@scorehub/auth-sdk 1.1.0

package/dist/auth-client.d.ts

@@ -0,0 +1,152 @@
+export interface AuthClientOptions {
+    /** Auth-Service 地址，如 http://localhost:9100/api/v1 */
+    serviceUrl: string;
+    /** OAuth Client ID */
+    clientId: string;
+    /** OAuth Client Secret */
+    clientSecret: string;
+    /** RS256 公钥 (PEM 格式)，用于本地验证 */
+    publicKey?: string | Buffer;
+    /** JWT issuer (默认 auth-service) */
+    issuer?: string;
+}
+export interface TokenPayload {
+    sub: string;
+    type: 'user' | 'client';
+    username?: string;
+    roles?: string[];
+    clientId?: string;
+    scopes: string[];
+    jti: string;
+    iss: string;
+    iat: number;
+    exp: number;
+}
+export interface UserInfo {
+    sub: string;
+    username: string;
+    mobile?: string;
+    email?: string;
+    realname?: string;
+    nickname?: string;
+    avatar?: string;
+    roles: string[];
+}
+export interface TokenPair {
+    access_token: string;
+    refresh_token: string;
+    token_type: string;
+    expires_in: number;
+}
+export interface IntrospectResult {
+    active: boolean;
+    sub?: string;
+    type?: string;
+    username?: string;
+    roles?: string[];
+    client_id?: string;
+    scope?: string;
+    iss?: string;
+    exp?: number;
+    iat?: number;
+    jti?: string;
+}
+export interface LoginResult {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+    tokenType: string;
+    user: {
+        id: string;
+        username: string;
+        mobile: string | null;
+        realname: string | null;
+        nickname: string | null;
+        avatar: string | null;
+        roles: string[];
+    };
+}
+export interface AuthServiceError {
+    code: number;
+    message: string;
+}
+export declare class AuthClient {
+    private readonly serviceUrl;
+    private readonly clientId;
+    private readonly clientSecret;
+    private readonly publicKey?;
+    private readonly issuer;
+    private serviceToken?;
+    constructor(options: AuthClientOptions);
+    /**
+     * 本地验证 Access Token (使用 RSA 公钥，零网络延迟)
+     */
+    verifyAccessToken(token: string): Promise<TokenPayload>;
+    /**
+     * 远程 Token 内省 (当没有公钥时使用)
+     */
+    introspectToken(token: string): Promise<IntrospectResult>;
+    /**
+     * 获取服务间调用的 Token (client_credentials)
+     */
+    getServiceToken(scopes?: string[]): Promise<string>;
+    /**
+     * 根据用户 ID 获取用户信息
+     */
+    getUserById(userId: string): Promise<UserInfo | null>;
+    /**
+     * 刷新 Token
+     */
+    refreshToken(refreshToken: string): Promise<TokenPair>;
+    /**
+     * 吊销 Token
+     */
+    revokeToken(token: string): Promise<void>;
+    /**
+     * 账号密码登录
+     */
+    loginByPassword(username: string, password: string): Promise<LoginResult>;
+    /**
+     * 短信验证码登录 (含自动注册)
+     */
+    loginBySms(mobile: string, code: string): Promise<LoginResult>;
+    /**
+     * 校验短信验证码（一次性）
+     */
+    verifySmsCode(mobile: string, code: string): Promise<void>;
+    /**
+     * 用户注册 (Auth-Service 内部会校验验证码)
+     */
+    register(params: {
+        username: string;
+        password: string;
+        mobile: string;
+        code: string;
+        realname?: string;
+    }): Promise<LoginResult>;
+    /**
+     * 重置密码 (Auth-Service 内部会校验验证码)
+     */
+    resetPassword(mobile: string, code: string, newPassword: string): Promise<void>;
+    /**
+     * 管理端创建用户 (service token 鉴权，无需短信验证码)
+     */
+    adminCreateUser(params: {
+        username: string;
+        password: string;
+        mobile: string;
+        realname?: string;
+    }): Promise<{
+        id: string;
+        username: string;
+        mobile: string;
+    }>;
+    /**
+     * 管理端重置用户密码 (service token 鉴权，无需短信验证码)
+     */
+    adminResetPassword(userId: string, newPassword: string): Promise<void>;
+    /**
+     * 发送短信验证码
+     */
+    sendSmsCode(mobile: string, type?: number): Promise<void>;
+}

package/dist/auth-client.js

@@ -0,0 +1,297 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthClient = void 0;
+const jwt = __importStar(require("jsonwebtoken"));
+class AuthClient {
+    constructor(options) {
+        this.serviceUrl = options.serviceUrl.replace(/\/$/, '');
+        this.clientId = options.clientId;
+        this.clientSecret = options.clientSecret;
+        this.publicKey = options.publicKey;
+        this.issuer = options.issuer || 'auth-service';
+    }
+    /**
+     * 本地验证 Access Token (使用 RSA 公钥，零网络延迟)
+     */
+    verifyAccessToken(token) {
+        return new Promise((resolve, reject) => {
+            if (!this.publicKey) {
+                reject(new Error('publicKey is required for local token verification'));
+                return;
+            }
+            jwt.verify(token, this.publicKey, { algorithms: ['RS256'], issuer: this.issuer }, (err, decoded) => {
+                if (err) {
+                    reject(err);
+                    return;
+                }
+                resolve(decoded);
+            });
+        });
+    }
+    /**
+     * 远程 Token 内省 (当没有公钥时使用)
+     */
+    async introspectToken(token) {
+        var _a;
+        const response = await fetch(`${this.serviceUrl}/oauth/token/introspect`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ token }),
+        });
+        const result = await response.json();
+        // 兼容 ResponseInterceptor 包装格式 { code, data: { active, ... } }
+        return ((_a = result.data) !== null && _a !== void 0 ? _a : result);
+    }
+    /**
+     * 获取服务间调用的 Token (client_credentials)
+     */
+    async getServiceToken(scopes) {
+        var _a;
+        // 使用缓存
+        if (this.serviceToken && this.serviceToken.expiresAt > Date.now() + 60000) {
+            return this.serviceToken.token;
+        }
+        const response = await fetch(`${this.serviceUrl}/oauth/token`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                grant_type: 'client_credentials',
+                client_id: this.clientId,
+                client_secret: this.clientSecret,
+                scope: scopes === null || scopes === void 0 ? void 0 : scopes.join(' '),
+            }),
+        });
+        const result = await response.json();
+        // 兼容 ResponseInterceptor 包装格式 { code, data: { access_token } }
+        const tokenData = (_a = result.data) !== null && _a !== void 0 ? _a : result;
+        if (!tokenData.access_token) {
+            throw new Error(`Failed to get service token: ${JSON.stringify(result)}`);
+        }
+        this.serviceToken = {
+            token: tokenData.access_token,
+            expiresAt: Date.now() + tokenData.expires_in * 1000,
+        };
+        return tokenData.access_token;
+    }
+    /**
+     * 根据用户 ID 获取用户信息
+     */
+    async getUserById(userId) {
+        const token = await this.getServiceToken();
+        const response = await fetch(`${this.serviceUrl}/users/${userId}`, {
+            headers: { Authorization: `Bearer ${token}` },
+        });
+        if (!response.ok)
+            return null;
+        const result = await response.json();
+        return result.data;
+    }
+    /**
+     * 刷新 Token
+     */
+    async refreshToken(refreshToken) {
+        var _a;
+        const response = await fetch(`${this.serviceUrl}/oauth/token`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                grant_type: 'refresh_token',
+                refresh_token: refreshToken,
+                client_id: this.clientId,
+                client_secret: this.clientSecret,
+            }),
+        });
+        const result = await response.json();
+        const tokenData = (_a = result.data) !== null && _a !== void 0 ? _a : result;
+        if (!tokenData.access_token) {
+            throw new Error(`Failed to refresh token: ${JSON.stringify(result)}`);
+        }
+        return tokenData;
+    }
+    /**
+     * 吊销 Token
+     */
+    async revokeToken(token) {
+        await fetch(`${this.serviceUrl}/oauth/token/revoke`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ token }),
+        });
+    }
+    // ========== 登录代理方法 ==========
+    /**
+     * 账号密码登录
+     */
+    async loginByPassword(username, password) {
+        const response = await fetch(`${this.serviceUrl}/auth/login/password`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ username, password, clientId: this.clientId }),
+        });
+        const result = await response.json();
+        if (!response.ok) {
+            const err = new Error(result.message || 'Login failed');
+            err.authCode = result.code;
+            throw err;
+        }
+        return result.data;
+    }
+    /**
+     * 短信验证码登录 (含自动注册)
+     */
+    async loginBySms(mobile, code) {
+        const response = await fetch(`${this.serviceUrl}/auth/login/sms`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ mobile, code, clientId: this.clientId }),
+        });
+        const result = await response.json();
+        if (!response.ok) {
+            const err = new Error(result.message || 'SMS login failed');
+            err.authCode = result.code;
+            throw err;
+        }
+        return result.data;
+    }
+    /**
+     * 校验短信验证码（一次性）
+     */
+    async verifySmsCode(mobile, code) {
+        const response = await fetch(`${this.serviceUrl}/sms/verify`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ mobile, code }),
+        });
+        if (!response.ok) {
+            const result = await response.json();
+            const err = new Error(result.message || 'SMS verify failed');
+            err.authCode = result.code;
+            throw err;
+        }
+    }
+    /**
+     * 用户注册 (Auth-Service 内部会校验验证码)
+     */
+    async register(params) {
+        const response = await fetch(`${this.serviceUrl}/auth/register`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ ...params, clientId: this.clientId }),
+        });
+        const result = await response.json();
+        if (!response.ok) {
+            const err = new Error(result.message || 'Register failed');
+            err.authCode = result.code;
+            throw err;
+        }
+        return result.data;
+    }
+    /**
+     * 重置密码 (Auth-Service 内部会校验验证码)
+     */
+    async resetPassword(mobile, code, newPassword) {
+        const response = await fetch(`${this.serviceUrl}/auth/password/reset`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ mobile, code, newPassword }),
+        });
+        if (!response.ok) {
+            const result = await response.json();
+            const err = new Error(result.message || 'Reset password failed');
+            err.authCode = result.code;
+            throw err;
+        }
+    }
+    // ========== 管理端方法 (使用 service token，无需短信验证码) ==========
+    /**
+     * 管理端创建用户 (service token 鉴权，无需短信验证码)
+     */
+    async adminCreateUser(params) {
+        const token = await this.getServiceToken();
+        const response = await fetch(`${this.serviceUrl}/users`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${token}`,
+            },
+            body: JSON.stringify(params),
+        });
+        const result = await response.json();
+        if (!response.ok) {
+            const err = new Error(result.message || 'Admin create user failed');
+            err.authCode = result.code;
+            throw err;
+        }
+        return result.data;
+    }
+    /**
+     * 管理端重置用户密码 (service token 鉴权，无需短信验证码)
+     */
+    async adminResetPassword(userId, newPassword) {
+        const token = await this.getServiceToken();
+        const response = await fetch(`${this.serviceUrl}/users/${userId}/password`, {
+            method: 'PATCH',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${token}`,
+            },
+            body: JSON.stringify({ newPassword }),
+        });
+        if (!response.ok) {
+            const result = await response.json();
+            const err = new Error(result.message || 'Admin reset password failed');
+            err.authCode = result.code;
+            throw err;
+        }
+    }
+    /**
+     * 发送短信验证码
+     */
+    async sendSmsCode(mobile, type) {
+        const response = await fetch(`${this.serviceUrl}/sms/send`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ mobile, type }),
+        });
+        if (!response.ok) {
+            const result = await response.json();
+            const err = new Error(result.message || 'SMS send failed');
+            err.authCode = result.code;
+            throw err;
+        }
+    }
+}
+exports.AuthClient = AuthClient;

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export { AuthClient, AuthClientOptions, TokenPayload, UserInfo, TokenPair, IntrospectResult, LoginResult, AuthServiceError } from './auth-client';
+export { koaAuthMiddleware } from './middleware/koa';
+export { expressAuthMiddleware } from './middleware/express';
+export { AuthGuard, AUTH_CLIENT } from './middleware/nestjs';

package/dist/index.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AUTH_CLIENT = exports.AuthGuard = exports.expressAuthMiddleware = exports.koaAuthMiddleware = exports.AuthClient = void 0;
+var auth_client_1 = require("./auth-client");
+Object.defineProperty(exports, "AuthClient", { enumerable: true, get: function () { return auth_client_1.AuthClient; } });
+var koa_1 = require("./middleware/koa");
+Object.defineProperty(exports, "koaAuthMiddleware", { enumerable: true, get: function () { return koa_1.koaAuthMiddleware; } });
+var express_1 = require("./middleware/express");
+Object.defineProperty(exports, "expressAuthMiddleware", { enumerable: true, get: function () { return express_1.expressAuthMiddleware; } });
+var nestjs_1 = require("./middleware/nestjs");
+Object.defineProperty(exports, "AuthGuard", { enumerable: true, get: function () { return nestjs_1.AuthGuard; } });
+Object.defineProperty(exports, "AUTH_CLIENT", { enumerable: true, get: function () { return nestjs_1.AUTH_CLIENT; } });

package/dist/middleware/express.d.ts

@@ -0,0 +1,19 @@
+import { AuthClient, TokenPayload } from '../auth-client';
+interface ExpressRequest {
+    headers: Record<string, string | undefined>;
+    query: Record<string, string | undefined>;
+    user?: TokenPayload;
+    path: string;
+}
+interface ExpressResponse {
+    status: (code: number) => ExpressResponse;
+    json: (body: any) => void;
+}
+interface ExpressMiddlewareOptions {
+    exclude?: string[];
+}
+/**
+ * Express 认证中间件
+ */
+export declare function expressAuthMiddleware(client: AuthClient, options?: ExpressMiddlewareOptions): (req: ExpressRequest, res: ExpressResponse, next: () => void) => Promise<void>;
+export {};

package/dist/middleware/express.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.expressAuthMiddleware = expressAuthMiddleware;
+/**
+ * Express 认证中间件
+ */
+function expressAuthMiddleware(client, options = {}) {
+    const excludePaths = new Set(options.exclude || []);
+    return async (req, res, next) => {
+        if (excludePaths.has(req.path)) {
+            return next();
+        }
+        const auth = req.headers['authorization'];
+        const token = (auth === null || auth === void 0 ? void 0 : auth.startsWith('Bearer '))
+            ? auth.slice(7)
+            : req.headers['x-access-token'] || req.query.token;
+        if (!token) {
+            return res.status(401).json({ code: 1001, message: 'Unauthorized', data: null });
+        }
+        try {
+            req.user = await client.verifyAccessToken(token);
+            next();
+        }
+        catch (_a) {
+            res.status(401).json({ code: 1001, message: 'Token invalid or expired', data: null });
+        }
+    };
+}

package/dist/middleware/koa.d.ts

@@ -0,0 +1,29 @@
+import { AuthClient } from '../auth-client';
+interface KoaContext {
+    headers: Record<string, string | undefined>;
+    query: Record<string, string | undefined>;
+    state: Record<string, any>;
+    status: number;
+    body: any;
+    path: string;
+}
+interface KoaMiddlewareOptions {
+    /** 排除的路径 (不需要认证) */
+    exclude?: string[];
+    /** Token 从哪些位置提取 */
+    tokenExtractors?: ((ctx: KoaContext) => string | undefined)[];
+}
+/**
+ * Koa 认证中间件
+ * 替换 SaleMember 中的 bootstrap/logics/auth.js
+ *
+ * 用法:
+ * ```
+ * const { AuthClient, koaAuthMiddleware } = require('@siketech/auth-sdk');
+ * const authClient = new AuthClient({ serviceUrl, clientId, clientSecret, publicKey });
+ * app.use(koaAuthMiddleware(authClient, { exclude: ['/health'] }));
+ * // 验证后 ctx.state.admin = payload (兼容现有代码)
+ * ```
+ */
+export declare function koaAuthMiddleware(client: AuthClient, options?: KoaMiddlewareOptions): (ctx: KoaContext, next: () => Promise<void>) => Promise<void>;
+export {};

package/dist/middleware/koa.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.koaAuthMiddleware = koaAuthMiddleware;
+const defaultExtractors = [
+    (ctx) => {
+        const auth = ctx.headers['authorization'];
+        if (auth === null || auth === void 0 ? void 0 : auth.startsWith('Bearer '))
+            return auth.slice(7);
+        return undefined;
+    },
+    (ctx) => ctx.headers['x-access-token'],
+    (ctx) => ctx.headers['access-token'],
+    (ctx) => ctx.headers['access_token'],
+    (ctx) => ctx.query.token,
+];
+/**
+ * Koa 认证中间件
+ * 替换 SaleMember 中的 bootstrap/logics/auth.js
+ *
+ * 用法:
+ * ```
+ * const { AuthClient, koaAuthMiddleware } = require('@siketech/auth-sdk');
+ * const authClient = new AuthClient({ serviceUrl, clientId, clientSecret, publicKey });
+ * app.use(koaAuthMiddleware(authClient, { exclude: ['/health'] }));
+ * // 验证后 ctx.state.admin = payload (兼容现有代码)
+ * ```
+ */
+function koaAuthMiddleware(client, options = {}) {
+    const extractors = options.tokenExtractors || defaultExtractors;
+    const excludePaths = new Set(options.exclude || []);
+    return async (ctx, next) => {
+        // 跳过排除路径
+        if (excludePaths.has(ctx.path)) {
+            return next();
+        }
+        // 提取 token
+        let token;
+        for (const extractor of extractors) {
+            token = extractor(ctx);
+            if (token)
+                break;
+        }
+        if (!token) {
+            ctx.status = 401;
+            ctx.body = { code: 1001, message: '当前登录身份已失效，请重新登录！', data: null };
+            return;
+        }
+        try {
+            const payload = await client.verifyAccessToken(token);
+            // 兼容 SaleMember 现有代码: ctx.state.admin
+            ctx.state.admin = {
+                _id: payload.sub,
+                id: payload.sub,
+                username: payload.username,
+                roles: payload.roles,
+                ...payload,
+            };
+            ctx.state.user = payload;
+            return next();
+        }
+        catch (_a) {
+            ctx.status = 401;
+            ctx.body = { code: 1001, message: '当前登录身份已失效，请重新登录！', data: null };
+        }
+    };
+}

package/dist/middleware/nestjs.d.ts

@@ -0,0 +1,24 @@
+import { AuthClient } from '../auth-client';
+export declare const AUTH_CLIENT = "AUTH_CLIENT";
+/**
+ * NestJS Guard
+ *
+ * 用法:
+ * ```
+ * // app.module.ts
+ * {
+ *   provide: AUTH_CLIENT,
+ *   useFactory: () => new AuthClient({ serviceUrl, clientId, clientSecret, publicKey }),
+ * }
+ *
+ * // controller
+ * @UseGuards(AuthGuard)
+ * @Controller('xxx')
+ * export class XxxController { ... }
+ * ```
+ */
+export declare class AuthGuard {
+    private readonly client;
+    constructor(client: AuthClient);
+    canActivate(context: any): Promise<boolean>;
+}

package/dist/middleware/nestjs.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthGuard = exports.AUTH_CLIENT = void 0;
+exports.AUTH_CLIENT = 'AUTH_CLIENT';
+/**
+ * NestJS Guard
+ *
+ * 用法:
+ * ```
+ * // app.module.ts
+ * {
+ *   provide: AUTH_CLIENT,
+ *   useFactory: () => new AuthClient({ serviceUrl, clientId, clientSecret, publicKey }),
+ * }
+ *
+ * // controller
+ * @UseGuards(AuthGuard)
+ * @Controller('xxx')
+ * export class XxxController { ... }
+ * ```
+ */
+class AuthGuard {
+    constructor(client) {
+        this.client = client;
+    }
+    async canActivate(context) {
+        var _a;
+        const request = context.switchToHttp().getRequest();
+        const auth = request.headers['authorization'];
+        const token = (auth === null || auth === void 0 ? void 0 : auth.startsWith('Bearer '))
+            ? auth.slice(7)
+            : request.headers['x-access-token'] || ((_a = request.query) === null || _a === void 0 ? void 0 : _a.token);
+        if (!token)
+            return false;
+        try {
+            const payload = await this.client.verifyAccessToken(token);
+            request.user = payload;
+            return true;
+        }
+        catch (_b) {
+            return false;
+        }
+    }
+}
+exports.AuthGuard = AuthGuard;

package/package.json

@@ -0,0 +1,37 @@
+{
+  "name": "@scorehub/auth-sdk",
+  "version": "1.1.0",
+  "description": "Auth-Service SDK for Node.js applications",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/",
+    "access": "public"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "jsonwebtoken": "^9.0.0"
+  },
+  "devDependencies": {
+    "@types/jsonwebtoken": "^9.0.0",
+    "typescript": "^5.0.0"
+  },
+  "peerDependencies": {
+    "koa": ">=2.0.0",
+    "express": ">=4.0.0"
+  },
+  "peerDependenciesMeta": {
+    "koa": {
+      "optional": true
+    },
+    "express": {
+      "optional": true
+    }
+  }
+}