for (let i = 0; i < languagePreferences.length; i += 1) {
-    const languageRegex = languagePreferences[i];
-    const match = languageFiles.find((languageFile) => !!languageFile.match(languageRegex));
-    if (match) {
-      matchingFile = match;
-      break;
-    }
-  }
-  const translationsFile = await getTranslationsFile(matchingFile, paths);
-  return translationsFile;
-};
-const getLanguagePreferenceRegexes = (userLanguage = "", browserLanguages = []) => {
-  let languagePreferences = [];
-  if (userLanguage) {
-    languagePreferences.push(userLanguage);
-  }
-  const filteredBrowserLanguages = browserLanguages?.filter((language) => {
-    return !language?.includes("*");
-  });
-  languagePreferences.push(...filteredBrowserLanguages);
-  languagePreferences.push(settings?.config?.i18n?.defaultLanguage);
-  return languagePreferences?.flatMap((language) => {
-    const variants = [language];
-    if (language?.length === 2) {
-      variants.push(`${language.substring(0, 2)}-`);
-    }
-    if (language?.length > 2) {
-      variants.push(`${language?.split("-")[0]}`);
-      variants.push(`${language?.split("-")[0]}-`);
-    }
-    return variants;
-  })?.map((languageString) => {
-    const lastCharacter = languageString[languageString.length - 1];
-    if (lastCharacter === "-") {
-      return new RegExp(`^${languageString}[A-Z]+.js`, "g");
-    }
-    return new RegExp(`^${languageString}.js`, "g");
-  });
-};
-const parseBrowserLanguages = (languages = "") => {
-  const rawLanguages = languages.split(",");
-  return rawLanguages?.map((rawLanguage) => rawLanguage.split(";")[0]);
-};
 var render_default = (req, res, next, appInstance = {}) => {
   res.render = async function(path = "", options = {}) {
     const urlFormattedForCache = req?.url?.split("/")?.filter((part) => !!part)?.join("_");
@@ -167,13 +112,11 @@ var render_default = (req, res, next, appInstance = {}) => {
         return res.send(cachedHTML);
       }
     }
-    const pageFile = await getFile(pagePath);
+    const pageFile = await importFile(pagePath);
     const Page = pageFile;
-    const layoutFile = layoutPath ? await getFile(layoutPath) : null;
+    const layoutFile = layoutPath ? await importFile(layoutPath) : null;
     const Layout = layoutFile;
-    const browserLanguages = parseBrowserLanguages(req?.headers["accept-language"]);
-    const languagePreferenceRegexes = getLanguagePreferenceRegexes(req?.context?.user?.language, browserLanguages);
-    const translations = await getTranslations({ build: buildPath, page: path }, languagePreferenceRegexes);
+    const translations = await getTranslations({ build: buildPath, page: path }, req);
     const url = getUrl(req);
     const props = { ...options?.props || {} };
     if (layoutPath && fs.existsSync(layoutPath)) {

package/dist/app/middleware/session.js

@@ -1,21 +1,22 @@
 import setCookie from "../../lib/setCookie.js";
-import generateId from "../../lib/generateId.js";
-var session_default = (req, res, next, appInstance = {}) => {
-  let sessionId = req?.cookies?.joystickSession;
-  if (!sessionId) {
-    sessionId = generateId(32);
-    setCookie(res, "joystickSession", sessionId);
-  }
-  if (!appInstance.sessions.get(sessionId)) {
-    appInstance.sessions.set(sessionId, { id: sessionId, csrf: generateId(32) });
+import runSessionQuery from "../runSessionQuery.js";
+var session_default = async (req, res, next) => {
+  await runSessionQuery("delete_expired_sessions");
+  let session_id = req?.cookies?.joystickSession;
+  const existing_session = session_id ? await runSessionQuery("get_session", {
+    session_id
+  }) : null;
+  if (!existing_session) {
+    session_id = await runSessionQuery("create_session");
+    setCookie(res, "joystickSession", session_id);
   }
   req.cookies = {
     ...req?.cookies || {},
-    joystickSession: sessionId
+    joystickSession: session_id
   };
   req.context = {
     ...req?.context || {},
-    session: appInstance?.sessions?.get(sessionId)
+    session: await runSessionQuery("get_session", { session_id })
   };
   next();
 };

package/dist/app/queues/index.js

@@ -1,28 +1,29 @@
-import dayjs from "dayjs";
 import fs from "fs";
 import os from "os";
 import generateId from "../../lib/generateId";
 import getTargetDatabaseProvider from "../databases/getTargetDatabaseProvider";
 import queryMap from "../databases/queryMap";
+import chalk from "chalk";
+import timestamps from "../../lib/timestamps";
 class Queue {
   constructor(queueName = "", queueOptions = {}) {
+    this._initDatabase = this._initDatabase.bind(this);
     this.machineId = fs.readFileSync(`${os.homedir()}/.cheatcode/MACHINE_ID`, "utf-8")?.trim().replace(/\n/g, "");
     this.name = queueName;
     this.options = {
       concurrentJobs: 1,
       ...queueOptions
     };
-    this._initDatabase();
-    if (queueOptions?.runOnStartup) {
-      this.run();
-    }
+    this._initDatabase(this?.options?.external, this?.options?.database?.provider);
   }
-  async _initDatabase() {
-    const queuesDatabase = getTargetDatabaseProvider("queues");
-    const db = queryMap[queuesDatabase]?.queues;
-    if (db && typeof db === "object" && !Array.isArray(db)) {
-      this.db = Object.entries(db)?.reduce((boundQueries = {}, [queryFunctionName, queryFunction]) => {
+  async _initDatabase(is_external = false, database_provider = null) {
+    const queuesDatabase = database_provider || getTargetDatabaseProvider("queues");
+    const queue_queries_for_database_provider = queryMap[queuesDatabase]?.queues;
+    const db = this._getDatabaseConnection();
+    if (db && queue_queries_for_database_provider && typeof queue_queries_for_database_provider === "object" && !Array.isArray(queue_queries_for_database_provider)) {
+      this.db = Object.entries(queue_queries_for_database_provider || {})?.reduce((boundQueries = {}, [queryFunctionName, queryFunction]) => {
         boundQueries[queryFunctionName] = queryFunction.bind({
+          db,
           machineId: this.machineId,
           queue: {
             name: this.name,
@@ -31,16 +32,32 @@ class Queue {
         });
         return boundQueries;
       }, {});
-      await this.db.initializeDatabase();
+      if (!is_external) {
+        await this.db.initializeDatabase(queuesDatabase);
+        if (this?.options?.runOnStartup) {
+          this.run();
+        }
+      }
     }
   }
+  _getDatabaseConnection() {
+    if (this?.options?.database) {
+      const { provider, name } = this?.options?.database;
+      const existing_connection = process.databases && process.databases[provider] && process.databases[provider][name];
+      if (!existing_connection) {
+        console.warn(chalk.red(`Connection to database ${provider}.${name} not found on process. Cannot start queue.`));
+      }
+      return existing_connection || null;
+    }
+    return process.databases._queues;
+  }
   add(options = {}) {
-    const nextRunAt2 = options?.nextRunAt === "now" || !options?.nextRunAt ? dayjs().format() : options?.nextRunAt;
+    const nextRunAt = options?.nextRunAt === "now" || !options?.nextRunAt ? new Date().toISOString() : options?.nextRunAt;
     this.db.addJob({
       _id: generateId(),
       status: "pending",
       ...options,
-      nextRunAt: nextRunAt2
+      nextRunAt
     });
   }
   async _checkIfOkayToRunJobs() {
@@ -55,7 +72,7 @@ class Queue {
       return;
     }
     if (!this.options.retryJobsRunningBeforeRestart) {
-      return this.db.setJobsForMachineIncomplete();
+      return this.db.deleteIncompleteJobsForMachine();
     }
     return this.db.setJobsForMachinePending();
   }
@@ -69,41 +86,60 @@ class Queue {
         const okayToRunJobs = await this._checkIfOkayToRunJobs();
         if (okayToRunJobs && !process.env.HALT_QUEUES) {
           const nextJob = await this.db.getNextJobToRun();
-          this._handleNextJob(nextJob);
+          this.handleNextJob(nextJob);
         }
       }, 300);
     });
   }
-  _handleNextJob(nextJob = {}) {
-    if (nextJob && nextJob?.job && this.options.jobs[nextJob?.job] && typeof this.options.jobs[nextJob?.job]?.run === "function") {
+  async handleNextJob(nextJob = {}) {
+    const job_definition = this.options.jobs[nextJob?.job];
+    if (nextJob && nextJob?.job && job_definition && typeof job_definition?.run === "function") {
       try {
-        this.options.jobs[nextJob.job].run(nextJob?.payload, {
+        if (typeof job_definition?.preflight?.okayToRun === "function") {
+          const okay_to_run = await job_definition?.preflight?.okayToRun(nextJob?.payload, nextJob);
+          if (!okay_to_run) {
+            return this._handleRequeueJob(nextJob, timestamps.get_future_time("seconds", job_definition?.preflight?.requeueDelayInSeconds || 10));
+          }
+        }
+        if (!isNaN(job_definition?.maxAttempts)) {
+          if (nextJob?.attempts >= parseInt(job_definition?.maxAttempts, 10)) {
+            if (typeof job_definition?.onMaxAttemptsExhausted === "function") {
+              await job_definition.onMaxAttemptsExhausted(nextJob);
+            }
+            return this._handleDeleteJob(nextJob?._id);
+          }
+        }
+        await this._logAttempt(nextJob?._id);
+        await job_definition.run(nextJob?.payload, {
           ...nextJob,
           queue: this,
           completed: () => this._handleJobCompleted(nextJob?._id),
-          failed: (error) => this._handleJobFailed(nextJob?._id, error),
+          failed: (error) => this._handleJobFailed(nextJob, job_definition, error),
           delete: () => this._handleDeleteJob(nextJob?._id),
-          requeue: (nextRunAt2 = "") => this._handleRequeueJob(nextJob, nextRunAt2)
+          requeue: (nextRunAt = "") => this._handleRequeueJob(nextJob, nextRunAt)
         });
       } catch (exception) {
-        this._handleJobFailed(nextJob?._id, exception);
-        if (this.options.jobs[nextJob.job]?.requeueOnFailure) {
-          this._handleRequeueJob(nextRunAt, dayjs().add(10, "seconds").format());
-        }
+        this._handleJobFailed(nextJob, job_definition, exception);
       }
     }
   }
+  _logAttempt(jobId = "") {
+    return this.db.logAttempt(jobId);
+  }
   _handleJobCompleted(jobId = "") {
     return this.db.setJobCompleted(jobId);
   }
-  _handleJobFailed(jobId = "", error = "") {
-    return this.db.setJobFailed(jobId, error);
+  _handleJobFailed(nextJob = {}, job_definition = {}, error = "") {
+    if (job_definition?.requeueOnFailure) {
+      return this._handleRequeueJob(nextJob, timestamps.get_future_time("seconds", 10));
+    }
+    return this.db.setJobFailed(nextJob?._id, error);
   }
   _handleDeleteJob(jobId = "") {
     return this.db.deleteJob(jobId);
   }
-  _handleRequeueJob(job = {}, nextRunAt2 = dayjs().format()) {
-    return this.db.requeueJob(job?._id, nextRunAt2);
+  _handleRequeueJob(job = {}, nextRunAt = new Date().toISOString()) {
+    return this.db.requeueJob(job?._id, nextRunAt);
   }
   list(status = "") {
     const query = {};

package/dist/app/registerGetters.js

@@ -1,10 +1,6 @@
 import getAPIURLComponent from "./getAPIURLComponent";
 import getAPIContext from "./getAPIContext";
 import formatAPIError from "../lib/formatAPIError";
-import validate from "../validation/index.js";
-import getOutput from "./getOutput";
-import sanitizeAPIResponse from "./sanitizeAPIResponse";
-import { isObject } from "../validation/lib/typeValidators";
 import validateSession from "./validateSession.js";
 import runGetter from "./runGetter.js";
 var registerGetters_default = (express, getters = [], context = {}, APIOptions = {}, appInstance = {}) => {
@@ -12,7 +8,7 @@ var registerGetters_default = (express, getters = [], context = {}, APIOptions =
   if (app) {
     for (const [getterName, getterOptions] of getters) {
       app.get(`/api/_getters/${getAPIURLComponent(getterName)}`, ...Array.isArray(getterOptions?.middleware) ? getterOptions?.middleware : [], async (req, res) => {
-        const isValidSession = validateSession(req, res, appInstance?.sessions);
+        const isValidSession = await validateSession(req, res);
         if (!isValidSession) {
           return;
         }
@@ -30,7 +26,10 @@ var registerGetters_default = (express, getters = [], context = {}, APIOptions =
           return res.status(200).send(JSON.stringify(response));
         }).catch((error) => {
           if (typeof error === "string") {
-            return res.status(500).send(error);
+            const sanitized_error = error?.replace("[runGetter] ", "")?.replace("[runGetter.handleRunGetter] ", "");
+            return res.status(500).send(JSON.stringify({
+              errors: [formatAPIError(new Error(sanitized_error))]
+            }));
           }
           if (typeof error === "object" && !Array.isArray(error)) {
             return res.status(error?.errors && error?.errors[0]?.status || 400).send(JSON.stringify(error));

package/dist/app/registerSetters.js

@@ -1,10 +1,6 @@
 import getAPIURLComponent from "./getAPIURLComponent.js";
 import getAPIContext from "./getAPIContext.js";
 import formatAPIError from "../lib/formatAPIError.js";
-import validate from "../validation/index.js";
-import getOutput from "./getOutput.js";
-import sanitizeAPIResponse from "./sanitizeAPIResponse.js";
-import { isObject } from "../validation/lib/typeValidators.js";
 import validateSession from "./validateSession.js";
 import runSetter from "./runSetter.js";
 var registerSetters_default = (express, setters = [], context = {}, APIOptions = {}, appInstance = {}) => {
@@ -12,7 +8,7 @@ var registerSetters_default = (express, setters = [], context = {}, APIOptions =
   if (app) {
     for (const [setterName, setterOptions] of setters) {
       app.post(`/api/_setters/${getAPIURLComponent(setterName)}`, ...Array.isArray(setterOptions?.middleware) ? setterOptions?.middleware : [], async (req, res) => {
-        const isValidSession = validateSession(req, res, appInstance?.sessions);
+        const isValidSession = await validateSession(req, res);
         if (!isValidSession) {
           return;
         }
@@ -30,7 +26,10 @@ var registerSetters_default = (express, setters = [], context = {}, APIOptions =
           return res.status(200).send(JSON.stringify(response));
         }).catch((error) => {
           if (typeof error === "string") {
-            return res.status(500).send(error);
+            const sanitized_error = error?.replace("[runSetter] ", "")?.replace("[runSetter.handleRunSetter] ", "");
+            return res.status(500).send(JSON.stringify({
+              errors: [formatAPIError(new Error(sanitized_error))]
+            }));
           }
           if (typeof error === "object" && !Array.isArray(error)) {
             return res.status(error?.errors && error?.errors[0]?.status || 400).send(JSON.stringify(error));

package/dist/app/runGetter.js

@@ -3,19 +3,31 @@ import formatAPIError from "../lib/formatAPIError.js";
 import { isObject } from "../validation/lib/typeValidators.js";
 import getOutput from "./getOutput.js";
 import sanitizeAPIResponse from "./sanitizeAPIResponse.js";
-const handleRunGetter = async (getterOptions = {}, input = {}, output = {}, context = {}, APIOptions = {}) => {
+import trackFunctionCall from "../test/trackFunctionCall.js";
+import getSanitizedContext from "../../getSanitizedContext.js";
+const handleRunGetter = async (name = "", getterOptions = {}, input = {}, output = {}, context = {}, APIOptions = {}) => {
   try {
     const shouldDisableSanitizationForGetter = getterOptions?.sanitize === false;
     const shouldSanitizeOutput = (getterOptions?.sanitize || APIOptions?.sanitize) === true || isObject(APIOptions?.sanitize || getterOptions?.sanitize);
-    const data = await getterOptions?.get(input, context) || {};
+    const sanitizedContext = getSanitizedContext(context);
+    trackFunctionCall(`node.api.getters.${name}`, [
+      input,
+      sanitizedContext
+    ]);
+    const data = await getterOptions?.get(input, context);
     const response = output ? getOutput(data, output) : data;
     return !shouldDisableSanitizationForGetter && shouldSanitizeOutput ? sanitizeAPIResponse(response, getterOptions?.sanitize || APIOptions?.sanitize) : response;
   } catch (exception) {
     throw new Error(`[runGetter.handleRunGetter] ${exception.message}`);
   }
 };
-const handleRunAuthorization = async (getterOptions = {}, input = {}, context = {}) => {
+const handleRunAuthorization = async (name = "", getterOptions = {}, input = {}, context = {}) => {
   try {
+    const sanitizedContext = getSanitizedContext(context);
+    trackFunctionCall(`node.api.getters.${name}.authorized`, [
+      input,
+      sanitizedContext
+    ]);
     const authorization = await getterOptions?.authorized(input, context);
     if (typeof authorization === "boolean") {
       return authorization;
@@ -77,7 +89,7 @@ const runGetter = async (options, { resolve, reject }) => {
       }
     }
     if (typeof options?.getterOptions?.authorized === "function") {
-      const authorized = await handleRunAuthorization(options?.getterOptions, options?.input, options?.context);
+      const authorized = await handleRunAuthorization(options?.getterName, options?.getterOptions, options?.input, options?.context);
       if (!authorized || typeof authorized === "string") {
         return reject({
           errors: [
@@ -87,7 +99,7 @@ const runGetter = async (options, { resolve, reject }) => {
       }
     }
     if (typeof options?.getterOptions?.get === "function") {
-      const response = await handleRunGetter(options?.getterOptions, options?.input, options?.output, options?.context, options?.APIOptions);
+      const response = await handleRunGetter(options?.getterName, options?.getterOptions, options?.input, options?.output, options?.context, options?.APIOptions);
       return resolve(response);
     }
     resolve();

package/dist/app/runSessionQuery.js

@@ -0,0 +1,15 @@
+import queryMap from "./databases/queryMap";
+import getTargetDatabaseConnection from "./databases/getTargetDatabaseConnection.js";
+var runSessionQuery_default = async (queryName = "", inputs = {}) => {
+  const sessionsDatabase = getTargetDatabaseConnection("sessions");
+  const queryMapForDatabase = sessionsDatabase && queryMap && queryMap[sessionsDatabase?.provider] && queryMap[sessionsDatabase?.provider]?.sessions;
+  const query = queryMapForDatabase && queryMapForDatabase[queryName];
+  if (sessionsDatabase?.connection && query) {
+    const response = await queryMapForDatabase[queryName](inputs, sessionsDatabase?.connection);
+    return Promise.resolve(response);
+  }
+  return null;
+};
+export {
+  runSessionQuery_default as default
+};

package/dist/app/runSetter.js

@@ -3,19 +3,31 @@ import formatAPIError from "../lib/formatAPIError.js";
 import { isObject } from "../validation/lib/typeValidators.js";
 import getOutput from "./getOutput.js";
 import sanitizeAPIResponse from "./sanitizeAPIResponse.js";
-const handleRunSetter = async (setterOptions = {}, input = {}, output = {}, context = {}, APIOptions = {}) => {
+import trackFunctionCall from "../test/trackFunctionCall.js";
+import getSanitizedContext from "../../getSanitizedContext.js";
+const handleRunSetter = async (name = "", setterOptions = {}, input = {}, output = {}, context = {}, APIOptions = {}) => {
   try {
     const shouldDisableSanitizationForSetter = setterOptions?.sanitize === false;
     const shouldSanitizeOutput = (setterOptions?.sanitize || APIOptions?.sanitize) === true || isObject(APIOptions?.sanitize || setterOptions?.sanitize);
-    const data = await setterOptions?.set(input, context) || {};
+    const sanitizedContext = getSanitizedContext(context);
+    trackFunctionCall(`node.api.setters.${name}`, [
+      input,
+      sanitizedContext
+    ]);
+    const data = await setterOptions?.set(input, context);
     const response = output ? getOutput(data, output) : data;
     return !shouldDisableSanitizationForSetter && shouldSanitizeOutput ? sanitizeAPIResponse(response, setterOptions?.sanitize || APIOptions?.sanitize) : response;
   } catch (exception) {
     throw new Error(`[runSetter.handleRunSetter] ${exception.message}`);
   }
 };
-const handleRunAuthorization = async (getterOptions = {}, input = {}, context = {}) => {
+const handleRunAuthorization = async (name = "", getterOptions = {}, input = {}, context = {}) => {
   try {
+    const sanitizedContext = getSanitizedContext(context);
+    trackFunctionCall(`node.api.setters.${name}.authorized`, [
+      input,
+      sanitizedContext
+    ]);
     const authorization = await getterOptions?.authorized(input, context);
     if (typeof authorization === "boolean") {
       return authorization;
@@ -77,7 +89,7 @@ const runSetter = async (options, { resolve, reject }) => {
       }
     }
     if (typeof options?.setterOptions?.authorized === "function") {
-      const authorized = await handleRunAuthorization(options?.setterOptions, options?.input, options?.context);
+      const authorized = await handleRunAuthorization(options?.setterName, options?.setterOptions, options?.input, options?.context);
       if (!authorized || typeof authorized === "string") {
         return reject({
           errors: [
@@ -87,7 +99,7 @@ const runSetter = async (options, { resolve, reject }) => {
       }
     }
     if (typeof options?.setterOptions?.set === "function") {
-      const response = await handleRunSetter(options?.setterOptions, options?.input, options?.output, options?.context, options?.APIOptions);
+      const response = await handleRunSetter(options?.setterName, options?.setterOptions, options?.input, options?.output, options?.context, options?.APIOptions);
       return resolve(response);
     }
     resolve();

package/dist/app/sanitizeAPIResponse.js

@@ -9,7 +9,7 @@ const sanitizeAPIResponse = (data = null) => {
     sanitizedData = escapeHTML(sanitizedData)?.trim();
   }
   if (util.isObject(sanitizedData) && !Array.isArray(sanitizedData)) {
-    sanitizedData = Object.entries(sanitizedData)?.reduce((result = {}, [key, value]) => {
+    sanitizedData = Object.entries(sanitizedData || {})?.reduce((result = {}, [key, value]) => {
       result[key] = sanitizeAPIResponse(value);
       return result;
     }, {});

package/dist/app/validateSession.js

@@ -1,8 +1,13 @@
 import formatAPIError from "../lib/formatAPIError.js";
-var validateSession_default = (req = null, res = null, sessions = null) => {
-  const sessionToken = req?.cookies?.joystickSession;
+import runSessionQuery from "./runSessionQuery.js";
+var validateSession_default = async (req = null, res = null) => {
   const csrfToken = req?.headers["x-joystick-csrf"];
-  const session = sessions?.get(sessionToken);
+  const session = await runSessionQuery("get_session", {
+    session_id: req?.cookies?.joystickSession
+  });
+  if (csrfToken === "joystick_test") {
+    return true;
+  }
   if (!session || session && session.csrf !== csrfToken) {
     res.status(403).send(JSON.stringify({
       errors: [formatAPIError(new Error("Unauthorized request."))]

package/dist/app/validateUploaderOptions.js

@@ -20,7 +20,7 @@ const allowedS3Options = [
 ];
 var validateUploaderOptions_default = (options = {}) => {
   const errors = [];
-  const optionNames = Object.keys(options);
+  const optionNames = Object.keys(options || {});
   optionNames.forEach((optionName) => {
     if (!allowedOptions.includes(optionName)) {
       errors.push(`${optionName} is not an allowed uploader option.`);
@@ -33,14 +33,14 @@ var validateUploaderOptions_default = (options = {}) => {
     errors.push(`If an uploader provider is 's3', s3 object must be specified with configuration.`);
   }
   if (options?.provider?.includes("local") && options.local) {
-    Object.keys(options.local).forEach((optionName) => {
+    Object.keys(options.local || {}).forEach((optionName) => {
       if (!allowedLocalOptions.includes(optionName)) {
         errors.push(`local.${optionName} is not an allowed uploader option.`);
       }
     });
   }
   if (options?.provider?.includes("s3") && options.s3) {
-    Object.keys(options.s3).forEach((optionName) => {
+    Object.keys(options.s3 || {}).forEach((optionName) => {
       if (!allowedS3Options.includes(optionName)) {
         errors.push(`s3.${optionName} is not an allowed uploader option.`);
       }