npm - @lastshotlabs/bunshot - Versions diffs - 0.0.25 → 0.0.28 - Mend

@lastshotlabs/bunshot 0.0.25 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (725) hide show

package/.oclif.manifest.json +39 -0
package/README.md +8282 -2147
package/dist/cli/commands/init.js +690 -0
package/dist/cli/index.js +6 -0
package/dist/cli.js +4 -4
package/dist/packages/bunshot-admin/src/index.d.ts +15 -0
package/dist/packages/bunshot-admin/src/index.js +11 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.d.ts +8 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.js +33 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.d.ts +14 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.js +17 -0
package/dist/packages/bunshot-admin/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-admin/src/plugin.js +46 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.d.ts +6 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.js +32 -0
package/dist/packages/bunshot-admin/src/routes/admin.d.ts +10 -0
package/dist/packages/bunshot-admin/src/routes/admin.js +923 -0
package/dist/packages/bunshot-admin/src/routes/mail.d.ts +6 -0
package/dist/packages/bunshot-admin/src/routes/mail.js +114 -0
package/dist/packages/bunshot-admin/src/routes/permissions.d.ts +8 -0
package/dist/packages/bunshot-admin/src/routes/permissions.js +315 -0
package/dist/packages/bunshot-admin/src/types/config.d.ts +16 -0
package/dist/packages/bunshot-admin/src/types/config.js +37 -0
package/dist/packages/bunshot-admin/src/types/env.d.ts +14 -0
package/dist/packages/bunshot-admin/src/types/provider.d.ts +1 -0
package/dist/packages/bunshot-admin/src/types/provider.js +4 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.d.ts +66 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.js +1063 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.d.ts +2 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.js +536 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.d.ts +88 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.js +1366 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.d.ts +2 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.js +23 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.d.ts +5 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.js +131 -0
package/dist/packages/bunshot-auth/src/bootstrap.d.ts +38 -0
package/dist/packages/bunshot-auth/src/bootstrap.js +384 -0
package/dist/packages/bunshot-auth/src/config/appConfig.d.ts +3 -0
package/dist/packages/bunshot-auth/src/config/appConfig.js +4 -0
package/dist/packages/bunshot-auth/src/config/authConfig.d.ts +478 -0
package/dist/packages/bunshot-auth/src/config/authConfig.js +46 -0
package/dist/packages/bunshot-auth/src/config/configLock.d.ts +2 -0
package/dist/packages/bunshot-auth/src/config/configLock.js +10 -0
package/dist/packages/bunshot-auth/src/index.d.ts +25 -0
package/dist/packages/bunshot-auth/src/index.js +23 -0
package/dist/packages/bunshot-auth/src/infra/mongo.d.ts +15 -0
package/dist/packages/bunshot-auth/src/infra/mongo.js +44 -0
package/dist/packages/bunshot-auth/src/infra/queue.d.ts +14 -0
package/dist/packages/bunshot-auth/src/infra/queue.js +27 -0
package/dist/packages/bunshot-auth/src/infra/redis.d.ts +5 -0
package/dist/packages/bunshot-auth/src/infra/redis.js +15 -0
package/dist/packages/bunshot-auth/src/infra/signing.d.ts +7 -0
package/dist/packages/bunshot-auth/src/infra/signing.js +8 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.d.ts +34 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.js +244 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authContext.d.ts +15 -0
package/dist/packages/bunshot-auth/src/lib/authContext.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.d.ts +4 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.js +15 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.js +205 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.js +61 -0
package/dist/packages/bunshot-auth/src/lib/cache.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/cache.js +120 -0
package/dist/packages/bunshot-auth/src/lib/clientIp.d.ts +4 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/clientIp.js +14 -7
package/dist/packages/bunshot-auth/src/lib/cookieOptions.d.ts +27 -0
package/dist/packages/bunshot-auth/src/lib/cookieOptions.js +33 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.d.ts +40 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.js +221 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.js +148 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.d.ts +23 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.js +265 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.js +200 -0
package/dist/packages/bunshot-auth/src/lib/env.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/env.js +3 -0
package/dist/packages/bunshot-auth/src/lib/fingerprint.js +36 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.d.ts +15 -16
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.js +22 -34
package/dist/packages/bunshot-auth/src/lib/jwks.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/jwks.js +79 -0
package/dist/packages/bunshot-auth/src/lib/jwt.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/jwt.js +86 -0
package/dist/packages/bunshot-auth/src/lib/logger.d.ts +3 -0
package/dist/packages/bunshot-auth/src/lib/logger.js +13 -0
package/dist/packages/bunshot-auth/src/lib/m2m.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/m2m.js +44 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.js +145 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.d.ts +60 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.js +419 -0
package/dist/packages/bunshot-auth/src/lib/oauth.d.ts +82 -0
package/dist/packages/bunshot-auth/src/lib/oauth.js +177 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.js +182 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.js +255 -0
package/dist/packages/bunshot-auth/src/lib/organization.d.ts +66 -0
package/dist/packages/bunshot-auth/src/lib/organization.js +225 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.js +31 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.d.ts +20 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.js +148 -0
package/dist/packages/bunshot-auth/src/lib/roles.d.ts +9 -0
package/dist/packages/bunshot-auth/src/lib/roles.js +93 -0
package/dist/packages/bunshot-auth/src/lib/saml.d.ts +29 -0
package/dist/packages/bunshot-auth/src/lib/saml.js +73 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.js +129 -0
package/dist/packages/bunshot-auth/src/lib/scim.d.ts +44 -0
package/dist/packages/bunshot-auth/src/lib/scim.js +56 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.d.ts +22 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.js +65 -0
package/dist/packages/bunshot-auth/src/lib/session.d.ts +45 -0
package/dist/packages/bunshot-auth/src/lib/session.js +1211 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.d.ts +26 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.js +18 -0
package/dist/packages/bunshot-auth/src/lib/suspension.d.ts +14 -0
package/dist/packages/bunshot-auth/src/lib/suspension.js +20 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.d.ts +16 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.js +161 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.js +58 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/csrf.d.ts +5 -4
package/dist/packages/bunshot-auth/src/middleware/csrf.js +138 -0
package/dist/packages/bunshot-auth/src/middleware/identify.d.ts +4 -0
package/dist/packages/bunshot-auth/src/middleware/identify.js +124 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.js +10 -7
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.js +20 -16
package/dist/packages/bunshot-auth/src/middleware/requireScope.d.ts +10 -0
package/dist/packages/bunshot-auth/src/middleware/requireScope.js +25 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.d.ts +18 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.js +30 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.js +7 -6
package/dist/packages/bunshot-auth/src/middleware/scimAuth.d.ts +8 -0
package/dist/packages/bunshot-auth/src/middleware/scimAuth.js +29 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.js +6 -0
package/dist/{models → packages/bunshot-auth/src/models}/AuthUser.d.ts +19 -8
package/dist/packages/bunshot-auth/src/models/AuthUser.js +53 -0
package/dist/packages/bunshot-auth/src/models/Group.d.ts +19 -0
package/dist/packages/bunshot-auth/src/models/Group.js +22 -0
package/dist/{models → packages/bunshot-auth/src/models}/GroupMembership.d.ts +6 -8
package/dist/packages/bunshot-auth/src/models/GroupMembership.js +19 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.d.ts +18 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.js +18 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.d.ts +13 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.js +17 -0
package/dist/packages/bunshot-auth/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-auth/src/plugin.js +274 -0
package/dist/packages/bunshot-auth/src/routes/auth.d.ts +15 -0
package/dist/packages/bunshot-auth/src/routes/auth.js +1624 -0
package/dist/packages/bunshot-auth/src/routes/groups.d.ts +4 -0
package/dist/packages/bunshot-auth/src/routes/groups.js +481 -0
package/dist/packages/bunshot-auth/src/routes/m2m.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/m2m.js +145 -0
package/dist/packages/bunshot-auth/src/routes/mfa.d.ts +6 -0
package/dist/packages/bunshot-auth/src/routes/mfa.js +991 -0
package/dist/packages/bunshot-auth/src/routes/oauth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/oauth.js +1727 -0
package/dist/packages/bunshot-auth/src/routes/oidc.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/oidc.js +84 -0
package/dist/packages/bunshot-auth/src/routes/organizations.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/organizations.js +741 -0
package/dist/packages/bunshot-auth/src/routes/passkey.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/passkey.js +199 -0
package/dist/packages/bunshot-auth/src/routes/saml.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/saml.js +226 -0
package/dist/packages/bunshot-auth/src/routes/scim.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/scim.js +588 -0
package/dist/packages/bunshot-auth/src/runtime.d.ts +52 -0
package/dist/packages/bunshot-auth/src/runtime.js +11 -0
package/dist/{schemas → packages/bunshot-auth/src/schemas}/auth.d.ts +4 -5
package/dist/packages/bunshot-auth/src/schemas/auth.js +24 -0
package/dist/packages/bunshot-auth/src/schemas/error.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/error.js +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.js +10 -0
package/dist/packages/bunshot-auth/src/services/auth.d.ts +39 -0
package/dist/packages/bunshot-auth/src/services/auth.js +378 -0
package/dist/{services → packages/bunshot-auth/src/services}/mfa.d.ts +41 -17
package/dist/{services → packages/bunshot-auth/src/services}/mfa.js +259 -183
package/dist/packages/bunshot-auth/src/testing.d.ts +31 -0
package/dist/packages/bunshot-auth/src/testing.js +23 -0
package/dist/packages/bunshot-auth/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/adapter.js +1 -0
package/dist/packages/bunshot-auth/src/types/config.d.ts +152 -0
package/dist/packages/bunshot-auth/src/types/config.js +179 -0
package/dist/{routes → packages/bunshot-auth/src/types}/groups.d.ts +2 -3
package/dist/packages/bunshot-auth/src/types/groups.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.d.ts +6 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.js +1 -0
package/dist/packages/bunshot-auth/src/types/redis.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/redis.js +1 -0
package/dist/packages/bunshot-auth/src/types/saml.d.ts +10 -0
package/dist/packages/bunshot-auth/src/types/saml.js +1 -0
package/dist/packages/bunshot-auth/src/types/session.d.ts +18 -0
package/dist/packages/bunshot-auth/src/types/session.js +1 -0
package/dist/packages/bunshot-auth/src/types/store.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/store.js +1 -0
package/dist/packages/bunshot-core/src/adminProvider.d.ts +95 -0
package/dist/packages/bunshot-core/src/adminProvider.js +1 -0
package/dist/packages/bunshot-core/src/auditLog.d.ts +34 -0
package/dist/packages/bunshot-core/src/auditLog.js +1 -0
package/dist/packages/bunshot-core/src/auth-adapter.d.ts +227 -0
package/dist/packages/bunshot-core/src/auth-adapter.js +4 -0
package/dist/packages/bunshot-core/src/authVariables.d.ts +14 -0
package/dist/packages/bunshot-core/src/authVariables.js +4 -0
package/dist/packages/bunshot-core/src/cache.d.ts +12 -0
package/dist/packages/bunshot-core/src/cache.js +21 -0
package/dist/packages/bunshot-core/src/captcha.d.ts +16 -0
package/dist/packages/bunshot-core/src/captcha.js +1 -0
package/dist/packages/bunshot-core/src/clearRegistry.d.ts +6 -0
package/dist/packages/bunshot-core/src/clearRegistry.js +17 -0
package/dist/packages/bunshot-core/src/clientIp.d.ts +3 -0
package/dist/packages/bunshot-core/src/clientIp.js +45 -0
package/dist/packages/bunshot-core/src/configLock.d.ts +4 -0
package/dist/packages/bunshot-core/src/configLock.js +7 -0
package/dist/packages/bunshot-core/src/configValidation.d.ts +22 -0
package/dist/packages/bunshot-core/src/configValidation.js +39 -0
package/dist/packages/bunshot-core/src/constants.js +10 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.d.ts +232 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.js +1 -0
package/dist/packages/bunshot-core/src/context/contextAccess.d.ts +3 -0
package/dist/packages/bunshot-core/src/context/contextAccess.js +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.d.ts +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.js +31 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.d.ts +38 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.js +1 -0
package/dist/packages/bunshot-core/src/context/index.d.ts +4 -0
package/dist/packages/bunshot-core/src/context/index.js +2 -0
package/dist/packages/bunshot-core/src/context.d.ts +40 -0
package/dist/packages/bunshot-core/src/context.js +35 -0
package/dist/packages/bunshot-core/src/coreContracts.d.ts +47 -0
package/dist/packages/bunshot-core/src/coreContracts.js +1 -0
package/dist/packages/bunshot-core/src/coreRegistrar.d.ts +6 -0
package/dist/packages/bunshot-core/src/coreRegistrar.js +42 -0
package/dist/{lib → packages/bunshot-core/src}/createRoute.d.ts +4 -30
package/dist/{lib → packages/bunshot-core/src}/createRoute.js +39 -88
package/dist/packages/bunshot-core/src/cronRegistry.d.ts +11 -0
package/dist/packages/bunshot-core/src/cronRegistry.js +1 -0
package/dist/packages/bunshot-core/src/crypto.d.ts +43 -0
package/dist/packages/bunshot-core/src/crypto.js +74 -0
package/dist/packages/bunshot-core/src/csrf.d.ts +8 -0
package/dist/packages/bunshot-core/src/csrf.js +1 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.d.ts +7 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.js +19 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.js +40 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.js +24 -0
package/dist/packages/bunshot-core/src/emailTemplates.d.ts +5 -0
package/dist/packages/bunshot-core/src/emailTemplates.js +10 -0
package/dist/packages/bunshot-core/src/errors.d.ts +13 -0
package/dist/packages/bunshot-core/src/errors.js +22 -0
package/dist/packages/bunshot-core/src/eventBus.d.ts +270 -0
package/dist/packages/bunshot-core/src/eventBus.js +143 -0
package/dist/packages/bunshot-core/src/idempotency.d.ts +18 -0
package/dist/packages/bunshot-core/src/idempotency.js +1 -0
package/dist/packages/bunshot-core/src/index.d.ts +60 -0
package/dist/packages/bunshot-core/src/index.js +34 -0
package/dist/packages/bunshot-core/src/mail.d.ts +14 -0
package/dist/packages/bunshot-core/src/mail.js +8 -0
package/dist/packages/bunshot-core/src/memoryEviction.d.ts +24 -0
package/dist/packages/bunshot-core/src/memoryEviction.js +52 -0
package/dist/packages/bunshot-core/src/pagination.d.ts +45 -0
package/dist/packages/bunshot-core/src/pagination.js +61 -0
package/dist/packages/bunshot-core/src/permissions.d.ts +64 -0
package/dist/packages/bunshot-core/src/permissions.js +27 -0
package/dist/packages/bunshot-core/src/plugin.d.ts +44 -0
package/dist/packages/bunshot-core/src/plugin.js +1 -0
package/dist/packages/bunshot-core/src/rateLimit.d.ts +5 -0
package/dist/packages/bunshot-core/src/rateLimit.js +18 -0
package/dist/packages/bunshot-core/src/redis.d.ts +21 -0
package/dist/packages/bunshot-core/src/redis.js +1 -0
package/dist/packages/bunshot-core/src/routeAuth.d.ts +5 -0
package/dist/packages/bunshot-core/src/routeAuth.js +11 -0
package/dist/packages/bunshot-core/src/routeOverrides.d.ts +24 -0
package/dist/packages/bunshot-core/src/routeOverrides.js +25 -0
package/dist/packages/bunshot-core/src/routerAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/routerAdapter.js +56 -0
package/dist/packages/bunshot-core/src/secrets.d.ts +48 -0
package/dist/packages/bunshot-core/src/secrets.js +8 -0
package/dist/packages/bunshot-core/src/signing.d.ts +41 -0
package/dist/packages/bunshot-core/src/signing.js +1 -0
package/dist/packages/bunshot-core/src/sse.d.ts +36 -0
package/dist/packages/bunshot-core/src/sse.js +1 -0
package/dist/packages/bunshot-core/src/storageAdapter.js +1 -0
package/dist/packages/bunshot-core/src/storeInfra.d.ts +44 -0
package/dist/packages/bunshot-core/src/storeInfra.js +18 -0
package/dist/packages/bunshot-core/src/storeType.d.ts +7 -0
package/dist/packages/bunshot-core/src/storeType.js +1 -0
package/dist/packages/bunshot-core/src/testing.d.ts +1 -0
package/dist/packages/bunshot-core/src/testing.js +1 -0
package/dist/packages/bunshot-core/src/uploadRegistry.d.ts +23 -0
package/dist/packages/bunshot-core/src/uploadRegistry.js +4 -0
package/dist/packages/bunshot-core/src/userResolver.d.ts +5 -0
package/dist/packages/bunshot-core/src/userResolver.js +14 -0
package/dist/packages/bunshot-core/src/wsMessages.d.ts +42 -0
package/dist/packages/bunshot-core/src/wsMessages.js +4 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.js +73 -0
package/dist/packages/bunshot-permissions/src/index.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/index.js +5 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.js +12 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.js +165 -0
package/dist/packages/bunshot-permissions/src/lib/registry.d.ts +2 -0
package/dist/packages/bunshot-permissions/src/lib/registry.js +31 -0
package/dist/packages/bunshot-permissions/src/lib/validation.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/lib/validation.js +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.js +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.js +1 -0
package/dist/packages/bunshot-permissions/src/types/models.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/models.js +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.js +1 -0
package/dist/packages/bunshot-postgres/src/adapter.d.ts +6 -0
package/dist/packages/bunshot-postgres/src/adapter.js +794 -0
package/dist/packages/bunshot-postgres/src/connection.d.ts +15 -0
package/dist/packages/bunshot-postgres/src/connection.js +16 -0
package/dist/packages/bunshot-postgres/src/index.d.ts +4 -0
package/dist/packages/bunshot-postgres/src/index.js +2 -0
package/dist/packages/bunshot-postgres/src/schema.d.ts +997 -0
package/dist/packages/bunshot-postgres/src/schema.js +105 -0
package/dist/src/app.d.ts +230 -0
package/dist/src/app.js +182 -0
package/dist/src/cli/commands/init.d.ts +10 -0
package/dist/src/cli/commands/init.js +709 -0
package/dist/src/cli/index.d.ts +1 -0
package/dist/src/cli/index.js +3 -0
package/dist/src/entrypoints/mongo.d.ts +6 -0
package/dist/src/entrypoints/mongo.js +4 -0
package/dist/src/entrypoints/queue.d.ts +2 -0
package/dist/src/entrypoints/queue.js +1 -0
package/dist/src/entrypoints/redis.d.ts +1 -0
package/dist/src/entrypoints/redis.js +1 -0
package/dist/{adapters → src/framework/adapters}/localStorage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/localStorage.js +23 -8
package/dist/src/framework/adapters/memoryStorage.d.ts +2 -0
package/dist/src/framework/adapters/memoryStorage.js +45 -0
package/dist/{adapters → src/framework/adapters}/s3Storage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/s3Storage.js +12 -12
package/dist/src/framework/admin/bunshotAccess.d.ts +2 -0
package/dist/src/framework/admin/bunshotAccess.js +23 -0
package/dist/src/framework/admin/bunshotUsers.d.ts +2 -0
package/dist/src/framework/admin/bunshotUsers.js +103 -0
package/dist/src/framework/admin/index.d.ts +7 -0
package/dist/src/framework/admin/index.js +21 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.d.ts +13 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.js +86 -0
package/dist/src/framework/boundaryAdapters/index.d.ts +2 -0
package/dist/src/framework/boundaryAdapters/index.js +1 -0
package/dist/src/framework/boundaryAdapters.d.ts +17 -0
package/dist/src/framework/boundaryAdapters.js +62 -0
package/dist/src/framework/buildContext.d.ts +33 -0
package/dist/src/framework/buildContext.js +119 -0
package/dist/src/framework/config/schema.d.ts +447 -0
package/dist/src/framework/config/schema.js +528 -0
package/dist/src/framework/createInfrastructure.d.ts +76 -0
package/dist/src/framework/createInfrastructure.js +221 -0
package/dist/src/framework/lib/auditLog.d.ts +23 -0
package/dist/src/framework/lib/auditLog.js +416 -0
package/dist/src/framework/lib/captcha.d.ts +11 -0
package/dist/src/framework/lib/captcha.js +40 -0
package/dist/{lib → src/framework/lib}/createDtoMapper.js +4 -4
package/dist/src/framework/lib/createRoute.d.ts +1 -0
package/dist/src/framework/lib/createRoute.js +2 -0
package/dist/{lib → src/framework/lib}/idempotency.d.ts +2 -6
package/dist/src/framework/lib/idempotency.js +74 -0
package/dist/src/framework/lib/logger.d.ts +3 -0
package/dist/src/framework/lib/logger.js +14 -0
package/dist/src/framework/lib/metrics.d.ts +34 -0
package/dist/{lib → src/framework/lib}/metrics.js +49 -57
package/dist/src/framework/lib/pagination.d.ts +42 -0
package/dist/src/framework/lib/pagination.js +51 -0
package/dist/src/framework/lib/redisTransport.d.ts +38 -0
package/dist/src/framework/lib/redisTransport.js +107 -0
package/dist/src/framework/lib/resolveUserId.d.ts +2 -0
package/dist/src/framework/lib/resolveUserId.js +5 -0
package/dist/src/framework/lib/sseCollision.d.ts +6 -0
package/dist/src/framework/lib/sseCollision.js +26 -0
package/dist/src/framework/lib/storageAdapter.d.ts +1 -0
package/dist/src/framework/lib/storageAdapter.js +1 -0
package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.js +4 -4
package/dist/src/framework/lib/tenant.d.ts +21 -0
package/dist/src/framework/lib/tenant.js +70 -0
package/dist/{lib → src/framework/lib}/upload.d.ts +14 -9
package/dist/src/framework/lib/upload.js +132 -0
package/dist/src/framework/lib/uploadRegistry.d.ts +23 -0
package/dist/src/framework/lib/uploadRegistry.js +34 -0
package/dist/{lib → src/framework/lib}/validate.d.ts +1 -1
package/dist/{lib → src/framework/lib}/validate.js +2 -2
package/dist/src/framework/lib/ws.d.ts +19 -0
package/dist/src/framework/lib/ws.js +130 -0
package/dist/src/framework/lib/wsHeartbeat.d.ts +12 -0
package/dist/src/framework/lib/wsHeartbeat.js +53 -0
package/dist/src/framework/lib/wsMessages.d.ts +25 -0
package/dist/src/framework/lib/wsMessages.js +45 -0
package/dist/src/framework/lib/wsNamespace.d.ts +17 -0
package/dist/src/framework/lib/wsNamespace.js +19 -0
package/dist/src/framework/lib/wsPresence.d.ts +17 -0
package/dist/src/framework/lib/wsPresence.js +84 -0
package/dist/src/framework/lib/wsTransport.d.ts +38 -0
package/dist/src/framework/lib/wsTransport.js +9 -0
package/dist/{lib → src/framework/lib}/zodToMongoose.d.ts +1 -1
package/dist/{lib → src/framework/lib}/zodToMongoose.js +11 -11
package/dist/{middleware → src/framework/middleware}/auditLog.d.ts +4 -3
package/dist/src/framework/middleware/auditLog.js +42 -0
package/dist/{middleware → src/framework/middleware}/botProtection.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/botProtection.js +8 -9
package/dist/src/framework/middleware/cacheResponse.d.ts +35 -0
package/dist/src/framework/middleware/cacheResponse.js +126 -0
package/dist/src/framework/middleware/captcha.d.ts +9 -0
package/dist/src/framework/middleware/captcha.js +37 -0
package/dist/{middleware → src/framework/middleware}/errorHandler.d.ts +1 -1
package/dist/src/framework/middleware/errorHandler.js +16 -0
package/dist/src/framework/middleware/index.js +1 -0
package/dist/{middleware → src/framework/middleware}/logger.d.ts +1 -1
package/dist/src/framework/middleware/metrics.d.ts +12 -0
package/dist/src/framework/middleware/metrics.js +26 -0
package/dist/{middleware → src/framework/middleware}/rateLimit.d.ts +2 -2
package/dist/src/framework/middleware/rateLimit.js +22 -0
package/dist/src/framework/middleware/requestId.d.ts +3 -0
package/dist/{middleware → src/framework/middleware}/requestId.js +2 -2
package/dist/{middleware → src/framework/middleware}/requestLogger.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/requestLogger.js +17 -12
package/dist/{middleware → src/framework/middleware}/requestSigning.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/requestSigning.js +18 -19
package/dist/src/framework/middleware/tenant.d.ts +14 -0
package/dist/{middleware → src/framework/middleware}/tenant.js +31 -27
package/dist/src/framework/middleware/upload.d.ts +5 -0
package/dist/{middleware → src/framework/middleware}/upload.js +4 -4
package/dist/{middleware → src/framework/middleware}/webhookAuth.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/webhookAuth.js +11 -11
package/dist/src/framework/models/AuditLog.d.ts +21 -0
package/dist/src/framework/models/AuditLog.js +31 -0
package/dist/src/framework/mountMiddleware.d.ts +91 -0
package/dist/src/framework/mountMiddleware.js +128 -0
package/dist/src/framework/mountOptionalEndpoints.d.ts +103 -0
package/dist/src/framework/mountOptionalEndpoints.js +47 -0
package/dist/src/framework/mountRoutes.d.ts +21 -0
package/dist/src/framework/mountRoutes.js +144 -0
package/dist/src/framework/persistence/cronRegistry.d.ts +28 -0
package/dist/src/framework/persistence/cronRegistry.js +139 -0
package/dist/src/framework/persistence/idempotency.d.ts +26 -0
package/dist/src/framework/persistence/idempotency.js +178 -0
package/dist/src/framework/persistence/index.d.ts +6 -0
package/dist/src/framework/persistence/index.js +8 -0
package/dist/src/framework/persistence/storeInfra.d.ts +9 -0
package/dist/src/framework/persistence/storeInfra.js +1 -0
package/dist/src/framework/persistence/uploadRegistry.d.ts +35 -0
package/dist/src/framework/persistence/uploadRegistry.js +235 -0
package/dist/src/framework/persistence/wsMessages.d.ts +22 -0
package/dist/src/framework/persistence/wsMessages.js +296 -0
package/dist/src/framework/preloadSchemas.d.ts +24 -0
package/dist/src/framework/preloadSchemas.js +42 -0
package/dist/src/framework/registerBoundaryAdapters.d.ts +23 -0
package/dist/src/framework/registerBoundaryAdapters.js +46 -0
package/dist/src/framework/routes/admin.d.ts +9 -0
package/dist/src/framework/routes/admin.js +361 -0
package/dist/src/framework/routes/health.d.ts +1 -0
package/dist/src/framework/routes/health.js +21 -0
package/dist/src/framework/routes/home.d.ts +1 -0
package/dist/src/framework/routes/home.js +18 -0
package/dist/src/framework/routes/jobs.d.ts +3 -0
package/dist/src/framework/routes/jobs.js +315 -0
package/dist/src/framework/routes/metrics.d.ts +10 -0
package/dist/src/framework/routes/metrics.js +57 -0
package/dist/src/framework/routes/uploads.d.ts +14 -0
package/dist/src/framework/routes/uploads.js +262 -0
package/dist/src/framework/runPluginLifecycle.d.ts +27 -0
package/dist/src/framework/runPluginLifecycle.js +121 -0
package/dist/src/framework/secrets/frameworkSecretSchema.d.ts +58 -0
package/dist/src/framework/secrets/frameworkSecretSchema.js +20 -0
package/dist/src/framework/secrets/index.d.ts +9 -0
package/dist/src/framework/secrets/index.js +7 -0
package/dist/src/framework/secrets/providers/envProvider.d.ts +15 -0
package/dist/src/framework/secrets/providers/envProvider.js +18 -0
package/dist/src/framework/secrets/providers/fileProvider.d.ts +8 -0
package/dist/src/framework/secrets/providers/fileProvider.js +82 -0
package/dist/src/framework/secrets/providers/ssmProvider.d.ts +20 -0
package/dist/src/framework/secrets/providers/ssmProvider.js +127 -0
package/dist/src/framework/secrets/resolveSecretBundle.d.ts +53 -0
package/dist/src/framework/secrets/resolveSecretBundle.js +84 -0
package/dist/src/framework/secrets/resolveSecrets.d.ts +18 -0
package/dist/src/framework/secrets/resolveSecrets.js +34 -0
package/dist/src/framework/sse/index.d.ts +21 -0
package/dist/src/framework/sse/index.js +109 -0
package/dist/src/framework/ws/index.d.ts +11 -0
package/dist/src/framework/ws/index.js +8 -0
package/dist/src/index.d.ts +87 -0
package/dist/src/index.js +58 -0
package/dist/src/lib/appConfig.d.ts +7 -0
package/dist/src/lib/appConfig.js +27 -0
package/dist/src/lib/appMeta.d.ts +7 -0
package/dist/src/lib/appMeta.js +3 -0
package/dist/src/lib/authConfig.d.ts +532 -0
package/dist/src/lib/authConfig.js +179 -0
package/dist/{lib → src/lib}/context.d.ts +6 -7
package/dist/{lib → src/lib}/context.js +5 -5
package/dist/src/lib/logger.d.ts +1 -0
package/dist/src/lib/logger.js +1 -0
package/dist/src/lib/mongo.d.ts +58 -0
package/dist/src/lib/mongo.js +96 -0
package/dist/src/lib/queue.d.ts +72 -0
package/dist/src/lib/queue.js +152 -0
package/dist/src/lib/redis.d.ts +28 -0
package/dist/src/lib/redis.js +72 -0
package/dist/{lib → src/lib}/signing.d.ts +2 -2
package/dist/src/lib/signing.js +210 -0
package/dist/src/lib/signingConfig.d.ts +40 -0
package/dist/src/lib/signingConfig.js +28 -0
package/dist/src/server.d.ts +146 -0
package/dist/src/server.js +469 -0
package/dist/src/shared/lib/HttpError.d.ts +1 -0
package/dist/src/shared/lib/HttpError.js +2 -0
package/dist/src/shared/lib/constants.d.ts +10 -0
package/dist/src/shared/lib/crypto.d.ts +43 -0
package/dist/src/shared/lib/crypto.js +74 -0
package/dist/src/shared/lib/signing.d.ts +52 -0
package/dist/{lib → src/shared/lib}/signing.js +40 -10
package/dist/src/testing.d.ts +34 -0
package/dist/src/testing.js +93 -0
package/package.json +62 -25
package/dist/adapters/memoryAuth.d.ts +0 -46
package/dist/adapters/memoryAuth.js +0 -634
package/dist/adapters/memoryStorage.d.ts +0 -3
package/dist/adapters/memoryStorage.js +0 -44
package/dist/adapters/mongoAuth.d.ts +0 -2
package/dist/adapters/mongoAuth.js +0 -307
package/dist/adapters/sqliteAuth.d.ts +0 -49
package/dist/adapters/sqliteAuth.js +0 -707
package/dist/app.d.ts +0 -456
package/dist/app.js +0 -548
package/dist/entrypoints/mongo.d.ts +0 -5
package/dist/entrypoints/mongo.js +0 -4
package/dist/entrypoints/queue.d.ts +0 -2
package/dist/entrypoints/queue.js +0 -1
package/dist/entrypoints/redis.d.ts +0 -1
package/dist/entrypoints/redis.js +0 -1
package/dist/index.d.ts +0 -98
package/dist/index.js +0 -77
package/dist/lib/HttpError.d.ts +0 -9
package/dist/lib/HttpError.js +0 -14
package/dist/lib/appConfig.d.ts +0 -162
package/dist/lib/appConfig.js +0 -83
package/dist/lib/auditLog.d.ts +0 -52
package/dist/lib/auditLog.js +0 -201
package/dist/lib/authAdapter.d.ts +0 -176
package/dist/lib/authAdapter.js +0 -7
package/dist/lib/authRateLimit.d.ts +0 -13
package/dist/lib/authRateLimit.js +0 -81
package/dist/lib/clientIp.d.ts +0 -14
package/dist/lib/crypto.d.ts +0 -11
package/dist/lib/crypto.js +0 -22
package/dist/lib/deletionCancelToken.d.ts +0 -12
package/dist/lib/deletionCancelToken.js +0 -88
package/dist/lib/emailVerification.d.ts +0 -13
package/dist/lib/emailVerification.js +0 -86
package/dist/lib/fingerprint.js +0 -36
package/dist/lib/idempotency.js +0 -182
package/dist/lib/jwt.d.ts +0 -2
package/dist/lib/jwt.js +0 -24
package/dist/lib/logger.d.ts +0 -1
package/dist/lib/logger.js +0 -7
package/dist/lib/metrics.d.ts +0 -14
package/dist/lib/mfaChallenge.d.ts +0 -42
package/dist/lib/mfaChallenge.js +0 -293
package/dist/lib/mongo.d.ts +0 -39
package/dist/lib/mongo.js +0 -124
package/dist/lib/oauth.d.ts +0 -40
package/dist/lib/oauth.js +0 -101
package/dist/lib/oauthCode.d.ts +0 -15
package/dist/lib/oauthCode.js +0 -90
package/dist/lib/pagination.d.ts +0 -119
package/dist/lib/pagination.js +0 -166
package/dist/lib/queue.d.ts +0 -37
package/dist/lib/queue.js +0 -117
package/dist/lib/redis.d.ts +0 -9
package/dist/lib/redis.js +0 -61
package/dist/lib/resetPassword.d.ts +0 -12
package/dist/lib/resetPassword.js +0 -91
package/dist/lib/roles.d.ts +0 -7
package/dist/lib/roles.js +0 -49
package/dist/lib/session.d.ts +0 -39
package/dist/lib/session.js +0 -535
package/dist/lib/tenant.d.ts +0 -15
package/dist/lib/tenant.js +0 -65
package/dist/lib/upload.js +0 -87
package/dist/lib/ws.d.ts +0 -22
package/dist/lib/ws.js +0 -89
package/dist/lib/wsHeartbeat.d.ts +0 -12
package/dist/lib/wsHeartbeat.js +0 -57
package/dist/lib/wsMessages.d.ts +0 -40
package/dist/lib/wsMessages.js +0 -330
package/dist/lib/wsPresence.d.ts +0 -25
package/dist/lib/wsPresence.js +0 -99
package/dist/middleware/auditLog.js +0 -39
package/dist/middleware/bearerAuth.d.ts +0 -2
package/dist/middleware/bearerAuth.js +0 -11
package/dist/middleware/cacheResponse.d.ts +0 -15
package/dist/middleware/cacheResponse.js +0 -178
package/dist/middleware/csrf.js +0 -125
package/dist/middleware/errorHandler.js +0 -13
package/dist/middleware/identify.d.ts +0 -3
package/dist/middleware/identify.js +0 -95
package/dist/middleware/index.js +0 -1
package/dist/middleware/metrics.d.ts +0 -9
package/dist/middleware/metrics.js +0 -26
package/dist/middleware/rateLimit.js +0 -22
package/dist/middleware/requestId.d.ts +0 -3
package/dist/middleware/tenant.d.ts +0 -5
package/dist/middleware/upload.d.ts +0 -5
package/dist/middleware/userAuth.d.ts +0 -3
package/dist/middleware/userAuth.js +0 -6
package/dist/models/AuditLog.d.ts +0 -30
package/dist/models/AuditLog.js +0 -39
package/dist/models/AuthUser.js +0 -48
package/dist/models/Group.d.ts +0 -21
package/dist/models/Group.js +0 -28
package/dist/models/GroupMembership.js +0 -25
package/dist/models/TenantRole.d.ts +0 -15
package/dist/models/TenantRole.js +0 -23
package/dist/routes/auth.d.ts +0 -11
package/dist/routes/auth.js +0 -605
package/dist/routes/groups.js +0 -346
package/dist/routes/health.d.ts +0 -1
package/dist/routes/health.js +0 -22
package/dist/routes/home.d.ts +0 -1
package/dist/routes/home.js +0 -16
package/dist/routes/jobs.d.ts +0 -2
package/dist/routes/jobs.js +0 -272
package/dist/routes/metrics.d.ts +0 -7
package/dist/routes/metrics.js +0 -52
package/dist/routes/mfa.d.ts +0 -5
package/dist/routes/mfa.js +0 -620
package/dist/routes/oauth.d.ts +0 -2
package/dist/routes/oauth.js +0 -514
package/dist/routes/uploads.d.ts +0 -2
package/dist/routes/uploads.js +0 -135
package/dist/schemas/auth.js +0 -30
package/dist/server.d.ts +0 -57
package/dist/server.js +0 -112
package/dist/services/auth.d.ts +0 -27
package/dist/services/auth.js +0 -159
package/dist/ws/index.d.ts +0 -10
package/dist/ws/index.js +0 -38
package/docs/sections/adding-middleware/full.md +0 -35
package/docs/sections/adding-models/full.md +0 -125
package/docs/sections/adding-models/overview.md +0 -13
package/docs/sections/adding-routes/full.md +0 -182
package/docs/sections/adding-routes/overview.md +0 -23
package/docs/sections/auth-flow/full.md +0 -779
package/docs/sections/auth-flow/overview.md +0 -10
package/docs/sections/auth-security-examples/full.md +0 -365
package/docs/sections/authentication/full.md +0 -130
package/docs/sections/authentication/overview.md +0 -5
package/docs/sections/cli/full.md +0 -42
package/docs/sections/configuration/full.md +0 -172
package/docs/sections/configuration/overview.md +0 -18
package/docs/sections/configuration-example/full.md +0 -117
package/docs/sections/configuration-example/overview.md +0 -30
package/docs/sections/documentation/full.md +0 -171
package/docs/sections/environment-variables/full.md +0 -55
package/docs/sections/exports/full.md +0 -123
package/docs/sections/extending-context/full.md +0 -59
package/docs/sections/header.md +0 -3
package/docs/sections/installation/full.md +0 -6
package/docs/sections/jobs/full.md +0 -140
package/docs/sections/jobs/overview.md +0 -15
package/docs/sections/logging/full.md +0 -83
package/docs/sections/metrics/full.md +0 -127
package/docs/sections/mongodb-connections/full.md +0 -45
package/docs/sections/mongodb-connections/overview.md +0 -7
package/docs/sections/multi-tenancy/full.md +0 -66
package/docs/sections/multi-tenancy/overview.md +0 -15
package/docs/sections/oauth/full.md +0 -189
package/docs/sections/oauth/overview.md +0 -16
package/docs/sections/package-development/full.md +0 -7
package/docs/sections/pagination/full.md +0 -93
package/docs/sections/peer-dependencies/full.md +0 -47
package/docs/sections/quick-start/full.md +0 -43
package/docs/sections/response-caching/full.md +0 -117
package/docs/sections/response-caching/overview.md +0 -13
package/docs/sections/roles/full.md +0 -225
package/docs/sections/roles/overview.md +0 -14
package/docs/sections/running-without-redis/full.md +0 -16
package/docs/sections/running-without-redis-or-mongodb/full.md +0 -60
package/docs/sections/signing/full.md +0 -203
package/docs/sections/stack/full.md +0 -10
package/docs/sections/uploads/full.md +0 -199
package/docs/sections/versioning/full.md +0 -85
package/docs/sections/webhook-auth/full.md +0 -100
package/docs/sections/websocket/full.md +0 -184
package/docs/sections/websocket/overview.md +0 -5
package/docs/sections/websocket-rooms/full.md +0 -102
package/docs/sections/websocket-rooms/overview.md +0 -5
/package/dist/{lib/storageAdapter.js → packages/bunshot-admin/src/types/env.js} +0 -0
/package/dist/{lib → packages/bunshot-auth/src/lib}/fingerprint.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/constants.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/storageAdapter.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/createDtoMapper.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.js +0 -0
/package/dist/{middleware → src/framework/middleware}/index.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/logger.js +0 -0
/package/dist/{lib → src/shared/lib}/constants.js +0 -0

package/dist/lib/wsPresence.js DELETED Viewed

@@ -1,99 +0,0 @@
-// ---------------------------------------------------------------------------
-// State (in-memory only)
-// ---------------------------------------------------------------------------
-/** socketId → userId (authenticated sockets only) */
-const _socketUsers = new Map();
-/** room → userId → Set<socketId> (multi-tab aware) */
-const _roomPresence = new Map();
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-/** Track an authenticated socket. Skips if userId is null/undefined. */
-export const trackSocket = (socketId, userId) => {
-    if (!userId)
-        return;
-    _socketUsers.set(socketId, userId);
-};
-/** Untrack a socket on disconnect. */
-export const untrackSocket = (socketId) => {
-    _socketUsers.delete(socketId);
-};
-/** Called when a socket subscribes to a room. Returns join info or null if unauthenticated. */
-export const addPresence = (socketId, room) => {
-    const userId = _socketUsers.get(socketId);
-    if (!userId)
-        return null;
-    if (!_roomPresence.has(room))
-        _roomPresence.set(room, new Map());
-    const roomMap = _roomPresence.get(room);
-    const isNewUser = !roomMap.has(userId) || roomMap.get(userId).size === 0;
-    if (!roomMap.has(userId))
-        roomMap.set(userId, new Set());
-    roomMap.get(userId).add(socketId);
-    return { userId, isNewUser };
-};
-/** Called when a socket unsubscribes from a room. Returns leave info or null if unauthenticated. */
-export const removePresence = (socketId, room) => {
-    const userId = _socketUsers.get(socketId);
-    if (!userId)
-        return null;
-    const roomMap = _roomPresence.get(room);
-    if (!roomMap)
-        return null;
-    const sockets = roomMap.get(userId);
-    if (!sockets)
-        return null;
-    sockets.delete(socketId);
-    const isLastSocket = sockets.size === 0;
-    if (isLastSocket) {
-        roomMap.delete(userId);
-        if (roomMap.size === 0)
-            _roomPresence.delete(room);
-    }
-    return { userId, isLastSocket };
-};
-/** Called on disconnect — cleans up all rooms for a socket. Returns rooms where user fully departed. */
-export const cleanupPresence = (socketId, rooms) => {
-    const userId = _socketUsers.get(socketId);
-    if (!userId)
-        return [];
-    const departed = [];
-    for (const room of rooms) {
-        const roomMap = _roomPresence.get(room);
-        if (!roomMap)
-            continue;
-        const sockets = roomMap.get(userId);
-        if (!sockets)
-            continue;
-        sockets.delete(socketId);
-        if (sockets.size === 0) {
-            roomMap.delete(userId);
-            if (roomMap.size === 0)
-                _roomPresence.delete(room);
-            departed.push({ room, userId });
-        }
-    }
-    return departed;
-};
-/** Deduplicated userIds present in a room. */
-export const getRoomPresence = (room) => {
-    const roomMap = _roomPresence.get(room);
-    if (!roomMap)
-        return [];
-    return [...roomMap.keys()];
-};
-/** Rooms where a user is present. */
-export const getUserPresence = (userId) => {
-    const rooms = [];
-    for (const [room, roomMap] of _roomPresence) {
-        const sockets = roomMap.get(userId);
-        if (sockets && sockets.size > 0)
-            rooms.push(room);
-    }
-    return rooms;
-};
-/** Reset all presence state. Useful for test isolation. */
-export const clearPresenceStore = () => {
-    _socketUsers.clear();
-    _roomPresence.clear();
-};

package/dist/middleware/auditLog.js DELETED Viewed

@@ -1,39 +0,0 @@
-import { getClientIp } from "../lib/clientIp";
-import { logAuditEntry } from "../lib/auditLog";
-export const auditLog = (options) => async (c, next) => {
-    await next();
-    // Exclusion checks run after next() intentionally — c.res.status is only available
-    // after the route handler runs. The route still executes; we're only skipping the log write.
-    if (options.exclude?.methods?.includes(c.req.method))
-        return;
-    // Note: if exclude.paths grows large, regex evaluation on every request adds up.
-    // For high-traffic exclusions, prefer string matching over regex.
-    const path = c.req.path;
-    if (options.exclude?.paths?.some(p => typeof p === "string" ? p === path : p.test(path)))
-        return;
-    let entry = {
-        id: crypto.randomUUID(),
-        requestId: c.get("requestId") ?? undefined,
-        userId: c.get("authUserId") ?? null,
-        sessionId: c.get("sessionId") ?? null,
-        tenantId: c.get("tenantId") ?? null,
-        method: c.req.method,
-        path,
-        status: c.res.status,
-        ip: getClientIp(c),
-        userAgent: c.req.header("user-agent") ?? null,
-        createdAt: new Date().toISOString(),
-    };
-    if (options.onEntry) {
-        try {
-            entry = await options.onEntry(entry, c);
-        }
-        catch (err) {
-            console.error("[auditLog] onEntry hook threw:", err);
-        }
-    }
-    // Fire-and-forget — never block the response; logAuditEntry also swallows errors internally
-    logAuditEntry(entry, options).catch(err => {
-        console.error("[auditLog] write failed:", err);
-    });
-};

package/dist/middleware/bearerAuth.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import type { MiddlewareHandler } from "hono";
2	- export declare const bearerAuth: MiddlewareHandler;

package/dist/middleware/bearerAuth.js DELETED Viewed

@@ -1,11 +0,0 @@
-import { timingSafeEqual } from "../lib/crypto";
-export const bearerAuth = async (c, next) => {
-    const isProd = process.env.NODE_ENV === "production";
-    const validToken = isProd ? process.env.BEARER_TOKEN_PROD : process.env.BEARER_TOKEN_DEV;
-    const header = c.req.header("Authorization");
-    const token = header?.startsWith("Bearer ") ? header.slice(7) : null;
-    if (!token || !validToken || !timingSafeEqual(token, validToken)) {
-        return c.json({ error: "Unauthorized" }, 401);
-    }
-    await next();
-};

package/dist/middleware/cacheResponse.d.ts DELETED Viewed

@@ -1,15 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare function getCacheModel(): import("mongoose").Model<any, {}, {}, {}, any, any, any>;
-type CacheStore = "redis" | "mongo" | "sqlite" | "memory";
-export declare const setCacheStore: (store: CacheStore) => void;
-export declare const bustCache: (key: string) => Promise<void>;
-export declare const bustCachePattern: (pattern: string) => Promise<void>;
-type KeyFn = (c: Parameters<MiddlewareHandler<any>>[0]) => string;
-interface CacheOptions {
-    ttl?: number;
-    key: string | KeyFn;
-    store?: CacheStore;
-}
-export declare const cacheResponse: ({ ttl, key, store }: CacheOptions) => MiddlewareHandler<AppEnv>;
-export {};

package/dist/middleware/cacheResponse.js DELETED Viewed

@@ -1,178 +0,0 @@
-import { getRedis } from "../lib/redis";
-import { getAppName } from "../lib/appConfig";
-import { appConnection, mongoose } from "../lib/mongo";
-import { isSqliteReady, sqliteGetCache, sqliteSetCache, sqliteDelCache, sqliteDelCachePattern } from "../adapters/sqliteAuth";
-import { memoryGetCache, memorySetCache, memoryDelCache, memoryDelCachePattern } from "../adapters/memoryAuth";
-export function getCacheModel() {
-    if (appConnection.models["CacheEntry"])
-        return appConnection.models["CacheEntry"];
-    const { Schema } = mongoose;
-    const cacheSchema = new Schema({
-        key: { type: String, required: true, unique: true },
-        value: { type: String, required: true },
-        expiresAt: { type: Date, index: { expireAfterSeconds: 0 } },
-    }, { collection: "cache_entries" });
-    return appConnection.model("CacheEntry", cacheSchema);
-}
-function isMongoReady() {
-    return appConnection.readyState === 1;
-}
-function isRedisReady() {
-    try {
-        getRedis();
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-let _defaultCacheStore = "redis";
-export const setCacheStore = (store) => { _defaultCacheStore = store; };
-async function storeGet(store, cacheKey) {
-    if (store === "memory")
-        return memoryGetCache(cacheKey);
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            throw new Error(`cacheResponse: store is "sqlite" but SQLite is not initialized. Call setSqliteDb(path) or pass sqliteDb to createServer.`);
-        return sqliteGetCache(cacheKey);
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            throw new Error(`cacheResponse: store is "mongo" but appConnection is not connected. Ensure connectMongo() or connectAppMongo() is called before handling requests.`);
-        const doc = await getCacheModel().findOne({ key: cacheKey }, "value").lean();
-        return doc ? doc.value : null;
-    }
-    return getRedis().get(cacheKey);
-}
-async function storeSet(store, cacheKey, value, ttl) {
-    if (store === "memory") {
-        memorySetCache(cacheKey, value, ttl);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            throw new Error(`cacheResponse: store is "sqlite" but SQLite is not initialized. Call setSqliteDb(path) or pass sqliteDb to createServer.`);
-        sqliteSetCache(cacheKey, value, ttl);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            throw new Error(`cacheResponse: store is "mongo" but appConnection is not connected. Ensure connectMongo() or connectAppMongo() is called before handling requests.`);
-        const expiresAt = ttl ? new Date(Date.now() + ttl * 1000) : undefined;
-        await getCacheModel().updateOne({ key: cacheKey }, { $set: { value, ...(expiresAt ? { expiresAt } : {}) } }, { upsert: true });
-        return;
-    }
-    if (ttl) {
-        await getRedis().setex(cacheKey, ttl, value);
-    }
-    else {
-        await getRedis().set(cacheKey, value);
-    }
-}
-async function storeDel(store, cacheKey) {
-    if (store === "memory") {
-        memoryDelCache(cacheKey);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            return;
-        sqliteDelCache(cacheKey);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            return;
-        await getCacheModel().deleteOne({ key: cacheKey });
-        return;
-    }
-    if (!isRedisReady())
-        return;
-    await getRedis().del(cacheKey);
-}
-async function storeDelPattern(store, fullPattern) {
-    if (store === "memory") {
-        memoryDelCachePattern(fullPattern);
-        return;
-    }
-    if (store === "sqlite") {
-        if (!isSqliteReady())
-            return;
-        sqliteDelCachePattern(fullPattern);
-        return;
-    }
-    if (store === "mongo") {
-        if (!isMongoReady())
-            return;
-        // Escape all regex metacharacters in the full pattern (including the cache:{appName}: prefix,
-        // which may itself contain dots or other metacharacters). Then restore * as a glob wildcard.
-        // Order matters: escape first, then replace the now-escaped \* with .* for glob semantics.
-        const escaped = fullPattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
-        const regex = new RegExp("^" + escaped.replace(/\*/g, ".*") + "$");
-        await getCacheModel().deleteMany({ key: regex });
-        return;
-    }
-    if (!isRedisReady())
-        return;
-    const redis = getRedis();
-    let cursor = "0";
-    do {
-        const [next, keys] = await redis.scan(cursor, "MATCH", fullPattern, "COUNT", 100);
-        cursor = next;
-        if (keys.length > 0)
-            await redis.del(...keys);
-    } while (cursor !== "0");
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export const bustCache = async (key) => {
-    const cacheKey = `cache:${getAppName()}:${key}`;
-    await Promise.all([storeDel("redis", cacheKey), storeDel("mongo", cacheKey), storeDel("sqlite", cacheKey), storeDel("memory", cacheKey)]);
-};
-export const bustCachePattern = async (pattern) => {
-    const fullPattern = `cache:${getAppName()}:${pattern}`;
-    await Promise.all([storeDelPattern("redis", fullPattern), storeDelPattern("mongo", fullPattern), storeDelPattern("sqlite", fullPattern), storeDelPattern("memory", fullPattern)]);
-};
-/** Headers that must never be cached — storing these can cause session fixation or auth bypass. */
-const UNCACHEABLE_HEADERS = new Set([
-    "set-cookie",
-    "www-authenticate",
-    "authorization",
-    "x-csrf-token",
-    "proxy-authenticate",
-]);
-export const cacheResponse = ({ ttl, key, store = _defaultCacheStore }) => {
-    return async (c, next) => {
-        const appName = getAppName();
-        const rawKey = typeof key === "function" ? key(c) : key;
-        // Per-tenant namespacing: prevents two tenants caching the same key from colliding
-        const tenantId = c.get("tenantId");
-        const tenantSegment = tenantId ? `${tenantId}:` : "";
-        const cacheKey = `cache:${appName}:${tenantSegment}${rawKey}`;
-        const cached = await storeGet(store, cacheKey);
-        if (cached) {
-            const { status, headers, body } = JSON.parse(cached);
-            return new Response(body, {
-                status,
-                headers: { ...headers, "x-cache": "HIT" },
-            });
-        }
-        await next();
-        const res = c.res;
-        if (res.status >= 200 && res.status < 300) {
-            const body = await res.text();
-            const headers = {};
-            res.headers.forEach((value, name) => {
-                if (!UNCACHEABLE_HEADERS.has(name.toLowerCase())) {
-                    headers[name] = value;
-                }
-            });
-            await storeSet(store, cacheKey, JSON.stringify({ status: res.status, headers, body }), ttl);
-            c.res = new Response(body, {
-                status: res.status,
-                headers: { ...headers, "x-cache": "MISS" },
-            });
-        }
-    };
-};

package/dist/middleware/csrf.js DELETED Viewed

@@ -1,125 +0,0 @@
-import { getCookie, setCookie, deleteCookie } from "hono/cookie";
-import { timingSafeEqual } from "../lib/crypto";
-import { COOKIE_TOKEN, COOKIE_CSRF_TOKEN, HEADER_CSRF_TOKEN } from "../lib/constants";
-import { createHmac, randomBytes } from "crypto";
-const isProd = process.env.NODE_ENV === "production";
-const STATE_CHANGING_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
-function getJwtSecret() {
-    const secret = isProd ? process.env.JWT_SECRET_PROD : process.env.JWT_SECRET_DEV;
-    if (!secret)
-        throw new Error("CSRF middleware requires JWT_SECRET_DEV/JWT_SECRET_PROD to be set");
-    return secret;
-}
-function generateCsrfToken(secret) {
-    const token = randomBytes(32).toString("hex");
-    const sig = createHmac("sha256", secret).update(token).digest("hex");
-    return `${token}.${sig}`;
-}
-function verifyCsrfSignature(cookieValue, secret) {
-    const dotIdx = cookieValue.indexOf(".");
-    if (dotIdx === -1)
-        return false;
-    const token = cookieValue.substring(0, dotIdx);
-    const sig = cookieValue.substring(dotIdx + 1);
-    const expected = createHmac("sha256", secret).update(token).digest("hex");
-    return timingSafeEqual(sig, expected);
-}
-const csrfCookieOptions = {
-    httpOnly: false,
-    secure: isProd,
-    sameSite: "Lax",
-    path: "/",
-    maxAge: 60 * 60 * 24 * 365, // 1 year — tied to browser, not session
-};
-/**
- * Refreshes the CSRF token cookie — call on login/register to prevent
- * session fixation-adjacent attacks.
- */
-export function refreshCsrfToken(c) {
-    const secret = getJwtSecret();
-    const token = generateCsrfToken(secret);
-    setCookie(c, COOKIE_CSRF_TOKEN, token, csrfCookieOptions);
-}
-/**
- * Clears the CSRF token cookie — call on logout.
- */
-export function clearCsrfToken(c) {
-    deleteCookie(c, COOKIE_CSRF_TOKEN, { path: "/" });
-}
-export const csrfProtection = (options = {}) => {
-    const { exemptPaths = [], checkOrigin = true, allowedOrigins } = options;
-    // Normalize allowed origins for origin validation
-    const originSet = new Set();
-    if (allowedOrigins) {
-        const origins = Array.isArray(allowedOrigins) ? allowedOrigins : [allowedOrigins];
-        for (const o of origins) {
-            // "*" is intentionally excluded: validating against a wildcard would accept any origin,
-            // defeating the check. When CORS is open, origin validation is meaningless.
-            if (o !== "*")
-                originSet.add(o.replace(/\/$/, ""));
-        }
-    }
-    if (checkOrigin && originSet.size === 0) {
-        // Warn in all environments — this is a one-time startup message, not per-request noise,
-        // and a misconfigured production deployment should surface it.
-        console.warn("[bunshot] csrfProtection: checkOrigin is enabled but no specific allowed origins are " +
-            "configured (CORS is \"*\" or allowedOrigins is unset). Origin validation is disabled — " +
-            "only the HMAC double-submit cookie check is active. Set security.cors to specific " +
-            "origins to enable origin validation.");
-    }
-    return async (c, next) => {
-        const secret = getJwtSecret();
-        // Set CSRF cookie on every response if not already present
-        const existingCsrf = getCookie(c, COOKIE_CSRF_TOKEN);
-        if (!existingCsrf) {
-            const token = generateCsrfToken(secret);
-            setCookie(c, COOKIE_CSRF_TOKEN, token, csrfCookieOptions);
-        }
-        // Only validate state-changing methods
-        if (!STATE_CHANGING_METHODS.has(c.req.method)) {
-            return next();
-        }
-        // Skip if no auth cookie present — not vulnerable to CSRF
-        const authCookie = getCookie(c, COOKIE_TOKEN);
-        if (!authCookie) {
-            return next();
-        }
-        // Skip exempt paths
-        const path = c.req.path;
-        for (const exempt of exemptPaths) {
-            if (exempt.endsWith("*")) {
-                if (path.startsWith(exempt.slice(0, -1)))
-                    return next();
-            }
-            else {
-                if (path === exempt)
-                    return next();
-            }
-        }
-        // Origin validation (secondary layer)
-        if (checkOrigin && originSet.size > 0) {
-            const origin = c.req.header("origin");
-            if (origin) {
-                const normalized = origin.replace(/\/$/, "");
-                if (!originSet.has(normalized)) {
-                    return c.json({ error: "CSRF origin mismatch" }, 403);
-                }
-            }
-        }
-        // Double submit cookie validation
-        const csrfCookie = getCookie(c, COOKIE_CSRF_TOKEN);
-        const csrfHeader = c.req.header(HEADER_CSRF_TOKEN);
-        if (!csrfCookie || !csrfHeader) {
-            return c.json({ error: "CSRF token missing" }, 403);
-        }
-        // Verify the cookie's HMAC signature (prevents cookie injection)
-        if (!verifyCsrfSignature(csrfCookie, secret)) {
-            return c.json({ error: "CSRF token invalid" }, 403);
-        }
-        // Compare header value to cookie value
-        if (!timingSafeEqual(csrfHeader, csrfCookie)) {
-            return c.json({ error: "CSRF token mismatch" }, 403);
-        }
-        return next();
-    };
-};

package/dist/middleware/errorHandler.js DELETED Viewed

@@ -1,13 +0,0 @@
-import { HttpError } from "../lib/HttpError";
-export const errorHandler = async (req, next) => {
-    try {
-        return await next(req);
-    }
-    catch (err) {
-        console.error(err);
-        if (err instanceof HttpError) {
-            return Response.json({ error: err.message }, { status: err.status });
-        }
-        return Response.json({ error: "Internal Server Error" }, { status: 500 });
-    }
-};

package/dist/middleware/identify.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare const identify: MiddlewareHandler<AppEnv>;

package/dist/middleware/identify.js DELETED Viewed

@@ -1,95 +0,0 @@
-import { getCookie } from "hono/cookie";
-import { verifyToken } from "../lib/jwt";
-import { getSession, updateSessionLastActive, getSessionFingerprint, setSessionFingerprint } from "../lib/session";
-import { COOKIE_TOKEN, HEADER_USER_TOKEN } from "../lib/constants";
-import { log } from "../lib/logger";
-import { getTrackLastActive, getSigningConfig } from "../lib/appConfig";
-import { getClientIp } from "../lib/clientIp";
-import { sha256 } from "../lib/crypto";
-function computeFingerprint(c, fields) {
-    const parts = fields.map((f) => {
-        if (f === "ip")
-            return getClientIp(c) ?? "";
-        if (f === "ua")
-            return c.req.header("user-agent") ?? "";
-        return c.req.header("accept-language") ?? "";
-    });
-    return sha256(parts.join(":"));
-}
-export const identify = async (c, next) => {
-    c.set("authUserId", null);
-    c.set("roles", null);
-    c.set("sessionId", null);
-    // cookie for browsers, x-user-token header for non-browser clients
-    const token = getCookie(c, COOKIE_TOKEN) ?? c.req.header(HEADER_USER_TOKEN) ?? null;
-    log(`[identify] token=${token ? "present" : "absent"}`);
-    if (token) {
-        try {
-            const payload = await verifyToken(token);
-            const sessionId = payload.sid;
-            if (!sessionId) {
-                log("[identify] token missing sid claim — unauthenticated");
-            }
-            else {
-                const stored = await getSession(sessionId);
-                log(`[identify] token for authUserId=${payload.sub} verified, checking session...`);
-                if (stored === token) {
-                    const signingCfg = getSigningConfig();
-                    const bindingCfg = signingCfg?.sessionBinding;
-                    if (bindingCfg) {
-                        const bindingOpts = typeof bindingCfg === "object" ? bindingCfg : {};
-                        const fields = bindingOpts.fields ?? ["ip", "ua"];
-                        const onMismatch = bindingOpts.onMismatch ?? "unauthenticate";
-                        const current = computeFingerprint(c, fields);
-                        const storedFp = await getSessionFingerprint(sessionId);
-                        if (storedFp === null) {
-                            // First authenticated request — store the fingerprint
-                            setSessionFingerprint(sessionId, current).catch(() => {
-                                log(`[identify] failed to store fingerprint for sessionId=${sessionId}`);
-                            });
-                            c.set("authUserId", payload.sub);
-                            c.set("sessionId", sessionId);
-                        }
-                        else if (storedFp === current) {
-                            c.set("authUserId", payload.sub);
-                            c.set("sessionId", sessionId);
-                        }
-                        else {
-                            log(`[identify] fingerprint mismatch for sessionId=${sessionId} onMismatch=${onMismatch}`);
-                            if (onMismatch === "reject") {
-                                return c.json({ error: "Unauthorized", code: "FINGERPRINT_MISMATCH" }, 401);
-                            }
-                            else if (onMismatch === "log-only") {
-                                c.set("authUserId", payload.sub);
-                                c.set("sessionId", sessionId);
-                            }
-                            // onMismatch === "unauthenticate" — leave authUserId null (already null)
-                        }
-                    }
-                    else {
-                        c.set("authUserId", payload.sub);
-                        c.set("sessionId", sessionId);
-                    }
-                    if (c.get("authUserId")) {
-                        log(`[identify] authUserId=${payload.sub} sessionId=${sessionId}`);
-                        if (getTrackLastActive()) {
-                            updateSessionLastActive(sessionId).catch(() => {
-                                log(`[identify] failed to update lastActiveAt for sessionId=${sessionId}`);
-                            });
-                        }
-                    }
-                }
-                else {
-                    log("[identify] token/session mismatch — unauthenticated");
-                }
-            }
-        }
-        catch {
-            log("[identify] invalid token — unauthenticated");
-        }
-    }
-    else {
-        log("[identify] no token — unauthenticated");
-    }
-    await next();
-};

package/dist/middleware/index.js DELETED Viewed

	@@ -1 +0,0 @@
1	- export const applyMiddleware = (handler, ...middleware) => middleware.reduceRight((next, mw) => (req) => mw(req, next), handler);

package/dist/middleware/metrics.d.ts DELETED Viewed

@@ -1,9 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export interface MetricsMiddlewareOptions {
-    /** Paths to exclude from metrics collection. Strings use prefix matching. */
-    excludePaths?: (string | RegExp)[];
-    /** Custom path normalizer to prevent cardinality explosion. */
-    normalizePath?: (path: string) => string;
-}
-export declare const metricsCollector: (options?: MetricsMiddlewareOptions) => MiddlewareHandler<AppEnv>;

package/dist/middleware/metrics.js DELETED Viewed

@@ -1,26 +0,0 @@
-import { incrementCounter, observeHistogram, defaultNormalizePath } from "../lib/metrics";
-const DEFAULT_EXCLUDE = ["/metrics", "/health", "/docs", "/openapi.json"];
-export const metricsCollector = (options = {}) => {
-    const { excludePaths = DEFAULT_EXCLUDE, normalizePath = defaultNormalizePath, } = options;
-    return async (c, next) => {
-        const rawPath = c.req.path;
-        const excluded = excludePaths.some(p => typeof p === "string" ? rawPath.startsWith(p) : p.test(rawPath));
-        if (excluded)
-            return next();
-        const start = performance.now();
-        await next();
-        const duration = (performance.now() - start) / 1000; // seconds
-        const method = c.req.method;
-        const path = normalizePath(rawPath);
-        const status = String(c.res.status);
-        const tenantId = c.get("tenantId") ?? undefined;
-        const labels = { method, path, status };
-        const durationLabels = { method, path };
-        if (tenantId) {
-            labels.tenant = tenantId;
-            durationLabels.tenant = tenantId;
-        }
-        incrementCounter("http_requests_total", labels);
-        observeHistogram("http_request_duration_seconds", durationLabels, duration);
-    };
-};

package/dist/middleware/rateLimit.js DELETED Viewed

@@ -1,22 +0,0 @@
-import { trackAttempt } from "../lib/authRateLimit";
-import { buildFingerprint } from "../lib/fingerprint";
-import { getClientIp } from "../lib/clientIp";
-export const rateLimit = ({ windowMs, max, fingerprintLimit = false, }) => {
-    const opts = { windowMs, max };
-    return async (c, next) => {
-        const ip = getClientIp(c);
-        // Per-tenant namespacing: each tenant gets independent rate limit buckets
-        const tenantId = c.get("tenantId");
-        const prefix = tenantId ? `t:${tenantId}:` : "";
-        if (await trackAttempt(`${prefix}ip:${ip}`, opts)) {
-            return c.json({ error: "Too Many Requests" }, 429);
-        }
-        if (fingerprintLimit) {
-            const fp = await buildFingerprint(c.req.raw);
-            if (await trackAttempt(`${prefix}fp:${fp}`, opts)) {
-                return c.json({ error: "Too Many Requests" }, 429);
-            }
-        }
-        await next();
-    };
-};

package/dist/middleware/requestId.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-export declare const requestId: MiddlewareHandler<AppEnv>;

package/dist/middleware/tenant.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-import type { MiddlewareHandler } from "hono";
-import type { AppEnv } from "../lib/context";
-import type { TenancyConfig } from "../app";
-export declare const invalidateTenantCache: (tenantId: string) => void;
-export declare const createTenantMiddleware: (config: TenancyConfig) => MiddlewareHandler<AppEnv>;