npm - @lilaquadrat/studio - Versions diffs - 10.0.0-beta.8 → 10.0.0 - Mend

@lilaquadrat/studio 10.0.0-beta.8 → 10.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (244) hide show

package/eslint.config.js +146 -0
package/lib/fastify-plugins.d.ts +6 -0
package/lib/fastify-plugins.js +7 -0
package/lib/fastify-plugins.js.map +1 -0
package/lib/helpers.d.ts +4 -2
package/lib/helpers.js +13 -2
package/lib/helpers.js.map +1 -1
package/lib/main.d.ts +1 -3
package/lib/main.js +7 -3
package/lib/main.js.map +1 -1
package/lib/models.d.ts +4 -4
package/lib/models.js +4 -4
package/lib/models.js.map +1 -1
package/lib/services.d.ts +5 -5
package/lib/services.js +5 -13
package/lib/services.js.map +1 -1
package/lib/src/Immutable.class.d.ts +8 -1
package/lib/src/Immutable.class.js +52 -8
package/lib/src/Immutable.class.js.map +1 -1
package/lib/src/ShareClientFactory.class.d.ts +1 -3
package/lib/src/ShareClientFactory.class.js +1 -9
package/lib/src/ShareClientFactory.class.js.map +1 -1
package/lib/src/classes/models.class.js.map +1 -1
package/lib/src/classes/modelv2.class.d.ts +2 -0
package/lib/src/classes/modelv2.class.js +1 -1
package/lib/src/classes/modelv2.class.js.map +1 -1
package/lib/src/classes/mongo.class.js +4 -14
package/lib/src/classes/mongo.class.js.map +1 -1
package/lib/src/functions/handleError.d.ts +2 -3
package/lib/src/functions/handleError.js +3 -16
package/lib/src/functions/handleError.js.map +1 -1
package/lib/src/functions/optionsHelper.d.ts +4 -4
package/lib/src/functions/optionsHelper.js +5 -4
package/lib/src/functions/optionsHelper.js.map +1 -1
package/lib/src/functions/respondCode.d.ts +2 -1
package/lib/src/functions/respondCode.js +1 -1
package/lib/src/functions/respondCode.js.map +1 -1
package/lib/src/helpers/ControllerHelper.d.ts +73 -0
package/lib/src/helpers/ControllerHelper.js +242 -0
package/lib/src/helpers/ControllerHelper.js.map +1 -0
package/lib/src/helpers/EnvMapper.js +1 -0
package/lib/src/helpers/EnvMapper.js.map +1 -0
package/lib/src/helpers/auth0config.d.ts +6 -0
package/lib/src/helpers/auth0config.js +23 -0
package/lib/src/helpers/auth0config.js.map +1 -0
package/lib/src/helpers/authPlugin.d.ts +29 -0
package/lib/src/helpers/authPlugin.js +77 -0
package/lib/src/helpers/authPlugin.js.map +1 -0
package/lib/src/helpers/cacheHelper.d.ts +69 -0
package/lib/src/helpers/cacheHelper.js +235 -0
package/lib/src/helpers/cacheHelper.js.map +1 -0
package/lib/src/helpers/createSasToken.d.ts +0 -2
package/lib/src/helpers/createSasToken.js +35 -32
package/lib/src/helpers/createSasToken.js.map +1 -1
package/lib/src/helpers/getSecrets.d.ts +1 -1
package/lib/src/helpers/getSecrets.js +10 -12
package/lib/src/helpers/getSecrets.js.map +1 -1
package/lib/src/helpers/limiterPlugin.d.ts +9 -0
package/lib/src/helpers/limiterPlugin.js +72 -0
package/lib/src/helpers/limiterPlugin.js.map +1 -0
package/lib/src/helpers/loggingPlugin.d.ts +30 -0
package/lib/src/helpers/loggingPlugin.js +87 -0
package/lib/src/helpers/loggingPlugin.js.map +1 -0
package/lib/src/helpers/queryAssertionPlugin.d.ts +3 -0
package/lib/src/helpers/queryAssertionPlugin.js +20 -0
package/lib/src/helpers/queryAssertionPlugin.js.map +1 -0
package/lib/src/helpers/safeObjectId.d.ts +1 -1
package/lib/src/helpers/safeObjectId.js +5 -1
package/lib/src/helpers/safeObjectId.js.map +1 -1
package/lib/src/helpers/storageSdkFactory.d.ts +2 -0
package/lib/src/helpers/storageSdkFactory.js +11 -0
package/lib/src/helpers/storageSdkFactory.js.map +1 -0
package/lib/src/helpers/studioAppPlugin.d.ts +3 -0
package/lib/src/helpers/studioAppPlugin.js +16 -0
package/lib/src/helpers/studioAppPlugin.js.map +1 -0
package/lib/src/logger.js +57 -8
package/lib/src/logger.js.map +1 -1
package/lib/src/models/access.model.d.ts +14 -3
package/lib/src/models/access.model.js +7 -9
package/lib/src/models/access.model.js.map +1 -1
package/lib/src/models/customers.model.js +14 -4
package/lib/src/models/customers.model.js.map +1 -1
package/lib/src/models/design.model.d.ts +4 -0
package/lib/src/models/design.model.js +58 -0
package/lib/src/models/design.model.js.map +1 -0
package/lib/src/models/domain.model.js +1 -1
package/lib/src/models/domain.model.js.map +1 -1
package/lib/src/models/editor.model.js +7 -0
package/lib/src/models/editor.model.js.map +1 -1
package/lib/src/models/emailLimit.model.d.ts +4 -0
package/lib/src/models/emailLimit.model.js +31 -0
package/lib/src/models/emailLimit.model.js.map +1 -0
package/lib/src/models/hosting.model.js +1 -3
package/lib/src/models/hosting.model.js.map +1 -1
package/lib/src/models/hostingSettings.model.js +6 -4
package/lib/src/models/hostingSettings.model.js.map +1 -1
package/lib/src/models/invoice.model.d.ts +4 -0
package/lib/src/models/invoice.model.js +235 -0
package/lib/src/models/invoice.model.js.map +1 -0
package/lib/src/models/mailFrom.model.js +51 -10
package/lib/src/models/mailFrom.model.js.map +1 -1
package/lib/src/models/project.model.js +2 -4
package/lib/src/models/project.model.js.map +1 -1
package/lib/src/models/publish-method.model.js +79 -430
package/lib/src/models/publish-method.model.js.map +1 -1
package/lib/src/models/publish.model.js +6 -0
package/lib/src/models/publish.model.js.map +1 -1
package/lib/src/models/storage.model.js +23 -5
package/lib/src/models/storage.model.js.map +1 -1
package/lib/src/models/structure.model.js +40 -0
package/lib/src/models/structure.model.js.map +1 -1
package/lib/src/models/upload.model.js +38 -2
package/lib/src/models/upload.model.js.map +1 -1
package/lib/src/prompts/textGeneration.js +88 -0
package/lib/src/prompts/textGeneration.js.map +1 -1
package/lib/src/prompts/textGenerationMulti.js +78 -44
package/lib/src/prompts/textGenerationMulti.js.map +1 -1
package/lib/src/services/access.service.d.ts +132 -33
package/lib/src/services/access.service.js +270 -92
package/lib/src/services/access.service.js.map +1 -1
package/lib/src/services/ai.service.d.ts +4 -3
package/lib/src/services/ai.service.js +22 -29
package/lib/src/services/ai.service.js.map +1 -1
package/lib/src/services/auth.service.d.ts +11 -0
package/lib/src/services/auth.service.js +70 -0
package/lib/src/services/auth.service.js.map +1 -0
package/lib/src/services/conf.service.d.ts +3 -31
package/lib/src/services/conf.service.js +58 -167
package/lib/src/services/conf.service.js.map +1 -1
package/lib/src/services/customers.service.d.ts +8 -4
package/lib/src/services/customers.service.js +34 -7
package/lib/src/services/customers.service.js.map +1 -1
package/lib/src/services/designs.service.d.ts +7 -0
package/lib/src/services/designs.service.js +10 -0
package/lib/src/services/designs.service.js.map +1 -0
package/lib/src/services/domains.service.d.ts +18 -84
package/lib/src/services/domains.service.js +91 -583
package/lib/src/services/domains.service.js.map +1 -1
package/lib/src/services/editor.service.d.ts +4 -0
package/lib/src/services/editor.service.js +28 -0
package/lib/src/services/editor.service.js.map +1 -1
package/lib/src/services/emailLimit.service.d.ts +21 -0
package/lib/src/services/emailLimit.service.js +51 -0
package/lib/src/services/emailLimit.service.js.map +1 -0
package/lib/src/services/hosting.service.d.ts +12 -24
package/lib/src/services/hosting.service.js +32 -122
package/lib/src/services/hosting.service.js.map +1 -1
package/lib/src/services/hostingAdmin.service.d.ts +1 -1
package/lib/src/services/hostingAdmin.service.js +2 -2
package/lib/src/services/hostingAdmin.service.js.map +1 -1
package/lib/src/services/import.service.d.ts +6 -22
package/lib/src/services/import.service.js +63 -65
package/lib/src/services/import.service.js.map +1 -1
package/lib/src/services/invoices.service.d.ts +30 -0
package/lib/src/services/invoices.service.js +265 -0
package/lib/src/services/invoices.service.js.map +1 -0
package/lib/src/services/jetstream.service.d.ts +5 -3
package/lib/src/services/jetstream.service.js +63 -7
package/lib/src/services/jetstream.service.js.map +1 -1
package/lib/src/services/listParticipants.service.d.ts +3 -5
package/lib/src/services/listParticipants.service.js +76 -16
package/lib/src/services/listParticipants.service.js.map +1 -1
package/lib/src/services/mailFrom.service.d.ts +14 -1
package/lib/src/services/mailFrom.service.js +59 -0
package/lib/src/services/mailFrom.service.js.map +1 -1
package/lib/src/services/me.service.d.ts +23 -12
package/lib/src/services/me.service.js +65 -88
package/lib/src/services/me.service.js.map +1 -1
package/lib/src/services/publish.service.d.ts +6 -8
package/lib/src/services/publish.service.js +34 -32
package/lib/src/services/publish.service.js.map +1 -1
package/lib/src/services/publishData.service.d.ts +10 -7
package/lib/src/services/publishData.service.js +32 -75
package/lib/src/services/publishData.service.js.map +1 -1
package/lib/src/services/spamAnalasys.service.d.ts +4 -4
package/lib/src/services/spamAnalasys.service.js +36 -44
package/lib/src/services/spamAnalasys.service.js.map +1 -1
package/lib/src/services/storage.service.d.ts +68 -39
package/lib/src/services/storage.service.js +378 -209
package/lib/src/services/storage.service.js.map +1 -1
package/lib/src/services/structures.service.d.ts +8 -1
package/lib/src/services/structures.service.js +26 -1
package/lib/src/services/structures.service.js.map +1 -1
package/lib/src/services/upload.service.d.ts +8 -1
package/lib/src/services/upload.service.js +76 -3
package/lib/src/services/upload.service.js.map +1 -1
package/lib/tests/groupStructuresByModel.spec.d.ts +1 -0
package/lib/tests/groupStructuresByModel.spec.js +33 -0
package/lib/tests/groupStructuresByModel.spec.js.map +1 -0
package/lib/tests/listParticipantsServiceJoin.spec.d.ts +1 -0
package/lib/tests/listParticipantsServiceJoin.spec.js +151 -0
package/lib/tests/listParticipantsServiceJoin.spec.js.map +1 -0
package/lib/tests/storageServiceHandleFile.spec.d.ts +1 -0
package/lib/tests/storageServiceHandleFile.spec.js +94 -0
package/lib/tests/storageServiceHandleFile.spec.js.map +1 -0
package/lib/tests/storageServiceToken.spec.d.ts +1 -0
package/lib/tests/storageServiceToken.spec.js +104 -0
package/lib/tests/storageServiceToken.spec.js.map +1 -0
package/lib/tests/uploadServiceCreate.spec.d.ts +1 -0
package/lib/tests/uploadServiceCreate.spec.js +81 -0
package/lib/tests/uploadServiceCreate.spec.js.map +1 -0
package/package.json +30 -26
package/lib/src/AzureBlobStorage.share.d.ts +0 -19
package/lib/src/AzureBlobStorage.share.js +0 -162
package/lib/src/AzureBlobStorage.share.js.map +0 -1
package/lib/src/AzureFileStorage.share.d.ts +0 -22
package/lib/src/AzureFileStorage.share.js +0 -139
package/lib/src/AzureFileStorage.share.js.map +0 -1
package/lib/src/AzureVault.d.ts +0 -14
package/lib/src/AzureVault.js +0 -28
package/lib/src/AzureVault.js.map +0 -1
package/lib/src/dns.challenge.class.d.ts +0 -17
package/lib/src/dns.challenge.class.js +0 -41
package/lib/src/dns.challenge.class.js.map +0 -1
package/lib/src/http.challenge.class.d.ts +0 -33
package/lib/src/http.challenge.class.js +0 -58
package/lib/src/http.challenge.class.js.map +0 -1
package/lib/src/models/certificate-action.model.d.ts +0 -5
package/lib/src/models/certificate-action.model.js +0 -230
package/lib/src/models/certificate-action.model.js.map +0 -1
package/lib/src/models/certificate.model.d.ts +0 -4
package/lib/src/models/certificate.model.js +0 -96
package/lib/src/models/certificate.model.js.map +0 -1
package/lib/src/models/editorBase.model.d.ts +0 -4
package/lib/src/models/editorBase.model.js +0 -39
package/lib/src/models/editorBase.model.js.map +0 -1
package/lib/src/services/certificates.service.js +0 -199
package/lib/src/services/certificates.service.js.map +0 -1
package/lib/src/services/certificatesAction.service.d.ts +0 -0
package/lib/src/services/certificatesAction.service.js +0 -237
package/lib/src/services/certificatesAction.service.js.map +0 -1
package/lib/src/services/editorBase.service.d.ts +0 -46
package/lib/src/services/editorBase.service.js +0 -161
package/lib/src/services/editorBase.service.js.map +0 -1
package/lib/src/services/handleFile.service.d.ts +0 -9
package/lib/src/services/handleFile.service.js +0 -45
package/lib/src/services/handleFile.service.js.map +0 -1
package/lib/src/services/media.service.d.ts +0 -35
package/lib/src/services/media.service.js +0 -418
package/lib/src/services/media.service.js.map +0 -1
package/lib/src/services/share.service.d.ts +0 -6
package/lib/src/services/share.service.js +0 -4
package/lib/src/services/share.service.js.map +0 -1
/package/lib/src/{services/certificates.service.d.ts → helpers/EnvMapper.d.ts} +0 -0

package/lib/src/services/access.service.js CHANGED Viewed

@@ -1,109 +1,287 @@
-import dayjs from 'dayjs';
-import Timeseries from '../Timeseries.class.js';
+/**
+ * AccessService — distributed rate limiter (Mongo-only, multi-pod safe).
+ *
+ * ============================================================================
+ * OVERVIEW
+ * ============================================================================
+ * Counts requests per key (IP or user id) over fixed time buckets and reports
+ * when a limit is exceeded. Designed to be shared across multiple Fastify APIs
+ * pointing at the same MongoDB. No Redis required.
+ *
+ * Storage = a single Mongo collection (`accessLimits`) of counter documents,
+ * one per unique key. Each document holds the current minute bucket count and
+ * current hour bucket count. A TTL index reaps stale docs automatically.
+ *
+ * Two buckets only by design: minute (short burst) and hour (sustained load).
+ * Second/quarter buckets dropped — sec is noisy under network jitter, quarter
+ * is redundant with minute+hour.
+ *
+ * ============================================================================
+ * PERFORMANCE STRATEGY ("Tier 1")
+ * ============================================================================
+ * Three layered optimizations to minimize Mongo writes while keeping the
+ * limit decision correct:
+ *
+ *   1. Single atomic upsert per DB hit
+ *      Pipeline update with `$cond` either increments the existing bucket
+ *      count or resets it (when the window rolled over). Both minute and
+ *      hour intervals updated in one round-trip, no read-then-write race.
+ *
+ *   2. Per-pod LRU cache (in-process Map)
+ *      Caches the last known counts for ~10k hottest keys. If a request
+ *      arrives for a cached key that is well under its limit and the cache
+ *      entry is fresh, the DB is skipped entirely. The local counter is
+ *      bumped instead. Trade-off described below.
+ *
+ *   3. Threshold-based flush
+ *      Cache is trusted only while projected count < 70% of limit. Above
+ *      that, every request forces a DB sync so the real count is known
+ *      before a 429 is issued.
+ *
+ * Result: under normal traffic, most requests do zero Mongo work. Under
+ * abuse, every request near/over the limit syncs to Mongo and gets
+ * blocked accurately.
+ *
+ * ============================================================================
+ * CACHE TRADE-OFF (read this if Mongo counts look low)
+ * ============================================================================
+ * Mongo count = lagging snapshot. Real count = `mongoCount + sum(per-pod
+ * cache deltas)`. A burst of 10 requests in < 2s may only produce ~1–2
+ * Mongo writes; the rest are absorbed by the cache and never sync.
+ *
+ * This is correct behavior — the limit is still enforced because the cache
+ * holds the projected count locally and returns `LimiterBreach` from RAM.
+ *
+ * If exact Mongo numbers are required (debugging, audit), set
+ * CACHE_SOFT_SYNC_MS = 0 and CACHE_SAFE_RATIO = 0 (every request hits DB).
+ * Multi-pod note: each pod has its own cache. Across N pods, true count can
+ * exceed limit by up to N × (CACHE_SAFE_RATIO × limit) before any pod
+ * sees a breach. For strict global enforcement on tiny limits, tighten
+ * CACHE_SAFE_RATIO or set to 0.
+ *
+ * ============================================================================
+ * DOCUMENT SHAPE (in `accessLimits` collection)
+ * ============================================================================
+ *   {
+ *     _id:       "studio:ip:1.2.3.4",        // or "studio:user:<sub>"
+ *     minute:    { bucket: 29347521, count: 12 },
+ *     hour:      { bucket:   489125, count: 230 },
+ *     expiresAt: ISODate("...")              // TTL target, ~2h ahead
+ *   }
+ *
+ * Bucket values = Math.floor(now_ms / windowMs). Same value across all pods
+ * means same window. expiresAt set 2 hours past current hour start so the
+ * doc survives just long enough to be relevant.
+ *
+ * ============================================================================
+ * USAGE
+ * ============================================================================
+ *   const breach = await AccessService.hit(key, { minute: 60, hour: 1000 });
+ *   if (breach) return reply.code(429).send({ retryAfter: breach.retryAfter });
+ *
+ * Normally wired via `limiterPlugin` (Fastify) which composes the key from
+ * namespace + IP/user and resolves the tier from URL prefix. See
+ * `src/helpers/limiterPlugin.ts`.
+ */
 import AccessModel from '../models/access.model.js';
-import { HttpStatusCode } from '../helpers/HttpStatusCode.enum.js';
-export default class AccessService extends Timeseries {
-    constructor(settings) {
-        super();
-        this.model = AccessModel;
-        this.settings = settings;
-    }
-    count(after) {
-        return this.model.db.countDocuments({ date: { $gte: after } });
+/** 60 seconds in ms — minute bucket width. */
+const MINUTE_MS = 60000;
+/** 1 hour in ms — hour bucket width and TTL stride. */
+const HOUR_MS = 3600000;
+/** Maximum LRU cache entries per pod. Oldest evicted on overflow. */
+const CACHE_MAX = 10000;
+/**
+ * Maximum age (ms) a cache entry can be trusted without re-syncing to Mongo.
+ * Lower = more accurate Mongo numbers, more writes.
+ * Higher = fewer writes, larger cross-pod drift in real-time count.
+ */
+const CACHE_SOFT_SYNC_MS = 2000;
+/**
+ * Fraction of the limit below which the cache is trusted without DB sync.
+ * Example: limit=100, ratio=0.7 → cache trusted until projected count hits 70.
+ * Above this, every request hits Mongo so a 429 decision is based on real data.
+ */
+const CACHE_SAFE_RATIO = 0.7;
+/**
+ * Module-level LRU cache. Map preserves insertion order so re-inserting on
+ * access moves the entry to the "most recent" end; oldest can then be
+ * evicted from the head when CACHE_MAX is exceeded.
+ *
+ * Lifetime = process lifetime. No persistence intended; the LRU is purely a
+ * per-pod write-reduction optimization, not the source of truth.
+ */
+const cache = new Map();
+/**
+ * LRU read: fetch entry and mark it as most-recently-used by re-inserting.
+ * Returns undefined if not present.
+ */
+function cacheGet(key) {
+    const entry = cache.get(key);
+    if (!entry)
+        return;
+    cache.delete(key);
+    cache.set(key, entry);
+    return entry;
+}
+/**
+ * LRU write: insert/update entry, then evict oldest if over CACHE_MAX.
+ * Eviction is O(1) because Map iteration starts at the oldest key.
+ */
+function cacheSet(key, entry) {
+    if (cache.has(key))
+        cache.delete(key);
+    cache.set(key, entry);
+    if (cache.size > CACHE_MAX) {
+        const oldest = cache.keys().next().value;
+        if (oldest)
+            cache.delete(oldest);
     }
-    async lastHour(ipOrUser, options) {
-        const secondAgo = dayjs().subtract(1, 'second').toDate();
-        const minuteAgo = dayjs().subtract(1, 'minute').toDate();
-        const hourAgo = dayjs().subtract(1, 'hour').toDate();
-        const quarterAgo = dayjs().subtract(15, 'minutes').toDate();
-        const match = {
-            $match: {
-                date: { $gte: hourAgo },
-            },
-        };
-        if (options?.user) {
-            match.$match['metadata.user'] = ipOrUser;
-        }
-        if (!options?.user) {
-            match.$match['metadata.ip'] = ipOrUser;
-        }
-        const count = await this.model.db.aggregate([
-            match,
+}
+export default class AccessService {
+    /**
+     * Atomic upsert of minute + hour buckets for a single key.
+     *
+     * Uses Mongo 4.2+ pipeline update with `$cond`:
+     *   if  stored bucket === current bucket  → increment count
+     *   else                                  → reset count to 1
+     *
+     * Both intervals handled in one document, one round-trip. `upsert: true`
+     * creates the doc on first ever hit. `returnDocument: 'after'` gives the
+     * post-increment values so we can compare against the limit immediately.
+     *
+     * @param key            Composed key (`{namespace}:ip:...` or `:user:...`).
+     * @param minuteBucket   floor(Date.now() / MINUTE_MS) — same on all pods.
+     * @param hourBucket     floor(Date.now() / HOUR_MS).
+     * @returns              Post-increment counts for minute and hour.
+     */
+    static async incr(key, minuteBucket, hourBucket) {
+        // TTL target = 2 full hours past the current hour boundary. Long enough
+        // that an active key survives a full sustained-load window, short enough
+        // that Mongo doesn't accumulate cold data indefinitely.
+        const expiresAt = new Date((hourBucket + 2) * HOUR_MS);
+        const result = await AccessModel.db.findOneAndUpdate({ _id: key }, [
             {
-                $group: {
-                    _id: null,
-                    second: {
-                        $sum: {
-                            $cond: [{ $gte: ['$date', secondAgo] }, 1, 0],
-                        },
-                    },
+                $set: {
                     minute: {
-                        $sum: {
-                            $cond: [{ $gte: ['$date', minuteAgo] }, 1, 0],
-                        },
-                    },
-                    quarter: {
-                        $sum: {
-                            $cond: [{ $gte: ['$date', quarterAgo] }, 1, 0],
-                        },
+                        $cond: [
+                            { $eq: ['$minute.bucket', minuteBucket] },
+                            // Same minute window — bump count. $ifNull guards the upsert
+                            // path where the doc doesn't exist yet.
+                            { bucket: minuteBucket, count: { $add: [{ $ifNull: ['$minute.count', 0] }, 1] } },
+                            // Window rolled over (or new doc) — reset.
+                            { bucket: minuteBucket, count: 1 },
+                        ],
                     },
                     hour: {
-                        $sum: 1,
+                        $cond: [
+                            { $eq: ['$hour.bucket', hourBucket] },
+                            { bucket: hourBucket, count: { $add: [{ $ifNull: ['$hour.count', 0] }, 1] } },
+                            { bucket: hourBucket, count: 1 },
+                        ],
                     },
+                    expiresAt,
                 },
             },
-        ]).toArray();
-        if (count.length) {
-            return count[0];
-        }
-        return;
+        ], { upsert: true, returnDocument: 'after' });
+        // On upsert path with returnDocument:'after', result is always populated
+        // — the `?? 1` fallback is defensive for the impossible-null case.
+        return {
+            minute: result?.minute.count ?? 1,
+            hour: result?.hour.count ?? 1,
+        };
     }
     /**
-        applies the provided settings that limit the requests per second, minute, 15 minutes and hour.
-        responds with code 429 if the limits are exceeded
-          ```TS
-          callLimits: {
-              second: number,
-              minute: number,
-              quarter: number
-              hour: number
-          }
-          ```
-       */
-    async applyLimits(req, res, next, options) {
-        // Retrieve the last hour's access log for the requesting IP address
-        const accessLog = await this.lastHour(options?.user && req.auth?.sub ? req.auth.sub : req.ip, options);
-        // Check if accessLog is available to proceed with rate limiting checks
-        if (accessLog) {
-            // Check if the number of requests in the last second exceeds the limit
-            if (accessLog.second >= this.settings.callLimits.second) {
-                this.sendResponse(this.settings.callLimits.second.toString(), 'per second', res);
-                return false;
-            }
-            // Check if the number of requests in the last minute exceeds the limit
-            if (accessLog.minute >= this.settings.callLimits.minute) {
-                this.sendResponse(this.settings.callLimits.minute.toString(), 'per minute', res);
-                return false;
-            }
-            // Check if the number of requests in the last quarter-hour exceeds the limit
-            if (accessLog.quarter >= this.settings.callLimits.quarter) {
-                this.sendResponse(this.settings.callLimits.quarter.toString(), 'per 15 minutes', res);
-                return false;
-            }
-            // Check if the number of requests in the last hour exceeds the limit
-            if (accessLog.hour >= this.settings.callLimits.hour) {
-                this.sendResponse(this.settings.callLimits.hour.toString(), 'per hour', res);
-                return false;
+     * Main entry point. Records a request and reports whether it exceeded any
+     * configured limit.
+     *
+     * Decision path:
+     *   1. If neither minute nor hour limit set → no-op.
+     *   2. Look up cache. If a fresh entry exists, the request keeps the same
+     *      bucket, AND the projected count stays under CACHE_SAFE_RATIO of the
+     *      configured limit → bump locally, skip Mongo, return allowed.
+     *   3. Otherwise → atomic Mongo upsert, refresh cache from the result.
+     *   4. Compare post-increment counts to tier limits. If exceeded, return
+     *      a LimiterBreach with the offending interval, observed count, and
+     *      a Retry-After value computed from the time remaining in the window.
+     *
+     * Important: a breach is only returned when count *exceeds* the limit
+     * (`>`), not when it equals it. A limit of 60/minute permits exactly 60
+     * requests; the 61st returns the breach.
+     *
+     * @param key   Pre-composed cache+DB key. Caller controls namespacing.
+     * @param tier  Configured per-interval limits. Missing field = no limit.
+     * @returns     undefined if allowed, LimiterBreach if denied.
+     */
+    static async hit(key, tier) {
+        if (!tier.minute && !tier.hour)
+            return;
+        const now = Date.now();
+        // Bucket = monotonic integer derived from wall clock. All pods compute
+        // the same bucket value at the same instant (subject to NTP skew).
+        const minuteBucket = Math.floor(now / MINUTE_MS);
+        const hourBucket = Math.floor(now / HOUR_MS);
+        const cached = cacheGet(key);
+        // Cached entry only relevant if it was recorded inside the *same*
+        // window. If either bucket rolled over, we must hit Mongo to learn the
+        // new bucket's count (which may already be non-zero from another pod).
+        const sameWindow = cached
+            && cached.minuteBucket === minuteBucket
+            && cached.hourBucket === hourBucket;
+        if (sameWindow) {
+            // Project what the count would be after this request, then check
+            // whether we're still in the "safe zone" where cache absorption is
+            // OK. If yes, do not touch Mongo.
+            const projMinute = cached.minute + 1;
+            const projHour = cached.hour + 1;
+            const minuteSafe = !tier.minute || projMinute < tier.minute * CACHE_SAFE_RATIO;
+            const hourSafe = !tier.hour || projHour < tier.hour * CACHE_SAFE_RATIO;
+            const fresh = now - cached.syncedAt < CACHE_SOFT_SYNC_MS;
+            if (minuteSafe && hourSafe && fresh) {
+                cached.minute = projMinute;
+                cached.hour = projHour;
+                // Re-insert to mark MRU; do NOT update syncedAt — it tracks the
+                // last *Mongo* sync, not the last access.
+                cacheSet(key, cached);
+                return;
             }
         }
-        // If the request does not exceed any rate limits, continue to the next middleware
-        next();
-        return true;
+        // Cache cold, stale, near-limit, or in a new bucket → authoritative
+        // Mongo write and refresh the cache from the result.
+        const counts = await AccessService.incr(key, minuteBucket, hourBucket);
+        cacheSet(key, {
+            minuteBucket,
+            hourBucket,
+            minute: counts.minute,
+            hour: counts.hour,
+            syncedAt: now,
+        });
+        // Minute checked first because it always trips before hour for steady
+        // overload. retryAfter = ms remaining in the current window, rounded
+        // up to whole seconds (Retry-After header is integer seconds).
+        if (tier.minute && counts.minute > tier.minute) {
+            return {
+                interval: 'minute',
+                limit: tier.minute,
+                count: counts.minute,
+                retryAfter: Math.ceil((MINUTE_MS - (now % MINUTE_MS)) / 1000),
+            };
+        }
+        if (tier.hour && counts.hour > tier.hour) {
+            return {
+                interval: 'hour',
+                limit: tier.hour,
+                count: counts.hour,
+                retryAfter: Math.ceil((HOUR_MS - (now % HOUR_MS)) / 1000),
+            };
+        }
+        return;
     }
-    sendResponse(limit, interval, res) {
-        res.set('X-RateLimit-Limit', limit);
-        res.set('X-RateLimit-Interval', interval);
-        res.status(HttpStatusCode.TOO_MANY_REQUESTS).end();
+    /**
+     * Drops the entire in-process cache. Intended for tests and ops tooling
+     * (e.g. after manually editing accessLimits docs). Does not touch Mongo.
+     */
+    static clearCache() {
+        cache.clear();
     }
 }
 //# sourceMappingURL=access.service.js.map

package/lib/src/services/access.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"access.service.js","sourceRoot":"","sources":["../../../src/services/access.service.ts"],"names":[],"mappings":"AAAA,OAAO,~~KAAK~~,MAAM,~~OAAO~~,CAAC;~~AAC1B~~,~~OAAO~~,~~UAAU,~~MAAM,~~wBAAwB~~,CAAC;~~AAChD~~,OAAO,~~WAAW~~,~~MAAM~~,~~2BAA2B,~~CAAC;~~AAGpD~~,~~OAAO~~,~~EAAE~~,~~cAAc~~,~~EAAE~~,MAAM,~~mCAAmC~~,CAAC;~~AAWnE~~,MAAM,CAAC,~~OAAO~~,~~OAAO~~,~~aAAc~~,~~SAAQ~~,~~UAAkB;IAM3D~~,~~YAAY~~,~~QAAwB~~;~~QAElC~~,~~KAAK~~,~~EAAE~~,CAAC;~~QANV~~,~~UAAK~~,GAAG,~~WAAW~~,CAAC~~;QAQlB~~,~~IAAI~~,CAAC,~~QAAQ,~~GAAG,~~QAAQ,~~CAAC~~;IAE3B~~,CAAC;~~IAED~~,~~KAAK~~,CAAC,~~KAAW~~;~~QAEf~~,OAAO,~~IAAI~~,CAAC,~~KAAK~~,CAAC,~~EAAE~~,CAAC,~~cAAc,~~CAAC,~~EAAE~~,~~IAAI~~,~~EAAE~~,~~EAAE~~,~~IAAI~~,EAAE,KAAK,~~EAAE~~,~~EAAE,~~CAAC,CAAC;~~IAEjE~~,CAAC;~~IAED~~,~~KAAK~~,~~CAAC,~~QAAQ,CAAC,~~QAAgB~~,EAAE,~~OAA2B~~;~~QAE1D~~,~~MAAM~~,~~SAAS~~,GAAG,~~KAAK~~,~~EAAE~~,CAAC,~~QAAQ~~,CAAC,CAAC,~~EAAE~~,~~QAAQ,~~CAAC,CAAC,~~MAAM~~,~~EAAE,~~CAAC~~;QACzD~~,~~MAAM~~,~~SAAS~~,GAAG,~~KAAK,~~EAAE,~~CAAC~~,~~QAAQ,~~CAAC,CAAC,~~EAAE~~,~~QAAQ~~,CAAC,~~CAAC~~,~~MAAM~~,EAAE,CAAC;~~QACzD~~,MAAM,~~OAAO~~,GAAG,KAAK,~~EAAE,~~CAAC,~~QAAQ~~,~~CAAC~~,CAAC,EAAE,~~MAAM,~~CAAC,~~CAAC~~,~~MAAM,EAAE,~~CAAC;~~QACrD~~,MAAM,~~UAAU,GAAG,~~KAAK,~~EAAE,~~CAAC,~~QAAQ~~,CAAC,~~EAAE~~,~~EAAE~~,~~SAAS~~,CAAC,CAAC,MAAM,~~EAAE,~~CAAC~~;QAE5D~~,~~MAAM~~,~~KAAK~~,~~GAAG~~;~~YACZ~~,MAAM,~~EAAE;gBACN~~,IAAI,~~EAAE~~,EAAE,~~IAAI~~,EAAE,~~OAAO~~,~~EAAE~~;~~aACxB~~;~~SACF~~,~~CAAC~~;~~QAEF~~,~~IAAI~~,~~OAAO~~,~~EAAE~~,IAAI,~~EAAE~~,CAAC~~;YAElB~~,~~KAAK,~~CAAC,~~MAAM~~,CAAC,~~eAAe,~~CAAC,GAAG,~~QAAQ~~,CAAC~~;QAE3C~~,CAAC;~~QAED~~,~~IAAI~~,~~CAAC~~,~~OAAO~~,~~EAAE~~,~~IAAI~~,EAAE,CAAC~~;YAEnB~~,~~KAAK~~,~~CAAC~~,~~MAAM~~,~~CAAC~~,~~aAAa~~,~~CAAC,~~GAAG,~~QAAQ~~,~~CAAC~~;~~QAEzC~~,~~CAAC~~;~~QAED~~,MAAM,KAAK,GAAG,~~MAAM~~,~~IAAI,~~CAAC,~~KAAK~~,~~CAAC,~~EAAE,CAAC,~~SAAS~~,~~CAA+B~~;~~YACxE~~,~~KAAK~~;~~YACL;gBACE~~,MAAM,EAAE~~;oBACN~~,~~GAAG~~,EAAE,~~IAAI;oBACT~~,~~MAAM~~,EAAE~~;wBACN~~,IAAI,EAAE~~;4BACJ~~,~~KAAK~~,EAAE,~~CAAC~~,EAAE,~~IAAI~~,EAAE,CAAC,~~OAAO~~,EAAE,~~SAAS~~,CAAC,EAAE,EAAE,~~CAAC~~,EAAE,CAAC,~~CAAC~~;~~yBAC9C~~;qBACF;oBACD,~~MAAM,EAAE;wBACN,~~IAAI,EAAE;~~4BACJ~~,KAAK,EAAE,~~CAAC,~~EAAE,~~IAAI~~,EAAE,CAAC,~~OAAO~~,EAAE,~~SAAS~~,CAAC,EAAE,EAAE,~~CAAC~~,EAAE,~~CAAC~~,~~CAAC;yBAC9C;qBACF;oBACD~~,~~OAAO~~,EAAE~~;wBACP~~,~~IAAI,~~EAAE~~;4BACJ~~,~~KAAK~~,EAAE,CAAC,EAAE,~~IAAI~~,EAAE,CAAC,~~OAAO~~,EAAE,~~UAAU~~,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,~~CAAC~~;~~yBAC/C~~;qBACF;oBACD,~~IAAI~~,EAAE~~;wBACJ~~,IAAI,EAAE,CAAC;~~qBACR~~;~~iBACF~~;~~aACF~~;~~SACF~~,~~CAAC~~,~~CAAC~~,~~OAAO~~,EAAE,CAAC~~;QAEb~~,IAAI,~~KAAK,~~CAAC,~~MAAM~~,EAAE,~~CAAC;YAEjB~~,~~OAAO~~,~~KAAK~~,CAAC,~~CAAC~~,~~CAAC~~,CAAC;~~QAElB~~,CAAC;~~QAED~~,~~OAAO;IAET,~~CAAC;IAED~~;;;;;;;;;;;SAWK~~;~~IACL~~,KAAK,CAAC,~~WAAW~~,CAAC,~~GAAY~~,EAAE,~~GAAa~~,~~EAAE~~,~~IAAkB~~,~~EAAE~~,~~OAA2B~~;~~QAE5F~~,~~oEAAoE~~;~~QACpE~~,MAAM,~~SAAS~~,GAAG,~~MAAM,~~IAAI,CAAC,~~QAAQ~~,CAAC,~~OAAO~~,~~EAAE~~,~~IAAI~~,~~IAAI~~,GAAG,CAAC,~~IAAI~~,~~EAAE~~,GAAG,~~CAAC~~,CAAC,CAAC,GAAG,CAAC,~~IAAI~~,CAAC,GAAG,~~CAAC~~,CAAC,CAAC,GAAG,CAAC,~~EAAY~~,~~EAAE,OAAO,~~CAAC,CAAC;~~QAEjH~~,uEAAuE;QACvE,~~IAAI~~,~~SAAS~~,~~EAAE~~,~~CAAC;YAEd~~,~~uEAAuE~~;~~YACvE~~,~~IAAI~~,~~SAAS,~~CAAC,~~MAAM~~,~~IAAI~~,~~IAAI~~,CAAC,~~QAAQ~~,~~CAAC~~,UAAU,CAAC,~~MAAM~~,EAAE,CAAC;~~gBAExD~~,~~IAAI~~,~~CAAC~~,~~YAAY~~,~~CAAC~~,~~IAAI~~,~~CAAC~~,~~QAAQ~~,CAAC,~~UAAU~~,CAAC,MAAM,~~CAAC,~~QAAQ,~~EAAE~~,~~EAAE~~,~~YAAY~~,~~EAAE~~,GAAG,CAAC,CAAC;~~gBACjF~~,~~OAAO~~,~~KAAK~~,~~CAAC;YAEf~~,CAAC~~;YAED~~,~~uEAAuE;YACvE,~~IAAI,~~SAAS,~~CAAC,MAAM,IAAI,IAAI,CAAC,~~QAAQ~~,~~CAAC~~,~~UAAU~~,CAAC,MAAM,~~EAAE~~,CAAC~~;gBAExD~~,IAAI,CAAC,~~YAAY~~,~~CAAC~~,IAAI,CAAC,~~QAAQ~~,~~CAAC~~,~~UAAU~~,CAAC,MAAM,~~CAAC~~,~~QAAQ~~,~~EAAE~~,~~EAAE~~,~~YAAY~~,~~EAAE~~,GAAG,~~CAAC~~,CAAC;~~gBACjF~~,~~OAAO~~,KAAK,CAAC;~~YAEf~~,CAAC~~;YAED~~,~~6EAA6E;YAC7E~~,~~IAAI~~,~~SAAS~~,CAAC,~~OAAO~~,~~IAAI~~,IAAI,~~CAAC~~,QAAQ,CAAC,~~UAAU~~,CAAC,~~OAAO~~,EAAE,CAAC;~~gBAE1D~~,~~IAAI~~,CAAC,~~YAAY~~,CAAC,IAAI,CAAC,~~QAAQ~~,~~CAAC~~,UAAU,CAAC,~~OAAO,~~CAAC,QAAQ,~~EAAE~~,EAAE,~~gBAAgB~~,EAAE,~~GAAG~~,CAAC,~~CAAC~~;~~gBACtF~~,~~OAAO~~,~~KAAK~~,CAAC;~~YAEf~~,CAAC;~~YAED~~,qEAAqE;~~YACrE~~,IAAI,~~SAAS~~,CAAC,~~IAAI~~,IAAI,~~IAAI~~,CAAC,~~QAAQ~~,~~CAAC~~,~~UAAU~~,CAAC,~~IAAI~~,EAAE,CAAC;~~gBAEpD~~,~~IAAI~~,~~CAAC~~,~~YAAY~~,~~CAAC~~,IAAI,CAAC,~~QAAQ~~,CAAC,UAAU,CAAC,IAAI,CAAC,~~QAAQ~~,~~EAAE~~,~~EAAE~~,~~UAAU~~,~~EAAE~~,GAAG,CAAC,CAAC~~;gBAC7E~~,~~OAAO~~,~~KAAK~~,CAAC;~~YAEf~~,CAAC;~~QAEH~~,CAAC;QAED,~~kFAAkF;QAClF~~,IAAI,~~EAAE,~~CAAC~~;QACP~~,~~OAAO~~,IAAI,~~CAAC;IAEd~~,CAAC~~;IAED~~,~~YAAY~~,CAAC,~~KAAa~~,EAAE,~~QAAgB~~,EAAE,~~GAAa~~;~~QAEzD~~,~~GAAG~~,~~CAAC~~,~~GAAG~~,CAAC,~~mBAAmB~~,EAAE,~~KAAK~~,CAAC,~~CAAC~~;~~QACpC~~,~~GAAG~~,CAAC,GAAG,CAAC,~~sBAAsB~~,~~EAAE~~,~~QAAQ~~,CAAC,CAAC~~;QAC1C~~,GAAG,CAAC,~~MAAM~~,CAAC,~~cAAc~~,CAAC,~~iBAAiB~~,CAAC,CAAC,~~GAAG~~,EAAE,CAAC;~~IAErD~~,CAAC;CAEF"}
1	+ {"version":3,"file":"access.service.js","sourceRoot":"","sources":["../../../src/services/access.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoFG;AAGH,OAAO,WAAoC,MAAM,2BAA2B,CAAC;AAiB7E,8CAA8C;AAC9C,MAAM,SAAS,GAAG,KAAM,CAAC;AACzB,uDAAuD;AACvD,MAAM,OAAO,GAAG,OAAS,CAAC;AAC1B,qEAAqE;AACrE,MAAM,SAAS,GAAG,KAAM,CAAC;AACzB;;;;GAIG;AACH,MAAM,kBAAkB,GAAG,IAAK,CAAC;AACjC;;;;GAIG;AACH,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAE7B;;;;;;;GAOG;AACH,MAAM,KAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;AAE5C;;;GAGG;AACH,SAAS,QAAQ,CAAC,GAAW;IAE3B,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,KAAK;QAAE,OAAO;IACnB,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAClB,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACtB,OAAO,KAAK,CAAC;AAEf,CAAC;AAED;;;GAGG;AACH,SAAS,QAAQ,CAAC,GAAW,EAAE,KAAiB;IAE9C,IAAI,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACtC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACtB,IAAI,KAAK,CAAC,IAAI,GAAG,SAAS,EAAE,CAAC;QAE3B,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACzC,IAAI,MAAM;YAAE,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAEnC,CAAC;AAEH,CAAC;AAED,MAAM,CAAC,OAAO,OAAO,aAAa;IAEhC;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAW,EAAE,YAAoB,EAAE,UAAkB;QAErE,wEAAwE;QACxE,yEAAyE;QACzE,wDAAwD;QACxD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;QAEvD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,EAAE,CAAC,gBAAgB,CAClD,EAAE,GAAG,EAAE,GAAG,EAAE,EACZ;YACE;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,KAAK,EAAE;4BACL,EAAE,GAAG,EAAE,CAAC,gBAAgB,EAAE,YAAY,CAAC,EAAE;4BACzC,6DAA6D;4BAC7D,wCAAwC;4BACxC,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE;4BACjF,2CAA2C;4BAC3C,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE;yBACnC;qBACF;oBACD,IAAI,EAAE;wBACJ,KAAK,EAAE;4BACL,EAAE,GAAG,EAAE,CAAC,cAAc,EAAE,UAAU,CAAC,EAAE;4BACrC,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,aAAa,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE;4BAC7E,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE;yBACjC;qBACF;oBACD,SAAS;iBACV;aACF;SACF,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,CACjB,CAAC;QAE3B,yEAAyE;QACzE,mEAAmE;QACnE,OAAO;YACL,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,IAAI,CAAC;YACjC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,IAAI,CAAC;SAC9B,CAAC;IAEJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,IAAiB;QAE7C,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI;YAAE,OAAO;QAEvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,uEAAuE;QACvE,mEAAmE;QACnE,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC;QAE7C,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;QAC7B,kEAAkE;QAClE,uEAAuE;QACvE,uEAAuE;QACvE,MAAM,UAAU,GAAG,MAAM;eACpB,MAAM,CAAC,YAAY,KAAK,YAAY;eACpC,MAAM,CAAC,UAAU,KAAK,UAAU,CAAC;QAEtC,IAAI,UAAU,EAAE,CAAC;YAEf,iEAAiE;YACjE,mEAAmE;YACnE,kCAAkC;YAClC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC;YACjC,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,UAAU,GAAG,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC;YAC/E,MAAM,QAAQ,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,QAAQ,GAAG,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;YACvE,MAAM,KAAK,GAAG,GAAG,GAAG,MAAM,CAAC,QAAQ,GAAG,kBAAkB,CAAC;YAEzD,IAAI,UAAU,IAAI,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAEpC,MAAM,CAAC,MAAM,GAAG,UAAU,CAAC;gBAC3B,MAAM,CAAC,IAAI,GAAG,QAAQ,CAAC;gBACvB,gEAAgE;gBAChE,0CAA0C;gBAC1C,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;gBACtB,OAAO;YAET,CAAC;QAEH,CAAC;QAED,oEAAoE;QACpE,qDAAqD;QACrD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;QACvE,QAAQ,CAAC,GAAG,EAAE;YACZ,YAAY;YACZ,UAAU;YACV,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,QAAQ,EAAE,GAAG;SACd,CAAC,CAAC;QAEH,sEAAsE;QACtE,qEAAqE;QACrE,+DAA+D;QAC/D,IAAI,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;YAE/C,OAAO;gBACL,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,IAAI,CAAC,MAAM;gBAClB,KAAK,EAAE,MAAM,CAAC,MAAM;gBACpB,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC,GAAG,IAAI,CAAC;aAC9D,CAAC;QAEJ,CAAC;QAED,IAAI,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAEzC,OAAO;gBACL,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,IAAI,CAAC,IAAI;gBAChB,KAAK,EAAE,MAAM,CAAC,IAAI;gBAClB,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;aAC1D,CAAC;QAEJ,CAAC;QAED,OAAO;IAET,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,UAAU;QAEf,KAAK,CAAC,KAAK,EAAE,CAAC;IAEhB,CAAC;CAEF"}

package/lib/src/services/ai.service.d.ts CHANGED Viewed

@@ -1,8 +1,9 @@
 import { UserAppOptionsRequired } from '@lilaquadrat/interfaces';
-import OpenAI from 'openai';
+import { GoogleGenAI } from '@google/genai';
 export declare class Ai {
-    provider: OpenAI;
-    constructor(provider: string, key?: string);
+    provider: GoogleGenAI;
+    model: string;
+    constructor(key: string, model: string);
     tokenUsage(date: string | undefined, options: UserAppOptionsRequired): Promise<import("bson").Document>;
     generateTextForProject(input: Object, instructions: string, element: string | undefined, context: {
         project?: string;

package/lib/src/services/ai.service.js CHANGED Viewed

@@ -1,19 +1,18 @@
-import OpenAI from 'openai';
 import textGeneration from '../prompts/textGeneration.js';
 import textGenerationMulti from '../prompts/textGenerationMulti.js';
 import ProjectModel from '../models/project.model.js';
 import LoggingService from './logging.service.js';
 import LoggingModel from '../models/logging.model.js';
 import dayjs from 'dayjs';
+import { GoogleGenAI, ThinkingLevel } from '@google/genai';
 export class Ai {
-    constructor(provider, key) {
+    constructor(key, model) {
         if (key) {
-            if (provider === 'openai') {
-                this.provider = new OpenAI({
-                    apiKey: key,
-                });
-            }
+            this.provider = new GoogleGenAI({
+                apiKey: key,
+            });
         }
+        this.model = model;
     }
     async tokenUsage(date, options) {
         if (date) {
@@ -65,36 +64,30 @@ export class Ai {
         return { input: 0, output: 0, calls: 0 };
     }
     async generateTextForProject(input, instructions, element, context, options) {
-        const projectContext = await ProjectModel.db.findOne({ id: options.project }, { projection: { aiDescription: 1, aiTone: 1 } });
+        const projectContext = await ProjectModel.db.findOne({ company: options.company, id: options.project }, { projection: { aiDescription: 1, aiTone: 1 } });
         return this.generateText(input, instructions, element, { ...context, project: projectContext?.aiDescription, tone: projectContext?.aiTone }, options);
     }
     async generateText(input, instructions, element, context, options) {
         const content = options.type === 'single' ? textGeneration(input, element, context) : textGenerationMulti(input, context);
-        const response = await this.provider.chat.completions.create({
-            model: 'gpt-4.1-mini',
-            response_format: { type: 'json_object' },
-            store: true,
-            messages: [
-                {
-                    role: 'system',
-                    content,
+        const response = await this.provider.models.generateContent({
+            model: this.model,
+            config: {
+                systemInstruction: content,
+                thinkingConfig: {
+                    thinkingLevel: ThinkingLevel.LOW,
                 },
-                {
-                    role: 'user',
-                    content: JSON.stringify({
-                        input,
-                        instructions,
-                        context,
-                    }),
-                },
-            ],
-        }, {
-            timeout: 30000,
+                responseMimeType: 'application/json'
+            },
+            contents: JSON.stringify({
+                input,
+                instructions,
+                context,
+            }),
         });
         await LoggingService.add({ input: { input, instructions, context }, response }, { type: 'ai', company: options.company, project: options.project, app: options.app, user: options.user });
-        const responseData = JSON.parse(response.choices[0].message?.content);
+        const responseData = JSON.parse(response.text);
         return { output: responseData.input };
     }
 }
-export default new Ai('openai', process.env.OPENAI_API_KEY);
+export default new Ai(process.env.GOOGLE_API_KEY, process.env.AI_MODEL);
 //# sourceMappingURL=ai.service.js.map

package/lib/src/services/ai.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ai.service.js","sourceRoot":"","sources":["../../../src/services/ai.service.ts"],"names":[],"mappings":"AACA,OAAO,~~MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,~~cAAc,MAAM,8BAA8B,CAAC;AAC1D,OAAO,mBAAmB,MAAM,mCAAmC,CAAC;AACpE,OAAO,YAAY,MAAM,4BAA4B,CAAC;AACtD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,YAAY,MAAM,4BAA4B,CAAC;AAEtD,OAAO,KAAK,MAAM,OAAO,CAAC;~~AAE1B~~,~~MAAM,~~OAAO,EAAE~~;IAIb~~,~~YAAY~~,~~QAAgB~~,EAAE,~~GAAY~~;~~QAExC~~,~~IAAI~~,~~GAAG~~,EAAE~~,CAAC~~;~~YAER~~,~~IAAI~~,~~QAAQ~~,~~KAAK~~,~~QAAQ~~,EAAE,CAAC;~~gBAE1B~~,IAAI,CAAC,QAAQ,GAAG,IAAI,~~MAAM~~,CAAC;~~oBACzB~~,MAAM,EAAE,GAAG;~~iBACZ~~,CAAC,CAAC;~~YAEL~~,CAAC;~~QAEH~~,CAAC;~~IAEH~~,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAwB,EAAE,OAA+B;QAExE,IAAI,IAAI,EAAE,CAAC;YAET,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,OAAO,GAAG,KAAK,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAEnF,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAEtG,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,SAAS,CAAC;YAC/C;gBACE,MAAM,EAAE;oBACN,IAAI,EAAE,IAAI;oBACV,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,IAAI,EAAE;wBACJ,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE;wBACtF,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE;qBACnF;iBACF;aACF;YACD;gBACE,MAAM,EAAE;oBACN,GAAG,EAAE;wBACH,OAAO,EAAE,UAAU;wBACnB,OAAO,EAAE,UAAU;qBACpB;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,wCAAwC;qBAC/C;oBACD,MAAM,EAAE;wBACN,IAAI,EAAE,4CAA4C;qBACnD;oBACD,KAAK,EAAE;wBACL,MAAM,EAAE,EAAE;qBACX;iBACF;aACF;YACD;gBACE,QAAQ,EAAE;oBACR,GAAG,EAAE,CAAC;oBACN,KAAK,EAAE,CAAC;oBACR,MAAM,EAAE,CAAC;oBACT,KAAK,EAAE,CAAC;iBACT;aACF;SACF,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAClC,IAAI,QAAQ,CAAC,CAAC,CAAC;YAAE,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAE3C,CAAC;IAED,KAAK,CAAC,sBAAsB,CAC1B,KAAa,EACb,YAAoB,EACpB,OAA2B,EAC3B,OAA+E,EAC/E,OAA8D;QAG9D,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;~~QAC/H~~,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,CAAC;IAExJ,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,YAAoB,EACpB,OAA2B,EAC3B,OAA8F,EAC9F,OAA8D;QAG9D,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,OAAiB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEpI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,~~IAAI~~,CAAC,~~WAAW~~,CAAC~~,MAAM,CAC1D~~;~~YACE~~,KAAK,EAAE,~~cAAc;YACrB~~,~~eAAe~~,~~EAAE~~,~~EAAE~~,~~IAAI,~~EAAE~~,aAAa,EAAE~~;~~YACxC~~,~~KAAK~~,EAAE,~~IAAI~~;~~YACX~~,~~QAAQ~~,EAAE;~~gBACR;oBACE~~,~~IAAI~~,EAAE,~~QAAQ;oBACd~~,~~OAAO~~;~~iBACR~~;gBACD~~;oBACE~~,~~IAAI~~,EAAE,~~MAAM~~;~~oBACZ~~,~~OAAO~~,EAAE,IAAI,CAAC,SAAS,CAAC;~~wBACtB~~,KAAK;~~wBACL~~,YAAY;~~wBACZ~~,OAAO;~~qBACR~~,CAAC;~~iBACH;aACF;SACF~~,~~EACD;YACE~~,~~OAAO,EAAE,KAAK~~;~~SACf,CACF,CAAC;~~QAEF,MAAM,cAAc,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAE1L,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,~~OAAO~~,CAAC,CAAC~~,CAAC,CAAC,OAAO,EAAE,OAAiB,CAAC,CAAC~~;~~QAEhF~~,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,KAAK,EAAE,CAAC;IAExC,CAAC;CAEF;AACD,eAAe,IAAI,EAAE,CAAC,~~QAAQ~~,EAAE,OAAO,CAAC,GAAG,CAAC,~~cAAwB~~,CAAC,CAAC"}
1	+ {"version":3,"file":"ai.service.js","sourceRoot":"","sources":["../../../src/services/ai.service.ts"],"names":[],"mappings":"AACA,OAAO,cAAc,MAAM,8BAA8B,CAAC;AAC1D,OAAO,mBAAmB,MAAM,mCAAmC,CAAC;AACpE,OAAO,YAAY,MAAM,4BAA4B,CAAC;AACtD,OAAO,cAAc,MAAM,sBAAsB,CAAC;AAClD,OAAO,YAAY,MAAM,4BAA4B,CAAC;AAEtD,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE3D,MAAM,OAAO,EAAE;IAMb,YAAY,GAAW,EAAE,KAAa;QAEpC,IAAG,GAAG,EAAE,CAAC;YAEP,IAAI,CAAC,QAAQ,GAAG,IAAI,WAAW,CAAC;gBAC9B,MAAM,EAAE,GAAG;aACZ,CAAC,CAAC;QAEL,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IAErB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,IAAwB,EAAE,OAA+B;QAExE,IAAI,IAAI,EAAE,CAAC;YAET,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,MAAM,OAAO,GAAG,KAAK,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAEnF,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QAEtG,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,SAAS,CAAC;YAC/C;gBACE,MAAM,EAAE;oBACN,IAAI,EAAE,IAAI;oBACV,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,IAAI,EAAE;wBACJ,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE;wBACtF,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE;qBACnF;iBACF;aACF;YACD;gBACE,MAAM,EAAE;oBACN,GAAG,EAAE;wBACH,OAAO,EAAE,UAAU;wBACnB,OAAO,EAAE,UAAU;qBACpB;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,wCAAwC;qBAC/C;oBACD,MAAM,EAAE;wBACN,IAAI,EAAE,4CAA4C;qBACnD;oBACD,KAAK,EAAE;wBACL,MAAM,EAAE,EAAE;qBACX;iBACF;aACF;YACD;gBACE,QAAQ,EAAE;oBACR,GAAG,EAAE,CAAC;oBACN,KAAK,EAAE,CAAC;oBACR,MAAM,EAAE,CAAC;oBACT,KAAK,EAAE,CAAC;iBACT;aACF;SACF,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAClC,IAAI,QAAQ,CAAC,CAAC,CAAC;YAAE,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAE3C,CAAC;IAED,KAAK,CAAC,sBAAsB,CAC1B,KAAa,EACb,YAAoB,EACpB,OAA2B,EAC3B,OAA+E,EAC/E,OAA8D;QAG9D,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACzJ,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,CAAC;IAExJ,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,YAAoB,EACpB,OAA2B,EAC3B,OAA8F,EAC9F,OAA8D;QAG9D,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,OAAiB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEpI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC;YAC1D,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,MAAM,EAAE;gBACN,iBAAiB,EAAE,OAAO;gBAC1B,cAAc,EAAE;oBACd,aAAa,EAAE,aAAa,CAAC,GAAG;iBACjC;gBACD,gBAAgB,EAAE,kBAAkB;aACrC;YACD,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;gBACvB,KAAK;gBACL,YAAY;gBACZ,OAAO;aACR,CAAC;SACH,CAAC,CAAA;QAEF,MAAM,cAAc,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAE1L,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAK,CAAC,CAAC;QAEhD,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,KAAK,EAAE,CAAC;IAExC,CAAC;CAEF;AACD,eAAe,IAAI,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,cAAwB,EAAE,OAAO,CAAC,GAAG,CAAC,QAAkB,CAAC,CAAC"}

package/lib/src/services/auth.service.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+declare class AuthService {
+    private tokenCache;
+    private inflight;
+    url: string;
+    constructor(url: string);
+    token(clientId: string, clientSecret: string): Promise<string>;
+    getToken(clientId: string, clientSecret: string): Promise<string>;
+    private buildTokenUrl;
+}
+declare const _default: AuthService;
+export default _default;

package/lib/src/services/auth.service.js ADDED Viewed

@@ -0,0 +1,70 @@
+import logger from "../logger.js";
+import querystring from 'querystring';
+class AuthService {
+    constructor(url) {
+        this.tokenCache = null;
+        this.inflight = null;
+        this.url = url;
+    }
+    async token(clientId, clientSecret) {
+        // Check if we have a valid cached token
+        if (this.tokenCache && Date.now() < this.tokenCache.expiresAt) {
+            logger.debug('authservice.token.cached');
+            return this.tokenCache.accessToken;
+        }
+        if (this.inflight) {
+            logger.debug('authservice.token.inflight');
+            return this.inflight;
+        }
+        logger.debug('authservice.token.fetching');
+        this.inflight = this.getToken(clientId, clientSecret).finally(() => {
+            this.inflight = null;
+        });
+        return this.inflight;
+    }
+    async getToken(clientId, clientSecret) {
+        if (!this.url)
+            throw new Error('OAUTH_URL is not configured');
+        const tokenUrl = this.buildTokenUrl();
+        const body = querystring.stringify({
+            client_id: clientId,
+            client_secret: clientSecret,
+            audience: 'https://editor.lilaquadrat.de/api',
+            grant_type: 'client_credentials',
+        });
+        const response = await fetch(tokenUrl, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body,
+        });
+        if (!response.ok) {
+            const errorData = await response.json().catch(() => ({}));
+            logger.error({ message: 'Token request failed', status: response.status, errorData });
+            throw new Error(`Token request failed with status ${response.status}`);
+        }
+        const token = await response.json();
+        if (!token.access_token || !token.expires_in) {
+            logger.error({ message: 'Invalid token response', token });
+            throw new Error('Invalid token response from OAuth server');
+        }
+        this.tokenCache = {
+            accessToken: token.access_token,
+            expiresAt: Date.now() + (token.expires_in - 60) * 1000,
+        };
+        logger.debug('authservice.token.get.success');
+        return token.access_token;
+    }
+    buildTokenUrl() {
+        try {
+            const url = new URL(`https://${this.url}/oauth/token`);
+            logger.debug(`authservice.token.url: ${url.toString()}`);
+            return url.toString();
+        }
+        catch (error) {
+            logger.error({ message: 'Invalid OAUTH_URL', url: this.url, error });
+            throw new Error(`Invalid OAUTH_URL: ${this.url}`);
+        }
+    }
+}
+export default new AuthService(process.env.OAUTH_URL);
+//# sourceMappingURL=auth.service.js.map

package/lib/src/services/auth.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../../src/services/auth.service.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,WAAW,MAAM,aAAa,CAAC;AAEtC,MAAM,WAAW;IAWf,YAAY,GAAW;QATf,eAAU,GAGP,IAAI,CAAC;QAER,aAAQ,GAA2B,IAAI,CAAC;QAM9C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IAEjB,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,QAAgB,EAAE,YAAoB;QAEhD,wCAAwC;QACxC,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;YAE9D,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;QAErC,CAAC;QAED,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAElB,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAC3C,OAAO,IAAI,CAAC,QAAQ,CAAC;QAEvB,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC3C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YAEjE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QAEvB,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,QAAQ,CAAC;IAEvB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,QAAgB,EAAE,YAAoB;QAEnD,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,WAAW,CAAC,SAAS,CAAC;YACjC,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;YAC3B,QAAQ,EAAE,mCAAmC;YAC7C,UAAU,EAAE,oBAAoB;SACjC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YACrC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI;SACL,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAEjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC1D,MAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;YACtF,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAEzE,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAIhC,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,YAAY,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YAE7C,MAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,wBAAwB,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAE9D,CAAC;QAED,IAAI,CAAC,UAAU,GAAG;YAChB,WAAW,EAAE,KAAK,CAAC,YAAY;YAC/B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,GAAG,EAAE,CAAC,GAAG,IAAI;SACvD,CAAC;QAEF,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC,YAAY,CAAC;IAE5B,CAAC;IAEO,aAAa;QAEnB,IAAI,CAAC;YAEH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;YACvD,MAAM,CAAC,KAAK,CAAC,0BAA0B,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACzD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QAExB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAEf,MAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;YACrE,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAEpD,CAAC;IAEH,CAAC;CAEF;AAED,eAAe,IAAI,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,SAAU,CAAC,CAAC"}