@orpc/server 0.0.0-next.df024bb → 0.0.0-next.e0f01a5

package/dist/index.mjs

@@ -1,14 +1,16 @@
-import { mergeErrorMap, mergeMeta, mergeRoute, mergePrefix, mergeTags, isContractProcedure } from '@orpc/contract';
+import { mergeErrorMap, mergeMeta, mergeRoute, mergePrefix, mergeTags, isContractProcedure, getContractRouter } from '@orpc/contract';
 export { ValidationError, eventIterator, type } from '@orpc/contract';
-import { P as Procedure, d as addMiddleware, c as createProcedureClient, f as adaptRouter, h as flatLazy, l as lazy, s as setRouterContract, i as isProcedure, j as isLazy, k as createLazyProcedureFormAnyLazy, g as getRouterChild } from './shared/server.V6zT5iYQ.mjs';
-export { L as LAZY_LOADER_SYMBOL, a as convertPathToHttpPath, q as createAccessibleLazyRouter, b as createContractedProcedure, n as deepSetLazyRouterPrefix, r as eachAllContractProcedure, e as eachContractProcedure, o as getLazyRouterPrefix, m as getRouterContract, p as middlewareOutputFn, u as unlazy } from './shared/server.V6zT5iYQ.mjs';
+import { P as Procedure, b as addMiddleware, c as createProcedureClient, e as enhanceRouter, l as lazy, s as setHiddenRouterContract, i as isProcedure, d as isLazy, f as createAssertedLazyProcedure, g as getRouter } from './shared/server.C37gDhSZ.mjs';
+export { L as LAZY_SYMBOL, p as call, r as createAccessibleLazyRouter, a as createContractedProcedure, h as createORPCErrorConstructorMap, q as getHiddenRouterContract, j as getLazyMeta, n as isStartWithMiddlewares, m as mergeCurrentContext, o as mergeMiddlewares, k as middlewareOutputFn, w as resolveContractProcedures, t as traverseContractProcedures, u as unlazy, x as unlazyRouter, v as validateORPCError } from './shared/server.C37gDhSZ.mjs';
+import { toORPCError } from '@orpc/client';
 export { ORPCError, isDefinedError, safe } from '@orpc/client';
 export { onError, onFinish, onStart, onSuccess } from '@orpc/shared';
 export { getEventMeta, withEventMeta } from '@orpc/standard-server';
 
 const DEFAULT_CONFIG = {
   initialInputValidationIndex: 0,
-  initialOutputValidationIndex: 0
+  initialOutputValidationIndex: 0,
+  dedupeLeadingMiddlewares: true
 };
 function fallbackConfig(key, value) {
   if (value === void 0) {
@@ -18,7 +20,7 @@ function fallbackConfig(key, value) {
 }
 
 function decorateMiddleware(middleware) {
-  const decorated = middleware;
+  const decorated = (...args) => middleware(...args);
   decorated.mapInput = (mapInput) => {
     const mapped = decorateMiddleware(
       (options, input, ...rest) => middleware(options, mapInput(input), ...rest)
@@ -43,6 +45,17 @@ function decorateMiddleware(middleware) {
   return decorated;
 }
 
+function createActionableClient(client) {
+  const action = async (input) => {
+    try {
+      return [null, await client(input)];
+    } catch (error) {
+      return [toORPCError(error).toJSON(), void 0];
+    }
+  };
+  return action;
+}
+
 class DecoratedProcedure extends Procedure {
   errors(errors) {
     return new DecoratedProcedure({
@@ -73,16 +86,29 @@ class DecoratedProcedure extends Procedure {
    * Make this procedure callable (works like a function while still being a procedure).
    */
   callable(...rest) {
-    return Object.assign(createProcedureClient(this, ...rest), {
-      "~type": "Procedure",
-      "~orpc": this["~orpc"]
+    const client = createProcedureClient(this, ...rest);
+    return new Proxy(client, {
+      get: (target, key) => {
+        return Reflect.has(this, key) ? Reflect.get(this, key) : Reflect.get(target, key);
+      },
+      has: (target, key) => {
+        return Reflect.has(this, key) || Reflect.has(target, key);
+      }
     });
   }
   /**
-   * Make this procedure compatible with server action (the same as .callable, but the type is compatible with server action).
+   * Make this procedure compatible with server action.
    */
   actionable(...rest) {
-    return this.callable(...rest);
+    const action = createActionableClient(createProcedureClient(this, ...rest));
+    return new Proxy(action, {
+      get: (target, key) => {
+        return Reflect.has(this, key) ? Reflect.get(this, key) : Reflect.get(target, key);
+      },
+      has: (target, key) => {
+        return Reflect.has(this, key) || Reflect.has(target, key);
+      }
+    });
   }
 }
 
@@ -100,6 +126,7 @@ class Builder {
     return new Builder({
       ...this["~orpc"],
       config,
+      dedupeLeadingMiddlewares: fallbackConfig("dedupeLeadingMiddlewares", config.dedupeLeadingMiddlewares),
       inputValidationIndex: fallbackConfig("initialInputValidationIndex", config.initialInputValidationIndex) + inputValidationCount,
       outputValidationIndex: fallbackConfig("initialOutputValidationIndex", config.initialOutputValidationIndex) + outputValidationCount
     });
@@ -133,6 +160,12 @@ class Builder {
       route: initialRoute
     });
   }
+  $input(initialInputSchema) {
+    return new Builder({
+      ...this["~orpc"],
+      inputSchema: initialInputSchema
+    });
+  }
   middleware(middleware) {
     return decorateMiddleware(middleware);
   }
@@ -194,10 +227,10 @@ class Builder {
     });
   }
   router(router) {
-    return adaptRouter(router, this["~orpc"]);
+    return enhanceRouter(router, this["~orpc"]);
   }
   lazy(loader) {
-    return adaptRouter(flatLazy(lazy(loader)), this["~orpc"]);
+    return enhanceRouter(lazy(loader), this["~orpc"]);
   }
 }
 const os = new Builder({
@@ -205,17 +238,12 @@ const os = new Builder({
   route: {},
   meta: {},
   errorMap: {},
-  inputSchema: void 0,
-  outputSchema: void 0,
   inputValidationIndex: fallbackConfig("initialInputValidationIndex"),
   outputValidationIndex: fallbackConfig("initialOutputValidationIndex"),
-  middlewares: []
+  middlewares: [],
+  dedupeLeadingMiddlewares: true
 });
 
-function mergeContext(context, other) {
-  return { ...context, ...other };
-}
-
 function implementerInternal(contract, config, middlewares) {
   if (isContractProcedure(contract)) {
     const impl2 = new Builder({
@@ -223,12 +251,16 @@ function implementerInternal(contract, config, middlewares) {
       config,
       middlewares,
       inputValidationIndex: fallbackConfig("initialInputValidationIndex", config?.initialInputValidationIndex) + middlewares.length,
-      outputValidationIndex: fallbackConfig("initialOutputValidationIndex", config?.initialOutputValidationIndex) + middlewares.length
+      outputValidationIndex: fallbackConfig("initialOutputValidationIndex", config?.initialOutputValidationIndex) + middlewares.length,
+      dedupeLeadingMiddlewares: fallbackConfig("dedupeLeadingMiddlewares", config.dedupeLeadingMiddlewares)
     });
     return impl2;
   }
   const impl = new Proxy(contract, {
     get: (target, key) => {
+      if (typeof key !== "string") {
+        return Reflect.get(target, key);
+      }
       let method;
       if (key === "middleware") {
         method = (mid) => decorateMiddleware(mid);
@@ -242,23 +274,29 @@ function implementerInternal(contract, config, middlewares) {
         };
       } else if (key === "router") {
         method = (router) => {
-          const adapted = adaptRouter(router, {
+          const adapted = enhanceRouter(router, {
             middlewares,
-            errorMap: {}
+            errorMap: {},
+            prefix: void 0,
+            tags: void 0,
+            dedupeLeadingMiddlewares: fallbackConfig("dedupeLeadingMiddlewares", config.dedupeLeadingMiddlewares)
           });
-          return setRouterContract(adapted, contract);
+          return setHiddenRouterContract(adapted, contract);
         };
       } else if (key === "lazy") {
         method = (loader) => {
-          const adapted = adaptRouter(flatLazy(lazy(loader)), {
+          const adapted = enhanceRouter(lazy(loader), {
             middlewares,
-            errorMap: {}
+            errorMap: {},
+            prefix: void 0,
+            tags: void 0,
+            dedupeLeadingMiddlewares: fallbackConfig("dedupeLeadingMiddlewares", config.dedupeLeadingMiddlewares)
           });
-          return setRouterContract(adapted, contract);
+          return setHiddenRouterContract(adapted, contract);
         };
       }
-      const next = Reflect.get(target, key);
-      if (!next || typeof next !== "function" && typeof next !== "object") {
+      const next = getContractRouter(target, [key]);
+      if (!next) {
         return method ?? next;
       }
       const nextImpl = implementerInternal(next, config, middlewares);
@@ -285,49 +323,41 @@ function implement(contract, config = {}) {
         method = (config2) => implement(contract, config2);
       }
       const next = Reflect.get(target, key);
-      if (!next || typeof next !== "function" && typeof next !== "object") {
-        return method ?? next;
-      }
-      if (method) {
-        return new Proxy(method, {
-          get(_, key2) {
-            return Reflect.get(next, key2);
-          }
-        });
+      if (!method || !next || typeof next !== "function" && typeof next !== "object") {
+        return method || next;
       }
-      return next;
+      return new Proxy(method, {
+        get(_, key2) {
+          return Reflect.get(next, key2);
+        }
+      });
     }
   });
   return impl;
 }
 
-function call(procedure, input, ...rest) {
-  return createProcedureClient(procedure, ...rest)(input);
-}
-
 function createRouterClient(router, ...rest) {
   if (isProcedure(router)) {
     const caller = createProcedureClient(router, ...rest);
     return caller;
   }
-  const procedureCaller = isLazy(router) ? createProcedureClient(createLazyProcedureFormAnyLazy(router), ...rest) : {};
+  const procedureCaller = isLazy(router) ? createProcedureClient(createAssertedLazyProcedure(router), ...rest) : {};
   const recursive = new Proxy(procedureCaller, {
     get(target, key) {
       if (typeof key !== "string") {
         return Reflect.get(target, key);
       }
-      const next = getRouterChild(router, key);
+      const next = getRouter(router, [key]);
       if (!next) {
         return Reflect.get(target, key);
       }
-      const [options] = rest;
       return createRouterClient(next, {
-        ...options,
-        path: [...options?.path ?? [], key]
+        ...rest[0],
+        path: [...rest[0]?.path ?? [], key]
       });
     }
   });
   return recursive;
 }
 
-export { Builder, DecoratedProcedure, Procedure, adaptRouter, call, createLazyProcedureFormAnyLazy, createProcedureClient, createRouterClient, decorateMiddleware, fallbackConfig, flatLazy, getRouterChild, implement, implementerInternal, isLazy, isProcedure, lazy, mergeContext, os, setRouterContract };
+export { Builder, DecoratedProcedure, Procedure, addMiddleware, createActionableClient, createAssertedLazyProcedure, createProcedureClient, createRouterClient, decorateMiddleware, enhanceRouter, fallbackConfig, getRouter, implement, implementerInternal, isLazy, isProcedure, lazy, os, setHiddenRouterContract };

package/dist/plugins/index.d.mts

@@ -1,31 +1,125 @@
-import { d as StandardHandlerInterceptorOptions, P as Plugin, a as StandardHandlerOptions } from '../shared/server.BT-fqIEm.mjs';
-export { C as CompositePlugin } from '../shared/server.BT-fqIEm.mjs';
 import { Value } from '@orpc/shared';
-import { C as Context } from '../shared/server.ptXwNGQr.mjs';
-import '@orpc/contract';
-import '@orpc/standard-server';
-import '@orpc/client';
+import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
+import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
+import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.B1oIHH_j.mjs';
+import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.BVHsfJ99.mjs';
+import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
+import { ORPCError } from '@orpc/client';
 
-interface CORSOptions<TContext extends Context> {
-    origin?: Value<string | string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<TContext>]>;
-    timingOrigin?: Value<string | string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<TContext>]>;
-    allowMethods?: string[];
-    allowHeaders?: string[];
+interface BatchHandlerOptions<T extends Context> {
+    /**
+     * The max size of the batch allowed.
+     *
+     * @default 10
+     */
+    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Map the request before processing it.
+     *
+     * @default merged back batch request headers into the request
+     */
+    mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest;
+    /**
+     * Success batch response status code.
+     *
+     * @default 207
+     */
+    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * success batch response headers.
+     *
+     * @default {}
+     */
+    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+}
+declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly maxSize;
+    private readonly mapRequestItem;
+    private readonly successStatus;
+    private readonly headers;
+    order: number;
+    constructor(options?: BatchHandlerOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface CORSOptions<T extends Context> {
+    origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    timingOrigin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    allowMethods?: readonly string[];
+    allowHeaders?: readonly string[];
     maxAge?: number;
     credentials?: boolean;
-    exposeHeaders?: string[];
+    exposeHeaders?: readonly string[];
 }
-declare class CORSPlugin<TContext extends Context> implements Plugin<TContext> {
+declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
-    constructor(options?: Partial<CORSOptions<TContext>>);
-    init(options: StandardHandlerOptions<TContext>): void;
+    order: number;
+    constructor(options?: CORSOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
 }
 
 interface ResponseHeadersPluginContext {
     resHeaders?: Headers;
 }
-declare class ResponseHeadersPlugin<TContext extends ResponseHeadersPluginContext & Context> implements Plugin<TContext> {
-    init(options: StandardHandlerOptions<TContext>): void;
+declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> {
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
+    /**
+     * The name of the header to check.
+     *
+     * @default 'x-csrf-token'
+     */
+    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * The value of the header to check.
+     *
+     * @default 'orpc'
+     *
+     */
+    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Exclude a procedure from the plugin.
+     *
+     * @default false
+     *
+     */
+    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    /**
+     * The error thrown when the CSRF token is invalid.
+     *
+     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
+     *   status: 403,
+     *   message: 'Invalid CSRF token',
+     * })
+     */
+    error?: InstanceType<typeof ORPCError>;
+}
+declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly headerName;
+    private readonly headerValue;
+    private readonly exclude;
+    private readonly error;
+    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
+    order: number;
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface StrictGetMethodPluginOptions {
+    /**
+     * The error thrown when a GET request is made to a procedure that doesn't allow GET.
+     *
+     * @default new ORPCError('METHOD_NOT_SUPPORTED')
+     */
+    error?: InstanceType<typeof ORPCError$1>;
+}
+declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly error;
+    order: number;
+    constructor(options?: StrictGetMethodPluginOptions);
+    init(options: StandardHandlerOptions<T>): void;
 }
 
-export { type CORSOptions, CORSPlugin, Plugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext };
+export { BatchHandlerPlugin, CORSPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin, StrictGetMethodPlugin };
+export type { BatchHandlerOptions, CORSOptions, ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPluginOptions, StrictGetMethodPluginOptions };

package/dist/plugins/index.d.ts

@@ -1,31 +1,125 @@
-import { d as StandardHandlerInterceptorOptions, P as Plugin, a as StandardHandlerOptions } from '../shared/server.xL87pHsk.js';
-export { C as CompositePlugin } from '../shared/server.xL87pHsk.js';
 import { Value } from '@orpc/shared';
-import { C as Context } from '../shared/server.ptXwNGQr.js';
-import '@orpc/contract';
-import '@orpc/standard-server';
-import '@orpc/client';
+import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
+import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
+import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.CaWivVk3.js';
+import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.BVHsfJ99.js';
+import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
+import { ORPCError } from '@orpc/client';
 
-interface CORSOptions<TContext extends Context> {
-    origin?: Value<string | string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<TContext>]>;
-    timingOrigin?: Value<string | string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<TContext>]>;
-    allowMethods?: string[];
-    allowHeaders?: string[];
+interface BatchHandlerOptions<T extends Context> {
+    /**
+     * The max size of the batch allowed.
+     *
+     * @default 10
+     */
+    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Map the request before processing it.
+     *
+     * @default merged back batch request headers into the request
+     */
+    mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest;
+    /**
+     * Success batch response status code.
+     *
+     * @default 207
+     */
+    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * success batch response headers.
+     *
+     * @default {}
+     */
+    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+}
+declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly maxSize;
+    private readonly mapRequestItem;
+    private readonly successStatus;
+    private readonly headers;
+    order: number;
+    constructor(options?: BatchHandlerOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface CORSOptions<T extends Context> {
+    origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    timingOrigin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    allowMethods?: readonly string[];
+    allowHeaders?: readonly string[];
     maxAge?: number;
     credentials?: boolean;
-    exposeHeaders?: string[];
+    exposeHeaders?: readonly string[];
 }
-declare class CORSPlugin<TContext extends Context> implements Plugin<TContext> {
+declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
-    constructor(options?: Partial<CORSOptions<TContext>>);
-    init(options: StandardHandlerOptions<TContext>): void;
+    order: number;
+    constructor(options?: CORSOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
 }
 
 interface ResponseHeadersPluginContext {
     resHeaders?: Headers;
 }
-declare class ResponseHeadersPlugin<TContext extends ResponseHeadersPluginContext & Context> implements Plugin<TContext> {
-    init(options: StandardHandlerOptions<TContext>): void;
+declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> {
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
+    /**
+     * The name of the header to check.
+     *
+     * @default 'x-csrf-token'
+     */
+    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * The value of the header to check.
+     *
+     * @default 'orpc'
+     *
+     */
+    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Exclude a procedure from the plugin.
+     *
+     * @default false
+     *
+     */
+    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    /**
+     * The error thrown when the CSRF token is invalid.
+     *
+     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
+     *   status: 403,
+     *   message: 'Invalid CSRF token',
+     * })
+     */
+    error?: InstanceType<typeof ORPCError>;
+}
+declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly headerName;
+    private readonly headerValue;
+    private readonly exclude;
+    private readonly error;
+    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
+    order: number;
+    init(options: StandardHandlerOptions<T>): void;
+}
+
+interface StrictGetMethodPluginOptions {
+    /**
+     * The error thrown when a GET request is made to a procedure that doesn't allow GET.
+     *
+     * @default new ORPCError('METHOD_NOT_SUPPORTED')
+     */
+    error?: InstanceType<typeof ORPCError$1>;
+}
+declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly error;
+    order: number;
+    constructor(options?: StrictGetMethodPluginOptions);
+    init(options: StandardHandlerOptions<T>): void;
 }
 
-export { type CORSOptions, CORSPlugin, Plugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext };
+export { BatchHandlerPlugin, CORSPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin, StrictGetMethodPlugin };
+export type { BatchHandlerOptions, CORSOptions, ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPluginOptions, StrictGetMethodPluginOptions };