@rebasepro/server-core 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build-errors.txt +52 -0
- package/dist/api/ast-schema-editor.d.ts +21 -0
- package/dist/api/collections_for_test/callbacks_test_collection.d.ts +2 -0
- package/dist/api/errors.d.ts +53 -0
- package/dist/api/graphql/graphql-schema-generator.d.ts +44 -0
- package/dist/api/graphql/index.d.ts +1 -0
- package/dist/api/index.d.ts +9 -0
- package/dist/api/logs-routes.d.ts +37 -0
- package/dist/api/openapi-generator.d.ts +16 -0
- package/dist/api/rest/api-generator.d.ts +76 -0
- package/dist/api/rest/index.d.ts +1 -0
- package/dist/api/rest/query-parser.d.ts +8 -0
- package/dist/api/schema-editor-routes.d.ts +3 -0
- package/dist/api/server.d.ts +40 -0
- package/dist/api/types.d.ts +104 -0
- package/dist/auth/adapter-middleware.d.ts +43 -0
- package/dist/auth/admin-roles-route.d.ts +18 -0
- package/dist/auth/admin-user-ops.d.ts +79 -0
- package/dist/auth/admin-users-route.d.ts +28 -0
- package/dist/auth/api-keys/api-key-middleware.d.ts +39 -0
- package/dist/auth/api-keys/api-key-permission-guard.d.ts +32 -0
- package/dist/auth/api-keys/api-key-routes.d.ts +20 -0
- package/dist/auth/api-keys/api-key-store.d.ts +35 -0
- package/dist/auth/api-keys/api-key-types.d.ts +96 -0
- package/dist/auth/api-keys/index.d.ts +17 -0
- package/dist/auth/apple-oauth.d.ts +30 -0
- package/dist/auth/auth-hooks.d.ts +242 -0
- package/dist/auth/bitbucket-oauth.d.ts +11 -0
- package/dist/auth/builtin-auth-adapter.d.ts +51 -0
- package/dist/auth/crypto-utils.d.ts +16 -0
- package/dist/auth/custom-auth-adapter.d.ts +39 -0
- package/dist/auth/discord-oauth.d.ts +14 -0
- package/dist/auth/facebook-oauth.d.ts +14 -0
- package/dist/auth/github-oauth.d.ts +15 -0
- package/dist/auth/gitlab-oauth.d.ts +13 -0
- package/dist/auth/google-oauth.d.ts +47 -0
- package/dist/auth/index.d.ts +37 -0
- package/dist/auth/interfaces.d.ts +431 -0
- package/dist/auth/jwt.d.ts +55 -0
- package/dist/auth/linkedin-oauth.d.ts +18 -0
- package/dist/auth/magic-link-routes.d.ts +30 -0
- package/dist/auth/mfa-crypto.d.ts +23 -0
- package/dist/auth/mfa-routes.d.ts +7 -0
- package/dist/auth/mfa.d.ts +49 -0
- package/dist/auth/microsoft-oauth.d.ts +16 -0
- package/dist/auth/middleware.d.ts +113 -0
- package/dist/auth/password.d.ts +22 -0
- package/dist/auth/rate-limiter.d.ts +50 -0
- package/dist/auth/reset-password-admin.d.ts +29 -0
- package/dist/auth/rls-scope.d.ts +31 -0
- package/dist/auth/routes.d.ts +35 -0
- package/dist/auth/session-routes.d.ts +27 -0
- package/dist/auth/slack-oauth.d.ts +12 -0
- package/dist/auth/spotify-oauth.d.ts +12 -0
- package/dist/auth/twitter-oauth.d.ts +18 -0
- package/dist/backend-CIxN4FVm.js +15 -0
- package/dist/backend-CIxN4FVm.js.map +1 -0
- package/dist/base64-js-C_frYBkI.js +1687 -0
- package/dist/base64-js-C_frYBkI.js.map +1 -0
- package/dist/chunk-Dze3rakg.js +42 -0
- package/dist/collections/BackendCollectionRegistry.d.ts +13 -0
- package/dist/collections/loader.d.ts +5 -0
- package/dist/cron/cron-loader.d.ts +17 -0
- package/dist/cron/cron-routes.d.ts +14 -0
- package/dist/cron/cron-scheduler.d.ts +106 -0
- package/dist/cron/cron-store.d.ts +32 -0
- package/dist/cron/index.d.ts +6 -0
- package/dist/db/interfaces.d.ts +18 -0
- package/dist/dist-DMO-zF6D.js +832 -0
- package/dist/dist-DMO-zF6D.js.map +1 -0
- package/dist/email/index.d.ts +6 -0
- package/dist/email/smtp-email-service.d.ts +25 -0
- package/dist/email/templates.d.ts +50 -0
- package/dist/email/types.d.ts +126 -0
- package/dist/env.d.ts +102 -0
- package/dist/from-VbwD7xRf.js +3849 -0
- package/dist/from-VbwD7xRf.js.map +1 -0
- package/dist/functions/define-function.d.ts +50 -0
- package/dist/functions/function-loader.d.ts +17 -0
- package/dist/functions/function-routes.d.ts +10 -0
- package/dist/functions/index.d.ts +5 -0
- package/dist/history/history-routes.d.ts +23 -0
- package/dist/history/index.d.ts +1 -0
- package/dist/index.d.ts +31 -0
- package/dist/index.es.js +61322 -0
- package/dist/index.es.js.map +1 -0
- package/dist/index.umd.js +103633 -0
- package/dist/index.umd.js.map +1 -0
- package/dist/init/docs.d.ts +4 -0
- package/dist/init/health.d.ts +2 -0
- package/dist/init/middlewares.d.ts +10 -0
- package/dist/init/shutdown.d.ts +11 -0
- package/dist/init/storage.d.ts +5 -0
- package/dist/init.d.ts +314 -0
- package/dist/jws-BqRRaK11.js +616 -0
- package/dist/jws-BqRRaK11.js.map +1 -0
- package/dist/jwt-BETC8a1J.js +3560 -0
- package/dist/jwt-BETC8a1J.js.map +1 -0
- package/dist/logger-BYU66ENZ.js +94 -0
- package/dist/logger-BYU66ENZ.js.map +1 -0
- package/dist/ms-BeBSuOXN.js +125 -0
- package/dist/ms-BeBSuOXN.js.map +1 -0
- package/dist/multipart-parser-CedBDOeC.js +299 -0
- package/dist/multipart-parser-CedBDOeC.js.map +1 -0
- package/dist/serve-spa.d.ts +30 -0
- package/dist/services/driver-registry.d.ts +78 -0
- package/dist/services/routed-realtime-service.d.ts +43 -0
- package/dist/services/webhook-service.d.ts +29 -0
- package/dist/singleton.d.ts +35 -0
- package/dist/src-CB2PIpBe.js +1182 -0
- package/dist/src-CB2PIpBe.js.map +1 -0
- package/dist/src-DjzOT1kG.js +29746 -0
- package/dist/src-DjzOT1kG.js.map +1 -0
- package/dist/storage/GCSStorageController.d.ts +43 -0
- package/dist/storage/LocalStorageController.d.ts +46 -0
- package/dist/storage/S3StorageController.d.ts +36 -0
- package/dist/storage/image-transform.d.ts +50 -0
- package/dist/storage/index.d.ts +31 -0
- package/dist/storage/routes.d.ts +70 -0
- package/dist/storage/storage-registry.d.ts +78 -0
- package/dist/storage/tus-handler.d.ts +53 -0
- package/dist/storage/types.d.ts +128 -0
- package/dist/types/index.d.ts +11 -0
- package/dist/utils/dev-port.d.ts +37 -0
- package/dist/utils/logger.d.ts +31 -0
- package/dist/utils/logging.d.ts +9 -0
- package/dist/utils/request-id.d.ts +4 -0
- package/dist/utils/request-logger.d.ts +19 -0
- package/dist/utils/sql.d.ts +27 -0
- package/package.json +22 -14
- package/src/api/graphql/graphql-schema-generator.ts +5 -5
- package/src/api/openapi-generator.ts +2 -2
- package/src/api/rest/api-generator.ts +44 -123
- package/src/api/rest/query-parser.ts +6 -23
- package/src/api/types.ts +2 -2
- package/src/auth/auth-hooks.ts +1 -1
- package/src/auth/builtin-auth-adapter.ts +1 -2
- package/src/auth/interfaces.ts +11 -2
- package/src/auth/middleware.ts +4 -4
- package/src/auth/routes.ts +1 -2
- package/src/functions/define-function.ts +59 -0
- package/src/functions/function-loader.ts +16 -0
- package/src/functions/index.ts +2 -0
- package/src/index.ts +70 -37
- package/src/init.ts +78 -21
- package/src/storage/GCSStorageController.ts +334 -0
- package/src/storage/index.ts +9 -3
- package/src/storage/routes.ts +191 -23
- package/src/storage/tus-handler.ts +16 -4
- package/src/storage/types.ts +25 -3
- package/test/api-generator.test.ts +1 -1
- package/test/auth-config-types.test.ts +40 -0
- package/test/define-function.test.ts +45 -0
- package/test/storage-routes.test.ts +160 -0
- package/test/backend-hooks-data.test.ts +0 -477
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import { Hono } from "hono";
|
|
2
|
+
import { EntityCollection } from "@rebasepro/types";
|
|
3
|
+
import { HonoEnv } from "../api/types";
|
|
4
|
+
export declare function mountOpenApiDocs(app: Hono<HonoEnv>, basePath: string, enableSwagger: boolean | undefined, activeCollections: EntityCollection[], requireAuth: boolean): Promise<void>;
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { Hono } from "hono";
|
|
2
|
+
import { HonoEnv } from "../api/types";
|
|
3
|
+
interface MiddlewareConfig {
|
|
4
|
+
maxBodySize?: number;
|
|
5
|
+
csrf?: {
|
|
6
|
+
origin: string | string[] | ((origin: string) => boolean);
|
|
7
|
+
};
|
|
8
|
+
}
|
|
9
|
+
export declare function configureMiddlewares(app: Hono<HonoEnv>, basePath: string, isProduction: boolean, config: MiddlewareConfig): void;
|
|
10
|
+
export {};
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Server } from "http";
|
|
2
|
+
import { RealtimeProvider } from "@rebasepro/types";
|
|
3
|
+
interface ShutdownConfig {
|
|
4
|
+
server: Server;
|
|
5
|
+
cronScheduler?: {
|
|
6
|
+
stop(): void;
|
|
7
|
+
};
|
|
8
|
+
realtimeServices: Record<string, RealtimeProvider>;
|
|
9
|
+
}
|
|
10
|
+
export declare function createShutdown(config: ShutdownConfig): (timeoutMs?: number) => Promise<void>;
|
|
11
|
+
export {};
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import { BackendStorageConfig, StorageController, StorageRegistry } from "../storage";
|
|
2
|
+
export declare function initializeStorage(storageConfig: BackendStorageConfig | StorageController | Record<string, BackendStorageConfig | StorageController> | undefined, isProduction: boolean): {
|
|
3
|
+
storageRegistry?: StorageRegistry;
|
|
4
|
+
storageController?: StorageController;
|
|
5
|
+
};
|
package/dist/init.d.ts
ADDED
|
@@ -0,0 +1,314 @@
|
|
|
1
|
+
import { AuthAdapter, BackendBootstrapper, BootstrappedAuth, DatabaseAdapter, DataDriver, DataSourceDefinition, EntityCallbacks, EntityCollection, HealthCheckResult, RealtimeProvider, SecurityRule } from "@rebasepro/types";
|
|
2
|
+
import { BackendCollectionRegistry } from "./collections/BackendCollectionRegistry";
|
|
3
|
+
import { DriverRegistry } from "./services/driver-registry";
|
|
4
|
+
import { Server } from "http";
|
|
5
|
+
import { Hono } from "hono";
|
|
6
|
+
import { HonoEnv } from "./api/types";
|
|
7
|
+
import { BackendStorageConfig, StorageController, StorageRegistry } from "./storage";
|
|
8
|
+
import { EmailConfig } from "./email";
|
|
9
|
+
import type { OAuthProvider } from "./auth/interfaces";
|
|
10
|
+
import type { AuthHooks } from "./auth/auth-hooks";
|
|
11
|
+
export interface RebaseAuthConfig {
|
|
12
|
+
/**
|
|
13
|
+
* The collection that represents auth users.
|
|
14
|
+
*
|
|
15
|
+
* When provided, this collection's underlying database table is used
|
|
16
|
+
* for all auth operations (login, registration, password reset, etc.).
|
|
17
|
+
*
|
|
18
|
+
* Import the built-in default:
|
|
19
|
+
* ```ts
|
|
20
|
+
* import { defaultUsersCollection } from "@rebasepro/common";
|
|
21
|
+
* auth: { collection: defaultUsersCollection, jwtSecret: "..." }
|
|
22
|
+
* ```
|
|
23
|
+
*
|
|
24
|
+
* Or pass your own collection with the required auth fields
|
|
25
|
+
* (email, passwordHash, displayName, etc.).
|
|
26
|
+
*/
|
|
27
|
+
collection?: EntityCollection;
|
|
28
|
+
jwtSecret?: string;
|
|
29
|
+
accessExpiresIn?: string;
|
|
30
|
+
refreshExpiresIn?: string;
|
|
31
|
+
requireAuth?: boolean;
|
|
32
|
+
allowRegistration?: boolean;
|
|
33
|
+
/**
|
|
34
|
+
* A static secret key for server-to-server / script authentication.
|
|
35
|
+
*
|
|
36
|
+
* When a request includes `Authorization: Bearer <serviceKey>`, it is
|
|
37
|
+
* granted admin-level access without JWT verification. This is the
|
|
38
|
+
* Rebase equivalent of a Service Account key.
|
|
39
|
+
*
|
|
40
|
+
* Generate with: `node -e "logger.info(require('crypto').randomBytes(48).toString('base64'))"`
|
|
41
|
+
*
|
|
42
|
+
* Set via `REBASE_SERVICE_KEY` in your `.env`.
|
|
43
|
+
* Must be at least 32 characters.
|
|
44
|
+
*/
|
|
45
|
+
serviceKey?: string;
|
|
46
|
+
email?: EmailConfig;
|
|
47
|
+
google?: {
|
|
48
|
+
clientId: string;
|
|
49
|
+
clientSecret?: string;
|
|
50
|
+
};
|
|
51
|
+
linkedin?: {
|
|
52
|
+
clientId: string;
|
|
53
|
+
clientSecret: string;
|
|
54
|
+
};
|
|
55
|
+
github?: {
|
|
56
|
+
clientId: string;
|
|
57
|
+
clientSecret: string;
|
|
58
|
+
};
|
|
59
|
+
microsoft?: {
|
|
60
|
+
clientId: string;
|
|
61
|
+
clientSecret: string;
|
|
62
|
+
tenantId?: string;
|
|
63
|
+
};
|
|
64
|
+
apple?: {
|
|
65
|
+
clientId: string;
|
|
66
|
+
teamId: string;
|
|
67
|
+
keyId: string;
|
|
68
|
+
privateKey: string;
|
|
69
|
+
};
|
|
70
|
+
facebook?: {
|
|
71
|
+
clientId: string;
|
|
72
|
+
clientSecret: string;
|
|
73
|
+
};
|
|
74
|
+
twitter?: {
|
|
75
|
+
clientId: string;
|
|
76
|
+
clientSecret: string;
|
|
77
|
+
};
|
|
78
|
+
discord?: {
|
|
79
|
+
clientId: string;
|
|
80
|
+
clientSecret: string;
|
|
81
|
+
};
|
|
82
|
+
gitlab?: {
|
|
83
|
+
clientId: string;
|
|
84
|
+
clientSecret: string;
|
|
85
|
+
baseUrl?: string;
|
|
86
|
+
};
|
|
87
|
+
bitbucket?: {
|
|
88
|
+
clientId: string;
|
|
89
|
+
clientSecret: string;
|
|
90
|
+
};
|
|
91
|
+
slack?: {
|
|
92
|
+
clientId: string;
|
|
93
|
+
clientSecret: string;
|
|
94
|
+
};
|
|
95
|
+
spotify?: {
|
|
96
|
+
clientId: string;
|
|
97
|
+
clientSecret: string;
|
|
98
|
+
};
|
|
99
|
+
defaultRole?: string;
|
|
100
|
+
/**
|
|
101
|
+
* Canonical array of OAuth providers.
|
|
102
|
+
*
|
|
103
|
+
* This is the primary extension point for **all** OAuth integrations.
|
|
104
|
+
* Each entry is an `OAuthProvider<unknown>` constructed via one of
|
|
105
|
+
* the `create*Provider` factories exported from `@rebasepro/server-core`
|
|
106
|
+
* (e.g. `createGoogleProvider`, `createGitHubProvider`).
|
|
107
|
+
*
|
|
108
|
+
* The named convenience fields above (`google`, `github`, etc.) are
|
|
109
|
+
* automatically resolved into this array at startup. You can mix both
|
|
110
|
+
* approaches; named fields and explicit entries are merged (named
|
|
111
|
+
* fields are appended after explicit entries).
|
|
112
|
+
*
|
|
113
|
+
* @example
|
|
114
|
+
* ```ts
|
|
115
|
+
* import { createGoogleProvider } from "@rebasepro/server-core";
|
|
116
|
+
*
|
|
117
|
+
* auth: {
|
|
118
|
+
* providers: [
|
|
119
|
+
* createGoogleProvider({ clientId: "…", clientSecret: "…" }),
|
|
120
|
+
* ],
|
|
121
|
+
* }
|
|
122
|
+
* ```
|
|
123
|
+
*/
|
|
124
|
+
providers?: OAuthProvider<unknown>[];
|
|
125
|
+
/**
|
|
126
|
+
* Override specific parts of the built-in auth implementation.
|
|
127
|
+
*
|
|
128
|
+
* Each override replaces one piece of the default behavior while
|
|
129
|
+
* keeping everything else intact. Unset overrides fall through
|
|
130
|
+
* to the built-in defaults (scrypt passwords, standard validation, etc.).
|
|
131
|
+
*
|
|
132
|
+
* @example bcrypt passwords with a custom hash
|
|
133
|
+
* ```ts
|
|
134
|
+
* import bcrypt from "bcrypt";
|
|
135
|
+
*
|
|
136
|
+
* hooks: {
|
|
137
|
+
* hashPassword: (pw) => bcrypt.hash(pw, 12),
|
|
138
|
+
* verifyPassword: (pw, hash) => bcrypt.compare(pw, hash),
|
|
139
|
+
* }
|
|
140
|
+
* ```
|
|
141
|
+
*/
|
|
142
|
+
hooks?: AuthHooks;
|
|
143
|
+
/**
|
|
144
|
+
* Enable magic link (passwordless email) authentication.
|
|
145
|
+
* Requires email to be configured.
|
|
146
|
+
*/
|
|
147
|
+
magicLink?: boolean;
|
|
148
|
+
}
|
|
149
|
+
export interface RebaseBackendConfig {
|
|
150
|
+
collections?: EntityCollection[];
|
|
151
|
+
collectionsDir?: string;
|
|
152
|
+
server: Server;
|
|
153
|
+
app: Hono<HonoEnv>;
|
|
154
|
+
basePath?: string;
|
|
155
|
+
/**
|
|
156
|
+
* Declared data sources, shared with the frontend `<Rebase dataSources>`.
|
|
157
|
+
*
|
|
158
|
+
* Used to resolve each collection's engine (capabilities) and transport.
|
|
159
|
+
* Collections on a `direct`/`custom` transport are client-only: the backend
|
|
160
|
+
* still owns their schema/registry but does **not** generate server data
|
|
161
|
+
* routes for them. Server-mediated sources (the default) need no entry.
|
|
162
|
+
*/
|
|
163
|
+
dataSources?: DataSourceDefinition[];
|
|
164
|
+
/**
|
|
165
|
+
* Database bootstrappers.
|
|
166
|
+
*/
|
|
167
|
+
bootstrappers?: BackendBootstrapper[];
|
|
168
|
+
/**
|
|
169
|
+
* Database adapter.
|
|
170
|
+
*
|
|
171
|
+
* When set, this takes precedence over `bootstrappers`.
|
|
172
|
+
*
|
|
173
|
+
* @example
|
|
174
|
+
* ```ts
|
|
175
|
+
* import { createPostgresAdapter } from "@rebasepro/server-postgresql";
|
|
176
|
+
* database: createPostgresAdapter({ connection: db, schema }),
|
|
177
|
+
* ```
|
|
178
|
+
*/
|
|
179
|
+
database?: DatabaseAdapter;
|
|
180
|
+
logging?: {
|
|
181
|
+
level?: "error" | "warn" | "info" | "debug";
|
|
182
|
+
};
|
|
183
|
+
/**
|
|
184
|
+
* Authentication configuration.
|
|
185
|
+
*
|
|
186
|
+
* Accepts **either**:
|
|
187
|
+
* - `RebaseAuthConfig` — built-in configuration
|
|
188
|
+
* - `AuthAdapter` — pluggable adapter for external auth (Clerk, Auth0, etc.)
|
|
189
|
+
*
|
|
190
|
+
* When a plain config object is provided, the built-in adapter is created
|
|
191
|
+
* automatically from the bootstrapper's `initializeAuth()` result.
|
|
192
|
+
*/
|
|
193
|
+
auth?: RebaseAuthConfig | AuthAdapter;
|
|
194
|
+
/**
|
|
195
|
+
* Storage configuration. Accepts:
|
|
196
|
+
*
|
|
197
|
+
* - A `BackendStorageConfig` object (`{ type: 'local' | 's3' | 'gcs', ... }`)
|
|
198
|
+
* - A `StorageController` instance (for custom providers like Azure, etc.)
|
|
199
|
+
* - A `Record<string, ...>` of either, for multi-backend setups
|
|
200
|
+
*/
|
|
201
|
+
storage?: BackendStorageConfig | StorageController | Record<string, BackendStorageConfig | StorageController>;
|
|
202
|
+
/**
|
|
203
|
+
* Declared storage sources. Drives the client-side StorageSourceRegistry
|
|
204
|
+
* and the transport distinction (server vs direct).
|
|
205
|
+
*
|
|
206
|
+
* Server-backed sources are auto-derived from the `storage` map — you
|
|
207
|
+
* only need explicit entries for "direct" transport sources (e.g.
|
|
208
|
+
* external storage) that the backend does not proxy.
|
|
209
|
+
*/
|
|
210
|
+
storageSources?: import("@rebasepro/types").StorageSourceDefinition[];
|
|
211
|
+
history?: unknown;
|
|
212
|
+
/**
|
|
213
|
+
* Default security rules applied to any collection that does not define
|
|
214
|
+
* its own `securityRules`. Opt-in — if not set, collections without
|
|
215
|
+
* explicit rules remain unrestricted (beyond `requireAuth`).
|
|
216
|
+
*
|
|
217
|
+
* @example
|
|
218
|
+
* ```ts
|
|
219
|
+
* defaultSecurityRules: [
|
|
220
|
+
* { operation: "select", access: "public" },
|
|
221
|
+
* { operations: ["insert", "update", "delete"], roles: ["admin"] }
|
|
222
|
+
* ]
|
|
223
|
+
* ```
|
|
224
|
+
*/
|
|
225
|
+
defaultSecurityRules?: SecurityRule[];
|
|
226
|
+
enableSwagger?: boolean;
|
|
227
|
+
functionsDir?: string;
|
|
228
|
+
cronsDir?: string;
|
|
229
|
+
/**
|
|
230
|
+
* Enable/disable database persistence for cron job execution logs.
|
|
231
|
+
* When set to false, cron jobs will run but logs will not be persisted to the database.
|
|
232
|
+
* Default: true.
|
|
233
|
+
*/
|
|
234
|
+
cronPersistence?: boolean;
|
|
235
|
+
/**
|
|
236
|
+
* Maximum request body size in bytes for API routes (default: 10MB).
|
|
237
|
+
* Set to 0 to disable the global limit entirely.
|
|
238
|
+
*
|
|
239
|
+
* Note: Storage upload routes use their own limit from the storage config's
|
|
240
|
+
* `maxFileSize` property (default: 50MB), which takes precedence over this.
|
|
241
|
+
*/
|
|
242
|
+
maxBodySize?: number;
|
|
243
|
+
/**
|
|
244
|
+
* CSRF protection configuration. **Opt-in** — disabled by default.
|
|
245
|
+
*
|
|
246
|
+
* BaaS APIs are consumed by mobile apps, SPAs on different domains,
|
|
247
|
+
* and CLI tools, so CSRF is intentionally not enabled unless you
|
|
248
|
+
* explicitly configure it with allowed origins.
|
|
249
|
+
*
|
|
250
|
+
* @example
|
|
251
|
+
* ```ts
|
|
252
|
+
* csrf: { origin: ["https://myapp.com", "https://admin.myapp.com"] }
|
|
253
|
+
* ```
|
|
254
|
+
*/
|
|
255
|
+
csrf?: {
|
|
256
|
+
/** Allowed origins for CSRF validation. */
|
|
257
|
+
origin: string | string[] | ((origin: string) => boolean);
|
|
258
|
+
};
|
|
259
|
+
/**
|
|
260
|
+
* Global lifecycle callbacks applied to every collection.
|
|
261
|
+
*
|
|
262
|
+
* Same type as per-collection `callbacks` — fires on **every** data path
|
|
263
|
+
* (REST API, WebSocket / realtime, server-side `rebase.data`).
|
|
264
|
+
*
|
|
265
|
+
* Execution order: global callbacks → collection callbacks → property callbacks.
|
|
266
|
+
*
|
|
267
|
+
* @example
|
|
268
|
+
* ```ts
|
|
269
|
+
* callbacks: {
|
|
270
|
+
* afterRead({ entity, collection }) {
|
|
271
|
+
* console.log(`Read ${collection.slug}/${entity.id}`);
|
|
272
|
+
* return entity;
|
|
273
|
+
* }
|
|
274
|
+
* }
|
|
275
|
+
* ```
|
|
276
|
+
*/
|
|
277
|
+
callbacks?: EntityCallbacks;
|
|
278
|
+
}
|
|
279
|
+
/**
|
|
280
|
+
* Type guard to detect whether the `auth` config is an `AuthAdapter`
|
|
281
|
+
* (has a `verifyRequest` method) vs a plain `RebaseAuthConfig` (plain object).
|
|
282
|
+
*/
|
|
283
|
+
export declare function isAuthAdapter(auth: RebaseAuthConfig | AuthAdapter): auth is AuthAdapter;
|
|
284
|
+
/**
|
|
285
|
+
* Type guard to detect whether `database` is a `DatabaseAdapter`.
|
|
286
|
+
*/
|
|
287
|
+
export declare function isDatabaseAdapter(db: unknown): db is DatabaseAdapter;
|
|
288
|
+
export interface RebaseBackendInstance {
|
|
289
|
+
driverRegistry: DriverRegistry;
|
|
290
|
+
driver: DataDriver;
|
|
291
|
+
realtimeServices: Record<string, RealtimeProvider>;
|
|
292
|
+
realtimeService: RealtimeProvider;
|
|
293
|
+
auth?: BootstrappedAuth;
|
|
294
|
+
history?: unknown;
|
|
295
|
+
storageRegistry?: StorageRegistry;
|
|
296
|
+
storageController?: StorageController;
|
|
297
|
+
collectionRegistry: BackendCollectionRegistry;
|
|
298
|
+
cronScheduler?: import("./cron").CronScheduler;
|
|
299
|
+
/**
|
|
300
|
+
* Deep health check that verifies database connectivity.
|
|
301
|
+
* Returns latency and component status.
|
|
302
|
+
*/
|
|
303
|
+
healthCheck(): Promise<HealthCheckResult>;
|
|
304
|
+
/**
|
|
305
|
+
* Graceful shutdown helper for the BaaS instance.
|
|
306
|
+
* Stops the cron scheduler and closes the HTTP server, allowing
|
|
307
|
+
* in-flight requests to drain within the given timeout.
|
|
308
|
+
*
|
|
309
|
+
* @param timeoutMs - Maximum time (ms) to wait for drain before force-exit (default: 15000).
|
|
310
|
+
* Pass 0 to skip the force-exit timer (useful in tests).
|
|
311
|
+
*/
|
|
312
|
+
shutdown(timeoutMs?: number): Promise<void>;
|
|
313
|
+
}
|
|
314
|
+
export declare function initializeRebaseBackend(config: RebaseBackendConfig): Promise<RebaseBackendInstance>;
|