npm - @markwharton/pwa-core - Versions diffs - 1.8.0 → 2.0.0 - Mend

@markwharton/pwa-core 1.8.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (103) hide show

package/dist/{client/api.d.ts → client.d.ts} +85 -9
package/dist/{client/api.js → client.js} +159 -56
package/dist/index.d.ts +10 -2
package/dist/index.js +14 -6
package/dist/server.d.ts +283 -0
package/dist/server.js +476 -0
package/dist/shared.d.ts +150 -0
package/dist/shared.js +124 -0
package/package.json +11 -12
package/dist/__tests__/auth/apiKey.test.d.ts +0 -1
package/dist/__tests__/auth/apiKey.test.js +0 -80
package/dist/__tests__/auth/token.test.d.ts +0 -1
package/dist/__tests__/auth/token.test.js +0 -212
package/dist/__tests__/auth/types.test.d.ts +0 -1
package/dist/__tests__/auth/types.test.js +0 -77
package/dist/__tests__/client/api.test.d.ts +0 -1
package/dist/__tests__/client/api.test.js +0 -369
package/dist/__tests__/client/apiError.test.d.ts +0 -1
package/dist/__tests__/client/apiError.test.js +0 -91
package/dist/__tests__/http/responses.test.d.ts +0 -1
package/dist/__tests__/http/responses.test.js +0 -112
package/dist/__tests__/http/status.test.d.ts +0 -1
package/dist/__tests__/http/status.test.js +0 -27
package/dist/__tests__/server/auth/apiKey.test.d.ts +0 -1
package/dist/__tests__/server/auth/apiKey.test.js +0 -80
package/dist/__tests__/server/auth/token.test.d.ts +0 -1
package/dist/__tests__/server/auth/token.test.js +0 -299
package/dist/__tests__/server/http/responses.test.d.ts +0 -1
package/dist/__tests__/server/http/responses.test.js +0 -112
package/dist/__tests__/server/storage/client.test.d.ts +0 -1
package/dist/__tests__/server/storage/client.test.js +0 -173
package/dist/__tests__/server/storage/keys.test.d.ts +0 -1
package/dist/__tests__/server/storage/keys.test.js +0 -47
package/dist/__tests__/shared/auth/types.test.d.ts +0 -1
package/dist/__tests__/shared/auth/types.test.js +0 -77
package/dist/__tests__/shared/http/status.test.d.ts +0 -1
package/dist/__tests__/shared/http/status.test.js +0 -29
package/dist/__tests__/storage/client.test.d.ts +0 -1
package/dist/__tests__/storage/client.test.js +0 -173
package/dist/__tests__/storage/keys.test.d.ts +0 -1
package/dist/__tests__/storage/keys.test.js +0 -47
package/dist/__tests__/types.test.d.ts +0 -1
package/dist/__tests__/types.test.js +0 -56
package/dist/auth/apiKey.d.ts +0 -44
package/dist/auth/apiKey.js +0 -59
package/dist/auth/index.d.ts +0 -3
package/dist/auth/index.js +0 -22
package/dist/auth/token.d.ts +0 -56
package/dist/auth/token.js +0 -104
package/dist/auth/types.d.ts +0 -63
package/dist/auth/types.js +0 -41
package/dist/client/apiError.d.ts +0 -48
package/dist/client/apiError.js +0 -65
package/dist/client/index.d.ts +0 -3
package/dist/client/index.js +0 -14
package/dist/client/types.d.ts +0 -12
package/dist/client/types.js +0 -5
package/dist/http/index.d.ts +0 -3
package/dist/http/index.js +0 -14
package/dist/http/responses.d.ts +0 -82
package/dist/http/responses.js +0 -132
package/dist/http/status.d.ts +0 -17
package/dist/http/status.js +0 -19
package/dist/http/types.d.ts +0 -10
package/dist/http/types.js +0 -5
package/dist/server/auth/apiKey.d.ts +0 -44
package/dist/server/auth/apiKey.js +0 -59
package/dist/server/auth/index.d.ts +0 -3
package/dist/server/auth/index.js +0 -19
package/dist/server/auth/token.d.ts +0 -102
package/dist/server/auth/token.js +0 -158
package/dist/server/http/index.d.ts +0 -1
package/dist/server/http/index.js +0 -12
package/dist/server/http/responses.d.ts +0 -82
package/dist/server/http/responses.js +0 -132
package/dist/server/index.d.ts +0 -4
package/dist/server/index.js +0 -37
package/dist/server/storage/client.d.ts +0 -48
package/dist/server/storage/client.js +0 -107
package/dist/server/storage/index.d.ts +0 -2
package/dist/server/storage/index.js +0 -11
package/dist/server/storage/keys.d.ts +0 -8
package/dist/server/storage/keys.js +0 -14
package/dist/shared/auth/index.d.ts +0 -2
package/dist/shared/auth/index.js +0 -7
package/dist/shared/auth/types.d.ts +0 -63
package/dist/shared/auth/types.js +0 -41
package/dist/shared/http/index.d.ts +0 -3
package/dist/shared/http/index.js +0 -5
package/dist/shared/http/status.d.ts +0 -19
package/dist/shared/http/status.js +0 -21
package/dist/shared/http/types.d.ts +0 -10
package/dist/shared/http/types.js +0 -5
package/dist/shared/index.d.ts +0 -5
package/dist/shared/index.js +0 -10
package/dist/storage/client.d.ts +0 -48
package/dist/storage/client.js +0 -107
package/dist/storage/index.d.ts +0 -2
package/dist/storage/index.js +0 -11
package/dist/storage/keys.d.ts +0 -8
package/dist/storage/keys.js +0 -14
package/dist/types.d.ts +0 -48
package/dist/types.js +0 -41

package/dist/http/responses.js DELETED Viewed

@@ -1,132 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.badRequestResponse = badRequestResponse;
-exports.unauthorizedResponse = unauthorizedResponse;
-exports.forbiddenResponse = forbiddenResponse;
-exports.notFoundResponse = notFoundResponse;
-exports.conflictResponse = conflictResponse;
-exports.handleFunctionError = handleFunctionError;
-exports.isNotFoundError = isNotFoundError;
-exports.isConflictError = isConflictError;
-const status_1 = require("./status");
-/**
- * Creates a 400 Bad Request response.
- * @param message - The error message to return
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!body.email) return badRequestResponse('Email is required');
- */
-function badRequestResponse(message) {
-    return {
-        status: status_1.HTTP_STATUS.BAD_REQUEST,
-        jsonBody: { error: message }
-    };
-}
-/**
- * Creates a 401 Unauthorized response.
- * @param message - The error message (default: 'Unauthorized')
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!token) return unauthorizedResponse();
- */
-function unauthorizedResponse(message = 'Unauthorized') {
-    return {
-        status: status_1.HTTP_STATUS.UNAUTHORIZED,
-        jsonBody: { error: message }
-    };
-}
-/**
- * Creates a 403 Forbidden response.
- * @param message - The error message (default: 'Forbidden')
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!isAdmin(payload)) return forbiddenResponse('Admin access required');
- */
-function forbiddenResponse(message = 'Forbidden') {
-    return {
-        status: status_1.HTTP_STATUS.FORBIDDEN,
-        jsonBody: { error: message }
-    };
-}
-/**
- * Creates a 404 Not Found response.
- * @param resource - The name of the resource that wasn't found
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!user) return notFoundResponse('User');
- * // Returns: { error: 'User not found' }
- */
-function notFoundResponse(resource) {
-    return {
-        status: status_1.HTTP_STATUS.NOT_FOUND,
-        jsonBody: { error: `${resource} not found` }
-    };
-}
-/**
- * Creates a 409 Conflict response.
- * @param message - The conflict error message
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (existingUser) return conflictResponse('Email already registered');
- */
-function conflictResponse(message) {
-    return {
-        status: status_1.HTTP_STATUS.CONFLICT,
-        jsonBody: { error: message }
-    };
-}
-/**
- * Handles unexpected errors safely by logging details and returning a generic message.
- * Use in catch blocks to avoid exposing internal error details to clients.
- * @param error - The caught error
- * @param context - Azure Functions InvocationContext for logging
- * @returns Azure Functions HttpResponseInit with 500 status
- * @example
- * try {
- *   await riskyOperation();
- * } catch (error) {
- *   return handleFunctionError(error, context);
- * }
- */
-function handleFunctionError(error, context) {
-    const message = error instanceof Error ? error.message : 'Unknown error';
-    context.error(`Function error: ${message}`);
-    return {
-        status: status_1.HTTP_STATUS.INTERNAL_ERROR,
-        jsonBody: { error: 'Internal server error' }
-    };
-}
-/**
- * Checks if an error is an Azure Table Storage "not found" error.
- * @param error - The caught error
- * @returns True if error has statusCode 404
- * @example
- * try {
- *   await tableClient.getEntity(pk, rk);
- * } catch (error) {
- *   if (isNotFoundError(error)) return notFoundResponse('Entity');
- *   throw error;
- * }
- */
-function isNotFoundError(error) {
-    return (error instanceof Error &&
-        'statusCode' in error &&
-        error.statusCode === 404);
-}
-/**
- * Checks if an error is an Azure Table Storage "conflict" error.
- * @param error - The caught error
- * @returns True if error has statusCode 409
- * @example
- * try {
- *   await tableClient.createEntity(entity);
- * } catch (error) {
- *   if (isConflictError(error)) return conflictResponse('Entity already exists');
- *   throw error;
- * }
- */
-function isConflictError(error) {
-    return (error instanceof Error &&
-        'statusCode' in error &&
-        error.statusCode === 409);
-}

package/dist/http/status.d.ts DELETED Viewed

@@ -1,17 +0,0 @@
-/**
- * HTTP status codes - use instead of magic numbers
- */
-export declare const HTTP_STATUS: {
-    readonly OK: 200;
-    readonly CREATED: 201;
-    readonly NO_CONTENT: 204;
-    readonly BAD_REQUEST: 400;
-    readonly UNAUTHORIZED: 401;
-    readonly FORBIDDEN: 403;
-    readonly NOT_FOUND: 404;
-    readonly CONFLICT: 409;
-    readonly GONE: 410;
-    readonly INTERNAL_ERROR: 500;
-    readonly SERVICE_UNAVAILABLE: 503;
-};
-export type HttpStatus = typeof HTTP_STATUS[keyof typeof HTTP_STATUS];

package/dist/http/status.js DELETED Viewed

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.HTTP_STATUS = void 0;
-/**
- * HTTP status codes - use instead of magic numbers
- */
-exports.HTTP_STATUS = {
-    OK: 200,
-    CREATED: 201,
-    NO_CONTENT: 204,
-    BAD_REQUEST: 400,
-    UNAUTHORIZED: 401,
-    FORBIDDEN: 403,
-    NOT_FOUND: 404,
-    CONFLICT: 409,
-    GONE: 410,
-    INTERNAL_ERROR: 500,
-    SERVICE_UNAVAILABLE: 503
-};

package/dist/http/types.d.ts DELETED Viewed

@@ -1,10 +0,0 @@
-/**
- * HTTP module type definitions
- */
-/**
- * Standard error response structure
- */
-export interface ErrorResponse {
-    error: string;
-    details?: string;
-}

package/dist/http/types.js DELETED Viewed

@@ -1,5 +0,0 @@
-"use strict";
-/**
- * HTTP module type definitions
- */
-Object.defineProperty(exports, "__esModule", { value: true });

package/dist/server/auth/apiKey.d.ts DELETED Viewed

@@ -1,44 +0,0 @@
-import { Result } from '../../types';
-/**
- * API Key utilities for machine-to-machine authentication
- */
-/**
- * Extracts API key from the X-API-Key header.
- * @param request - Request object with headers.get() method
- * @returns The API key string, or null if not present
- * @example
- * const apiKey = extractApiKey(request);
- */
-export declare function extractApiKey(request: {
-    headers: {
-        get(name: string): string | null;
-    };
-}): string | null;
-/**
- * Hashes an API key using SHA-256 for secure storage.
- * Store this hash in your database, never the raw key.
- * @param apiKey - The raw API key to hash
- * @returns The SHA-256 hash as a hex string
- * @example
- * const hash = hashApiKey(rawKey);
- * await db.save({ apiKeyHash: hash });
- */
-export declare function hashApiKey(apiKey: string): string;
-/**
- * Validates an API key against a stored hash.
- * @param apiKey - The API key from the request
- * @param storedHash - The hash stored in your database
- * @returns Result with ok=true if valid, or error message if invalid
- * @example
- * const result = validateApiKey(apiKey, user.apiKeyHash);
- * if (!result.ok) return httpUnauthorized();
- */
-export declare function validateApiKey(apiKey: string, storedHash: string): Result<void>;
-/**
- * Generates a cryptographically secure API key.
- * @returns A random 64-character hex string (32 bytes)
- * @example
- * const apiKey = generateApiKey();
- * // Return to user once, store hash in database
- */
-export declare function generateApiKey(): string;

package/dist/server/auth/apiKey.js DELETED Viewed

@@ -1,59 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.extractApiKey = extractApiKey;
-exports.hashApiKey = hashApiKey;
-exports.validateApiKey = validateApiKey;
-exports.generateApiKey = generateApiKey;
-const crypto_1 = require("crypto");
-const types_1 = require("../../types");
-/**
- * API Key utilities for machine-to-machine authentication
- */
-/**
- * Extracts API key from the X-API-Key header.
- * @param request - Request object with headers.get() method
- * @returns The API key string, or null if not present
- * @example
- * const apiKey = extractApiKey(request);
- */
-function extractApiKey(request) {
-    return request.headers.get('X-API-Key');
-}
-/**
- * Hashes an API key using SHA-256 for secure storage.
- * Store this hash in your database, never the raw key.
- * @param apiKey - The raw API key to hash
- * @returns The SHA-256 hash as a hex string
- * @example
- * const hash = hashApiKey(rawKey);
- * await db.save({ apiKeyHash: hash });
- */
-function hashApiKey(apiKey) {
-    return (0, crypto_1.createHash)('sha256').update(apiKey).digest('hex');
-}
-/**
- * Validates an API key against a stored hash.
- * @param apiKey - The API key from the request
- * @param storedHash - The hash stored in your database
- * @returns Result with ok=true if valid, or error message if invalid
- * @example
- * const result = validateApiKey(apiKey, user.apiKeyHash);
- * if (!result.ok) return httpUnauthorized();
- */
-function validateApiKey(apiKey, storedHash) {
-    const keyHash = hashApiKey(apiKey);
-    if (keyHash === storedHash) {
-        return (0, types_1.okVoid)();
-    }
-    return (0, types_1.err)('Invalid API key');
-}
-/**
- * Generates a cryptographically secure API key.
- * @returns A random 64-character hex string (32 bytes)
- * @example
- * const apiKey = generateApiKey();
- * // Return to user once, store hash in database
- */
-function generateApiKey() {
-    return (0, crypto_1.randomBytes)(32).toString('hex');
-}

package/dist/server/auth/index.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export { initAuth, getJwtSecret, extractToken, validateToken, generateToken, generateLongLivedToken, requireAuth, requireAdmin, DEFAULT_TOKEN_EXPIRY, DEFAULT_TOKEN_EXPIRY_SECONDS } from './token';
-export type { AuthSuccess, AuthFailure, AuthResult } from './token';
-export { extractApiKey, hashApiKey, validateApiKey, generateApiKey } from './apiKey';

package/dist/server/auth/index.js DELETED Viewed

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateApiKey = exports.validateApiKey = exports.hashApiKey = exports.extractApiKey = exports.DEFAULT_TOKEN_EXPIRY_SECONDS = exports.DEFAULT_TOKEN_EXPIRY = exports.requireAdmin = exports.requireAuth = exports.generateLongLivedToken = exports.generateToken = exports.validateToken = exports.extractToken = exports.getJwtSecret = exports.initAuth = void 0;
-var token_1 = require("./token");
-Object.defineProperty(exports, "initAuth", { enumerable: true, get: function () { return token_1.initAuth; } });
-Object.defineProperty(exports, "getJwtSecret", { enumerable: true, get: function () { return token_1.getJwtSecret; } });
-Object.defineProperty(exports, "extractToken", { enumerable: true, get: function () { return token_1.extractToken; } });
-Object.defineProperty(exports, "validateToken", { enumerable: true, get: function () { return token_1.validateToken; } });
-Object.defineProperty(exports, "generateToken", { enumerable: true, get: function () { return token_1.generateToken; } });
-Object.defineProperty(exports, "generateLongLivedToken", { enumerable: true, get: function () { return token_1.generateLongLivedToken; } });
-Object.defineProperty(exports, "requireAuth", { enumerable: true, get: function () { return token_1.requireAuth; } });
-Object.defineProperty(exports, "requireAdmin", { enumerable: true, get: function () { return token_1.requireAdmin; } });
-Object.defineProperty(exports, "DEFAULT_TOKEN_EXPIRY", { enumerable: true, get: function () { return token_1.DEFAULT_TOKEN_EXPIRY; } });
-Object.defineProperty(exports, "DEFAULT_TOKEN_EXPIRY_SECONDS", { enumerable: true, get: function () { return token_1.DEFAULT_TOKEN_EXPIRY_SECONDS; } });
-var apiKey_1 = require("./apiKey");
-Object.defineProperty(exports, "extractApiKey", { enumerable: true, get: function () { return apiKey_1.extractApiKey; } });
-Object.defineProperty(exports, "hashApiKey", { enumerable: true, get: function () { return apiKey_1.hashApiKey; } });
-Object.defineProperty(exports, "validateApiKey", { enumerable: true, get: function () { return apiKey_1.validateApiKey; } });
-Object.defineProperty(exports, "generateApiKey", { enumerable: true, get: function () { return apiKey_1.generateApiKey; } });

package/dist/server/auth/token.d.ts DELETED Viewed

@@ -1,102 +0,0 @@
-import { HttpResponseInit } from '@azure/functions';
-import { Result } from '../../types';
-import { BaseJwtPayload, RoleTokenPayload } from '../../shared/auth/types';
-/**
- * Initializes the JWT authentication system. Call once at application startup.
- * @param secret - The JWT secret key (from environment variable)
- * @param minLength - Minimum required secret length (default: 32)
- * @throws Error if secret is missing or too short
- * @example
- * initAuth(process.env.JWT_SECRET);
- */
-export declare function initAuth(secret: string | undefined, minLength?: number): void;
-/**
- * Gets the configured JWT secret.
- * @returns The JWT secret string
- * @throws Error if initAuth() has not been called
- */
-export declare function getJwtSecret(): string;
-/**
- * Extracts the Bearer token from an Authorization header.
- * @param authHeader - The Authorization header value
- * @returns The token string, or null if not a valid Bearer token
- * @example
- * const token = extractToken(request.headers.get('Authorization'));
- */
-export declare function extractToken(authHeader: string | null): string | null;
-/**
- * Validates and decodes a JWT token.
- * @typeParam T - The expected payload type (extends object)
- * @param token - The JWT token string to validate
- * @returns Result with decoded payload on success, or error message on failure
- * @example
- * const result = validateToken<UserPayload>(token);
- * if (result.ok) {
- *   console.log(result.data.username);
- * }
- */
-export declare function validateToken<T extends object>(token: string): Result<T>;
-/**
- * Generates a signed JWT token with the given payload.
- * @typeParam T - The payload type (extends object)
- * @param payload - The data to encode in the token
- * @param expiresIn - Token expiration time (default: '7d')
- * @returns The signed JWT token string
- * @example
- * const token = generateToken({ userId: '123', role: 'admin' }, '1h');
- */
-export declare function generateToken<T extends object>(payload: T, expiresIn?: string): string;
-/**
- * Generates a long-lived JWT token for machine/API access.
- * @typeParam T - The payload type (extends object)
- * @param payload - The data to encode in the token
- * @param expiresInDays - Token expiration in days (default: 3650 ≈ 10 years)
- * @returns The signed JWT token string
- * @example
- * const apiToken = generateLongLivedToken({ machineId: 'server-1' });
- */
-export declare function generateLongLivedToken<T extends object>(payload: T, expiresInDays?: number): string;
-/**
- * Successful auth result with typed payload.
- */
-export interface AuthSuccess<T extends BaseJwtPayload> {
-    authorized: true;
-    payload: T;
-}
-/**
- * Failed auth result with HTTP response.
- */
-export interface AuthFailure {
-    authorized: false;
-    response: HttpResponseInit;
-}
-/**
- * Discriminated union for auth results.
- * Use `auth.authorized` to narrow the type.
- */
-export type AuthResult<T extends BaseJwtPayload> = AuthSuccess<T> | AuthFailure;
-/** Default token expiry string for generateToken (7 days) */
-export declare const DEFAULT_TOKEN_EXPIRY = "7d";
-/** Default token expiry in seconds (7 days = 604800 seconds) */
-export declare const DEFAULT_TOKEN_EXPIRY_SECONDS: number;
-/**
- * Validates auth header and returns typed payload or error response.
- * @typeParam T - The expected payload type (extends BaseJwtPayload)
- * @param authHeader - The Authorization header value
- * @returns AuthResult with payload on success, or HTTP response on failure
- * @example
- * const auth = requireAuth<UsernameTokenPayload>(request.headers.get('Authorization'));
- * if (!auth.authorized) return auth.response;
- * console.log(auth.payload.username);
- */
-export declare function requireAuth<T extends BaseJwtPayload>(authHeader: string | null): AuthResult<T>;
-/**
- * Requires admin role. Use with RoleTokenPayload.
- * @param authHeader - The Authorization header value
- * @returns AuthResult with RoleTokenPayload on success, or HTTP response on failure
- * @example
- * const auth = requireAdmin(request.headers.get('Authorization'));
- * if (!auth.authorized) return auth.response;
- * // User is admin
- */
-export declare function requireAdmin(authHeader: string | null): AuthResult<RoleTokenPayload>;

package/dist/server/auth/token.js DELETED Viewed

@@ -1,158 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DEFAULT_TOKEN_EXPIRY_SECONDS = exports.DEFAULT_TOKEN_EXPIRY = void 0;
-exports.initAuth = initAuth;
-exports.getJwtSecret = getJwtSecret;
-exports.extractToken = extractToken;
-exports.validateToken = validateToken;
-exports.generateToken = generateToken;
-exports.generateLongLivedToken = generateLongLivedToken;
-exports.requireAuth = requireAuth;
-exports.requireAdmin = requireAdmin;
-const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
-const types_1 = require("../../types");
-const types_2 = require("../../shared/auth/types");
-const responses_1 = require("../http/responses");
-/**
- * JWT token utilities - works with any payload structure
- * Use BaseJwtPayload or extend it for type safety
- */
-let jwtSecret = null;
-/**
- * Initializes the JWT authentication system. Call once at application startup.
- * @param secret - The JWT secret key (from environment variable)
- * @param minLength - Minimum required secret length (default: 32)
- * @throws Error if secret is missing or too short
- * @example
- * initAuth(process.env.JWT_SECRET);
- */
-function initAuth(secret, minLength = 32) {
-    if (!secret || secret.length < minLength) {
-        throw new Error(`JWT_SECRET must be at least ${minLength} characters`);
-    }
-    jwtSecret = secret;
-}
-/**
- * Gets the configured JWT secret.
- * @returns The JWT secret string
- * @throws Error if initAuth() has not been called
- */
-function getJwtSecret() {
-    if (!jwtSecret) {
-        throw new Error('Auth not initialized. Call initAuth() first.');
-    }
-    return jwtSecret;
-}
-/**
- * Extracts the Bearer token from an Authorization header.
- * @param authHeader - The Authorization header value
- * @returns The token string, or null if not a valid Bearer token
- * @example
- * const token = extractToken(request.headers.get('Authorization'));
- */
-function extractToken(authHeader) {
-    if (!authHeader?.startsWith('Bearer ')) {
-        return null;
-    }
-    return authHeader.slice(7);
-}
-/**
- * Validates and decodes a JWT token.
- * @typeParam T - The expected payload type (extends object)
- * @param token - The JWT token string to validate
- * @returns Result with decoded payload on success, or error message on failure
- * @example
- * const result = validateToken<UserPayload>(token);
- * if (result.ok) {
- *   console.log(result.data.username);
- * }
- */
-function validateToken(token) {
-    try {
-        const payload = jsonwebtoken_1.default.verify(token, getJwtSecret());
-        if (typeof payload === 'object' && payload !== null) {
-            return (0, types_1.ok)(payload);
-        }
-        return (0, types_1.err)('Invalid token payload');
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : 'Token validation failed';
-        return (0, types_1.err)(message);
-    }
-}
-/**
- * Generates a signed JWT token with the given payload.
- * @typeParam T - The payload type (extends object)
- * @param payload - The data to encode in the token
- * @param expiresIn - Token expiration time (default: '7d')
- * @returns The signed JWT token string
- * @example
- * const token = generateToken({ userId: '123', role: 'admin' }, '1h');
- */
-function generateToken(payload, expiresIn = '7d') {
-    return jsonwebtoken_1.default.sign(payload, getJwtSecret(), { expiresIn });
-}
-/**
- * Generates a long-lived JWT token for machine/API access.
- * @typeParam T - The payload type (extends object)
- * @param payload - The data to encode in the token
- * @param expiresInDays - Token expiration in days (default: 3650 ≈ 10 years)
- * @returns The signed JWT token string
- * @example
- * const apiToken = generateLongLivedToken({ machineId: 'server-1' });
- */
-function generateLongLivedToken(payload, expiresInDays = 3650) {
-    return jsonwebtoken_1.default.sign(payload, getJwtSecret(), { expiresIn: `${expiresInDays}d` });
-}
-// ============================================================================
-// Token Expiry Constants
-// ============================================================================
-/** Default token expiry string for generateToken (7 days) */
-exports.DEFAULT_TOKEN_EXPIRY = '7d';
-/** Default token expiry in seconds (7 days = 604800 seconds) */
-exports.DEFAULT_TOKEN_EXPIRY_SECONDS = 7 * 24 * 60 * 60;
-// ============================================================================
-// Auth Helpers
-// ============================================================================
-/**
- * Validates auth header and returns typed payload or error response.
- * @typeParam T - The expected payload type (extends BaseJwtPayload)
- * @param authHeader - The Authorization header value
- * @returns AuthResult with payload on success, or HTTP response on failure
- * @example
- * const auth = requireAuth<UsernameTokenPayload>(request.headers.get('Authorization'));
- * if (!auth.authorized) return auth.response;
- * console.log(auth.payload.username);
- */
-function requireAuth(authHeader) {
-    const token = extractToken(authHeader);
-    if (!token) {
-        return { authorized: false, response: (0, responses_1.unauthorizedResponse)() };
-    }
-    const result = validateToken(token);
-    if (!result.ok) {
-        return { authorized: false, response: (0, responses_1.unauthorizedResponse)(result.error) };
-    }
-    return { authorized: true, payload: result.data };
-}
-/**
- * Requires admin role. Use with RoleTokenPayload.
- * @param authHeader - The Authorization header value
- * @returns AuthResult with RoleTokenPayload on success, or HTTP response on failure
- * @example
- * const auth = requireAdmin(request.headers.get('Authorization'));
- * if (!auth.authorized) return auth.response;
- * // User is admin
- */
-function requireAdmin(authHeader) {
-    const auth = requireAuth(authHeader);
-    if (!auth.authorized)
-        return auth;
-    if (!(0, types_2.isAdmin)(auth.payload)) {
-        return { authorized: false, response: (0, responses_1.forbiddenResponse)('Admin access required') };
-    }
-    return auth;
-}

package/dist/server/http/index.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export { badRequestResponse, unauthorizedResponse, forbiddenResponse, notFoundResponse, conflictResponse, handleFunctionError, isNotFoundError, isConflictError } from './responses';

package/dist/server/http/index.js DELETED Viewed

@@ -1,12 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.isConflictError = exports.isNotFoundError = exports.handleFunctionError = exports.conflictResponse = exports.notFoundResponse = exports.forbiddenResponse = exports.unauthorizedResponse = exports.badRequestResponse = void 0;
-var responses_1 = require("./responses");
-Object.defineProperty(exports, "badRequestResponse", { enumerable: true, get: function () { return responses_1.badRequestResponse; } });
-Object.defineProperty(exports, "unauthorizedResponse", { enumerable: true, get: function () { return responses_1.unauthorizedResponse; } });
-Object.defineProperty(exports, "forbiddenResponse", { enumerable: true, get: function () { return responses_1.forbiddenResponse; } });
-Object.defineProperty(exports, "notFoundResponse", { enumerable: true, get: function () { return responses_1.notFoundResponse; } });
-Object.defineProperty(exports, "conflictResponse", { enumerable: true, get: function () { return responses_1.conflictResponse; } });
-Object.defineProperty(exports, "handleFunctionError", { enumerable: true, get: function () { return responses_1.handleFunctionError; } });
-Object.defineProperty(exports, "isNotFoundError", { enumerable: true, get: function () { return responses_1.isNotFoundError; } });
-Object.defineProperty(exports, "isConflictError", { enumerable: true, get: function () { return responses_1.isConflictError; } });

package/dist/server/http/responses.d.ts DELETED Viewed

@@ -1,82 +0,0 @@
-import { HttpResponseInit, InvocationContext } from '@azure/functions';
-/**
- * Creates a 400 Bad Request response.
- * @param message - The error message to return
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!body.email) return badRequestResponse('Email is required');
- */
-export declare function badRequestResponse(message: string): HttpResponseInit;
-/**
- * Creates a 401 Unauthorized response.
- * @param message - The error message (default: 'Unauthorized')
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!token) return unauthorizedResponse();
- */
-export declare function unauthorizedResponse(message?: string): HttpResponseInit;
-/**
- * Creates a 403 Forbidden response.
- * @param message - The error message (default: 'Forbidden')
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!isAdmin(payload)) return forbiddenResponse('Admin access required');
- */
-export declare function forbiddenResponse(message?: string): HttpResponseInit;
-/**
- * Creates a 404 Not Found response.
- * @param resource - The name of the resource that wasn't found
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (!user) return notFoundResponse('User');
- * // Returns: { error: 'User not found' }
- */
-export declare function notFoundResponse(resource: string): HttpResponseInit;
-/**
- * Creates a 409 Conflict response.
- * @param message - The conflict error message
- * @returns Azure Functions HttpResponseInit object
- * @example
- * if (existingUser) return conflictResponse('Email already registered');
- */
-export declare function conflictResponse(message: string): HttpResponseInit;
-/**
- * Handles unexpected errors safely by logging details and returning a generic message.
- * Use in catch blocks to avoid exposing internal error details to clients.
- * @param error - The caught error
- * @param context - Azure Functions InvocationContext for logging
- * @returns Azure Functions HttpResponseInit with 500 status
- * @example
- * try {
- *   await riskyOperation();
- * } catch (error) {
- *   return handleFunctionError(error, context);
- * }
- */
-export declare function handleFunctionError(error: unknown, context: InvocationContext): HttpResponseInit;
-/**
- * Checks if an error is an Azure Table Storage "not found" error.
- * @param error - The caught error
- * @returns True if error has statusCode 404
- * @example
- * try {
- *   await tableClient.getEntity(pk, rk);
- * } catch (error) {
- *   if (isNotFoundError(error)) return notFoundResponse('Entity');
- *   throw error;
- * }
- */
-export declare function isNotFoundError(error: unknown): boolean;
-/**
- * Checks if an error is an Azure Table Storage "conflict" error.
- * @param error - The caught error
- * @returns True if error has statusCode 409
- * @example
- * try {
- *   await tableClient.createEntity(entity);
- * } catch (error) {
- *   if (isConflictError(error)) return conflictResponse('Entity already exists');
- *   throw error;
- * }
- */
-export declare function isConflictError(error: unknown): boolean;