@lark-apaas/fullstack-nestjs-core 0.1.0-alpha.9 → 1.0.1

package/README.md

@@ -0,0 +1,268 @@
+# @lark-apaas/fullstack-nestjs-core
+
+FullStack NestJS Core 是一个为 NestJS 应用提供核心功能的工具包，包括 CSRF 保护、用户上下文管理和开发工具等。
+
+## 特性
+
+- **CSRF 保护**: 提供完整的 CSRF Token 生成和验证机制
+- **用户上下文**: 自动从请求头中提取并注入用户上下文信息
+- **开发工具**: 自动生成 Swagger 文档、OpenAPI JSON 和客户端 SDK
+
+## 安装
+
+```bash
+npm install @lark-apaas/fullstack-nestjs-core
+```
+
+或使用 yarn:
+
+```bash
+yarn add @lark-apaas/fullstack-nestjs-core
+```
+
+## 环境要求
+
+- Node.js >= 18.0.0
+- NestJS >= 10.4.20
+
+## 快速开始
+
+### 1. CSRF 保护
+
+CSRF 保护由两个中间件组成：`CsrfTokenMiddleware` 用于生成 token，`CsrfMiddleware` 用于验证 token。
+
+#### 使用默认配置
+
+```typescript
+import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
+import { CsrfTokenMiddleware, CsrfMiddleware } from '@lark-apaas/fullstack-nestjs-core';
+
+@Module({})
+export class AppModule implements NestModule {
+  configure(consumer: MiddlewareConsumer) {
+    // 直接应用中间件，使用默认配置
+    consumer
+      .apply(CsrfTokenMiddleware)
+      .forRoutes('*'); // 所有路由都生成 token
+
+    consumer
+      .apply(CsrfMiddleware)
+      .forRoutes('*'); // 所有路由都验证 CSRF token
+  }
+}
+```
+
+#### 自定义配置（可选）
+
+如需自定义配置，可在应用中间件前调用 `configure` 方法：
+
+```typescript
+import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
+import { CsrfTokenMiddleware, CsrfMiddleware } from '@lark-apaas/fullstack-nestjs-core';
+
+@Module({})
+export class AppModule implements NestModule {
+  configure(consumer: MiddlewareConsumer) {
+    // 自定义配置 CSRF Token 生成中间件
+    CsrfTokenMiddleware.configure({
+      cookieKey: 'CSRF-TOKEN',        // 默认: 'suda-csrf-token'
+      cookieMaxAge: 86400000,         // 默认: 2592000000 (30天)
+      cookiePath: '/',                // 默认: '/'
+    });
+
+    // 自定义配置 CSRF 验证中间件
+    CsrfMiddleware.configure({
+      headerKey: 'X-CSRF-TOKEN',      // 默认: 'x-suda-csrf-token'
+      cookieKey: 'CSRF-TOKEN',        // 默认: 'suda-csrf-token'
+    });
+
+    // 应用中间件
+    consumer
+      .apply(CsrfTokenMiddleware)
+      .forRoutes('*');
+
+    consumer
+      .apply(CsrfMiddleware)
+      .forRoutes('*');
+  }
+}
+```
+
+**注意**: 如果使用自定义的 `cookieKey`，需要确保 `CsrfTokenMiddleware` 和 `CsrfMiddleware` 配置的 `cookieKey` 一致。
+
+### 2. 用户上下文
+
+自动从请求头中提取用户信息并注入到请求对象中。
+
+```typescript
+import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
+import { UserContextMiddleware } from '@lark-apaas/fullstack-nestjs-core';
+
+@Module({})
+export class AppModule implements NestModule {
+  configure(consumer: MiddlewareConsumer) {
+    consumer
+      .apply(UserContextMiddleware)
+      .forRoutes('*');
+  }
+}
+```
+
+在控制器中使用：
+
+```typescript
+import { Controller, Get, Req } from '@nestjs/common';
+import { Request } from 'express';
+
+@Controller()
+export class AppController {
+  @Get()
+  getUser(@Req() req: Request) {
+    // 访问用户上下文
+    const { userId, tenantId, appId } = req.userContext;
+    return { userId, tenantId, appId };
+  }
+}
+```
+
+### 3. 开发工具模块
+
+在开发环境中自动生成 Swagger 文档和客户端 SDK。
+
+```typescript
+import { NestFactory } from '@nestjs/core';
+import { DevToolsModule } from '@lark-apaas/fullstack-nestjs-core';
+import { AppModule } from './app.module';
+
+async function bootstrap() {
+  const app = await NestFactory.create(AppModule);
+
+  // 挂载开发工具
+  await DevToolsModule.mount(app, {
+    docsPath: 'api-docs',
+    openapiOut: './openapi.json',
+    needSetupServer: true,
+    needGenerateClientSdk: true,
+    clientSdkOut: './src/sdk',
+    swaggerOptions: {
+      title: 'My API',
+      version: '1.0.0',
+      customSiteTitle: 'My API Documentation',
+    },
+  });
+
+  await app.listen(3000);
+}
+bootstrap();
+```
+
+## API 文档
+
+### CsrfTokenMiddleware
+
+生成 CSRF Token 并设置到 Cookie 中。
+
+#### 配置选项 (CsrfTokenOptions)
+
+| 选项 | 类型 | 默认值 | 描述 |
+|------|------|--------|------|
+| cookieKey | string | `'suda-csrf-token'` | Cookie 中存储 CSRF Token 的键名 |
+| cookieMaxAge | number | `2592000000` (30天) | Cookie 的过期时间（毫秒） |
+| cookiePath | string | `'/'` | Cookie 的路径 |
+
+#### 静态方法
+
+- `configure(opts: CsrfTokenOptions)`: 配置中间件选项
+
+### CsrfMiddleware
+
+验证请求中的 CSRF Token。
+
+#### 配置选项 (CsrfOptions)
+
+| 选项 | 类型 | 默认值 | 描述 |
+|------|------|--------|------|
+| headerKey | string | `'x-suda-csrf-token'` | 请求头中 CSRF Token 的键名 |
+| cookieKey | string | `'suda-csrf-token'` | Cookie 中 CSRF Token 的键名 |
+
+#### 静态方法
+
+- `configure(opts: CsrfOptions)`: 配置中间件选项
+
+#### 验证规则
+
+1. 检查 Cookie 中是否存在 CSRF Token
+2. 检查请求头中是否存在 CSRF Token
+3. 验证两者是否匹配
+
+如果任何一步验证失败，将返回 403 Forbidden。
+
+### UserContextMiddleware
+
+从请求头中提取用户上下文信息。
+
+#### 注入的上下文
+
+```typescript
+req.userContext = {
+  userId: string | undefined;    // 用户 ID
+  tenantId: string | undefined;  // 租户 ID
+  appId: string;                 // 应用 ID
+}
+```
+
+### DevToolsModule
+
+开发工具模块，用于生成 API 文档和客户端 SDK。
+
+#### 配置选项 (DevToolsOptions)
+
+| 选项 | 类型 | 默认值 | 描述 |
+|------|------|--------|------|
+| basePath | string | - | 基础路径 |
+| docsPath | string | - | Swagger UI 的挂载路径 |
+| openapiOut | string | - | OpenAPI JSON 文件的输出路径 |
+| needSetupServer | boolean | - | 是否需要挂载 Swagger UI |
+| needGenerateClientSdk | boolean | - | 是否生成客户端 SDK |
+| clientSdkOut | string | - | 客户端 SDK 的输出目录 |
+| swaggerOptions | object | - | Swagger 文档配置 |
+| swaggerOptions.title | string | - | Swagger 文档标题 |
+| swaggerOptions.version | string | - | API 版本号 |
+| swaggerOptions.customSiteTitle | string | - | 自定义站点标题 |
+| swaggerOptions.customCss | string | - | 自定义 CSS 样式 |
+
+#### 静态方法
+
+- `mount(app: INestApplication, opts?: DevToolsOptions)`: 挂载开发工具到应用
+
+## TypeScript 支持
+
+本包完全使用 TypeScript 编写，并提供完整的类型定义。
+
+扩展 Express Request 类型：
+
+```typescript
+declare global {
+  namespace Express {
+    interface Request {
+      csrfToken?: string;
+      userContext?: {
+        userId?: string;
+        tenantId?: string;
+        appId: string;
+      };
+    }
+  }
+}
+```
+
+## 许可证
+
+MIT
+
+## 关键字
+
+- plugin
+- nestjs
+- server
+- typescript

package/dist/index.cjs

@@ -5,11 +5,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
-var __typeError = (msg) => {
-  throw TypeError(msg);
-};
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 var __export = (target, all) => {
   for (var name in all)
@@ -32,44 +27,6 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __decoratorStart = (base) => [, , , __create(base?.[__knownSymbol("metadata")] ?? null)];
-var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
-var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
-var __decoratorContext = (kind, name, done, metadata, fns) => ({ kind: __decoratorStrings[kind], name, metadata, addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null)) });
-var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
-var __runInitializers = (array, flags, self, value) => {
-  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) flags & 1 ? fns[i].call(self) : value = fns[i].call(self, value);
-  return value;
-};
-var __decorateElement = (array, flags, name, decorators, target, extra) => {
-  var fn, it, done, ctx, access, k = flags & 7, s = !!(flags & 8), p = !!(flags & 16);
-  var j = k > 3 ? array.length + 1 : k ? s ? 1 : 2 : 0, key = __decoratorStrings[k + 5];
-  var initializers = k > 3 && (array[j - 1] = []), extraInitializers = array[j] || (array[j] = []);
-  var desc = k && (!p && !s && (target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(k < 4 ? target : { get [name]() {
-    return __privateGet(this, extra);
-  }, set [name](x) {
-    return __privateSet(this, extra, x);
-  } }, name));
-  k ? p && k < 4 && __name(extra, (k > 2 ? "set " : k > 1 ? "get " : "") + name) : __name(target, name);
-  for (var i = decorators.length - 1; i >= 0; i--) {
-    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
-    if (k) {
-      ctx.static = s, ctx.private = p, access = ctx.access = { has: p ? (x) => __privateIn(target, x) : (x) => name in x };
-      if (k ^ 3) access.get = p ? (x) => (k ^ 1 ? __privateGet : __privateMethod)(x, target, k ^ 4 ? extra : desc.get) : (x) => x[name];
-      if (k > 2) access.set = p ? (x, y) => __privateSet(x, target, y, k ^ 4 ? extra : desc.set) : (x, y) => x[name] = y;
-    }
-    it = (0, decorators[i])(k ? k < 4 ? p ? extra : desc[key] : k > 4 ? void 0 : { get: desc.get, set: desc.set } : target, ctx), done._ = 1;
-    if (k ^ 4 || it === void 0) __expectFn(it) && (k > 4 ? initializers.unshift(it) : k ? p ? extra = it : desc[key] = it : target = it);
-    else if (typeof it !== "object" || it === null) __typeError("Object expected");
-    else __expectFn(fn = it.get) && (desc.get = fn), __expectFn(fn = it.set) && (desc.set = fn), __expectFn(fn = it.init) && initializers.unshift(fn);
-  }
-  return k || __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
-};
-var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
-var __privateIn = (member, obj) => Object(obj) !== obj ? __typeError('Cannot use the "in" operator on this value') : member.has(obj);
-var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
-var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
-var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
 
 // src/index.ts
 var index_exports = {};
@@ -93,6 +50,7 @@ function normalizeBasePath(rawBasePath) {
   const normalizedBasePath = rawBasePath.startsWith("/") ? rawBasePath : `/${rawBasePath}`;
   return normalizedBasePath.endsWith("/") ? normalizedBasePath.slice(0, -1) : normalizedBasePath;
 }
+__name(normalizeBasePath, "normalizeBasePath");
 function resolveOptsWithDefaultValue(options) {
   const basePath = normalizeBasePath(options.basePath || "/");
   const docsPath = normalizeBasePath(options.docsPath || `api/docs`);
@@ -112,26 +70,35 @@ function resolveOptsWithDefaultValue(options) {
     }
   };
 }
+__name(resolveOptsWithDefaultValue, "resolveOptsWithDefaultValue");
 function ensureDirAndWrite(filePath, content) {
   const dir = (0, import_node_path.dirname)(filePath);
-  (0, import_node_fs.mkdirSync)(dir, { recursive: true });
+  (0, import_node_fs.mkdirSync)(dir, {
+    recursive: true
+  });
   (0, import_node_fs.writeFileSync)(filePath, content);
 }
+__name(ensureDirAndWrite, "ensureDirAndWrite");
 
 // src/modules/devtool/index.ts
 var DevToolsModule = class {
+  static {
+    __name(this, "DevToolsModule");
+  }
   static async mount(app, opts = {}) {
     const options = resolveOptsWithDefaultValue(opts);
     const baseDirname = process.cwd();
     const builder = new import_swagger.DocumentBuilder().setTitle(options.swaggerOptions.title).setVersion(options.swaggerOptions.version);
     const document = import_swagger.SwaggerModule.createDocument(app, builder.build(), {
-      operationIdFactory: (_c, m) => m
+      operationIdFactory: /* @__PURE__ */ __name((_c, m) => m, "operationIdFactory")
     });
     if (options.needSetupServer) {
       import_swagger.SwaggerModule.setup(options.docsPath, app, document, {
         customSiteTitle: options.swaggerOptions.customSiteTitle,
         customCss: options.swaggerOptions.customCss,
-        swaggerOptions: { persistAuthorization: true }
+        swaggerOptions: {
+          persistAuthorization: true
+        }
       });
       console.log(`[OpenAPI] Swagger UI \u5DF2\u6302\u8F7D\u81F3 ${options.docsPath}`);
     }
@@ -139,7 +106,9 @@ var DevToolsModule = class {
     ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));
     if (options.needGenerateClientSdk) {
       const clientSdkOutPath = (0, import_node_path2.resolve)(baseDirname, options.clientSdkOut);
-      (0, import_node_fs2.mkdirSync)(clientSdkOutPath, { recursive: true });
+      (0, import_node_fs2.mkdirSync)(clientSdkOutPath, {
+        recursive: true
+      });
       const { generate } = await import("openapi-typescript-codegen");
       await generate({
         input: openapiPath,
@@ -166,22 +135,30 @@ function resolveCsrfTokenOptions(options) {
     cookiePath: options.cookiePath ?? "/"
   };
 }
+__name(resolveCsrfTokenOptions, "resolveCsrfTokenOptions");
 function genToken() {
   const ts = Math.floor(Date.now() / 1e3);
-  const randInt64 = BigInt(
-    "0x" + import_crypto.default.randomBytes(8).toString("hex")
-  ).toString();
+  const randInt64 = BigInt("0x" + import_crypto.default.randomBytes(8).toString("hex")).toString();
   const s = `${randInt64}.${ts}`;
   const sha1 = import_crypto.default.createHash("sha1");
   sha1.update(s);
   return `${sha1.digest("hex")}-${ts}`;
 }
+__name(genToken, "genToken");
 
 // src/middlewares/csrf_token/index.ts
-var _CsrfTokenMiddleware_decorators, _init;
-_CsrfTokenMiddleware_decorators = [(0, import_common.Injectable)()];
-var _CsrfTokenMiddleware = class _CsrfTokenMiddleware {
-  static options;
+function _ts_decorate(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate, "_ts_decorate");
+var CsrfTokenMiddleware = class _CsrfTokenMiddleware {
+  static {
+    __name(this, "CsrfTokenMiddleware");
+  }
+  static options = resolveCsrfTokenOptions({});
   static configure(opts) {
     this.options = resolveCsrfTokenOptions(opts);
   }
@@ -201,16 +178,14 @@ var _CsrfTokenMiddleware = class _CsrfTokenMiddleware {
         secure: true,
         sameSite: "none",
         partitioned: true
-        // 默认开启 Partitioned Cookie
       });
       next();
     }
   }
 };
-_init = __decoratorStart(null);
-_CsrfTokenMiddleware = __decorateElement(_init, 0, "CsrfTokenMiddleware", _CsrfTokenMiddleware_decorators, _CsrfTokenMiddleware);
-__runInitializers(_init, 1, _CsrfTokenMiddleware);
-var CsrfTokenMiddleware = _CsrfTokenMiddleware;
+CsrfTokenMiddleware = _ts_decorate([
+  (0, import_common.Injectable)()
+], CsrfTokenMiddleware);
 
 // src/middlewares/csrf/index.ts
 var import_common2 = require("@nestjs/common");
@@ -223,15 +198,25 @@ function resolveCsrfOptions(options) {
     cookieKey: options.cookieKey ?? "suda-csrf-token"
   };
 }
+__name(resolveCsrfOptions, "resolveCsrfOptions");
 function sendForbidden(res, message) {
   res.status(403).send(`Forbidden\uFF0C${message}`);
 }
+__name(sendForbidden, "sendForbidden");
 
 // src/middlewares/csrf/index.ts
-var _CsrfMiddleware_decorators, _init2;
-_CsrfMiddleware_decorators = [(0, import_common2.Injectable)()];
-var _CsrfMiddleware = class _CsrfMiddleware {
-  static options;
+function _ts_decorate2(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate2, "_ts_decorate");
+var CsrfMiddleware = class _CsrfMiddleware {
+  static {
+    __name(this, "CsrfMiddleware");
+  }
+  static options = resolveCsrfOptions({});
   static configure(opts) {
     this.options = resolveCsrfOptions(opts);
   }
@@ -254,10 +239,9 @@ var _CsrfMiddleware = class _CsrfMiddleware {
     next();
   }
 };
-_init2 = __decoratorStart(null);
-_CsrfMiddleware = __decorateElement(_init2, 0, "CsrfMiddleware", _CsrfMiddleware_decorators, _CsrfMiddleware);
-__runInitializers(_init2, 1, _CsrfMiddleware);
-var CsrfMiddleware = _CsrfMiddleware;
+CsrfMiddleware = _ts_decorate2([
+  (0, import_common2.Injectable)()
+], CsrfMiddleware);
 
 // src/middlewares/user-context/index.ts
 var import_common3 = require("@nestjs/common");
@@ -279,11 +263,20 @@ function getWebUserFromHeader(req) {
   }
   return null;
 }
+__name(getWebUserFromHeader, "getWebUserFromHeader");
 
 // src/middlewares/user-context/index.ts
-var _UserContextMiddleware_decorators, _init3;
-_UserContextMiddleware_decorators = [(0, import_common3.Injectable)()];
+function _ts_decorate3(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate3, "_ts_decorate");
 var UserContextMiddleware = class {
+  static {
+    __name(this, "UserContextMiddleware");
+  }
   use(req, _res, next) {
     const webUser = getWebUserFromHeader(req);
     req.userContext = {
@@ -294,9 +287,9 @@ var UserContextMiddleware = class {
     next();
   }
 };
-_init3 = __decoratorStart(null);
-UserContextMiddleware = __decorateElement(_init3, 0, "UserContextMiddleware", _UserContextMiddleware_decorators, UserContextMiddleware);
-__runInitializers(_init3, 1, UserContextMiddleware);
+UserContextMiddleware = _ts_decorate3([
+  (0, import_common3.Injectable)()
+], UserContextMiddleware);
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   CsrfMiddleware,

package/dist/index.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/index.ts","../src/modules/devtool/index.ts","../src/modules/devtool/helper.ts","../src/middlewares/csrf_token/index.ts","../src/middlewares/csrf_token/helper.ts","../src/middlewares/csrf/index.ts","../src/middlewares/csrf/helper.ts","../src/middlewares/user-context/index.ts","../src/middlewares/user-context/helper.ts"],"sourcesContent":["import './types/express.d';\n\nexport { DevToolsModule } from './modules/devtool';\n\n// Middlewares\nexport { CsrfTokenMiddleware } from './middlewares/csrf_token';\nexport { CsrfMiddleware } from './middlewares/csrf';\nexport { UserContextMiddleware } from './middlewares/user-context';\n","import type { INestApplication } from '@nestjs/common';\n\nimport { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';\nimport { mkdirSync } from 'node:fs';\nimport { resolve } from 'node:path';\n\nimport { resolveOptsWithDefaultValue, ensureDirAndWrite } from './helper';\nimport { DevToolsOptions } from './type';\n\nexport class DevToolsModule {\n  static async mount(app: INestApplication, opts: DevToolsOptions = {}) {\n    const options = resolveOptsWithDefaultValue(opts);\n    const baseDirname = process.cwd(); // 跟随命令的根目录\n\n    // 1) 生成 Swagger 文档\n    const builder = new DocumentBuilder()\n      .setTitle(options.swaggerOptions.title)\n      .setVersion(options.swaggerOptions.version);\n    const document = SwaggerModule.createDocument(app, builder.build(), {\n      operationIdFactory: (_c, m) => m,\n    });\n    // 1.1) 挂载 Swagger UI（可关）\n    if(options.needSetupServer){\n      SwaggerModule.setup(options.docsPath, app, document, {\n        customSiteTitle: options.swaggerOptions.customSiteTitle,\n        customCss: options.swaggerOptions.customCss,\n        swaggerOptions: { persistAuthorization: true },\n      });\n      console.log(`[OpenAPI] Swagger UI 已挂载至 ${options.docsPath}`);\n    }\n\n    // 2) 导出 openapi.json\n    const openapiPath = resolve(baseDirname, options.openapiOut);\n    ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));\n\n    // 3) 生成 axios SDK（可关）\n    if (options.needGenerateClientSdk) {\n      const clientSdkOutPath = resolve(baseDirname, options.clientSdkOut);\n      mkdirSync(clientSdkOutPath, { recursive: true });\n      const { generate } = await import('openapi-typescript-codegen');\n      await generate({\n        input: openapiPath,\n        output: clientSdkOutPath,\n        httpClient: 'axios',\n        useOptions: false,\n        exportServices: true,\n      });\n      console.log('[OpenAPI] 导出 openapi.json 并生成 axios SDK ✅');\n    }\n  }\n}\n","import { dirname } from 'node:path';\nimport { writeFileSync, mkdirSync } from 'node:fs';\n\nimport { DevToolsOptions } from './type';\n/**\n * 标准化基础路径，确保以 '/' 开头且以 '/' 结尾\n *\n * @param rawBasePath 原始的基础路径，可能以 '/' 开头或结尾\n * @returns 标准化后的基础路径，确保以 '/' 开头且不以 '/' 结尾\n */\nexport function normalizeBasePath(rawBasePath: string): string {\n  const normalizedBasePath = rawBasePath.startsWith('/')\n    ? rawBasePath\n    : `/${rawBasePath}`;\n  return normalizedBasePath.endsWith('/')\n    ? normalizedBasePath.slice(0, -1)\n    : normalizedBasePath;\n}\n\ntype ResolvedDevToolsOptions = Required<\n  Omit<DevToolsOptions, 'swaggerOptions'>\n> & {\n  swaggerOptions: Required<NonNullable<DevToolsOptions['swaggerOptions']>>;\n};\n\nexport function resolveOptsWithDefaultValue(\n  options: DevToolsOptions,\n): ResolvedDevToolsOptions {\n  const basePath = normalizeBasePath(options.basePath || '/');\n  const docsPath = normalizeBasePath(options.docsPath || `api/docs`);\n  return {\n    ...options,\n    needSetupServer: options.needSetupServer ?? false,\n    basePath,\n    docsPath: `${basePath}${docsPath}`,\n    openapiOut: options.openapiOut || './client/src/api/gen/openapi.json',\n    clientSdkOut: options.clientSdkOut || './client/src/api/gen',\n    needGenerateClientSdk: options.needGenerateClientSdk ?? true,\n    swaggerOptions: {\n      title: options.swaggerOptions?.title ?? 'NestJS Fullstack API',\n      version: options.swaggerOptions?.version ?? '1.0.0',\n      customSiteTitle:\n        options.swaggerOptions?.customSiteTitle ?? 'API Documentation',\n      customCss:\n        options.swaggerOptions?.customCss ??\n        '.swagger-ui .topbar { display: none }',\n    },\n  };\n}\n\nexport function ensureDirAndWrite(filePath: string, content: string) {\n  // 1. 拿到文件的上级目录\n  const dir = dirname(filePath);\n\n  // 2. 确保目录存在，不存在就递归创建\n  mkdirSync(dir, { recursive: true });\n\n  // 3. 写文件\n  writeFileSync(filePath, content);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\nimport { resolveCsrfTokenOptions, genToken } from './helper';\n\n@Injectable()\nexport class CsrfTokenMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfTokenOptions;\n\n  public static configure(opts: CsrfTokenOptions) {\n    this.options = resolveCsrfTokenOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { cookieKey, cookieMaxAge, cookiePath } = CsrfTokenMiddleware.options;\n    const originToken = req.cookies[cookieKey.toLowerCase()];\n    // 如果存在 Cookie，则直接消费，无需生成\n    if (originToken) {\n      req.csrfToken = originToken;\n      next();\n    } else {\n      // 如果不存在 token，则生成新的 csrfToken，并 setCookie\n      const token = genToken();\n      req.csrfToken = token;\n      res.cookie(cookieKey, token, {\n        maxAge: cookieMaxAge,\n        path: cookiePath,\n        httpOnly: true,\n        secure: true,\n        sameSite: 'none',\n        partitioned: true, // 默认开启 Partitioned Cookie\n      });\n      next();\n    }\n  }\n}\n","import crypto from 'crypto';\nimport { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\n\nexport function resolveCsrfTokenOptions(\n  options: CsrfTokenOptions,\n): ResolvedCsrfTokenOptions {\n  return {\n    ...options,\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n    cookieMaxAge: options.cookieMaxAge ?? 1000 *60 * 60 * 24 * 30,\n    cookiePath: options.cookiePath ?? '/',\n  };\n}\n\n// 生成 CsrfToken\nexport function genToken() {\n  // 时间戳（秒级，和 Go 一致）\n  const ts = Math.floor(Date.now() / 1000);\n\n  // 随机 int64 模拟：生成 8 字节随机数并转成十进制字符串\n  const randInt64 = BigInt(\n    '0x' + crypto.randomBytes(8).toString('hex'),\n  ).toString();\n\n  // 拼接 \"<rand>.<timestamp>\"\n  const s = `${randInt64}.${ts}`;\n\n  // 计算 sha1\n  const sha1 = crypto.createHash('sha1');\n  sha1.update(s);\n\n  // 返回 \"<sha1Hex>-<timestamp>\"\n  return `${sha1.digest('hex')}-${ts}`;\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfOptions, ResolvedCsrfOptions } from './type';\nimport { resolveCsrfOptions, sendForbidden } from './helper';\n\n@Injectable()\nexport class CsrfMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfOptions;\n\n  public static configure(opts: CsrfOptions) {\n    this.options = resolveCsrfOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { headerKey, cookieKey } = CsrfMiddleware.options;\n    const cookieCsrfToken = req.cookies[cookieKey.toLowerCase()];\n    if (!cookieCsrfToken) {\n      sendForbidden(res, 'csrf token not found in cookie.');\n      return;\n    }\n    const headerCsrfToken = req.headers[headerKey.toLowerCase()];\n    if (!headerCsrfToken) {\n      sendForbidden(res, 'csrf token not found in header.');\n      return;\n    }\n    if (cookieCsrfToken !== headerCsrfToken) {\n      sendForbidden(res, 'csrf token not match.');\n      return;\n    }\n    next();\n  }\n}\n","import type { Response } from 'express';\n\nimport { CsrfOptions, ResolvedCsrfOptions } from './type';\n\nexport function resolveCsrfOptions(options: CsrfOptions): ResolvedCsrfOptions {\n  return {\n    ...options,\n    headerKey: options.headerKey ?? 'x-suda-csrf-token',\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n  };\n}\n\nexport function sendForbidden(res: Response, message: string) {\n  res.status(403).send(`Forbidden，${message}`);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\nimport { getWebUserFromHeader } from './helper';\n\n@Injectable()\nexport class UserContextMiddleware implements NestMiddleware {\n\n  public use(req: Request, _res: Response, next: NextFunction) {\n    const webUser = getWebUserFromHeader(req);\n    req.userContext = {\n      userId: webUser?.user_id,\n      tenantId: webUser?.tenant_id,\n      appId: webUser?.app_id ?? '',\n    }\n    next();\n  }\n}\n","import type { Request } from 'express';\n\nconst sudaWebUserHeaderKey = 'x-larkgw-suda-webuser';\n\ninterface SudaWebUser {\n  user_id: string;\n  tenant_id: number;\n  app_id: string;\n}\n\nexport function getWebUserFromHeader(req: Request): SudaWebUser | null {\n  const sudaWebUserContent = req.headers[sudaWebUserHeaderKey] as\n    | string\n    | undefined;\n  if (!sudaWebUserContent) {\n    return null;\n  }\n  try {\n    const sudaWebUserJsonStr = decodeURIComponent(sudaWebUserContent);\n    const sudaWebUserJson = JSON.parse(sudaWebUserJsonStr) as SudaWebUser;\n    return sudaWebUserJson;\n  } catch (err) {\n    console.error('parse suda webuser from header failed, err=%o', err);\n    return null;\n  }\n  return null;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACEA,qBAA+C;AAC/C,IAAAA,kBAA0B;AAC1B,IAAAC,oBAAwB;;;ACJxB,uBAAwB;AACxB,qBAAyC;AASlC,SAAS,kBAAkB,aAA6B;AAC7D,QAAM,qBAAqB,YAAY,WAAW,GAAG,IACjD,cACA,IAAI,WAAW;AACnB,SAAO,mBAAmB,SAAS,GAAG,IAClC,mBAAmB,MAAM,GAAG,EAAE,IAC9B;AACN;AAQO,SAAS,4BACd,SACyB;AACzB,QAAM,WAAW,kBAAkB,QAAQ,YAAY,GAAG;AAC1D,QAAM,WAAW,kBAAkB,QAAQ,YAAY,UAAU;AACjE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,iBAAiB,QAAQ,mBAAmB;AAAA,IAC5C;AAAA,IACA,UAAU,GAAG,QAAQ,GAAG,QAAQ;AAAA,IAChC,YAAY,QAAQ,cAAc;AAAA,IAClC,cAAc,QAAQ,gBAAgB;AAAA,IACtC,uBAAuB,QAAQ,yBAAyB;AAAA,IACxD,gBAAgB;AAAA,MACd,OAAO,QAAQ,gBAAgB,SAAS;AAAA,MACxC,SAAS,QAAQ,gBAAgB,WAAW;AAAA,MAC5C,iBACE,QAAQ,gBAAgB,mBAAmB;AAAA,MAC7C,WACE,QAAQ,gBAAgB,aACxB;AAAA,IACJ;AAAA,EACF;AACF;AAEO,SAAS,kBAAkB,UAAkB,SAAiB;AAEnE,QAAM,UAAM,0BAAQ,QAAQ;AAG5B,gCAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AAGlC,oCAAc,UAAU,OAAO;AACjC;;;ADlDO,IAAM,iBAAN,MAAqB;AAAA,EAC1B,aAAa,MAAM,KAAuB,OAAwB,CAAC,GAAG;AACpE,UAAM,UAAU,4BAA4B,IAAI;AAChD,UAAM,cAAc,QAAQ,IAAI;AAGhC,UAAM,UAAU,IAAI,+BAAgB,EACjC,SAAS,QAAQ,eAAe,KAAK,EACrC,WAAW,QAAQ,eAAe,OAAO;AAC5C,UAAM,WAAW,6BAAc,eAAe,KAAK,QAAQ,MAAM,GAAG;AAAA,MAClE,oBAAoB,CAAC,IAAI,MAAM;AAAA,IACjC,CAAC;AAED,QAAG,QAAQ,iBAAgB;AACzB,mCAAc,MAAM,QAAQ,UAAU,KAAK,UAAU;AAAA,QACnD,iBAAiB,QAAQ,eAAe;AAAA,QACxC,WAAW,QAAQ,eAAe;AAAA,QAClC,gBAAgB,EAAE,sBAAsB,KAAK;AAAA,MAC/C,CAAC;AACD,cAAQ,IAAI,iDAA6B,QAAQ,QAAQ,EAAE;AAAA,IAC7D;AAGA,UAAM,kBAAc,2BAAQ,aAAa,QAAQ,UAAU;AAC3D,sBAAkB,aAAa,KAAK,UAAU,UAAU,MAAM,CAAC,CAAC;AAGhE,QAAI,QAAQ,uBAAuB;AACjC,YAAM,uBAAmB,2BAAQ,aAAa,QAAQ,YAAY;AAClE,qCAAU,kBAAkB,EAAE,WAAW,KAAK,CAAC;AAC/C,YAAM,EAAE,SAAS,IAAI,MAAM,OAAO,4BAA4B;AAC9D,YAAM,SAAS;AAAA,QACb,OAAO;AAAA,QACP,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,YAAY;AAAA,QACZ,gBAAgB;AAAA,MAClB,CAAC;AACD,cAAQ,IAAI,yEAA2C;AAAA,IACzD;AAAA,EACF;AACF;;;AElDA,oBAA2C;;;ACA3C,oBAAmB;AAGZ,SAAS,wBACd,SAC0B;AAC1B,SAAO;AAAA,IACL,GAAG;AAAA,IACH,WAAW,QAAQ,aAAa;AAAA,IAChC,cAAc,QAAQ,gBAAgB,MAAM,KAAK,KAAK,KAAK;AAAA,IAC3D,YAAY,QAAQ,cAAc;AAAA,EACpC;AACF;AAGO,SAAS,WAAW;AAEzB,QAAM,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAGvC,QAAM,YAAY;AAAA,IAChB,OAAO,cAAAC,QAAO,YAAY,CAAC,EAAE,SAAS,KAAK;AAAA,EAC7C,EAAE,SAAS;AAGX,QAAM,IAAI,GAAG,SAAS,IAAI,EAAE;AAG5B,QAAM,OAAO,cAAAA,QAAO,WAAW,MAAM;AACrC,OAAK,OAAO,CAAC;AAGb,SAAO,GAAG,KAAK,OAAO,KAAK,CAAC,IAAI,EAAE;AACpC;;;ADjCA;AAMA,uCAAC,0BAAW;AACL,IAAM,uBAAN,MAAM,qBAA8C;AAAA,EACzD,OAAe;AAAA,EAEf,OAAc,UAAU,MAAwB;AAC9C,SAAK,UAAU,wBAAwB,IAAI;AAAA,EAC7C;AAAA,EAEO,IAAI,KAAc,KAAe,MAAoB;AAC1D,UAAM,EAAE,WAAW,cAAc,WAAW,IAAI,qBAAoB;AACpE,UAAM,cAAc,IAAI,QAAQ,UAAU,YAAY,CAAC;AAEvD,QAAI,aAAa;AACf,UAAI,YAAY;AAChB,WAAK;AAAA,IACP,OAAO;AAEL,YAAM,QAAQ,SAAS;AACvB,UAAI,YAAY;AAChB,UAAI,OAAO,WAAW,OAAO;AAAA,QAC3B,QAAQ;AAAA,QACR,MAAM;AAAA,QACN,UAAU;AAAA,QACV,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,aAAa;AAAA;AAAA,MACf,CAAC;AACD,WAAK;AAAA,IACP;AAAA,EACF;AACF;AA7BO;AAAM,uBAAN,mDADP,iCACa;AAAN,4BAAM;AAAN,IAAM,sBAAN;;;AEPP,IAAAC,iBAA2C;;;ACIpC,SAAS,mBAAmB,SAA2C;AAC5E,SAAO;AAAA,IACL,GAAG;AAAA,IACH,WAAW,QAAQ,aAAa;AAAA,IAChC,WAAW,QAAQ,aAAa;AAAA,EAClC;AACF;AAEO,SAAS,cAAc,KAAe,SAAiB;AAC5D,MAAI,OAAO,GAAG,EAAE,KAAK,kBAAa,OAAO,EAAE;AAC7C;;;ADdA,gCAAAC;AAMA,kCAAC,2BAAW;AACL,IAAM,kBAAN,MAAM,gBAAyC;AAAA,EACpD,OAAe;AAAA,EAEf,OAAc,UAAU,MAAmB;AACzC,SAAK,UAAU,mBAAmB,IAAI;AAAA,EACxC;AAAA,EAEO,IAAI,KAAc,KAAe,MAAoB;AAC1D,UAAM,EAAE,WAAW,UAAU,IAAI,gBAAe;AAChD,UAAM,kBAAkB,IAAI,QAAQ,UAAU,YAAY,CAAC;AAC3D,QAAI,CAAC,iBAAiB;AACpB,oBAAc,KAAK,iCAAiC;AACpD;AAAA,IACF;AACA,UAAM,kBAAkB,IAAI,QAAQ,UAAU,YAAY,CAAC;AAC3D,QAAI,CAAC,iBAAiB;AACpB,oBAAc,KAAK,iCAAiC;AACpD;AAAA,IACF;AACA,QAAI,oBAAoB,iBAAiB;AACvC,oBAAc,KAAK,uBAAuB;AAC1C;AAAA,IACF;AACA,SAAK;AAAA,EACP;AACF;AAzBOA,SAAA;AAAM,kBAAN,kBAAAA,QAAA,qBADP,4BACa;AAAN,kBAAAA,QAAA,GAAM;AAAN,IAAM,iBAAN;;;AEPP,IAAAC,iBAA2C;;;ACE3C,IAAM,uBAAuB;AAQtB,SAAS,qBAAqB,KAAkC;AACrE,QAAM,qBAAqB,IAAI,QAAQ,oBAAoB;AAG3D,MAAI,CAAC,oBAAoB;AACvB,WAAO;AAAA,EACT;AACA,MAAI;AACF,UAAM,qBAAqB,mBAAmB,kBAAkB;AAChE,UAAM,kBAAkB,KAAK,MAAM,kBAAkB;AACrD,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,YAAQ,MAAM,iDAAiD,GAAG;AAClE,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;AD1BA,uCAAAC;AAIA,yCAAC,2BAAW;AACL,IAAM,wBAAN,MAAsD;AAAA,EAEpD,IAAI,KAAc,MAAgB,MAAoB;AAC3D,UAAM,UAAU,qBAAqB,GAAG;AACxC,QAAI,cAAc;AAAA,MAChB,QAAQ,SAAS;AAAA,MACjB,UAAU,SAAS;AAAA,MACnB,OAAO,SAAS,UAAU;AAAA,IAC5B;AACA,SAAK;AAAA,EACP;AACF;AAXOA,SAAA;AAAM,wBAAN,kBAAAA,QAAA,4BADP,mCACa;AAAN,kBAAAA,QAAA,GAAM;","names":["import_node_fs","import_node_path","crypto","import_common","_init","import_common","_init"]}
+{"version":3,"sources":["../src/index.ts","../src/modules/devtool/index.ts","../src/modules/devtool/helper.ts","../src/middlewares/csrf_token/index.ts","../src/middlewares/csrf_token/helper.ts","../src/middlewares/csrf/index.ts","../src/middlewares/csrf/helper.ts","../src/middlewares/user-context/index.ts","../src/middlewares/user-context/helper.ts"],"sourcesContent":["import './types/express.d';\n\nexport { DevToolsModule } from './modules/devtool';\n\n// Middlewares\nexport { CsrfTokenMiddleware } from './middlewares/csrf_token';\nexport { CsrfMiddleware } from './middlewares/csrf';\nexport { UserContextMiddleware } from './middlewares/user-context';\n","import type { INestApplication } from '@nestjs/common';\n\nimport { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';\nimport { mkdirSync } from 'node:fs';\nimport { resolve } from 'node:path';\n\nimport { resolveOptsWithDefaultValue, ensureDirAndWrite } from './helper';\nimport { DevToolsOptions } from './type';\n\nexport class DevToolsModule {\n  static async mount(app: INestApplication, opts: DevToolsOptions = {}) {\n    const options = resolveOptsWithDefaultValue(opts);\n    const baseDirname = process.cwd(); // 跟随命令的根目录\n\n    // 1) 生成 Swagger 文档\n    const builder = new DocumentBuilder()\n      .setTitle(options.swaggerOptions.title)\n      .setVersion(options.swaggerOptions.version);\n    const document = SwaggerModule.createDocument(app, builder.build(), {\n      operationIdFactory: (_c, m) => m,\n    });\n    // 1.1) 挂载 Swagger UI（可关）\n    if(options.needSetupServer){\n      SwaggerModule.setup(options.docsPath, app, document, {\n        customSiteTitle: options.swaggerOptions.customSiteTitle,\n        customCss: options.swaggerOptions.customCss,\n        swaggerOptions: { persistAuthorization: true },\n      });\n      console.log(`[OpenAPI] Swagger UI 已挂载至 ${options.docsPath}`);\n    }\n\n    // 2) 导出 openapi.json\n    const openapiPath = resolve(baseDirname, options.openapiOut);\n    ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));\n\n    // 3) 生成 axios SDK（可关）\n    if (options.needGenerateClientSdk) {\n      const clientSdkOutPath = resolve(baseDirname, options.clientSdkOut);\n      mkdirSync(clientSdkOutPath, { recursive: true });\n      const { generate } = await import('openapi-typescript-codegen');\n      await generate({\n        input: openapiPath,\n        output: clientSdkOutPath,\n        httpClient: 'axios',\n        useOptions: false,\n        exportServices: true,\n      });\n      console.log('[OpenAPI] 导出 openapi.json 并生成 axios SDK ✅');\n    }\n  }\n}\n","import { dirname } from 'node:path';\nimport { writeFileSync, mkdirSync } from 'node:fs';\n\nimport { DevToolsOptions } from './type';\n/**\n * 标准化基础路径，确保以 '/' 开头且以 '/' 结尾\n *\n * @param rawBasePath 原始的基础路径，可能以 '/' 开头或结尾\n * @returns 标准化后的基础路径，确保以 '/' 开头且不以 '/' 结尾\n */\nexport function normalizeBasePath(rawBasePath: string): string {\n  const normalizedBasePath = rawBasePath.startsWith('/')\n    ? rawBasePath\n    : `/${rawBasePath}`;\n  return normalizedBasePath.endsWith('/')\n    ? normalizedBasePath.slice(0, -1)\n    : normalizedBasePath;\n}\n\ntype ResolvedDevToolsOptions = Required<\n  Omit<DevToolsOptions, 'swaggerOptions'>\n> & {\n  swaggerOptions: Required<NonNullable<DevToolsOptions['swaggerOptions']>>;\n};\n\nexport function resolveOptsWithDefaultValue(\n  options: DevToolsOptions,\n): ResolvedDevToolsOptions {\n  const basePath = normalizeBasePath(options.basePath || '/');\n  const docsPath = normalizeBasePath(options.docsPath || `api/docs`);\n  return {\n    ...options,\n    needSetupServer: options.needSetupServer ?? false,\n    basePath,\n    docsPath: `${basePath}${docsPath}`,\n    openapiOut: options.openapiOut || './client/src/api/gen/openapi.json',\n    clientSdkOut: options.clientSdkOut || './client/src/api/gen',\n    needGenerateClientSdk: options.needGenerateClientSdk ?? true,\n    swaggerOptions: {\n      title: options.swaggerOptions?.title ?? 'NestJS Fullstack API',\n      version: options.swaggerOptions?.version ?? '1.0.0',\n      customSiteTitle:\n        options.swaggerOptions?.customSiteTitle ?? 'API Documentation',\n      customCss:\n        options.swaggerOptions?.customCss ??\n        '.swagger-ui .topbar { display: none }',\n    },\n  };\n}\n\nexport function ensureDirAndWrite(filePath: string, content: string) {\n  // 1. 拿到文件的上级目录\n  const dir = dirname(filePath);\n\n  // 2. 确保目录存在，不存在就递归创建\n  mkdirSync(dir, { recursive: true });\n\n  // 3. 写文件\n  writeFileSync(filePath, content);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\nimport { resolveCsrfTokenOptions, genToken } from './helper';\n\n@Injectable()\nexport class CsrfTokenMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfTokenOptions = resolveCsrfTokenOptions({});\n\n  public static configure(opts: CsrfTokenOptions) {\n    this.options = resolveCsrfTokenOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { cookieKey, cookieMaxAge, cookiePath } = CsrfTokenMiddleware.options;\n    const originToken = req.cookies[cookieKey.toLowerCase()];\n    // 如果存在 Cookie，则直接消费，无需生成\n    if (originToken) {\n      req.csrfToken = originToken;\n      next();\n    } else {\n      // 如果不存在 token，则生成新的 csrfToken，并 setCookie\n      const token = genToken();\n      req.csrfToken = token;\n      res.cookie(cookieKey, token, {\n        maxAge: cookieMaxAge,\n        path: cookiePath,\n        httpOnly: true,\n        secure: true,\n        sameSite: 'none',\n        partitioned: true, // 默认开启 Partitioned Cookie\n      });\n      next();\n    }\n  }\n}\n","import crypto from 'crypto';\nimport { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\n\nexport function resolveCsrfTokenOptions(\n  options: CsrfTokenOptions,\n): ResolvedCsrfTokenOptions {\n  return {\n    ...options,\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n    cookieMaxAge: options.cookieMaxAge ?? 1000 *60 * 60 * 24 * 30,\n    cookiePath: options.cookiePath ?? '/',\n  };\n}\n\n// 生成 CsrfToken\nexport function genToken() {\n  // 时间戳（秒级，和 Go 一致）\n  const ts = Math.floor(Date.now() / 1000);\n\n  // 随机 int64 模拟：生成 8 字节随机数并转成十进制字符串\n  const randInt64 = BigInt(\n    '0x' + crypto.randomBytes(8).toString('hex'),\n  ).toString();\n\n  // 拼接 \"<rand>.<timestamp>\"\n  const s = `${randInt64}.${ts}`;\n\n  // 计算 sha1\n  const sha1 = crypto.createHash('sha1');\n  sha1.update(s);\n\n  // 返回 \"<sha1Hex>-<timestamp>\"\n  return `${sha1.digest('hex')}-${ts}`;\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfOptions, ResolvedCsrfOptions } from './type';\nimport { resolveCsrfOptions, sendForbidden } from './helper';\n\n@Injectable()\nexport class CsrfMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfOptions = resolveCsrfOptions({});\n\n  public static configure(opts: CsrfOptions) {\n    this.options = resolveCsrfOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { headerKey, cookieKey } = CsrfMiddleware.options;\n    const cookieCsrfToken = req.cookies[cookieKey.toLowerCase()];\n    if (!cookieCsrfToken) {\n      sendForbidden(res, 'csrf token not found in cookie.');\n      return;\n    }\n    const headerCsrfToken = req.headers[headerKey.toLowerCase()];\n    if (!headerCsrfToken) {\n      sendForbidden(res, 'csrf token not found in header.');\n      return;\n    }\n    if (cookieCsrfToken !== headerCsrfToken) {\n      sendForbidden(res, 'csrf token not match.');\n      return;\n    }\n    next();\n  }\n}\n","import type { Response } from 'express';\n\nimport { CsrfOptions, ResolvedCsrfOptions } from './type';\n\nexport function resolveCsrfOptions(options: CsrfOptions): ResolvedCsrfOptions {\n  return {\n    ...options,\n    headerKey: options.headerKey ?? 'x-suda-csrf-token',\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n  };\n}\n\nexport function sendForbidden(res: Response, message: string) {\n  res.status(403).send(`Forbidden，${message}`);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\nimport { getWebUserFromHeader } from './helper';\n\n@Injectable()\nexport class UserContextMiddleware implements NestMiddleware {\n\n  public use(req: Request, _res: Response, next: NextFunction) {\n    const webUser = getWebUserFromHeader(req);\n    req.userContext = {\n      userId: webUser?.user_id,\n      tenantId: webUser?.tenant_id,\n      appId: webUser?.app_id ?? '',\n    }\n    next();\n  }\n}\n","import type { Request } from 'express';\n\nconst sudaWebUserHeaderKey = 'x-larkgw-suda-webuser';\n\ninterface SudaWebUser {\n  user_id: string;\n  tenant_id: number;\n  app_id: string;\n}\n\nexport function getWebUserFromHeader(req: Request): SudaWebUser | null {\n  const sudaWebUserContent = req.headers[sudaWebUserHeaderKey] as\n    | string\n    | undefined;\n  if (!sudaWebUserContent) {\n    return null;\n  }\n  try {\n    const sudaWebUserJsonStr = decodeURIComponent(sudaWebUserContent);\n    const sudaWebUserJson = JSON.parse(sudaWebUserJsonStr) as SudaWebUser;\n    return sudaWebUserJson;\n  } catch (err) {\n    console.error('parse suda webuser from header failed, err=%o', err);\n    return null;\n  }\n  return null;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;ACEA,qBAA+C;AAC/C,IAAAA,kBAA0B;AAC1B,IAAAC,oBAAwB;;;ACJxB,uBAAwB;AACxB,qBAAyC;AASlC,SAASC,kBAAkBC,aAAmB;AACnD,QAAMC,qBAAqBD,YAAYE,WAAW,GAAA,IAC9CF,cACA,IAAIA,WAAAA;AACR,SAAOC,mBAAmBE,SAAS,GAAA,IAC/BF,mBAAmBG,MAAM,GAAG,EAAC,IAC7BH;AACN;AAPgBF;AAeT,SAASM,4BACdC,SAAwB;AAExB,QAAMC,WAAWR,kBAAkBO,QAAQC,YAAY,GAAA;AACvD,QAAMC,WAAWT,kBAAkBO,QAAQE,YAAY,UAAU;AACjE,SAAO;IACL,GAAGF;IACHG,iBAAiBH,QAAQG,mBAAmB;IAC5CF;IACAC,UAAU,GAAGD,QAAAA,GAAWC,QAAAA;IACxBE,YAAYJ,QAAQI,cAAc;IAClCC,cAAcL,QAAQK,gBAAgB;IACtCC,uBAAuBN,QAAQM,yBAAyB;IACxDC,gBAAgB;MACdC,OAAOR,QAAQO,gBAAgBC,SAAS;MACxCC,SAAST,QAAQO,gBAAgBE,WAAW;MAC5CC,iBACEV,QAAQO,gBAAgBG,mBAAmB;MAC7CC,WACEX,QAAQO,gBAAgBI,aACxB;IACJ;EACF;AACF;AAvBgBZ;AAyBT,SAASa,kBAAkBC,UAAkBC,SAAe;AAEjE,QAAMC,UAAMC,0BAAQH,QAAAA;AAGpBI,gCAAUF,KAAK;IAAEG,WAAW;EAAK,CAAA;AAGjCC,oCAAcN,UAAUC,OAAAA;AAC1B;AATgBF;;;ADzCT,IAAMQ,iBAAN,MAAMA;EAPb,OAOaA;;;EACX,aAAaC,MAAMC,KAAuBC,OAAwB,CAAC,GAAG;AACpE,UAAMC,UAAUC,4BAA4BF,IAAAA;AAC5C,UAAMG,cAAcC,QAAQC,IAAG;AAG/B,UAAMC,UAAU,IAAIC,+BAAAA,EACjBC,SAASP,QAAQQ,eAAeC,KAAK,EACrCC,WAAWV,QAAQQ,eAAeG,OAAO;AAC5C,UAAMC,WAAWC,6BAAcC,eAAehB,KAAKO,QAAQU,MAAK,GAAI;MAClEC,oBAAoB,wBAACC,IAAIC,MAAMA,GAAX;IACtB,CAAA;AAEA,QAAGlB,QAAQmB,iBAAgB;AACzBN,mCAAcO,MAAMpB,QAAQqB,UAAUvB,KAAKc,UAAU;QACnDU,iBAAiBtB,QAAQQ,eAAec;QACxCC,WAAWvB,QAAQQ,eAAee;QAClCf,gBAAgB;UAAEgB,sBAAsB;QAAK;MAC/C,CAAA;AACAC,cAAQC,IAAI,iDAA6B1B,QAAQqB,QAAQ,EAAE;IAC7D;AAGA,UAAMM,kBAAcC,2BAAQ1B,aAAaF,QAAQ6B,UAAU;AAC3DC,sBAAkBH,aAAaI,KAAKC,UAAUpB,UAAU,MAAM,CAAA,CAAA;AAG9D,QAAIZ,QAAQiC,uBAAuB;AACjC,YAAMC,uBAAmBN,2BAAQ1B,aAAaF,QAAQmC,YAAY;AAClEC,qCAAUF,kBAAkB;QAAEG,WAAW;MAAK,CAAA;AAC9C,YAAM,EAAEC,SAAQ,IAAK,MAAM,OAAO,4BAAA;AAClC,YAAMA,SAAS;QACbC,OAAOZ;QACPa,QAAQN;QACRO,YAAY;QACZC,YAAY;QACZC,gBAAgB;MAClB,CAAA;AACAlB,cAAQC,IAAI,yEAAA;IACd;EACF;AACF;;;AElDA,oBAA2C;;;ACA3C,oBAAmB;AAGZ,SAASkB,wBACdC,SAAyB;AAEzB,SAAO;IACL,GAAGA;IACHC,WAAWD,QAAQC,aAAa;IAChCC,cAAcF,QAAQE,gBAAgB,MAAM,KAAK,KAAK,KAAK;IAC3DC,YAAYH,QAAQG,cAAc;EACpC;AACF;AATgBJ;AAYT,SAASK,WAAAA;AAEd,QAAMC,KAAKC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,GAAA;AAGnC,QAAMC,YAAYC,OAChB,OAAOC,cAAAA,QAAOC,YAAY,CAAA,EAAGC,SAAS,KAAA,CAAA,EACtCA,SAAQ;AAGV,QAAMC,IAAI,GAAGL,SAAAA,IAAaL,EAAAA;AAG1B,QAAMW,OAAOJ,cAAAA,QAAOK,WAAW,MAAA;AAC/BD,OAAKE,OAAOH,CAAAA;AAGZ,SAAO,GAAGC,KAAKG,OAAO,KAAA,CAAA,IAAUd,EAAAA;AAClC;AAlBgBD;;;;;;;;;;ADRT,IAAMgB,sBAAN,MAAMA,qBAAAA;SAAAA;;;EACX,OAAeC,UAAoCC,wBAAwB,CAAC,CAAA;EAE5E,OAAcC,UAAUC,MAAwB;AAC9C,SAAKH,UAAUC,wBAAwBE,IAAAA;EACzC;EAEOC,IAAIC,KAAcC,KAAeC,MAAoB;AAC1D,UAAM,EAAEC,WAAWC,cAAcC,WAAU,IAAKX,qBAAoBC;AACpE,UAAMW,cAAcN,IAAIO,QAAQJ,UAAUK,YAAW,CAAA;AAErD,QAAIF,aAAa;AACfN,UAAIS,YAAYH;AAChBJ,WAAAA;IACF,OAAO;AAEL,YAAMQ,QAAQC,SAAAA;AACdX,UAAIS,YAAYC;AAChBT,UAAIW,OAAOT,WAAWO,OAAO;QAC3BG,QAAQT;QACRU,MAAMT;QACNU,UAAU;QACVC,QAAQ;QACRC,UAAU;QACVC,aAAa;MACf,CAAA;AACAhB,WAAAA;IACF;EACF;AACF;;;;;;AEpCA,IAAAiB,iBAA2C;;;ACIpC,SAASC,mBAAmBC,SAAoB;AACrD,SAAO;IACL,GAAGA;IACHC,WAAWD,QAAQC,aAAa;IAChCC,WAAWF,QAAQE,aAAa;EAClC;AACF;AANgBH;AAQT,SAASI,cAAcC,KAAeC,SAAe;AAC1DD,MAAIE,OAAO,GAAA,EAAKC,KAAK,kBAAaF,OAAAA,EAAS;AAC7C;AAFgBF;;;;;;;;;;ADLT,IAAMK,iBAAN,MAAMA,gBAAAA;SAAAA;;;EACX,OAAeC,UAA+BC,mBAAmB,CAAC,CAAA;EAElE,OAAcC,UAAUC,MAAmB;AACzC,SAAKH,UAAUC,mBAAmBE,IAAAA;EACpC;EAEOC,IAAIC,KAAcC,KAAeC,MAAoB;AAC1D,UAAM,EAAEC,WAAWC,UAAS,IAAKV,gBAAeC;AAChD,UAAMU,kBAAkBL,IAAIM,QAAQF,UAAUG,YAAW,CAAA;AACzD,QAAI,CAACF,iBAAiB;AACpBG,oBAAcP,KAAK,iCAAA;AACnB;IACF;AACA,UAAMQ,kBAAkBT,IAAIU,QAAQP,UAAUI,YAAW,CAAA;AACzD,QAAI,CAACE,iBAAiB;AACpBD,oBAAcP,KAAK,iCAAA;AACnB;IACF;AACA,QAAII,oBAAoBI,iBAAiB;AACvCD,oBAAcP,KAAK,uBAAA;AACnB;IACF;AACAC,SAAAA;EACF;AACF;;;;;;AEhCA,IAAAS,iBAA2C;;;ACE3C,IAAMC,uBAAuB;AAQtB,SAASC,qBAAqBC,KAAY;AAC/C,QAAMC,qBAAqBD,IAAIE,QAAQJ,oBAAAA;AAGvC,MAAI,CAACG,oBAAoB;AACvB,WAAO;EACT;AACA,MAAI;AACF,UAAME,qBAAqBC,mBAAmBH,kBAAAA;AAC9C,UAAMI,kBAAkBC,KAAKC,MAAMJ,kBAAAA;AACnC,WAAOE;EACT,SAASG,KAAK;AACZC,YAAQC,MAAM,iDAAiDF,GAAAA;AAC/D,WAAO;EACT;AACA,SAAO;AACT;AAhBgBT;;;;;;;;;;ADLT,IAAMY,wBAAN,MAAMA;SAAAA;;;EAEJC,IAAIC,KAAcC,MAAgBC,MAAoB;AAC3D,UAAMC,UAAUC,qBAAqBJ,GAAAA;AACrCA,QAAIK,cAAc;MAChBC,QAAQH,SAASI;MACjBC,UAAUL,SAASM;MACnBC,OAAOP,SAASQ,UAAU;IAC5B;AACAT,SAAAA;EACF;AACF;;;;","names":["import_node_fs","import_node_path","normalizeBasePath","rawBasePath","normalizedBasePath","startsWith","endsWith","slice","resolveOptsWithDefaultValue","options","basePath","docsPath","needSetupServer","openapiOut","clientSdkOut","needGenerateClientSdk","swaggerOptions","title","version","customSiteTitle","customCss","ensureDirAndWrite","filePath","content","dir","dirname","mkdirSync","recursive","writeFileSync","DevToolsModule","mount","app","opts","options","resolveOptsWithDefaultValue","baseDirname","process","cwd","builder","DocumentBuilder","setTitle","swaggerOptions","title","setVersion","version","document","SwaggerModule","createDocument","build","operationIdFactory","_c","m","needSetupServer","setup","docsPath","customSiteTitle","customCss","persistAuthorization","console","log","openapiPath","resolve","openapiOut","ensureDirAndWrite","JSON","stringify","needGenerateClientSdk","clientSdkOutPath","clientSdkOut","mkdirSync","recursive","generate","input","output","httpClient","useOptions","exportServices","resolveCsrfTokenOptions","options","cookieKey","cookieMaxAge","cookiePath","genToken","ts","Math","floor","Date","now","randInt64","BigInt","crypto","randomBytes","toString","s","sha1","createHash","update","digest","CsrfTokenMiddleware","options","resolveCsrfTokenOptions","configure","opts","use","req","res","next","cookieKey","cookieMaxAge","cookiePath","originToken","cookies","toLowerCase","csrfToken","token","genToken","cookie","maxAge","path","httpOnly","secure","sameSite","partitioned","import_common","resolveCsrfOptions","options","headerKey","cookieKey","sendForbidden","res","message","status","send","CsrfMiddleware","options","resolveCsrfOptions","configure","opts","use","req","res","next","headerKey","cookieKey","cookieCsrfToken","cookies","toLowerCase","sendForbidden","headerCsrfToken","headers","import_common","sudaWebUserHeaderKey","getWebUserFromHeader","req","sudaWebUserContent","headers","sudaWebUserJsonStr","decodeURIComponent","sudaWebUserJson","JSON","parse","err","console","error","UserContextMiddleware","use","req","_res","next","webUser","getWebUserFromHeader","userContext","userId","user_id","tenantId","tenant_id","appId","app_id"]}

package/dist/index.d.cts

@@ -46,7 +46,7 @@ declare class CsrfTokenMiddleware implements NestMiddleware {
 }
 
 interface CsrfOptions {
-    headerKey: string;
+    headerKey?: string;
     cookieKey?: string;
 }
 

package/dist/index.d.ts

@@ -46,7 +46,7 @@ declare class CsrfTokenMiddleware implements NestMiddleware {
 }
 
 interface CsrfOptions {
-    headerKey: string;
+    headerKey?: string;
     cookieKey?: string;
 }
 

package/dist/index.js

@@ -1,50 +1,5 @@
-var __create = Object.create;
 var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
-var __typeError = (msg) => {
-  throw TypeError(msg);
-};
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
-var __decoratorStart = (base) => [, , , __create(base?.[__knownSymbol("metadata")] ?? null)];
-var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
-var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
-var __decoratorContext = (kind, name, done, metadata, fns) => ({ kind: __decoratorStrings[kind], name, metadata, addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null)) });
-var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
-var __runInitializers = (array, flags, self, value) => {
-  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) flags & 1 ? fns[i].call(self) : value = fns[i].call(self, value);
-  return value;
-};
-var __decorateElement = (array, flags, name, decorators, target, extra) => {
-  var fn, it, done, ctx, access, k = flags & 7, s = !!(flags & 8), p = !!(flags & 16);
-  var j = k > 3 ? array.length + 1 : k ? s ? 1 : 2 : 0, key = __decoratorStrings[k + 5];
-  var initializers = k > 3 && (array[j - 1] = []), extraInitializers = array[j] || (array[j] = []);
-  var desc = k && (!p && !s && (target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(k < 4 ? target : { get [name]() {
-    return __privateGet(this, extra);
-  }, set [name](x) {
-    return __privateSet(this, extra, x);
-  } }, name));
-  k ? p && k < 4 && __name(extra, (k > 2 ? "set " : k > 1 ? "get " : "") + name) : __name(target, name);
-  for (var i = decorators.length - 1; i >= 0; i--) {
-    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
-    if (k) {
-      ctx.static = s, ctx.private = p, access = ctx.access = { has: p ? (x) => __privateIn(target, x) : (x) => name in x };
-      if (k ^ 3) access.get = p ? (x) => (k ^ 1 ? __privateGet : __privateMethod)(x, target, k ^ 4 ? extra : desc.get) : (x) => x[name];
-      if (k > 2) access.set = p ? (x, y) => __privateSet(x, target, y, k ^ 4 ? extra : desc.set) : (x, y) => x[name] = y;
-    }
-    it = (0, decorators[i])(k ? k < 4 ? p ? extra : desc[key] : k > 4 ? void 0 : { get: desc.get, set: desc.set } : target, ctx), done._ = 1;
-    if (k ^ 4 || it === void 0) __expectFn(it) && (k > 4 ? initializers.unshift(it) : k ? p ? extra = it : desc[key] = it : target = it);
-    else if (typeof it !== "object" || it === null) __typeError("Object expected");
-    else __expectFn(fn = it.get) && (desc.get = fn), __expectFn(fn = it.set) && (desc.set = fn), __expectFn(fn = it.init) && initializers.unshift(fn);
-  }
-  return k || __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
-};
-var __accessCheck = (obj, member, msg) => member.has(obj) || __typeError("Cannot " + msg);
-var __privateIn = (member, obj) => Object(obj) !== obj ? __typeError('Cannot use the "in" operator on this value') : member.has(obj);
-var __privateGet = (obj, member, getter) => (__accessCheck(obj, member, "read from private field"), getter ? getter.call(obj) : member.get(obj));
-var __privateSet = (obj, member, value, setter) => (__accessCheck(obj, member, "write to private field"), setter ? setter.call(obj, value) : member.set(obj, value), value);
-var __privateMethod = (obj, member, method) => (__accessCheck(obj, member, "access private method"), method);
 
 // src/modules/devtool/index.ts
 import { SwaggerModule, DocumentBuilder } from "@nestjs/swagger";
@@ -58,6 +13,7 @@ function normalizeBasePath(rawBasePath) {
   const normalizedBasePath = rawBasePath.startsWith("/") ? rawBasePath : `/${rawBasePath}`;
   return normalizedBasePath.endsWith("/") ? normalizedBasePath.slice(0, -1) : normalizedBasePath;
 }
+__name(normalizeBasePath, "normalizeBasePath");
 function resolveOptsWithDefaultValue(options) {
   const basePath = normalizeBasePath(options.basePath || "/");
   const docsPath = normalizeBasePath(options.docsPath || `api/docs`);
@@ -77,26 +33,35 @@ function resolveOptsWithDefaultValue(options) {
     }
   };
 }
+__name(resolveOptsWithDefaultValue, "resolveOptsWithDefaultValue");
 function ensureDirAndWrite(filePath, content) {
   const dir = dirname(filePath);
-  mkdirSync(dir, { recursive: true });
+  mkdirSync(dir, {
+    recursive: true
+  });
   writeFileSync(filePath, content);
 }
+__name(ensureDirAndWrite, "ensureDirAndWrite");
 
 // src/modules/devtool/index.ts
 var DevToolsModule = class {
+  static {
+    __name(this, "DevToolsModule");
+  }
   static async mount(app, opts = {}) {
     const options = resolveOptsWithDefaultValue(opts);
     const baseDirname = process.cwd();
     const builder = new DocumentBuilder().setTitle(options.swaggerOptions.title).setVersion(options.swaggerOptions.version);
     const document = SwaggerModule.createDocument(app, builder.build(), {
-      operationIdFactory: (_c, m) => m
+      operationIdFactory: /* @__PURE__ */ __name((_c, m) => m, "operationIdFactory")
     });
     if (options.needSetupServer) {
       SwaggerModule.setup(options.docsPath, app, document, {
         customSiteTitle: options.swaggerOptions.customSiteTitle,
         customCss: options.swaggerOptions.customCss,
-        swaggerOptions: { persistAuthorization: true }
+        swaggerOptions: {
+          persistAuthorization: true
+        }
       });
       console.log(`[OpenAPI] Swagger UI \u5DF2\u6302\u8F7D\u81F3 ${options.docsPath}`);
     }
@@ -104,7 +69,9 @@ var DevToolsModule = class {
     ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));
     if (options.needGenerateClientSdk) {
       const clientSdkOutPath = resolve(baseDirname, options.clientSdkOut);
-      mkdirSync2(clientSdkOutPath, { recursive: true });
+      mkdirSync2(clientSdkOutPath, {
+        recursive: true
+      });
       const { generate } = await import("openapi-typescript-codegen");
       await generate({
         input: openapiPath,
@@ -131,22 +98,30 @@ function resolveCsrfTokenOptions(options) {
     cookiePath: options.cookiePath ?? "/"
   };
 }
+__name(resolveCsrfTokenOptions, "resolveCsrfTokenOptions");
 function genToken() {
   const ts = Math.floor(Date.now() / 1e3);
-  const randInt64 = BigInt(
-    "0x" + crypto.randomBytes(8).toString("hex")
-  ).toString();
+  const randInt64 = BigInt("0x" + crypto.randomBytes(8).toString("hex")).toString();
   const s = `${randInt64}.${ts}`;
   const sha1 = crypto.createHash("sha1");
   sha1.update(s);
   return `${sha1.digest("hex")}-${ts}`;
 }
+__name(genToken, "genToken");
 
 // src/middlewares/csrf_token/index.ts
-var _CsrfTokenMiddleware_decorators, _init;
-_CsrfTokenMiddleware_decorators = [Injectable()];
-var _CsrfTokenMiddleware = class _CsrfTokenMiddleware {
-  static options;
+function _ts_decorate(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate, "_ts_decorate");
+var CsrfTokenMiddleware = class _CsrfTokenMiddleware {
+  static {
+    __name(this, "CsrfTokenMiddleware");
+  }
+  static options = resolveCsrfTokenOptions({});
   static configure(opts) {
     this.options = resolveCsrfTokenOptions(opts);
   }
@@ -166,16 +141,14 @@ var _CsrfTokenMiddleware = class _CsrfTokenMiddleware {
         secure: true,
         sameSite: "none",
         partitioned: true
-        // 默认开启 Partitioned Cookie
       });
       next();
     }
   }
 };
-_init = __decoratorStart(null);
-_CsrfTokenMiddleware = __decorateElement(_init, 0, "CsrfTokenMiddleware", _CsrfTokenMiddleware_decorators, _CsrfTokenMiddleware);
-__runInitializers(_init, 1, _CsrfTokenMiddleware);
-var CsrfTokenMiddleware = _CsrfTokenMiddleware;
+CsrfTokenMiddleware = _ts_decorate([
+  Injectable()
+], CsrfTokenMiddleware);
 
 // src/middlewares/csrf/index.ts
 import { Injectable as Injectable2 } from "@nestjs/common";
@@ -188,15 +161,25 @@ function resolveCsrfOptions(options) {
     cookieKey: options.cookieKey ?? "suda-csrf-token"
   };
 }
+__name(resolveCsrfOptions, "resolveCsrfOptions");
 function sendForbidden(res, message) {
   res.status(403).send(`Forbidden\uFF0C${message}`);
 }
+__name(sendForbidden, "sendForbidden");
 
 // src/middlewares/csrf/index.ts
-var _CsrfMiddleware_decorators, _init2;
-_CsrfMiddleware_decorators = [Injectable2()];
-var _CsrfMiddleware = class _CsrfMiddleware {
-  static options;
+function _ts_decorate2(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate2, "_ts_decorate");
+var CsrfMiddleware = class _CsrfMiddleware {
+  static {
+    __name(this, "CsrfMiddleware");
+  }
+  static options = resolveCsrfOptions({});
   static configure(opts) {
     this.options = resolveCsrfOptions(opts);
   }
@@ -219,10 +202,9 @@ var _CsrfMiddleware = class _CsrfMiddleware {
     next();
   }
 };
-_init2 = __decoratorStart(null);
-_CsrfMiddleware = __decorateElement(_init2, 0, "CsrfMiddleware", _CsrfMiddleware_decorators, _CsrfMiddleware);
-__runInitializers(_init2, 1, _CsrfMiddleware);
-var CsrfMiddleware = _CsrfMiddleware;
+CsrfMiddleware = _ts_decorate2([
+  Injectable2()
+], CsrfMiddleware);
 
 // src/middlewares/user-context/index.ts
 import { Injectable as Injectable3 } from "@nestjs/common";
@@ -244,11 +226,20 @@ function getWebUserFromHeader(req) {
   }
   return null;
 }
+__name(getWebUserFromHeader, "getWebUserFromHeader");
 
 // src/middlewares/user-context/index.ts
-var _UserContextMiddleware_decorators, _init3;
-_UserContextMiddleware_decorators = [Injectable3()];
+function _ts_decorate3(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate3, "_ts_decorate");
 var UserContextMiddleware = class {
+  static {
+    __name(this, "UserContextMiddleware");
+  }
   use(req, _res, next) {
     const webUser = getWebUserFromHeader(req);
     req.userContext = {
@@ -259,9 +250,9 @@ var UserContextMiddleware = class {
     next();
   }
 };
-_init3 = __decoratorStart(null);
-UserContextMiddleware = __decorateElement(_init3, 0, "UserContextMiddleware", _UserContextMiddleware_decorators, UserContextMiddleware);
-__runInitializers(_init3, 1, UserContextMiddleware);
+UserContextMiddleware = _ts_decorate3([
+  Injectable3()
+], UserContextMiddleware);
 export {
   CsrfMiddleware,
   CsrfTokenMiddleware,

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/modules/devtool/index.ts","../src/modules/devtool/helper.ts","../src/middlewares/csrf_token/index.ts","../src/middlewares/csrf_token/helper.ts","../src/middlewares/csrf/index.ts","../src/middlewares/csrf/helper.ts","../src/middlewares/user-context/index.ts","../src/middlewares/user-context/helper.ts"],"sourcesContent":["import type { INestApplication } from '@nestjs/common';\n\nimport { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';\nimport { mkdirSync } from 'node:fs';\nimport { resolve } from 'node:path';\n\nimport { resolveOptsWithDefaultValue, ensureDirAndWrite } from './helper';\nimport { DevToolsOptions } from './type';\n\nexport class DevToolsModule {\n  static async mount(app: INestApplication, opts: DevToolsOptions = {}) {\n    const options = resolveOptsWithDefaultValue(opts);\n    const baseDirname = process.cwd(); // 跟随命令的根目录\n\n    // 1) 生成 Swagger 文档\n    const builder = new DocumentBuilder()\n      .setTitle(options.swaggerOptions.title)\n      .setVersion(options.swaggerOptions.version);\n    const document = SwaggerModule.createDocument(app, builder.build(), {\n      operationIdFactory: (_c, m) => m,\n    });\n    // 1.1) 挂载 Swagger UI（可关）\n    if(options.needSetupServer){\n      SwaggerModule.setup(options.docsPath, app, document, {\n        customSiteTitle: options.swaggerOptions.customSiteTitle,\n        customCss: options.swaggerOptions.customCss,\n        swaggerOptions: { persistAuthorization: true },\n      });\n      console.log(`[OpenAPI] Swagger UI 已挂载至 ${options.docsPath}`);\n    }\n\n    // 2) 导出 openapi.json\n    const openapiPath = resolve(baseDirname, options.openapiOut);\n    ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));\n\n    // 3) 生成 axios SDK（可关）\n    if (options.needGenerateClientSdk) {\n      const clientSdkOutPath = resolve(baseDirname, options.clientSdkOut);\n      mkdirSync(clientSdkOutPath, { recursive: true });\n      const { generate } = await import('openapi-typescript-codegen');\n      await generate({\n        input: openapiPath,\n        output: clientSdkOutPath,\n        httpClient: 'axios',\n        useOptions: false,\n        exportServices: true,\n      });\n      console.log('[OpenAPI] 导出 openapi.json 并生成 axios SDK ✅');\n    }\n  }\n}\n","import { dirname } from 'node:path';\nimport { writeFileSync, mkdirSync } from 'node:fs';\n\nimport { DevToolsOptions } from './type';\n/**\n * 标准化基础路径，确保以 '/' 开头且以 '/' 结尾\n *\n * @param rawBasePath 原始的基础路径，可能以 '/' 开头或结尾\n * @returns 标准化后的基础路径，确保以 '/' 开头且不以 '/' 结尾\n */\nexport function normalizeBasePath(rawBasePath: string): string {\n  const normalizedBasePath = rawBasePath.startsWith('/')\n    ? rawBasePath\n    : `/${rawBasePath}`;\n  return normalizedBasePath.endsWith('/')\n    ? normalizedBasePath.slice(0, -1)\n    : normalizedBasePath;\n}\n\ntype ResolvedDevToolsOptions = Required<\n  Omit<DevToolsOptions, 'swaggerOptions'>\n> & {\n  swaggerOptions: Required<NonNullable<DevToolsOptions['swaggerOptions']>>;\n};\n\nexport function resolveOptsWithDefaultValue(\n  options: DevToolsOptions,\n): ResolvedDevToolsOptions {\n  const basePath = normalizeBasePath(options.basePath || '/');\n  const docsPath = normalizeBasePath(options.docsPath || `api/docs`);\n  return {\n    ...options,\n    needSetupServer: options.needSetupServer ?? false,\n    basePath,\n    docsPath: `${basePath}${docsPath}`,\n    openapiOut: options.openapiOut || './client/src/api/gen/openapi.json',\n    clientSdkOut: options.clientSdkOut || './client/src/api/gen',\n    needGenerateClientSdk: options.needGenerateClientSdk ?? true,\n    swaggerOptions: {\n      title: options.swaggerOptions?.title ?? 'NestJS Fullstack API',\n      version: options.swaggerOptions?.version ?? '1.0.0',\n      customSiteTitle:\n        options.swaggerOptions?.customSiteTitle ?? 'API Documentation',\n      customCss:\n        options.swaggerOptions?.customCss ??\n        '.swagger-ui .topbar { display: none }',\n    },\n  };\n}\n\nexport function ensureDirAndWrite(filePath: string, content: string) {\n  // 1. 拿到文件的上级目录\n  const dir = dirname(filePath);\n\n  // 2. 确保目录存在，不存在就递归创建\n  mkdirSync(dir, { recursive: true });\n\n  // 3. 写文件\n  writeFileSync(filePath, content);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\nimport { resolveCsrfTokenOptions, genToken } from './helper';\n\n@Injectable()\nexport class CsrfTokenMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfTokenOptions;\n\n  public static configure(opts: CsrfTokenOptions) {\n    this.options = resolveCsrfTokenOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { cookieKey, cookieMaxAge, cookiePath } = CsrfTokenMiddleware.options;\n    const originToken = req.cookies[cookieKey.toLowerCase()];\n    // 如果存在 Cookie，则直接消费，无需生成\n    if (originToken) {\n      req.csrfToken = originToken;\n      next();\n    } else {\n      // 如果不存在 token，则生成新的 csrfToken，并 setCookie\n      const token = genToken();\n      req.csrfToken = token;\n      res.cookie(cookieKey, token, {\n        maxAge: cookieMaxAge,\n        path: cookiePath,\n        httpOnly: true,\n        secure: true,\n        sameSite: 'none',\n        partitioned: true, // 默认开启 Partitioned Cookie\n      });\n      next();\n    }\n  }\n}\n","import crypto from 'crypto';\nimport { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\n\nexport function resolveCsrfTokenOptions(\n  options: CsrfTokenOptions,\n): ResolvedCsrfTokenOptions {\n  return {\n    ...options,\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n    cookieMaxAge: options.cookieMaxAge ?? 1000 *60 * 60 * 24 * 30,\n    cookiePath: options.cookiePath ?? '/',\n  };\n}\n\n// 生成 CsrfToken\nexport function genToken() {\n  // 时间戳（秒级，和 Go 一致）\n  const ts = Math.floor(Date.now() / 1000);\n\n  // 随机 int64 模拟：生成 8 字节随机数并转成十进制字符串\n  const randInt64 = BigInt(\n    '0x' + crypto.randomBytes(8).toString('hex'),\n  ).toString();\n\n  // 拼接 \"<rand>.<timestamp>\"\n  const s = `${randInt64}.${ts}`;\n\n  // 计算 sha1\n  const sha1 = crypto.createHash('sha1');\n  sha1.update(s);\n\n  // 返回 \"<sha1Hex>-<timestamp>\"\n  return `${sha1.digest('hex')}-${ts}`;\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfOptions, ResolvedCsrfOptions } from './type';\nimport { resolveCsrfOptions, sendForbidden } from './helper';\n\n@Injectable()\nexport class CsrfMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfOptions;\n\n  public static configure(opts: CsrfOptions) {\n    this.options = resolveCsrfOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { headerKey, cookieKey } = CsrfMiddleware.options;\n    const cookieCsrfToken = req.cookies[cookieKey.toLowerCase()];\n    if (!cookieCsrfToken) {\n      sendForbidden(res, 'csrf token not found in cookie.');\n      return;\n    }\n    const headerCsrfToken = req.headers[headerKey.toLowerCase()];\n    if (!headerCsrfToken) {\n      sendForbidden(res, 'csrf token not found in header.');\n      return;\n    }\n    if (cookieCsrfToken !== headerCsrfToken) {\n      sendForbidden(res, 'csrf token not match.');\n      return;\n    }\n    next();\n  }\n}\n","import type { Response } from 'express';\n\nimport { CsrfOptions, ResolvedCsrfOptions } from './type';\n\nexport function resolveCsrfOptions(options: CsrfOptions): ResolvedCsrfOptions {\n  return {\n    ...options,\n    headerKey: options.headerKey ?? 'x-suda-csrf-token',\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n  };\n}\n\nexport function sendForbidden(res: Response, message: string) {\n  res.status(403).send(`Forbidden，${message}`);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\nimport { getWebUserFromHeader } from './helper';\n\n@Injectable()\nexport class UserContextMiddleware implements NestMiddleware {\n\n  public use(req: Request, _res: Response, next: NextFunction) {\n    const webUser = getWebUserFromHeader(req);\n    req.userContext = {\n      userId: webUser?.user_id,\n      tenantId: webUser?.tenant_id,\n      appId: webUser?.app_id ?? '',\n    }\n    next();\n  }\n}\n","import type { Request } from 'express';\n\nconst sudaWebUserHeaderKey = 'x-larkgw-suda-webuser';\n\ninterface SudaWebUser {\n  user_id: string;\n  tenant_id: number;\n  app_id: string;\n}\n\nexport function getWebUserFromHeader(req: Request): SudaWebUser | null {\n  const sudaWebUserContent = req.headers[sudaWebUserHeaderKey] as\n    | string\n    | undefined;\n  if (!sudaWebUserContent) {\n    return null;\n  }\n  try {\n    const sudaWebUserJsonStr = decodeURIComponent(sudaWebUserContent);\n    const sudaWebUserJson = JSON.parse(sudaWebUserJsonStr) as SudaWebUser;\n    return sudaWebUserJson;\n  } catch (err) {\n    console.error('parse suda webuser from header failed, err=%o', err);\n    return null;\n  }\n  return null;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,SAAS,eAAe,uBAAuB;AAC/C,SAAS,aAAAA,kBAAiB;AAC1B,SAAS,eAAe;;;ACJxB,SAAS,eAAe;AACxB,SAAS,eAAe,iBAAiB;AASlC,SAAS,kBAAkB,aAA6B;AAC7D,QAAM,qBAAqB,YAAY,WAAW,GAAG,IACjD,cACA,IAAI,WAAW;AACnB,SAAO,mBAAmB,SAAS,GAAG,IAClC,mBAAmB,MAAM,GAAG,EAAE,IAC9B;AACN;AAQO,SAAS,4BACd,SACyB;AACzB,QAAM,WAAW,kBAAkB,QAAQ,YAAY,GAAG;AAC1D,QAAM,WAAW,kBAAkB,QAAQ,YAAY,UAAU;AACjE,SAAO;AAAA,IACL,GAAG;AAAA,IACH,iBAAiB,QAAQ,mBAAmB;AAAA,IAC5C;AAAA,IACA,UAAU,GAAG,QAAQ,GAAG,QAAQ;AAAA,IAChC,YAAY,QAAQ,cAAc;AAAA,IAClC,cAAc,QAAQ,gBAAgB;AAAA,IACtC,uBAAuB,QAAQ,yBAAyB;AAAA,IACxD,gBAAgB;AAAA,MACd,OAAO,QAAQ,gBAAgB,SAAS;AAAA,MACxC,SAAS,QAAQ,gBAAgB,WAAW;AAAA,MAC5C,iBACE,QAAQ,gBAAgB,mBAAmB;AAAA,MAC7C,WACE,QAAQ,gBAAgB,aACxB;AAAA,IACJ;AAAA,EACF;AACF;AAEO,SAAS,kBAAkB,UAAkB,SAAiB;AAEnE,QAAM,MAAM,QAAQ,QAAQ;AAG5B,YAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AAGlC,gBAAc,UAAU,OAAO;AACjC;;;ADlDO,IAAM,iBAAN,MAAqB;AAAA,EAC1B,aAAa,MAAM,KAAuB,OAAwB,CAAC,GAAG;AACpE,UAAM,UAAU,4BAA4B,IAAI;AAChD,UAAM,cAAc,QAAQ,IAAI;AAGhC,UAAM,UAAU,IAAI,gBAAgB,EACjC,SAAS,QAAQ,eAAe,KAAK,EACrC,WAAW,QAAQ,eAAe,OAAO;AAC5C,UAAM,WAAW,cAAc,eAAe,KAAK,QAAQ,MAAM,GAAG;AAAA,MAClE,oBAAoB,CAAC,IAAI,MAAM;AAAA,IACjC,CAAC;AAED,QAAG,QAAQ,iBAAgB;AACzB,oBAAc,MAAM,QAAQ,UAAU,KAAK,UAAU;AAAA,QACnD,iBAAiB,QAAQ,eAAe;AAAA,QACxC,WAAW,QAAQ,eAAe;AAAA,QAClC,gBAAgB,EAAE,sBAAsB,KAAK;AAAA,MAC/C,CAAC;AACD,cAAQ,IAAI,iDAA6B,QAAQ,QAAQ,EAAE;AAAA,IAC7D;AAGA,UAAM,cAAc,QAAQ,aAAa,QAAQ,UAAU;AAC3D,sBAAkB,aAAa,KAAK,UAAU,UAAU,MAAM,CAAC,CAAC;AAGhE,QAAI,QAAQ,uBAAuB;AACjC,YAAM,mBAAmB,QAAQ,aAAa,QAAQ,YAAY;AAClE,MAAAC,WAAU,kBAAkB,EAAE,WAAW,KAAK,CAAC;AAC/C,YAAM,EAAE,SAAS,IAAI,MAAM,OAAO,4BAA4B;AAC9D,YAAM,SAAS;AAAA,QACb,OAAO;AAAA,QACP,QAAQ;AAAA,QACR,YAAY;AAAA,QACZ,YAAY;AAAA,QACZ,gBAAgB;AAAA,MAClB,CAAC;AACD,cAAQ,IAAI,yEAA2C;AAAA,IACzD;AAAA,EACF;AACF;;;AElDA,SAAS,kBAAkC;;;ACA3C,OAAO,YAAY;AAGZ,SAAS,wBACd,SAC0B;AAC1B,SAAO;AAAA,IACL,GAAG;AAAA,IACH,WAAW,QAAQ,aAAa;AAAA,IAChC,cAAc,QAAQ,gBAAgB,MAAM,KAAK,KAAK,KAAK;AAAA,IAC3D,YAAY,QAAQ,cAAc;AAAA,EACpC;AACF;AAGO,SAAS,WAAW;AAEzB,QAAM,KAAK,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAGvC,QAAM,YAAY;AAAA,IAChB,OAAO,OAAO,YAAY,CAAC,EAAE,SAAS,KAAK;AAAA,EAC7C,EAAE,SAAS;AAGX,QAAM,IAAI,GAAG,SAAS,IAAI,EAAE;AAG5B,QAAM,OAAO,OAAO,WAAW,MAAM;AACrC,OAAK,OAAO,CAAC;AAGb,SAAO,GAAG,KAAK,OAAO,KAAK,CAAC,IAAI,EAAE;AACpC;;;ADjCA;AAMA,mCAAC,WAAW;AACL,IAAM,uBAAN,MAAM,qBAA8C;AAAA,EACzD,OAAe;AAAA,EAEf,OAAc,UAAU,MAAwB;AAC9C,SAAK,UAAU,wBAAwB,IAAI;AAAA,EAC7C;AAAA,EAEO,IAAI,KAAc,KAAe,MAAoB;AAC1D,UAAM,EAAE,WAAW,cAAc,WAAW,IAAI,qBAAoB;AACpE,UAAM,cAAc,IAAI,QAAQ,UAAU,YAAY,CAAC;AAEvD,QAAI,aAAa;AACf,UAAI,YAAY;AAChB,WAAK;AAAA,IACP,OAAO;AAEL,YAAM,QAAQ,SAAS;AACvB,UAAI,YAAY;AAChB,UAAI,OAAO,WAAW,OAAO;AAAA,QAC3B,QAAQ;AAAA,QACR,MAAM;AAAA,QACN,UAAU;AAAA,QACV,QAAQ;AAAA,QACR,UAAU;AAAA,QACV,aAAa;AAAA;AAAA,MACf,CAAC;AACD,WAAK;AAAA,IACP;AAAA,EACF;AACF;AA7BO;AAAM,uBAAN,mDADP,iCACa;AAAN,4BAAM;AAAN,IAAM,sBAAN;;;AEPP,SAAS,cAAAC,mBAAkC;;;ACIpC,SAAS,mBAAmB,SAA2C;AAC5E,SAAO;AAAA,IACL,GAAG;AAAA,IACH,WAAW,QAAQ,aAAa;AAAA,IAChC,WAAW,QAAQ,aAAa;AAAA,EAClC;AACF;AAEO,SAAS,cAAc,KAAe,SAAiB;AAC5D,MAAI,OAAO,GAAG,EAAE,KAAK,kBAAa,OAAO,EAAE;AAC7C;;;ADdA,gCAAAC;AAMA,8BAACC,YAAW;AACL,IAAM,kBAAN,MAAM,gBAAyC;AAAA,EACpD,OAAe;AAAA,EAEf,OAAc,UAAU,MAAmB;AACzC,SAAK,UAAU,mBAAmB,IAAI;AAAA,EACxC;AAAA,EAEO,IAAI,KAAc,KAAe,MAAoB;AAC1D,UAAM,EAAE,WAAW,UAAU,IAAI,gBAAe;AAChD,UAAM,kBAAkB,IAAI,QAAQ,UAAU,YAAY,CAAC;AAC3D,QAAI,CAAC,iBAAiB;AACpB,oBAAc,KAAK,iCAAiC;AACpD;AAAA,IACF;AACA,UAAM,kBAAkB,IAAI,QAAQ,UAAU,YAAY,CAAC;AAC3D,QAAI,CAAC,iBAAiB;AACpB,oBAAc,KAAK,iCAAiC;AACpD;AAAA,IACF;AACA,QAAI,oBAAoB,iBAAiB;AACvC,oBAAc,KAAK,uBAAuB;AAC1C;AAAA,IACF;AACA,SAAK;AAAA,EACP;AACF;AAzBOD,SAAA;AAAM,kBAAN,kBAAAA,QAAA,qBADP,4BACa;AAAN,kBAAAA,QAAA,GAAM;AAAN,IAAM,iBAAN;;;AEPP,SAAS,cAAAE,mBAAkC;;;ACE3C,IAAM,uBAAuB;AAQtB,SAAS,qBAAqB,KAAkC;AACrE,QAAM,qBAAqB,IAAI,QAAQ,oBAAoB;AAG3D,MAAI,CAAC,oBAAoB;AACvB,WAAO;AAAA,EACT;AACA,MAAI;AACF,UAAM,qBAAqB,mBAAmB,kBAAkB;AAChE,UAAM,kBAAkB,KAAK,MAAM,kBAAkB;AACrD,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,YAAQ,MAAM,iDAAiD,GAAG;AAClE,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;AD1BA,uCAAAC;AAIA,qCAACC,YAAW;AACL,IAAM,wBAAN,MAAsD;AAAA,EAEpD,IAAI,KAAc,MAAgB,MAAoB;AAC3D,UAAM,UAAU,qBAAqB,GAAG;AACxC,QAAI,cAAc;AAAA,MAChB,QAAQ,SAAS;AAAA,MACjB,UAAU,SAAS;AAAA,MACnB,OAAO,SAAS,UAAU;AAAA,IAC5B;AACA,SAAK;AAAA,EACP;AACF;AAXOD,SAAA;AAAM,wBAAN,kBAAAA,QAAA,4BADP,mCACa;AAAN,kBAAAA,QAAA,GAAM;","names":["mkdirSync","mkdirSync","Injectable","_init","Injectable","Injectable","_init","Injectable"]}
+{"version":3,"sources":["../src/modules/devtool/index.ts","../src/modules/devtool/helper.ts","../src/middlewares/csrf_token/index.ts","../src/middlewares/csrf_token/helper.ts","../src/middlewares/csrf/index.ts","../src/middlewares/csrf/helper.ts","../src/middlewares/user-context/index.ts","../src/middlewares/user-context/helper.ts"],"sourcesContent":["import type { INestApplication } from '@nestjs/common';\n\nimport { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';\nimport { mkdirSync } from 'node:fs';\nimport { resolve } from 'node:path';\n\nimport { resolveOptsWithDefaultValue, ensureDirAndWrite } from './helper';\nimport { DevToolsOptions } from './type';\n\nexport class DevToolsModule {\n  static async mount(app: INestApplication, opts: DevToolsOptions = {}) {\n    const options = resolveOptsWithDefaultValue(opts);\n    const baseDirname = process.cwd(); // 跟随命令的根目录\n\n    // 1) 生成 Swagger 文档\n    const builder = new DocumentBuilder()\n      .setTitle(options.swaggerOptions.title)\n      .setVersion(options.swaggerOptions.version);\n    const document = SwaggerModule.createDocument(app, builder.build(), {\n      operationIdFactory: (_c, m) => m,\n    });\n    // 1.1) 挂载 Swagger UI（可关）\n    if(options.needSetupServer){\n      SwaggerModule.setup(options.docsPath, app, document, {\n        customSiteTitle: options.swaggerOptions.customSiteTitle,\n        customCss: options.swaggerOptions.customCss,\n        swaggerOptions: { persistAuthorization: true },\n      });\n      console.log(`[OpenAPI] Swagger UI 已挂载至 ${options.docsPath}`);\n    }\n\n    // 2) 导出 openapi.json\n    const openapiPath = resolve(baseDirname, options.openapiOut);\n    ensureDirAndWrite(openapiPath, JSON.stringify(document, null, 2));\n\n    // 3) 生成 axios SDK（可关）\n    if (options.needGenerateClientSdk) {\n      const clientSdkOutPath = resolve(baseDirname, options.clientSdkOut);\n      mkdirSync(clientSdkOutPath, { recursive: true });\n      const { generate } = await import('openapi-typescript-codegen');\n      await generate({\n        input: openapiPath,\n        output: clientSdkOutPath,\n        httpClient: 'axios',\n        useOptions: false,\n        exportServices: true,\n      });\n      console.log('[OpenAPI] 导出 openapi.json 并生成 axios SDK ✅');\n    }\n  }\n}\n","import { dirname } from 'node:path';\nimport { writeFileSync, mkdirSync } from 'node:fs';\n\nimport { DevToolsOptions } from './type';\n/**\n * 标准化基础路径，确保以 '/' 开头且以 '/' 结尾\n *\n * @param rawBasePath 原始的基础路径，可能以 '/' 开头或结尾\n * @returns 标准化后的基础路径，确保以 '/' 开头且不以 '/' 结尾\n */\nexport function normalizeBasePath(rawBasePath: string): string {\n  const normalizedBasePath = rawBasePath.startsWith('/')\n    ? rawBasePath\n    : `/${rawBasePath}`;\n  return normalizedBasePath.endsWith('/')\n    ? normalizedBasePath.slice(0, -1)\n    : normalizedBasePath;\n}\n\ntype ResolvedDevToolsOptions = Required<\n  Omit<DevToolsOptions, 'swaggerOptions'>\n> & {\n  swaggerOptions: Required<NonNullable<DevToolsOptions['swaggerOptions']>>;\n};\n\nexport function resolveOptsWithDefaultValue(\n  options: DevToolsOptions,\n): ResolvedDevToolsOptions {\n  const basePath = normalizeBasePath(options.basePath || '/');\n  const docsPath = normalizeBasePath(options.docsPath || `api/docs`);\n  return {\n    ...options,\n    needSetupServer: options.needSetupServer ?? false,\n    basePath,\n    docsPath: `${basePath}${docsPath}`,\n    openapiOut: options.openapiOut || './client/src/api/gen/openapi.json',\n    clientSdkOut: options.clientSdkOut || './client/src/api/gen',\n    needGenerateClientSdk: options.needGenerateClientSdk ?? true,\n    swaggerOptions: {\n      title: options.swaggerOptions?.title ?? 'NestJS Fullstack API',\n      version: options.swaggerOptions?.version ?? '1.0.0',\n      customSiteTitle:\n        options.swaggerOptions?.customSiteTitle ?? 'API Documentation',\n      customCss:\n        options.swaggerOptions?.customCss ??\n        '.swagger-ui .topbar { display: none }',\n    },\n  };\n}\n\nexport function ensureDirAndWrite(filePath: string, content: string) {\n  // 1. 拿到文件的上级目录\n  const dir = dirname(filePath);\n\n  // 2. 确保目录存在，不存在就递归创建\n  mkdirSync(dir, { recursive: true });\n\n  // 3. 写文件\n  writeFileSync(filePath, content);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\nimport { resolveCsrfTokenOptions, genToken } from './helper';\n\n@Injectable()\nexport class CsrfTokenMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfTokenOptions = resolveCsrfTokenOptions({});\n\n  public static configure(opts: CsrfTokenOptions) {\n    this.options = resolveCsrfTokenOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { cookieKey, cookieMaxAge, cookiePath } = CsrfTokenMiddleware.options;\n    const originToken = req.cookies[cookieKey.toLowerCase()];\n    // 如果存在 Cookie，则直接消费，无需生成\n    if (originToken) {\n      req.csrfToken = originToken;\n      next();\n    } else {\n      // 如果不存在 token，则生成新的 csrfToken，并 setCookie\n      const token = genToken();\n      req.csrfToken = token;\n      res.cookie(cookieKey, token, {\n        maxAge: cookieMaxAge,\n        path: cookiePath,\n        httpOnly: true,\n        secure: true,\n        sameSite: 'none',\n        partitioned: true, // 默认开启 Partitioned Cookie\n      });\n      next();\n    }\n  }\n}\n","import crypto from 'crypto';\nimport { CsrfTokenOptions, ResolvedCsrfTokenOptions } from './type';\n\nexport function resolveCsrfTokenOptions(\n  options: CsrfTokenOptions,\n): ResolvedCsrfTokenOptions {\n  return {\n    ...options,\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n    cookieMaxAge: options.cookieMaxAge ?? 1000 *60 * 60 * 24 * 30,\n    cookiePath: options.cookiePath ?? '/',\n  };\n}\n\n// 生成 CsrfToken\nexport function genToken() {\n  // 时间戳（秒级，和 Go 一致）\n  const ts = Math.floor(Date.now() / 1000);\n\n  // 随机 int64 模拟：生成 8 字节随机数并转成十进制字符串\n  const randInt64 = BigInt(\n    '0x' + crypto.randomBytes(8).toString('hex'),\n  ).toString();\n\n  // 拼接 \"<rand>.<timestamp>\"\n  const s = `${randInt64}.${ts}`;\n\n  // 计算 sha1\n  const sha1 = crypto.createHash('sha1');\n  sha1.update(s);\n\n  // 返回 \"<sha1Hex>-<timestamp>\"\n  return `${sha1.digest('hex')}-${ts}`;\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\n\nimport type { CsrfOptions, ResolvedCsrfOptions } from './type';\nimport { resolveCsrfOptions, sendForbidden } from './helper';\n\n@Injectable()\nexport class CsrfMiddleware implements NestMiddleware {\n  private static options: ResolvedCsrfOptions = resolveCsrfOptions({});\n\n  public static configure(opts: CsrfOptions) {\n    this.options = resolveCsrfOptions(opts);\n  }\n\n  public use(req: Request, res: Response, next: NextFunction) {\n    const { headerKey, cookieKey } = CsrfMiddleware.options;\n    const cookieCsrfToken = req.cookies[cookieKey.toLowerCase()];\n    if (!cookieCsrfToken) {\n      sendForbidden(res, 'csrf token not found in cookie.');\n      return;\n    }\n    const headerCsrfToken = req.headers[headerKey.toLowerCase()];\n    if (!headerCsrfToken) {\n      sendForbidden(res, 'csrf token not found in header.');\n      return;\n    }\n    if (cookieCsrfToken !== headerCsrfToken) {\n      sendForbidden(res, 'csrf token not match.');\n      return;\n    }\n    next();\n  }\n}\n","import type { Response } from 'express';\n\nimport { CsrfOptions, ResolvedCsrfOptions } from './type';\n\nexport function resolveCsrfOptions(options: CsrfOptions): ResolvedCsrfOptions {\n  return {\n    ...options,\n    headerKey: options.headerKey ?? 'x-suda-csrf-token',\n    cookieKey: options.cookieKey ?? 'suda-csrf-token',\n  };\n}\n\nexport function sendForbidden(res: Response, message: string) {\n  res.status(403).send(`Forbidden，${message}`);\n}\n","import { Injectable, NestMiddleware } from '@nestjs/common';\nimport type { Request, Response, NextFunction } from 'express';\nimport { getWebUserFromHeader } from './helper';\n\n@Injectable()\nexport class UserContextMiddleware implements NestMiddleware {\n\n  public use(req: Request, _res: Response, next: NextFunction) {\n    const webUser = getWebUserFromHeader(req);\n    req.userContext = {\n      userId: webUser?.user_id,\n      tenantId: webUser?.tenant_id,\n      appId: webUser?.app_id ?? '',\n    }\n    next();\n  }\n}\n","import type { Request } from 'express';\n\nconst sudaWebUserHeaderKey = 'x-larkgw-suda-webuser';\n\ninterface SudaWebUser {\n  user_id: string;\n  tenant_id: number;\n  app_id: string;\n}\n\nexport function getWebUserFromHeader(req: Request): SudaWebUser | null {\n  const sudaWebUserContent = req.headers[sudaWebUserHeaderKey] as\n    | string\n    | undefined;\n  if (!sudaWebUserContent) {\n    return null;\n  }\n  try {\n    const sudaWebUserJsonStr = decodeURIComponent(sudaWebUserContent);\n    const sudaWebUserJson = JSON.parse(sudaWebUserJsonStr) as SudaWebUser;\n    return sudaWebUserJson;\n  } catch (err) {\n    console.error('parse suda webuser from header failed, err=%o', err);\n    return null;\n  }\n  return null;\n}\n"],"mappings":";;;;AAEA,SAASA,eAAeC,uBAAuB;AAC/C,SAASC,aAAAA,kBAAiB;AAC1B,SAASC,eAAe;;;ACJxB,SAASC,eAAe;AACxB,SAASC,eAAeC,iBAAiB;AASlC,SAASC,kBAAkBC,aAAmB;AACnD,QAAMC,qBAAqBD,YAAYE,WAAW,GAAA,IAC9CF,cACA,IAAIA,WAAAA;AACR,SAAOC,mBAAmBE,SAAS,GAAA,IAC/BF,mBAAmBG,MAAM,GAAG,EAAC,IAC7BH;AACN;AAPgBF;AAeT,SAASM,4BACdC,SAAwB;AAExB,QAAMC,WAAWR,kBAAkBO,QAAQC,YAAY,GAAA;AACvD,QAAMC,WAAWT,kBAAkBO,QAAQE,YAAY,UAAU;AACjE,SAAO;IACL,GAAGF;IACHG,iBAAiBH,QAAQG,mBAAmB;IAC5CF;IACAC,UAAU,GAAGD,QAAAA,GAAWC,QAAAA;IACxBE,YAAYJ,QAAQI,cAAc;IAClCC,cAAcL,QAAQK,gBAAgB;IACtCC,uBAAuBN,QAAQM,yBAAyB;IACxDC,gBAAgB;MACdC,OAAOR,QAAQO,gBAAgBC,SAAS;MACxCC,SAAST,QAAQO,gBAAgBE,WAAW;MAC5CC,iBACEV,QAAQO,gBAAgBG,mBAAmB;MAC7CC,WACEX,QAAQO,gBAAgBI,aACxB;IACJ;EACF;AACF;AAvBgBZ;AAyBT,SAASa,kBAAkBC,UAAkBC,SAAe;AAEjE,QAAMC,MAAMC,QAAQH,QAAAA;AAGpBI,YAAUF,KAAK;IAAEG,WAAW;EAAK,CAAA;AAGjCC,gBAAcN,UAAUC,OAAAA;AAC1B;AATgBF;;;ADzCT,IAAMQ,iBAAN,MAAMA;EAPb,OAOaA;;;EACX,aAAaC,MAAMC,KAAuBC,OAAwB,CAAC,GAAG;AACpE,UAAMC,UAAUC,4BAA4BF,IAAAA;AAC5C,UAAMG,cAAcC,QAAQC,IAAG;AAG/B,UAAMC,UAAU,IAAIC,gBAAAA,EACjBC,SAASP,QAAQQ,eAAeC,KAAK,EACrCC,WAAWV,QAAQQ,eAAeG,OAAO;AAC5C,UAAMC,WAAWC,cAAcC,eAAehB,KAAKO,QAAQU,MAAK,GAAI;MAClEC,oBAAoB,wBAACC,IAAIC,MAAMA,GAAX;IACtB,CAAA;AAEA,QAAGlB,QAAQmB,iBAAgB;AACzBN,oBAAcO,MAAMpB,QAAQqB,UAAUvB,KAAKc,UAAU;QACnDU,iBAAiBtB,QAAQQ,eAAec;QACxCC,WAAWvB,QAAQQ,eAAee;QAClCf,gBAAgB;UAAEgB,sBAAsB;QAAK;MAC/C,CAAA;AACAC,cAAQC,IAAI,iDAA6B1B,QAAQqB,QAAQ,EAAE;IAC7D;AAGA,UAAMM,cAAcC,QAAQ1B,aAAaF,QAAQ6B,UAAU;AAC3DC,sBAAkBH,aAAaI,KAAKC,UAAUpB,UAAU,MAAM,CAAA,CAAA;AAG9D,QAAIZ,QAAQiC,uBAAuB;AACjC,YAAMC,mBAAmBN,QAAQ1B,aAAaF,QAAQmC,YAAY;AAClEC,MAAAA,WAAUF,kBAAkB;QAAEG,WAAW;MAAK,CAAA;AAC9C,YAAM,EAAEC,SAAQ,IAAK,MAAM,OAAO,4BAAA;AAClC,YAAMA,SAAS;QACbC,OAAOZ;QACPa,QAAQN;QACRO,YAAY;QACZC,YAAY;QACZC,gBAAgB;MAClB,CAAA;AACAlB,cAAQC,IAAI,yEAAA;IACd;EACF;AACF;;;AElDA,SAASkB,kBAAkC;;;ACA3C,OAAOC,YAAY;AAGZ,SAASC,wBACdC,SAAyB;AAEzB,SAAO;IACL,GAAGA;IACHC,WAAWD,QAAQC,aAAa;IAChCC,cAAcF,QAAQE,gBAAgB,MAAM,KAAK,KAAK,KAAK;IAC3DC,YAAYH,QAAQG,cAAc;EACpC;AACF;AATgBJ;AAYT,SAASK,WAAAA;AAEd,QAAMC,KAAKC,KAAKC,MAAMC,KAAKC,IAAG,IAAK,GAAA;AAGnC,QAAMC,YAAYC,OAChB,OAAOC,OAAOC,YAAY,CAAA,EAAGC,SAAS,KAAA,CAAA,EACtCA,SAAQ;AAGV,QAAMC,IAAI,GAAGL,SAAAA,IAAaL,EAAAA;AAG1B,QAAMW,OAAOJ,OAAOK,WAAW,MAAA;AAC/BD,OAAKE,OAAOH,CAAAA;AAGZ,SAAO,GAAGC,KAAKG,OAAO,KAAA,CAAA,IAAUd,EAAAA;AAClC;AAlBgBD;;;;;;;;;;ADRT,IAAMgB,sBAAN,MAAMA,qBAAAA;SAAAA;;;EACX,OAAeC,UAAoCC,wBAAwB,CAAC,CAAA;EAE5E,OAAcC,UAAUC,MAAwB;AAC9C,SAAKH,UAAUC,wBAAwBE,IAAAA;EACzC;EAEOC,IAAIC,KAAcC,KAAeC,MAAoB;AAC1D,UAAM,EAAEC,WAAWC,cAAcC,WAAU,IAAKX,qBAAoBC;AACpE,UAAMW,cAAcN,IAAIO,QAAQJ,UAAUK,YAAW,CAAA;AAErD,QAAIF,aAAa;AACfN,UAAIS,YAAYH;AAChBJ,WAAAA;IACF,OAAO;AAEL,YAAMQ,QAAQC,SAAAA;AACdX,UAAIS,YAAYC;AAChBT,UAAIW,OAAOT,WAAWO,OAAO;QAC3BG,QAAQT;QACRU,MAAMT;QACNU,UAAU;QACVC,QAAQ;QACRC,UAAU;QACVC,aAAa;MACf,CAAA;AACAhB,WAAAA;IACF;EACF;AACF;;;;;;AEpCA,SAASiB,cAAAA,mBAAkC;;;ACIpC,SAASC,mBAAmBC,SAAoB;AACrD,SAAO;IACL,GAAGA;IACHC,WAAWD,QAAQC,aAAa;IAChCC,WAAWF,QAAQE,aAAa;EAClC;AACF;AANgBH;AAQT,SAASI,cAAcC,KAAeC,SAAe;AAC1DD,MAAIE,OAAO,GAAA,EAAKC,KAAK,kBAAaF,OAAAA,EAAS;AAC7C;AAFgBF;;;;;;;;;;ADLT,IAAMK,iBAAN,MAAMA,gBAAAA;SAAAA;;;EACX,OAAeC,UAA+BC,mBAAmB,CAAC,CAAA;EAElE,OAAcC,UAAUC,MAAmB;AACzC,SAAKH,UAAUC,mBAAmBE,IAAAA;EACpC;EAEOC,IAAIC,KAAcC,KAAeC,MAAoB;AAC1D,UAAM,EAAEC,WAAWC,UAAS,IAAKV,gBAAeC;AAChD,UAAMU,kBAAkBL,IAAIM,QAAQF,UAAUG,YAAW,CAAA;AACzD,QAAI,CAACF,iBAAiB;AACpBG,oBAAcP,KAAK,iCAAA;AACnB;IACF;AACA,UAAMQ,kBAAkBT,IAAIU,QAAQP,UAAUI,YAAW,CAAA;AACzD,QAAI,CAACE,iBAAiB;AACpBD,oBAAcP,KAAK,iCAAA;AACnB;IACF;AACA,QAAII,oBAAoBI,iBAAiB;AACvCD,oBAAcP,KAAK,uBAAA;AACnB;IACF;AACAC,SAAAA;EACF;AACF;;;;;;AEhCA,SAASS,cAAAA,mBAAkC;;;ACE3C,IAAMC,uBAAuB;AAQtB,SAASC,qBAAqBC,KAAY;AAC/C,QAAMC,qBAAqBD,IAAIE,QAAQJ,oBAAAA;AAGvC,MAAI,CAACG,oBAAoB;AACvB,WAAO;EACT;AACA,MAAI;AACF,UAAME,qBAAqBC,mBAAmBH,kBAAAA;AAC9C,UAAMI,kBAAkBC,KAAKC,MAAMJ,kBAAAA;AACnC,WAAOE;EACT,SAASG,KAAK;AACZC,YAAQC,MAAM,iDAAiDF,GAAAA;AAC/D,WAAO;EACT;AACA,SAAO;AACT;AAhBgBT;;;;;;;;;;ADLT,IAAMY,wBAAN,MAAMA;SAAAA;;;EAEJC,IAAIC,KAAcC,MAAgBC,MAAoB;AAC3D,UAAMC,UAAUC,qBAAqBJ,GAAAA;AACrCA,QAAIK,cAAc;MAChBC,QAAQH,SAASI;MACjBC,UAAUL,SAASM;MACnBC,OAAOP,SAASQ,UAAU;IAC5B;AACAT,SAAAA;EACF;AACF;;;;","names":["SwaggerModule","DocumentBuilder","mkdirSync","resolve","dirname","writeFileSync","mkdirSync","normalizeBasePath","rawBasePath","normalizedBasePath","startsWith","endsWith","slice","resolveOptsWithDefaultValue","options","basePath","docsPath","needSetupServer","openapiOut","clientSdkOut","needGenerateClientSdk","swaggerOptions","title","version","customSiteTitle","customCss","ensureDirAndWrite","filePath","content","dir","dirname","mkdirSync","recursive","writeFileSync","DevToolsModule","mount","app","opts","options","resolveOptsWithDefaultValue","baseDirname","process","cwd","builder","DocumentBuilder","setTitle","swaggerOptions","title","setVersion","version","document","SwaggerModule","createDocument","build","operationIdFactory","_c","m","needSetupServer","setup","docsPath","customSiteTitle","customCss","persistAuthorization","console","log","openapiPath","resolve","openapiOut","ensureDirAndWrite","JSON","stringify","needGenerateClientSdk","clientSdkOutPath","clientSdkOut","mkdirSync","recursive","generate","input","output","httpClient","useOptions","exportServices","Injectable","crypto","resolveCsrfTokenOptions","options","cookieKey","cookieMaxAge","cookiePath","genToken","ts","Math","floor","Date","now","randInt64","BigInt","crypto","randomBytes","toString","s","sha1","createHash","update","digest","CsrfTokenMiddleware","options","resolveCsrfTokenOptions","configure","opts","use","req","res","next","cookieKey","cookieMaxAge","cookiePath","originToken","cookies","toLowerCase","csrfToken","token","genToken","cookie","maxAge","path","httpOnly","secure","sameSite","partitioned","Injectable","resolveCsrfOptions","options","headerKey","cookieKey","sendForbidden","res","message","status","send","CsrfMiddleware","options","resolveCsrfOptions","configure","opts","use","req","res","next","headerKey","cookieKey","cookieCsrfToken","cookies","toLowerCase","sendForbidden","headerCsrfToken","headers","Injectable","sudaWebUserHeaderKey","getWebUserFromHeader","req","sudaWebUserContent","headers","sudaWebUserJsonStr","decodeURIComponent","sudaWebUserJson","JSON","parse","err","console","error","UserContextMiddleware","use","req","_res","next","webUser","getWebUserFromHeader","userContext","userId","user_id","tenantId","tenant_id","appId","app_id"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lark-apaas/fullstack-nestjs-core",
-  "version": "0.1.0-alpha.9",
+  "version": "1.0.1",
   "description": "FullStack Nestjs Core",
   "type": "module",
   "main": "./dist/index.js",
@@ -28,6 +28,15 @@
       "require": "./dist/index.cjs"
     }
   },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "echo 'ESLint skipped for TypeScript files'",
+    "lint:fix": "eslint src --ext .ts --fix"
+  },
   "dependencies": {
     "openapi-typescript-codegen": "^0.29.0"
   },
@@ -38,20 +47,11 @@
     "@types/cookie-parser": "^1.4.9",
     "@types/express": "^5.0.3",
     "tsup": "^8.0.0",
-    "typescript": "^5.2.0"
+    "typescript": "^5.0.0"
   },
   "peerDependencies": {
     "@nestjs/common": "^10.4.20",
     "@nestjs/platform-express": "^10.4.20",
     "@nestjs/swagger": "^7.4.2"
-  },
-  "scripts": {
-    "build": "tsup",
-    "dev": "tsup --watch",
-    "typecheck": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "lint": "echo 'ESLint skipped for TypeScript files'",
-    "lint:fix": "eslint src --ext .ts --fix"
   }
-}
+}