@ramathibodi/nuxt-commons 4.0.8 → 4.0.10

package/dist/module.json

@@ -4,7 +4,7 @@
   "compatibility": {
     "nuxt": "^4.3.1"
   },
-  "version": "4.0.8",
+  "version": "4.0.10",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/module.mjs

@@ -48,6 +48,13 @@ const module$1 = defineNuxtModule({
       ...runtimeConfig,
       ..._options
     };
+    const publicConfig = _nuxt.options.runtimeConfig.public;
+    if (publicConfig.IDEMPOTENCY_HEADER == null) {
+      publicConfig.IDEMPOTENCY_HEADER = "Idempotency-Key";
+    }
+    if (publicConfig.IDEMPOTENCY_ENABLED == null) {
+      publicConfig.IDEMPOTENCY_ENABLED = true;
+    }
     _nuxt.options.vite.optimizeDeps ||= {};
     _nuxt.options.vite.optimizeDeps.include ||= [];
     _nuxt.options.vite.optimizeDeps.include.push("painterro");

package/dist/runtime/composables/api.d.ts

@@ -21,6 +21,27 @@
  * so users can see stale empty / outdated lists for the full TTL window even after
  * creating data themselves.
  *
+ * Idempotency: every authenticated POST (REST and GraphQL via useGraphQl()) automatically
+ * receives an `Idempotency-Key` HTTP header. The value is computed client-side as
+ *
+ *   SHA-256(`${floor(Date.now()/1000)}|${username}|${stableStringify(body ?? {})}`)
+ *
+ * in lowercase hex. The recipe is intentionally identical to the backend's server-side
+ * fallback in rama-spring-starter's @IdempotentMutation aspect, so a header-present and
+ * a header-absent request from the same user with the same body within the same wall-clock
+ * second resolve to the same dedup signature.
+ *
+ * Per-call escape hatch: pass `{ idempotent: false }` in the options argument to skip
+ * injection for a single call (e.g. a long-running mutation the caller wants to retry
+ * intentionally with the same body). A caller-supplied `Idempotency-Key` in
+ * `options.headers` always wins and is never overwritten.
+ *
+ * Configuration (consumer's `nuxt.config` `runtimeConfig.public`, mirroring the
+ * unprefixed `WS_API` / `WS_GRAPHQL` precedent):
+ *   - IDEMPOTENCY_HEADER (default 'Idempotency-Key') — must match the backend's
+ *     `rama.idempotency.header-name` setting if the consumer overrides it there.
+ *   - IDEMPOTENCY_ENABLED (default true) — global kill switch.
+ *
  * This doc block is consumed by vue-docgen for generated API documentation.
  */
 import type { UseFetchOptions } from 'nuxt/app';
@@ -35,6 +56,16 @@ export type CacheOption = boolean | number | {
 } | {
     ttlMs: number;
 };
+/**
+ * Per-call options accepted by useApi alongside Nuxt's UseFetchOptions.
+ *
+ * `idempotent: false` skips Idempotency-Key header injection for this single call.
+ * Default is `true`. See the useApi() docblock for the full idempotency contract.
+ */
+export interface ApiIdempotencyOption {
+    idempotent?: boolean;
+}
+export type ApiFetchOptions = UseFetchOptions<unknown> & ApiIdempotencyOption;
 export declare function _resetLegacyHeuristicWarning(): void;
 /**
  * Resolve a cache option to seconds. Pure function, exported for tests.
@@ -60,10 +91,10 @@ export declare function resolveCacheTtlSeconds(cache: CacheOption | undefined |
 declare function invalidateCache(prefix?: string): number;
 export declare function useApi(): {
     urlBuilder: (url: string | string[]) => string;
-    get: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: UseFetchOptions<unknown>, cache?: CacheOption) => Promise<T>;
-    getPromise: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: UseFetchOptions<unknown>, cache?: CacheOption) => Promise<T>;
-    post: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: UseFetchOptions<unknown>, cache?: CacheOption) => Promise<T>;
-    postPromise: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: UseFetchOptions<unknown>, cache?: CacheOption) => Promise<T>;
+    get: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: ApiFetchOptions, cache?: CacheOption) => Promise<T>;
+    getPromise: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: ApiFetchOptions, cache?: CacheOption) => Promise<T>;
+    post: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: ApiFetchOptions, cache?: CacheOption) => Promise<T>;
+    postPromise: <T>(url: string | string[], body?: Record<string, any> | [], params?: SearchParameters, options?: ApiFetchOptions, cache?: CacheOption) => Promise<T>;
     hashKey: (data: any) => Promise<string>;
     invalidate: typeof invalidateCache;
 };

package/dist/runtime/composables/api.js

@@ -7,6 +7,7 @@ import { useRuntimeConfig } from "#imports";
 import { useAuthentication } from "../bridges/authentication.js";
 const DEFAULT_TTL_SECONDS_FOR_TRUE = 5 * 60;
 const CACHE_PREFIX = "api-cache-";
+const IDEMPOTENCY_HEADER_DEFAULT = "Idempotency-Key";
 let _legacyHeuristicWarned = false;
 function warnLegacyHeuristic(value, resolvedSeconds) {
   if (_legacyHeuristicWarned) return;
@@ -77,7 +78,7 @@ export function useApi() {
     if (returnUrl.startsWith("http://") || returnUrl.startsWith("https://")) return returnUrl;
     return trimEnd(config?.public.WS_API, "/") + "/" + trimStart(returnUrl, "/");
   }
-  function optionBuilder(method, body, params, options = {}) {
+  async function optionBuilder(method, body, params, options = {}) {
     const headers = {
       "Content-Type": "application/json",
       Accept: "application/json"
@@ -85,9 +86,24 @@ export function useApi() {
     const auth = useAuthentication();
     const token = auth.keycloak?.token || auth.token;
     if (token) {
-      ;
       headers["Authorization"] = `Bearer ${token}`;
     }
+    const callerHeaders = {
+      ...options.headers || {}
+    };
+    const enabledConfig = config?.public?.IDEMPOTENCY_ENABLED;
+    const idempotencyEnabled = enabledConfig !== false;
+    const headerName = config?.public?.IDEMPOTENCY_HEADER || IDEMPOTENCY_HEADER_DEFAULT;
+    const callerProvidedHeader = Object.keys(callerHeaders).some(
+      (k) => k.toLowerCase() === headerName.toLowerCase()
+    );
+    if (method === "POST" && idempotencyEnabled && options.idempotent !== false && !callerProvidedHeader) {
+      const username = (typeof auth.getUsername === "function" ? auth.getUsername() : auth.userProfile?.username) ?? "";
+      const second = Math.floor(Date.now() / 1e3).toString();
+      const bodyJson = stableStringify(body ?? {});
+      headers[headerName] = await sha256(`${second}|${username}|${bodyJson}`);
+    }
+    const { idempotent: _omitIdempotent, ...passThroughOptions } = options;
     const baseOptions = {
       method,
       body,
@@ -96,9 +112,9 @@ export function useApi() {
     };
     const finalHeaders = {
       ...headers,
-      ...options.headers || {}
+      ...callerHeaders
     };
-    Object.assign(baseOptions, options);
+    Object.assign(baseOptions, passThroughOptions);
     return {
       ...baseOptions,
       headers: finalHeaders
@@ -132,7 +148,7 @@ export function useApi() {
     const builtUrl = urlBuilder(url);
     const ttl = resolveCacheTtlSeconds(cache);
     if (ttl === 0) {
-      return ofetch(builtUrl, optionBuilder(method, body, params, options));
+      return ofetch(builtUrl, await optionBuilder(method, body, params, options));
     }
     const keyData = { url: builtUrl, method, body, params, headers: options?.headers };
     const key = CACHE_PREFIX + await hashKey(keyData);
@@ -140,7 +156,7 @@ export function useApi() {
     if (cached !== null) {
       return cached;
     }
-    const result = await ofetch(builtUrl, optionBuilder(method, body, params, options));
+    const result = await ofetch(builtUrl, await optionBuilder(method, body, params, options));
     ls.set(key, result, { ttl });
     return result;
   }

package/dist/runtime/composables/lookupListMaster.js

@@ -31,15 +31,15 @@ export function useLookupListMaster(props) {
     );
   });
   const formatItemTitle = (item) => {
+    const raw = item?.raw ?? item ?? {};
+    const resolvedTitle = item?.title || raw?.[itemTitleField.value] || raw?.itemValue || raw?.itemCode;
     if (props.meilisearch) {
-      const raw = item?._formatted ?? {};
-      const code = raw?.itemCode;
-      const title = raw?.[itemTitleField.value] ?? raw?.itemValue ?? raw?.itemCode;
+      const formatted = raw?._formatted ?? {};
+      const code = formatted?.itemCode ?? raw?.itemCode;
+      const title = formatted?.[itemTitleField.value] || formatted?.itemValue || formatted?.itemCode || resolvedTitle;
       return (props.showCode ? (code ?? "") + "-" : "") + (title ?? "");
     } else {
-      const code = item?.itemCode;
-      const title = item.title ?? item?.itemValue ?? item?.itemCode;
-      return (props.showCode ? (code ?? "") + "-" : "") + (title ?? "");
+      return (props.showCode ? (raw?.itemCode ?? "") + "-" : "") + (resolvedTitle ?? "");
     }
   };
   const computedNoDataText = computed(() => {

package/dist/runtime/types/graphqlOperation.d.ts

@@ -1,6 +1,8 @@
 export interface graphqlVariable {
   name: string
-  list?: boolean
+  // `true` for `[T]`, `[true]` for `[T!]` — matches gql-query-builder's
+  // VariableOptions shape so element non-null survives into the query string.
+  list?: boolean | [boolean]
   required?: boolean
   type?: string
   value?: any

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ramathibodi/nuxt-commons",
-  "version": "4.0.8",
+  "version": "4.0.10",
   "description": "Ramathibodi Nuxt modules for common components",
   "repository": {
     "type": "git",

package/templates/.codegen/plugin-schema-object.cjs

@@ -6,14 +6,21 @@ function capitalizeFirstLetter(string) {
   return string.charAt(0).toUpperCase() + string.slice(1)
 }
 
-function inputTypeToObject(inputType, result) {
+// `inList` flips to true the moment we descend into a ListType, so a NonNullType
+// nested under a List is recognized as element-non-null (`[T!]`) rather than
+// overwriting the outer list's `required` flag. The element-non-null is encoded
+// as `list: [true]` — the shape gql-query-builder reads to emit `[T!]`.
+function inputTypeToObject(inputType, result, inList = false) {
   if (inputType.kind === 'NonNullType') {
-    result['required'] = true
-    inputTypeToObject(inputType.type, result)
+    if (inList) result['list'] = [true]
+    else result['required'] = true
+    inputTypeToObject(inputType.type, result, inList)
+    return
   }
   if (inputType.kind === 'ListType') {
-    result['list'] = true
-    inputTypeToObject(inputType.type, result)
+    if (!Array.isArray(result['list'])) result['list'] = true
+    inputTypeToObject(inputType.type, result, true)
+    return
   }
   if (inputType.kind === 'NamedType') {
     result['type'] = inputType.name.value
@@ -21,6 +28,7 @@ function inputTypeToObject(inputType, result) {
 }
 
 module.exports = {
+  inputTypeToObject,
   plugin(schema, _documents, _config) {
     const astNode = getCachedDocumentNodeFromSchema(schema) // Transforms the GraphQLSchema into ASTNode