npm - @lastshotlabs/bunshot - Versions diffs - 0.0.21 → 0.0.27 - Mend

@lastshotlabs/bunshot 0.0.21 → 0.0.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (185) hide show

package/README.md +3035 -1249
package/dist/adapters/localStorage.d.ts +6 -0
package/dist/adapters/localStorage.js +59 -0
package/dist/adapters/memoryAuth.d.ts +13 -0
package/dist/adapters/memoryAuth.js +261 -2
package/dist/adapters/memoryStorage.d.ts +3 -0
package/dist/adapters/memoryStorage.js +44 -0
package/dist/adapters/mongoAuth.js +217 -1
package/dist/adapters/s3Storage.d.ts +14 -0
package/dist/adapters/s3Storage.js +126 -0
package/dist/adapters/sqliteAuth.d.ts +30 -0
package/dist/adapters/sqliteAuth.js +352 -2
package/dist/app.d.ts +203 -3
package/dist/app.js +352 -48
package/dist/cli.js +118 -38
package/dist/index.d.ts +69 -8
package/dist/index.js +46 -5
package/dist/lib/HttpError.d.ts +7 -1
package/dist/lib/HttpError.js +10 -1
package/dist/lib/appConfig.d.ts +157 -0
package/dist/lib/appConfig.js +54 -0
package/dist/lib/auditLog.d.ts +58 -0
package/dist/lib/auditLog.js +218 -0
package/dist/lib/authAdapter.d.ts +140 -1
package/dist/lib/authRateLimit.js +36 -0
package/dist/lib/breachedPassword.d.ts +13 -0
package/dist/lib/breachedPassword.js +48 -0
package/dist/lib/captcha.d.ts +25 -0
package/dist/lib/captcha.js +37 -0
package/dist/lib/constants.d.ts +4 -0
package/dist/lib/constants.js +4 -0
package/dist/lib/context.d.ts +24 -1
package/dist/lib/context.js +17 -3
package/dist/lib/createRoute.d.ts +28 -2
package/dist/lib/createRoute.js +54 -3
package/dist/lib/credentialStuffing.d.ts +31 -0
package/dist/lib/credentialStuffing.js +77 -0
package/dist/lib/deletionCancelToken.d.ts +12 -0
package/dist/lib/deletionCancelToken.js +88 -0
package/dist/lib/emailVerification.d.ts +6 -0
package/dist/lib/emailVerification.js +46 -3
package/dist/lib/groups.d.ts +113 -0
package/dist/lib/groups.js +133 -0
package/dist/lib/idempotency.d.ts +22 -0
package/dist/lib/idempotency.js +182 -0
package/dist/lib/jwks.d.ts +25 -0
package/dist/lib/jwks.js +51 -0
package/dist/lib/jwt.d.ts +15 -2
package/dist/lib/jwt.js +92 -5
package/dist/lib/logger.d.ts +2 -0
package/dist/lib/logger.js +6 -0
package/dist/lib/m2m.d.ts +29 -0
package/dist/lib/m2m.js +48 -0
package/dist/lib/metrics.d.ts +14 -0
package/dist/lib/metrics.js +158 -0
package/dist/lib/mfaChallenge.d.ts +14 -1
package/dist/lib/mfaChallenge.js +111 -6
package/dist/lib/mongo.js +1 -1
package/dist/lib/oauthCode.js +23 -18
package/dist/lib/pagination.d.ts +119 -0
package/dist/lib/pagination.js +166 -0
package/dist/lib/resetPassword.js +3 -1
package/dist/lib/saml.d.ts +25 -0
package/dist/lib/saml.js +64 -0
package/dist/lib/scim.d.ts +44 -0
package/dist/lib/scim.js +54 -0
package/dist/lib/securityEvents.d.ts +28 -0
package/dist/lib/securityEvents.js +26 -0
package/dist/lib/session.d.ts +14 -0
package/dist/lib/session.js +121 -5
package/dist/lib/signing.d.ts +52 -0
package/dist/lib/signing.js +183 -0
package/dist/lib/storageAdapter.d.ts +30 -0
package/dist/lib/storageAdapter.js +1 -0
package/dist/lib/stripUnreferencedSchemas.d.ts +11 -0
package/dist/lib/stripUnreferencedSchemas.js +79 -0
package/dist/lib/suspension.d.ts +13 -0
package/dist/lib/suspension.js +23 -0
package/dist/lib/tenant.js +2 -2
package/dist/lib/upload.d.ts +39 -0
package/dist/lib/upload.js +112 -0
package/dist/lib/uploadRegistry.d.ts +18 -0
package/dist/lib/uploadRegistry.js +83 -0
package/dist/lib/validate.js +2 -2
package/dist/lib/ws.d.ts +1 -0
package/dist/lib/ws.js +28 -0
package/dist/lib/wsHeartbeat.d.ts +12 -0
package/dist/lib/wsHeartbeat.js +57 -0
package/dist/lib/wsMessages.d.ts +40 -0
package/dist/lib/wsMessages.js +330 -0
package/dist/lib/wsPresence.d.ts +25 -0
package/dist/lib/wsPresence.js +99 -0
package/dist/middleware/auditLog.d.ts +22 -0
package/dist/middleware/auditLog.js +39 -0
package/dist/middleware/bearerAuth.js +1 -1
package/dist/middleware/cacheResponse.js +5 -1
package/dist/middleware/captcha.d.ts +10 -0
package/dist/middleware/captcha.js +36 -0
package/dist/middleware/csrf.js +18 -4
package/dist/middleware/errorHandler.js +4 -1
package/dist/middleware/identify.js +89 -14
package/dist/middleware/metrics.d.ts +9 -0
package/dist/middleware/metrics.js +26 -0
package/dist/middleware/requestId.d.ts +3 -0
package/dist/middleware/requestId.js +7 -0
package/dist/middleware/requestLogger.d.ts +38 -0
package/dist/middleware/requestLogger.js +68 -0
package/dist/middleware/requestSigning.d.ts +20 -0
package/dist/middleware/requestSigning.js +100 -0
package/dist/middleware/requireMfaSetup.d.ts +16 -0
package/dist/middleware/requireMfaSetup.js +37 -0
package/dist/middleware/requireRole.d.ts +9 -3
package/dist/middleware/requireRole.js +23 -36
package/dist/middleware/requireScope.d.ts +10 -0
package/dist/middleware/requireScope.js +25 -0
package/dist/middleware/requireStepUp.d.ts +18 -0
package/dist/middleware/requireStepUp.js +29 -0
package/dist/middleware/scimAuth.d.ts +8 -0
package/dist/middleware/scimAuth.js +29 -0
package/dist/middleware/upload.d.ts +5 -0
package/dist/middleware/upload.js +27 -0
package/dist/middleware/webhookAuth.d.ts +30 -0
package/dist/middleware/webhookAuth.js +58 -0
package/dist/models/AuditLog.d.ts +30 -0
package/dist/models/AuditLog.js +39 -0
package/dist/models/AuthUser.d.ts +7 -0
package/dist/models/AuthUser.js +7 -0
package/dist/models/Group.d.ts +21 -0
package/dist/models/Group.js +28 -0
package/dist/models/GroupMembership.d.ts +21 -0
package/dist/models/GroupMembership.js +25 -0
package/dist/models/M2MClient.d.ts +18 -0
package/dist/models/M2MClient.js +18 -0
package/dist/routes/auth.d.ts +3 -2
package/dist/routes/auth.js +238 -21
package/dist/routes/groups.d.ts +21 -0
package/dist/routes/groups.js +346 -0
package/dist/routes/jobs.js +66 -46
package/dist/routes/m2m.d.ts +2 -0
package/dist/routes/m2m.js +72 -0
package/dist/routes/metrics.d.ts +8 -0
package/dist/routes/metrics.js +55 -0
package/dist/routes/mfa.js +13 -1
package/dist/routes/oauth.js +6 -0
package/dist/routes/oidc.d.ts +2 -0
package/dist/routes/oidc.js +29 -0
package/dist/routes/passkey.d.ts +1 -0
package/dist/routes/passkey.js +157 -0
package/dist/routes/saml.d.ts +2 -0
package/dist/routes/saml.js +86 -0
package/dist/routes/scim.d.ts +2 -0
package/dist/routes/scim.js +255 -0
package/dist/routes/uploads.d.ts +14 -0
package/dist/routes/uploads.js +227 -0
package/dist/server.d.ts +26 -0
package/dist/server.js +46 -3
package/dist/services/auth.d.ts +2 -0
package/dist/services/auth.js +101 -22
package/dist/services/mfa.js +2 -2
package/dist/ws/index.js +5 -1
package/docs/sections/auth-flow/full.md +203 -47
package/docs/sections/auth-flow/overview.md +2 -2
package/docs/sections/auth-security-examples/full.md +388 -0
package/docs/sections/authentication/full.md +130 -0
package/docs/sections/authentication/overview.md +5 -0
package/docs/sections/cli/full.md +13 -1
package/docs/sections/configuration/full.md +17 -0
package/docs/sections/configuration/overview.md +1 -0
package/docs/sections/exports/full.md +34 -3
package/docs/sections/logging/full.md +83 -0
package/docs/sections/metrics/full.md +131 -0
package/docs/sections/oauth/full.md +189 -189
package/docs/sections/oauth/overview.md +1 -1
package/docs/sections/pagination/full.md +93 -0
package/docs/sections/passkey-login/full.md +90 -0
package/docs/sections/passkey-login/overview.md +1 -0
package/docs/sections/roles/full.md +224 -135
package/docs/sections/roles/overview.md +3 -1
package/docs/sections/signing/full.md +203 -0
package/docs/sections/uploads/full.md +208 -0
package/docs/sections/versioning/full.md +85 -0
package/docs/sections/webhook-auth/full.md +100 -0
package/docs/sections/websocket/full.md +95 -0
package/docs/sections/websocket-rooms/full.md +6 -1
package/package.json +18 -5

package/dist/lib/upload.js ADDED Viewed

@@ -0,0 +1,112 @@
+import { HttpError } from "./HttpError";
+import { extname } from "node:path";
+let _adapter = null;
+let _config = {};
+export const setStorageAdapter = (adapter) => { _adapter = adapter; };
+export const getStorageAdapter = () => _adapter;
+export const setUploadConfig = (config) => { _config = config; };
+export const getUploadConfig = () => _config;
+export const generateUploadKey = (file, ctx, opts) => {
+    const merged = { ..._config, ...opts };
+    if (merged.generateKey)
+        return merged.generateKey(file, ctx);
+    const rawExt = extname(file.name);
+    const ext = /^\.[a-zA-Z0-9]{1,10}$/.test(rawExt) ? rawExt : "";
+    const uuid = crypto.randomUUID();
+    const prefix = merged.keyPrefix ?? "uploads/";
+    const tenantPrefix = merged.tenantScopedKeys && ctx.tenantId ? `${ctx.tenantId}/` : "";
+    return `${prefix}${tenantPrefix}${uuid}${ext}`;
+};
+export const generateUploadKeyFromFilename = (filename, ctx, opts) => {
+    const merged = { ..._config, ...opts };
+    if (merged.generateKey) {
+        // Create minimal File-like for custom generators that expect a File object
+        const stub = new File([], filename ?? "upload");
+        return merged.generateKey(stub, ctx);
+    }
+    const rawExt = filename ? extname(filename) : "";
+    const ext = /^\.[a-zA-Z0-9]{1,10}$/.test(rawExt) ? rawExt : "";
+    const uuid = crypto.randomUUID();
+    const prefix = merged.keyPrefix ?? "uploads/";
+    const tenantPrefix = merged.tenantScopedKeys && ctx.tenantId ? `${ctx.tenantId}/` : "";
+    return `${prefix}${tenantPrefix}${uuid}${ext}`;
+};
+const mimeMatches = (mimeType, pattern) => {
+    if (pattern.endsWith("/*")) {
+        return mimeType.startsWith(pattern.slice(0, -1));
+    }
+    return mimeType === pattern;
+};
+export const validateFile = (file, opts) => {
+    const maxFileSize = opts.maxFileSize ?? _config.maxFileSize ?? 10 * 1024 * 1024;
+    if (file.size > maxFileSize) {
+        return `File "${file.name}" exceeds maximum size of ${maxFileSize} bytes`;
+    }
+    const allowedMimeTypes = opts.allowedMimeTypes ?? _config.allowedMimeTypes;
+    if (allowedMimeTypes && allowedMimeTypes.length > 0) {
+        const allowed = allowedMimeTypes.some((pattern) => mimeMatches(file.type, pattern));
+        if (!allowed) {
+            return `File "${file.name}" has disallowed MIME type "${file.type}"`;
+        }
+    }
+    return null;
+};
+export const processUpload = async (file, opts) => {
+    const adapter = _adapter;
+    if (!adapter)
+        throw new HttpError(500, "No storage adapter configured");
+    const validationError = validateFile(file, opts);
+    if (validationError)
+        throw new HttpError(400, validationError);
+    const key = generateUploadKey(file, opts.ctx ?? {}, opts);
+    const { url } = await adapter.put(key, file, {
+        mimeType: file.type,
+        size: file.size,
+        bucket: opts.bucket,
+    });
+    // Register the upload for ownership tracking
+    const { registerUpload } = await import("./uploadRegistry");
+    await registerUpload({
+        key,
+        ownerUserId: opts.ctx?.userId,
+        tenantId: opts.ctx?.tenantId,
+        mimeType: file.type,
+        bucket: opts.bucket,
+        createdAt: Date.now(),
+    });
+    return {
+        key,
+        originalName: file.name,
+        mimeType: file.type,
+        size: file.size,
+        ...(url !== undefined ? { url } : {}),
+    };
+};
+export const parseUpload = async (c, opts) => {
+    const merged = { ..._config, ...opts };
+    const fields = merged.field
+        ? (Array.isArray(merged.field) ? merged.field : [merged.field])
+        : ["file"];
+    const maxFiles = merged.maxFiles ?? 10;
+    const body = await c.req.parseBody({ all: true });
+    const results = [];
+    const userId = c.get("authUserId") ?? undefined;
+    const tenantId = c.get("tenantId") ?? undefined;
+    const bucket = c.get("uploadBucket");
+    for (const field of fields) {
+        const raw = body[field];
+        if (!raw)
+            continue;
+        const files = Array.isArray(raw) ? raw : [raw];
+        for (const f of files) {
+            if (!(f instanceof File))
+                continue;
+            if (results.length >= maxFiles) {
+                throw new HttpError(400, `Too many files. Maximum is ${maxFiles}`);
+            }
+            const result = await processUpload(f, { ...merged, ctx: { userId, tenantId }, bucket: bucket ?? undefined });
+            results.push(result);
+        }
+    }
+    return results;
+};

package/dist/lib/uploadRegistry.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+export interface UploadRecord {
+    key: string;
+    ownerUserId?: string;
+    tenantId?: string;
+    mimeType?: string;
+    bucket?: string;
+    createdAt: number;
+}
+type UploadRegistryStore = "redis" | "mongo" | "sqlite" | "memory";
+export declare const setUploadRegistryStore: (store: UploadRegistryStore) => void;
+export declare const clearUploadRegistry: () => void;
+/** Store a new upload record. Keyed by the storage key. */
+export declare const registerUpload: (record: UploadRecord) => Promise<void>;
+/** Retrieve an upload record by key. Returns null if not found. */
+export declare const getUploadRecord: (key: string) => Promise<UploadRecord | null>;
+/** Delete an upload record by key. Returns true if it existed. */
+export declare const deleteUploadRecord: (key: string) => Promise<boolean>;
+export {};

package/dist/lib/uploadRegistry.js ADDED Viewed

@@ -0,0 +1,83 @@
+import { getRedis } from "./redis";
+import { appConnection, mongoose } from "./mongo";
+import { getAppName } from "./appConfig";
+let _store = "memory";
+export const setUploadRegistryStore = (store) => { _store = store; };
+// ---------------------------------------------------------------------------
+// Memory backend
+// ---------------------------------------------------------------------------
+const _memoryRegistry = new Map();
+export const clearUploadRegistry = () => { _memoryRegistry.clear(); };
+function getUploadRegistryModel() {
+    if (appConnection.models["UploadRegistry"])
+        return appConnection.models["UploadRegistry"];
+    const { Schema } = mongoose;
+    const schema = new Schema({
+        key: { type: String, required: true, unique: true },
+        ownerUserId: { type: String },
+        tenantId: { type: String },
+        mimeType: { type: String },
+        bucket: { type: String },
+        createdAt: { type: Number, required: true },
+    }, { collection: "upload_registry" });
+    return appConnection.model("UploadRegistry", schema);
+}
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+/** Store a new upload record. Keyed by the storage key. */
+export const registerUpload = async (record) => {
+    if (_store === "memory") {
+        _memoryRegistry.set(record.key, record);
+        return;
+    }
+    if (_store === "sqlite") {
+        const { sqliteRegisterUpload } = await import("../adapters/sqliteAuth");
+        sqliteRegisterUpload(record);
+        return;
+    }
+    if (_store === "mongo") {
+        await getUploadRegistryModel().updateOne({ key: record.key }, { $set: record }, { upsert: true });
+        return;
+    }
+    // Redis — no TTL (upload records are permanent until deleted)
+    await getRedis().set(`ur:${getAppName()}:${record.key}`, JSON.stringify(record));
+};
+/** Retrieve an upload record by key. Returns null if not found. */
+export const getUploadRecord = async (key) => {
+    if (_store === "memory") {
+        return _memoryRegistry.get(key) ?? null;
+    }
+    if (_store === "sqlite") {
+        const { sqliteGetUploadRecord } = await import("../adapters/sqliteAuth");
+        return sqliteGetUploadRecord(key);
+    }
+    if (_store === "mongo") {
+        const doc = await getUploadRegistryModel().findOne({ key }).lean();
+        if (!doc)
+            return null;
+        return { key: doc.key, ownerUserId: doc.ownerUserId, tenantId: doc.tenantId, mimeType: doc.mimeType, bucket: doc.bucket, createdAt: doc.createdAt };
+    }
+    // Redis
+    const raw = await getRedis().get(`ur:${getAppName()}:${key}`);
+    if (!raw)
+        return null;
+    return JSON.parse(raw);
+};
+/** Delete an upload record by key. Returns true if it existed. */
+export const deleteUploadRecord = async (key) => {
+    if (_store === "memory") {
+        return _memoryRegistry.delete(key);
+    }
+    if (_store === "sqlite") {
+        const { sqliteDeleteUploadRecord } = await import("../adapters/sqliteAuth");
+        return sqliteDeleteUploadRecord(key);
+    }
+    if (_store === "mongo") {
+        const result = await getUploadRegistryModel().deleteOne({ key });
+        return result.deletedCount > 0;
+    }
+    // Redis
+    const deleted = await getRedis().del(`ur:${getAppName()}:${key}`);
+    return deleted > 0;
+};

package/dist/lib/validate.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { z } from "zod";
-import { HttpError } from "./HttpError";
+import { ValidationError } from "./HttpError";
 export const validate = async (schema, req) => {
     try {
         const body = await req.json();
@@ -7,7 +7,7 @@ export const validate = async (schema, req) => {
     }
     catch (err) {
         if (err instanceof z.ZodError) {
-            throw new HttpError(400, err.issues.map((i) => i.message).join(", "));
+            throw new ValidationError(err.issues);
         }
         throw err;
     }

package/dist/lib/ws.d.ts CHANGED Viewed

@@ -6,6 +6,7 @@ type WithSocketId = {
     id: string;
 } & WithRooms;
 export declare const setWsServer: (server: Server<any>) => void;
+export declare const setPresenceEnabled: (enabled: boolean) => void;
 export declare const publish: (topic: string, data: unknown) => void;
 /** All rooms that currently have at least one subscriber */
 export declare const getRooms: () => string[];

package/dist/lib/ws.js CHANGED Viewed

@@ -1,7 +1,10 @@
+import { addPresence, removePresence, cleanupPresence } from "./wsPresence";
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 let _server = null;
+let _presenceEnabled = false;
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export const setWsServer = (server) => { _server = server; };
+export const setPresenceEnabled = (enabled) => { _presenceEnabled = enabled; };
 export const publish = (topic, data) => {
     _server?.publish(topic, JSON.stringify(data));
 };
@@ -12,6 +15,9 @@ export const getRooms = () => [..._roomRegistry.keys()];
 /** Socket IDs subscribed to a given room */
 export const getRoomSubscribers = (room) => [...(_roomRegistry.get(room) ?? [])];
 const MAX_ROOM_ACTION_SIZE = 4096; // 4 KB — room actions are small JSON payloads
+function isValidRoomName(room) {
+    return typeof room === "string" && /^[a-zA-Z0-9_:./\-]{1,128}$/.test(room);
+}
 export const handleRoomActions = async (ws, message, onSubscribe) => {
     try {
         const raw = typeof message === "string" ? message : Buffer.from(message).toString();
@@ -19,6 +25,8 @@ export const handleRoomActions = async (ws, message, onSubscribe) => {
             return false; // not a room action
         const data = JSON.parse(raw);
         if (data.action === "subscribe" && typeof data.room === "string") {
+            if (!isValidRoomName(data.room))
+                return true; // silently drop invalid room names
             if (onSubscribe && !(await onSubscribe(ws, data.room))) {
                 ws.send(JSON.stringify({ event: "subscribe_denied", room: data.room }));
             }
@@ -29,6 +37,8 @@ export const handleRoomActions = async (ws, message, onSubscribe) => {
             return true;
         }
         if (data.action === "unsubscribe" && typeof data.room === "string") {
+            if (!isValidRoomName(data.room))
+                return true; // silently drop invalid room names
             unsubscribe(ws, data.room);
             ws.send(JSON.stringify({ event: "unsubscribed", room: data.room }));
             return true;
@@ -43,6 +53,12 @@ export const subscribe = (ws, room) => {
     if (!_roomRegistry.has(room))
         _roomRegistry.set(room, new Set());
     _roomRegistry.get(room).add(ws.data.id);
+    if (_presenceEnabled) {
+        const result = addPresence(ws.data.id, room);
+        if (result?.isNewUser) {
+            publish(room, { event: "presence_join", room, userId: result.userId });
+        }
+    }
 };
 export const unsubscribe = (ws, room) => {
     ws.unsubscribe(room);
@@ -53,10 +69,22 @@ export const unsubscribe = (ws, room) => {
         if (ids.size === 0)
             _roomRegistry.delete(room);
     }
+    if (_presenceEnabled) {
+        const result = removePresence(ws.data.id, room);
+        if (result?.isLastSocket) {
+            publish(room, { event: "presence_leave", room, userId: result.userId });
+        }
+    }
 };
 export const getSubscriptions = (ws) => [...ws.data.rooms];
 /** Called on socket close to prune the registry. Internal use only. */
 export const cleanupSocket = (socketId, rooms) => {
+    if (_presenceEnabled) {
+        const departed = cleanupPresence(socketId, rooms);
+        for (const { room, userId } of departed) {
+            publish(room, { event: "presence_leave", room, userId });
+        }
+    }
     for (const room of rooms) {
         const ids = _roomRegistry.get(room);
         if (ids) {

package/dist/lib/wsHeartbeat.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { ServerWebSocket } from "bun";
+export interface HeartbeatConfig {
+    intervalMs?: number;
+    timeoutMs?: number;
+}
+export declare const registerSocket: (ws: ServerWebSocket<any>, id: string) => void;
+export declare const deregisterSocket: (id: string) => void;
+export declare const handlePong: (id: string) => void;
+export declare const startHeartbeat: (config?: HeartbeatConfig | boolean) => void;
+export declare const stopHeartbeat: () => void;
+/** Reset all heartbeat state. Useful for test isolation. */
+export declare const clearHeartbeatState: () => void;

package/dist/lib/wsHeartbeat.js ADDED Viewed

@@ -0,0 +1,57 @@
+// ---------------------------------------------------------------------------
+// State
+// ---------------------------------------------------------------------------
+/** All live sockets — socketId → ServerWebSocket */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const _activeSockets = new Map();
+/** socketId → last pong timestamp (epoch ms) */
+const _lastPong = new Map();
+let _pingInterval = null;
+const DEFAULT_INTERVAL_MS = 30_000;
+const DEFAULT_TIMEOUT_MS = 10_000;
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+export const registerSocket = (ws, id) => {
+    _activeSockets.set(id, ws);
+    _lastPong.set(id, Date.now());
+};
+export const deregisterSocket = (id) => {
+    _activeSockets.delete(id);
+    _lastPong.delete(id);
+};
+export const handlePong = (id) => {
+    _lastPong.set(id, Date.now());
+};
+export const startHeartbeat = (config) => {
+    if (_pingInterval)
+        return; // already running
+    const opts = typeof config === "object" ? config : {};
+    const intervalMs = opts.intervalMs ?? DEFAULT_INTERVAL_MS;
+    const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    _pingInterval = setInterval(() => {
+        const now = Date.now();
+        for (const [id, ws] of _activeSockets) {
+            const lastPong = _lastPong.get(id) ?? 0;
+            if (now - lastPong > timeoutMs) {
+                ws.close(1001, "Heartbeat timeout");
+                // deregisterSocket will be called by the close handler
+            }
+            else {
+                ws.ping();
+            }
+        }
+    }, intervalMs);
+};
+export const stopHeartbeat = () => {
+    if (_pingInterval) {
+        clearInterval(_pingInterval);
+        _pingInterval = null;
+    }
+};
+/** Reset all heartbeat state. Useful for test isolation. */
+export const clearHeartbeatState = () => {
+    stopHeartbeat();
+    _activeSockets.clear();
+    _lastPong.clear();
+};

package/dist/lib/wsMessages.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+export interface StoredMessage {
+    id: string;
+    room: string;
+    senderId: string | null;
+    payload: unknown;
+    createdAt: number;
+}
+export type WsMessageStore = "redis" | "mongo" | "sqlite" | "memory";
+export interface WsMessageDefaults {
+    maxCount?: number;
+    ttlSeconds?: number;
+}
+export interface RoomPersistenceConfig {
+    persist: boolean;
+    maxCount?: number;
+    ttlSeconds?: number;
+}
+export declare const setWsMessageStore: (store: WsMessageStore) => void;
+export declare const setWsMessageDefaults: (defaults: WsMessageDefaults) => void;
+/** Opt a room into message persistence. */
+export declare const configureRoom: (room: string, options: RoomPersistenceConfig) => void;
+/**
+ * Persist a message to a room. Returns null if room is not configured for persistence.
+ * On store errors, logs a warning and returns null (non-blocking).
+ */
+export declare const persistMessage: (room: string, data: {
+    senderId?: string | null;
+    payload: unknown;
+}) => Promise<StoredMessage | null>;
+/**
+ * Get message history for a room.
+ * Cursor-based pagination using message `id` as cursor.
+ */
+export declare const getMessageHistory: (room: string, opts?: {
+    limit?: number;
+    before?: string;
+    after?: string;
+}) => Promise<StoredMessage[]>;
+/** Reset memory store. Useful for test isolation. */
+export declare const clearWsMessageMemoryStore: () => void;