npm - @simplysm/service-server - Versions diffs - 13.0.97 → 13.0.98 - Mend

@simplysm/service-server 13.0.97 → 13.0.98

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,98 @@
+# @simplysm/service-server
+Service module (server) -- Fastify-based service server with WebSocket support, JWT authentication, and built-in ORM/SMTP/auto-update services.
+## Installation
+```bash
+npm install @simplysm/service-server
+```
+## Exports
+```typescript
+import {
+  // Main
+  ServiceServer,
+  createServiceServer,
+  type ServiceServerOptions,
+  // Auth
+  type AuthTokenPayload,
+  signJwt,
+  verifyJwt,
+  decodeJwt,
+  // Core
+  type ServiceContext,
+  createServiceContext,
+  getServiceAuthPermissions,
+  auth,
+  type ServiceDefinition,
+  defineService,
+  type ServiceMethods,
+  executeServiceMethod,
+  // Transport - Socket
+  type WebSocketHandler,
+  createWebSocketHandler,
+  type ServiceSocket,
+  createServiceSocket,
+  // Transport - HTTP
+  handleHttpRequest,
+  handleUpload,
+  handleStaticFile,
+  // Protocol
+  type ServerProtocolWrapper,
+  createServerProtocolWrapper,
+  // Services
+  OrmService,
+  type OrmServiceType,
+  AutoUpdateService,
+  type AutoUpdateServiceType,
+  SmtpClientService,
+  type SmtpClientServiceType,
+  // Utils
+  getConfig,
+  // Legacy
+  handleV1Connection,
+} from "@simplysm/service-server";
+```
+## Quick Start
+```typescript
+import {
+  createServiceServer,
+  defineService,
+  auth,
+  OrmService,
+  AutoUpdateService,
+} from "@simplysm/service-server";
+// Define a custom service
+const HealthService = defineService("Health", (ctx) => ({
+  check: () => ({ status: "ok" }),
+}));
+// Define an authenticated service
+const UserService = defineService("User", auth((ctx) => ({
+  getProfile: () => ctx.authInfo,
+  adminOnly: auth(["admin"], () => "admin-only data"),
+})));
+// Create and start server
+const server = createServiceServer({
+  rootPath: "/app",
+  port: 3000,
+  auth: { jwtSecret: "my-secret" },
+  services: [HealthService, UserService, OrmService, AutoUpdateService],
+});
+await server.listen();
+```
+## Documentation
+- [Auth](docs/auth.md)
+- [Core](docs/core.md)
+- [Transport](docs/transport.md)
+- [Built-in Services](docs/services.md)
+- [Server](docs/server.md)

package/docs/auth.md ADDED Viewed

@@ -0,0 +1,48 @@
+# Auth
+JWT-based authentication utilities using the `jose` library (HS256 algorithm).
+## `AuthTokenPayload`
+JWT token payload structure. Extends `JWTPayload` from `jose`.
+```typescript
+interface AuthTokenPayload<TAuthInfo = unknown> extends JWTPayload {
+  roles: string[];
+  data: TAuthInfo;
+}
+```
+## `signJwt`
+Sign a JWT token. Tokens expire after 12 hours.
+```typescript
+async function signJwt<TAuthInfo = unknown>(
+  jwtSecret: string,
+  payload: AuthTokenPayload<TAuthInfo>,
+): Promise<string>;
+```
+## `verifyJwt`
+Verify a JWT token and return the payload.
+```typescript
+async function verifyJwt<TAuthInfo = unknown>(
+  jwtSecret: string,
+  token: string,
+): Promise<AuthTokenPayload<TAuthInfo>>;
+```
+Throws:
+- `"Token has expired."` if the token is expired
+- `"Invalid token."` for all other verification failures
+## `decodeJwt`
+Decode a JWT token without verification.
+```typescript
+function decodeJwt<TAuthInfo = unknown>(token: string): AuthTokenPayload<TAuthInfo>;
+```

package/docs/core.md ADDED Viewed

@@ -0,0 +1,161 @@
+# Core
+Service definition, context, authentication, and method execution.
+## ServiceContext
+Context object passed to service factory functions.
+```typescript
+interface ServiceContext<TAuthInfo = unknown> {
+  server: ServiceServer<TAuthInfo>;
+  socket?: ServiceSocket;
+  http?: {
+    clientName: string;
+    authTokenPayload?: AuthTokenPayload<TAuthInfo>;
+  };
+  legacy?: { clientName?: string };
+  get authInfo(): TAuthInfo | undefined;
+  get clientName(): string | undefined;
+  get clientPath(): string | undefined;
+  getConfig<T>(section: string): Promise<T>;
+}
+```
+**Properties:**
+- `authInfo` -- Authenticated user data (from socket or HTTP auth token)
+- `clientName` -- Client application name (validated for path traversal)
+- `clientPath` -- Resolved client directory path (`{rootPath}/www/{clientName}`)
+- `getConfig(section)` -- Reads config from `.config.json` files (root + client-specific, merged)
+### `createServiceContext`
+```typescript
+function createServiceContext<TAuthInfo = unknown>(
+  server: ServiceServer<TAuthInfo>,
+  socket?: ServiceSocket,
+  http?: { clientName: string; authTokenPayload?: AuthTokenPayload<TAuthInfo> },
+  legacy?: { clientName?: string },
+): ServiceContext<TAuthInfo>;
+```
+---
+## Auth Helpers
+### `getServiceAuthPermissions`
+Read auth permissions from an `auth()`-wrapped function. Returns `undefined` if not wrapped.
+```typescript
+function getServiceAuthPermissions(fn: Function): string[] | undefined;
+```
+### `auth`
+Auth wrapper for service factories and methods.
+```typescript
+// Login required (no specific roles)
+function auth<TFunction extends (...args: any[]) => any>(fn: TFunction): TFunction;
+// Login required with specific roles
+function auth<TFunction extends (...args: any[]) => any>(
+  permissions: string[],
+  fn: TFunction,
+): TFunction;
+```
+**Usage levels:**
+- Service-level: `auth((ctx) => ({ ... }))` -- all methods require login
+- Service-level with roles: `auth(["admin"], (ctx) => ({ ... }))`
+- Method-level: `auth(() => result)` -- this method requires login
+- Method-level with roles: `auth(["admin"], () => result)`
+---
+## Service Definition
+### `ServiceDefinition`
+```typescript
+interface ServiceDefinition<TMethods = Record<string, (...args: any[]) => any>> {
+  name: string;
+  factory: (ctx: ServiceContext) => TMethods;
+  authPermissions?: string[];
+}
+```
+### `defineService`
+Define a service with a name and factory function.
+```typescript
+function defineService<TMethods extends Record<string, (...args: any[]) => any>>(
+  name: string,
+  factory: (ctx: ServiceContext) => TMethods,
+): ServiceDefinition<TMethods>;
+```
+**Example:**
+```typescript
+const HealthService = defineService("Health", (ctx) => ({
+  check: () => ({ status: "ok" }),
+}));
+const UserService = defineService("User", auth((ctx) => ({
+  getProfile: () => ctx.authInfo,
+  adminOnly: auth(["admin"], () => "admin"),
+})));
+```
+### `ServiceMethods`
+Extract method signatures from a `ServiceDefinition` for client-side type sharing.
+```typescript
+type ServiceMethods<TDefinition> =
+  TDefinition extends ServiceDefinition<infer M> ? M : never;
+```
+**Example:**
+```typescript
+export type UserServiceType = ServiceMethods<typeof UserService>;
+// Client: client.getService<UserServiceType>("User");
+```
+---
+## Service Execution
+### `executeServiceMethod`
+Execute a service method with auth checking.
+```typescript
+async function executeServiceMethod(
+  server: ServiceServer,
+  def: {
+    serviceName: string;
+    methodName: string;
+    params: unknown[];
+    socket?: ServiceSocket;
+    http?: { clientName: string; authTokenPayload?: AuthTokenPayload };
+  },
+): Promise<unknown>;
+```
+**Behavior:**
+1. Finds the service definition by name
+2. Validates the client name (path traversal guard)
+3. Creates a `ServiceContext`
+4. Invokes the factory to create the method object
+5. Checks auth permissions (method-level first, then service-level fallback)
+6. Executes the method with provided params
+Throws:
+- `"Service [name] not found."` if service is not registered
+- `"Method [service.method] not found."` if method does not exist
+- `"Login is required."` if auth is required but no token is present
+- `"Insufficient permissions."` if the user lacks required roles

package/docs/server.md ADDED Viewed

@@ -0,0 +1,206 @@
+# Server
+## ServiceServerOptions
+Server configuration options.
+```typescript
+interface ServiceServerOptions {
+  rootPath: string;
+  port: number;
+  ssl?: {
+    pfxBytes: Uint8Array;
+    passphrase: string;
+  };
+  auth?: {
+    jwtSecret: string;
+  };
+  services: ServiceDefinition[];
+}
+```
+## ServerProtocolWrapper
+Server-side protocol wrapper. Automatically offloads heavy message encoding/decoding to a worker thread while using main thread for lightweight operations.
+```typescript
+interface ServerProtocolWrapper {
+  encode(uuid: string, message: ServiceMessage): Promise<{ chunks: Bytes[]; totalSize: number }>;
+  decode(bytes: Bytes): Promise<ServiceMessageDecodeResult<ServiceMessage>>;
+  dispose(): void;
+}
+```
+### `createServerProtocolWrapper`
+```typescript
+function createServerProtocolWrapper(): ServerProtocolWrapper;
+```
+**Behavior:**
+- Messages with `Uint8Array` body or arrays containing `Uint8Array` are encoded via worker thread
+- Messages larger than 30KB are decoded via worker thread
+- Worker is a lazy singleton shared across all protocol wrappers (4GB memory limit)
+- Small messages are processed on the main thread using `createServiceProtocol()`
+---
+## Config Utilities
+### `getConfig`
+Read and cache a JSON config file with automatic live-reload via file watcher.
+```typescript
+async function getConfig<TConfig>(filePath: string): Promise<TConfig | undefined>;
+```
+**Behavior:**
+- Returns `undefined` if file does not exist
+- Caches loaded config in a `LazyGcMap` (expires after 1 hour, GC runs every 10 minutes)
+- Registers a file watcher that live-reloads config on changes
+- Watcher is cleaned up when the cache entry expires
+---
+## Legacy
+### `handleV1Connection`
+V1 legacy client handler. Only auto-update is supported; all other requests return an upgrade-required error.
+```typescript
+function handleV1Connection(
+  socket: WebSocket,
+  autoUpdateMethods: { getLastVersion: (platform: string) => Promise<any> },
+  clientNameSetter?: (clientName: string | undefined) => void,
+): void;
+```
+---
+## ServiceServer
+Main server class. Extends `EventEmitter<{ ready: void; close: void }>`.
+```typescript
+class ServiceServer<TAuthInfo = unknown> extends EventEmitter<{ ready: void; close: void }> {
+  isOpen: boolean;
+  readonly fastify: FastifyInstance;
+  readonly options: ServiceServerOptions;
+  constructor(options: ServiceServerOptions);
+  async listen(): Promise<void>;
+  async close(): Promise<void>;
+  async broadcastReload(clientName: string | undefined, changedFileSet: Set<string>): Promise<void>;
+  async emitEvent<TInfo, TData>(
+    eventDef: ServiceEventDef<TInfo, TData>,
+    infoSelector: (item: TInfo) => boolean,
+    data: TData,
+  ): Promise<void>;
+  async signAuthToken(payload: AuthTokenPayload<TAuthInfo>): Promise<string>;
+  async verifyAuthToken(token: string): Promise<AuthTokenPayload<TAuthInfo>>;
+}
+```
+### `listen`
+Start the server. Registers all Fastify plugins and routes:
+- `@fastify/websocket` -- WebSocket support
+- `@fastify/helmet` -- Security headers
+- `@fastify/multipart` -- File upload support
+- `@fastify/static` -- Static file serving
+- `@fastify/cors` -- Cross-origin resource sharing
+**Routes:**
+- `GET/POST /api/:service/:method` -- HTTP API endpoint
+- `POST /upload` -- File upload endpoint
+- `GET /ws` or `GET /` (WebSocket) -- WebSocket connection (V2 protocol with V1 legacy fallback)
+- `GET/POST/PUT/DELETE/PATCH/HEAD /*` -- Static file wildcard handler
+Registers graceful shutdown handlers for `SIGINT` and `SIGTERM` (10s timeout before force exit).
+### `close`
+Close all WebSocket connections and shut down the Fastify server.
+### `broadcastReload`
+Broadcast a reload message to all connected WebSocket clients.
+```typescript
+async broadcastReload(
+  clientName: string | undefined,
+  changedFileSet: Set<string>,
+): Promise<void>;
+```
+### `emitEvent`
+Emit an event to matching WebSocket clients.
+```typescript
+async emitEvent<TInfo, TData>(
+  eventDef: ServiceEventDef<TInfo, TData>,
+  infoSelector: (item: TInfo) => boolean,
+  data: TData,
+): Promise<void>;
+```
+### `signAuthToken`
+Sign a JWT auth token.
+```typescript
+async signAuthToken(payload: AuthTokenPayload<TAuthInfo>): Promise<string>;
+```
+### `verifyAuthToken`
+Verify a JWT auth token.
+```typescript
+async verifyAuthToken(token: string): Promise<AuthTokenPayload<TAuthInfo>>;
+```
+## `createServiceServer`
+Factory function.
+```typescript
+function createServiceServer<TAuthInfo = unknown>(
+  options: ServiceServerOptions,
+): ServiceServer<TAuthInfo>;
+```
+## Example
+```typescript
+import {
+  createServiceServer,
+  defineService,
+  auth,
+  OrmService,
+  AutoUpdateService,
+  SmtpClientService,
+} from "@simplysm/service-server";
+const MyService = defineService("My", auth((ctx) => ({
+  hello: (name: string) => `Hello, ${name}!`,
+})));
+const server = createServiceServer({
+  rootPath: "/app",
+  port: 3000,
+  auth: { jwtSecret: process.env.JWT_SECRET! },
+  services: [MyService, OrmService, AutoUpdateService, SmtpClientService],
+});
+server.on("ready", () => {
+  console.log("Server is ready");
+});
+await server.listen();
+```

package/docs/services.md ADDED Viewed

@@ -0,0 +1,176 @@
+# Built-in Services
+Pre-defined service definitions ready to use with `ServiceServer`.
+## OrmService
+Database ORM service. Requires authentication (wrapped with `auth()`). Requires WebSocket connection (cannot be used over HTTP).
+```typescript
+import { OrmService, type OrmServiceType } from "@simplysm/service-server";
+```
+### Definition
+```typescript
+const OrmService: ServiceDefinition;
+```
+Service name: `"Orm"`
+### Methods
+```typescript
+interface OrmServiceType {
+  getInfo(opt: DbConnOptions & { configName: string }): Promise<{
+    dialect: Dialect;
+    database?: string;
+    schema?: string;
+  }>;
+  connect(opt: DbConnOptions & { configName: string }): Promise<number>;
+  close(connId: number): Promise<void>;
+  beginTransaction(connId: number, isolationLevel?: IsolationLevel): Promise<void>;
+  commitTransaction(connId: number): Promise<void>;
+  rollbackTransaction(connId: number): Promise<void>;
+  executeParametrized(connId: number, query: string, params?: unknown[]): Promise<unknown[][]>;
+  executeDefs(
+    connId: number,
+    defs: QueryDef[],
+    options?: (ResultMeta | undefined)[],
+  ): Promise<unknown[][]>;
+  bulkInsert(
+    connId: number,
+    tableName: string,
+    columnDefs: Record<string, ColumnMeta>,
+    records: Record<string, unknown>[],
+  ): Promise<void>;
+}
+```
+**Behavior:**
+- Database connections are tracked per WebSocket socket using a `WeakMap`
+- Connections are automatically cleaned up when the socket closes
+- Configuration is loaded from `.config.json` under the `"orm"` section
+- Supports `mssql-azure` dialect (mapped to `mssql` for query building)
+**Configuration example** (`.config.json`):
+```json
+{
+  "orm": {
+    "myDb": {
+      "dialect": "mysql",
+      "host": "localhost",
+      "port": 3306,
+      "database": "mydb",
+      "user": "root",
+      "password": "secret"
+    }
+  }
+}
+```
+---
+## AutoUpdateService
+Auto-update service for client applications. No authentication required.
+```typescript
+import { AutoUpdateService, type AutoUpdateServiceType } from "@simplysm/service-server";
+```
+### Definition
+```typescript
+const AutoUpdateService: ServiceDefinition;
+```
+Service name: `"AutoUpdate"`
+### Methods
+```typescript
+interface AutoUpdateServiceType {
+  getLastVersion(platform: string): Promise<
+    | { version: string; downloadPath: string }
+    | undefined
+  >;
+}
+```
+**Behavior:**
+- Scans `{clientPath}/{platform}/updates/` for version files
+- Android: looks for `.apk` files
+- Other platforms: looks for `.exe` files
+- Returns the highest semver version found
+- Returns `undefined` if no updates directory or no valid versions exist
+---
+## SmtpClientService
+SMTP email sending service. No authentication required.
+```typescript
+import { SmtpClientService, type SmtpClientServiceType } from "@simplysm/service-server";
+```
+### Definition
+```typescript
+const SmtpClientService: ServiceDefinition;
+```
+Service name: `"SmtpClient"`
+### Methods
+```typescript
+interface SmtpClientServiceType {
+  send(options: SmtpClientSendOption): Promise<string>;
+  sendByConfig(configName: string, options: SmtpClientSendByDefaultOption): Promise<string>;
+}
+```
+**`send`** -- Send email with explicit SMTP configuration. Returns the message ID.
+**`sendByConfig`** -- Send email using server-side SMTP configuration. Configuration is loaded from `.config.json` under the `"smtp"` section.
+**Configuration example** (`.config.json`):
+```json
+{
+  "smtp": {
+    "default": {
+      "senderName": "My App",
+      "senderEmail": "noreply@example.com",
+      "user": "smtp-user",
+      "pass": "smtp-pass",
+      "host": "smtp.example.com",
+      "port": 587,
+      "secure": false
+    }
+  }
+}
+```
+---
+## Usage
+Register built-in services when creating the server:
+```typescript
+import {
+  createServiceServer,
+  OrmService,
+  AutoUpdateService,
+  SmtpClientService,
+} from "@simplysm/service-server";
+const server = createServiceServer({
+  rootPath: "/app",
+  port: 3000,
+  auth: { jwtSecret: "secret" },
+  services: [OrmService, AutoUpdateService, SmtpClientService],
+});
+```

package/docs/transport.md ADDED Viewed

@@ -0,0 +1,152 @@
+# Transport
+## WebSocket Transport
+### `WebSocketHandler`
+Manages multiple WebSocket connections, routes messages to services, and handles event broadcasting.
+```typescript
+interface WebSocketHandler {
+  addSocket(socket: WebSocket, clientId: string, clientName: string, connReq: FastifyRequest): void;
+  closeAll(): void;
+  broadcastReload(clientName: string | undefined, changedFileSet: Set<string>): Promise<void>;
+  emit<TInfo, TData>(
+    eventDef: ServiceEventDef<TInfo, TData>,
+    infoSelector: (item: TInfo) => boolean,
+    data: TData,
+  ): Promise<void>;
+}
+```
+### `createWebSocketHandler`
+```typescript
+function createWebSocketHandler(
+  runMethod: (def: {
+    serviceName: string;
+    methodName: string;
+    params: unknown[];
+    socket?: ServiceSocket;
+  }) => Promise<unknown>,
+  jwtSecret: string | undefined,
+): WebSocketHandler;
+```
+**Behavior:**
+- Routes incoming messages to service methods, auth, and event operations
+- Manages a map of connected `ServiceSocket` instances by client ID
+- Replaces existing connections for the same client ID
+- Handles `auth`, `evt:add`, `evt:remove`, `evt:gets`, `evt:emit`, and service method requests
+---
+### `ServiceSocket`
+Manages a single WebSocket connection with protocol encoding/decoding, ping/pong keep-alive, and event listener tracking.
+```typescript
+interface ServiceSocket {
+  readonly connectedAtDateTime: DateTime;
+  readonly clientName: string;
+  readonly connReq: FastifyRequest;
+  authTokenPayload?: AuthTokenPayload;
+  close(): void;
+  send(uuid: string, msg: ServiceServerMessage): Promise<number>;
+  addListener(key: string, eventName: string, info: unknown): void;
+  removeListener(key: string): void;
+  getEventListeners(eventName: string): Array<{ key: string; info: unknown }>;
+  filterEventTargetKeys(targetKeys: string[]): string[];
+  on(event: "error", handler: (err: Error) => void): void;
+  on(event: "close", handler: (code: number) => void): void;
+  on(event: "message", handler: (data: { uuid: string; msg: ServiceClientMessage }) => void): void;
+}
+```
+### `createServiceSocket`
+```typescript
+function createServiceSocket(
+  socket: WebSocket,
+  clientId: string,
+  clientName: string,
+  connReq: FastifyRequest,
+): ServiceSocket;
+```
+**Behavior:**
+- Wraps raw WebSocket with protocol encoding/decoding via `ServerProtocolWrapper`
+- Sends ping every 5s; terminates if pong not received
+- Handles raw ping/pong packets (`0x01` ping, `0x02` pong)
+- Tracks event listeners per socket for event broadcasting
+- Sends progress notifications for chunked message reception
+---
+## HTTP Transport
+### `handleHttpRequest`
+Handle HTTP API requests (GET/POST) to `/api/:service/:method`.
+```typescript
+async function handleHttpRequest<TAuthInfo = unknown>(
+  req: FastifyRequest,
+  reply: FastifyReply,
+  jwtSecret: string | undefined,
+  runMethod: (def: {
+    serviceName: string;
+    methodName: string;
+    params: unknown[];
+    http: { clientName: string; authTokenPayload?: AuthTokenPayload<TAuthInfo> };
+  }) => Promise<unknown>,
+): Promise<void>;
+```
+**Behavior:**
+- Requires `x-sd-client-name` header
+- GET: reads params from `?json=...` query parameter
+- POST: reads params from request body (must be an array)
+- Parses `Authorization: Bearer <token>` header if present
+### `handleUpload`
+Handle multipart file upload to `/upload`.
+```typescript
+async function handleUpload(
+  req: FastifyRequest,
+  reply: FastifyReply,
+  rootPath: string,
+  jwtSecret: string | undefined,
+): Promise<void>;
+```
+**Behavior:**
+- Requires authentication (JWT token in Authorization header)
+- Saves files to `{rootPath}/www/uploads/` with UUID filenames
+- Returns `ServiceUploadResult[]` with path, filename, and size
+- Cleans up incomplete files on error
+### `handleStaticFile`
+Handle static file serving.
+```typescript
+async function handleStaticFile(
+  req: FastifyRequest,
+  reply: FastifyReply,
+  rootPath: string,
+  urlPath: string,
+): Promise<void>;
+```
+**Behavior:**
+- Serves files from `{rootPath}/www/`
+- Path traversal protection (rejects paths outside allowed root)
+- Redirects directories to trailing-slash URLs
+- Returns `index.html` for directory requests
+- Returns 403 for hidden files (starting with `.`)
+- Returns 404 for missing files

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@simplysm/service-server",
-  "version": "13.0.97",
+  "version": "13.0.98",
   "description": "Simplysm package - service module (server)",
   "author": "simplysm",
   "license": "Apache-2.0",
@@ -36,11 +36,11 @@
     "semver": "^7.7.4",
     "utf-8-validate": "^6.0.6",
     "ws": "^8.19.0",
-    "@simplysm/core-common": "13.0.97",
-    "@simplysm/core-node": "13.0.97",
-    "@simplysm/orm-node": "13.0.97",
-    "@simplysm/orm-common": "13.0.97",
-    "@simplysm/service-common": "13.0.97"
+    "@simplysm/core-node": "13.0.98",
+    "@simplysm/core-common": "13.0.98",
+    "@simplysm/orm-common": "13.0.98",
+    "@simplysm/service-common": "13.0.98",
+    "@simplysm/orm-node": "13.0.98"
   },
   "devDependencies": {
     "@types/nodemailer": "^7.0.11",