@opengis/fastify-table 2.0.0 → 2.0.2

package/dist/index.js

@@ -1,3 +1,4 @@
+import fp from "fastify-plugin";
 import path from "node:path";
 import { existsSync, readdirSync, readFileSync } from "node:fs";
 import { fileURLToPath } from "node:url";
@@ -16,32 +17,20 @@ import metricPlugin from "./server/plugins/metric/index.js";
 import redisPlugin from "./server/plugins/redis/index.js";
 import loggerPlugin from "./server/plugins/logger/index.js";
 import authPlugin from "./server/plugins/auth/index.js";
-// routes
-import cronRoutes from "./server/routes/cron/index.js";
-import crudRoutes from "./server/routes/crud/index.js";
-import loggerRoutes from "./server/routes/logger/index.js";
-import propertiesRoutes from "./server/routes/properties/index.js";
-import tableRoutes from "./server/routes/table/index.js";
-import utilRoutes from "./server/routes/util/index.js";
-import accessRoutes from "./server/routes/access/index.js";
 // utils
 import addTemplateDir from "./server/plugins/table/funcs/addTemplateDir.js";
 import execMigrations from "./server/plugins/migration/exec.migrations.js";
 import locales from "./server/routes/table/controllers/utils/locales.js";
 import pgClients from "./server/plugins/pg/pgClients.js";
-import dblistRoutes from "./server/routes/dblist/index.js";
-import menuRoutes from "./server/routes/menu/index.js";
-import templatesRoutes from "./server/routes/templates/index.js";
-import widgetRoutes from "./server/routes/widget/index.js";
-import authRoutes from "./server/routes/auth/index.js";
 // core templates && cls
 const filename = fileURLToPath(import.meta.url);
 const cwd = path.dirname(filename);
 async function plugin(fastify, opt) {
-    config.pg = opt.pg;
-    config.redis = opt.redis;
-    config.root = opt.root;
-    config.mapServerRoot = opt.mapServerRoot;
+    const prefix = opt.prefix ?? "/api";
+    config.pg = opt.pg || config.pg;
+    config.redis = opt.redis || config.redis;
+    config.root = opt.root || config.root;
+    config.mapServerRoot = opt.mapServerRoot || config.mapServerRoot;
     // fastify.register(import('@fastify/sensible'), {
     //   errorHandler: false,
     // });
@@ -80,15 +69,16 @@ async function plugin(fastify, opt) {
     // core templates && cls
     config.templates?.forEach((el) => addTemplateDir(el));
     addTemplateDir(path.join(cwd, "module/core"));
-    // plugins / utils / funcs
-    await authPlugin(fastify, config); // fastify-auth api + hooks integrated to core
-    policyPlugin(fastify);
+    // plugins
+    policyPlugin(fastify); // !first
+    // ! fastify-auth api + hooks integrated to core
+    await authPlugin(fastify); // ! session, before any route
     metricPlugin();
     redisPlugin(fastify);
-    await pgPlugin(fastify, opt);
-    await sqlitePlugin(fastify, opt);
+    await pgPlugin(fastify);
+    await sqlitePlugin(fastify);
     cronPlugin();
-    loggerPlugin(fastify, opt);
+    loggerPlugin(fastify);
     if (config.rateLimit !== false) {
         await fastify.register(import("@fastify/rate-limit"), {
             max: parseInt(config.rateLimit?.max || 100),
@@ -98,30 +88,30 @@ async function plugin(fastify, opt) {
             keyGenerator: (req) => `${req.ip}-${req.raw.url.split("?")[0]}`,
         });
     }
+    // routes / api
     if (config.dblist) {
-        dblistRoutes(fastify);
+        fastify.register(import("./server/routes/dblist/index.js")); // ! without prefix
     }
-    // routes / api
-    cronRoutes(fastify);
-    crudRoutes(fastify);
-    loggerRoutes(fastify);
-    propertiesRoutes(fastify);
-    tableRoutes(fastify, opt);
-    utilRoutes(fastify);
-    accessRoutes(fastify, opt);
-    widgetRoutes(fastify, opt);
-    menuRoutes(fastify, opt);
-    templatesRoutes(fastify, opt);
-    authRoutes(fastify, opt); // from fastify-auth
-    // fastify.register(import("./server/routes/auth/index.js"));
-    // from fastify-file
+    fastify.register(import("./server/routes/cron/index.js"), { prefix });
+    fastify.register(import("./server/routes/crud/index.js"), { prefix });
+    fastify.register(import("./server/routes/logger/index.js")); // ! without prefix
+    fastify.register(import("./server/routes/properties/index.js"), { prefix });
+    fastify.register(import("./server/routes/table/index.js"), { prefix });
+    fastify.register(import("./server/routes/util/index.js"), { prefix });
+    fastify.register(import("./server/routes/access/index.js"), { prefix });
+    fastify.register(import("./server/routes/menu/index.js"), { prefix });
+    fastify.register(import("./server/routes/templates/index.js"), { prefix });
+    fastify.register(import("./server/routes/widget/index.js"), { prefix });
+    // ! from fastify-auth, without prefix
+    fastify.register(import("./server/routes/auth/index.js"));
+    // ! from fastify-file, without prefix
     await fastify.register(import("@fastify/multipart"), {
         limits: {
             fileSize: maxFileSize * 1024 * 1024,
         },
     }); // content parser, await before adding upload routes
-    fastify.register(import("./server/routes/file/index.js"), opt);
-    fastify.register(import("./server/routes/grpc/index.js"), opt);
+    fastify.register(import("./server/routes/file/index.js"));
+    fastify.register(import("./server/routes/grpc/index.js"));
     config.proxy?.forEach?.((el) => {
         if (execName === "bun") {
             fastify.all(`${el.source}/*`, async (req, reply) => {
@@ -167,4 +157,4 @@ async function plugin(fastify, opt) {
         }
     });
 }
-export default plugin;
+export default fp(plugin);

package/dist/server/plugins/auth/funcs/authorizeUser.js

@@ -51,13 +51,18 @@ export default async function authorizeUser(user, req, loginType = "login", expi
     if (req.method === "POST") {
         return { message: "ok", status: "200" };
     }
+    const redirectUrl = req.headers?.referer?.match?.(/[?&]redirect=([^&]+)/)?.[1] || "/";
+    if (config.auth?.["2factor"]) {
+        return ("/2factor?redirect=" +
+            (href ||
+                config.auth?.redirectAfter ||
+                (redirectUrl.startsWith("/") ? redirectUrl : "/")));
+    }
     if (href) {
         return href;
     }
     if (config.auth?.redirectAfter) {
         return config.auth?.redirectAfter;
     }
-    const redirectUrl = req.headers?.referer?.match?.(/[?&]redirect=([^&]+)/)?.[1] || "/";
-    // logger.debug('login', { redirect, ref: headers?.referer, sid: req.sid });
     return redirectUrl.startsWith("/") ? redirectUrl : "/";
 }

package/dist/server/plugins/auth/index.js

@@ -1,17 +1,32 @@
-// import fp from "fastify-plugin";
+import { existsSync } from "node:fs";
 import cookie from "@fastify/cookie";
 import session from "@fastify/session";
-// import fastifyPassport from "@fastify/passport";
 import { Authenticator } from "@fastify/passport";
 import RedisStore from "fastify-session-redis-store";
 import config from "../../../config.js";
 import getRedis from "../redis/funcs/getRedis.js";
 const fastifyPassport = new Authenticator();
 const { prefix = "/api" } = config;
-async function plugin(fastify, opt = config) {
-    if (!opt.redis) {
+async function plugin(fastify) {
+    if (!config.redis) {
         return;
     }
+    await fastify.register(cookie, {
+        parseOptions: config?.auth?.cookieOptions || { secure: false },
+    });
+    await fastify.register(session, {
+        secret: config?.auth?.secret || "61b820e12858570a4b0633020d4394a17903d9a9",
+        cookieName: "session_auth",
+        cookie: config?.auth?.cookieOptions || { secure: false },
+        store: new RedisStore({ client: getRedis({ db: 10 }) }),
+    });
+    // register passport AFTER session is ready
+    await fastify.register(fastifyPassport.initialize());
+    await fastify.register(fastifyPassport.secureSession());
+    // serialize user used to store user info in session store
+    fastifyPassport.registerUserSerializer(async (user) => ({ user }));
+    // deserialize user used to add user info from session store to req
+    fastifyPassport.registerUserDeserializer(async (passport) => passport?.user || passport);
     fastify.addHook("onRequest", async (req, reply) => {
         const { pg, hostname, headers, routeOptions } = req;
         const { policy = [] } = routeOptions?.config || {};
@@ -35,8 +50,8 @@ async function plugin(fastify, opt = config) {
         const isPublic = Array.isArray(policy)
             ? policy.includes("public")
             : policy === "L0";
-        // if 2factor is enabled and secondFactor not true => redirect to 2factor login page
-        const { secondFactor, passport = {} } = req.session || {}; // base login +
+        // if 2factor is enabled globally + for user and secondFactorPassed not true => redirect to 2factor login page
+        const { secondFactorPassed, passport = {} } = req.session || {}; // base login +
         if (!passport.user?.uid &&
             (config.auth?.disable || config.auth?.user) &&
             !isPublic) {
@@ -57,7 +72,8 @@ async function plugin(fastify, opt = config) {
             console.log("req.user?.uid", req.user?.uid, "req.session?.passport?.user?.uid", req.session?.passport?.user?.uid, "config.auth", config.auth);
         }
         // currently 2factor + auth with passwd file not supported
-        const ispasswd = !pg?.pk?.["admin.users"] || config.auth?.passwd;
+        const ispasswd = (existsSync("passwd") && !config.auth?.["2factor"]) ||
+            config.auth?.passwd;
         if (!passport.user?.uid &&
             !config.auth?.disable &&
             isAdmin &&
@@ -68,43 +84,18 @@ async function plugin(fastify, opt = config) {
             return reply.redirect(`${config?.auth?.redirect || "/login"}` + `?redirect=${req.url}`);
         }
         if (passport.user?.uid &&
-            !config.auth?.disable &&
+            passport.user?.twofa &&
             config.auth?.["2factor"] &&
-            isAdmin &&
+            !isPublic &&
             (routeOptions?.method || "GET") === "GET" &&
-            !secondFactor &&
+            !secondFactorPassed &&
             !ispasswd) {
-            if (![
-                "/logout",
-                "/2factor",
-                "/2factor?recovery=1",
-                "/2factor/verify",
-                "/2factor/recovery",
-                "/user",
-                config.auth?.["2factorRedirect"],
-            ]
-                .filter((el) => el)
-                .includes(req.url)) {
-                return reply.redirect(config.auth?.["2factorRedirect"] || "/2factor");
+            const href = config.auth?.["2factorRedirect"] || "/2factor";
+            if (!href.includes(req.url)) {
+                return reply.redirect(href);
             }
         }
         return null;
     });
-    await fastify.register(cookie, {
-        parseOptions: opt?.auth?.cookieOptions || { secure: false },
-    });
-    await fastify.register(session, {
-        secret: opt?.auth?.secret || "61b820e12858570a4b0633020d4394a17903d9a9",
-        cookieName: "session_auth",
-        cookie: opt?.auth?.cookieOptions || { secure: false },
-        store: new RedisStore({ client: getRedis({ db: 10 }) }),
-    });
-    // register passport AFTER session is ready
-    await fastify.register(fastifyPassport.initialize());
-    await fastify.register(fastifyPassport.secureSession());
-    // serialize user used to store user info in session store
-    fastifyPassport.registerUserSerializer(async (user) => ({ user }));
-    // deserialize user used to add user info from session store to req
-    fastifyPassport.registerUserDeserializer(async (passport) => passport?.user || passport);
 }
 export default plugin;

package/dist/server/plugins/logger/index.js

@@ -1,7 +1,7 @@
 import errorMessage from "./errorMessage.js";
 import logger from "./getLogger.js";
 import pgClients from "../pg/pgClients.js";
-async function plugin(fastify, opt) {
+async function plugin(fastify) {
     fastify.addHook("onResponse", async (req, reply) => {
         if (reply?.statusCode && reply.statusCode >= 400) {
             logger.metrics(`error-count:${reply.statusCode}`);

package/dist/server/plugins/pg/index.js

@@ -1,3 +1,4 @@
+import config from "../../../config.js";
 import pgClients from "./pgClients.js";
 import getPGAsync from "./funcs/getPGAsync.js";
 import logger from "../logger/getLogger.js";
@@ -6,7 +7,7 @@ function close() {
         pgClients[el].end();
     });
 }
-async function getHeadersPG(req, config) {
+async function getHeadersPG(req) {
     if (!req.headers?.token)
         return null;
     const validToken = (req.ip === "193.239.152.181" ||
@@ -21,10 +22,10 @@ async function getHeadersPG(req, config) {
     }
     return null;
 }
-async function plugin(fastify, config) {
+async function plugin(fastify) {
     const client = await getPGAsync({ ...(config.pg || {}), name: "client" });
     fastify.addHook("onRequest", async (req) => {
-        const headersPG = await getHeadersPG(req, config);
+        const headersPG = await getHeadersPG(req);
         req.pg = headersPG || req.pg || client || pgClients.client;
         if (headersPG) {
             req.user = { uid: req.headers?.uid };

package/dist/server/plugins/sqlite/index.js

@@ -1,6 +1,6 @@
 import fp from "fastify-plugin";
 import sqliteClients from "./sqliteClients.js";
-async function dbPlugin(app, opt) {
+async function dbPlugin(app) {
     app.addHook("onClose", async () => {
         Object.keys(sqliteClients).forEach((key) => sqliteClients[key].close());
     });

package/dist/server/routes/access/index.js

@@ -2,9 +2,8 @@ import accessGroup from "./controllers/access.group.js";
 import accessGroupPost from "./controllers/access.group.post.js";
 import accessInterface from "./controllers/access.interface.js";
 import { accessGroupPostSchema, accessGroupSchema, accessInterfaceSchema, } from "./schema.js";
-export default async function route(fastify, config = {}) {
-    const { prefix = "/api" } = config;
-    fastify.get(`${prefix}/access-group/:id`, { schema: accessGroupSchema }, accessGroup);
-    fastify.post(`${prefix}/access-group/:id`, { schema: accessGroupPostSchema }, accessGroupPost);
-    fastify.get(`${prefix}/access-interface/:name`, { schema: accessInterfaceSchema }, accessInterface);
+export default async function route(fastify, opt = {}) {
+    fastify.get("/access-group/:id", { schema: accessGroupSchema }, accessGroup);
+    fastify.post("/access-group/:id", { schema: accessGroupPostSchema }, accessGroupPost);
+    fastify.get("/access-interface/:name", { schema: accessInterfaceSchema }, accessInterface);
 }

package/dist/server/routes/auth/controllers/2factor/verify.js

@@ -1,13 +1,13 @@
-import path from 'node:path';
-import { fileURLToPath } from 'url';
-import { readFile } from 'node:fs/promises';
-import config from '../../../../../config.js';
-import getTemplate from '../../../../plugins/table/funcs/getTemplate.js';
-import pgClients from '../../../../plugins/pg/pgClients.js';
-import { handlebars } from '../../../../helpers/index.js';
-import { verify, enableSecret } from './providers/totp.js';
-import sendNotification from '../../../../plugins/auth/funcs/sendNotification.js';
-const template = 'recovery-codes-email-template';
+import path from "node:path";
+import { fileURLToPath } from "url";
+import { readFile } from "node:fs/promises";
+import config from "../../../../../config.js";
+import getTemplate from "../../../../plugins/table/funcs/getTemplate.js";
+import pgClients from "../../../../plugins/pg/pgClients.js";
+import { handlebars } from "../../../../helpers/index.js";
+import { verify, enableSecret } from "./providers/totp.js";
+import sendNotification from "../../../../plugins/auth/funcs/sendNotification.js";
+const template = "recovery-codes-email-template";
 const dirname = path.dirname(fileURLToPath(import.meta.url));
 /**
  * Перевірка двохфакторної авторизації для користувача
@@ -27,31 +27,39 @@ const dirname = path.dirname(fileURLToPath(import.meta.url));
  * @returns {String} redirect Шлях до переадресації
  */
 export default async function verifyFunction(req, reply) {
-    const { pg = pgClients.client, session = {}, body = {}, query = {}, } = req;
+    const { pg = pgClients.client, session = {}, body = {} } = req;
     const { uid, email } = session?.passport?.user || {};
     // const { nocache = config.local } = query;
     const { code } = body;
-    if (!config?.auth?.['2factor']) {
-        return reply.status(400).send('2fa not enabled');
+    if (!config?.auth?.["2factor"]) {
+        return reply.status(400).send("2fa not enabled");
     }
     if (!config.pg) {
-        return reply.status(400).send('empty pg');
+        return reply.status(400).send("empty pg");
     }
     if (!code) {
-        return reply.status(400).send('not enough params');
+        return reply.status(400).send("not enough params");
     }
     try {
         const { enabled } = await verify({ uid, code, pg });
         await enableSecret({
-            pg, TYPE: 'TOTP', uid,
+            pg,
+            TYPE: "TOTP",
+            uid,
         });
-        req.session.secondFactor = true;
+        req.session.secondFactorPassed = true;
         if (!enabled) {
-            const { recoveryCodes } = await pg.query(`select social_auth_obj->'codesArray' as "recoveryCodes" 
-      from admin.users_social_auth where uid=$1 and social_auth_type='TOTP'`, [uid])?.then((el) => el.rows?.[0] || {});
-            const customPt = await getTemplate('pt', template);
-            const pt = customPt || await readFile(path.join(dirname, `../templates/pt/${template}.html`), 'utf8');
-            const html = await handlebars.compile(pt)({ recoveryCodes, domain: `${req.protocol || 'https'}://${req.hostname}` });
+            const { recoveryCodes } = await pg
+                .query(`select social_auth_obj->'codesArray' as "recoveryCodes" 
+      from admin.users_social_auth where uid=$1 and social_auth_type='TOTP'`, [uid])
+                ?.then((el) => el.rows?.[0] || {});
+            const customPt = await getTemplate("pt", template);
+            const pt = customPt ||
+                (await readFile(path.join(dirname, `../templates/pt/${template}.html`), "utf8"));
+            const html = await handlebars.compile(pt)({
+                recoveryCodes,
+                domain: `${req.protocol || "https"}://${req.hostname}`,
+            });
             await sendNotification({
                 pg,
                 to: email,
@@ -60,7 +68,8 @@ export default async function verifyFunction(req, reply) {
                 nocache: config.local || config.debug,
             });
         }
-        return reply.redirect('/');
+        const redirectUrl = req.headers?.referer?.match?.(/[?&]redirect=([^&]+)/)?.[1] || "/";
+        return reply.redirect(redirectUrl.startsWith("/") ? redirectUrl : "/");
     }
     catch (err) {
         return reply.status(500).send(err.toString());

package/dist/server/routes/auth/controllers/core/login.js

@@ -10,8 +10,8 @@ import loginFile from "../../../../plugins/auth/funcs/loginFile.js";
  *
  */
 export default async function login(req, reply) {
-    const exists = existsSync("passwd");
-    if (exists && !req.unittest && !config.auth?.disablePasswd) {
+    const ispasswd = existsSync("passwd") && !config.auth?.["2factor"];
+    if (ispasswd && !req.unittest && !config.auth?.disablePasswd) {
         // login with passwd file
         const res = await loginFile(req, reply);
         return res;

package/dist/server/routes/auth/controllers/page/login2faTemplate.js

@@ -43,7 +43,7 @@ export default async function loginTemplate(req, reply) {
         : await generate({ uid, pg });
     /* -- access recovery start */
     // user already authorized via euSign / social / login
-    if (uid && !req.session?.secondFactor && req.query?.recovery) {
+    if (uid && !req.session?.secondFactorPassed && req.query?.recovery) {
         const defaultPagePath = path.join(dirname, "../../server/templates/page/2factor-recovery.html");
         const customBodyRecovery = await getTemplate("page", "2factor-recovery");
         const bodyRecovery = customBodyRecovery || (await readFile(defaultPagePath, "utf8"));
@@ -54,12 +54,10 @@ export default async function loginTemplate(req, reply) {
         return reply.headers(headers).send(html);
     }
     /* -- access recovery end -- */
-    if (req.session?.secondFactor) {
+    if (req.session?.secondFactorPassed) {
         return reply.redirect("/");
     }
-    const base64 = !enabled && otp
-        ? await qr.toDataURL(otp)
-        : "";
+    const base64 = !enabled && otp ? await qr.toDataURL(otp) : "";
     const qrCode = base64 ? `<img src="${base64}" alt="qrcode">` : "";
     const html = await handlebars.compile(body)({
         secretKey: qrCode ? secret || key : undefined,

package/dist/server/routes/auth/index.js

@@ -1,5 +1,3 @@
-// import fp from "fastify-plugin";
-import config from "../../../config.js";
 // login-password
 import login from "./controllers/core/login.js";
 import registration from "./controllers/core/registration.js";
@@ -20,7 +18,7 @@ import login2faTemplate from "./controllers/page/login2faTemplate.js";
 import oauthAuthorize from "./controllers/jwt/authorize.js";
 import oauthToken from "./controllers/jwt/token.js";
 const params = { config: { policy: "L0" } };
-async function plugin(app, opt = config) {
+async function plugin(app, opt = {}) {
     if (opt.routes === false) {
         return;
     }

package/dist/server/routes/cron/index.js

@@ -7,9 +7,7 @@ const cronSchema = {
         },
     },
 };
-const policy = ["site", "admin"];
-async function plugin(app, config = { prefix: "/api" }) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/cron/:name`, { config: { policy }, schema: cronSchema }, cronApi);
+async function plugin(app, opt = {}) {
+    app.get("/cron/:name", { config: { policy: "L0" }, schema: cronSchema }, cronApi);
 }
 export default plugin;

package/dist/server/routes/crud/index.js

@@ -11,12 +11,11 @@ const tableSchema = {
         },
     },
 };
-const policy = ["public"];
-async function plugin(app, config = { prefix: "/api" }) {
-    const { prefix = "/api" } = config;
-    app.put(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, update);
-    app.delete(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, deleteCrud);
-    app.post(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, insert);
-    app.get(`${prefix}/table/:table/:id?`, { config: { policy }, schema: tableSchema }, table);
+const policy = "L0";
+async function plugin(app, opt = {}) {
+    app.put("/table/:table/:id?", { config: { policy }, schema: tableSchema }, update);
+    app.delete("/table/:table/:id?", { config: { policy }, schema: tableSchema }, deleteCrud);
+    app.post("/table/:table/:id?", { config: { policy }, schema: tableSchema }, insert);
+    app.get("/table/:table/:id?", { config: { policy }, schema: tableSchema }, table);
 }
 export default plugin;

package/dist/server/routes/dblist/index.js

@@ -2,16 +2,20 @@ import readItemList from "./controllers/readItems.js";
 import setItem from "./controllers/setItem.js";
 const policy = ["site"];
 export default async function plugin(app) {
-    app.route({
-        method: "GET",
-        url: "/db-list",
-        config: { policy },
-        handler: readItemList,
-    });
-    app.route({
-        method: "GET",
-        url: "/db-list/:id",
-        config: { policy },
-        handler: setItem,
-    });
+    if (!app.hasRoute({ method: "GET", url: "/db-list" })) {
+        app.route({
+            method: "GET",
+            url: "/db-list",
+            config: { policy },
+            handler: readItemList,
+        });
+    }
+    if (!app.hasRoute({ method: "GET", url: "/db-list/:id" })) {
+        app.route({
+            method: "GET",
+            url: "/db-list/:id",
+            config: { policy },
+            handler: setItem,
+        });
+    }
 }

package/dist/server/routes/file/index.js

@@ -1,4 +1,3 @@
-import fp from "fastify-plugin";
 import files from "./controllers/files.js";
 import resize from "./controllers/resize.js";
 import resizeAll from "./controllers/resizeAll.js";
@@ -8,8 +7,7 @@ import exportTable from "./controllers/export.js";
 import uploadImage from "./controllers/uploadImage.js";
 import deleteFileAPI from "./controllers/delete.js";
 import { resizeSchema } from "./schema.js";
-async function plugin(app, config = {}) {
-    const { prefix = "/api" } = config;
+async function plugin(app, opt = {}) {
     app.get("/files/*", { config: { policy: ["public"] } }, files);
     app.get("/file/resize", { config: { policy: ["public"] }, schema: resizeSchema }, resize);
     app.get("/api/resize-all", { config: { policy: ["admin", "site"] }, schema: resizeSchema }, resizeAll);
@@ -17,6 +15,6 @@ async function plugin(app, config = {}) {
     app.post("/file/upload-image/*", { config: { policy: ["public"] } }, uploadImage);
     app.get("/file/download/*", { config: { policy: ["public"] } }, download);
     app.get("/file/delete/*", { config: { policy: ["public"] } }, deleteFileAPI);
-    app.get(`${prefix}/export`, { config: { policy: ["public"] } }, exportTable);
+    app.get(`/api/export`, { config: { policy: ["public"] } }, exportTable);
 }
-export default fp(plugin);
+export default plugin;

package/dist/server/routes/grpc/index.js

@@ -1,9 +1,7 @@
-import fp from "fastify-plugin";
 import file2geojson from "./controllers/file2geojson.js";
 import filePreview from "./controllers/filePreview.js";
 async function plugin(app, opts) {
-    const { prefix = "/api" } = opts || {};
-    app.post(`${prefix}/file2geojson`, { config: { policy: ["public"] } }, file2geojson);
-    app.get(`${prefix}/file-preview`, { config: { policy: ["public"] } }, filePreview);
+    app.post("/file2geojson", { config: { policy: ["public"] } }, file2geojson);
+    app.get("/file-preview", { config: { policy: ["public"] } }, filePreview);
 }
-export default fp(plugin);
+export default plugin;

package/dist/server/routes/logger/index.js

@@ -12,7 +12,7 @@ const loggerSchema = {
         additionalProperties: false,
     },
 };
-async function plugin(app) {
-    app.get("/logger-file/*", { config: { policy: ["public"], rateLimit: false }, schema: loggerSchema }, loggerFile);
+async function plugin(app, opt = {}) {
+    app.get("/logger-file/*", { config: { policy: "L0", rateLimit: false }, schema: loggerSchema }, loggerFile);
 }
 export default plugin;

package/dist/server/routes/menu/index.js

@@ -1,7 +1,6 @@
 import getMenu from "./controllers/getMenu.js";
 import interfaces from "./controllers/interfaces.js";
-export default async function route(app, config = {}) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/user-menu`, getMenu);
-    app.get(`${prefix}/interfaces`, { config: { policy: ["admin"] } }, interfaces);
+export default async function route(app, opt = {}) {
+    app.get("/user-menu", getMenu);
+    app.get("/interfaces", { config: { role: "admin" } }, interfaces);
 }

package/dist/server/routes/properties/index.js

@@ -12,10 +12,8 @@ const propertiesSchema = {
         },
     },
 };
-const policy = ["site"]; // cms etc.
-async function plugin(app, config = { prefix: "/api" }) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/settings-app/:entity?`, { config: { policy }, schema: propertiesSchema }, getAppSettings);
-    app.post(`${prefix}/settings-app/:entity?`, { config: { policy: ["admin"] } }, postAppSettings);
+async function plugin(app, opt = {}) {
+    app.get("/settings-app/:entity?", { config: { role: "admin" }, schema: propertiesSchema }, getAppSettings);
+    app.post("/settings-app/:entity?", { config: { role: "admin" } }, postAppSettings);
 }
 export default plugin;

package/dist/server/routes/table/index.js

@@ -1,3 +1,4 @@
+import config from "../../../config.js";
 import suggest from "./controllers/suggest.js";
 import data from "./controllers/tableData.js";
 import cardTabData from "./controllers/cardTabData.js";
@@ -12,13 +13,12 @@ import filter from "./controllers/filter.js";
 import form from "./controllers/getFormByTable.js";
 import loadTemplatePath from "../../plugins/table/funcs/loadTemplatePath.js";
 import { tableDataSchema, tableSchema, searchSchema, suggestSchema, formSchema, filterSchema, cardTabDataSchema, tableDataIdSchema, } from "./schema.js";
-const policy = ["public"];
-async function plugin(app, config) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/token-info/:token`, { config: { policy: ["admin"] } }, tokenInfo);
-    app.get(`${prefix}/table-filter/:table`, { config: { policy }, schema: filterSchema }, filter);
-    app.get(`${prefix}/table-info/:table/:id?`, { config: { policy }, schema: tableDataSchema }, tableInfo);
-    app.get(`${prefix}/suggest/:data`, {
+const policy = "L0";
+async function plugin(app, opt = {}) {
+    app.get("/token-info/:token", { config: { role: "admin" } }, tokenInfo);
+    app.get("/table-filter/:table", { config: { policy }, schema: filterSchema }, filter);
+    app.get("/table-info/:table/:id?", { config: { policy }, schema: tableDataSchema }, tableInfo);
+    app.get("/suggest/:data", {
         config: {
             policy,
             rateLimit: config.rateLimit
@@ -30,15 +30,15 @@ async function plugin(app, config) {
         },
         schema: suggestSchema,
     }, suggest);
-    app.get(`${prefix}/data/:table/:id?`, { config: { policy: ["public", "no-sql"] }, schema: tableSchema }, data);
-    app.get(`${prefix}/table-data/:table`, { config: { policy: ["user", "no-sql"] }, schema: tableDataSchema }, data);
-    app.get(`${prefix}/table-data/:table/:id`, { config: { policy }, schema: tableDataIdSchema }, cardData);
-    app.get(`${prefix}/data-info/:id?`, { config: { policy: ["public", "no-sql"] }, schema: tableSchema }, dataInfo);
-    app.get(`${prefix}/card-data/:token`, { config: { policy }, scheme: cardTabDataSchema }, cardTabData);
-    app.get(`${prefix}/card/:table/:id`, { config: { policy }, schema: tableSchema }, card);
-    app.get(`${prefix}/search`, { config: { policy }, schema: searchSchema }, search);
-    app.get(`${prefix}/templates`, () => loadTemplatePath);
-    app.get(`${prefix}/filter/:table`, { config: { policy }, schema: filterSchema }, filter);
-    app.get(`${prefix}/form/:name/:id?`, { config: { policy: ["user", "site"] }, schema: formSchema }, form);
+    app.get("/data/:table/:id?", { config: { policy }, schema: tableSchema }, data);
+    app.get("/table-data/:table", { config: { auth: "creds", policy: "L2" }, schema: tableDataSchema }, data);
+    app.get("/table-data/:table/:id", { config: { policy }, schema: tableDataIdSchema }, cardData);
+    app.get("/data-info/:id?", { config: { policy }, schema: tableSchema }, dataInfo);
+    app.get("/card-data/:token", { config: { policy }, scheme: cardTabDataSchema }, cardTabData);
+    app.get("/card/:table/:id", { config: { policy }, schema: tableSchema }, card);
+    app.get("/search", { config: { policy }, schema: searchSchema }, search);
+    app.get("/templates", () => loadTemplatePath);
+    app.get("/filter/:table", { config: { policy }, schema: filterSchema }, filter);
+    app.get("/form/:name/:id?", { config: { auth: "creds", policy: "L2" }, schema: formSchema }, form);
 }
 export default plugin;

package/dist/server/routes/templates/index.js

@@ -1,7 +1,6 @@
 import getTemplateApi from "./controllers/getTemplate.js";
 import { getTemplateSchema } from "./schema.js";
-const policy = ["public"];
-export default async function route(app, config = {}) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/template/:type/:name`, { config: { policy }, schema: getTemplateSchema }, getTemplateApi);
+const policy = "L0";
+export default async function route(app, opt = {}) {
+    app.get("/template/:type/:name", { config: { policy }, schema: getTemplateSchema }, getTemplateApi);
 }

package/dist/server/routes/util/index.js

@@ -1,17 +1,17 @@
+import config from "../../../config.js";
 import nextId from "./controllers/next.id.js";
 import statusMonitor from "./controllers/status.monitor.js";
 import userTokens from "./controllers/user.tokens.js";
 import codeGenerator from "./controllers/code.generator.js";
-async function plugin(app, config = { prefix: "/api" }) {
-    const { prefix = "/api" } = config;
-    app.get(`${prefix}/next-id`, { config: { policy: "L0" } }, nextId);
-    app.get(`${prefix}/status-monitor`, { config: { role: "admin" } }, statusMonitor);
-    app.get(`${prefix}/user-tokens/:token`, { config: { role: "admin|regular" } }, userTokens);
-    app.get(`${prefix}/code-gen/:token/:column/:id?`, { config: { role: "admin|regular" } }, codeGenerator);
-    app.get("/api/test-proxy", { config: { policy: "L0" } }, (req) => ({
+async function plugin(app, opt = {}) {
+    app.get("/next-id", { config: { policy: "L0" } }, nextId);
+    app.get("/status-monitor", { config: { role: "admin" } }, statusMonitor);
+    app.get("/user-tokens/:token", { config: { role: "admin|regular" } }, userTokens);
+    app.get("/code-gen/:token/:column/:id?", { config: { role: "admin|regular" } }, codeGenerator);
+    app.get("/test-proxy", { config: { policy: "L0" } }, (req) => ({
         ...(req.headers || {}),
         sessionId: req.session?.sessionId,
     }));
-    app.get("/api/config", { config: { role: "admin" } }, () => config);
+    app.get("/config", { config: { role: "admin" } }, () => config);
 }
 export default plugin;

package/dist/server/routes/widget/index.js

@@ -31,12 +31,11 @@ const tableSchema = {
     },
 };
 addHook("onWidgetSet", onWidgetSet);
-const policy = ["site"];
+const policy = "L0";
 const params = { config: { policy }, schema: tableSchema };
-export default async function route(app, config = {}) {
-    const { prefix = "/api" } = config;
-    app.delete(`${prefix}/widget/:type/:objectid/:id`, params, widgetDel);
-    app.post(`${prefix}/widget/:type/:objectid/:id?`, params, widgetSet);
-    app.put(`${prefix}/file-edit/:id`, params, fileEdit);
-    app.get(`${prefix}/widget/:type/:objectid`, { config: { policy: ["public"] }, schema: tableSchema }, widgetGet);
+export default async function route(app, opt = {}) {
+    app.delete("/widget/:type/:objectid/:id", params, widgetDel);
+    app.post("/widget/:type/:objectid/:id?", params, widgetSet);
+    app.put("/file-edit/:id", params, fileEdit);
+    app.get("/widget/:type/:objectid", { config: { policy }, schema: tableSchema }, widgetGet);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "type": "module",
   "description": "core-plugins",
   "keywords": [

package/dist/server.js

@@ -1,62 +0,0 @@
-/* eslint-disable no-return-assign */
-// This file contains code that we reuse
-// between our tests.
-import Fastify from 'fastify';
-
-import config from './config.js';
-import plugin from './index.js';
-import addHook from "./server/plugins/hook/funcs/addHook.js";
-import loginEuSign from './server/routes/auth/controllers/page/loginEuSign.js';
-
-import loggerTest from './server/routes/logger/controllers/logger.test.api.js';
-import { logger, addTemplateDir } from './utils.js';
-
-const cwd = process.cwd();
-
-const app = Fastify({ loggerInstance: logger });
-await app.register(plugin, config);
-
-// debug only
-app.get('/login1', { config: { policy: 'L0' } }, loginEuSign);
-addHook("afterAuth", async () => {
-  if (config.auth?.redirectAfter) return; // let config decide
-  return { href: "/user" }; // force redirect to specific page after login
-});
-
-addTemplateDir(`${cwd}/module/test`);
-
-app.get('/logger-test', { schema: {} }, loggerTest);
-app.get('/err', { schema: {} }, () => {
-  throw new Error('test error code 500');
-});
-
-app.get('/health', {
-  // preHandler: userJwt,
-  config: {
-    policy: 'L1', // L0, L1, L2
-    auth: 'user-jwt', // none, user-jwt, creds 
-    role: 'admin',    // role
-    scope: 'logger',  // logger, admin, gis, bi 
-    rateLimit: { max: 100, timeWindow: '1 minute', hook: 'preHandler' },
-    cors: { origins: ['https://app.example.com'] },
-    rbac: { resource: 'id', action: 'add' },
-  }
-}, async () => ({ ok: true }));
-
-/* addCron(async function testCron() {
-  return (config.local || true) ? null : { message: 'Done', status: 200 };
-}, 60 * 1); */
-
-/* const user = { user_type: config.auth?.type || 'admin', uid: config.auth?.uid || '2' };
-app.addHook('onRequest', async (req) => {
-  req.user = user;
-}); */
-
-app.listen({ host: config.host || '0.0.0.0', port: config.port || process.env.PORT || 3000 }, (err) => {
-  console.log(`Server started via port: ${config.port || process.env.PORT || 3000}`);
-  if (err) {
-    console.error(err.toString());
-    logger.error(err);
-    process.exit(1);
-  }
-});