npm - @open-mercato/shared - Versions diffs - 0.4.8-canary-8502c817af → 0.4.8-develop-4e71d95aba - Mend

@open-mercato/shared 0.4.8-canary-8502c817af → 0.4.8-develop-4e71d95aba

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/lib/auth/server.js +1 -1
package/dist/lib/auth/server.js.map +1 -1
package/dist/lib/version.js +1 -1
package/dist/lib/version.js.map +1 -1
package/dist/modules/widgets/component-registry.js +1 -12
package/dist/modules/widgets/component-registry.js.map +2 -2
package/package.json +1 -1
package/src/lib/auth/server.ts +1 -1
package/src/modules/widgets/component-registry.ts +1 -15
package/dist/lib/crud/custom-route-interceptor.js +0 -27
package/dist/lib/crud/custom-route-interceptor.js.map +0 -7
package/dist/lib/middleware/page-executor.js +0 -42
package/dist/lib/middleware/page-executor.js.map +0 -7
package/dist/modules/middleware/page.js +0 -15
package/dist/modules/middleware/page.js.map +0 -7
package/src/lib/crud/__tests__/custom-route-interceptor.test.ts +0 -180
package/src/lib/crud/custom-route-interceptor.ts +0 -47
package/src/lib/middleware/__tests__/page-executor.test.ts +0 -161
package/src/lib/middleware/page-executor.ts +0 -63
package/src/modules/middleware/page.ts +0 -52

package/dist/lib/auth/server.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { cookies } from "next/headers.js";
+import { cookies } from "next/headers";
 import { verifyJwt } from "./jwt.js";
 const TENANT_COOKIE_NAME = "om_selected_tenant";
 const ORGANIZATION_COOKIE_NAME = "om_selected_org";

package/dist/lib/auth/server.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/lib/auth/server.ts"],
-  "sourcesContent": ["import { cookies } from 'next/headers.js'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { verifyJwt } from './jwt'\n\nconst TENANT_COOKIE_NAME = 'om_selected_tenant'\nconst ORGANIZATION_COOKIE_NAME = 'om_selected_org'\nconst ALL_ORGANIZATIONS_COOKIE_VALUE = '__all__'\nconst SUPERADMIN_ROLE = 'superadmin'\n\nexport type AuthContext = {\n  sub: string\n  tenantId: string | null\n  orgId: string | null\n  email?: string\n  roles?: string[]\n  isApiKey?: boolean\n  userId?: string\n  keyId?: string\n  keyName?: string\n  [k: string]: unknown\n} | null\n\ntype CookieOverride = { applied: boolean; value: string | null }\n\nfunction decodeCookieValue(raw: string | undefined): string | null {\n  if (raw === undefined) return null\n  try {\n    const decoded = decodeURIComponent(raw)\n    return decoded ?? null\n  } catch {\n    return raw ?? null\n  }\n}\n\nfunction readCookieFromHeader(header: string | null | undefined, name: string): string | undefined {\n  if (!header) return undefined\n  const parts = header.split(';')\n  for (const part of parts) {\n    const trimmed = part.trim()\n    if (trimmed.startsWith(`${name}=`)) {\n      return trimmed.slice(name.length + 1)\n    }\n  }\n  return undefined\n}\n\nfunction resolveTenantOverride(raw: string | undefined): CookieOverride {\n  if (raw === undefined) return { applied: false, value: null }\n  const decoded = decodeCookieValue(raw)\n  if (!decoded) return { applied: true, value: null }\n  const trimmed = decoded.trim()\n  if (!trimmed) return { applied: true, value: null }\n  return { applied: true, value: trimmed }\n}\n\nfunction resolveOrganizationOverride(raw: string | undefined): CookieOverride {\n  if (raw === undefined) return { applied: false, value: null }\n  const decoded = decodeCookieValue(raw)\n  if (!decoded || decoded === ALL_ORGANIZATIONS_COOKIE_VALUE) {\n    return { applied: true, value: null }\n  }\n  const trimmed = decoded.trim()\n  if (!trimmed || trimmed === ALL_ORGANIZATIONS_COOKIE_VALUE) {\n    return { applied: true, value: null }\n  }\n  return { applied: true, value: trimmed }\n}\n\nfunction isSuperAdminAuth(auth: AuthContext | null | undefined): boolean {\n  if (!auth) return false\n  if ((auth as Record<string, unknown>).isSuperAdmin === true) return true\n  const roles = Array.isArray(auth?.roles) ? auth.roles : []\n  return roles.some((role) => typeof role === 'string' && role.trim().toLowerCase() === SUPERADMIN_ROLE)\n}\n\nfunction applySuperAdminScope(\n  auth: AuthContext,\n  tenantCookie: string | undefined,\n  orgCookie: string | undefined\n): AuthContext {\n  if (!auth || !isSuperAdminAuth(auth)) return auth\n\n  const tenantOverride = resolveTenantOverride(tenantCookie)\n  const orgOverride = resolveOrganizationOverride(orgCookie)\n  if (!tenantOverride.applied && !orgOverride.applied) return auth\n\n  type MutableAuthContext = Exclude<AuthContext, null> & {\n    actorTenantId?: string | null\n    actorOrgId?: string | null\n  }\n  const baseAuth = auth as Exclude<AuthContext, null>\n  const next: MutableAuthContext = { ...baseAuth }\n  if (tenantOverride.applied) {\n    if (!('actorTenantId' in next)) next.actorTenantId = auth?.tenantId ?? null\n    next.tenantId = tenantOverride.value\n  }\n  if (orgOverride.applied) {\n    if (!('actorOrgId' in next)) next.actorOrgId = auth?.orgId ?? null\n    next.orgId = orgOverride.value\n  }\n  next.isSuperAdmin = true\n  const existingRoles = Array.isArray(next.roles) ? next.roles : []\n  if (!existingRoles.some((role) => typeof role === 'string' && role.trim().toLowerCase() === SUPERADMIN_ROLE)) {\n    next.roles = [...existingRoles, 'superadmin']\n  }\n  return next\n}\n\nasync function resolveApiKeyAuth(secret: string): Promise<AuthContext> {\n  if (!secret) return null\n  try {\n    const { createRequestContainer } = await import('@open-mercato/shared/lib/di/container')\n    const container = await createRequestContainer()\n    const em = (container.resolve('em') as EntityManager)\n    const { findApiKeyBySecret } = await import('@open-mercato/core/modules/api_keys/services/apiKeyService')\n    const { Role } = await import('@open-mercato/core/modules/auth/data/entities')\n\n    const record = await findApiKeyBySecret(em, secret)\n    if (!record) return null\n\n    const roleIds = Array.isArray(record.rolesJson)\n      ? record.rolesJson.filter((value): value is string => typeof value === 'string' && value.length > 0)\n      : []\n    const roles = roleIds.length\n      ? await em.find(Role, { id: { $in: roleIds } })\n      : []\n    const roleNames = roles.map((role) => role.name).filter((name): name is string => typeof name === 'string' && name.length > 0)\n\n    try {\n      record.lastUsedAt = new Date()\n      await em.persistAndFlush(record)\n    } catch {\n      // best-effort update; ignore write failures\n    }\n\n    // For session keys, use sessionUserId; for regular keys, use createdBy\n    const actualUserId = record.sessionUserId ?? record.createdBy ?? null\n\n    return {\n      sub: `api_key:${record.id}`,\n      tenantId: record.tenantId ?? null,\n      orgId: record.organizationId ?? null,\n      roles: roleNames,\n      isApiKey: true,\n      keyId: record.id,\n      keyName: record.name,\n      ...(actualUserId ? { userId: actualUserId } : {}),\n    }\n  } catch {\n    return null\n  }\n}\n\nfunction extractApiKey(req: Request): string | null {\n  const header = (req.headers.get('x-api-key') || '').trim()\n  if (header) return header\n  const authHeader = (req.headers.get('authorization') || '').trim()\n  if (authHeader.toLowerCase().startsWith('apikey ')) {\n    return authHeader.slice(7).trim()\n  }\n  return null\n}\n\nexport async function getAuthFromCookies(): Promise<AuthContext> {\n  const cookieStore = await cookies()\n  const token = cookieStore.get('auth_token')?.value\n  if (!token) return null\n  try {\n    const payload = verifyJwt(token) as AuthContext\n    if (!payload) return null\n    const tenantCookie = cookieStore.get(TENANT_COOKIE_NAME)?.value\n    const orgCookie = cookieStore.get(ORGANIZATION_COOKIE_NAME)?.value\n    return applySuperAdminScope(payload, tenantCookie, orgCookie)\n  } catch {\n    return null\n  }\n}\n\nexport async function getAuthFromRequest(req: Request): Promise<AuthContext> {\n  const cookieHeader = req.headers.get('cookie') || ''\n  const tenantCookie = readCookieFromHeader(cookieHeader, TENANT_COOKIE_NAME)\n  const orgCookie = readCookieFromHeader(cookieHeader, ORGANIZATION_COOKIE_NAME)\n  const authHeader = (req.headers.get('authorization') || '').trim()\n  let token: string | undefined\n  if (authHeader.toLowerCase().startsWith('bearer ')) token = authHeader.slice(7).trim()\n  if (!token) {\n    const match = cookieHeader.match(/(?:^|;\\s*)auth_token=([^;]+)/)\n    if (match) token = decodeURIComponent(match[1])\n  }\n  if (token) {\n    try {\n      const payload = verifyJwt(token) as AuthContext\n      if (payload) return applySuperAdminScope(payload, tenantCookie, orgCookie)\n    } catch {\n      // fall back to API key detection\n    }\n  }\n\n  const apiKey = extractApiKey(req)\n  if (!apiKey) return null\n  const apiAuth = await resolveApiKeyAuth(apiKey)\n  if (!apiAuth) return null\n  return applySuperAdminScope(apiAuth, tenantCookie, orgCookie)\n}\n"],
+  "sourcesContent": ["import { cookies } from 'next/headers'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { verifyJwt } from './jwt'\n\nconst TENANT_COOKIE_NAME = 'om_selected_tenant'\nconst ORGANIZATION_COOKIE_NAME = 'om_selected_org'\nconst ALL_ORGANIZATIONS_COOKIE_VALUE = '__all__'\nconst SUPERADMIN_ROLE = 'superadmin'\n\nexport type AuthContext = {\n  sub: string\n  tenantId: string | null\n  orgId: string | null\n  email?: string\n  roles?: string[]\n  isApiKey?: boolean\n  userId?: string\n  keyId?: string\n  keyName?: string\n  [k: string]: unknown\n} | null\n\ntype CookieOverride = { applied: boolean; value: string | null }\n\nfunction decodeCookieValue(raw: string | undefined): string | null {\n  if (raw === undefined) return null\n  try {\n    const decoded = decodeURIComponent(raw)\n    return decoded ?? null\n  } catch {\n    return raw ?? null\n  }\n}\n\nfunction readCookieFromHeader(header: string | null | undefined, name: string): string | undefined {\n  if (!header) return undefined\n  const parts = header.split(';')\n  for (const part of parts) {\n    const trimmed = part.trim()\n    if (trimmed.startsWith(`${name}=`)) {\n      return trimmed.slice(name.length + 1)\n    }\n  }\n  return undefined\n}\n\nfunction resolveTenantOverride(raw: string | undefined): CookieOverride {\n  if (raw === undefined) return { applied: false, value: null }\n  const decoded = decodeCookieValue(raw)\n  if (!decoded) return { applied: true, value: null }\n  const trimmed = decoded.trim()\n  if (!trimmed) return { applied: true, value: null }\n  return { applied: true, value: trimmed }\n}\n\nfunction resolveOrganizationOverride(raw: string | undefined): CookieOverride {\n  if (raw === undefined) return { applied: false, value: null }\n  const decoded = decodeCookieValue(raw)\n  if (!decoded || decoded === ALL_ORGANIZATIONS_COOKIE_VALUE) {\n    return { applied: true, value: null }\n  }\n  const trimmed = decoded.trim()\n  if (!trimmed || trimmed === ALL_ORGANIZATIONS_COOKIE_VALUE) {\n    return { applied: true, value: null }\n  }\n  return { applied: true, value: trimmed }\n}\n\nfunction isSuperAdminAuth(auth: AuthContext | null | undefined): boolean {\n  if (!auth) return false\n  if ((auth as Record<string, unknown>).isSuperAdmin === true) return true\n  const roles = Array.isArray(auth?.roles) ? auth.roles : []\n  return roles.some((role) => typeof role === 'string' && role.trim().toLowerCase() === SUPERADMIN_ROLE)\n}\n\nfunction applySuperAdminScope(\n  auth: AuthContext,\n  tenantCookie: string | undefined,\n  orgCookie: string | undefined\n): AuthContext {\n  if (!auth || !isSuperAdminAuth(auth)) return auth\n\n  const tenantOverride = resolveTenantOverride(tenantCookie)\n  const orgOverride = resolveOrganizationOverride(orgCookie)\n  if (!tenantOverride.applied && !orgOverride.applied) return auth\n\n  type MutableAuthContext = Exclude<AuthContext, null> & {\n    actorTenantId?: string | null\n    actorOrgId?: string | null\n  }\n  const baseAuth = auth as Exclude<AuthContext, null>\n  const next: MutableAuthContext = { ...baseAuth }\n  if (tenantOverride.applied) {\n    if (!('actorTenantId' in next)) next.actorTenantId = auth?.tenantId ?? null\n    next.tenantId = tenantOverride.value\n  }\n  if (orgOverride.applied) {\n    if (!('actorOrgId' in next)) next.actorOrgId = auth?.orgId ?? null\n    next.orgId = orgOverride.value\n  }\n  next.isSuperAdmin = true\n  const existingRoles = Array.isArray(next.roles) ? next.roles : []\n  if (!existingRoles.some((role) => typeof role === 'string' && role.trim().toLowerCase() === SUPERADMIN_ROLE)) {\n    next.roles = [...existingRoles, 'superadmin']\n  }\n  return next\n}\n\nasync function resolveApiKeyAuth(secret: string): Promise<AuthContext> {\n  if (!secret) return null\n  try {\n    const { createRequestContainer } = await import('@open-mercato/shared/lib/di/container')\n    const container = await createRequestContainer()\n    const em = (container.resolve('em') as EntityManager)\n    const { findApiKeyBySecret } = await import('@open-mercato/core/modules/api_keys/services/apiKeyService')\n    const { Role } = await import('@open-mercato/core/modules/auth/data/entities')\n\n    const record = await findApiKeyBySecret(em, secret)\n    if (!record) return null\n\n    const roleIds = Array.isArray(record.rolesJson)\n      ? record.rolesJson.filter((value): value is string => typeof value === 'string' && value.length > 0)\n      : []\n    const roles = roleIds.length\n      ? await em.find(Role, { id: { $in: roleIds } })\n      : []\n    const roleNames = roles.map((role) => role.name).filter((name): name is string => typeof name === 'string' && name.length > 0)\n\n    try {\n      record.lastUsedAt = new Date()\n      await em.persistAndFlush(record)\n    } catch {\n      // best-effort update; ignore write failures\n    }\n\n    // For session keys, use sessionUserId; for regular keys, use createdBy\n    const actualUserId = record.sessionUserId ?? record.createdBy ?? null\n\n    return {\n      sub: `api_key:${record.id}`,\n      tenantId: record.tenantId ?? null,\n      orgId: record.organizationId ?? null,\n      roles: roleNames,\n      isApiKey: true,\n      keyId: record.id,\n      keyName: record.name,\n      ...(actualUserId ? { userId: actualUserId } : {}),\n    }\n  } catch {\n    return null\n  }\n}\n\nfunction extractApiKey(req: Request): string | null {\n  const header = (req.headers.get('x-api-key') || '').trim()\n  if (header) return header\n  const authHeader = (req.headers.get('authorization') || '').trim()\n  if (authHeader.toLowerCase().startsWith('apikey ')) {\n    return authHeader.slice(7).trim()\n  }\n  return null\n}\n\nexport async function getAuthFromCookies(): Promise<AuthContext> {\n  const cookieStore = await cookies()\n  const token = cookieStore.get('auth_token')?.value\n  if (!token) return null\n  try {\n    const payload = verifyJwt(token) as AuthContext\n    if (!payload) return null\n    const tenantCookie = cookieStore.get(TENANT_COOKIE_NAME)?.value\n    const orgCookie = cookieStore.get(ORGANIZATION_COOKIE_NAME)?.value\n    return applySuperAdminScope(payload, tenantCookie, orgCookie)\n  } catch {\n    return null\n  }\n}\n\nexport async function getAuthFromRequest(req: Request): Promise<AuthContext> {\n  const cookieHeader = req.headers.get('cookie') || ''\n  const tenantCookie = readCookieFromHeader(cookieHeader, TENANT_COOKIE_NAME)\n  const orgCookie = readCookieFromHeader(cookieHeader, ORGANIZATION_COOKIE_NAME)\n  const authHeader = (req.headers.get('authorization') || '').trim()\n  let token: string | undefined\n  if (authHeader.toLowerCase().startsWith('bearer ')) token = authHeader.slice(7).trim()\n  if (!token) {\n    const match = cookieHeader.match(/(?:^|;\\s*)auth_token=([^;]+)/)\n    if (match) token = decodeURIComponent(match[1])\n  }\n  if (token) {\n    try {\n      const payload = verifyJwt(token) as AuthContext\n      if (payload) return applySuperAdminScope(payload, tenantCookie, orgCookie)\n    } catch {\n      // fall back to API key detection\n    }\n  }\n\n  const apiKey = extractApiKey(req)\n  if (!apiKey) return null\n  const apiAuth = await resolveApiKeyAuth(apiKey)\n  if (!apiAuth) return null\n  return applySuperAdminScope(apiAuth, tenantCookie, orgCookie)\n}\n"],
   "mappings": "AAAA,SAAS,eAAe;AAExB,SAAS,iBAAiB;AAE1B,MAAM,qBAAqB;AAC3B,MAAM,2BAA2B;AACjC,MAAM,iCAAiC;AACvC,MAAM,kBAAkB;AAiBxB,SAAS,kBAAkB,KAAwC;AACjE,MAAI,QAAQ,OAAW,QAAO;AAC9B,MAAI;AACF,UAAM,UAAU,mBAAmB,GAAG;AACtC,WAAO,WAAW;AAAA,EACpB,QAAQ;AACN,WAAO,OAAO;AAAA,EAChB;AACF;AAEA,SAAS,qBAAqB,QAAmC,MAAkC;AACjG,MAAI,CAAC,OAAQ,QAAO;AACpB,QAAM,QAAQ,OAAO,MAAM,GAAG;AAC9B,aAAW,QAAQ,OAAO;AACxB,UAAM,UAAU,KAAK,KAAK;AAC1B,QAAI,QAAQ,WAAW,GAAG,IAAI,GAAG,GAAG;AAClC,aAAO,QAAQ,MAAM,KAAK,SAAS,CAAC;AAAA,IACtC;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,sBAAsB,KAAyC;AACtE,MAAI,QAAQ,OAAW,QAAO,EAAE,SAAS,OAAO,OAAO,KAAK;AAC5D,QAAM,UAAU,kBAAkB,GAAG;AACrC,MAAI,CAAC,QAAS,QAAO,EAAE,SAAS,MAAM,OAAO,KAAK;AAClD,QAAM,UAAU,QAAQ,KAAK;AAC7B,MAAI,CAAC,QAAS,QAAO,EAAE,SAAS,MAAM,OAAO,KAAK;AAClD,SAAO,EAAE,SAAS,MAAM,OAAO,QAAQ;AACzC;AAEA,SAAS,4BAA4B,KAAyC;AAC5E,MAAI,QAAQ,OAAW,QAAO,EAAE,SAAS,OAAO,OAAO,KAAK;AAC5D,QAAM,UAAU,kBAAkB,GAAG;AACrC,MAAI,CAAC,WAAW,YAAY,gCAAgC;AAC1D,WAAO,EAAE,SAAS,MAAM,OAAO,KAAK;AAAA,EACtC;AACA,QAAM,UAAU,QAAQ,KAAK;AAC7B,MAAI,CAAC,WAAW,YAAY,gCAAgC;AAC1D,WAAO,EAAE,SAAS,MAAM,OAAO,KAAK;AAAA,EACtC;AACA,SAAO,EAAE,SAAS,MAAM,OAAO,QAAQ;AACzC;AAEA,SAAS,iBAAiB,MAA+C;AACvE,MAAI,CAAC,KAAM,QAAO;AAClB,MAAK,KAAiC,iBAAiB,KAAM,QAAO;AACpE,QAAM,QAAQ,MAAM,QAAQ,MAAM,KAAK,IAAI,KAAK,QAAQ,CAAC;AACzD,SAAO,MAAM,KAAK,CAAC,SAAS,OAAO,SAAS,YAAY,KAAK,KAAK,EAAE,YAAY,MAAM,eAAe;AACvG;AAEA,SAAS,qBACP,MACA,cACA,WACa;AACb,MAAI,CAAC,QAAQ,CAAC,iBAAiB,IAAI,EAAG,QAAO;AAE7C,QAAM,iBAAiB,sBAAsB,YAAY;AACzD,QAAM,cAAc,4BAA4B,SAAS;AACzD,MAAI,CAAC,eAAe,WAAW,CAAC,YAAY,QAAS,QAAO;AAM5D,QAAM,WAAW;AACjB,QAAM,OAA2B,EAAE,GAAG,SAAS;AAC/C,MAAI,eAAe,SAAS;AAC1B,QAAI,EAAE,mBAAmB,MAAO,MAAK,gBAAgB,MAAM,YAAY;AACvE,SAAK,WAAW,eAAe;AAAA,EACjC;AACA,MAAI,YAAY,SAAS;AACvB,QAAI,EAAE,gBAAgB,MAAO,MAAK,aAAa,MAAM,SAAS;AAC9D,SAAK,QAAQ,YAAY;AAAA,EAC3B;AACA,OAAK,eAAe;AACpB,QAAM,gBAAgB,MAAM,QAAQ,KAAK,KAAK,IAAI,KAAK,QAAQ,CAAC;AAChE,MAAI,CAAC,cAAc,KAAK,CAAC,SAAS,OAAO,SAAS,YAAY,KAAK,KAAK,EAAE,YAAY,MAAM,eAAe,GAAG;AAC5G,SAAK,QAAQ,CAAC,GAAG,eAAe,YAAY;AAAA,EAC9C;AACA,SAAO;AACT;AAEA,eAAe,kBAAkB,QAAsC;AACrE,MAAI,CAAC,OAAQ,QAAO;AACpB,MAAI;AACF,UAAM,EAAE,uBAAuB,IAAI,MAAM,OAAO,uCAAuC;AACvF,UAAM,YAAY,MAAM,uBAAuB;AAC/C,UAAM,KAAM,UAAU,QAAQ,IAAI;AAClC,UAAM,EAAE,mBAAmB,IAAI,MAAM,OAAO,4DAA4D;AACxG,UAAM,EAAE,KAAK,IAAI,MAAM,OAAO,+CAA+C;AAE7E,UAAM,SAAS,MAAM,mBAAmB,IAAI,MAAM;AAClD,QAAI,CAAC,OAAQ,QAAO;AAEpB,UAAM,UAAU,MAAM,QAAQ,OAAO,SAAS,IAC1C,OAAO,UAAU,OAAO,CAAC,UAA2B,OAAO,UAAU,YAAY,MAAM,SAAS,CAAC,IACjG,CAAC;AACL,UAAM,QAAQ,QAAQ,SAClB,MAAM,GAAG,KAAK,MAAM,EAAE,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC,IAC5C,CAAC;AACL,UAAM,YAAY,MAAM,IAAI,CAAC,SAAS,KAAK,IAAI,EAAE,OAAO,CAAC,SAAyB,OAAO,SAAS,YAAY,KAAK,SAAS,CAAC;AAE7H,QAAI;AACF,aAAO,aAAa,oBAAI,KAAK;AAC7B,YAAM,GAAG,gBAAgB,MAAM;AAAA,IACjC,QAAQ;AAAA,IAER;AAGA,UAAM,eAAe,OAAO,iBAAiB,OAAO,aAAa;AAEjE,WAAO;AAAA,MACL,KAAK,WAAW,OAAO,EAAE;AAAA,MACzB,UAAU,OAAO,YAAY;AAAA,MAC7B,OAAO,OAAO,kBAAkB;AAAA,MAChC,OAAO;AAAA,MACP,UAAU;AAAA,MACV,OAAO,OAAO;AAAA,MACd,SAAS,OAAO;AAAA,MAChB,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,IACjD;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,cAAc,KAA6B;AAClD,QAAM,UAAU,IAAI,QAAQ,IAAI,WAAW,KAAK,IAAI,KAAK;AACzD,MAAI,OAAQ,QAAO;AACnB,QAAM,cAAc,IAAI,QAAQ,IAAI,eAAe,KAAK,IAAI,KAAK;AACjE,MAAI,WAAW,YAAY,EAAE,WAAW,SAAS,GAAG;AAClD,WAAO,WAAW,MAAM,CAAC,EAAE,KAAK;AAAA,EAClC;AACA,SAAO;AACT;AAEA,eAAsB,qBAA2C;AAC/D,QAAM,cAAc,MAAM,QAAQ;AAClC,QAAM,QAAQ,YAAY,IAAI,YAAY,GAAG;AAC7C,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI;AACF,UAAM,UAAU,UAAU,KAAK;AAC/B,QAAI,CAAC,QAAS,QAAO;AACrB,UAAM,eAAe,YAAY,IAAI,kBAAkB,GAAG;AAC1D,UAAM,YAAY,YAAY,IAAI,wBAAwB,GAAG;AAC7D,WAAO,qBAAqB,SAAS,cAAc,SAAS;AAAA,EAC9D,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,mBAAmB,KAAoC;AAC3E,QAAM,eAAe,IAAI,QAAQ,IAAI,QAAQ,KAAK;AAClD,QAAM,eAAe,qBAAqB,cAAc,kBAAkB;AAC1E,QAAM,YAAY,qBAAqB,cAAc,wBAAwB;AAC7E,QAAM,cAAc,IAAI,QAAQ,IAAI,eAAe,KAAK,IAAI,KAAK;AACjE,MAAI;AACJ,MAAI,WAAW,YAAY,EAAE,WAAW,SAAS,EAAG,SAAQ,WAAW,MAAM,CAAC,EAAE,KAAK;AACrF,MAAI,CAAC,OAAO;AACV,UAAM,QAAQ,aAAa,MAAM,8BAA8B;AAC/D,QAAI,MAAO,SAAQ,mBAAmB,MAAM,CAAC,CAAC;AAAA,EAChD;AACA,MAAI,OAAO;AACT,QAAI;AACF,YAAM,UAAU,UAAU,KAAK;AAC/B,UAAI,QAAS,QAAO,qBAAqB,SAAS,cAAc,SAAS;AAAA,IAC3E,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,QAAM,SAAS,cAAc,GAAG;AAChC,MAAI,CAAC,OAAQ,QAAO;AACpB,QAAM,UAAU,MAAM,kBAAkB,MAAM;AAC9C,MAAI,CAAC,QAAS,QAAO;AACrB,SAAO,qBAAqB,SAAS,cAAc,SAAS;AAC9D;",
   "names": []
 }

package/dist/lib/version.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const APP_VERSION = "0.4.8-canary-8502c817af";
+const APP_VERSION = "0.4.8-develop-4e71d95aba";
 const appVersion = APP_VERSION;
 export {
   APP_VERSION,

package/dist/lib/version.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/lib/version.ts"],
-  "sourcesContent": ["// Build-time generated version\nexport const APP_VERSION = '0.4.8-canary-8502c817af'\nexport const appVersion = APP_VERSION\n"],
+  "sourcesContent": ["// Build-time generated version\nexport const APP_VERSION = '0.4.8-develop-4e71d95aba'\nexport const appVersion = APP_VERSION\n"],
   "mappings": "AACO,MAAM,cAAc;AACpB,MAAM,aAAa;",
   "names": []
 }

package/dist/modules/widgets/component-registry.js CHANGED Viewed

@@ -1,16 +1,6 @@
 import * as React from "react";
 import { hasAllFeatures } from "../../security/features.js";
 const GLOBAL_COMPONENT_REGISTRY_KEY = "__openMercatoComponentRegistry__";
-function isComponentOverride(value) {
-  if (!value || typeof value !== "object") {
-    return false;
-  }
-  const target = value.target;
-  if (!target || typeof target !== "object") {
-    return false;
-  }
-  return typeof target.componentId === "string" && target.componentId.length > 0;
-}
 function getState() {
   const globalValue = globalThis[GLOBAL_COMPONENT_REGISTRY_KEY];
   if (globalValue && typeof globalValue === "object") {
@@ -32,7 +22,7 @@ function registerComponent(entry) {
 }
 function registerComponentOverrides(overrides) {
   const state = getState();
-  state.overrides = overrides.filter(isComponentOverride);
+  state.overrides = [...overrides];
 }
 function getComponentEntry(componentId) {
   const state = getState();
@@ -41,7 +31,6 @@ function getComponentEntry(componentId) {
 function getComponentOverrides(componentId, userFeatures) {
   const state = getState();
   const relevant = state.overrides.filter((override) => {
-    if (!isComponentOverride(override)) return false;
     if (override.target.componentId !== componentId) return false;
     if (override.features && override.features.length > 0) {
       if (!hasAllFeatures(userFeatures, override.features)) return false;

package/dist/modules/widgets/component-registry.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/modules/widgets/component-registry.ts"],
-  "sourcesContent": ["import * as React from 'react'\nimport type { ComponentType, LazyExoticComponent } from 'react'\nimport type { ZodType } from 'zod'\nimport { hasAllFeatures } from '../../security/features'\n\nexport type ComponentRegistryEntry<TProps = unknown> = {\n  id: string\n  component: ComponentType<TProps>\n  metadata: {\n    module: string\n    description?: string\n    propsSchema?: ZodType<TProps>\n  }\n}\n\nexport type ComponentOverride<TProps = unknown> = {\n  target: { componentId: string }\n  priority: number\n  features?: string[]\n  metadata?: {\n    module?: string\n  }\n} & (\n  | {\n      replacement: LazyExoticComponent<ComponentType<TProps>> | ComponentType<TProps>\n      propsSchema: ZodType<TProps>\n    }\n  | {\n      wrapper: (Original: ComponentType<TProps>) => ComponentType<TProps>\n    }\n  | {\n      propsTransform: (props: TProps) => TProps\n    }\n)\n\ntype RuntimeState = {\n  components: Map<string, ComponentRegistryEntry>\n  overrides: ComponentOverride[]\n}\n\nconst GLOBAL_COMPONENT_REGISTRY_KEY = '__openMercatoComponentRegistry__'\n\nfunction isComponentOverride(value: unknown): value is ComponentOverride {\n  if (!value || typeof value !== 'object') {\n    return false\n  }\n\n  const target = (value as { target?: { componentId?: unknown } }).target\n  if (!target || typeof target !== 'object') {\n    return false\n  }\n\n  return typeof target.componentId === 'string' && target.componentId.length > 0\n}\n\nfunction getState(): RuntimeState {\n  const globalValue = (globalThis as Record<string, unknown>)[GLOBAL_COMPONENT_REGISTRY_KEY]\n  if (globalValue && typeof globalValue === 'object') {\n    const typed = globalValue as RuntimeState\n    if (typed.components instanceof Map && Array.isArray(typed.overrides)) {\n      return typed\n    }\n  }\n  const initial: RuntimeState = {\n    components: new Map<string, ComponentRegistryEntry>(),\n    overrides: [],\n  }\n  ;(globalThis as Record<string, unknown>)[GLOBAL_COMPONENT_REGISTRY_KEY] = initial\n  return initial\n}\n\nexport function registerComponent<TProps = unknown>(entry: ComponentRegistryEntry<TProps>) {\n  const state = getState()\n  state.components.set(entry.id, entry as ComponentRegistryEntry)\n}\n\nexport function registerComponentOverrides(overrides: ComponentOverride[]) {\n  const state = getState()\n  state.overrides = overrides.filter(isComponentOverride)\n}\n\nexport function getComponentEntry(componentId: string): ComponentRegistryEntry | null {\n  const state = getState()\n  return state.components.get(componentId) ?? null\n}\n\nexport function getComponentOverrides(componentId: string, userFeatures?: readonly string[]): ComponentOverride[] {\n  const state = getState()\n  const relevant = state.overrides.filter((override) => {\n    if (!isComponentOverride(override)) return false\n    if (override.target.componentId !== componentId) return false\n    if (override.features && override.features.length > 0) {\n      if (!hasAllFeatures(userFeatures, override.features)) return false\n    }\n    return true\n  })\n  return relevant.sort((a, b) => a.priority - b.priority)\n}\n\nexport function resolveRegisteredComponent<TProps>(\n  componentId: string,\n  fallback: ComponentType<TProps>,\n  userFeatures?: readonly string[],\n): ComponentType<TProps> {\n  const overrides = getComponentOverrides(componentId, userFeatures)\n  let resolved: ComponentType<TProps> = fallback\n  for (const override of overrides) {\n    if ('replacement' in override) {\n      resolved = override.replacement as ComponentType<TProps>\n      continue\n    }\n    if ('wrapper' in override) {\n      resolved = override.wrapper(resolved as ComponentType<unknown>) as ComponentType<TProps>\n      continue\n    }\n    if ('propsTransform' in override) {\n      const transform = override.propsTransform as (props: TProps) => TProps\n      const Current = resolved\n      resolved = ((props: TProps) => {\n        const transformed = transform(props)\n        return React.createElement(Current as ComponentType<Record<string, unknown>>, transformed as Record<string, unknown>)\n      }) as ComponentType<TProps>\n    }\n  }\n  return resolved\n}\n\nexport const ComponentReplacementHandles = {\n  page: (path: string) => `page:${path}`,\n  dataTable: (tableId: string) => `data-table:${tableId}`,\n  crudForm: (entityId: string) => `crud-form:${entityId}`,\n  section: (scope: string, sectionId: string) => `section:${scope}.${sectionId}`,\n} as const\n"],
-  "mappings": "AAAA,YAAY,WAAW;AAGvB,SAAS,sBAAsB;AAqC/B,MAAM,gCAAgC;AAEtC,SAAS,oBAAoB,OAA4C;AACvE,MAAI,CAAC,SAAS,OAAO,UAAU,UAAU;AACvC,WAAO;AAAA,EACT;AAEA,QAAM,SAAU,MAAiD;AACjE,MAAI,CAAC,UAAU,OAAO,WAAW,UAAU;AACzC,WAAO;AAAA,EACT;AAEA,SAAO,OAAO,OAAO,gBAAgB,YAAY,OAAO,YAAY,SAAS;AAC/E;AAEA,SAAS,WAAyB;AAChC,QAAM,cAAe,WAAuC,6BAA6B;AACzF,MAAI,eAAe,OAAO,gBAAgB,UAAU;AAClD,UAAM,QAAQ;AACd,QAAI,MAAM,sBAAsB,OAAO,MAAM,QAAQ,MAAM,SAAS,GAAG;AACrE,aAAO;AAAA,IACT;AAAA,EACF;AACA,QAAM,UAAwB;AAAA,IAC5B,YAAY,oBAAI,IAAoC;AAAA,IACpD,WAAW,CAAC;AAAA,EACd;AACC,EAAC,WAAuC,6BAA6B,IAAI;AAC1E,SAAO;AACT;AAEO,SAAS,kBAAoC,OAAuC;AACzF,QAAM,QAAQ,SAAS;AACvB,QAAM,WAAW,IAAI,MAAM,IAAI,KAA+B;AAChE;AAEO,SAAS,2BAA2B,WAAgC;AACzE,QAAM,QAAQ,SAAS;AACvB,QAAM,YAAY,UAAU,OAAO,mBAAmB;AACxD;AAEO,SAAS,kBAAkB,aAAoD;AACpF,QAAM,QAAQ,SAAS;AACvB,SAAO,MAAM,WAAW,IAAI,WAAW,KAAK;AAC9C;AAEO,SAAS,sBAAsB,aAAqB,cAAuD;AAChH,QAAM,QAAQ,SAAS;AACvB,QAAM,WAAW,MAAM,UAAU,OAAO,CAAC,aAAa;AACpD,QAAI,CAAC,oBAAoB,QAAQ,EAAG,QAAO;AAC3C,QAAI,SAAS,OAAO,gBAAgB,YAAa,QAAO;AACxD,QAAI,SAAS,YAAY,SAAS,SAAS,SAAS,GAAG;AACrD,UAAI,CAAC,eAAe,cAAc,SAAS,QAAQ,EAAG,QAAO;AAAA,IAC/D;AACA,WAAO;AAAA,EACT,CAAC;AACD,SAAO,SAAS,KAAK,CAAC,GAAG,MAAM,EAAE,WAAW,EAAE,QAAQ;AACxD;AAEO,SAAS,2BACd,aACA,UACA,cACuB;AACvB,QAAM,YAAY,sBAAsB,aAAa,YAAY;AACjE,MAAI,WAAkC;AACtC,aAAW,YAAY,WAAW;AAChC,QAAI,iBAAiB,UAAU;AAC7B,iBAAW,SAAS;AACpB;AAAA,IACF;AACA,QAAI,aAAa,UAAU;AACzB,iBAAW,SAAS,QAAQ,QAAkC;AAC9D;AAAA,IACF;AACA,QAAI,oBAAoB,UAAU;AAChC,YAAM,YAAY,SAAS;AAC3B,YAAM,UAAU;AAChB,kBAAY,CAAC,UAAkB;AAC7B,cAAM,cAAc,UAAU,KAAK;AACnC,eAAO,MAAM,cAAc,SAAmD,WAAsC;AAAA,MACtH;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEO,MAAM,8BAA8B;AAAA,EACzC,MAAM,CAAC,SAAiB,QAAQ,IAAI;AAAA,EACpC,WAAW,CAAC,YAAoB,cAAc,OAAO;AAAA,EACrD,UAAU,CAAC,aAAqB,aAAa,QAAQ;AAAA,EACrD,SAAS,CAAC,OAAe,cAAsB,WAAW,KAAK,IAAI,SAAS;AAC9E;",
+  "sourcesContent": ["import * as React from 'react'\nimport type { ComponentType, LazyExoticComponent } from 'react'\nimport type { ZodType } from 'zod'\nimport { hasAllFeatures } from '../../security/features'\n\nexport type ComponentRegistryEntry<TProps = unknown> = {\n  id: string\n  component: ComponentType<TProps>\n  metadata: {\n    module: string\n    description?: string\n    propsSchema?: ZodType<TProps>\n  }\n}\n\nexport type ComponentOverride<TProps = unknown> = {\n  target: { componentId: string }\n  priority: number\n  features?: string[]\n  metadata?: {\n    module?: string\n  }\n} & (\n  | {\n      replacement: LazyExoticComponent<ComponentType<TProps>> | ComponentType<TProps>\n      propsSchema: ZodType<TProps>\n    }\n  | {\n      wrapper: (Original: ComponentType<TProps>) => ComponentType<TProps>\n    }\n  | {\n      propsTransform: (props: TProps) => TProps\n    }\n)\n\ntype RuntimeState = {\n  components: Map<string, ComponentRegistryEntry>\n  overrides: ComponentOverride[]\n}\n\nconst GLOBAL_COMPONENT_REGISTRY_KEY = '__openMercatoComponentRegistry__'\n\nfunction getState(): RuntimeState {\n  const globalValue = (globalThis as Record<string, unknown>)[GLOBAL_COMPONENT_REGISTRY_KEY]\n  if (globalValue && typeof globalValue === 'object') {\n    const typed = globalValue as RuntimeState\n    if (typed.components instanceof Map && Array.isArray(typed.overrides)) {\n      return typed\n    }\n  }\n  const initial: RuntimeState = {\n    components: new Map<string, ComponentRegistryEntry>(),\n    overrides: [],\n  }\n  ;(globalThis as Record<string, unknown>)[GLOBAL_COMPONENT_REGISTRY_KEY] = initial\n  return initial\n}\n\nexport function registerComponent<TProps = unknown>(entry: ComponentRegistryEntry<TProps>) {\n  const state = getState()\n  state.components.set(entry.id, entry as ComponentRegistryEntry)\n}\n\nexport function registerComponentOverrides(overrides: ComponentOverride[]) {\n  const state = getState()\n  state.overrides = [...overrides]\n}\n\nexport function getComponentEntry(componentId: string): ComponentRegistryEntry | null {\n  const state = getState()\n  return state.components.get(componentId) ?? null\n}\n\nexport function getComponentOverrides(componentId: string, userFeatures?: readonly string[]): ComponentOverride[] {\n  const state = getState()\n  const relevant = state.overrides.filter((override) => {\n    if (override.target.componentId !== componentId) return false\n    if (override.features && override.features.length > 0) {\n      if (!hasAllFeatures(userFeatures, override.features)) return false\n    }\n    return true\n  })\n  return relevant.sort((a, b) => a.priority - b.priority)\n}\n\nexport function resolveRegisteredComponent<TProps>(\n  componentId: string,\n  fallback: ComponentType<TProps>,\n  userFeatures?: readonly string[],\n): ComponentType<TProps> {\n  const overrides = getComponentOverrides(componentId, userFeatures)\n  let resolved: ComponentType<TProps> = fallback\n  for (const override of overrides) {\n    if ('replacement' in override) {\n      resolved = override.replacement as ComponentType<TProps>\n      continue\n    }\n    if ('wrapper' in override) {\n      resolved = override.wrapper(resolved as ComponentType<unknown>) as ComponentType<TProps>\n      continue\n    }\n    if ('propsTransform' in override) {\n      const transform = override.propsTransform as (props: TProps) => TProps\n      const Current = resolved\n      resolved = ((props: TProps) => {\n        const transformed = transform(props)\n        return React.createElement(Current as ComponentType<Record<string, unknown>>, transformed as Record<string, unknown>)\n      }) as ComponentType<TProps>\n    }\n  }\n  return resolved\n}\n\nexport const ComponentReplacementHandles = {\n  page: (path: string) => `page:${path}`,\n  dataTable: (tableId: string) => `data-table:${tableId}`,\n  crudForm: (entityId: string) => `crud-form:${entityId}`,\n  section: (scope: string, sectionId: string) => `section:${scope}.${sectionId}`,\n} as const\n"],
+  "mappings": "AAAA,YAAY,WAAW;AAGvB,SAAS,sBAAsB;AAqC/B,MAAM,gCAAgC;AAEtC,SAAS,WAAyB;AAChC,QAAM,cAAe,WAAuC,6BAA6B;AACzF,MAAI,eAAe,OAAO,gBAAgB,UAAU;AAClD,UAAM,QAAQ;AACd,QAAI,MAAM,sBAAsB,OAAO,MAAM,QAAQ,MAAM,SAAS,GAAG;AACrE,aAAO;AAAA,IACT;AAAA,EACF;AACA,QAAM,UAAwB;AAAA,IAC5B,YAAY,oBAAI,IAAoC;AAAA,IACpD,WAAW,CAAC;AAAA,EACd;AACC,EAAC,WAAuC,6BAA6B,IAAI;AAC1E,SAAO;AACT;AAEO,SAAS,kBAAoC,OAAuC;AACzF,QAAM,QAAQ,SAAS;AACvB,QAAM,WAAW,IAAI,MAAM,IAAI,KAA+B;AAChE;AAEO,SAAS,2BAA2B,WAAgC;AACzE,QAAM,QAAQ,SAAS;AACvB,QAAM,YAAY,CAAC,GAAG,SAAS;AACjC;AAEO,SAAS,kBAAkB,aAAoD;AACpF,QAAM,QAAQ,SAAS;AACvB,SAAO,MAAM,WAAW,IAAI,WAAW,KAAK;AAC9C;AAEO,SAAS,sBAAsB,aAAqB,cAAuD;AAChH,QAAM,QAAQ,SAAS;AACvB,QAAM,WAAW,MAAM,UAAU,OAAO,CAAC,aAAa;AACpD,QAAI,SAAS,OAAO,gBAAgB,YAAa,QAAO;AACxD,QAAI,SAAS,YAAY,SAAS,SAAS,SAAS,GAAG;AACrD,UAAI,CAAC,eAAe,cAAc,SAAS,QAAQ,EAAG,QAAO;AAAA,IAC/D;AACA,WAAO;AAAA,EACT,CAAC;AACD,SAAO,SAAS,KAAK,CAAC,GAAG,MAAM,EAAE,WAAW,EAAE,QAAQ;AACxD;AAEO,SAAS,2BACd,aACA,UACA,cACuB;AACvB,QAAM,YAAY,sBAAsB,aAAa,YAAY;AACjE,MAAI,WAAkC;AACtC,aAAW,YAAY,WAAW;AAChC,QAAI,iBAAiB,UAAU;AAC7B,iBAAW,SAAS;AACpB;AAAA,IACF;AACA,QAAI,aAAa,UAAU;AACzB,iBAAW,SAAS,QAAQ,QAAkC;AAC9D;AAAA,IACF;AACA,QAAI,oBAAoB,UAAU;AAChC,YAAM,YAAY,SAAS;AAC3B,YAAM,UAAU;AAChB,kBAAY,CAAC,UAAkB;AAC7B,cAAM,cAAc,UAAU,KAAK;AACnC,eAAO,MAAM,cAAc,SAAmD,WAAsC;AAAA,MACtH;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEO,MAAM,8BAA8B;AAAA,EACzC,MAAM,CAAC,SAAiB,QAAQ,IAAI;AAAA,EACpC,WAAW,CAAC,YAAoB,cAAc,OAAO;AAAA,EACrD,UAAU,CAAC,aAAqB,aAAa,QAAQ;AAAA,EACrD,SAAS,CAAC,OAAe,cAAsB,WAAW,KAAK,IAAI,SAAS;AAC9E;",
   "names": []
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@open-mercato/shared",
-  "version": "0.4.8-canary-8502c817af",
+  "version": "0.4.8-develop-4e71d95aba",
   "type": "module",
   "main": "./dist/index.js",
   "scripts": {

package/src/lib/auth/server.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { cookies } from 'next/headers.js'
+import { cookies } from 'next/headers'
 import type { EntityManager } from '@mikro-orm/postgresql'
 import { verifyJwt } from './jwt'

package/src/modules/widgets/component-registry.ts CHANGED Viewed

@@ -40,19 +40,6 @@ type RuntimeState = {
 const GLOBAL_COMPONENT_REGISTRY_KEY = '__openMercatoComponentRegistry__'
-function isComponentOverride(value: unknown): value is ComponentOverride {
-  if (!value || typeof value !== 'object') {
-    return false
-  }
-  const target = (value as { target?: { componentId?: unknown } }).target
-  if (!target || typeof target !== 'object') {
-    return false
-  }
-  return typeof target.componentId === 'string' && target.componentId.length > 0
-}
 function getState(): RuntimeState {
   const globalValue = (globalThis as Record<string, unknown>)[GLOBAL_COMPONENT_REGISTRY_KEY]
   if (globalValue && typeof globalValue === 'object') {
@@ -76,7 +63,7 @@ export function registerComponent<TProps = unknown>(entry: ComponentRegistryEntr
 export function registerComponentOverrides(overrides: ComponentOverride[]) {
   const state = getState()
-  state.overrides = overrides.filter(isComponentOverride)
+  state.overrides = [...overrides]
 }
 export function getComponentEntry(componentId: string): ComponentRegistryEntry | null {
@@ -87,7 +74,6 @@ export function getComponentEntry(componentId: string): ComponentRegistryEntry |
 export function getComponentOverrides(componentId: string, userFeatures?: readonly string[]): ComponentOverride[] {
   const state = getState()
   const relevant = state.overrides.filter((override) => {
-    if (!isComponentOverride(override)) return false
     if (override.target.componentId !== componentId) return false
     if (override.features && override.features.length > 0) {
       if (!hasAllFeatures(userFeatures, override.features)) return false

package/dist/lib/crud/custom-route-interceptor.js DELETED Viewed

@@ -1,27 +0,0 @@
-import { runApiInterceptorsAfter } from "./interceptor-runner.js";
-function normalizeIdentity(value) {
-  if (!value) return "";
-  return value;
-}
-async function runCustomRouteAfterInterceptors(args) {
-  return runApiInterceptorsAfter({
-    routePath: args.routePath,
-    method: args.method,
-    request: args.request,
-    response: args.response,
-    context: {
-      em: args.context.em,
-      container: args.context.container,
-      userId: normalizeIdentity(args.context.userId),
-      organizationId: normalizeIdentity(args.context.organizationId),
-      tenantId: normalizeIdentity(args.context.tenantId),
-      userFeatures: args.context.userFeatures ?? [],
-      extensionHeaders: args.context.extensionHeaders
-    },
-    metadataByInterceptor: args.metadataByInterceptor
-  });
-}
-export {
-  runCustomRouteAfterInterceptors
-};
-//# sourceMappingURL=custom-route-interceptor.js.map

package/dist/lib/crud/custom-route-interceptor.js.map DELETED Viewed

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../../src/lib/crud/custom-route-interceptor.ts"],
-  "sourcesContent": ["import type { InterceptorContext, InterceptorRequest, InterceptorResponse, ApiInterceptorMethod } from './api-interceptor'\nimport { runApiInterceptorsAfter, type RunInterceptorsAfterResult } from './interceptor-runner'\n\nexport type CustomRouteAfterInterceptorContext = {\n  em: InterceptorContext['em']\n  container: InterceptorContext['container']\n  userId?: string | null\n  organizationId?: string | null\n  tenantId?: string | null\n  userFeatures?: string[]\n  extensionHeaders?: InterceptorContext['extensionHeaders']\n}\n\ntype RunCustomRouteAfterInterceptorsArgs = {\n  routePath: string\n  method: ApiInterceptorMethod\n  request: InterceptorRequest\n  response: InterceptorResponse\n  context: CustomRouteAfterInterceptorContext\n  metadataByInterceptor?: Record<string, Record<string, unknown> | undefined>\n}\n\nfunction normalizeIdentity(value: string | null | undefined): string {\n  if (!value) return ''\n  return value\n}\n\nexport async function runCustomRouteAfterInterceptors(\n  args: RunCustomRouteAfterInterceptorsArgs,\n): Promise<RunInterceptorsAfterResult> {\n  return runApiInterceptorsAfter({\n    routePath: args.routePath,\n    method: args.method,\n    request: args.request,\n    response: args.response,\n    context: {\n      em: args.context.em,\n      container: args.context.container,\n      userId: normalizeIdentity(args.context.userId),\n      organizationId: normalizeIdentity(args.context.organizationId),\n      tenantId: normalizeIdentity(args.context.tenantId),\n      userFeatures: args.context.userFeatures ?? [],\n      extensionHeaders: args.context.extensionHeaders,\n    },\n    metadataByInterceptor: args.metadataByInterceptor,\n  })\n}\n"],
-  "mappings": "AACA,SAAS,+BAAgE;AAqBzE,SAAS,kBAAkB,OAA0C;AACnE,MAAI,CAAC,MAAO,QAAO;AACnB,SAAO;AACT;AAEA,eAAsB,gCACpB,MACqC;AACrC,SAAO,wBAAwB;AAAA,IAC7B,WAAW,KAAK;AAAA,IAChB,QAAQ,KAAK;AAAA,IACb,SAAS,KAAK;AAAA,IACd,UAAU,KAAK;AAAA,IACf,SAAS;AAAA,MACP,IAAI,KAAK,QAAQ;AAAA,MACjB,WAAW,KAAK,QAAQ;AAAA,MACxB,QAAQ,kBAAkB,KAAK,QAAQ,MAAM;AAAA,MAC7C,gBAAgB,kBAAkB,KAAK,QAAQ,cAAc;AAAA,MAC7D,UAAU,kBAAkB,KAAK,QAAQ,QAAQ;AAAA,MACjD,cAAc,KAAK,QAAQ,gBAAgB,CAAC;AAAA,MAC5C,kBAAkB,KAAK,QAAQ;AAAA,IACjC;AAAA,IACA,uBAAuB,KAAK;AAAA,EAC9B,CAAC;AACH;",
-  "names": []
-}

package/dist/lib/middleware/page-executor.js DELETED Viewed

@@ -1,42 +0,0 @@
-import { CONTINUE_PAGE_MIDDLEWARE, matchPageMiddlewareTarget } from "@open-mercato/shared/modules/middleware/page";
-const DEFAULT_PRIORITY = 100;
-function shouldRunMiddleware(middleware, mode, pathname) {
-  if (middleware.mode && middleware.mode !== mode) return false;
-  return matchPageMiddlewareTarget(pathname, middleware.target);
-}
-function compareMiddleware(a, b) {
-  const priorityDiff = (a.priority ?? DEFAULT_PRIORITY) - (b.priority ?? DEFAULT_PRIORITY);
-  if (priorityDiff !== 0) return priorityDiff;
-  return a.id.localeCompare(b.id);
-}
-function flattenAndSortMiddleware(entries, mode, pathname) {
-  return entries.flatMap((entry) => entry.middleware).filter((middleware) => shouldRunMiddleware(middleware, mode, pathname)).sort(compareMiddleware);
-}
-async function executePageMiddleware(args) {
-  const { entries, context, onError } = args;
-  const matchedMiddleware = flattenAndSortMiddleware(entries, context.mode, context.pathname);
-  for (const middleware of matchedMiddleware) {
-    try {
-      const result = await middleware.run(context);
-      if (result.action === "redirect") return result;
-    } catch (error) {
-      if (onError) {
-        onError(error, { id: middleware.id, priority: middleware.priority });
-      } else {
-        console.error("[middleware:page] execution failed", { id: middleware.id, error });
-      }
-      throw error;
-    }
-  }
-  return CONTINUE_PAGE_MIDDLEWARE;
-}
-async function resolvePageMiddlewareRedirect(args) {
-  const result = await executePageMiddleware(args);
-  if (result.action !== "redirect") return null;
-  return result.location;
-}
-export {
-  executePageMiddleware,
-  resolvePageMiddlewareRedirect
-};
-//# sourceMappingURL=page-executor.js.map

package/dist/lib/middleware/page-executor.js.map DELETED Viewed

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../../src/lib/middleware/page-executor.ts"],
-  "sourcesContent": ["import type {\n  PageMiddlewareContext,\n  PageMiddlewareMode,\n  PageMiddlewareRegistryEntry,\n  PageMiddlewareResult,\n  PageRouteMiddleware,\n} from '@open-mercato/shared/modules/middleware/page'\nimport { CONTINUE_PAGE_MIDDLEWARE, matchPageMiddlewareTarget } from '@open-mercato/shared/modules/middleware/page'\n\ntype ExecutePageMiddlewareArgs = {\n  entries: PageMiddlewareRegistryEntry[]\n  context: PageMiddlewareContext\n  onError?: (error: unknown, middleware: Pick<PageRouteMiddleware, 'id' | 'priority'>) => void\n}\n\nconst DEFAULT_PRIORITY = 100\n\nfunction shouldRunMiddleware(middleware: PageRouteMiddleware, mode: PageMiddlewareMode, pathname: string): boolean {\n  if (middleware.mode && middleware.mode !== mode) return false\n  return matchPageMiddlewareTarget(pathname, middleware.target)\n}\n\nfunction compareMiddleware(a: PageRouteMiddleware, b: PageRouteMiddleware): number {\n  const priorityDiff = (a.priority ?? DEFAULT_PRIORITY) - (b.priority ?? DEFAULT_PRIORITY)\n  if (priorityDiff !== 0) return priorityDiff\n  return a.id.localeCompare(b.id)\n}\n\nfunction flattenAndSortMiddleware(\n  entries: PageMiddlewareRegistryEntry[],\n  mode: PageMiddlewareMode,\n  pathname: string\n): PageRouteMiddleware[] {\n  return entries\n    .flatMap((entry) => entry.middleware)\n    .filter((middleware) => shouldRunMiddleware(middleware, mode, pathname))\n    .sort(compareMiddleware)\n}\n\nexport async function executePageMiddleware(args: ExecutePageMiddlewareArgs): Promise<PageMiddlewareResult> {\n  const { entries, context, onError } = args\n  const matchedMiddleware = flattenAndSortMiddleware(entries, context.mode, context.pathname)\n  for (const middleware of matchedMiddleware) {\n    try {\n      const result = await middleware.run(context)\n      if (result.action === 'redirect') return result\n    } catch (error) {\n      if (onError) {\n        onError(error, { id: middleware.id, priority: middleware.priority })\n      } else {\n        console.error('[middleware:page] execution failed', { id: middleware.id, error })\n      }\n      throw error\n    }\n  }\n  return CONTINUE_PAGE_MIDDLEWARE\n}\n\nexport async function resolvePageMiddlewareRedirect(args: ExecutePageMiddlewareArgs): Promise<string | null> {\n  const result = await executePageMiddleware(args)\n  if (result.action !== 'redirect') return null\n  return result.location\n}\n"],
-  "mappings": "AAOA,SAAS,0BAA0B,iCAAiC;AAQpE,MAAM,mBAAmB;AAEzB,SAAS,oBAAoB,YAAiC,MAA0B,UAA2B;AACjH,MAAI,WAAW,QAAQ,WAAW,SAAS,KAAM,QAAO;AACxD,SAAO,0BAA0B,UAAU,WAAW,MAAM;AAC9D;AAEA,SAAS,kBAAkB,GAAwB,GAAgC;AACjF,QAAM,gBAAgB,EAAE,YAAY,qBAAqB,EAAE,YAAY;AACvE,MAAI,iBAAiB,EAAG,QAAO;AAC/B,SAAO,EAAE,GAAG,cAAc,EAAE,EAAE;AAChC;AAEA,SAAS,yBACP,SACA,MACA,UACuB;AACvB,SAAO,QACJ,QAAQ,CAAC,UAAU,MAAM,UAAU,EACnC,OAAO,CAAC,eAAe,oBAAoB,YAAY,MAAM,QAAQ,CAAC,EACtE,KAAK,iBAAiB;AAC3B;AAEA,eAAsB,sBAAsB,MAAgE;AAC1G,QAAM,EAAE,SAAS,SAAS,QAAQ,IAAI;AACtC,QAAM,oBAAoB,yBAAyB,SAAS,QAAQ,MAAM,QAAQ,QAAQ;AAC1F,aAAW,cAAc,mBAAmB;AAC1C,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,IAAI,OAAO;AAC3C,UAAI,OAAO,WAAW,WAAY,QAAO;AAAA,IAC3C,SAAS,OAAO;AACd,UAAI,SAAS;AACX,gBAAQ,OAAO,EAAE,IAAI,WAAW,IAAI,UAAU,WAAW,SAAS,CAAC;AAAA,MACrE,OAAO;AACL,gBAAQ,MAAM,sCAAsC,EAAE,IAAI,WAAW,IAAI,MAAM,CAAC;AAAA,MAClF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AACA,SAAO;AACT;AAEA,eAAsB,8BAA8B,MAAyD;AAC3G,QAAM,SAAS,MAAM,sBAAsB,IAAI;AAC/C,MAAI,OAAO,WAAW,WAAY,QAAO;AACzC,SAAO,OAAO;AAChB;",
-  "names": []
-}

package/dist/modules/middleware/page.js DELETED Viewed

@@ -1,15 +0,0 @@
-function matchPageMiddlewareTarget(pathname, target) {
-  if (target instanceof RegExp) {
-    return target.test(pathname);
-  }
-  if (target.endsWith("*")) {
-    return pathname.startsWith(target.slice(0, -1));
-  }
-  return pathname === target;
-}
-const CONTINUE_PAGE_MIDDLEWARE = { action: "continue" };
-export {
-  CONTINUE_PAGE_MIDDLEWARE,
-  matchPageMiddlewareTarget
-};
-//# sourceMappingURL=page.js.map

package/dist/modules/middleware/page.js.map DELETED Viewed

@@ -1,7 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../../../src/modules/middleware/page.ts"],
-  "sourcesContent": ["import type { AuthContext } from '@open-mercato/shared/lib/auth/server'\n\nexport type PageMiddlewareMode = 'frontend' | 'backend'\n\nexport type PageRouteMeta = {\n  requireAuth?: boolean\n  requireRoles?: string[]\n  requireFeatures?: string[]\n}\n\nexport type PageMiddlewareContainer = {\n  resolve: (name: string) => unknown\n}\n\nexport type PageMiddlewareContext = {\n  pathname: string\n  mode: PageMiddlewareMode\n  routeMeta: PageRouteMeta\n  auth: AuthContext\n  ensureContainer: () => Promise<PageMiddlewareContainer>\n}\n\nexport type PageMiddlewareResult =\n  | { action: 'continue' }\n  | { action: 'redirect'; location: string }\n\nexport type PageMiddlewareTarget = string | RegExp\n\nexport type PageRouteMiddleware = {\n  id: string\n  mode?: PageMiddlewareMode\n  target: PageMiddlewareTarget\n  priority?: number\n  run: (ctx: PageMiddlewareContext) => Promise<PageMiddlewareResult> | PageMiddlewareResult\n}\n\nexport type PageMiddlewareRegistryEntry = {\n  moduleId: string\n  middleware: PageRouteMiddleware[]\n}\n\nexport function matchPageMiddlewareTarget(pathname: string, target: PageMiddlewareTarget): boolean {\n  if (target instanceof RegExp) {\n    return target.test(pathname)\n  }\n  if (target.endsWith('*')) {\n    return pathname.startsWith(target.slice(0, -1))\n  }\n  return pathname === target\n}\n\nexport const CONTINUE_PAGE_MIDDLEWARE: PageMiddlewareResult = { action: 'continue' }\n"],
-  "mappings": "AAyCO,SAAS,0BAA0B,UAAkB,QAAuC;AACjG,MAAI,kBAAkB,QAAQ;AAC5B,WAAO,OAAO,KAAK,QAAQ;AAAA,EAC7B;AACA,MAAI,OAAO,SAAS,GAAG,GAAG;AACxB,WAAO,SAAS,WAAW,OAAO,MAAM,GAAG,EAAE,CAAC;AAAA,EAChD;AACA,SAAO,aAAa;AACtB;AAEO,MAAM,2BAAiD,EAAE,QAAQ,WAAW;",
-  "names": []
-}

package/src/lib/crud/__tests__/custom-route-interceptor.test.ts DELETED Viewed

@@ -1,180 +0,0 @@
-import { registerApiInterceptors } from '@open-mercato/shared/lib/crud/interceptor-registry'
-import { runCustomRouteAfterInterceptors } from '@open-mercato/shared/lib/crud/custom-route-interceptor'
-import type { InterceptorContext } from '@open-mercato/shared/lib/crud/api-interceptor'
-function buildArgs() {
-  return {
-    routePath: 'auth/login',
-    method: 'POST' as const,
-    request: {
-      method: 'POST' as const,
-      url: 'http://localhost/api/auth/login',
-      headers: {},
-      body: { email: 'user@example.com' },
-    },
-    response: {
-      statusCode: 200,
-      body: { ok: true, token: 'token-1', redirect: '/backend' },
-      headers: { 'x-test': '1' },
-    },
-    context: {
-      em: {} as InterceptorContext['em'],
-      container: { resolve: jest.fn() } as unknown as InterceptorContext['container'],
-    },
-  }
-}
-describe('runCustomRouteAfterInterceptors', () => {
-  beforeEach(() => {
-    registerApiInterceptors([])
-    jest.clearAllMocks()
-  })
-  test('returns unchanged response when no interceptor matches', async () => {
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result).toEqual({
-      ok: true,
-      statusCode: 200,
-      body: { ok: true, token: 'token-1', redirect: '/backend' },
-      headers: { 'x-test': '1' },
-    })
-  })
-  test('supports merge result from matching after interceptor', async () => {
-    registerApiInterceptors([
-      {
-        moduleId: 'example',
-        interceptors: [
-          {
-            id: 'example.auth.login.merge',
-            targetRoute: 'auth/login',
-            methods: ['POST'],
-            async after() {
-              return { merge: { mfa_required: true } }
-            },
-          },
-        ],
-      },
-    ])
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result.ok).toBe(true)
-    expect(result.body).toEqual({
-      ok: true,
-      token: 'token-1',
-      redirect: '/backend',
-      mfa_required: true,
-    })
-  })
-  test('supports replace result from matching after interceptor', async () => {
-    registerApiInterceptors([
-      {
-        moduleId: 'example',
-        interceptors: [
-          {
-            id: 'example.auth.login.replace',
-            targetRoute: 'auth/login',
-            methods: ['POST'],
-            async after() {
-              return { replace: { ok: true, mfa_required: true, challenge_id: 'c-1', token: 'pending' } }
-            },
-          },
-        ],
-      },
-    ])
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result.ok).toBe(true)
-    expect(result.body).toEqual({
-      ok: true,
-      mfa_required: true,
-      challenge_id: 'c-1',
-      token: 'pending',
-    })
-  })
-  test('propagates timeout failures from interceptor runner', async () => {
-    registerApiInterceptors([
-      {
-        moduleId: 'example',
-        interceptors: [
-          {
-            id: 'example.auth.login.timeout',
-            targetRoute: 'auth/login',
-            methods: ['POST'],
-            timeoutMs: 5,
-            async after() {
-              await new Promise((resolve) => setTimeout(resolve, 20))
-              return {}
-            },
-          },
-        ],
-      },
-    ])
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result.ok).toBe(false)
-    expect(result.statusCode).toBe(504)
-  })
-  test('supports unauthenticated execution context defaults', async () => {
-    const capturedContexts: Array<{ userId: string; organizationId: string; tenantId: string; userFeatures?: string[] }> = []
-    registerApiInterceptors([
-      {
-        moduleId: 'example',
-        interceptors: [
-          {
-            id: 'example.auth.login.capture-context',
-            targetRoute: 'auth/login',
-            methods: ['POST'],
-            async after(_request, _response, context) {
-              capturedContexts.push({
-                userId: context.userId,
-                organizationId: context.organizationId,
-                tenantId: context.tenantId,
-                userFeatures: context.userFeatures,
-              })
-              return {}
-            },
-          },
-        ],
-      },
-    ])
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result.ok).toBe(true)
-    expect(capturedContexts).toEqual([
-      {
-        userId: '',
-        organizationId: '',
-        tenantId: '',
-        userFeatures: [],
-      },
-    ])
-  })
-  test('propagates interceptor exceptions as failed responses', async () => {
-    registerApiInterceptors([
-      {
-        moduleId: 'example',
-        interceptors: [
-          {
-            id: 'example.auth.login.throw',
-            targetRoute: 'auth/login',
-            methods: ['POST'],
-            async after() {
-              throw new Error('boom')
-            },
-          },
-        ],
-      },
-    ])
-    const result = await runCustomRouteAfterInterceptors(buildArgs())
-    expect(result.ok).toBe(false)
-    expect(result.statusCode).toBe(500)
-    expect(result.body.error).toBe('Internal interceptor error')
-  })
-})

package/src/lib/crud/custom-route-interceptor.ts DELETED Viewed

@@ -1,47 +0,0 @@
-import type { InterceptorContext, InterceptorRequest, InterceptorResponse, ApiInterceptorMethod } from './api-interceptor'
-import { runApiInterceptorsAfter, type RunInterceptorsAfterResult } from './interceptor-runner'
-export type CustomRouteAfterInterceptorContext = {
-  em: InterceptorContext['em']
-  container: InterceptorContext['container']
-  userId?: string | null
-  organizationId?: string | null
-  tenantId?: string | null
-  userFeatures?: string[]
-  extensionHeaders?: InterceptorContext['extensionHeaders']
-}
-type RunCustomRouteAfterInterceptorsArgs = {
-  routePath: string
-  method: ApiInterceptorMethod
-  request: InterceptorRequest
-  response: InterceptorResponse
-  context: CustomRouteAfterInterceptorContext
-  metadataByInterceptor?: Record<string, Record<string, unknown> | undefined>
-}
-function normalizeIdentity(value: string | null | undefined): string {
-  if (!value) return ''
-  return value
-}
-export async function runCustomRouteAfterInterceptors(
-  args: RunCustomRouteAfterInterceptorsArgs,
-): Promise<RunInterceptorsAfterResult> {
-  return runApiInterceptorsAfter({
-    routePath: args.routePath,
-    method: args.method,
-    request: args.request,
-    response: args.response,
-    context: {
-      em: args.context.em,
-      container: args.context.container,
-      userId: normalizeIdentity(args.context.userId),
-      organizationId: normalizeIdentity(args.context.organizationId),
-      tenantId: normalizeIdentity(args.context.tenantId),
-      userFeatures: args.context.userFeatures ?? [],
-      extensionHeaders: args.context.extensionHeaders,
-    },
-    metadataByInterceptor: args.metadataByInterceptor,
-  })
-}

package/src/lib/middleware/__tests__/page-executor.test.ts DELETED Viewed

@@ -1,161 +0,0 @@
-import {
-  executePageMiddleware,
-  resolvePageMiddlewareRedirect,
-} from '@open-mercato/shared/lib/middleware/page-executor'
-import {
-  CONTINUE_PAGE_MIDDLEWARE,
-  matchPageMiddlewareTarget,
-  type PageMiddlewareContext,
-  type PageMiddlewareRegistryEntry,
-} from '@open-mercato/shared/modules/middleware/page'
-function buildContext(overrides?: Partial<PageMiddlewareContext>): PageMiddlewareContext {
-  return {
-    pathname: '/backend/customers/people',
-    mode: 'backend',
-    routeMeta: { requireAuth: true },
-    auth: {
-      sub: 'user-1',
-      tenantId: 'tenant-1',
-      orgId: 'org-1',
-      roles: ['admin'],
-    },
-    ensureContainer: async () => ({ resolve: () => null }),
-    ...overrides,
-  }
-}
-describe('matchPageMiddlewareTarget', () => {
-  it('matches exact string targets', () => {
-    expect(matchPageMiddlewareTarget('/backend', '/backend')).toBe(true)
-    expect(matchPageMiddlewareTarget('/backend/customers', '/backend')).toBe(false)
-  })
-  it('matches wildcard prefix targets', () => {
-    expect(matchPageMiddlewareTarget('/backend/customers', '/backend/*')).toBe(true)
-    expect(matchPageMiddlewareTarget('/frontend/home', '/backend/*')).toBe(false)
-  })
-  it('matches regexp targets', () => {
-    expect(matchPageMiddlewareTarget('/backend/customers', /^\/backend\/.+$/)).toBe(true)
-    expect(matchPageMiddlewareTarget('/backend', /^\/backend\/.+$/)).toBe(false)
-  })
-})
-describe('executePageMiddleware', () => {
-  it('returns continue when no middleware matches', async () => {
-    const entries: PageMiddlewareRegistryEntry[] = [
-      {
-        moduleId: 'security',
-        middleware: [
-          {
-            id: 'security.frontend',
-            mode: 'frontend',
-            target: '/frontend/*',
-            run: async () => CONTINUE_PAGE_MIDDLEWARE,
-          },
-        ],
-      },
-    ]
-    await expect(executePageMiddleware({ entries, context: buildContext() })).resolves.toEqual(
-      CONTINUE_PAGE_MIDDLEWARE,
-    )
-  })
-  it('applies deterministic priority ordering and short-circuits on redirect', async () => {
-    const calls: string[] = []
-    const entries: PageMiddlewareRegistryEntry[] = [
-      {
-        moduleId: 'mod-a',
-        middleware: [
-          {
-            id: 'mod-a.first',
-            mode: 'backend',
-            target: '/backend/*',
-            priority: 20,
-            run: async () => {
-              calls.push('mod-a.first')
-              return CONTINUE_PAGE_MIDDLEWARE
-            },
-          },
-          {
-            id: 'mod-a.third',
-            mode: 'backend',
-            target: '/backend/*',
-            priority: 30,
-            run: async () => {
-              calls.push('mod-a.third')
-              return CONTINUE_PAGE_MIDDLEWARE
-            },
-          },
-        ],
-      },
-      {
-        moduleId: 'mod-b',
-        middleware: [
-          {
-            id: 'mod-b.second',
-            mode: 'backend',
-            target: '/backend/*',
-            priority: 25,
-            run: async () => {
-              calls.push('mod-b.second')
-              return { action: 'redirect', location: '/backend/profile/security/mfa' } as const
-            },
-          },
-        ],
-      },
-    ]
-    await expect(
-      executePageMiddleware({ entries, context: buildContext() }),
-    ).resolves.toEqual({ action: 'redirect', location: '/backend/profile/security/mfa' })
-    expect(calls).toEqual(['mod-a.first', 'mod-b.second'])
-  })
-  it('throws and emits error callback on middleware failure', async () => {
-    const onError = jest.fn()
-    const entries: PageMiddlewareRegistryEntry[] = [
-      {
-        moduleId: 'mod-a',
-        middleware: [
-          {
-            id: 'mod-a.fail',
-            mode: 'backend',
-            target: '/backend/*',
-            run: async () => {
-              throw new Error('boom')
-            },
-          },
-        ],
-      },
-    ]
-    await expect(
-      executePageMiddleware({ entries, context: buildContext(), onError }),
-    ).rejects.toThrow('boom')
-    expect(onError).toHaveBeenCalledWith(expect.any(Error), { id: 'mod-a.fail', priority: undefined })
-  })
-})
-describe('resolvePageMiddlewareRedirect', () => {
-  it('returns redirect location for first terminal middleware', async () => {
-    const entries: PageMiddlewareRegistryEntry[] = [
-      {
-        moduleId: 'mod-a',
-        middleware: [
-          {
-            id: 'mod-a.redirect',
-            target: '/backend/*',
-            run: async () => ({ action: 'redirect', location: '/backend/profile/security/mfa' }),
-          },
-        ],
-      },
-    ]
-    await expect(resolvePageMiddlewareRedirect({ entries, context: buildContext() })).resolves.toBe(
-      '/backend/profile/security/mfa',
-    )
-  })
-})

package/src/lib/middleware/page-executor.ts DELETED Viewed

@@ -1,63 +0,0 @@
-import type {
-  PageMiddlewareContext,
-  PageMiddlewareMode,
-  PageMiddlewareRegistryEntry,
-  PageMiddlewareResult,
-  PageRouteMiddleware,
-} from '@open-mercato/shared/modules/middleware/page'
-import { CONTINUE_PAGE_MIDDLEWARE, matchPageMiddlewareTarget } from '@open-mercato/shared/modules/middleware/page'
-type ExecutePageMiddlewareArgs = {
-  entries: PageMiddlewareRegistryEntry[]
-  context: PageMiddlewareContext
-  onError?: (error: unknown, middleware: Pick<PageRouteMiddleware, 'id' | 'priority'>) => void
-}
-const DEFAULT_PRIORITY = 100
-function shouldRunMiddleware(middleware: PageRouteMiddleware, mode: PageMiddlewareMode, pathname: string): boolean {
-  if (middleware.mode && middleware.mode !== mode) return false
-  return matchPageMiddlewareTarget(pathname, middleware.target)
-}
-function compareMiddleware(a: PageRouteMiddleware, b: PageRouteMiddleware): number {
-  const priorityDiff = (a.priority ?? DEFAULT_PRIORITY) - (b.priority ?? DEFAULT_PRIORITY)
-  if (priorityDiff !== 0) return priorityDiff
-  return a.id.localeCompare(b.id)
-}
-function flattenAndSortMiddleware(
-  entries: PageMiddlewareRegistryEntry[],
-  mode: PageMiddlewareMode,
-  pathname: string
-): PageRouteMiddleware[] {
-  return entries
-    .flatMap((entry) => entry.middleware)
-    .filter((middleware) => shouldRunMiddleware(middleware, mode, pathname))
-    .sort(compareMiddleware)
-}
-export async function executePageMiddleware(args: ExecutePageMiddlewareArgs): Promise<PageMiddlewareResult> {
-  const { entries, context, onError } = args
-  const matchedMiddleware = flattenAndSortMiddleware(entries, context.mode, context.pathname)
-  for (const middleware of matchedMiddleware) {
-    try {
-      const result = await middleware.run(context)
-      if (result.action === 'redirect') return result
-    } catch (error) {
-      if (onError) {
-        onError(error, { id: middleware.id, priority: middleware.priority })
-      } else {
-        console.error('[middleware:page] execution failed', { id: middleware.id, error })
-      }
-      throw error
-    }
-  }
-  return CONTINUE_PAGE_MIDDLEWARE
-}
-export async function resolvePageMiddlewareRedirect(args: ExecutePageMiddlewareArgs): Promise<string | null> {
-  const result = await executePageMiddleware(args)
-  if (result.action !== 'redirect') return null
-  return result.location
-}

package/src/modules/middleware/page.ts DELETED Viewed

@@ -1,52 +0,0 @@
-import type { AuthContext } from '@open-mercato/shared/lib/auth/server'
-export type PageMiddlewareMode = 'frontend' | 'backend'
-export type PageRouteMeta = {
-  requireAuth?: boolean
-  requireRoles?: string[]
-  requireFeatures?: string[]
-}
-export type PageMiddlewareContainer = {
-  resolve: (name: string) => unknown
-}
-export type PageMiddlewareContext = {
-  pathname: string
-  mode: PageMiddlewareMode
-  routeMeta: PageRouteMeta
-  auth: AuthContext
-  ensureContainer: () => Promise<PageMiddlewareContainer>
-}
-export type PageMiddlewareResult =
-  | { action: 'continue' }
-  | { action: 'redirect'; location: string }
-export type PageMiddlewareTarget = string | RegExp
-export type PageRouteMiddleware = {
-  id: string
-  mode?: PageMiddlewareMode
-  target: PageMiddlewareTarget
-  priority?: number
-  run: (ctx: PageMiddlewareContext) => Promise<PageMiddlewareResult> | PageMiddlewareResult
-}
-export type PageMiddlewareRegistryEntry = {
-  moduleId: string
-  middleware: PageRouteMiddleware[]
-}
-export function matchPageMiddlewareTarget(pathname: string, target: PageMiddlewareTarget): boolean {
-  if (target instanceof RegExp) {
-    return target.test(pathname)
-  }
-  if (target.endsWith('*')) {
-    return pathname.startsWith(target.slice(0, -1))
-  }
-  return pathname === target
-}
-export const CONTINUE_PAGE_MIDDLEWARE: PageMiddlewareResult = { action: 'continue' }