npm - @mastra/nestjs - Versions diffs - 0.0.0-studio-cli-20260504022012 - Mend

@mastra/nestjs 0.0.0-studio-cli-20260504022012

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/CHANGELOG.md +79 -0
package/LICENSE.md +30 -0
package/README.md +324 -0
package/dist/__tests__/test-helpers.d.ts +17 -0
package/dist/__tests__/test-helpers.d.ts.map +1 -0
package/dist/constants.d.ts +34 -0
package/dist/constants.d.ts.map +1 -0
package/dist/controllers/index.d.ts +3 -0
package/dist/controllers/index.d.ts.map +1 -0
package/dist/controllers/mastra.controller.d.ts +54 -0
package/dist/controllers/mastra.controller.d.ts.map +1 -0
package/dist/controllers/system.controller.d.ts +45 -0
package/dist/controllers/system.controller.d.ts.map +1 -0
package/dist/decorators/index.d.ts +3 -0
package/dist/decorators/index.d.ts.map +1 -0
package/dist/decorators/public.decorator.d.ts +17 -0
package/dist/decorators/public.decorator.d.ts.map +1 -0
package/dist/decorators/throttle.decorator.d.ts +34 -0
package/dist/decorators/throttle.decorator.d.ts.map +1 -0
package/dist/filters/index.d.ts +2 -0
package/dist/filters/index.d.ts.map +1 -0
package/dist/filters/mastra-exception.filter.d.ts +28 -0
package/dist/filters/mastra-exception.filter.d.ts.map +1 -0
package/dist/guards/index.d.ts +3 -0
package/dist/guards/index.d.ts.map +1 -0
package/dist/guards/mastra-auth.guard.d.ts +42 -0
package/dist/guards/mastra-auth.guard.d.ts.map +1 -0
package/dist/guards/mastra-route.guard.d.ts +23 -0
package/dist/guards/mastra-route.guard.d.ts.map +1 -0
package/dist/guards/mastra-throttle.guard.d.ts +53 -0
package/dist/guards/mastra-throttle.guard.d.ts.map +1 -0
package/dist/index.cjs +14298 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.ts +23 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +14284 -0
package/dist/index.js.map +1 -0
package/dist/interceptors/index.d.ts +3 -0
package/dist/interceptors/index.d.ts.map +1 -0
package/dist/interceptors/request-tracking.interceptor.d.ts +13 -0
package/dist/interceptors/request-tracking.interceptor.d.ts.map +1 -0
package/dist/interceptors/streaming.interceptor.d.ts +40 -0
package/dist/interceptors/streaming.interceptor.d.ts.map +1 -0
package/dist/interceptors/tracing.interceptor.d.ts +12 -0
package/dist/interceptors/tracing.interceptor.d.ts.map +1 -0
package/dist/mastra-server.adapter.d.ts +10 -0
package/dist/mastra-server.adapter.d.ts.map +1 -0
package/dist/mastra.module.d.ts +173 -0
package/dist/mastra.module.d.ts.map +1 -0
package/dist/mastra.service.d.ts +51 -0
package/dist/mastra.service.d.ts.map +1 -0
package/dist/middleware/body-limit.middleware.d.ts +24 -0
package/dist/middleware/body-limit.middleware.d.ts.map +1 -0
package/dist/middleware/index.d.ts +3 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/json-body.middleware.d.ts +17 -0
package/dist/middleware/json-body.middleware.d.ts.map +1 -0
package/dist/services/auth.service.d.ts +34 -0
package/dist/services/auth.service.d.ts.map +1 -0
package/dist/services/index.d.ts +5 -0
package/dist/services/index.d.ts.map +1 -0
package/dist/services/request-context.service.d.ts +52 -0
package/dist/services/request-context.service.d.ts.map +1 -0
package/dist/services/route-handler.service.d.ts +78 -0
package/dist/services/route-handler.service.d.ts.map +1 -0
package/dist/services/shutdown.service.d.ts +54 -0
package/dist/services/shutdown.service.d.ts.map +1 -0
package/dist/utils/constants.d.ts +3 -0
package/dist/utils/constants.d.ts.map +1 -0
package/dist/utils/format.d.ts +5 -0
package/dist/utils/format.d.ts.map +1 -0
package/dist/utils/parse-multipart.d.ts +18 -0
package/dist/utils/parse-multipart.d.ts.map +1 -0
package/dist/utils/route-path.d.ts +6 -0
package/dist/utils/route-path.d.ts.map +1 -0
package/package.json +84 -0

package/dist/decorators/throttle.decorator.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+export interface ThrottleOptions {
+    /** Maximum number of requests in the window */
+    limit: number;
+    /** Time window in milliseconds */
+    windowMs: number;
+}
+/**
+ * Decorator to set custom rate limits for a route.
+ * Overrides the default rate limits from MastraModuleOptions.
+ *
+ * @example
+ * ```typescript
+ * @Post('generate')
+ * @MastraThrottle({ limit: 5, windowMs: 60000 }) // 5 requests per minute
+ * async generate(@Body() body: GenerateDto) {
+ *   // ...
+ * }
+ * ```
+ */
+export declare const MastraThrottle: (options: ThrottleOptions) => import("@nestjs/common").CustomDecorator<string>;
+/**
+ * Decorator to skip rate limiting for a route.
+ *
+ * @example
+ * ```typescript
+ * @Get('health')
+ * @SkipThrottle()
+ * check() {
+ *   return { status: 'ok' };
+ * }
+ * ```
+ */
+export declare const SkipThrottle: () => import("@nestjs/common").CustomDecorator<string>;
+//# sourceMappingURL=throttle.decorator.d.ts.map

package/dist/decorators/throttle.decorator.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"throttle.decorator.d.ts","sourceRoot":"","sources":["../../src/decorators/throttle.decorator.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,eAAe;IAC9B,+CAA+C;IAC/C,KAAK,EAAE,MAAM,CAAC;IACd,kCAAkC;IAClC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,cAAc,GAAI,SAAS,eAAe,qDAAuC,CAAC;AAE/F;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,YAAY,wDAAkD,CAAC"}

package/dist/filters/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { MastraExceptionFilter } from './mastra-exception.filter.js';
2	+ //# sourceMappingURL=index.d.ts.map

package/dist/filters/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/filters/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC"}

package/dist/filters/mastra-exception.filter.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import type { ArgumentsHost, ExceptionFilter } from '@nestjs/common';
+/**
+ * Global exception filter that normalizes all errors to a consistent format.
+ *
+ * Response format:
+ * ```json
+ * {
+ *   "error": "Error message",
+ *   "code": "ERROR_CODE",
+ *   "issues": [{ "field": "fieldName", "message": "..." }],
+ *   "requestId": "...",
+ *   "timestamp": "..."
+ * }
+ * ```
+ */
+export declare class MastraExceptionFilter implements ExceptionFilter {
+    private readonly logger;
+    catch(exception: unknown, host: ArgumentsHost): void;
+    /**
+     * Normalize any error type to a consistent format.
+     */
+    private normalizeError;
+    /**
+     * Get error code from HTTP status.
+     */
+    private getErrorCode;
+}
+//# sourceMappingURL=mastra-exception.filter.d.ts.map

package/dist/filters/mastra-exception.filter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mastra-exception.filter.d.ts","sourceRoot":"","sources":["../../src/filters/mastra-exception.filter.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAyBrE;;;;;;;;;;;;;GAaG;AACH,qBACa,qBAAsB,YAAW,eAAe;IAC3D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;IAEjE,KAAK,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,GAAG,IAAI;IAkCpD;;OAEG;IACH,OAAO,CAAC,cAAc;IAgHtB;;OAEG;IACH,OAAO,CAAC,YAAY;CAkCrB"}

package/dist/guards/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { MastraAuthGuard } from './mastra-auth.guard.js';
+export { MastraThrottleGuard } from './mastra-throttle.guard.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/guards/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/guards/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC"}

package/dist/guards/mastra-auth.guard.d.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import type { CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { AuthService } from '../services/auth.service.js';
+/**
+ * Guard that bridges to Mastra's authentication system.
+ * Checks for @Public() decorator to skip auth.
+ *
+ * **IMPORTANT: This guard is for custom user routes, NOT for Mastra API routes.**
+ *
+ * Mastra routes (agents, workflows, etc.) use AuthService internally which has
+ * access to route-specific auth configuration (customRouteAuthConfig, isProtectedPath,
+ * canAccessPublicly). This guard is a simplified version for when you want to
+ * protect your own NestJS routes with Mastra's auth config.
+ *
+ * Differences from AuthService (used internally for Mastra routes):
+ * - Does NOT check `customRouteAuthConfig`
+ * - Does NOT check `isProtectedPath` / `canAccessPublicly` from @mastra/server/auth
+ * - Has simpler dev playground detection (just checks header + config)
+ *
+ * @example
+ * ```typescript
+ * // Protect a custom route with Mastra auth
+ * @Controller('my-custom')
+ * @UseGuards(MastraAuthGuard)
+ * export class MyController {
+ *   @Get('protected')
+ *   protectedRoute() { ... }
+ *
+ *   @Get('open')
+ *   @Public() // Skip auth for this route
+ *   openRoute() { ... }
+ * }
+ * ```
+ */
+export declare class MastraAuthGuard implements CanActivate {
+    private readonly reflector;
+    private readonly authService;
+    private readonly logger;
+    constructor(reflector: Reflector, authService: AuthService);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+}
+//# sourceMappingURL=mastra-auth.guard.d.ts.map

package/dist/guards/mastra-auth.guard.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mastra-auth.guard.d.ts","sourceRoot":"","sources":["../../src/guards/mastra-auth.guard.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIzC,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,qBACa,eAAgB,YAAW,WAAW;IAI5B,OAAO,CAAC,QAAQ,CAAC,SAAS;IACxB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAJnD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoC;gBAGrB,SAAS,EAAE,SAAS,EAClB,WAAW,EAAE,WAAW;IAG1D,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAoB/D"}

package/dist/guards/mastra-route.guard.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import type { Mastra } from '@mastra/core/mastra';
+import type { CanActivate, ExecutionContext } from '@nestjs/common';
+import type { MastraModuleOptions } from '../mastra.module.js';
+import { AuthService } from '../services/auth.service.js';
+import { RequestContextService } from '../services/request-context.service.js';
+import { RouteHandlerService } from '../services/route-handler.service.js';
+import { MastraThrottleGuard } from './mastra-throttle.guard.js';
+/**
+ * Guard for Mastra routes handled by MastraController.
+ * Runs route matching to avoid authenticating non-Mastra paths,
+ * then enforces auth + rate limiting for matched Mastra routes.
+ */
+export declare class MastraRouteGuard implements CanActivate {
+    private readonly mastra;
+    private readonly options;
+    private readonly routeHandler;
+    private readonly requestContext;
+    private readonly authService;
+    private readonly throttleGuard;
+    constructor(mastra: Mastra, options: MastraModuleOptions, routeHandler: RouteHandlerService, requestContext: RequestContextService, authService: AuthService, throttleGuard: MastraThrottleGuard);
+    canActivate(context: ExecutionContext): Promise<boolean>;
+}
+//# sourceMappingURL=mastra-route.guard.d.ts.map

package/dist/guards/mastra-route.guard.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mastra-route.guard.d.ts","sourceRoot":"","sources":["../../src/guards/mastra-route.guard.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAElD,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAIpE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AAExE,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAE9D;;;;GAIG;AACH,qBACa,gBAAiB,YAAW,WAAW;IAEhC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACf,OAAO,CAAC,QAAQ,CAAC,OAAO;IACnB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC3B,OAAO,CAAC,QAAQ,CAAC,cAAc;IACzC,OAAO,CAAC,QAAQ,CAAC,WAAW;IACpB,OAAO,CAAC,QAAQ,CAAC,aAAa;gBAL1B,MAAM,EAAE,MAAM,EACN,OAAO,EAAE,mBAAmB,EACvB,YAAY,EAAE,mBAAmB,EAC/B,cAAc,EAAE,qBAAqB,EAC/C,WAAW,EAAE,WAAW,EAChB,aAAa,EAAE,mBAAmB;IAG5E,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CA4B/D"}

package/dist/guards/mastra-throttle.guard.d.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import type { CanActivate, ExecutionContext, OnModuleDestroy } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import type { Request } from 'express';
+import type { ThrottleOptions } from '../decorators/throttle.decorator.js';
+import type { MastraModuleOptions } from '../mastra.module.js';
+/**
+ * Guard that implements rate limiting.
+ * Rate limiting is ON by default - set rateLimitOptions.enabled: false to disable.
+ */
+export declare class MastraThrottleGuard implements CanActivate, OnModuleDestroy {
+    private readonly options;
+    private readonly reflector;
+    private readonly logger;
+    private readonly store;
+    private cleanupInterval;
+    constructor(options: MastraModuleOptions, reflector: Reflector);
+    /**
+     * Clean up the interval when the module is destroyed.
+     */
+    onModuleDestroy(): void;
+    canActivate(context: ExecutionContext): Promise<boolean>;
+    /**
+     * Check rate limit for a request.
+     * Can be called directly from controllers for manual rate limiting.
+     */
+    checkLimit(request: Request, limit: number, windowMs: number, rateLimitPath?: string): Promise<void>;
+    /**
+     * Get rate limit settings for this request.
+     */
+    getRateLimitSettings(request: Request, decoratorOptions?: ThrottleOptions, rateLimitPath?: string): {
+        limit: number;
+        windowMs: number;
+    };
+    /**
+     * Get client identifier for rate limiting.
+     * Uses user ID if authenticated, IP address otherwise.
+     *
+     * Security note: X-Forwarded-For is only trusted when the app is configured
+     * with 'trust proxy' in Express. Without that setting, we use the direct
+     * connection IP to prevent header spoofing attacks.
+     */
+    private getClientId;
+    /**
+     * Evict oldest entries when store exceeds max size.
+     * Uses a simple LRU-like approach based on resetAt time.
+     */
+    private evictOldestEntries;
+    /**
+     * Clean up expired entries from the store.
+     */
+    private cleanupExpiredEntries;
+}
+//# sourceMappingURL=mastra-throttle.guard.d.ts.map

package/dist/guards/mastra-throttle.guard.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mastra-throttle.guard.d.ts","sourceRoot":"","sources":["../../src/guards/mastra-throttle.guard.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGvC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAa5D;;;GAGG;AACH,qBACa,mBAAoB,YAAW,WAAW,EAAE,eAAe;IAM5C,OAAO,CAAC,QAAQ,CAAC,OAAO;IAC7B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAN/C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwC;IAC/D,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAoC;IAC1D,OAAO,CAAC,eAAe,CAA+C;gBAG3B,OAAO,EAAE,mBAAmB,EACjC,SAAS,EAAE,SAAS;IAM1D;;OAEG;IACH,eAAe,IAAI,IAAI;IAQjB,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;IAsB9D;;;OAGG;IACG,UAAU,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA0C1G;;OAEG;IACH,oBAAoB,CAClB,OAAO,EAAE,OAAO,EAChB,gBAAgB,CAAC,EAAE,eAAe,EAClC,aAAa,CAAC,EAAE,MAAM,GACrB;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;IAuBtC;;;;;;;OAOG;IACH,OAAO,CAAC,WAAW;IAcnB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAc1B;;OAEG;IACH,OAAO,CAAC,qBAAqB;CAe9B"}