@nitronjs/framework 0.2.3 → 0.2.4

package/lib/Session/Manager.js

@@ -5,254 +5,200 @@ import File from "./File.js";
 import Session from "./Session.js";
 
 /**
- * SessionManager
- * 
- * Singleton that manages all sessions for the application.
- * Handles loading, creation, persistence, and lifecycle.
- * 
- * Features:
- * - Cookie-based session IDs (signed)
- * - Pluggable storage drivers (Memory, File)
- * - Automatic session persistence
- * - Lifetime management and expiration
- * - Garbage collection for expired sessions
+ * Session manager singleton.
+ * Handles session loading, creation, persistence, and garbage collection.
  */
 class SessionManager {
-    static instance = null;
-    static #isInternal = false;
-    
-    // Instance properties
-    config = null;
-    store = null;
-    ready = null;
-    gcTimer = null;
-
-    constructor () {
-        if (!SessionManager.#isInternal) {
-            throw new Error("SessionManager must be initialized with await SessionManager.getInstance()");
-        }
-    }
-
-    static getSessionConfig() {
-        return Config.all("session");
-    }
+    static #instance = null;
 
-    static async createInstance() {
-        SessionManager.#isInternal = true;
-        const instance = new SessionManager();
-        SessionManager.#isInternal = false;
-        
-        instance.config = this.getSessionConfig();
-        instance.config.cookie.signed = true; // Enforce signed cookies
-        // Load storage driver based on config
-        instance.store = instance.#createDriver(instance.config.driver);
-        // Store ready promise (for File driver initialization)
-        instance.ready = instance.store.ready || Promise.resolve();
-        return instance;
-    }
+    #config = null;
+    #store = null;
+    #gcTimer = null;
 
     /**
-     * Create storage driver instance
-     * @param {string} driver - Driver name (memory, file)
-     * @returns {object} Driver instance
+     * Gets the singleton instance.
+     * @returns {Promise<SessionManager>}
      */
-    #createDriver(driver) {
-        switch (driver) {
-            case 'file':
-                return new File();
-            case 'memory':
-            default:
-                return new Memory();
+    static async getInstance() {
+        if (!this.#instance) {
+            this.#instance = new SessionManager();
+            await this.#instance.#initialize();
         }
+
+        return this.#instance;
     }
 
-    /**
-     * Get singleton instance
-     */
-    static async getInstance () {
-        if (!SessionManager.instance) {
-            SessionManager.instance = await SessionManager.createInstance();
+    /** @private */
+    async #initialize() {
+        this.#config = Config.all("session");
+        this.#config.cookie.signed = true;
+
+        this.#store = this.#config.driver === "file" ? new File() : new Memory();
+
+        if (this.#store.ready) {
+            await this.#store.ready;
         }
-        return SessionManager.instance;
     }
 
-    // ========================================
-    // Session Lifecycle
-    // ========================================
-
     /**
-     * Load existing session or create a new one
-     * 
-     * Validates cookie signature, checks session lifetime,
-     * and retrieves session data from the store.
-     * 
-     * @param {object} request - Fastify request object
-     * @param {object} response - Fastify response object
-     * @returns {Session} Session instance
+     * Loads existing session or creates a new one.
+     * @param {import("fastify").FastifyRequest} request
+     * @param {import("fastify").FastifyReply} response
+     * @returns {Promise<Session>}
      */
-    async load (request, response) {
-        // Wait for store initialization (File driver directory setup)
-        await this.ready;
-        
-        const signedCookie = request.cookies[this.config.cookieName];
-        
-        // No cookie → new session
+    async load(request, response) {
+        const signedCookie = request.cookies[this.#config.cookieName];
+
         if (!signedCookie) {
-            return this.create(response);
+            return this.#create(response);
         }
 
-        // Verify cookie signature
         const unsignResult = request.unsignCookie(signedCookie);
+
         if (!unsignResult.valid) {
-            response.clearCookie(this.config.cookieName);
-            
-            return this.create(response);
+            response.clearCookie(this.#config.cookieName);
+
+            return this.#create(response);
         }
 
         const sessionId = unsignResult.value;
-        const sessionData = await this.store.get(sessionId);
+        const sessionData = await this.#store.get(sessionId);
 
-        // Session not found → new session
         if (!sessionData) {
-            response.clearCookie(this.config.cookieName);
+            response.clearCookie(this.#config.cookieName);
 
-            return this.create(response);
+            return this.#create(response);
         }
 
-        // Check if session expired (lifetime)
         const lastActivity = sessionData.lastActivity || sessionData.createdAt;
-        if (Date.now() - lastActivity > this.config.lifetime) {
-            await this.store.delete(sessionId);
-            response.clearCookie(this.config.cookieName);
 
-            return this.create(response);
+        if (Date.now() - lastActivity > this.#config.lifetime) {
+            await this.#store.delete(sessionId);
+            response.clearCookie(this.#config.cookieName);
+
+            return this.#create(response);
         }
 
         return new Session(sessionId, sessionData);
     }
 
     /**
-     * Create new session
-     * @param {object} response - Fastify response
-     * @returns {Session} New session instance
+     * Persists session data to store.
+     * @param {Session} session
      */
-    async create (response) {
-        const id = crypto.randomBytes(32).toString("hex");
-        const sessionData = {
-            data: {},
-            createdAt: Date.now(),
-        };
-
-        await this.store.set(id, sessionData);
-        
-        // Set signed cookie
-        const cookieOptions = { ...this.config.cookie, signed: true };
-        response.setCookie(this.config.cookieName, id, cookieOptions);
+    async persist(session) {
+        await this.#store.set(session.id, {
+            data: session.all(),
+            createdAt: session.createdAt,
+            lastActivity: Date.now()
+        });
+    }
 
-        return new Session(id, sessionData);
+    /**
+     * Deletes old session after regeneration.
+     * @param {string} oldId
+     */
+    async deleteOld(oldId) {
+        if (oldId) {
+            await this.#store.delete(oldId);
+        }
     }
 
-    // ========================================
-    // Garbage Collection
-    // ========================================
+    /**
+     * Gets config for cookie options.
+     * @returns {Object}
+     */
+    get cookieConfig() {
+        return { ...this.#config.cookie, signed: true };
+    }
 
     /**
-     * Start automatic garbage collection (every 15 minutes)
+     * Gets session cookie name.
+     * @returns {string}
      */
-    startGarbageCollection () {
-        if (typeof this.store.gc !== 'function') {
-            return; // Store doesn't support GC
+    get cookieName() {
+        return this.#config.cookieName;
+    }
+
+    /** @private */
+    async #create(response) {
+        const id = crypto.randomBytes(32).toString("hex");
+        const sessionData = { data: {}, createdAt: Date.now() };
+
+        await this.#store.set(id, sessionData);
+        response.setCookie(this.#config.cookieName, id, this.cookieConfig);
+
+        return new Session(id, sessionData);
+    }
+
+    /** @private */
+    #startGC() {
+        if (typeof this.#store.gc !== "function") {
+            return;
         }
 
-        const gcInterval = 15 * 60 * 1000; // 15 minutes
+        const interval = 15 * 60 * 1000;
 
-        this.gcTimer = setInterval(async () => {
+        this.#gcTimer = setInterval(async () => {
             try {
-                const deleted = await this.store.gc(this.config.lifetime);
+                const deleted = await this.#store.gc(this.#config.lifetime);
+
                 if (deleted > 0) {
-                    console.log(`[Session GC] Deleted ${deleted} expired sessions`);
+                    console.log(`[Session] GC: ${deleted} expired sessions deleted`);
                 }
             }
-            catch (error) {
-                console.error('[Session GC] Error:', error.message);
+            catch (err) {
+                console.error("[Session] GC error:", err.message);
             }
-        }, gcInterval);
+        }, interval);
 
-        // Run immediately on startup
-        this.store.gc(this.config.lifetime).catch(err => {
-            console.error('[Session GC] Initial run failed:', err.message);
-        });
+        this.#store.gc(this.#config.lifetime).catch(() => {});
     }
 
     /**
-     * Stop garbage collection (graceful shutdown)
+     * Stops the garbage collection timer.
      */
-    stopGarbageCollection () {
-        if (this.gcTimer) {
-            clearInterval(this.gcTimer);
-            this.gcTimer = null;
+    stopGC() {
+        if (this.#gcTimer) {
+            clearInterval(this.#gcTimer);
+            this.#gcTimer = null;
         }
     }
 
-    // ========================================
-    // Server Setup
-    // ========================================
-
     /**
-     * Setup session middleware for Fastify server
-     * @param {object} server - Fastify instance
+     * Sets up session middleware for Fastify.
+     * @param {import("fastify").FastifyInstance} server
      */
-    static async setup (server) {
+    static async setup(server) {
         const manager = await SessionManager.getInstance();
-        
+
         server.decorateRequest("session", null);
 
-        // Load session before handling request
-        server.addHook('preHandler', async (request, response) => {
+        server.addHook("preHandler", async (request, response) => {
             request.session = await manager.load(request, response);
         });
 
-        // Handle cookie changes before response is sent
-        server.addHook('onSend', async (request, response, payload) => {
-            if (!request.session) return payload;
-
-            // Handle regeneration - set new session cookie
-            if (request.session.shouldRegenerate()) {
-                response.setCookie(
-                    manager.config.cookieName, 
-                    request.session.id, 
-                    { ...manager.config.cookie, signed: true }
-                );
+        server.addHook("onSend", async (request, response, payload) => {
+            if (request.session?.shouldRegenerate()) {
+                response.setCookie(manager.cookieName, request.session.id, manager.cookieConfig);
             }
 
             return payload;
         });
 
-        // Persist session after sending response
-        server.addHook('onResponse', async (request, response) => {
-            if (!request.session) return;
-
-            // Skip persistence for error responses (4xx/5xx)
-            if (response.statusCode >= 400) return;
+        server.addHook("onResponse", async (request, response) => {
+            if (!request.session || response.statusCode >= 400) {
+                return;
+            }
 
-            // Handle regeneration - delete old session
             if (request.session.shouldRegenerate()) {
-                const oldId = request.session.getOldId();
-                if (oldId) {
-                    await manager.store.delete(oldId);
-                }
+                await manager.deleteOld(request.session.getOldId());
             }
 
-            // Persist session data
-            await manager.store.set(request.session.id, {
-                data: request.session.all(),
-                createdAt: request.session.createdAt,
-                lastActivity: Date.now(),
-            });
+            await manager.persist(request.session);
         });
 
-        // Start garbage collection
-        manager.startGarbageCollection();
+        manager.#startGC();
     }
 }
 

package/lib/Session/Memory.js

@@ -1,61 +1,51 @@
 /**
- * Memory Session Store
- * 
- * In-memory session storage using JavaScript Map.
- * Fast but not persistent - all data is lost on server restart.
- * 
- * Use cases:
- * - Development and testing
- * - Single-server deployments with acceptable data loss
- * 
- * Production: Use File store for persistence or Redis for clustering.
+ * In-memory session storage.
+ * Fast but not persistent - data is lost on restart.
  */
-class Memory {
-    constructor () {
-        this.sessions = new Map();
-    }
+class MemoryStore {
+    #sessions = new Map();
 
     /**
-     * Get session data by ID
-     * @param {string} id - Session ID
-     * @returns {object|null} Session data or null if not found
+     * Gets session data by ID.
+     * @param {string} id
+     * @returns {Promise<Object|null>}
      */
-    async get (id) {
-        return this.sessions.get(id) || null;
+    async get(id) {
+        return this.#sessions.get(id) || null;
     }
 
     /**
-     * Save session data
-     * @param {string} id - Session ID
-     * @param {object} value - Session data
+     * Stores session data.
+     * @param {string} id
+     * @param {Object} value
      */
-    async set (id, value) {
-        this.sessions.set(id, value);
+    async set(id, value) {
+        this.#sessions.set(id, value);
     }
 
     /**
-     * Delete session
-     * @param {string} id - Session ID
-     * @returns {boolean} True if deleted
+     * Deletes a session.
+     * @param {string} id
+     * @returns {Promise<boolean>}
      */
-    async delete (id) {
-        return this.sessions.delete(id);
+    async delete(id) {
+        return this.#sessions.delete(id);
     }
 
     /**
-     * Garbage collection - remove expired sessions
-     * @param {number} lifetime - Session lifetime in milliseconds
-     * @returns {number} Number of deleted sessions
+     * Garbage collection - removes expired sessions.
+     * @param {number} lifetime - Max lifetime in milliseconds
+     * @returns {Promise<number>} Number of deleted sessions
      */
-    async gc (lifetime) {
+    async gc(lifetime) {
         const now = Date.now();
         let deleted = 0;
 
-        for (const [id, sessionData] of this.sessions.entries()) {
-            const lastActivity = sessionData.lastActivity || sessionData.createdAt;
-            
+        for (const [id, data] of this.#sessions.entries()) {
+            const lastActivity = data.lastActivity || data.createdAt;
+
             if (now - lastActivity > lifetime) {
-                this.sessions.delete(id);
+                this.#sessions.delete(id);
                 deleted++;
             }
         }
@@ -64,4 +54,4 @@ class Memory {
     }
 }
 
-export default Memory;
+export default MemoryStore;