@open-xamu-co/firebase-nuxt 1.0.0 → 1.1.0

package/dist/runtime/server/api/all-collection-document.get.js

@@ -0,0 +1,56 @@
+import { createError, getRouterParam, isError, setResponseStatus } from "h3";
+import { defineConditionallyCachedEventHandler } from "../utils/cache.js";
+import { debugFirebaseServer, resolveServerDocumentRefs } from "../utils/firestore.js";
+import { apiLogger, getServerFirebase } from "../utils/firebase.js";
+import { readCollection, readInstanceCollection } from "#internal/firebase-nuxt";
+export default defineConditionallyCachedEventHandler(
+  async (event) => {
+    const { firebaseFirestore } = getServerFirebase("api:all:[collectionId]:[documentId]");
+    const { currentInstanceRef } = event.context;
+    try {
+      const collectionId = getRouterParam(event, "collectionId");
+      const documentId = getRouterParam(event, "documentId");
+      debugFirebaseServer(
+        event,
+        "api:all:[collectionId]:[documentId]",
+        collectionId,
+        documentId
+      );
+      if (!collectionId || !documentId) {
+        throw createError({
+          statusCode: 400,
+          statusMessage: `collectionId & documentId are required`
+        });
+      }
+      let collectionRef = firebaseFirestore.collection(collectionId);
+      if (event.path.startsWith("/api/instance/all")) {
+        if (!readInstanceCollection(collectionId, event.context)) {
+          throw createError({
+            statusCode: 401,
+            statusMessage: `Can't get "instance/${collectionId}" document`
+          });
+        } else if (!currentInstanceRef) {
+          throw createError({ statusCode: 401, statusMessage: "Missing instance" });
+        }
+        collectionRef = currentInstanceRef.collection(collectionId);
+      } else if (!readCollection(collectionId, event.context)) {
+        throw createError({
+          statusCode: 401,
+          statusMessage: `Can't get "${collectionId}" document`
+        });
+      }
+      const documentsRef = collectionRef.doc(documentId);
+      const documentSnapshot = await documentsRef.get();
+      return resolveServerDocumentRefs(event, documentSnapshot, collectionId);
+    } catch (err) {
+      if (isError(err)) {
+        apiLogger(event, "api:all:[collectionId]:[documentId]", err.message, err);
+        return setResponseStatus(event, err.statusCode || 500, err.statusMessage);
+      }
+      throw err;
+    }
+  },
+  {
+    instanceOnly: false
+  }
+);

package/dist/runtime/server/api/all-collection.get.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Get the edges from a given instance sub-collection
+ *
+ * @auth guest
+ * @order createdAt
+ */
+declare const _default: import("../types/index.js").CachedEventHandler<import("h3").EventHandlerRequest, Promise<void | import("@open-xamu-co/ui-common-types").iPageEdge<FirebaseFirestore.DocumentData, string>[] | import("@open-xamu-co/ui-common-types").iPage<FirebaseFirestore.DocumentData, string>>>;
+export default _default;

package/dist/runtime/server/api/all-collection.get.js

@@ -0,0 +1,67 @@
+import { FieldPath } from "firebase-admin/firestore";
+import { createError, getQuery, getRouterParam, isError, setResponseStatus } from "h3";
+import { defineConditionallyCachedEventHandler } from "../utils/cache.js";
+import { getBoolean } from "../utils/guards.js";
+import { getDocumentId } from "../../client/utils/resolver.js";
+import {
+  debugFirebaseServer,
+  getEdgesPage,
+  getOrderedQuery,
+  getQueryAsEdges
+} from "../utils/firestore.js";
+import { apiLogger, getServerFirebase } from "../utils/firebase.js";
+import { readCollection, readInstanceCollection } from "#internal/firebase-nuxt";
+export default defineConditionallyCachedEventHandler(
+  async (event) => {
+    const fieldDocument = FieldPath.documentId();
+    const { firebaseFirestore } = getServerFirebase("api:all:[collectionId]");
+    const { currentInstanceRef } = event.context;
+    try {
+      const params = getQuery(event);
+      const page = getBoolean(params.page);
+      const collectionId = getRouterParam(event, "collectionId");
+      debugFirebaseServer(event, "api:all:[collectionId]", collectionId);
+      if (!collectionId) {
+        throw createError({ statusCode: 400, statusMessage: `collectionId is required` });
+      }
+      let query = firebaseFirestore.collection(collectionId);
+      if (event.path.startsWith("/api/instance/all")) {
+        if (!readInstanceCollection(collectionId, event.context)) {
+          throw createError({
+            statusCode: 401,
+            statusMessage: `Can't list "instance/${collectionId}"`
+          });
+        } else if (!currentInstanceRef) {
+          throw createError({ statusCode: 401, statusMessage: "Missing instance" });
+        }
+        query = currentInstanceRef.collection(collectionId);
+      } else if (!readCollection(collectionId, event.context)) {
+        throw createError({
+          statusCode: 401,
+          statusMessage: `Can't list "${collectionId}"`
+        });
+      }
+      if (params.include) {
+        let include = Array.isArray(params.include) ? params.include : [params.include];
+        include = include.filter((uid) => uid && !getBoolean(uid)).map(getDocumentId);
+        debugFirebaseServer(event, "api:all:[collectionId]:filtered", include);
+        if (!include.length) return [];
+        query = query.orderBy(fieldDocument).where(fieldDocument, "in", include);
+        return getQueryAsEdges(event, query);
+      }
+      query = getOrderedQuery(event, query);
+      if (page) return getEdgesPage(event, query);
+      const first = Math.min(Number(params.first) || 10, 100);
+      return getQueryAsEdges(event, query.limit(first));
+    } catch (err) {
+      if (isError(err)) {
+        apiLogger(event, "api:all:[collectionId]", err.message, err);
+        return setResponseStatus(event, err.statusCode || 500, err.statusMessage);
+      }
+      throw err;
+    }
+  },
+  {
+    instanceOnly: false
+  }
+);

package/dist/runtime/server/api/media.get.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Media endpoint
+ *
+ * Buffer check because of nitro issue:
+ * @see https://github.com/unjs/nitro/issues/1894
+ */
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<void | Buffer<ArrayBuffer>>>;
+export default _default;

package/dist/runtime/server/api/media.get.js

@@ -0,0 +1,114 @@
+import { createHash } from "node:crypto";
+import { getStorage } from "firebase-admin/storage";
+import { defineCachedFunction, useStorage } from "nitropack/runtime";
+import {
+  createError,
+  defineEventHandler,
+  getRouterParam,
+  isError,
+  sendError,
+  setHeaders
+} from "h3";
+import { storageBucket } from "../utils/environment.js";
+import { debugFirebaseServer } from "../utils/firestore.js";
+import { apiLogger } from "../utils/firebase.js";
+const maxAge = 60 * 60 * 24 * 30;
+const preventCache = {
+  "Cache-Control": "no-cache, no-store, must-revalidate",
+  Pragma: "no-cache",
+  Expires: "0"
+};
+import { readCollection, readInstanceCollection } from "#internal/firebase-nuxt";
+const cachedBufferHandler = defineCachedFunction(
+  async (event, path) => {
+    const { currentInstanceRef } = event.context;
+    debugFirebaseServer(event, "api:media", path);
+    if (!path) {
+      return { error: createError({ statusCode: 400, statusMessage: "Invalid file path" }) };
+    }
+    const [baseAndExtension] = path.split("?");
+    const [, collectionId, , fileOrSubCollectionId] = baseAndExtension.split("/");
+    if (collectionId === "instances" && !fileOrSubCollectionId.includes(".")) {
+      if (!readInstanceCollection(fileOrSubCollectionId, event.context)) {
+        throw createError({
+          statusCode: 401,
+          statusMessage: `Can't get "instance/${fileOrSubCollectionId}" file`
+        });
+      } else if (!currentInstanceRef) {
+        throw createError({ statusCode: 401, statusMessage: "Missing instance" });
+      }
+    } else if (!readCollection(collectionId, event.context)) {
+      throw createError({
+        statusCode: 401,
+        statusMessage: `Can't get "${collectionId}" file`
+      });
+    }
+    const serverStorage = getStorage();
+    const bucket = serverStorage.bucket(storageBucket);
+    const file = bucket.file(baseAndExtension);
+    const [, extension] = baseAndExtension.split(".");
+    switch (extension) {
+      case "webp": {
+        const [exists] = await file.exists();
+        const headers = { "Content-Type": "image/webp" };
+        if (exists) {
+          const [buffer] = await file.download();
+          return { buffer, headers };
+        }
+        const parts = baseAndExtension.split("/");
+        parts.pop();
+        const [files] = await bucket.getFiles({ prefix: parts.join("/") });
+        if (files.length) {
+          return {
+            headers: { ...preventCache, "Retry-After": "120" },
+            error: createError({
+              statusCode: 503,
+              statusMessage: `File with path: "${path}" is not ready yet`
+            })
+          };
+        }
+        break;
+      }
+    }
+    return {
+      headers: preventCache,
+      error: createError({
+        statusCode: 404,
+        statusMessage: `File with path: "${path}" does not exist`
+      })
+    };
+  },
+  {
+    name: "getMedia",
+    maxAge,
+    getKey(event, path) {
+      const [baseAndExtension] = path.split("?");
+      return createHash("sha256").update(baseAndExtension).digest("hex");
+    }
+  }
+);
+export default defineEventHandler(async (event) => {
+  const path = getRouterParam(event, "path") || "";
+  try {
+    const { buffer, headers, error } = await cachedBufferHandler(event, path);
+    if (headers) setHeaders(event, headers);
+    if (error || !buffer) {
+      const err = error || createError({
+        statusCode: 500,
+        statusMessage: `Something went wrong while trying to get file with path: "${path}"`
+      });
+      throw err;
+    }
+    return Buffer.from(buffer);
+  } catch (err) {
+    const storage = useStorage("cache");
+    const [baseAndExtension] = path.split("?");
+    const hash = createHash("sha256").update(baseAndExtension).digest("hex");
+    await storage.removeItem(`nitro:functions:getMedia:${hash}.json`);
+    if (isError(err)) {
+      if (err.statusCode !== 503) apiLogger(event, "api:media:[...path]", err.message, err);
+      return sendError(event, err);
+    }
+    throw err;
+  }
+});

package/dist/runtime/server/middleware/0.hotlinking.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Prevent hotlinking & clickjacking
+ */
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<void>>;
+export default _default;

package/dist/runtime/server/middleware/0.hotlinking.js

@@ -0,0 +1,28 @@
+import { isError, defineEventHandler, setResponseHeaders, setResponseStatus } from "h3";
+import { apiLogger } from "../utils/firebase.js";
+import { getRootInstance } from "../utils/instance.js";
+export default defineEventHandler(async (event) => {
+  try {
+    const root = await getRootInstance(event);
+    if (!root?.url) return setResponseStatus(event, 500, "Missing root instance");
+    const { hostname } = new URL(root.url);
+    setResponseHeaders(event, {
+      // Prevent clickjacking
+      "X-Frame-Options": "SAMEORIGIN",
+      // Legacy XSS protection
+      "X-XSS-Protection": "1; mode=block",
+      // Prevent MIME type sniffing
+      "X-Content-Type-Options": "nosniff",
+      // Prevent referrer leaks
+      "Referrer-Policy": "strict-origin-when-cross-origin",
+      // CSP Defaults, safe assets only
+      "Content-Security-Policy": `default-src 'self'; frame-src 'self' data: https:;img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self' https://*.${hostname};`
+    });
+  } catch (err) {
+    if (isError(err)) {
+      apiLogger(event, "api:middleware:hotlinking", err.message, err);
+      return setResponseStatus(event, err.statusCode, err.message);
+    }
+    throw err;
+  }
+});

package/dist/runtime/server/middleware/1.context.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Inject current instance and auth into context
+ */
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<void>>;
+export default _default;

package/dist/runtime/server/middleware/1.context.js

@@ -0,0 +1,108 @@
+import { createHash } from "node:crypto";
+import { FirebaseAuthError } from "firebase-admin/auth";
+import {
+  isError,
+  getRequestHeaders,
+  defineEventHandler,
+  setResponseHeaders,
+  setResponseStatus,
+  setResponseHeader,
+  getRequestHeader
+} from "h3";
+import { useStorage } from "nitropack/runtime";
+import { production } from "../utils/environment.js";
+import { apiLogger, getServerFirebase } from "../utils/firebase.js";
+import { getInstance } from "../utils/instance.js";
+import { getAuth } from "../utils/auth.js";
+export default defineEventHandler(async (event) => {
+  const { firebaseFirestore } = getServerFirebase("api:middleware:context");
+  const headers = getRequestHeaders(event);
+  const corsHeaders = ["Origin", "Referer", "User-Agent"].join(", ");
+  if (!event.path.startsWith("/api")) {
+    setResponseHeaders(event, {
+      "Access-Control-Allow-Methods": "GET,HEAD",
+      Vary: "Host, Origin"
+    });
+    if (event.method === "OPTIONS") {
+      setResponseHeaders(event, {
+        "Access-Control-Allow-Headers": corsHeaders,
+        "Access-Control-Expose-Headers": corsHeaders
+      });
+      setResponseStatus(event, 204, "No Content");
+    }
+    return;
+  }
+  const {
+    host = "",
+    "x-forwarded-host": forwardedHost = host,
+    "xamu-context-hits": contextHits = "0"
+  } = headers;
+  const [cleanHost] = forwardedHost.split(":");
+  try {
+    setResponseHeader(event, "Xamu-Context-Hits", String(Number(contextHits) + 1));
+    const { millis, ...instance } = await getInstance(event, forwardedHost);
+    const instanceRef = firebaseFirestore.doc(instance.id);
+    event.context.currentInstance = instance;
+    event.context.currentInstanceRef = instanceRef;
+    event.context.currentInstanceMillis = millis;
+    event.context.currentInstanceHost = cleanHost;
+    const origin = getRequestHeader(event, "X-Forwarded-Origin") || getRequestHeader(event, "Origin") || `https://${cleanHost}`;
+    const { hostname } = new URL(origin);
+    let corsOrigin = production ? `https://${cleanHost}` : "*";
+    if (instance.config?.domains?.includes(hostname)) corsOrigin = origin;
+    const corsHeadersExpose = [corsHeaders, "Content-Type", "Cache-control"].join(", ");
+    const corsHeadersAccept = [
+      corsHeadersExpose,
+      "Authorization",
+      "Host",
+      "Xamu-Context-Source"
+    ].join(", ");
+    setResponseHeaders(event, {
+      "Access-Control-Allow-Methods": "GET,HEAD,PUT,PATCH,POST,DELETE",
+      "Access-Control-Allow-Credentials": "true",
+      "Access-Control-Allow-Origin": corsOrigin,
+      Vary: "Host, Origin"
+    });
+    if (event.method === "OPTIONS") {
+      setResponseHeaders(event, {
+        "Access-Control-Allow-Headers": corsHeadersAccept,
+        "Access-Control-Expose-Headers": corsHeadersExpose
+      });
+      setResponseStatus(event, 204, "No Content");
+    }
+    const authorization = getRequestHeader(event, "X-Forwarded-Authorization") || getRequestHeader(event, "Authorization");
+    if (!authorization) return;
+    try {
+      const auth = await getAuth(event, authorization);
+      if (!auth) return;
+      event.context.currentAuth = auth;
+      event.context.currentAuthRef = instanceRef.collection("members").doc(auth.uid);
+    } catch (err) {
+      const storage = useStorage("cache");
+      const hash = createHash("sha256").update(authorization).digest("hex");
+      await storage.removeItem(`nitro:functions:getAuth:${hash}.json`);
+      if (err instanceof FirebaseAuthError || isError(err)) {
+        if ("code" in err && err.code === "auth/id-token-expired") return;
+        apiLogger(
+          event,
+          "api:middleware:context:auth",
+          `Path: "${event.path}", ${err.message}`,
+          err
+        );
+      }
+    }
+  } catch (err) {
+    const storage = useStorage("cache");
+    await storage.removeItem(`nitro:functions:getInstance:${cleanHost}.json`);
+    if (isError(err)) {
+      apiLogger(
+        event,
+        "api:middleware:context",
+        `Path: "${event.path}", ${err.message}`,
+        err
+      );
+      return setResponseStatus(event, err.statusCode, err.message);
+    }
+    throw err;
+  }
+});

package/dist/runtime/server/types/index.d.ts

@@ -0,0 +1,34 @@
+import type { DocumentReference } from "firebase-admin/firestore";
+import type { EventHandler, EventHandlerRequest, EventHandlerResponse, H3Event, H3EventContext } from "h3";
+import type { InstanceData } from "../../functions/types/index.js";
+import type { Instance, User } from "../../client/types/index.js";
+export interface H3Context extends H3EventContext {
+    currentInstance?: Instance & {
+        millis: string;
+        url: string;
+        id: string;
+    };
+    currentInstanceRef?: DocumentReference<InstanceData>;
+    /**
+     * Milliseconds from creation
+     */
+    currentInstanceMillis?: string;
+    /**
+     * Clean host without port
+     *
+     * @example "example.com"
+     * @cache used for instance cache key
+     */
+    currentInstanceHost?: string;
+    currentAuth?: User & {
+        id: string;
+        uid: string;
+    };
+    currentAuthRef?: DocumentReference;
+}
+export interface CachedH3Event<T extends EventHandlerRequest = EventHandlerRequest> extends Omit<H3Event<T>, "context"> {
+    context: H3Context;
+}
+export interface CachedEventHandler<T extends EventHandlerRequest = EventHandlerRequest, D extends EventHandlerResponse = EventHandlerResponse> extends Omit<EventHandler<T, D>, "event"> {
+    (event: CachedH3Event<T>): D;
+}

package/dist/runtime/server/utils/auth.d.ts

@@ -0,0 +1,10 @@
+import { type H3Event } from "h3";
+/**
+ * Get current auth
+ *
+ * @cache 2 minutes
+ */
+export declare const getAuth: (_: H3Event<import("h3").EventHandlerRequest>, authorization: string | undefined) => Promise<(import("../../client/types/index.js").User & {
+    id: string;
+    uid: string;
+}) | undefined>;

package/dist/runtime/server/utils/auth.js

@@ -0,0 +1,31 @@
+import { createHash } from "node:crypto";
+import { defineCachedFunction } from "nitropack/runtime";
+import { resolveServerRefs } from "./firestore.js";
+import { getServerFirebase } from "./firebase.js";
+export const getAuth = defineCachedFunction(
+  async function(event, authorization) {
+    if (!authorization) return;
+    const { firebaseAuth } = getServerFirebase("api:getAuth");
+    const { currentInstanceRef, currentInstance } = event.context;
+    if (!currentInstanceRef || !currentInstance) return;
+    const membersRef = currentInstanceRef.collection("members");
+    const { uid } = await firebaseAuth.verifyIdToken(authorization);
+    const snapshot = await membersRef.doc(uid).get();
+    const memberData = await resolveServerRefs(
+      snapshot,
+      { level: 1 },
+      false
+    );
+    const { user, ...member } = memberData || {};
+    return { ...user, ...member, uid, id: `${currentInstance.id}/members/${uid}` };
+  },
+  {
+    name: "getAuth",
+    maxAge: 60 * 60,
+    // 1 hour
+    getKey(_, authorization) {
+      if (!authorization) return "guest";
+      return createHash("sha256").update(authorization).digest("hex");
+    }
+  }
+);

package/dist/runtime/server/utils/cache.d.ts

@@ -0,0 +1,21 @@
+import { type EventHandlerRequest, type EventHandlerResponse } from "h3";
+import type { CachedEventHandler, CachedH3Event } from "../types/index.js";
+interface CachedEventHandlerOptions<T extends EventHandlerRequest = EventHandlerRequest> {
+    /** Optional key generator */
+    getKey?: (...args: [CachedH3Event<T>]) => string | Promise<string>;
+    /** Partition cache by instance */
+    instanceOnly?: boolean;
+}
+/**
+ * Conditionally cache event data.
+ * Bypasses cache for admin purposes
+ * Caches by instance by default
+ *
+ * @cache 30 seconds
+ *
+ * @param handler event handler, should have its own error handling
+ * @param options optional key generator and instanceOnly flag
+ * @returns event handler
+ */
+export declare const defineConditionallyCachedEventHandler: <T extends EventHandlerRequest, D extends EventHandlerResponse = EventHandlerResponse>(handler: CachedEventHandler<T, D>, { getKey, instanceOnly }?: CachedEventHandlerOptions<T>) => CachedEventHandler<T, D>;
+export {};

package/dist/runtime/server/utils/cache.js

@@ -0,0 +1,20 @@
+import { defineEventHandler } from "h3";
+import { defineCachedEventHandler } from "nitropack/runtime";
+import { debugNitro } from "../utils/environment.js";
+import { sudo } from "#internal/firebase-nuxt";
+export const defineConditionallyCachedEventHandler = (handler, { getKey, instanceOnly = true } = {}) => {
+  const cachedHandler = defineCachedEventHandler(handler, {
+    maxAge: 30,
+    // 30 seconds
+    getKey: instanceOnly ? (event) => {
+      const { currentInstanceHost } = event.context;
+      const key = getKey?.(event) || event.path;
+      if (currentInstanceHost) return `${currentInstanceHost}:${key}`;
+      return key;
+    } : getKey
+  });
+  return defineEventHandler(async (event) => {
+    if (sudo(event.context) || debugNitro) return handler(event);
+    return cachedHandler(event);
+  });
+};

package/dist/runtime/server/utils/environment.d.ts

@@ -0,0 +1,45 @@
+import type { FirebaseOptions } from "firebase/app";
+import { eCacheControl } from "../../functions/utils/enums.js";
+/**
+ * Public runtime config
+ */
+export interface FirebaseNuxtPublicRuntimeConfig {
+    appName: string;
+    production: boolean;
+    forcedInstanceId: string;
+    indexable: boolean;
+    tenants: boolean;
+    firebaseConfig: Required<Omit<FirebaseOptions, "databaseURL">>;
+    recaptchaEnterpriseKey: string;
+    debugAppCheck: boolean;
+    debugFirebase: boolean;
+    cache: {
+        none: eCacheControl;
+        frequent: eCacheControl;
+        normal: eCacheControl;
+        midterm: eCacheControl;
+        longterm: eCacheControl;
+    };
+}
+export declare const port: number;
+export declare const production: boolean;
+export declare const indexable: boolean;
+export declare const origin: string;
+export declare const forcedInstanceId: string;
+export declare const appName: string;
+export declare const debugNuxt: boolean;
+export declare const debugNitro: boolean;
+export declare const debugCSS: boolean;
+export declare const debugAppCheck: boolean;
+export declare const debugFirebase: boolean;
+export declare const storageBucket: string;
+export declare const projectId: string;
+export declare const privateKey: string;
+export declare const clientEmail: string;
+/** App check, public key */
+export declare const recaptchaEnterpriseKey: string;
+export declare const fontsApiKey: string;
+/**
+ * Public runtime config
+ */
+export declare const publicRuntimeConfig: FirebaseNuxtPublicRuntimeConfig;

package/dist/runtime/server/utils/environment.js

@@ -0,0 +1,50 @@
+import { defineString, defineBoolean, defineInt } from "firebase-functions/params";
+import { eCacheControl } from "../../functions/utils/enums.js";
+const environment = defineString("NODE_ENV", { default: "development" });
+export const port = defineInt("PORT", { default: 3e3 }).value() || 3e3;
+export const production = environment.equals("production").value();
+export const indexable = defineBoolean("INDEXABLE", { default: false }).value();
+export const origin = defineString("ORIGIN").value();
+export const forcedInstanceId = defineString("INSTANCE").value();
+export const appName = defineString("APP_NAME").value();
+export const debugNuxt = !production && defineBoolean("DEBUG_NUXT", { default: false }).value();
+export const debugNitro = !production && defineBoolean("DEBUG_NITRO", { default: false }).value();
+export const debugCSS = !production && defineBoolean("DEBUG_CSS", { default: false }).value();
+export const debugAppCheck = !production && defineBoolean("DEBUG_APP_CHECK", { default: false }).value();
+export const debugFirebase = !production && defineBoolean("DEBUG_FIREBASE", { default: false }).value();
+export const storageBucket = defineString("F_STORAGE_BUCKET").value();
+export const projectId = defineString("F_PROJECT_ID").value();
+export const privateKey = defineString("F_PRIVATE_KEY").value();
+export const clientEmail = defineString("F_CLIENT_EMAIL").value();
+export const recaptchaEnterpriseKey = defineString("RECAPTCHA_ENTERPRISE_SITE_KEY").value();
+export const fontsApiKey = defineString("FONTS_API_KEY").value();
+const firebaseConfig = {
+  projectId,
+  apiKey: defineString("F_API_KEY").value(),
+  authDomain: defineString("F_AUTH_DOMAIN").value(),
+  storageBucket,
+  messagingSenderId: defineString("F_MESSAGING_SENDER_ID").value(),
+  appId: defineString("F_APP_ID").value(),
+  measurementId: defineString("F_MEASUREMENT_ID").value()
+};
+export const publicRuntimeConfig = {
+  // App
+  appName,
+  production,
+  forcedInstanceId,
+  indexable,
+  // Firebase
+  firebaseConfig,
+  recaptchaEnterpriseKey,
+  debugAppCheck,
+  debugFirebase,
+  // Utils
+  cache: {
+    none: eCacheControl.NONE,
+    frequent: eCacheControl.FREQUENT,
+    normal: eCacheControl.NORMAL,
+    midterm: eCacheControl.MIDTERM,
+    longterm: eCacheControl.LONGTERM
+  },
+  tenants: false
+};

package/dist/runtime/server/utils/firebase.d.ts

@@ -0,0 +1,9 @@
+import type { H3Event } from "h3";
+import type { tLogger } from "@open-xamu-co/ui-common-types";
+export declare function getServerFirebase(at?: string): {
+    firebaseApp: import("firebase-admin/app").App;
+    firebaseFirestore: FirebaseFirestore.Firestore;
+    firebaseAuth: import("firebase-admin/auth").Auth;
+    firebaseStorage: import("firebase-admin/storage").Storage;
+};
+export declare function apiLogger(event: H3Event, ...args: Parameters<tLogger>): void;

package/dist/runtime/server/utils/firebase.js

@@ -0,0 +1,13 @@
+import { cert } from "firebase-admin/app";
+import { clientEmail, privateKey, projectId } from "../utils/environment.js";
+import { makeLogger } from "../../client/utils/logger.js";
+import { getFirebase } from "../../functions/utils/firebase.js";
+export function getServerFirebase(at = "Unknown") {
+  const credential = cert({ projectId, privateKey, clientEmail });
+  return getFirebase(at, { credential });
+}
+export function apiLogger(event, ...args) {
+  const { currentAuth, currentInstance } = event.context || {};
+  const logger = makeLogger({ instanceId: currentInstance?.id, authId: currentAuth?.uid });
+  return logger(...args);
+}