@revenexx/cover 0.1.1 → 0.1.3

package/app/components/account/AccountSidebar.vue

@@ -1,8 +1,17 @@
 <script setup lang="ts">
 import { accountNavigation } from "../../config/navigation";
+import type { AccountNavGroup } from "../../config/navigation";
 
 const { icon } = useIcons();
 
+// Consumers can replace the full B2B navigation tree with their own
+// (e.g. a lean storefront theme exposing only orders + profile) via
+// app.config — `accountNavigation: AccountNavGroup[]`.
+const appConfig = useAppConfig();
+const navigation = computed<AccountNavGroup[]>(() =>
+	(appConfig.accountNavigation as AccountNavGroup[] | undefined) ?? accountNavigation,
+);
+
 /**
  * The full B2B account navigation tree (structure from the relation
  * prototype). Implemented entries route to real pages, the rest leads to the
@@ -41,7 +50,7 @@ function isActive(to: string): boolean {
 	>
 		<ul class="divide-y divide-default">
 			<li
-				v-for="group in accountNavigation"
+				v-for="group in navigation"
 				:key="group.labelKey"
 				class="py-4"
 			>

package/nuxt.config.ts

@@ -95,6 +95,13 @@ export default defineNuxtConfig({
 		publicAssets: [
 			{ dir: resolve(currentDir, "public") },
 		],
+		// Per-request async context: lets server utils reach the current
+		// H3 event without threading it through every signature — the SDK
+		// client uses it to pick up the platform's brokered tenant context
+		// (x-revenexx-tenant / x-revenexx-context headers, ADR-0057 §8).
+		experimental: {
+			asyncContext: true,
+		},
 	},
 
 	i18n: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@revenexx/cover",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Cover \u2014 revenexx design system for Nuxt. Distributed as a Nuxt layer: generic UI components, theming tokens and stores shared by the demo shop, custom storefronts and the Blokkli theme.",
   "type": "module",
   "main": "./nuxt.config.ts",

package/server/services/ApiMarketService.ts

@@ -25,7 +25,9 @@ interface ApiListPage<T> {
 
 const MARKET_CACHE_TTL_MS = 5 * 60 * 1000;
 
-let cache: { markets: ShopMarket[]; loadedAt: number } | null = null;
+// Partitioned by tenant — a multi-tenant theme must never serve one
+// tenant's markets to another (see revenexxTenantKey()).
+const cache = new Map<string, { markets: ShopMarket[]; loadedAt: number }>();
 
 /**
  * Live markets via the public revenexx API (markets app):
@@ -34,8 +36,10 @@ let cache: { markets: ShopMarket[]; loadedAt: number } | null = null;
  */
 export class ApiMarketService implements IMarketService {
 	async listMarkets(): Promise<ShopMarket[]> {
-		if (cache && Date.now() - cache.loadedAt < MARKET_CACHE_TTL_MS) {
-			return cache.markets;
+		const tenantKey = revenexxTenantKey();
+		const cached = cache.get(tenantKey);
+		if (cached && Date.now() - cached.loadedAt < MARKET_CACHE_TTL_MS) {
+			return cached.markets;
 		}
 
 		const sdk = useRevenexxSdk();
@@ -63,7 +67,7 @@ export class ApiMarketService implements IMarketService {
 			};
 		}));
 
-		cache = { markets, loadedAt: Date.now() };
+		cache.set(tenantKey, { markets, loadedAt: Date.now() });
 		return markets;
 	}
 }

package/server/utils/liveCatalog.ts

@@ -175,11 +175,15 @@ interface LiveCategoryPage {
 const CATEGORY_CACHE_TTL_MS = 5 * 60 * 1000;
 const CATEGORY_PAGE_LIMIT = 200;
 
-let categoryCache: { rows: LiveCategoryRow[]; loadedAt: number } | null = null;
+// Partitioned by tenant — a multi-tenant theme must never serve one
+// tenant's category tree to another (see revenexxTenantKey()).
+const categoryCache = new Map<string, { rows: LiveCategoryRow[]; loadedAt: number }>();
 
 async function loadLiveCategoryRows(): Promise<LiveCategoryRow[]> {
-	if (categoryCache && Date.now() - categoryCache.loadedAt < CATEGORY_CACHE_TTL_MS) {
-		return categoryCache.rows;
+	const tenantKey = revenexxTenantKey();
+	const cached = categoryCache.get(tenantKey);
+	if (cached && Date.now() - cached.loadedAt < CATEGORY_CACHE_TTL_MS) {
+		return cached.rows;
 	}
 
 	const sdk = useRevenexxSdk();
@@ -199,7 +203,7 @@ async function loadLiveCategoryRows(): Promise<LiveCategoryRow[]> {
 		offset += page.page.returned;
 	}
 
-	categoryCache = { rows, loadedAt: Date.now() };
+	categoryCache.set(tenantKey, { rows, loadedAt: Date.now() });
 	return rows;
 }
 

package/server/utils/revenexxSdk.ts

@@ -91,17 +91,58 @@ export function apiErrorContext(err: unknown): Record<string, unknown> {
 
 let sdk: RevenexxSdk | null = null;
 
+/**
+ * The platform's per-invocation tenant context (ADR-0057 §8): on a deployed
+ * Site the entrypoint resolves the tenant from the request Host and injects
+ *   x-revenexx-tenant   the tenant slug
+ *   x-revenexx-context  the brokered per-tenant JWT for gateway calls
+ * When present, they win over the env credentials — the same theme build
+ * serves any tenant. Resolution uses Nitro's async context (no event
+ * threading); outside a request, or without the headers, the env-configured
+ * tenant API key applies (local dev, the demo shop, previews).
+ */
+function brokeredContext(): { tenant: string; jwt: string } | null {
+	try {
+		const event = useEvent();
+		const tenant = getRequestHeader(event, "x-revenexx-tenant");
+		if (!tenant) {
+			return null;
+		}
+		return { tenant, jwt: getRequestHeader(event, "x-revenexx-context") ?? "" };
+	}
+	catch {
+		// No async context (e.g. startup code) — fall back to env credentials.
+		return null;
+	}
+}
+
+/**
+ * The tenant slug the current request's SDK calls are scoped to — the cache
+ * key for any server-side cache of gateway data (markets, categories, …).
+ * Module-level caches MUST be partitioned by this, or a multi-tenant theme
+ * leaks one tenant's data into another's pages.
+ */
+export function revenexxTenantKey(): string {
+	const brokered = brokeredContext();
+	if (brokered) {
+		return brokered.tenant;
+	}
+	const config = useRuntimeConfig();
+	return String(config.revenexxTenant || "");
+}
+
 export function useRevenexxSdk(): RevenexxSdk {
-	if (sdk) {
+	const brokered = brokeredContext();
+	if (!brokered && sdk) {
 		return sdk;
 	}
 
 	const config = useRuntimeConfig();
 	const endpoint = String(config.revenexxApiUrl || "https://api.revenexx.com").replace(/\/+$/, "");
-	const tenant = String(config.revenexxTenant || "");
+	const tenant = brokered?.tenant ?? String(config.revenexxTenant || "");
 	const apiKey = String(config.revenexxApiKey || "");
 
-	if (!tenant || !apiKey) {
+	if (!tenant || (!brokered?.jwt && !apiKey)) {
 		throw new RevenexxException(
 			"revenexx API credentials are not configured (NUXT_REVENEXX_TENANT / NUXT_REVENEXX_API_KEY)",
 			503,
@@ -112,8 +153,19 @@ export function useRevenexxSdk(): RevenexxSdk {
 
 	const client = new Client()
 		.setEndpoint(endpoint)
-		.setTenant(tenant)
-		.setApiKeyAuth(apiKey);
+		.setTenant(tenant);
+	// Auth: the brokered context wins — it is a Zitadel JWT the gateway
+	// verifies against the same JWKS as any interactive caller, so one theme
+	// build serves any tenant without per-site credentials. The explicit
+	// "Bearer " prefix works around @revenexx/sdk <= 0.0.5 writing the raw
+	// value into the Authorization header (generator fix: sdk-generator #9;
+	// the fixed setter keeps an existing prefix, so this stays correct).
+	if (brokered?.jwt) {
+		client.setBearerAuth(`Bearer ${brokered.jwt}`);
+	}
+	else {
+		client.setApiKeyAuth(apiKey);
+	}
 
 	async function call<T>(
 		method: "GET" | "POST" | "PUT" | "DELETE",
@@ -144,7 +196,7 @@ export function useRevenexxSdk(): RevenexxSdk {
 		) as T;
 	}
 
-	sdk = {
+	const instance: RevenexxSdk = {
 		client,
 		carts: new Carts(client),
 		customers: new Customers(client),
@@ -158,5 +210,10 @@ export function useRevenexxSdk(): RevenexxSdk {
 		shipping: new Shipping(client),
 		call,
 	};
-	return sdk;
+	// Brokered instances are request-scoped (the JWT rotates per invocation)
+	// — only the env-credential client is a process-wide singleton.
+	if (!brokered) {
+		sdk = instance;
+	}
+	return instance;
 }