npm - @livestore/sync-cf - Versions diffs - 0.4.0-dev.21 → 0.4.0-dev.22 - Mend

@livestore/sync-cf 0.4.0-dev.21 → 0.4.0-dev.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/dist/.tsbuildinfo +1 -1
package/dist/cf-worker/do/durable-object.d.ts.map +1 -1
package/dist/cf-worker/do/durable-object.js +8 -4
package/dist/cf-worker/do/durable-object.js.map +1 -1
package/dist/cf-worker/do/pull.d.ts +6 -1
package/dist/cf-worker/do/pull.d.ts.map +1 -1
package/dist/cf-worker/do/pull.js +2 -2
package/dist/cf-worker/do/pull.js.map +1 -1
package/dist/cf-worker/do/push.d.ts +3 -2
package/dist/cf-worker/do/push.d.ts.map +1 -1
package/dist/cf-worker/do/push.js +3 -3
package/dist/cf-worker/do/push.js.map +1 -1
package/dist/cf-worker/do/transport/do-rpc-server.d.ts.map +1 -1
package/dist/cf-worker/do/transport/do-rpc-server.js +4 -2
package/dist/cf-worker/do/transport/do-rpc-server.js.map +1 -1
package/dist/cf-worker/do/transport/http-rpc-server.d.ts +2 -1
package/dist/cf-worker/do/transport/http-rpc-server.d.ts.map +1 -1
package/dist/cf-worker/do/transport/http-rpc-server.js +16 -13
package/dist/cf-worker/do/transport/http-rpc-server.js.map +1 -1
package/dist/cf-worker/do/transport/ws-rpc-server.d.ts +2 -1
package/dist/cf-worker/do/transport/ws-rpc-server.d.ts.map +1 -1
package/dist/cf-worker/do/transport/ws-rpc-server.js +24 -6
package/dist/cf-worker/do/transport/ws-rpc-server.js.map +1 -1
package/dist/cf-worker/shared.d.ts +53 -8
package/dist/cf-worker/shared.d.ts.map +1 -1
package/dist/cf-worker/shared.js +27 -0
package/dist/cf-worker/shared.js.map +1 -1
package/dist/cf-worker/worker.d.ts +31 -31
package/dist/cf-worker/worker.d.ts.map +1 -1
package/dist/cf-worker/worker.js +20 -23
package/dist/cf-worker/worker.js.map +1 -1
package/package.json +4 -4
package/src/cf-worker/do/durable-object.ts +9 -3
package/src/cf-worker/do/pull.ts +13 -5
package/src/cf-worker/do/push.ts +10 -2
package/src/cf-worker/do/transport/do-rpc-server.ts +4 -2
package/src/cf-worker/do/transport/http-rpc-server.ts +11 -5
package/src/cf-worker/do/transport/ws-rpc-server.ts +29 -10
package/src/cf-worker/shared.ts +86 -8
package/src/cf-worker/worker.ts +48 -34

package/src/cf-worker/worker.ts CHANGED Viewed

@@ -4,7 +4,7 @@ import type { HelperTypes } from '@livestore/common-cf'
 import { Effect, Schema } from '@livestore/utils/effect'
 import type { CfTypes, SearchParams } from '../common/mod.ts'
 import type { CfDeclare } from './mod.ts'
-import { type Env, matchSyncRequest } from './shared.ts'
+import { type Env, type ForwardedHeaders, matchSyncRequest } from './shared.ts'
 // NOTE We need to redeclare runtime types here to avoid type conflicts with the lib.dom Response type.
 declare class Response extends CfDeclare.Response {}
@@ -18,6 +18,13 @@ export type CFWorker<TEnv extends Env = Env, _T extends CfTypes.Rpc.DurableObjec
   ) => Promise<CfTypes.Response>
 }
+/** Context passed to validatePayload callback */
+export type ValidatePayloadContext = {
+  storeId: string
+  /** Request headers (raw, not filtered by forwardHeaders) */
+  headers: ForwardedHeaders
+}
 /**
  * Options accepted by {@link makeWorker}. The Durable Object binding has to be
  * supplied explicitly so we never fall back to deprecated defaults when Cloudflare config changes.
@@ -27,11 +34,6 @@ export type MakeWorkerOptions<TEnv extends Env = Env, TSyncPayload = Schema.Json
    * Binding name of the sync Durable Object declared in wrangler config.
    */
   syncBackendBinding: HelperTypes.ExtractDurableObjectKeys<TEnv>
-  /**
-   * Validates the payload during WebSocket connection establishment.
-   * Note: This runs only at connection time, not for individual push events.
-   * For push event validation, use the `onPush` callback in the Durable Object.
-   */
   /**
    * Optionally pass a schema to decode the client-provided payload into a typed object
    * before calling {@link validatePayload}. If omitted, the raw JSON value is forwarded.
@@ -39,9 +41,23 @@ export type MakeWorkerOptions<TEnv extends Env = Env, TSyncPayload = Schema.Json
   syncPayloadSchema?: Schema.Schema<TSyncPayload>
   /**
    * Validates the (optionally decoded) payload during WebSocket connection establishment.
-   * If {@link syncPayloadSchema} is provided, `payload` will be of the schema’s inferred type.
+   * If {@link syncPayloadSchema} is provided, `payload` will be of the schema's inferred type.
+   *
+   * The context includes request headers for cookie-based or header-based authentication.
+   *
+   * @example Cookie-based authentication
+   * ```ts
+   * validatePayload: async (payload, { storeId, headers }) => {
+   *   const cookie = headers.get('cookie')
+   *   const session = await validateSessionFromCookie(cookie)
+   *   if (!session) throw new Error('Unauthorized')
+   * }
+   * ```
+   *
+   * Note: This runs only at connection time, not for individual push events.
+   * For push event validation, use the `onPush` callback in the Durable Object.
    */
-  validatePayload?: (payload: TSyncPayload, context: { storeId: string }) => void | Promise<void>
+  validatePayload?: (payload: TSyncPayload, context: ValidatePayloadContext) => void | Promise<void>
   /** @default false */
   enableCORS?: boolean
 }
@@ -117,37 +133,33 @@ export const makeWorker = <
   }
 }
+/** Convert CF Request headers to a ForwardedHeaders map */
+const requestHeadersToMap = (request: CfTypes.Request): ForwardedHeaders => {
+  const result = new Map<string, string>()
+  request.headers.forEach((value, key) => {
+    result.set(key.toLowerCase(), value)
+  })
+  return result
+}
 /**
  * Handles LiveStore sync requests (e.g. with search params `?storeId=...&transport=...`).
  *
- * @example
+ * @example Token-based authentication
  * ```ts
  * const validatePayload = (payload: Schema.JsonValue | undefined, context: { storeId: string }) => {
- *   console.log(`Validating connection for store: ${context.storeId}`)
  *   if (payload?.authToken !== 'insecure-token-change-me') {
  *     throw new Error('Invalid auth token')
  *   }
  * }
+ * ```
  *
- * export default {
- *   fetch: async (request, env, ctx) => {
- *     const searchParams = matchSyncRequest(request)
- *
- *     // Is LiveStore sync request
- *     if (searchParams !== undefined) {
- *       return handleSyncRequest({
- *         request,
- *         searchParams,
- *         env,
- *         ctx,
- *         syncBackendBinding: 'SYNC_BACKEND_DO',
- *         headers: {},
- *         validatePayload,
- *       })
- *     }
- *
- *     return new Response('Invalid path', { status: 400 })
- *   }
+ * @example Cookie-based authentication
+ * ```ts
+ * const validatePayload = async (payload: Schema.JsonValue | undefined, { storeId, headers }) => {
+ *   const cookie = headers.get('cookie')
+ *   const session = await validateSessionFromCookie(cookie)
+ *   if (!session) throw new Error('Unauthorized')
  * }
  * ```
  *
@@ -180,6 +192,9 @@ export const handleSyncRequest = <
 }): Promise<CfTypes.Response> =>
   Effect.gen(function* () {
     if (validatePayload !== undefined) {
+      // Convert request headers to a Map for the validation context
+      const requestHeaders = requestHeadersToMap(request)
       // Always decode with the supplied schema when present, even if payload is undefined.
       // This ensures required payloads are enforced by the schema.
       if (syncPayloadSchema !== undefined) {
@@ -191,7 +206,7 @@ export const handleSyncRequest = <
         }
         const result = yield* Effect.promise(async () =>
-          validatePayload(decodedEither.right as TSyncPayload, { storeId }),
+          validatePayload(decodedEither.right as TSyncPayload, { storeId, headers: requestHeaders }),
         ).pipe(UnknownError.mapToUnknownError, Effect.either)
         if (result._tag === 'Left') {
@@ -199,10 +214,9 @@ export const handleSyncRequest = <
           return new Response(result.left.toString(), { status: 400, headers })
         }
       } else {
-        const result = yield* Effect.promise(async () => validatePayload(payload as TSyncPayload, { storeId })).pipe(
-          UnknownError.mapToUnknownError,
-          Effect.either,
-        )
+        const result = yield* Effect.promise(async () =>
+          validatePayload(payload as TSyncPayload, { storeId, headers: requestHeaders }),
+        ).pipe(UnknownError.mapToUnknownError, Effect.either)
         if (result._tag === 'Left') {
           console.error('Invalid payload (validation failed)', result.left)