@serve.zone/dcrouter 11.0.50 → 11.2.0

package/dist_ts_apiclient/classes.stats.d.ts

@@ -0,0 +1,47 @@
+import * as interfaces from '../dist_ts_interfaces/index.js';
+import type { DcRouterApiClient } from './classes.dcrouterapiclient.js';
+type TTimeRange = '1h' | '6h' | '24h' | '7d' | '30d';
+export declare class StatsManager {
+    private clientRef;
+    constructor(clientRef: DcRouterApiClient);
+    getServer(options?: {
+        timeRange?: TTimeRange;
+        includeHistory?: boolean;
+    }): Promise<interfaces.requests.IReq_GetServerStatistics['response']>;
+    getEmail(options?: {
+        timeRange?: TTimeRange;
+        domain?: string;
+        includeDetails?: boolean;
+    }): Promise<interfaces.requests.IReq_GetEmailStatistics['response']>;
+    getDns(options?: {
+        timeRange?: TTimeRange;
+        domain?: string;
+        includeQueryTypes?: boolean;
+    }): Promise<interfaces.requests.IReq_GetDnsStatistics['response']>;
+    getRateLimits(options?: {
+        domain?: string;
+        ip?: string;
+        includeBlocked?: boolean;
+    }): Promise<interfaces.requests.IReq_GetRateLimitStatus['response']>;
+    getSecurity(options?: {
+        timeRange?: TTimeRange;
+        includeDetails?: boolean;
+    }): Promise<interfaces.requests.IReq_GetSecurityMetrics['response']>;
+    getConnections(options?: {
+        protocol?: 'smtp' | 'smtps' | 'http' | 'https';
+        state?: string;
+    }): Promise<interfaces.requests.IReq_GetActiveConnections['response']>;
+    getQueues(options?: {
+        queueName?: string;
+    }): Promise<interfaces.requests.IReq_GetQueueStatus['response']>;
+    getHealth(detailed?: boolean): Promise<interfaces.requests.IReq_GetHealthStatus['response']>;
+    getNetwork(): Promise<interfaces.requests.IReq_GetNetworkStats['response']>;
+    getCombined(sections?: {
+        server?: boolean;
+        email?: boolean;
+        dns?: boolean;
+        security?: boolean;
+        network?: boolean;
+    }): Promise<interfaces.requests.IReq_GetCombinedMetrics['response']>;
+}
+export {};

package/dist_ts_apiclient/classes.stats.js

@@ -0,0 +1,38 @@
+import * as interfaces from '../dist_ts_interfaces/index.js';
+export class StatsManager {
+    clientRef;
+    constructor(clientRef) {
+        this.clientRef = clientRef;
+    }
+    async getServer(options) {
+        return this.clientRef.request('getServerStatistics', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getEmail(options) {
+        return this.clientRef.request('getEmailStatistics', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getDns(options) {
+        return this.clientRef.request('getDnsStatistics', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getRateLimits(options) {
+        return this.clientRef.request('getRateLimitStatus', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getSecurity(options) {
+        return this.clientRef.request('getSecurityMetrics', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getConnections(options) {
+        return this.clientRef.request('getActiveConnections', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getQueues(options) {
+        return this.clientRef.request('getQueueStatus', this.clientRef.buildRequestPayload(options || {}));
+    }
+    async getHealth(detailed) {
+        return this.clientRef.request('getHealthStatus', this.clientRef.buildRequestPayload({ detailed }));
+    }
+    async getNetwork() {
+        return this.clientRef.request('getNetworkStats', this.clientRef.buildRequestPayload());
+    }
+    async getCombined(sections) {
+        return this.clientRef.request('getCombinedMetrics', this.clientRef.buildRequestPayload({ sections }));
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5zdGF0cy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3RzX2FwaWNsaWVudC9jbGFzc2VzLnN0YXRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxVQUFVLE1BQU0sMkJBQTJCLENBQUM7QUFLeEQsTUFBTSxPQUFPLFlBQVk7SUFDZixTQUFTLENBQW9CO0lBRXJDLFlBQVksU0FBNEI7UUFDdEMsSUFBSSxDQUFDLFNBQVMsR0FBRyxTQUFTLENBQUM7SUFDN0IsQ0FBQztJQUVNLEtBQUssQ0FBQyxTQUFTLENBQUMsT0FHdEI7UUFDQyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUMzQixxQkFBcUIsRUFDckIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFRLENBQ3pELENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLFFBQVEsQ0FBQyxPQUlyQjtRQUNDLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQzNCLG9CQUFvQixFQUNwQixJQUFJLENBQUMsU0FBUyxDQUFDLG1CQUFtQixDQUFDLE9BQU8sSUFBSSxFQUFFLENBQVEsQ0FDekQsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsTUFBTSxDQUFDLE9BSW5CO1FBQ0MsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FDM0Isa0JBQWtCLEVBQ2xCLElBQUksQ0FBQyxTQUFTLENBQUMsbUJBQW1CLENBQUMsT0FBTyxJQUFJLEVBQUUsQ0FBUSxDQUN6RCxDQUFDO0lBQ0osQ0FBQztJQUVNLEtBQUssQ0FBQyxhQUFhLENBQUMsT0FJMUI7UUFDQyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUMzQixvQkFBb0IsRUFDcEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFRLENBQ3pELENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUd4QjtRQUNDLE9BQU8sSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQzNCLG9CQUFvQixFQUNwQixJQUFJLENBQUMsU0FBUyxDQUFDLG1CQUFtQixDQUFDLE9BQU8sSUFBSSxFQUFFLENBQVEsQ0FDekQsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsY0FBYyxDQUFDLE9BRzNCO1FBQ0MsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FDM0Isc0JBQXNCLEVBQ3RCLElBQUksQ0FBQyxTQUFTLENBQUMsbUJBQW1CLENBQUMsT0FBTyxJQUFJLEVBQUUsQ0FBUSxDQUN6RCxDQUFDO0lBQ0osQ0FBQztJQUVNLEtBQUssQ0FBQyxTQUFTLENBQUMsT0FFdEI7UUFDQyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUMzQixnQkFBZ0IsRUFDaEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFRLENBQ3pELENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLFNBQVMsQ0FBQyxRQUFrQjtRQUN2QyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUMzQixpQkFBaUIsRUFDakIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxFQUFFLFFBQVEsRUFBRSxDQUFRLENBQ3hELENBQUM7SUFDSixDQUFDO0lBRU0sS0FBSyxDQUFDLFVBQVU7UUFDckIsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FDM0IsaUJBQWlCLEVBQ2pCLElBQUksQ0FBQyxTQUFTLENBQUMsbUJBQW1CLEVBQVMsQ0FDNUMsQ0FBQztJQUNKLENBQUM7SUFFTSxLQUFLLENBQUMsV0FBVyxDQUFDLFFBTXhCO1FBQ0MsT0FBTyxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FDM0Isb0JBQW9CLEVBQ3BCLElBQUksQ0FBQyxTQUFTLENBQUMsbUJBQW1CLENBQUMsRUFBRSxRQUFRLEVBQUUsQ0FBUSxDQUN4RCxDQUFDO0lBQ0osQ0FBQztDQUNGIn0=

package/dist_ts_apiclient/index.d.ts

@@ -0,0 +1,10 @@
+export { DcRouterApiClient, type IDcRouterApiClientOptions } from './classes.dcrouterapiclient.js';
+export { Route, RouteBuilder, RouteManager } from './classes.route.js';
+export { Certificate, CertificateManager, type ICertificateSummary } from './classes.certificate.js';
+export { ApiToken, ApiTokenBuilder, ApiTokenManager } from './classes.apitoken.js';
+export { RemoteIngress, RemoteIngressBuilder, RemoteIngressManager } from './classes.remoteingress.js';
+export { Email, EmailManager } from './classes.email.js';
+export { StatsManager } from './classes.stats.js';
+export { ConfigManager } from './classes.config.js';
+export { LogManager } from './classes.logs.js';
+export { RadiusManager, RadiusClientManager, RadiusVlanManager, RadiusSessionManager } from './classes.radius.js';

package/dist_ts_apiclient/index.js

@@ -0,0 +1,14 @@
+// Main client
+export { DcRouterApiClient } from './classes.dcrouterapiclient.js';
+// Resource classes
+export { Route, RouteBuilder, RouteManager } from './classes.route.js';
+export { Certificate, CertificateManager } from './classes.certificate.js';
+export { ApiToken, ApiTokenBuilder, ApiTokenManager } from './classes.apitoken.js';
+export { RemoteIngress, RemoteIngressBuilder, RemoteIngressManager } from './classes.remoteingress.js';
+export { Email, EmailManager } from './classes.email.js';
+// Read-only managers
+export { StatsManager } from './classes.stats.js';
+export { ConfigManager } from './classes.config.js';
+export { LogManager } from './classes.logs.js';
+export { RadiusManager, RadiusClientManager, RadiusVlanManager, RadiusSessionManager } from './classes.radius.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90c19hcGljbGllbnQvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYztBQUNkLE9BQU8sRUFBRSxpQkFBaUIsRUFBa0MsTUFBTSxnQ0FBZ0MsQ0FBQztBQUVuRyxtQkFBbUI7QUFDbkIsT0FBTyxFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsWUFBWSxFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFDdkUsT0FBTyxFQUFFLFdBQVcsRUFBRSxrQkFBa0IsRUFBNEIsTUFBTSwwQkFBMEIsQ0FBQztBQUNyRyxPQUFPLEVBQUUsUUFBUSxFQUFFLGVBQWUsRUFBRSxlQUFlLEVBQUUsTUFBTSx1QkFBdUIsQ0FBQztBQUNuRixPQUFPLEVBQUUsYUFBYSxFQUFFLG9CQUFvQixFQUFFLG9CQUFvQixFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDdkcsT0FBTyxFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUV6RCxxQkFBcUI7QUFDckIsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLG9CQUFvQixDQUFDO0FBQ2xELE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUNwRCxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDL0MsT0FBTyxFQUFFLGFBQWEsRUFBRSxtQkFBbUIsRUFBRSxpQkFBaUIsRUFBRSxvQkFBb0IsRUFBRSxNQUFNLHFCQUFxQixDQUFDIn0=

package/dist_ts_apiclient/plugins.d.ts

@@ -0,0 +1,3 @@
+import * as typedrequest from '@api.global/typedrequest';
+import * as typedrequestInterfaces from '@api.global/typedrequest-interfaces';
+export { typedrequest, typedrequestInterfaces, };

package/dist_ts_apiclient/plugins.js

@@ -0,0 +1,5 @@
+// @api.global scope
+import * as typedrequest from '@api.global/typedrequest';
+import * as typedrequestInterfaces from '@api.global/typedrequest-interfaces';
+export { typedrequest, typedrequestInterfaces, };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGx1Z2lucy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3RzX2FwaWNsaWVudC9wbHVnaW5zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLG9CQUFvQjtBQUNwQixPQUFPLEtBQUssWUFBWSxNQUFNLDBCQUEwQixDQUFDO0FBQ3pELE9BQU8sS0FBSyxzQkFBc0IsTUFBTSxxQ0FBcUMsQ0FBQztBQUU5RSxPQUFPLEVBQ0wsWUFBWSxFQUNaLHNCQUFzQixHQUN2QixDQUFDIn0=

package/dist_ts_web/00_commitinfo_data.js

@@ -3,7 +3,7 @@
  */
 export const commitinfo = {
     name: '@serve.zone/dcrouter',
-    version: '11.0.50',
+    version: '11.2.0',
     description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHNfd2ViLzAwX2NvbW1pdGluZm9fZGF0YS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLFVBQVUsR0FBRztJQUN4QixJQUFJLEVBQUUsc0JBQXNCO0lBQzVCLE9BQU8sRUFBRSxTQUFTO0lBQ2xCLFdBQVcsRUFBRSwwRUFBMEU7Q0FDeEYsQ0FBQSJ9
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHNfd2ViLzAwX2NvbW1pdGluZm9fZGF0YS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLFVBQVUsR0FBRztJQUN4QixJQUFJLEVBQUUsc0JBQXNCO0lBQzVCLE9BQU8sRUFBRSxRQUFRO0lBQ2pCLFdBQVcsRUFBRSwwRUFBMEU7Q0FDeEYsQ0FBQSJ9

package/npmextra.json

@@ -22,7 +22,8 @@
         "to": "./dist_serve/bundle.js",
         "outputMode": "bundle",
         "bundler": "esbuild",
-        "production": true
+        "production": true,
+        "includeFiles": ["./html/**/*.html"]
       }
     ]
   },

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@serve.zone/dcrouter",
   "private": false,
-  "version": "11.0.50",
+  "version": "11.2.0",
   "description": "A multifaceted routing service handling mail and SMS delivery functions.",
   "type": "module",
   "exports": {
     ".": "./dist_ts/index.js",
-    "./interfaces": "./dist_ts_interfaces/index.js"
+    "./interfaces": "./dist_ts_interfaces/index.js",
+    "./apiclient": "./dist_ts_apiclient/index.js"
   },
   "author": "Task Venture Capital GmbH",
   "license": "MIT",
@@ -19,12 +20,12 @@
     "watch": "tswatch"
   },
   "devDependencies": {
-    "@git.zone/tsbuild": "^4.2.4",
-    "@git.zone/tsbundle": "^2.9.0",
+    "@git.zone/tsbuild": "^4.3.0",
+    "@git.zone/tsbundle": "^2.9.1",
     "@git.zone/tsrun": "^2.0.1",
     "@git.zone/tstest": "^3.2.0",
     "@git.zone/tswatch": "^3.2.5",
-    "@types/node": "^25.3.3"
+    "@types/node": "^25.3.5"
   },
   "dependencies": {
     "@api.global/typedrequest": "^3.3.0",
@@ -100,10 +101,12 @@
   "files": [
     "ts/**/*",
     "ts_web/**/*",
+    "ts_apiclient/**/*",
     "dist/**/*",
     "dist_*/**/*",
     "dist_ts/**/*",
     "dist_ts_web/**/*",
+    "dist_ts_apiclient/**/*",
     "assets/**/*",
     "cli.js",
     "npmextra.json",

package/readme.md

@@ -26,6 +26,7 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
 - [Storage & Caching](#storage--caching)
 - [Security Features](#security-features)
 - [OpsServer Dashboard](#opsserver-dashboard)
+- [API Client](#api-client)
 - [API Reference](#api-reference)
 - [Sub-Modules](#sub-modules)
 - [Testing](#testing)
@@ -90,6 +91,13 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
 - **Remote ingress management** with connection token generation and one-click copy
 - **Read-only configuration display** — DcRouter is configured through code
 
+### 🔧 Programmatic API Client
+- **Object-oriented API** — resource classes (`Route`, `Certificate`, `ApiToken`, `RemoteIngress`, `Email`) with instance methods
+- **Builder pattern** — fluent `.setName().setMatch().save()` chains for creating routes, tokens, and edges
+- **Auto-injected auth** — JWT identity and API tokens included automatically in every request
+- **Dual auth modes** — login with credentials (JWT) or pass an API token for programmatic access
+- **Full coverage** — wraps every OpsServer endpoint with typed request/response pairs
+
 ## Installation
 
 ```bash
@@ -1038,12 +1046,9 @@ All management is done via TypedRequest over HTTP POST to `/typedrequest`:
 'getCombinedMetrics'                   // All metrics in one call
 
 // Email Operations
-'getQueuedEmails'                      // Emails pending delivery
-'getSentEmails'                        // Successfully delivered emails
-'getFailedEmails'                      // Failed emails
+'getAllEmails'                          // List all emails (queued/sent/failed)
+'getEmailDetail'                       // Full detail for a specific email
 'resendEmail'                          // Re-queue a failed email
-'getBounceRecords'                     // Bounce records
-'removeFromSuppressionList'            // Unsuppress an address
 
 // Certificates
 'getCertificateOverview'               // Domain-centric certificate status
@@ -1062,11 +1067,28 @@ All management is done via TypedRequest over HTTP POST to `/typedrequest`:
 'getRemoteIngressStatus'               // Runtime status of all edges
 'getRemoteIngressConnectionToken'      // Generate a connection token for an edge
 
+// Route Management (JWT or API token auth)
+'getMergedRoutes'                      // List all routes (hardcoded + programmatic)
+'createRoute'                          // Create a new programmatic route
+'updateRoute'                          // Update a programmatic route
+'deleteRoute'                          // Delete a programmatic route
+'toggleRoute'                          // Enable/disable a programmatic route
+'setRouteOverride'                     // Override a hardcoded route
+'removeRouteOverride'                  // Remove a hardcoded route override
+
+// API Token Management (admin JWT only)
+'createApiToken'                       // Create API token → returns raw value once
+'listApiTokens'                        // List all tokens (without secrets)
+'revokeApiToken'                       // Delete an API token
+'rollApiToken'                         // Regenerate token secret
+'toggleApiToken'                       // Enable/disable a token
+
 // Configuration (read-only)
 'getConfiguration'                     // Current system config
 
 // Logs
-'getLogs'                              // Retrieve system logs
+'getRecentLogs'                        // Retrieve system logs with filtering
+'getLogStream'                         // Stream live logs
 
 // RADIUS
 'getRadiusSessions'                    // Active RADIUS sessions
@@ -1080,6 +1102,77 @@ All management is done via TypedRequest over HTTP POST to `/typedrequest`:
 'testVlanAssignment'                   // Test what VLAN a MAC gets
 ```
 
+## API Client
+
+DcRouter ships with a typed, object-oriented API client for programmatic management of a running instance. Install it separately or import from the main package:
+
+```bash
+pnpm add @serve.zone/dcrouter-apiclient
+# or import from the main package:
+# import { DcRouterApiClient } from '@serve.zone/dcrouter/apiclient';
+```
+
+### Quick Example
+
+```typescript
+import { DcRouterApiClient } from '@serve.zone/dcrouter/apiclient';
+
+const client = new DcRouterApiClient({ baseUrl: 'https://dcrouter.example.com' });
+await client.login('admin', 'password');
+
+// OO resource instances with methods
+const { routes } = await client.routes.list();
+await routes[0].toggle(false);
+
+// Builder pattern for creation
+const newRoute = await client.routes.build()
+  .setName('api-gateway')
+  .setMatch({ ports: 443, domains: ['api.example.com'] })
+  .setAction({ type: 'forward', targets: [{ host: 'backend', port: 8080 }] })
+  .setTls({ mode: 'terminate', certificate: 'auto' })
+  .save();
+
+// Manage certificates
+const { certificates, summary } = await client.certificates.list();
+await certificates[0].reprovision();
+
+// Create API tokens with builder
+const token = await client.apiTokens.build()
+  .setName('ci-token')
+  .setScopes(['routes:read', 'routes:write'])
+  .setExpiresInDays(90)
+  .save();
+console.log(token.tokenValue); // only available at creation
+
+// Remote ingress edges
+const edge = await client.remoteIngress.build()
+  .setName('edge-nyc-01')
+  .setListenPorts([80, 443])
+  .save();
+const connToken = await edge.getConnectionToken();
+
+// Read-only managers
+const health = await client.stats.getHealth();
+const config = await client.config.get();
+const { logs } = await client.logs.getRecent({ level: 'error', limit: 50 });
+```
+
+### Resource Managers
+
+| Manager | Operations |
+|---------|-----------|
+| `client.routes` | `list()`, `create()`, `build()` → Route: `update()`, `delete()`, `toggle()`, `setOverride()`, `removeOverride()` |
+| `client.certificates` | `list()`, `import()` → Certificate: `reprovision()`, `delete()`, `export()` |
+| `client.apiTokens` | `list()`, `create()`, `build()` → ApiToken: `revoke()`, `roll()`, `toggle()` |
+| `client.remoteIngress` | `list()`, `getStatuses()`, `create()`, `build()` → RemoteIngress: `update()`, `delete()`, `regenerateSecret()`, `getConnectionToken()` |
+| `client.stats` | `getServer()`, `getEmail()`, `getDns()`, `getSecurity()`, `getConnections()`, `getQueues()`, `getHealth()`, `getNetwork()`, `getCombined()` |
+| `client.config` | `get(section?)` |
+| `client.logs` | `getRecent()`, `getStream()` |
+| `client.emails` | `list()` → Email: `getDetail()`, `resend()` |
+| `client.radius` | `.clients`, `.vlans`, `.sessions` sub-managers + `getStatistics()`, `getAccountingSummary()` |
+
+See the [full API client documentation](./ts_apiclient/readme.md) for detailed usage of every manager, builder, and resource class.
+
 ## API Reference
 
 ### DcRouter Class
@@ -1144,12 +1237,14 @@ DcRouter is published as a monorepo with separately-installable interface and we
 |---------|-------------|---------|
 | [`@serve.zone/dcrouter`](https://www.npmjs.com/package/@serve.zone/dcrouter) | Main package — the full router | `pnpm add @serve.zone/dcrouter` |
 | [`@serve.zone/dcrouter-interfaces`](https://www.npmjs.com/package/@serve.zone/dcrouter-interfaces) | TypedRequest interfaces for the OpsServer API | `pnpm add @serve.zone/dcrouter-interfaces` |
+| [`@serve.zone/dcrouter-apiclient`](https://www.npmjs.com/package/@serve.zone/dcrouter-apiclient) | OO API client with builder pattern | `pnpm add @serve.zone/dcrouter-apiclient` |
 | [`@serve.zone/dcrouter-web`](https://www.npmjs.com/package/@serve.zone/dcrouter-web) | Web dashboard components | `pnpm add @serve.zone/dcrouter-web` |
 
-You can also import interfaces directly from the main package:
+You can also import directly from the main package:
 
 ```typescript
 import { data, requests } from '@serve.zone/dcrouter/interfaces';
+import { DcRouterApiClient } from '@serve.zone/dcrouter/apiclient';
 ```
 
 ## Testing
@@ -1171,6 +1266,7 @@ tstest test/test.opsserver-api.ts --verbose --timeout 60
 
 | Test File | Area | Tests |
 |-----------|------|-------|
+| `test.apiclient.ts` | API client instantiation, builders, resource hydration, exports | 18 |
 | `test.contentscanner.ts` | Content scanning (spam, phishing, malware, attachments) | 13 |
 | `test.dcrouter.email.ts` | Email config, domain and route setup | 4 |
 | `test.dns-server-config.ts` | DNS record parsing, grouping, extraction | 5 |

package/ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '11.0.50',
+  version: '11.2.0',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

package/ts_apiclient/classes.apitoken.ts

@@ -0,0 +1,157 @@
+import * as interfaces from '../ts_interfaces/index.js';
+import type { DcRouterApiClient } from './classes.dcrouterapiclient.js';
+
+export class ApiToken {
+  private clientRef: DcRouterApiClient;
+
+  // Data from IApiTokenInfo
+  public id: string;
+  public name: string;
+  public scopes: interfaces.data.TApiTokenScope[];
+  public createdAt: number;
+  public expiresAt: number | null;
+  public lastUsedAt: number | null;
+  public enabled: boolean;
+
+  /** Only set on creation or roll. Not persisted on server side. */
+  public tokenValue?: string;
+
+  constructor(clientRef: DcRouterApiClient, data: interfaces.data.IApiTokenInfo, tokenValue?: string) {
+    this.clientRef = clientRef;
+    this.id = data.id;
+    this.name = data.name;
+    this.scopes = data.scopes;
+    this.createdAt = data.createdAt;
+    this.expiresAt = data.expiresAt;
+    this.lastUsedAt = data.lastUsedAt;
+    this.enabled = data.enabled;
+    this.tokenValue = tokenValue;
+  }
+
+  public async revoke(): Promise<void> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_RevokeApiToken>(
+      'revokeApiToken',
+      this.clientRef.buildRequestPayload({ id: this.id }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to revoke token');
+    }
+  }
+
+  public async roll(): Promise<string> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_RollApiToken>(
+      'rollApiToken',
+      this.clientRef.buildRequestPayload({ id: this.id }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to roll token');
+    }
+    this.tokenValue = response.tokenValue;
+    return response.tokenValue!;
+  }
+
+  public async toggle(enabled: boolean): Promise<void> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_ToggleApiToken>(
+      'toggleApiToken',
+      this.clientRef.buildRequestPayload({ id: this.id, enabled }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to toggle token');
+    }
+    this.enabled = enabled;
+  }
+}
+
+export class ApiTokenBuilder {
+  private clientRef: DcRouterApiClient;
+  private tokenName: string = '';
+  private tokenScopes: interfaces.data.TApiTokenScope[] = [];
+  private tokenExpiresInDays?: number | null;
+
+  constructor(clientRef: DcRouterApiClient) {
+    this.clientRef = clientRef;
+  }
+
+  public setName(name: string): this {
+    this.tokenName = name;
+    return this;
+  }
+
+  public setScopes(scopes: interfaces.data.TApiTokenScope[]): this {
+    this.tokenScopes = scopes;
+    return this;
+  }
+
+  public addScope(scope: interfaces.data.TApiTokenScope): this {
+    if (!this.tokenScopes.includes(scope)) {
+      this.tokenScopes.push(scope);
+    }
+    return this;
+  }
+
+  public setExpiresInDays(days: number | null): this {
+    this.tokenExpiresInDays = days;
+    return this;
+  }
+
+  public async save(): Promise<ApiToken> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_CreateApiToken>(
+      'createApiToken',
+      this.clientRef.buildRequestPayload({
+        name: this.tokenName,
+        scopes: this.tokenScopes,
+        expiresInDays: this.tokenExpiresInDays,
+      }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to create API token');
+    }
+    return new ApiToken(
+      this.clientRef,
+      {
+        id: response.tokenId!,
+        name: this.tokenName,
+        scopes: this.tokenScopes,
+        createdAt: Date.now(),
+        expiresAt: this.tokenExpiresInDays
+          ? Date.now() + this.tokenExpiresInDays * 24 * 60 * 60 * 1000
+          : null,
+        lastUsedAt: null,
+        enabled: true,
+      },
+      response.tokenValue,
+    );
+  }
+}
+
+export class ApiTokenManager {
+  private clientRef: DcRouterApiClient;
+
+  constructor(clientRef: DcRouterApiClient) {
+    this.clientRef = clientRef;
+  }
+
+  public async list(): Promise<ApiToken[]> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_ListApiTokens>(
+      'listApiTokens',
+      this.clientRef.buildRequestPayload() as any,
+    );
+    return response.tokens.map((t) => new ApiToken(this.clientRef, t));
+  }
+
+  public async create(options: {
+    name: string;
+    scopes: interfaces.data.TApiTokenScope[];
+    expiresInDays?: number | null;
+  }): Promise<ApiToken> {
+    return this.build()
+      .setName(options.name)
+      .setScopes(options.scopes)
+      .setExpiresInDays(options.expiresInDays ?? null)
+      .save();
+  }
+
+  public build(): ApiTokenBuilder {
+    return new ApiTokenBuilder(this.clientRef);
+  }
+}

package/ts_apiclient/classes.certificate.ts

@@ -0,0 +1,123 @@
+import * as interfaces from '../ts_interfaces/index.js';
+import type { DcRouterApiClient } from './classes.dcrouterapiclient.js';
+
+export class Certificate {
+  private clientRef: DcRouterApiClient;
+
+  // Data from ICertificateInfo
+  public domain: string;
+  public routeNames: string[];
+  public status: interfaces.requests.TCertificateStatus;
+  public source: interfaces.requests.TCertificateSource;
+  public tlsMode: 'terminate' | 'terminate-and-reencrypt' | 'passthrough';
+  public expiryDate?: string;
+  public issuer?: string;
+  public issuedAt?: string;
+  public error?: string;
+  public canReprovision: boolean;
+  public backoffInfo?: {
+    failures: number;
+    retryAfter?: string;
+    lastError?: string;
+  };
+
+  constructor(clientRef: DcRouterApiClient, data: interfaces.requests.ICertificateInfo) {
+    this.clientRef = clientRef;
+    this.domain = data.domain;
+    this.routeNames = data.routeNames;
+    this.status = data.status;
+    this.source = data.source;
+    this.tlsMode = data.tlsMode;
+    this.expiryDate = data.expiryDate;
+    this.issuer = data.issuer;
+    this.issuedAt = data.issuedAt;
+    this.error = data.error;
+    this.canReprovision = data.canReprovision;
+    this.backoffInfo = data.backoffInfo;
+  }
+
+  public async reprovision(): Promise<void> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_ReprovisionCertificateDomain>(
+      'reprovisionCertificateDomain',
+      this.clientRef.buildRequestPayload({ domain: this.domain }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to reprovision certificate');
+    }
+  }
+
+  public async delete(): Promise<void> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_DeleteCertificate>(
+      'deleteCertificate',
+      this.clientRef.buildRequestPayload({ domain: this.domain }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to delete certificate');
+    }
+  }
+
+  public async export(): Promise<{
+    id: string;
+    domainName: string;
+    created: number;
+    validUntil: number;
+    privateKey: string;
+    publicKey: string;
+    csr: string;
+  } | undefined> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_ExportCertificate>(
+      'exportCertificate',
+      this.clientRef.buildRequestPayload({ domain: this.domain }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to export certificate');
+    }
+    return response.cert;
+  }
+}
+
+export interface ICertificateSummary {
+  total: number;
+  valid: number;
+  expiring: number;
+  expired: number;
+  failed: number;
+  unknown: number;
+}
+
+export class CertificateManager {
+  private clientRef: DcRouterApiClient;
+
+  constructor(clientRef: DcRouterApiClient) {
+    this.clientRef = clientRef;
+  }
+
+  public async list(): Promise<{ certificates: Certificate[]; summary: ICertificateSummary }> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_GetCertificateOverview>(
+      'getCertificateOverview',
+      this.clientRef.buildRequestPayload() as any,
+    );
+    return {
+      certificates: response.certificates.map((c) => new Certificate(this.clientRef, c)),
+      summary: response.summary,
+    };
+  }
+
+  public async import(cert: {
+    id: string;
+    domainName: string;
+    created: number;
+    validUntil: number;
+    privateKey: string;
+    publicKey: string;
+    csr: string;
+  }): Promise<void> {
+    const response = await this.clientRef.request<interfaces.requests.IReq_ImportCertificate>(
+      'importCertificate',
+      this.clientRef.buildRequestPayload({ cert }) as any,
+    );
+    if (!response.success) {
+      throw new Error(response.message || 'Failed to import certificate');
+    }
+  }
+}